GS Logo
The Green Sheet, Inc

Please Log in

Banner Ad
View Archives

View PDF of this issue

Care to Share?


Table of Contents

Lead Story

Hard times expose vulnerable residuals

News

Industry Update

7-Eleven takes interchange issue to D.C.

Canadian debit shake-up

Two companies, two new security departments

Cyber thieves stealing from students

Features

How to leverage available technologies to manage risk and prevent fraud in RDC

Ed McLaughlin
RemoteDepositCapture.com

Research rundown

Selling Prepaid

Prepaid in brief

Vigilance is watchword in fraud prevention

Empowering the cash-compensated

Is PayPal a threat to prepaid?

Views

Portfolio conversions done right

Biff Matthews
CardWare International

The MLS and the ISO:
Cause for concern?

Brandes Elitch
CrossCheck Inc.

Education

Street SmartsSM:
Microbranding

Jon Perry and Vanessa Lang
888QuikRate.com

Reserve accounts and processor meltdowns

Adam Atlas
Attorney at Law

Digging into PCI - Part 3:
Protecting stored cardholder data

Tim Cranny
Panoptic Security Inc.

A practiced approach

Jeff Fortney
Clearent LLC

Revving up business with profit-controlled marketing

Daniel Wadleigh
Marketing Consultant

Company Profile

Payvision

New Products

Gateway as a service

paymentAccess
paymentAccess

First Data's new dynamic duo

First Data Secure Transaction Management
First Data Corp.

Inspiration

Little actions add up

Departments

Forum

Resource Guide

Datebook

Skyscraper Ad

The Green Sheet Online Edition

October 12, 2009  •  Issue 09:10:01

previous next

Hard times expose vulnerable residuals

Prominent acquiring organization Cynergy Data LLC's Chapter 11 bankruptcy filing in September 2009 provoked asweeping, distressed reaction from both the company's sales force and other ISOs and merchant level salespeople (MLSs) concerned about the event's potential fallout. However, as reported in "A new chapter in Cynergy's story," The Green Sheet, Sept. 14, 2009, issue 09:09:01, Cynergy affirmed that it continues to operate and is paying residuals to its ISOs.

"This situation has put Cynergy on the road to greater stability and solvency, and we will continue making our payments on time," Mario Paladini, Cynergy's Chief Executive Officer, told The Green Sheet. "And as far as invalidating any agreements, any such action would be contrary to the historical values of Cynergy and to the future goals of the company."

Still, anxiety among payment professionals is palpable.

"Since the meltdown a couple years ago of CardSystems, the Cynergy bankruptcy is the most difficult moment we've gone through as an industry," said payments industry attorney Adam Atlas. "Between the [prospective] buyer, the court and a lineup of nervous ISOs it's become a rather complicated process that I think anyone else would want to avoid at all costs. "For a lot of these ISOs, this is 90 or 100 percent of their top-line income, so there isn't any other money for them - and if it disappears, it's game over."

Who's got your back?

This underscores a broader issue of vital importance to all ISOs and MLSs: What is in place to secure or guarantee to salespeople the payment of monthly residuals? What if an ISO or acquiring bank or processor can't or won't pay the residuals owed to its sales partners? What recourse would ISOs and MLSs have? The likely answer is none.

The same question of whether and how payments between parties are secured might be asked of the payments industry at large.

One would assume that, in an industry built on the transfer of money, there would be measures to secure its proper exchange wherever it travels; yet, often very little is in place to protect or otherwise guarantee the flow of money between payment organizations. And the residual streams flowing to and between ISOs and MLSs could become jeopardized in the current economic climate.

"Certainly the residuals are the biggest concern," said Ken Musante, Vice President and Chief Sales Officer for payment processing firm Moneris Solutions. "An acquiring bank could lose the ability to pay them out in the event of a receivership situation and same thing from an ISO standpoint with a bankruptcy.

"Once you go into bankruptcy you lose some ability to do what you want with your money; even if you have good intentions, it's up to the bankruptcy judge to say what you can and can't do. The Cynergy case, I think, was a little bit unique in that they went in with a plan."

The flow of money through the payment chain has historically been very reliable, abetted by the long-term financial stability of the industry. But with the economy in recession and bankruptcies accelerating, this flow of money cannot be taken for granted.

