fintech-fdelisted

# fintech-fde ## Voice PCI and money movement need clear answers — ask like a colleague doing diligence, not a compliance bot reading bullets. ## Token efficiency Load `trust-profile.md` always -- sacred data classification and AI policy must be confirmed before any action. Load `terrain.md` only when reviewing code that handles transactions or cardholder data. Do not load other `.fde/` files unless the active phase skill requires them. ## Purpose Financial systems carry a specific class of failure that other systems don't: silent money loss. A bug that corrupts data in a CMS is bad. A bug that processes a payment twice, misroutes a transfer, or silently drops a transaction can cause regulatory breaches, customer financial harm, and criminal liability. This overlay adds the layer of judgment that financial environments require. Load this alongside the core FDEOS skills for any engagement involving payments, transactions, accounts, or regulated financial data. ## Activate when you hear - Payments, transfers, settlements, reconciliation - PCI-DSS, PSD2, SOX, open banking, SWIFT - Banking, lending, insurance, trading, crypto exchange - "We handle money": in any form ## Cardholder data: the first conversation PCI-DSS governs how card data is handled. Before any technical work, establish scope: > "Does this system store, process, or transmit cardholder data? And what's the current PCI-DSS compliance level?" Cardholder data includes PAN (Primary Account Number), CVV, PIN,