Finix Homepage

Your Guide to Payments Compliance

Payments compliance is an area filled with organizations and acronyms. Let’s break down what these acronyms stand for and what they actually do to reduce risk for platforms and merchants.

Breaking Down Payments Compliance Lingo

You’ll hear a lot of terms thrown around when it comes to payments compliance, but it might take a while to keep them all straight. Here are some common security standards and organizations you should know about if you’re processing payments:

  • PCI-DSS (Payment Card Industry Data Security Standard)

  • KYC (Know Your Customer)

  • 3D Secure authentication

  • GDPR (General Data Protection Regulation)

  • CCPA (California Consumer Privacy Act)

  • SOC

All of these standards are necessary for any business that wants to process payments, which is why it can feel like an intimidating business move. Often, compliance is managed by the ISO or PayFac that a company is working with, so that these can be met without all the heavy lifting.

Learn More About PCI Compliance

Merchant Compliance Made Easy

When merchants are onboarded they need to go through a battery of compliance checks in order to reduce the risk of fraud.

The Payment Facilitator model offers additional control over both merchants and settlement, since the Payment Facilitator, as opposed to the acquiring bank, contracts directly with the sub-merchant. However, since the Payment Facilitator has a direct relationship with the sub-merchant, the Payment Facilitator takes on all risks (on behalf of the acquiring bank) and is liable for merchant chargebacks, data breaches, fraud, misappropriated funds distribution, etc.

Learn More About Merchant Compliance

PCI Compliance with a Payments Partner

If you’re not ready to become a payment facilitator, but want more control over the payments experience than you have with an ISO, you can take advantage of a payment facilitation partner that manages all the compliance requirements for you.

When you use a payment facilitation partner, your platform becomes the merchant, and your merchants are referred to as sub-merchants. Those sub-merchants still need to go through compliance checks, but the work on their end is simplified, along with what you, as the platform, are required to do.

Learn More About Managed Compliance

The Compliance Impact of Chargebacks

Merchants with excessive chargeback rates are considered high risk for both acquirers and their processors. From a compliance standpoint, high chargeback rates are a clear indicator that the merchant may not be aligned with PCI-DSS standards or worse yet, may be engaged in some form of insider fraudulent activity.

Learn More About Chargebacks

Read More

More Resources

There’s a lot to learn about payment processing. Get all the information you need to make thoughtful decisions about your payments strategy.