Digital Transactions Authoritative, insightful and timely information for payments professionals
As the payments industry contends with ongoing state and federal regulatory inquiries, the Electronic Transactions Association will release an updated version of its “Guidelines on Merchant and ISO Underwriting and Risk Monitoring” in February. The final edits are being made, says Deana Rich, principal of Deana Rich Consulting Inc., which helped develop the guidelines.
Rich announced the updated document at the Northeast Acquirers Association annual conference last week in Boston.
The guidelines provide recommendations for evaluating the risk inherent in managing merchant accounts. Among the subjects it covers are underwriting merchants, assessing risk management, monitoring ISOs, and dealing with merchants that require more scrutiny.
Initially released two years ago, the updated guidelines will appear amid increased regulator and legislative interest in payments.
“The good news is the payments industry, with all of its change—EMV, mobile, and tokenization—we are on the radar for federal and state regulators,” Scott Talbott, ETA senior vice president of government affairs, said during a panel discussion last week. “The bad news is we’re on their radar screens.” Regulators are looking at the payments industry for additional tax revenue and as a way to expand their legal and regulatory domain, he said.
One measure under consideration by some states focuses on requiring independent sales organizations and processors to obtain money-transmitter licenses. “Like a scared octopus, they’re starting to squirt ink everywhere,” Talbott said.
Regulators also have cast their gaze on payment card surcharges. While Visa Inc. and MasterCard Inc. now allow surcharges, with some restrictions, 10 states prohibit such add-on fees, Holli Targan, a partner at Jaffe Raitt Heuer & Weiss, a Southfield, Mich.-based law firm specializing in payments. Whether such prohibitions will have national traction is uncertain, she says.
Four different court cases have challenged these laws—primarily on First Amendment grounds—but the court decisions have not coalesced on any single point of view. “The courts have been all over the map with this,” Targan said. In California and Florida, the prohibitions were removed, while in New York and Texas they’ve been upheld.
This indecisiveness means acquirers will have to determine a merchant’s ability to surcharge on a case-by-base basis, she said.
The card brands, too, routinely release new rules for dealing with merchant risk. In December, Visa Inc. announced new data-security validation requirements for the smallest card-accepting merchants beginning in 2017. “Visa, with this announcements, is pushing merchants toward the adoption of these secure technologies,” said Joan Herbig, chief executive of Atlanta-based ControlScan, a data-security company. The program will require reporting on the number of merchants that have adopted secure technologies, such as EMV acceptance, and there will be some requirements about making announcements to merchants, Herbig said.
