Part X: The Living System
Chapter 41 — The Reference Library
Part X: The Living System
It's your first week on the payments team. Your manager has asked you to "review the latest Visa Core Rules changes and flag anything that affects our checkout flow." Reasonable enough — until you Google "Visa Core Rules" and download a 1,247-page PDF. You open it. The table of contents alone is 23 pages. You search for "checkout" and get 412 hits. You try "3-D Secure" and get a different 200 hits, half of which reference sections you need to cross-reference with the Visa Product and Service Rules — a separate document. You close the PDF, open Slack, and type the message every new payments person eventually types: "Does anyone have a guide to... the guides?"
That is what this chapter is. Not a replacement for any of the primary sources — you will still need to read the actual rulebooks, standards, and regulatory texts when they matter to your work. But you need a map before you need the territory. You need to know which documents exist, who publishes them, what they cover, and — critically — which ones to reach for first when a specific question lands on your desk.
Think of this chapter as the annotated bibliography your future self will thank you for bookmarking. We will organize the payments reference landscape into a credibility hierarchy, point you toward the foundational texts that every payments professional should know, then walk domain by domain through the rulebooks, standards, and regulatory frameworks that govern how money actually moves.
How to Use This Library
Not all sources are created equal. A blog post from a payments startup and a regulatory text from the Bank for International Settlements both contain information about payment systems — but they carry very different weight when you are making a compliance decision or designing a settlement architecture.
The Credibility Ladder
Here is the hierarchy we use throughout this book, and the one you should internalize for your career in payments.
| Tier | Source Type | Examples | When to Use |
|---|---|---|---|
| Tier 1 | Standards setters and regulators | BIS/CPMI, FATF, central banks (Fed, ECB, MAS, RBI), ISO | Compliance decisions, architecture design, dispute resolution — these are the final word |
| Tier 2 | Scheme rulebooks and network documentation | Visa Core Rules, Mastercard Standards, Nacha Operating Rules, EPC SEPA rulebooks | Implementation specifics, fee structures, dispute rules, interchange categories |
| Tier 3 | Provider and vendor documentation | Stripe Docs, Adyen Docs, Plaid developer docs, AWS payment guides | Integration work, API design, specific PSP behavior — accurate for that provider, but not universal |
| Tier 4 | Secondary commentary | Blog posts, analyst reports (McKinsey, Nilson), conference talks, books (including this one) | Context, explanation, trend analysis — useful for understanding, but always verify claims against Tiers 1-3 |
Table 1: The Credibility Ladder. When two sources disagree, the higher tier wins. When a blog post says "Visa allows X" and the Visa Core Rules say otherwise, the rulebook is right.
The ladder matters most in disagreements. If a PSP's documentation says you can retry a declined transaction indefinitely, but the Visa Core Rules specify retry limits and penalties, the Visa rules govern — and your PSP's behavior does not shield you from scheme fines. Similarly, if an analyst report claims a regulatory deadline has been extended, always confirm with the regulator's official publication.
Role-Based Reading Paths
Not everyone needs to read the same documents. Here are three starting paths, depending on where you sit.
| Category | Newbie (First 90 Days) | Merchant / Product Manager | Payments Professional / Architect |
|---|---|---|---|
| Start here | This book (cover to cover), then BIS glossary for terminology | Your PSP's docs (Stripe/Adyen/Braintree), then Visa Core Rules chapters on disputes and chargebacks | BIS PFMI principles, ISO 20022 message catalogue, your region's central bank publications |
| Then read | Bank of England "Money creation in the modern economy," Perry Mehrling's MOOC | EMVCo 3-D Secure spec, PCI DSS v4.0 SAQ guide, Nacha or SEPA rules (depending on region) | FATF Recommendations, PCI DSS v4.0 full standard, scheme rulebooks for your primary networks |
| Keep on your desk | CPMI glossary, this chapter's reference table | Scheme fee schedules, your PSP's changelog/release notes, CFPB or EBA consumer protection bulletins | Regulatory alert subscriptions (see "Staying Current" below), FSB cross-border roadmap, ISO 20022 migration timelines |
Table 2: Role-based reading paths. Start with the row that matches your role, then expand outward as questions arise.
The goal is not to read everything. It is to know which shelf to reach for when a question arrives — and to have enough context to evaluate what you find.
