If you’re a merchant acquirer or payment service provider (PSP), onboarding merchants are key to your growth. Of course, you want more merchants, bringing in more transactions. However, onboarding questionable merchants that authorize fraudulent transactions result in charges and losses that impact the bottom line.
How can you balance the trade-offs, ensuring that you can quickly and seamlessly onboard good merchants while preventing bad merchants from hurting your business? In a new report, the Aite Group looks at: Balancing Risk and Return: Best Practices in Merchant Onboarding and Monitoring. The global payments space is growing rapidly and changing quickly as the sophistication of both the technology and fraud attacks advances. The report looks at best methods and technologies that you can use now to improve risk assessment, monitoring and management.
Before jumping into the report, let’s consider other, related best practices. For US banks, the Office of the Comptroller of the Currency (OCC) provides Risk Management Guidance. One of the major recommendations of the guidance is to “adopt risk management processes commensurate with the level of risk and complexity of its third-party relationships .”
This risk management approach is very applicable for onboarding merchants:
As not all merchants are the same, the level of risk and amount of due diligence checks necessary change accordingly.
While there are differences in the level of due diligence, there are standards that must be met. There are legal compliance factors, such as AML, KYC and KYCC. There are standards and rules of the card networks; they demand that there are specific legal contracts with all merchants that control the relationship with all 3rd parties. There are also rules for credit underwriting, as the merchants are in effect offering unsecured loans.
There’s a seven-step process to successfully onboard a merchant:
One key component of creating a more successful onboarding process is automation. A major pain point for the industry is manual work, such as data entry, which might have to be done multiple times. Manual work slows the process down and also introduces points of failure in the system. Manual work also adds a significant cost to the process. This is not to say that people should not be in the process at all. Rather, people should focus on spotting fraud, not on data entry.
Automation also enables smoother integration between the steps. If data is digital from the start, then the entire process has the potential for automation, especially in the case of smaller merchants. New risk assessment automation, as well as integration and optimization tools, are on the market, so dramatic improvements are already possible.
Automating the process accelerates merchant onboarding by 30-40%
The typical bank merchant onboarding process is manual with many potential points of failure. A bank representative armed with card program brochures and books must visit the merchant premises. If the merchant then wishes to “come on board” with the bank, the business details are written out on paper and sent to the bank processing center once the agent returns to their office. The back office staff must then conduct an initial credit check after they re-enter the details in the CC application. If a transcribing error occurs the credit check cannot be completed, necessitating further communications with the merchant.
Credit checks are commonly conducted with input from one or more agencies, with the details again being manually transcribed. This manual process may again introduce transcription errors. Once creditworthiness has been established for the merchant, the application-case file is passed to a manager for approval. Following approval, a merchant account Id and PIN is generated and sent to the agent, who then delivers the merchant card account information to the customer.
Capgemini uses the IBM architecture to power the Merchant Onboarding solution. Vendors must then prove financial worth once the credit checks have been completed. Another agent must wait for the vendor documents to be received and assess vendor financial credibility. If the vendor is approved the case is passed to a manager for final approval. The overall process can take up to 6 weeks, with tracking often managed on paper or spreadsheets.
Merchant acquirer’s or PSPs can’t stop their risk management after onboarding. What if a merchant fundamentally changes the nature of their business, or the volume of transactions or transaction amounts dramatically change? A change in the risk criteria requires reassessing the merchant; as they can already be doing damage, the quicker, the better.
Ongoing monitoring should watch for:
While monitoring automation has already seen great success, there’s an issue with false positives. It’s difficult to fine-tune the matches, so the industry seems to accept that it’s better than the alternative. There are also issues when merchants go into new segments or offer new channels as the technology doesn’t seem to keep up with these changes.
The industry is getting tougher to compete in. There’s more competition, encouraging growth in higher-risk segments and markets. There’s a rise in CNP fraud, as counterfeit fraud becomes more difficult. There’s a demand for new channels as eCommerce and mobile commerce gains ground. The complexity and breadth of compliance requirements are expanding. As Aite notes: “Risk and compliance projects will take an increasing share of the investment budget available for business innovation .”
Technology though offers hope to the situation. The ability to digitize procedures that were previously paper-driven automate manual processes, and to analyze and assess risk using advanced data analysis tools provides opportunities to dramatically improve the merchant onboarding process. Merchant acquirer’s and PSPs that embrace new technologies can lower costs and generate better returns while successfully managing risk.