Now that merchant acquirers, and, by extension, merchants, are liable for certain kinds of fraud losses if the merchants aren’t prepared for EMV chip cards, acquirers are starting to put in place EMV non-compliance fees to cover their new risk exposure.
One of the first to move on this is National Processing Co., a unit of Cincinnati-based acquiring giant Vantiv Inc. Starting Jan. 1, NPC will begin charging independent sales organizations and other sales agents fees for each merchant not able to accept EMV. The agents are free to either absorb the new cost, pass it on to their non-compliant merchants, or pass it on with a markup.
According to a Sept. 11 bulletin sent to acquiring partners and obtained by Digital Transactions News, NPC’s non-compliance fee is stratified into three levels of risk. The rate for merchants deemed low-risk is 0.01%, that for medium-risk merchants is 0.05%, and for high-risk merchants, it’s 0.10%. The rate chart provides for two “upsell” scenarios to merchants calling for markups to 0.05%, 0.10%, and 0.15% or 0.10%, 0.15%, and 0.20%.
Acquirers are instructed to first deduct card-not-present volume from overall volume before applying the fee percentage, as EMV applies only to card-present transactions. The bulletin also provides for a list of “exclusions” from the fee, including cases where all of a merchant’s volume is card-not-present or where volume came through a restaurant app or lodging app.
To give merchants time to install and activate EMV gear, the fee will not be effective until January and will be reflected for the first time on January statements, which merchants will receive on or about Feb. 5, according to the bulletin. With the exclusions in place, the document says the non-compliance fee will be borne by about one-third of NPC’s merchant base.
Acquiring experts contacted by Digital Transactions News say EMV non-compliance fees are rare so far but will probably proliferate, as merchant fees for non-compliance with the Payment Card Industry (PCI) data-security rules have done. “Acquirers have a long history of charging fees for compliance and/or non-compliance and I don’t expect EMV to be an exception,” notes Rick Oglesby, a senior analyst with Centennial, Colo.-based Double Diamond Payments Research, in an email message.
One factor that could be holding back many acquirers from levying the fee for now is that even merchants that are aware of EMV can’t accept chip cards because of certification backlogs for terminals and software. “There’s a wide expectation there will be that kind of [EMV non-compliance] pricing as that backlog clears up,” says Marc Abbey, managing partner at First Annapolis Consulting, Annapolis, Md. “I’d be surprised if we don’t see it widespread.”
While some ISOs who talked to Digital Transactions News characterized the new fee as simply a moneymaker for the processor, NPC’s bulletin points out the purpose of the fee is to compensate for the incremental risk posed by non-compliant merchants. The fee can induce merchants to install EMV terminals more quickly, an NPC spokesperson says. “Non-compliance fees, which are meant to motivate movement to this better environment, are a last resort to help convince any remaining merchants to consider the more secure options,” says a company spokesperson in an email message.
EMV’s liability shift, which took effect Oct. 1, moved responsibility for counterfeit card fraud losses from card issuers to merchants in cases where EMV cards are used but merchants aren’t prepared to process chip transactions. While acquirers can and do pass fraud chargebacks on to merchants, it’s not always certain merchants will be able to absorb those losses, Abbey points out, which causes the risk to boomerang back to the acquirer.
Such losses are typically withheld from a merchant’s reimbursement from the acquirer, or “net-settled” in payments-industry parlance, but there are cases where the merchant’s volume can’t cover the losses or where the merchant has simply disappeared, Abbey says, leaving the acquirer on the hook.
Such arguments don’t wash with all observers. “It is a ripoff fee, nothing more or less,” charges Alex Nouri, president of EFT Direct, an Ann Arbor, Mich.-based independent sales organization. “This is yet another opportunity for ISOs to rob merchants.”
Still, the industry’s options may be limited in the case of merchants whose recalcitrance exposes acquirers to more risk. “If the merchant has had an opportunity to upgrade to EMV and chooses not to, then I do see this [EMV non-compliance fee] as legitimate,” argues Abbey.
In any case, the new fee looks to be temporary, lasting only until the country’s merchant base has converted to EMV. Temporary, though, could be “three, or four, or five years,” Abbey notes.