Foundations That Every Payments Person Should Know
Some documents transcend any single payment method or geography. They define the conceptual infrastructure that everything else is built on. If you only read a handful of primary sources in your career, make it these.
BIS and the Committee on Payments and Market Infrastructures (CPMI)
The Bank for International Settlements is the central bank of central banks. Its Committee on Payments and Market Infrastructures (CPMI, formerly the Committee on Payment and Settlement Systems) publishes the foundational standards that govern how payment systems worldwide are designed and assessed.
The single most important document is the "Principles for Financial Market Infrastructures" (PFMI), published jointly by CPMI and IOSCO. These 24 principles cover everything from governance and risk management to settlement finality and operational resilience. If you have ever wondered why your country's real-time payment system has certain design constraints — mandatory pre-funded accounts, for example, or specific settlement windows — the PFMI is why. Central banks around the world use these principles as the benchmark when they license and supervise payment system operators.
The CPMI Glossary of payments and market infrastructure terminology is the closest thing the industry has to an authoritative dictionary. When you encounter a term and want the precise, internationally accepted definition — not a blog post's interpretation — this is where you go.
The Red Book (formally "Statistics on Payment, Clearing and Settlement Systems") provides comparable data on payment system volumes, values, and infrastructure across CPMI member countries. It is invaluable for benchmarking and understanding relative scale — how many real-time payments does India process versus the UK? The Red Book has your answer.
The Financial Stability Board (FSB)
The FSB coordinates international financial regulation. Two of its publications matter especially for payments professionals.
The Cross-Border Payments Roadmap (initially published in 2020, with annual progress reports) sets targets for making cross-border payments faster, cheaper, more transparent, and more accessible. If your work touches international remittances, cross-border e-commerce, or correspondent banking, this roadmap tells you where regulators want the industry to go — and the timeline they expect.
The FSB's recommendations on stablecoins ("Regulation, Supervision and Oversight of 'Global Stablecoin' Arrangements") are the reference framework that national regulators are using as they build stablecoin legislation. If you read Chapter 28 of this book and want the source material, start here.
World Bank and IMF
The World Bank's Remittance Prices Worldwide database tracks the cost of sending $200 across every major corridor. It is the standard reference when anyone claims remittances are "too expensive" — and the data often confirms it. The Global Findex database surveys financial inclusion across 140+ economies, covering account ownership, digital payments adoption, and barriers to access.
The IMF's Global Financial Stability Reports include increasingly detailed sections on crypto assets, stablecoins, and fintech. These are not payments-specific documents, but the sections on digital money provide the macroeconomic context that pure payments sources miss.
ISO 20022: The Messaging Standard That Is Replacing Everything
ISO 20022 is the global standard for financial messaging — the common language that banks, payment systems, and market infrastructures are migrating to. It is replacing ISO 8583 (the card transaction message format that has been the backbone of card payments since the 1980s) and the older SWIFT MT message formats used in correspondent banking.
Why does it matter to you? Because ISO 20022 messages carry richer, more structured data than their predecessors. An ISO 8583 authorization message has limited fields for remittance information. An ISO 20022 payment message can carry structured data about the payer, payee, purpose, and regulatory context — which means better straight-through processing, better sanctions screening, and fewer manual repairs. SWIFT's migration to ISO 20022 for cross-border payments (the "CBPR+" migration) is one of the most significant infrastructure changes in banking this decade.
The ISO 20022 message catalogue is freely searchable at iso20022.org. Start with the pain (payment initiation), pacs (payment clearing and settlement), and camt (cash management) message families — those cover the payment lifecycle.
SWIFT
SWIFT (Society for Worldwide Interbank Financial Telecommunication) is both a messaging network and a standards body. Their documentation on the gpi (Global Payments Innovation) tracker gives you visibility into how cross-border payment tracking works. SWIFT's standards pages cover ISO 20022 migration timelines, message format specifications, and connectivity requirements.
The Economics Starter Set
Three resources will give you the conceptual foundation for understanding why payment systems work the way they do — not just how.
Bagehot's "Lombard Street" (1873) remains the foundational text on central banking, liquidity, and the lender-of-last-resort function. It is remarkably readable for a 150-year-old economics text, and it explains why central banks sit at the center of payment systems.