"Like all companies within our economy, ISOs are also upon tough times," Musante, said. "Folks need to be careful about who they're doing business with, and now more than ever it's important that you understand your partners so you don't put yourself in jeopardy," he said.

What about bank failures?

One ominous trend has been the rash of recent bank failures. Between 2002 and 2007, the Federal Deposit Insurance Corp. (which is contracted with every nationally chartered bank in the United States) counted a total of 27 bank failures; only three of those happened in 2007. By contrast, 26 banks closed in 2008 alone, and 95 have failed in 2009, as of Sept. 25.

Some of the recently failed banks have been in the payments business. Observers say that, while payment institutions have generally resisted the recession better than most other industries, there has been an overall drop in stability that is likely to continue.

In 2008, Musante was the President of payment processor Humboldt Merchant Services, when First National Bank Holding Co. failed and was taken over by the FDIC. Because Humboldt was a subsidiary of the bank, it was turned over to the FDIC as well.

For a failed institution, an FDIC takeover typically results in one of two things. Either the FDIC determines the held entity is sufficiently lucrative and sells it to the most attractive bidder, or it determines the business isn't viable, whereby its assets are liquidated and the company is dissolved.

The FDIC decided Humboldt's worth "as an ongoing concern" exceeded the value of its assets, so the FDIC held onto Humboldt until it was acquired.

"The FDIC wants to get out of any given [seized entity] as quickly as possible," Atlas said.

"It wants to get in in time so as to stabilize the accounts and prevent complete collapse and a loss of confidence in the system, or the individual institution, and then it wants to hurry and sell those assets to someone else who can do a better job of managing them," he added.

Humboldt operated under the FDIC for several months before a buyer was found, during which time Musante said he learned of the FDIC's "awesome powers." (For Humboldt, whose takeover had a happy ending, those powers were used to curtail expense accounts and force employees to use time cards.)

The FDIC has absolute control over a seized entity, and its authority trumps any existing agreements that company has. It may, for example, not only shut down a company's operations but also immediately void any contracts it has with other organizations. Depending on what the FDIC chooses to do, the takeover of a bank can have consequences reaching well beyond the seized institution.

That could include nullification of residual payments which, because they are not generally in deposit accounts, are only reinforced by private contracts and lack the FDIC guarantee.

"The word I learned was 'repudiate,'" Musante said. "The FDIC is able to repudiate contracts."

The FDIC was founded in 1933 as a way to insure bank account deposits, and since then, no depositor has lost a single cent of insured funds. Until last year, the FDIC insured all bank deposits up to $100,000, but that amount was raised to $250,000 in light of the growing number of bank failures (it is scheduled to return to $100,000 in 2013). The agency is funded by the banks it insures and has never received taxpayer money.

According to payment attorney Theodore Monroe, the FDIC has shown a talent for foreseeing calamity in rescuing banks from full-scale implosions. "If you look at the returns on unsecured deposits, some of these are getting 90 cents to the dollar," he said. "The FDIC is just an extremely well-run organization."

Historically, the collapse of major payments industry institutions has been rare, but not unheard of. AmTrade International Bank of Georgia, for example, was closed in 2002.

The bank lost millions of dollars from loans made to Argentina and other Latin American countries as the economy of South America entered a crisis - "at the world's worst time," according to Monroe. He added that most of the bank's uninsured deposits weren't reimbursed. "AmTrade was very unusual, and that was because those guys were insane," he said.

According to Donna Embry, Senior Vice President of payment solutions provider Payment Alliance International and former senior executive at PNC Bank, the struggles of payment businesses were never more pronounced than in the late 1980s, when the indiscriminate lending of capital (which also led to the notorious savings and loan crisis) caused wide-ranging instability, including the shuttering of acquiring banks.

"A lot of banks in the '80s didn't have enough money to cover their losses, and banks lost their charters," Embry said. "At that time there were a lot of fraud schemes, and there were some bad ISOs that just didn't pay attention to the merchants they were signing up - whether they were fraud merchants, or going out of business or one where consumers were charging things back. And the banks had to stand in for those losses."

Embry added that the profligate spending of that period and resulting instability gave rise to much stricter industry regulations, which have dramatically limited the instances of bank collapses and other major institutional failures since.

"At the card association level, with Visa and MasterCard and those companies, they always make sure that the acquirers or the issuers have enough tier one capital to offset potential processing losses," she said.

