ISO Governance By Jay MacDonald Reprinted with permission from Transaction Trends, July 2002 issue
nother caffeine-fueled day gets under way on the exhibition floor of the 2002 ETA Annual Meeting and Exposition in Orlando. Traffic is heavy and interest is high in all the latest technology.
But not everyone is shopping for payment solutions.
Seen strolling through the sea of marketing banners and ready handshakes is a woman relatively unfamiliar to and with the payment processing industry. Elizabeth Hone, attorney with the Division of Marketing Practices in the Bureau of Consumer Protection at the Federal Trade Commission is here to educate and learn. She is here to ask questions. She is here to understand the sometimes-intricate interrelationships between processors, merchant acquirers, sponsoring banks, card issuers - and not least, the role that Independent Sales Organizations (ISOs) play in the big scheme of things.
For the visiting attorney, the ETA show provides a singular opportunity to meet and greet members of an industry that the FTC needs to understand.
Two months earlier, the FTC had placed Certified Merchant Services of Plano, Texas, into receivership for alleged unfair and deceptive business practices in what was widely viewed as a shot across the bow of the entire industry. That trial is now scheduled for March.
Two months before that, the federal Office of Comptroller of the Currency (OCC) had issued new examination guidelines to banks working with Independent Sales Organizations (ISOs). The Federal Deposit Insurance Corporation (FDIC) also has been priming its examiners to take a closer look at the acquiring end of the business.
In light of the CMS action, and at the invitation of ETA, the FTC official agreed to come to the ETA annual meeting to address receiverships and ways to avoid this worst-case scenario.
Her message to ISOs was clear: Become more clear in your business practices or you may have to deal with us.
Fear of the Broad Brush
For ISOs like Barry Welsch, who owns and operates Welsch Financial Services in Butler, Pa., the FTC move against CMS elicits mixed feelings. The aggressive sales tactics of some of his competitors has long bothered Welsch, who came out of Mellon Bank to start his own ISO 10 years ago.
"To me, I know it's out there all the time and you kind of wonder in the back of your mind why somebody doesn't control them," Welsch says. "It really hurts us all; the whole industry gets a black eye. So I'm concerned about getting that black eye and I'm concerned about what fallout I will get, what will affect me as a result of them, because any rules that come into play are going to put more responsibility on me."
Welsch recalls the early ISO wild-west days when freewheeling sales practices ultimately forced the card associations to require members to register their ISO merchant acquirers.
"You had ISOs getting in the middle of funding to merchants, in the middle of keeping funds of the merchants, deceptive things that banks would never do. They [banks] didn't even have controls in place because that's not how a bank thinks," he recalls.
"As it ended up, we had to live with all this registration stuff, all this reporting and investigations into principals. That's all now part of being an ISO. I'm guessing that something like that will occur now from a government agency, probably the same kind of stuff."
Fear of the broad brush, of having their business practices put under the microscope because of the aggressive sales practices of a few ISOs, leaves operators like Welsch frustrated and angry.
"I operate a business that is very reputable. I always knew that we just would not do deceptive things, it's absolutely fundamental. But if you're not as deep into this business and you haven't been around forever, you look at it as, hey, this is a free-for-all, just like every single business segment has that segment of people who will say anything and do anything to get the paper signed," he says.
"It seems to me there at least ought to be somebody watching over it. There has to be a place you can go to say these people look like they're doing something wrong. Because we see it all the time, there are others around. There's a whole group of them that disrupt good, solid relationships of ISOs like ours."
The card associations charge their members with an oversight responsibility for the ISOs they sponsor. Welsch says the problem with that model is two-fold: aggressive ISOs can always find a bank willing to look the other way, and banks often don't share enough of a reality with their acquirers to know where to look for abusive practices.
"Banks traditionally are never viewed as overly aggressive," he says. "When was the last time you went to a bank and they tried to double-charge you for things just to see if they could get away with it?
"It's absolutely not an issue that we need to clean up and get rid of that kind of thing, but it's a little bit of a concern as to how it affects the good guys."
BIN Banks in the Crosshairs
Increased scrutiny of ISO practices has heightened concern at BIN banks, those financial institutions that depend on ISOs to acquire merchants for them. Recent high-profile civil class action suits brought by merchants against large acquirers have some banks taking a closer look at their ISO relationships.
Previously, federal bank regulators were primarily concerned with the creditworthiness of an ISO to bear the risk of chargebacks; it had not considered the BIN bank's risk of exposure to class action litigation that might result from an ISO's business practices.
Banks are not legally required - yet - to oversee the business practices of their ISOs or to hold funds in reserve to cover damages that might result from them. Similarly, card association rules limit a member bank's responsibility to financial liability, ISO portfolio risk perimeters, and brand and customer management issues; no mention is made of any obligation to oversee or correct an ISO's business practices.
"Visa and MasterCard have to hate this; they have to hate the fact that a nonmember has been the subject of an enforcement action," says Marc Abbey, industry analyst at First Annapolis Consulting of Linthicum, Md. "You've got to wonder what's going on behind closed doors at Visa and MasterCard to mitigate this. If I were them, I would be thinking to impose greater oversight requirements on BIN banks and to make more explicit those kinds of commitments. Which could upset the apple cart in the ISO market a little bit."
There is growing concern, particularly among bankers, that the ISO industry's comparatively informal approach to merchant contracts may well be inviting unwanted attention from the feds; pages of contract add-ons after the fact led in part to the CMS action. Contract language, particularly in such crucial areas as leasing and transaction fees, is sometimes vague and difficult to understand. Bankers in particular perceive some ISOs' failure to fully disclose as putting the entire industry at risk unnecessarily.
Whose Job Is It Anyway?
The question of ISO governance presents an interesting conundrum for the card associations. On one hand, Visa and MasterCard take great pains to point out that they have no direct relationship with (and therefore no direct control over) the ISOs with whom their members choose to associate.
In terms of overall card transaction volume, the ISO-driven, nonbank acquirer portion is relatively small (roughly 30 percent) and shrinking, hence the argument could be made that the card associations have an equally diminishing interest in the fate of ISOs in general.
On the other hand, Abbey points out that because the ISO market has been in decline since the mid-1990s, "the card associations have a lot less to lose by getting a little more aggressive than they once did."
Except for those ISO merchant numbers.
"Where it is big is in terms of the number of merchants (an ISO) touches," says Gerritt Kerkstra, senior vice president for acquirer relations, North America acceptance for MasterCard. "It is ISOs, at least in the United States market, that have added to the breadth and depth of acceptance locations that do exist."
While the card companies would rather not invite the problem, if left unchecked, renegade ISOs have the potential at least to undermine the stability of their bank sponsors, damage the card brands, and even expose the card companies themselves to class action damages.
At the ETA presentation on receivership in April, it was suggested that the card associations consider requiring greater oversight of ISOs by their member institutions and even initiate a third-party audit program to help stem abusive sales practices.
Kerkstra says MasterCard is already doing its part by publishing two new guides this summer, one directed at ISOs on how to better work with acquirers, the other directed at acquirers on how to make nice with their ISOs. MasterCard routinely hosts acquirer-day conferences to which it invites ISOs through its members; last year, it held its first ISO conference, to which it also invited members through their ISOs, and plans to host another one in August.
"We want the member and the ISO to have an ongoing dialog," says Kerkstra. "What we're concerned with is that they're representing the rights and responsibility of merchants that are accepting MasterCard and that they're doing so correctly."
Beyond these educational efforts, Kerkstra says ETA, not the card associations, is the more appropriate organization to head up any industry-wide self-governance initiatives.
"In my opinion, the first organization that an ISO should look to is ETA. The Electronic Transactions Association has essentially grown up as an ISO association. Education is certainly something that is a primary focus of ETA and something that MasterCard has supported for many years," he says.
Kerkstra views the specter of government regulation in a positive light.
"ISOs that are doing the job appropriately should not be worried about increased regulation. I think it would be a stamp of approval for ISOs that are performing their job well," he says. "If any ISOs are engaged in practices that are hindering business development with merchants, it would be good to bring those to light, as well. ISOs that are operating appropriately have nothing to fear."
Wild ISOs: An Endangered Species
Analyst Marc Abbey says the federal agencies are gearing up to bring ISO practices more in line with bank practices; it's no longer a question of if, but how and when.
"Both of the examination entities, the FDIC and the OCC, have gone through a multi-year effort upgrading their ability to examine card business. In the last 12 to 18 months, there has been a lot of activity on the issuing business and some issuers have been seized. It's been very high profile. There hasn't been a whole lot of action on the acquiring side, but we know that the OCC has published new examination guidelines and we know that the FDIC has boned up its examination staff on the details of the acquiring business. It is clear that the banking regulators are more interested in the business than they used to be; what isn't clear is how much impact that will have on the market."
To some degree, the impact of government regulation will depend on just how widespread the problem is in the ISO industry.
"I'm not sure that CMS really did anything all that differently than most ISOs. The other thing I watch very carefully is did CMS' BIN banks get dragged into the public arena and so far they haven't. The FTC acted against Certified Merchant Services, they didn't act against the banks that sponsor Certified Merchant Services. If you're that bank, you have to have been very concerned with that. You're ultimately responsible for this in the eyes of the card association. You just wonder, in the regulator action or in any lawsuits that result from this, whether the banks who are really the deep pockets here could be put under the spotlight, because if that were to happen, I think it would change the ISO market fairly dramatically."
Abbey expects the card associations to continue to closely monitor the various regulatory entities. He predicts that new announcements from Visa and MasterCard will likely be the first warning of what's in store for ISOs.
"Watch the card associations. What are their lobbying efforts? What hearings, if any, do they attend at the FTC? What new rules do they promulgate? Because the card associations will have an interest in heading off formal federal regulation. If they can self-regulate, they would rather do that because federal regulation is so much more inflexible, it can get politicized, and you can have some really bad outcomes. Rather than watching the FTC itself, the early warning sign would be the activities of the card associations."
It's a good bet that someone - most likely the sponsoring BIN banks or a third-party auditor - will soon be charged with scrutinizing ISO business practices and ensuring they meet whatever federal standards eventually come down from Washington.
Of far greater concern long-term is that recent civil suits could rekindle interest in requiring banks to hold funds in reserve to pay the victims of their ISO.
"The disaster scenario here, if you're an ISO, is the regulatory agencies head in the direction of imposing capital allocation requirements in this business, meaning the banks would have to have capital on hand," Abbey says. "Right now, a bank, if it chooses to, can account for this as an off-balance-sheet activity and allocate really no capital; if it has $1 or $1 billion in cleared volume, it has no impact on its regulatory capital ratio. If that were to change, then all of a sudden these BIN banks would have to make a return-on-equity justification of the clearing arrangement they have with ISOs. It's not clear how that would work out. That's been talked about for at least 10 years and I don't think we're any closer to having that sort of requirement now than ever. That is a very low probability but very dangerous banking regulatory action."
Such a move would have dire consequences for the ISO industry, he says.
"It would impose a cost that's not currently present on all non-bank acquirers. It depends on how it was implemented," Abbey says. "In extreme scenarios, it would trigger repricing of all these clearing arrangements, and most clearing arrangements do not envision that. You can guarantee that at some point it becomes the ISO's problem."
What chance, if any, does the industry have to stave off federal regulation by policing itself? Abbey admits that First Annapolis has wrestled at length with that question, and even looked at developing a "Good Housekeeping Seal of Approval" for the ISO industry itself before abandoning the idea.
"Is it something ETA could do? Maybe. ETA is a little disadvantaged in the way that it's governed; it's not governed as an aggressive third party, it's governed as a captive tool of the industry, so it may have a problem implementing that sort of program. But it would be worthwhile."
Jay MacDonald is an international award-winning writer and consultant. He is based in Naples, Fla.
|