GS Logo
The Green Sheet, Inc

Please Log in

A Thing
Links Related
to this Story:

Article published in Issue Number: 070301

Card Association compliance: A reality check

By Jared Isaacman, United Bank Card Inc.

After a recent discussion on the popular GS Online MLS Forum, it became apparent to me that many ISOs and merchant level salespeople (MLSs) are confused about how to comply with Visa U.S.A. and MasterCard Worldwide rules.

This is not surprising considering how inaccessible the actual printed rules are to the majority of ISOs and MLSs.

You could say I am fortunate (or unfortunate depending on your perspective) to have completed one of the first audits for a registered ISO/MSP on proper compliance practices for MLSs.

While United Bank Card Inc. has always gone above and beyond the standards required by our sponsor bank and the card Associations, this audit brought me greater clarity.

What's in a name?

Fundamentally, ISOs and MLSs marketing credit card processing services must be sponsored by a member bank and registered with Visa and MasterCard. The only exception is for ISOs and MLSs doing business and marketing under the company names and identities of the registered ISOs they represent.

About a dozen references in card Association operating rules relate to ISO compliance. Following is a Visa rule that succinctly states the requirement:

An ISO, third-party servicer or independent contractor must not present itself to prospective cardholders and merchants under any other trade name except the one registered with Visa.

Visa and MasterCard spend hundreds of millions of dollars annually to build and protect their brands. It is clear that this rule, among others, is specifically designed to regulate third parties that could directly or indirectly impact or poorly reflect on these brands.

This rule ensures that only registered organizations independently approved by Visa and MasterCard are marketing to the card Associations' cardholders and merchants.

Will I really have to pay?

Naturally, when rules are broken, there are consequences. Visa and MasterCard both have investigators and committees that identify, evaluate and penalize (through fines) any violations. If the fact that we all want to remain in this industry is not motivation enough to play by the rules, the prospect of a business-crippling fine should be sufficient.

Fines begin at $10,000 and quickly escalate. They are assessed at the bank identification number and interbank card Association level, not individually.

For example, it may only be your first violation as an MLS for ABC Merchant Services. However, you could be assessed a $50,000 fine because three previous MLSs working with ABC violated that rule, or even because a different ISO registered with the same member bank was previously fined.

On the highest level, Visa and MasterCard issue fines to member banks. The banks pass fines down to the responsible registered ISOs, which, in turn, pass them down to the MLSs really responsible. If registered ISOs cannot afford to pay fines, member banks deduct them from the ISOs' residuals. Likewise, ISOs do the same to MLSs who cannot afford to cover fines.

There is scant room for negotiation. Visa and MasterCard do not have a help line you can call to plead your case. Individual MLS concerns do not take priority over the billion dollar brands Visa and MasterCard are protecting. They expect their rules to be followed.

Fantasy or fact?

Here are five common misconceptions regarding ISO and MLS compliance with Visa and MasterCard rules, followed by accurate information:

· First fantasy: I am not really in the credit card processing business. I sell check guarantee or ATMs. Merchant accounts are just an add-on.

· Reality: If you market credit card processing services - be they via your Web site, mailers or other marketing collateral - you must do business in the name of the registered ISO you represent.

· Second fantasy: I have a Web site showcasing my company name and logo. But at the bottom I disclose the names of the registered entity I represent and its sponsor, as well as the nature of their relationship. That disclosure is all I need.

· Reality: ISO and MLS Web sites are marketing vehicles used to reach merchants. Therefore, you cannot establish a Web site for bankcard processing in your own business name unless your business is registered. This is true even if your site provides the name of the registered entity you represent as well as its sponsoring bank.

Also, if your Web site and other promotional materials are in the name of the registered ISO ABC Merchant Services, for example, you must also include a disclosure stating that ABC Merchant Services is a registered ISO/MSP of First Bank of Credit Land, along with relevant contact information.

· Third fantasy: As an MLS, I represent more than one registered ISO. I can use one Web site to do business in the name of two companies.

· Reality: You need to have two different Web sites with two different phone numbers that are each answered in the name of the respective registered ISO. You must also have two separate sets of marketing materials.

· Fourth fantasy: I think my ISO just wants me to use its name to further its own brand.

· Reality: If brand awareness were so important in our industry, MLSs would have a hard time soliciting JPMorgan Chase & Co., Bank of America Corp., Wachovia Corp., PNC Bank, Wells Fargo & Co. and all the other major bank brands, which are some of the best-known in the world.

The fact that ISOs and MLSs are successful is a testament to how unsuccessful big brands are in our industry. The truth is that registered ISOs want their names used simply because they do not want to get fined and, worse, pass fines on to the unregistered ISOs and MLSs representing them.

· Fifth fantasy: I have never heard of these so-called fines. I am just going to keep running the business the way I have been. I doubt I will get caught.

· Reality: It would not make sense for Visa and MasterCard to draft hundreds of pages of rules and regulations without creating consequences.

I have met dozens of member banks and their ISOs that have been fined on several occasions. It is an unfortunate, but necessary reality check in our business.

ISOs and MLSs who think they can dodge bullets are playing Russian roulette with their residuals. Visa and MasterCard investigators look for noncompliant Web sites all day long. They even use spider software to find these Web sites.

The card Associations also require regular audits of member banks, which will, in turn, audit their registered ISOs. During this process, noncompliant ISOs and MLSs can easily be discovered.

Perhaps you've been lucky enough to avoid Visa's and MasterCard's audits. What about your competition? It is common for competitors to inform Visa and MasterCard of noncompliant ISOs and MLSs.

Remember, when agents get caught violating the rules, there is no room for explanation and negotiation. Now that MasterCard is a public company and Visa intends to follow suit, they have to factor in the expectations of shareholders. I expect they will become even more stringent.

The Visa and MasterCard rules are far from perfect. Many rules still lack clarity. However, as card Association compliance relates to MLSs, the rules are anything but ambiguous.

Unregistered ISOs and MLSs must do business and market in the name of the registered ISOs they represent.

I realize this is a difficult topic with little available documentation, so I am happy to address any of your questions or concerns.

Jared Isaacman is Chief Executive Officer of United Bank Card Inc. Call him at 800-201-0461, ext. 120, or e-mail him at

Article published in issue number 070301

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Back Next Index © 2007, The Green Sheet, Inc.