The Federal Trade Commission has started going after credit card payment processors, arguing they should bear financial responsibility for the unlawful acts of dishonest merchants, merely because the processors provide the ability to accept credit card payments through Visa, MasterCard and other card networks.
While no one would argue in defense of bad merchants, legitimate credit card processors are rightfully concerned about what this FTC crackdown could do to an industry that has operated under well-established principles of risk management for the past 40 years.
The cause for concern is that the FTC has been seeking to hold payment processors financially responsible for the full amount of harm suffered by consumers at the hands of unscrupulous merchants. A processor handling $100 million in transactions for a merchant later proven by the FTC to be a bad actor could be forced to pay all that money back to consumers, even if consumers never sought refunds from the merchant or asked their credit card issuers to "chargeback" the charges.
This enforcement overreach poses real risks to the ability of processors to serve small merchants. Imagine if the FTC held a phone company financially liable for a fraudulent telemarketer merely because the telemarketer used a phone to reach its customers. Might phone companies be forced to mitigate risk by filtering which businesses can get phone service? Similarly, no model used by the credit card payments industry today contemplates bearing that level of risk.
Payment processors operate in a complex and highly regulated environment, and today's risk models are based on covering the merchant's chargebacks if it goes out of business or otherwise does not generate enough sales to cover the chargebacks.
With roughly 610 million held by U.S. consumers, credit cards are an invaluable artery for our economy. For most small businesses, card acceptance is a lifeline for accessing customers. So the FTC should tread carefully against processors and pursue only those that clearly know the merchant's conduct violates the law or deliberately turn a blind eye to unlawful conduct.
Under the FTC's emerging enforcement model, the potential to ensnare a legitimate payment processor is real. Perhaps the processor finds itself stuck with one bad merchant out of thousands or made a conscientious business decision about a merchant that turned out later to be wrong.
If processors providing no more than an arm's-length service to merchants were suddenly to become insurers for all of their merchants' sales transactions, the resulting impact could be damaging to the payments industry, the American economy and consumers.
The increased risk faced by processors could result in higher prices or diminished choices for small businesses and consumers. Processors might stop serving certain small businesses that operate in e-commerce and other card-not-present environments or charge substantially higher fees to certain merchants to cover their now dramatically increased risk exposure. This could have lasting negative consequences for merchants, along with their customers.
The effects will be most heavily borne by small and emerging businesses seeking to gain footholds in markets but unable to absorb the price increases of obtaining a credit card processing account. Some small businesses may even seek processing services from companies offshore, undermining the FTC's ability to mitigate the very concerns it purports to address with this new enforcement regime.
Given the unintended consequences of the FTC's efforts to regulate the conduct of payment processors through litigation, a better alternative would be industry self-regulation with an opportunity for input from all stakeholders. As the trade association for the payments industry, the Electronic Transactions Association is undertaking such an initiative, and FTC support for this industry self-regulatory effort would have more positive impact than piecemeal enforcement actions.
So while I applaud the FTC for policing consumer fraud, enforcement actions must target actual unlawful actors without entangling legitimate service providers in the net. I hope the agency understands that it must proceed with caution in this area so that it does not do more harm than good in seeking to turn payment processors into guarantors for their merchants.
Jason Oxman is CEO of the Electronic Transactions Association, a global trade association representing more than 500 financial and technology companies in the electronic payments industry.