Between regulatory and competitive pressures, ISOs have a lot on their plate for 2016, particularly for the most growth-hungry companies. Here is some food for thought for ISOs as they plan their strategies for the year ahead:
Stay abreast of regulation
ISOs need to pay close attention to ongoing attempts by regulators to enforce “Operation Choke Point.” The initiative announced in 2013 by the U.S. Department of Justice aims to prevent fraudsters from accessing consumer bank accounts, but it has trickled down, holding payment processors and ISOs accountable for sins committed by legal merchants.
Of particular note is the lawsuit by the Consumer Financial Protection Bureau against the processor Global Payments and two ISOs, claiming they should have known that a group of debt collectors were committing fraud. “The outcome of this case will determine how ISOs and payment processors operate and underwrite going forward,” said Scott Talbott, senior vice president of government affairs at the Electronic Transactions Association, a payments industry trade group.
The ETA published guidelines to help ISOs detect and eliminate fraud by merchants in March 2014. The trade group expects to publish an updated set of guidelines in January.
Proposed rules from The Financial Crimes Enforcement Network relating to customer identification could also be finalized in 2016. These rules are notable because they would expand the number of people from whom banks have to collect personal information. The onus of collecting this information will trickle down to processors and ISOs, potentially creating a compliance headache for them, Talbott said.
Plan for EMV migration issues
ISOs need a plan for handling merchants who continue to delay EMV implementation—or risk getting stuck holding the liability bag if fraud occurs. Merchant adoption rates are low as is, and it’s an even harder sell for merchants that rely on quick checkout times, said Mary Winingham, founder of Mirror Consulting in Delavan, Wisconsin.
To mitigate liability, some ISOs may decide to charge fees for merchants that don’t adopt EMV. Already some processers are starting to tack on such a fee, which ISOs are passing on to merchants.
Re-evaluate the long-term strategy
For many ISOs, 2016 could be the year of hard decisions. Stand-alone payment offerings are becoming a harder sell, meaning ISOs that stick with their old model will see market share shrink even further.
“You either need to be an integrated payments company or you need to become a software provider,” said Rick Oglesby, senior analyst and consultant with Double Diamond Group in Centennial, Colorado. “Most ISOs can only be one or the other.”
Pay close attention to risk management
Regulators are paying more attention to consumer protection, meaning ISOs have to focus even more on anti-money laundering and know-your-customer requirements.
For 2016, ISOs should strongly consider hiring compliance professionals to help them charter the right course and stay abreast of regulatory actions in the broader payments space, a new undertaking for most.