at the start of my freshman year at boston college, i was paired up with a random roommate will messina, who ended up becoming one of my closest friends (we lived together all four years of college, and for three years post-grad as well). will and i were some of the only people actively starting companies freshman year at bc (and were the only two freshmen accepted into the bc’s entrepreneurship club accelerator), so it’s pretty lucky that we were paired up as roommates.
will is building a company called grailpay, and i thought i’d write out some thoughts on how i understand his business and the market. as of the time of writing (october, 2025), grailpay has raised $6.7m in seed funding led by construct.
as you can probably infer from reading these thoughts below, i’m a strong believer in will as a founder, as well as in grailpay as a business.
overview
grailpay’s vision is to build the “visa / mastercard for b2b payments” - a real-time bank payments bureau that can later expand to other payment rails like rtp and fednow. “bank-to-bank payments” is a large and growing market in need of risk tooling innovation, as $100+ billion in ach payments fail annually. grailpay’s first wedge product was ach payment processing, which allowed the company to gather enough data to build risk products on top of that data. now, the company offers “account intelligence” and “transaction intelligence” products to mid-sized financial services firms, and aims to grow its proprietary dataset of transaction history and achieve network effects. ach isn’t going away any time soon, but grailpay believes it must be brought into the digital age. they have a first-mover advantage here, and could become a franchise fintech data network in the next five to ten years.
the market
the b2b payments market is massive and growing, yet extremely antiquated. in the us, $86 trillion in ach payments were processed last year; however, fraud and credit risk are still huge problems ($100+ billion in ach payments fail annually), and the solutions involve either manual review processes or inadequate legacy tooling.
these problems are less apparent in consumer payments, where card networks like visa and mastercard have built robust risk infrastructure tooling (given that they sit in between a lion’s share of us consumer transactions, and can therefore underwrite risk very well). credit cards offer a great value proposition for the recipient of payments (as the card networks pay the recipient out immediately, while waiting to collect payment from the originator, which is the risk they underwrite).
however, the fees that visa / mastercard charge make cards a difficult-to-use rail for b2b payments, where the average transaction sizes are much larger than consumer payments (imagine you sell dental laser units for $50k, to accept a credit card payment, you must pay ~3% = $1,500 in fees). as a result, most b2b payments take place over ach and paper checks - for example, 73% of businesses still used checks last year (especially smaller businesses).
the b2b payments market is in good shape to be disrupted - ach use is rising with 60% of businesses using it (up from 48% the previous year), and the need for safer bank payments is only increasing (instant payment networks like rtp and fednow are growing 40% yoy, and 91% of merchants are keen to adopt “pay by bank” methods).
the company
grailpay is building the risk and data network for ach payments. this means that for all bank-to-bank transactions (paper checks, ach, fednow, rtp, etc), grailpay’s goal is to become two things: 1. the “authorization layer” and 2. the “credit bureau layer.” the goal of the authorization layer is to be a real-time engine that decides to approve or decline a payment before money moves (is the account real, does the owner match, is the fraud risk low, will the funds clear, can we route this payment to a safer rail, etc). the goal of the credit-bureau layer is to be a persistent profile for every business, complete with a history of successful / unsuccessful payments, fraud flags, etc (which can be turned into an identity / score that others can query, similar to the consumer credit scores that equifax and experian provide).
grailpay’s wedge into this opportunity has been providing ach processing to businesses, essentially becoming a payment processor themselves to aggregate a large volume of successful / unsuccessful payments, which they could later build risk models on top of (requiring roughly $500m in annual volume to become statistically significant). now, the company processes $1.5 billion in annualized ach volume they can take a small cut of (and that number is growing quickly), and grailpay’s money-movement services are taking a back seat to the next series of risk intelligence products derived from payment history data.
grailpay’s two core products are “account intelligence” and “transaction intelligence.” the account intelligence product is an api that verifies and scores business bank accounts (for validity, fraud risk, etc) before a payment is sent. transaction intelligence evaluates risk on each ach transaction (creditworthiness, fraud flags, insufficient funds probability, etc).
the grailpay account intelligence product consistently outscores incumbents in the space in head-to-head data tests, like giact (a legacy bank account validation service that sold for $700m despite lackluster coverage and poor accuracy rates). there are other adjacent risk products grailpay can offer later, like “guaranteed ach” (where grailpay guarantees payment to the recipient) - fiserv’s telecheck (guaranteed check) product in this space does $200 billion in annual volume.
in five years, grailpay wants to expand past ach risk to also authorize payments across other payment rails like rtp, stablecoins, or any rail where businesses need to know that funds can be sent and received securely.
by associating transaction data and fraud signals to portable “grailpay id’s” (like credit card numbers for accounts), the company is creating a defensible data moat that grows over time. as grailpay continues to sit in the middle of payment flows and accumulate more and more proprietary data, the company is positioning itself to become the business banking equivalent of a credit bureau, or the “visa / mastercard for b2b payments.”
more writing to come on other topics such as business model, competitive landscape, etc.
further reading: jeremy @ nyca wrote a thoughtful piece calling for a better business credit bureau that is worth checking out