FDIC Warns Banks to Tighten Monitoring of Payment Processing Clients

Feb. 6, 2012

Last week, the FDIC released revised guidance for their member financial institutions advising heightened monitoring and due diligence when dealing with payment processor clients, especially those that process transactions for merchants in the CNP space. The agency said it has seen an increase in the number of relationships between financial institutions and payment processors in which the payment processor, who is a deposit customer of the financial institution, uses its relationship to process payments for third-party merchant clients. According to the FDIC, most such relationships result in transaction that are legitimate, but “payment processors that deal with telemarketing and online merchants may have a higher risk profile because such entities have tended to display a higher incidence of consumer fraud or potentially illegal activities than some other businesses.” In other words, processors that do business with e-commerce or telephone merchants are going to face an increased level of scrutiny from their banks. “Financial institutions that fail to adequately manage these relationships may be viewed as facilitating a payment processor’s or merchant client’s fraudulent or unlawful activity and, thus, may be liable for such acts or practices,” the agency said in its Financial Institution Letter. To limit potential risks, the letter continued, financial institutions should implement risk mitigation policies and procedures that include oversight and controls appropriate for the risk and transaction types of the payment processing activities.