Perry Mehrling's "Money and Banking" MOOC (available on Coursera and various platforms) is the best accessible course on how the monetary system actually works. Mehrling's "money view" — focusing on the hierarchy of money and the role of dealers — gives you a mental model that makes settlement, clearing, and central bank operations intuitive rather than mysterious.
The Bank of England's "Money creation in the modern economy" (2014 Quarterly Bulletin) is a 14-page paper that will fundamentally change how you think about money. It explains, clearly and authoritatively, that commercial banks create money when they make loans — not, as textbooks often suggest, by lending out deposits. Understanding this is essential for understanding why payment systems are really about moving claims between banks, not moving "money" in a physical sense.
Cards and Digital Commerce Rulebooks
If you work anywhere near card payments — and most payments professionals do — the scheme rulebooks are your primary regulatory texts. They are dense, they are long, and they are essential.
Visa
The Visa Core Rules and Visa Product and Service Rules (VPSR) together form a document that typically exceeds 1,000 pages. Here is how to navigate it without losing your mind.
Do not read it cover to cover. Use the table of contents and the index. The rules are organized by topic: acceptance requirements, transaction processing, dispute resolution, fees, and compliance. When you have a specific question — "Can I surcharge on debit?" or "What are the retry limits for recurring transactions?" — search the PDF and read the relevant section in context.
Pay particular attention to the dispute resolution chapters. These define the chargeback reason codes, timeframes, and evidence requirements that govern billions of dollars in contested transactions. As we covered in Chapter 13, the scheme rules are the law of the land for disputes — not your PSP's interpretation of them.
Visa also publishes separate regional supplements (for example, the Visa Europe supplement) that override or extend the core rules for specific markets. If you operate in a specific region, you need both.
Mastercard
The Mastercard Standards Manual and Transaction Processing Rules cover similar ground to Visa's rulebooks but with different terminology and, in some cases, different rules. The key structural difference: Mastercard's chargeback process uses a different set of reason codes and timelines than Visa's, and their retry rules have different penalty thresholds.
EMVCo
EMVCo is the technical body owned jointly by the major card networks. Their specifications define how chip cards work (EMV contact and contactless), how 3-D Secure authentication works (the protocol behind Visa Secure and Mastercard Identity Check — see Part III), and how payment tokenization works at the network level (also covered in Part III).
The EMV 3-D Secure specification is particularly important if you are building or integrating payment authentication. Version 2.3 introduced risk-based authentication, allowing low-risk transactions to skip the challenge step entirely — a significant change for checkout conversion rates.
W3C and FIDO Alliance
The W3C Payment Request API standardizes how browsers handle payment requests, reducing checkout friction by eliminating form fills. The FIDO Alliance's WebAuthn standard (now widely deployed as "passkeys") is increasingly relevant for payment authentication, offering phishing-resistant authentication that may eventually replace SMS OTP for strong customer authentication.
PSP Documentation
Your payment service provider's documentation is your most frequently accessed reference — even if it ranks Tier 3 on the credibility ladder. Stripe's documentation (docs.stripe.com) is widely regarded as a gold standard for developer experience. Adyen's documentation (docs.adyen.com) is particularly strong on local payment methods and regional acquiring. PayPal/Braintree and Shopify Payments publish extensive integration guides that are practical references for e-commerce implementation.
Remember: PSP docs tell you how their system works, which may differ from how the underlying schemes and networks work. When in doubt, cross-reference with the scheme rulebooks.
Wallet Integration Guides
Google Pay and Apple Pay each publish integration guides for both web and mobile. These define the tokenization flows, user experience requirements, and branding guidelines you must follow. Apple's requirements are notably strict — down to button size, placement, and wording.
Cross-references: Chapter 4 (canonical payment flow), Part III (3-D Secure and tokenization)
Account-to-Account and Fast Payment Rails
The world is moving rapidly toward real-time, account-to-account payments. Each country (and sometimes each region) has its own system, its own rulebook, and its own quirks.
United States
The US now has two real-time payment systems. The Federal Reserve's FedNow service (launched July 2023) operates alongside The Clearing House's RTP (Real-Time Payments) network (live since 2017). Both settle instantly, but they have different participation requirements, fee structures, and message formats. The Fed publishes FedNow operating circulars; TCH publishes RTP operating rules.
