anks, processors and ISOs often forget that ISOs sign contracts between merchants and banks or processors and generally do not sign contracts directly with merchants. Whoever you are in the matrix of relationships in the electronic transactions processing business, it benefits you to consider who the parties are to the contracts in your specific business.

One of the first principles taught in any law school contracts class is 'privity of contract.' In a nutshell, if one party has privity of contract with another, it means that the parties have a contractual relationship directly with each other. If you do not have privity of contract with another party, then in most cases you cannot sue the other party on the contract.

For example, if you are a processor and you sign an ISO deal with an ISO that has 10 sales representatives, the most likely scenario is that you have privity of contract with the ISO but not with the individual sales representatives. Those sales representatives, on the other hand, have privity of contract with the ISO but not with you, the processor.

As readers of The Green Sheet are generally aware, even if the merchant goes directly to the ISO or the sales representative when it has questions or issues, the merchant generally has no direct contractual relationship with the ISO.

It is in the best interest of the ISO to service the merchant even though the ISO has no direct relationship with the merchant. The motivation for an ISO to service one of its merchants is often purely business-based and not legally-based; however, sometimes business motivation is not enough to settle any or all of the issues that may arise between an ISO and a merchant.

It's important to know who really has the legal obligation to the merchant under the merchant agreement. Suppose a merchant agreement is between the merchant and a bank. In the event that the sales representative, the processor and the ISO are unable to address a significant issue for that merchant, all parties in this matrix should be aware of how to reach the bank to promptly address the merchant's issue.

Most ISOs and processors are incapable of legally forcing a bank to perform for a merchant. As such, channels of communication between ISOs, processors and banks must be available if ISOs are to deliver the level of service that merchants expect in this business today.

While banks or processors generally have privity of contract with merchants and therefore the direct obligation to provide processing services, if you are an ISO, do not let your exclusion from that direct relationship mislead you into thinking that you are any less liable for losses that you have agreed to take on under your ISO agreement.

Given that the ISO usually has no direct privity of contract with a merchant, the ISO must rely entirely on the processor or bank to take all necessary action to recover uncollected merchant debt from merchants (See "How About Them Reserves?" The Green Sheet, Oct. 27, 2003, issue 03:10:02).

But what happens when banks or processors do not pursue merchants that have defrauded them of significant sums? Typically, the bank or processor can immediately deduct uncollected merchant debt from the reserves held back from the merchant or the ISO, and not bother to collect those amounts from the merchant.

Occasionally, ISOs are left liable for uncollected merchant debt in this manner and have no right of action against the merchant for whom they have carried the risk. This is why it is important for ISOs and processors to negotiate in their ISO or processor agreements the right to sue merchants directly for any losses for which they indemnify the bank-for example, if a merchant has a merchant agreement with a bank, and an ISO assumes full liability on the account.

By law, the ISO has no right to sue the merchant directly for merchant fraud because the ISO has no privity of contract with the merchant. It should be the industry standard that every party that is liable for losses has the right to sue the merchant on the losses for which they have been liable.

This can be accomplished by inserting simple language in a typical ISO agreement-for example:

"Right of Action Against Merchants. In the event that ISO indemnifies Bank for any uncollected merchant debt hereunder, then Bank covenants to assign to ISO any and all rights of action under the Merchant Agreement with such merchants, or other agreements, as the case may be, such that ISO may sue merchants directly for all such amounts."

(Please note that the above language is generic language and will definitely have to be adapted to suit the needs of your particular agreement. Do not use this language without consulting an attorney.)

The language above refers to the assignment of rights of action. These assignments are really assignments of rights that the Bank has under its merchant agreement with the merchant. The clause effectively obliges the bank to assign the merchant agreements to the ISO to the extent that the ISO is held liable to the bank for merchant losses. Ideally, this would prevent the ISO from being liable for a loss for which it has no chance of recovery.

I advise all processors and ISOs to take a moment and look at their processing services or ISO agreements to see if this kind of language is included. If not, you may wish to have a discussion with your counterparty about your right to sue merchants.

Privity of contract is useful in other contexts as well. Without going into great detail, a good principle to remember is that if you want an individual or a company to be obligated to you, then make sure you sign a contract directly with that individual or company. Without direct privity of contract it becomes very difficult from a legal perspective to sue.

Consider your risks and negotiate your contracts accordingly.

In publishing The Green Sheet, neither the author nor the publisher is engaged in rendering legal, accounting or other professional services. If legal advice or other expert assistance is required, the services of a competent professional should be sought.

For further information on this article, please contact Adam Atlas, Attorney at Law by e-mail: atlas@adamatlas.com or by phone: 514-842-0886.