Know the Risks of Working With Third-Party Payment Processors

What Are Payment Gateways and How Do They Work

As a business owner you’re responsible for a number of tasks and must be prepared for any potential hurdles — especially when it comes to payment processing.

It’s expected for your business to securely accept a variety of payments ranging from checks, credit cards, and even cryptocurrency like bitcoin if you want to be competitive.

However, setting-up your own dedicated merchant account can be complex and pricey. That’s why many new business owners turn to the third-party payment processors.

Overview of Third-Party Payment Processors

Before discussing the risks of working with third-party payment processors, let’s quickly explain what a third-party processor is and if they’re a good fit for your business.

In it’s simplest terms, a third-party processor is nonbank processor that has a relationship with a merchant services provider, such as Square.

It’s a fast and economical way to start accepting payments instead of having to create your own merchant account. Just sign up with a third-party payment processor and you can start processing payments that day.

Since the third-party processes all of your payments, they review all transactions and typically run anti-fraud measures for your business.

For entrepreneurs or businesses just starting, and don’t have a lot of transactions yet, out a third-party payment processor is appealing because you don’t have to pay for any startup or monthly fees.

However, you will be responsible for the per-transaction-percentage-fee, which is usually higher than a dedicated merchant account.

Advantages and Disadvantage of Third-Party Payment Processors

As mentioned above, the biggest advantage regarding third-party payment processors is they aren’t as expensive and time-consuming to set up as dedicated merchant accounts are.

Again, since you’re only charged for the transactions that your business makes, you don’t have to worry about putting down a deposit or paying for monthly, annual, minimum, termination, customer service, contracts, batch, PCI compliance, or IRS fees.

The biggest drawback with third-party payment processors is lack of security.

This is because when you have your own dedicated merchant account, your business has gone through the underwriting process.

This means that you’re protected against any fraudulent transactions and you know when funds are expected to be available in your account.

When processing with a third-party payment processor, however, this security isn’t available. Transactions could be held any time the processor believes that the payments might be fraudulent, which in turn, decreases your cash flow.

Other disadvantages of third-party payment processors is that transaction fees are high, sometimes as much as 3 percent, a lack of customer service, and they may make your business appear less professional.

Third Party Risks

Fraud, misuse, and lack of security are the most common risks associated with third-party payment processors.

As the Federal Deposit Insurance Corporation (FDIC) states, “Deposit relationships with payment processors can expose financial institutions to risks not present in typical commercial customer relationships, including greater strategic, credit, compliance, transaction, legal, and reputation risk.”

For example, if you accepted a payment via the Automated Clearing House, the “risk of fraud arises when an illicit telemarketer or online merchant obtains the consumer’s account information through coercion or deception and initiates an ACH debit transfer that may not be fully understood or authorized by the consumer.”

Furthermore, as with working with any third-party, here are the potential risks to be aware of:

  • Compliance risk is when the product and services offered do not follow governing laws, rules, regulations, policies, or ethical standards.
  • Reputation risk arises from negative public perception, such as negative reviews from dissatisfied customers.
  • Strategic risk occurs “when business decisions, or the failure to implement appropriate business decisions in a manner that is consistent with the institution’s strategic goals.
  • Operational risk are any losses from inadequate or failed internal processes, people, systems, or external events.
  • Transaction risk are simply any problems with service or product delivery.
  • Credit risk occur when the third-party is “unable to meet the terms of the contractual arrangements with the institution or to otherwise financially perform as agreed.”
  • Country risks is the exposure “to the economic, social and political conditions and events in a foreign country that may adversely affect the ability of the foreign-based third party service provider (FBTSP) to meet the level of service required by the arrangement, resulting in harm to the institution.”

Reducing Risks in Third-Party Payment Processing

If you do use an external payment management for your business, here are the best ways to reduce any potential risks:

Always keep networks separate, review how they’ve handled and talked about security breaches, read online reviews, and make sure that they do not use an automated vulnerability management system to protect data.

However, the most effective way to prevent any risks is to partner only with a trustworthy and reputable payments processor that is PCI compliant and take extra measures to prevent any instances of fraud, like verifying each and every transaction.