For non-instant payments, Nacha governs the ACH (Automated Clearing House) network. The Nacha Operating Rules define how direct deposits, bill payments, and account-to-account transfers work. If you process ACH transactions, you need these rules — they define return codes, timing windows, and authorization requirements that affect everything from payroll to subscription billing. As we explored in Part V, ACH is the workhorse of American banking, processing over 30 billion transactions annually.
Europe
The European Payments Council (EPC) publishes the SEPA (Single Euro Payments Area) rulebooks: the SCT (SEPA Credit Transfer) rulebook for standard transfers and the SCT Inst rulebook for instant payments. These define how euro-denominated payments move between 36 countries.
The regulatory layer sits above the schemes: PSD2 (and the forthcoming PSD3) defines strong customer authentication requirements, open banking access rights, and consumer protection rules. The full regulatory texts are published in the Official Journal of the European Union and supplemented by European Banking Authority (EBA) guidelines.
United Kingdom
Pay.UK operates Faster Payments, Bacs, and the Image Clearing System. The New Payments Architecture (NPA) is Pay.UK's ongoing modernization program. The Open Banking Implementation Entity (OBIE) publishes the UK's open banking standards — which were among the first in the world and have influenced open banking frameworks globally.
India, Brazil, and Beyond
India's UPI (Unified Payments Interface), operated by NPCI (National Payments Corporation of India), is arguably the world's most successful real-time payment system by transaction volume. NPCI publishes UPI technical specifications and procedural guidelines.
Brazil's Pix, operated by Banco Central do Brasil, launched in November 2020 and processed over 42 billion transactions in 2023. The central bank publishes Pix regulations and technical manuals in Portuguese, with some materials available in English.
Cross-Border and Open Banking Standards
The BIS Project Nexus is an ambitious initiative to link domestic instant payment systems across borders — potentially allowing a UPI payment in India to settle instantly against a Pix payment in Brazil. The project's technical specifications and progress reports are published by the BIS Innovation Hub.
For open banking, two standards dominate: the Berlin Group's NextGenPSD2 framework (used across much of Europe) and the OpenID Foundation's Financial-grade API (FAPI) security profile (used in the UK, Brazil, Australia, and Saudi Arabia). If you are building or consuming open banking APIs, these define the authentication, authorization, and data exchange patterns you must follow.
Cross-references: Part V (bank transfers, real-time payments, and virtual accounts)
Risk, Compliance, and Consumer Protection
This is the domain where "I didn't know" is not a defense. Compliance failures carry fines, license revocations, and — in some jurisdictions — criminal liability.
AML/CFT: Anti-Money Laundering and Counter-Terrorist Financing
The Financial Action Task Force (FATF) publishes the 40 Recommendations — the global standard for anti-money laundering and counter-terrorist financing. Every jurisdiction that wants to participate in the global financial system adopts these recommendations (or faces being placed on the FATF grey or black list, which effectively cuts off access to correspondent banking).
FATF's guidance on Virtual Asset Service Providers (VASPs) extends these requirements to crypto exchanges and wallet providers. The "travel rule" — requiring VASPs to share originator and beneficiary information for transactions above a threshold — is directly derived from FATF Recommendation 16.
The Wolfsberg Group (a consortium of 13 global banks) publishes practical guidance on AML/KYC implementation. Their Correspondent Banking Due Diligence Questionnaire (CBDDQ) is the standard tool banks use to assess each other's AML controls.
Sanctions
Three sanctions lists matter most globally. The US Treasury's OFAC SDN (Specially Designated Nationals) list is the most consequential — any transaction touching the US dollar or US financial system must be screened against it. The UN Security Council Consolidated List and the EU Sanctions List cover different but overlapping designations. If you process cross-border payments, you screen against all three (and potentially more, depending on the jurisdictions involved).
Regional Regulatory Frameworks
Singapore's Payment Services Act (PSA), administered by the Monetary Authority of Singapore (MAS), is one of the most comprehensive payments-specific regulatory frameworks in the world. It covers everything from e-money issuance to digital payment token services under a single licensing regime. MAS Notices PSN01 and PSN02 detail specific requirements for safeguarding customer funds and technology risk management. Singapore's Personal Data Protection Act (PDPA), enforced by the PDPC, governs how payment data is collected, used, and disclosed.
