What is actually going wrong when an EMI rejects you?
The rejection email from a large EMI is intentionally vague, often citing “internal policies” or a mismatch with their “risk appetite”. The concrete reason is that your business has triggered automated red flags in their onboarding and compliance systems. These platforms are designed to process thousands of standard, low-risk applications per day. Anything that falls outside of this cookie-cutter model is rejected to minimise manual work and potential risk.
Your Merchant Category Code (MCC) is a primary trigger. Industries like online gaming, CBD, adult entertainment, unregulated crypto, and many software-as-a-service models are on an internal blacklist for most large providers. Even if your MCC is acceptable, your corporate structure might be the problem. A new company with international ownership, nominee directors, or a holding company in a different jurisdiction creates complexity that automated systems are programmed to decline.
Even if the system allows you through for a manual check, the outcome is often the same. A junior compliance analyst has a strict quota of cases to clear. Faced with a complex business model they do not understand, the safest and quickest decision is to reject the application. They are not incentivised to do the deep-dive required to understand your business; they are incentivised to clear their queue.