When it comes to facilitating payments, integrating the right payment API or onboarding new payment solutions, you might think as a business owner that the only thing you need to worry about is new technology.
Unfortunately, that’s just the first step. You also need to be thinking about how to protect your business and what steps you’re taking to ensure your systems are keeping your business updated and compliant.
Because your business is so focused on accepting payments (rather, your profits) in whatever form your customer wants to pay (typically credit cards), it’s easy to skip a step or two when ensuring you are actually properly facilitating those payments. What’s the problem if you miss an important step? Or don’t have the right systems in place to process those payments? Or are vulnerable to outsiders breaching your systems?
You could be facilitating payments illegally — without even realizing what you were doing. That could leave you in hot water with the Financial Crimes Enforcement Network (FinCEN), without knowing what problem actually exists, or how to fix the problem.
Like most scenarios in life when you’re in the wrong, playing the, “I didn’t know I was doing anything illegal” card won’t get you too far — especially as you’re trying to grow your business and customer base. Intentionally or unintentionally, not following regulations in the financial services space can cost your business big.
The last thing your company needs is to discover that it’s been fostering illegal activity across its payments systems, or through the right payment API and software platforms. Particularly because newly onboarded technology is supposed to make running your business smoother, more efficient and more secure.
Looking Out For Illegal Payment Scheme Red Flags
With the hustle and bustle of running your day-to-day business operations, it’s easy to see how warning signs may fall off your radar. But you should be aware of the potential issues that can arise when facilitating payments so you can avoid pitfalls that could cut deep into your profits and revenues.
As explained by the PCI Compliance Guide: “Money laundering by another name, it is the dark side of payment facilitation, an established, legitimate aggregation model that provides smaller merchants, ones usually not qualified because of their size, a way to take credit and debit cards for payment.”
What this means is a business may be violating its merchant agreement with its acquiring bank without even realizing its wrongdoing. This could also put a company in violation with state and federal laws as laid out by anti-money-laundering regulations, which implies you could easily drive yourself out of business.
For instance, let’s give the example of what’s called a funnel account. Even if your business is properly handling its payments, but you accept a credit card charge from a company that doesn’t follow protocol (i.e. doesn’t have a merchant processing account), then you could be aiding an illegal payment without even being aware. If your business was to run that transaction as normal, you may find yourself a victim (and culprit) of transaction laundering.
Even legitimate companies can get caught up in payments schemes they never intended to be part of. Let’s say you have a payment link associated with another business that isn’t actually legitimate or is operating illegally — you could be at fault, too, for facilitating payments illegally. Or, let’s say you don’t know a company is operating illegally and you process payments for a sale into your system; this could also leave you at fault since you were involved in the transaction.
As a business, you must also ensure you are choosing the right payment processing solutions, and the right developers to integrate the right payment API. Having lax security measures that let the wrong party into your system could also leave you liable for facilitating illegal payments.
“Failure to prevent uninvited (or unknown) guests from gaining access to the payment system will subject financial industry participants to substantial fines and penalties, including restrictions on participating in the payments industry, individual fines, and bans from the business for a period of time (from months to a lifetime),” the PCI Compliance Guide warns.
Of course, there are plenty of illegal transaction schemes that occur on a regular basis, and illegitimate businesses trying to front their business as something else in order to process transactions. Those types of schemes are easier to spot from an outsider’s perspective, but can be difficult to separate yourself from if you’re already doing business with them. Even when unaware of the illegal activity, having the payment pass through your system, or through the right payment API and software platform, can be enough to get you linked to a sticky situation your business doesn’t want to be involved in.
How Business Can Help Avoid This Pitfall — And Focus On Boosting Revenue
While you would expect your payment processor to be up-to-speed with keeping your business protected from these types of schemes, you can’t always be sure about the same practices with the companies you conduct business with. Or, the customers you accept payments from.
That’s why working with a company who enables the right payments products can help you identify how to properly manage your merchant processing accounts, payment processing and the right payment API tools to keep your business safe and compliant. This means your company can focus its efforts on growing its revenue stream — instead of worrying about if you’re facilitating payments illegally, and the repercussion that you may face as a result.
By now, you’re probably already starting to think twice about the systems and protocols you have in place, or are considering what type of payment API you are using to facilitate payments on your own platforms, and between your customers. Taking a second chance to review your software platforms and systems in place is always a good measure to ensure you are staying up-to-date and protecting your business.
Your business shouldn’t be scared into worrying about if they are conducting unlawful payments processing. But you should be educated and provided with the right tools, products and processes to know you’re keeping your business fully protected, while still being able to evolve and grow your customer base. Businesses can’t tackle payments processing and payments facilitating alone, nor should they have to since there are a plethora of options for businesses to lean on.
Becoming a payment facilitator doesn’t have to come with unnecessary risk — unless you’re ignoring obvious red flags that come from businesses you may be processing transactions with (like the examples mentioned above). In fact, there are many businesses that could benefit from facilitating payments, managing their own payment API and taking control over their payments experience.
Having power over your own products provides flexibility in how you manage payments facilitation, which means you’re more likely handle payments without putting your business at risk. In turn, your company can increase its revenue stream, better retain its customer base and focus on business development.
There are many companies that are ideal customers for being a payment facilitator, and perhaps that applies to your business. But all business owners must ensure they are relying on the right partners, the right tools, the right payment API and the right security protocols that flag suspicious or unwanted activity interfering with your legitimate payments activity. Otherwise, you risk being part of a growing illegal payments scheme, without even realizing you’re doing anything wrong.
Anna Lothson is a content contributor for Payline Data. She previously wrote for PYMNTS.com, as a Sr. Content Producer, where she focused on financial services and payments innovation, fraud and security, emerging payments, and FinTech news, research and thought-leadership content across the payments industry.