In Europe, PSD2 (and PSD3 on the horizon) governs payment services, while the GDPR governs data protection. The two interact in complex ways — for example, the "right to be forgotten" under GDPR can conflict with AML record-keeping requirements. The EBA publishes regulatory technical standards and guidelines that add detail to the legislative texts.
In the United States, the regulatory landscape is fragmented across multiple agencies. Reg E (implementing the Electronic Fund Transfer Act) governs consumer electronic payments, including error resolution rights and unauthorized transaction liability. Reg Z (implementing the Truth in Lending Act) covers credit card billing disputes. The Bank Secrecy Act (BSA) and its implementing regulations require AML programs, suspicious activity reporting, and currency transaction reporting. The CFPB (Consumer Financial Protection Bureau) issues bulletins, enforcement actions, and rules that directly affect payment service providers.
Data Security
PCI DSS v4.0 (published by the PCI Security Standards Council) is the mandatory standard for anyone who stores, processes, or transmits cardholder data. Version 4.0, which became the sole active standard in March 2024, introduced significant changes including customized validation approaches and new requirements for script management in e-commerce. As we covered in Chapter 24, PCI compliance is not optional — it is a condition of your merchant agreement with the card networks.
The NIST Cybersecurity Framework provides a broader security framework that many payment organizations use alongside PCI DSS. ISO 27001 (information security management) and the OWASP Top 10 (web application security risks) round out the essential security reference set.
Fraud Prevention
Europol's Internet Organised Crime Threat Assessment (IOCTA) provides an annual overview of payment fraud trends, techniques, and law enforcement responses. The EMV 3-D Secure fraud reduction data (published by EMVCo and individual schemes) provides evidence on how authentication reduces fraud — useful ammunition when you need to justify 3DS implementation costs to stakeholders.
Cross-references: Chapter 13 (chargebacks), Chapter 24 (PCI DSS), and Part VI (security and compliance)
Staying Current Without Drowning in Updates
The payments industry does not stand still. Visa and Mastercard update their rules twice a year. Regulators publish new guidance continuously. ISO 20022 migration deadlines shift. PCI DSS requirements evolve. If you try to track everything manually, you will burn out. If you ignore updates entirely, you will miss a compliance deadline that costs your company real money.
Three patterns keep you current without consuming your entire calendar.
Pattern 1: The annual rulebook review. Set a calendar reminder for the two dates each year when your primary card networks publish rule updates (Visa: April and October; Mastercard: similar cadence). Block two hours to read the summary of changes — both Visa and Mastercard publish "What's New" documents that highlight the changes without requiring you to re-read the entire rulebook. Focus on changes that affect your specific business: new interchange categories, revised dispute timelines, updated retry rules, authentication requirement changes.
Pattern 2: Regulatory alert subscriptions. Every regulator we have discussed publishes email alerts. Subscribe to the ones relevant to your markets. For the US: the Federal Register (for proposed and final rules), CFPB bulletins, and FinCEN advisories. For Europe: the EBA's publications page and the European Commission's payment services updates. For Singapore: MAS media releases and consultation papers. For FATF: public statements and guidance updates. These subscriptions generate volume, but they are scannable — you are looking for keywords relevant to your business, not reading every word.
Pattern 3: Practitioner community tracking. Follow the practitioners and analysts who consistently provide reliable commentary on regulatory and scheme changes. Payments industry conferences (Money20/20, EBAday, Sibos) often surface changes months before they take effect. LinkedIn and specialized newsletters (Payments Dive, The Payments Review) aggregate changes across jurisdictions. Remember the credibility ladder: these sources are Tier 4, useful for alerting you to changes, but always verify against the primary source before acting.
Consider maintaining a team change log — a living document where your team records every rule change, regulatory update, or scheme deadline that affects your payment operations, along with the action required and the deadline. This turns individual vigilance into institutional memory. Chapter 40 showed exactly how to build and maintain such a system — the change log that keeps this library from going stale.