"So, in the case of an issuer, they can't extend more credit to consumers than they have assets and capital to cover it. And if they do, Visa shuts them down - they won't let them issue any more cards," she added.

In a general way, the regulatory functions of the card brands have resembled those of the FDIC. Both serve as checks on banking institutions, and both perform functions that are a combination of reactive and preemptive - responding to a failure of some kind but doing so before it gets out of hand.

The card brands have another important regulatory function that relates more directly to the transfer of money between payment parties: They guarantee the daily settlement funds that flow between industry banks and are at the heart of the industry's survival.

"Visa Inc. indemnifies our financial institution customers for any settlement loss suffered due to the failure of a customer to fund its daily settlement obligations," said Visa spokesman Ted Carr. "No material loss related to settlement risk has been incurred in recent years."

Who protects reserve accounts?

Unfortunately, such protection is much less commonly extended to nonsettlement money. This includes residual money, as well as funds held in reserve accounts, whose security is another point of growing concern. Reserve monies are collected by various payment parties for protection from losses due to merchant chargebacks (which require that settlement and residual monies be reimbursed), but some worry that they expose the party posting collateral to risk.

Reserve accounts may be held as collateral by any number of different parties along the payment chain that make payouts on the back-end of a credit card transaction to another business or bank. An issuer may require a reserve account from an acquirer, an acquirer from a merchant, a processor from an ISO and even an ISO from another ISO. With regard to the potential for default on such accounts, it once again appears that ISOs are most at risk.

Unlike residuals, reserve monies are usually stored in deposit accounts, meaning they are at least insured up to $250,000 - which in most cases is enough to cover the entire reserve. Sometimes the reserve exceeds that limit, however, and for several different reasons.

The size of a reserve is supposed to reflect a reasonable expectation of chargeback volume on a given merchant portfolio, and it may exceed the FDIC's coverage limit simply because it ties to a merchant base with particularly high transaction volumes or chargeback rates. In some cases, however, reserve amounts may be excessive owing to shoddy underwriting or poor business practices.

For example, some poorly written contracts call for drawing reserve money indefinitely, leading to reserves that grow out of proportion to a merchant's transaction volume (and exceed the $250,000 protection limit even when it isn't necessary to do so).

Atlas said another risky practice some banks use is to pool their collateral from different entities into a single account, creating a reserve deposit that can reach into the millions of dollars. Atlas added that, while tapping a reserve account to fund anything other than chargebacks is a questionable business practice, the temptation to do so is high. That is particularly true of processors, which are usually in possession of ISO reserve money and which have far fewer sources of capital than banks to draw from in an emergency.

"I would say that with any given processor, its reserve account is probably the biggest piece on their balance sheet of reserve cash," Atlas said.

"There's the day-to-day float that's probably much bigger, but the reserve account is the biggest piece of static money that any given processor has, and I think processors are under enormous temptation to use that money. You're not supposed to - it's like using your rainy day account."

Generally speaking, for the common lack of guarantees backing up the flow of money on payment chains, the best security has long been a prevailing desire among payment institutions to maintain good business practices and uphold their reputations as honest and reliable industry players.

That, presumably, is precisely why Cynergy Data, though bankrupt and given every fiscal reason to do exactly what its ISOs feared it would do, has nonetheless decided to keep funding its everyday operations - knowing full well that not doing so could cause far greater long-term damage than the short-term losses incurred by residual payouts.

And yet, while reputational considerations may, in many cases, be sufficient motivation to do what's fair, in trying economic times, anything less than a legal guarantee of payment might not be enough. The most significant backing for ISOs in particular may be the FDIC, although making sure their different cash flows are insured will require no small bit of tact and maneuvering such as distributing funds among multiple bank accounts.

Approached the right way, however, it might be possible to protect virtually all payment money, even residual money, according to Atlas. "I think it can be set up to get residuals in insured accounts," he said. "If ISOs out there want to come with a proposal and the [Electronic Transactions Association] wants to come up with a proposal to insure some of the bits and pieces of money, I'd be happy to work on that on a pro bono basis."

At the 2010 ETA Annual Meeting & Expo in Las Vegas in April, the role of the FDIC in payments is scheduled as a forum topic. For ISOs and others in attendance concerned about the security of payment chain money, finding new ways to insure back-end transaction funds might be something to explore. Of course, why wait until April?

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM