Southern Financial Exchange ACH Payments AssociationMississippi, Louisiana, Texas Payments Association
What's New at SFEACH Industry EventsACH Payments EducationACH Payments ResourcesACH Payments ProductsACH ServicesSFE Annual ConferenceSFE Members

Breaking News

OCC Issues Risk Management Guidance on Payment Processors

The Office of the Comptroller of the Currency (OCC) issued guidance to national banks specifically directed at performing due diligence, underwriting and monitoring of payment processors that handle payments for telemarketers and other high risk merchants. This guidance supplements existing guidance related to ACH risk management, merchant processing and remotely created checks.

When financial institutions have relationships with payment processors that are originating ACH debit transactions or generating remotely created checks on behalf of their merchant clients, the OCC says that the bank is exposed to additional risks that may not be present in other commercial relationships. There is additional exposure when neither the bank nor the payments processor performs adequate due diligence on the underlying merchant.

The OCC's guidance sets out two distinct areas of responsibility to control the risks associated with these relationships: 1) initial due diligence and appropriate underwriting; and 2) ongoing monitoring for high levels of unauthorized returns or other unusual activity. A bank's focus on the risks of these relationships are critical to bank safety and soundness and consumer protection, and the OCC goes so far as to state: "[b]anks that do not have the appropriate controls to address the risks in these relationships may be viewed as facilitating a processor's or its merchant client's fraud or other unlawful activity." The OCC also alerts banks that if payment processors are using more than one bank to handle their payment transactions it may indicate that the processor recognizes the risk of the relationship being terminated by the bank because of suspicious, fraudulent or other unlawful conduct.

According to the guidance, due diligence and underwriting should include a background check of the processor and the merchants on whose behalf it processes. These reviews should include the bank gathering specific information on both the processor and its underlying merchants business practices, creditworthiness, levels of chargebacks and unauthorized activity, and the verification of that information through a public database, trusted third party (e.g., a credit report) or checking references from other DFIs. In addition, when the bank is monitoring account returns, it should not accept high levels of unauthorized or other returns because the processor has provided collateral or security to the bank.

If a bank identifies fraudulent or other improper activity by a payment processor or the merchants it originates on behalf of, the guidance instructs the bank to take immediate steps to address the problem, including filing a Suspicious Activity Report when appropriate, terminating the bank's relationship with the processor or requiring the processor to cease processing for the merchant at issue.

The OCC's guidance can be found at: http://www.occ.treas.gov/ftp/bulletin/2008-12.html
Copyright © 2010, Southern Financial Exchange. All Rights Reserved.

What's New at SFE ~ Payments Industry Events ~ ACH Payments Education - Payments Resource Center
ACH Payments Products ~ SFE Services ~ SFE Annual Conference ~ SFE Members
Home ~ About SFE ~ SFE Benefits ~ Join SFE ~ Contact SFE

Website Design & Internet Marketing by NetCentric Technologies, LLC. "We Know What Makes People Click!"(sm)