Quick Reference: Documents by Domain
| Domain | Controlling Documents | Who Publishes |
|---|---|---|
| Card networks | Visa Core Rules, Visa Product and Service Rules, Mastercard Standards Manual, Mastercard Transaction Processing Rules, Amex Merchant Regulations | Visa, Mastercard, American Express |
| Bank transfers / A2A | Nacha Operating Rules, SEPA SCT/SDD Rulebooks, Pay.UK Faster Payments rules, UPI technical specs | Nacha, EPC, Pay.UK, NPCI |
| Real-time payments | FedNow Operating Circular, RTP Operating Rules, SCT Inst Rulebook, Pix regulations, UPI procedural guidelines | Federal Reserve, TCH, EPC, BCB, NPCI |
| Cross-border | SWIFT gpi documentation, BIS Project Nexus specs, CPMI cross-border reports, FSB Roadmap | SWIFT, BIS, FSB |
| Crypto / stablecoins | FSB stablecoin recommendations, FATF VASP guidance, MiCA (EU), Singapore PSA (DPT provisions) | FSB, FATF, EU Commission, MAS |
| Security / PCI | PCI DSS v4.0, NIST Cybersecurity Framework, ISO 27001, OWASP Top 10 | PCI SSC, NIST, ISO, OWASP Foundation |
| AML / sanctions | FATF 40 Recommendations, OFAC SDN list, UN Consolidated List, EU Sanctions List, Wolfsberg Principles | FATF, US Treasury, UN, EU Council, Wolfsberg Group |
| Consumer protection | Reg E, Reg Z, PSD2/PSD3, CFPB bulletins, EBA guidelines, Singapore PSA consumer provisions | Federal Reserve, CFPB, EU/EBA, MAS |
| Open banking | OBIE Standards, Berlin Group NextGenPSD2, FAPI security profile, PSD2 RTS on SCA | OBIE, Berlin Group, OpenID Foundation, EBA |
| Messaging standards | ISO 20022 message catalogue, ISO 8583 spec, SWIFT MT/MX formats, CBPR+ guidelines | ISO, SWIFT |
Table 3: Quick reference by domain. When a question lands on your desk, find the domain, then go to the controlling document. Start with the publisher's official site — not a summary blog post.
Sources
- Bank for International Settlements, "Principles for Financial Market Infrastructures" (CPMI-IOSCO, 2012)
- CPMI, "A Glossary of Terms Used in Payments and Settlement Systems" (BIS, revised periodically)
- Financial Stability Board, "Enhancing Cross-Border Payments: Stage 3 Roadmap" (2020, updated annually)
- Financial Stability Board, "Regulation, Supervision and Oversight of 'Global Stablecoin' Arrangements" (2020, revised 2023)
- World Bank, "Remittance Prices Worldwide" (quarterly database)
- World Bank, "The Global Findex Database" (2021 edition, updated triennially)
- ISO 20022 Registration Authority, iso20022.org (message catalogue and migration resources)
- FATF, "International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation — The FATF Recommendations" (updated periodically)
- PCI Security Standards Council, "PCI DSS v4.0" (2022, effective as sole standard March 2024)
- Bank of England, "Money Creation in the Modern Economy," Quarterly Bulletin Q1 2014
- Mehrling, Perry, "Money and Banking" MOOC (Columbia University / Coursera)
- Bagehot, Walter, Lombard Street: A Description of the Money Market (1873)
- Visa, "Visa Core Rules and Visa Product and Service Rules" (updated biannually)
- Mastercard, "Mastercard Standards Manual" and "Transaction Processing Rules" (updated biannually)
- EMVCo, "EMV 3-D Secure Protocol and Core Functions Specification" (v2.3)
- Nacha, "Nacha Operating Rules" (updated annually)
- European Payments Council, "SEPA Credit Transfer Rulebook" and "SEPA Instant Credit Transfer Rulebook"
- Federal Reserve, "FedNow Service Operating Procedures"
- The Clearing House, "RTP Operating Rules"
The End of the Map
This library is the last chapter of the book, and that is deliberate. An atlas does not end with a conclusion — it ends with the index that lets you keep exploring on your own.
Every map ages. The rails will get faster, the rulebooks will get new editions, and at least one acronym in this chapter will be obsolete within a few years. That is not a flaw in the atlas; it is the nature of the territory. What will not age is the way you now read the territory: the canonical flow from Chapter 4, the constants from Chapter 39, the discipline of going to the primary source before acting. Keep the change log in Chapter 40 alive, re-walk a rulebook when it matters, and the map stays current with you.
For the working collections behind this book, go to the book-level pages: the running References, the News articles worth keeping, the full Sources archive, and the plain-English Glossary.
Thank you for reading. Now go pull up your last processor statement — you will read it differently.