Each depositor insured to at least $250,000 per insured bank



Home > News & Events > Financial Institution Letters




Financial Institution Letters

Guidance on Payment Processor Relationships FIL-127-2008
November 7, 2008


Summary: The FDIC is issuing the attached guidance that describes potential risks associated with relationships with entities that process payments for telemarketers and other merchant clients. These types of relationships pose a higher risk and require additional due diligence and close monitoring. This guidance outlines risk management principles for this type of higher-risk activity.

Highlights:
  • Account relationships with entities that process payments for telemarketers and other merchant clients could expose financial institutions to increased strategic, credit, compliance, transaction, and reputation risks.
  • Account relationships with these higher-risk entities require careful due diligence and monitoring as well as prudent and effective underwriting.
  • Payment processors pose greater money laundering and fraud risk if they do not have an effective means of verifying their merchant clients' identities and business practices.
  • A financial institution should assess its risk tolerance for this type of activity as part of its risk management program and develop policies and procedures that address due diligence, underwriting, and ongoing monitoring of high-risk payment processor relationships for suspicious activity.
  • Financial institutions should be alert to consumer complaints that suggest a payment processor's merchant clients are inappropriately obtaining personal account information.
  • Financial institutions should act promptly when they believe fraudulent or improper activities have occurred related to a payment processor.

Distribution:
FDIC-supervised Institutions

Suggested Routing:
Chief Executive Officer
Executive Officers
BSA Compliance Officer

Related Topics:
Risk Management
FDIC Guidance for Managing Third-Party Risk (FIL 44-2008, June 2008)
FFIEC Handbook on Retail Payment Systems (March 2004)
FFIEC Handbook on Outsourcing Technology Services (June 2004)
FFIEC Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual

Attachment:
Guidance on Payment Processor Relationships
Guidance on Payment Processor Relationships - PDF (PDF Help)

Contact:
Michael Benardo, Chief, Cyber Fraud and Financial Crimes Section, at mbenardo@fdic.gov or (202) 898-7319

Printable Format:
FIL-127-2008 - PDF (PDF Help)

Note:
FDIC financial institution letters (FILs) may be accessed from the FDIC's Web site at www.fdic.gov/news/news/financial/2008/index.html.

To receive FILs electronically, please visit http://www.fdic.gov/about/subscriptions/fil.html.

Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).


Last Updated 11/10/2008 communications@fdic.gov