Recently, a few merchants approached me after receiving compliance notifications from their acquirer about transaction laundering. They were unsure what it meant, and unsure how to identify and fix the problem.
You’ve most likely heard of money laundering, which means hiding the source of funds. Transaction laundering means hiding the source of a payment transaction, usually by processing illegal transactions through a legitimate merchant account.
Being considered a high-risk industry places us under intense scrutiny, so it is especially important to stay on top of fraud and clean out any transaction laundering schemes.
This month, we put the issue in the spotlight and share how not to get caught in this dirty money cycle.
Behind the Label
Visa uses the term “factoring” to describe transaction laundering, but it is also sometimes called “unauthorized aggregation.” It occurs when an illegal business uses payment services through either a fake front-end website or through a legitimate merchant who is unaware that their website is being used to launder or “wash” illegal content or goods.
Other methods include using someone else’s card credentials to conduct illegal activity, creating a fake website to harvest credit card information or paying an illegal merchant a fee to use their website to conduct illegal activity.
No matter what name it goes by, however, transaction laundering is a serious violation of merchant agreements. Exacerbated by the growth of internet commerce, especially during COVID-19, it is viewed by the card brands as a growing threat.
The card brands have therefore developed tools to detect this type of illegal activity. Additionally, they are holding acquirers, payment facilitators and merchants accountable for what others do, levying hefty fines on anyone found to be processing payments for illegal content, products or services.
Agitating the System
Some years back, many acquirers, payment facilitators and merchants got hit by hefty fines because a site called Pay2Us was laundering payments for illegal content through affiliate revenue-sharing commissions on numerous legitimate websites across the world. Customers of websites hosting illegal material would enter their card information to access it, and Pay2Us would then enter those payment details into a compliant — and unaware — website in order to be paid out as an affiliate.
Another example involved a marijuana delivery scheme in California, which used a vast network of compliant websites, approved by acquirers, to unknowingly facilitate payment processing for the service. Ultimately, those involved were prosecuted by the Department of Justice and were given jail time.
Today, we still see bad affiliates attempting to link to good merchants in order to facilitate payments for noncompliant content or illegal activities. We also see transaction laundering from unregulated gambling, counterfeit goods, illegal substances and unregulated pharmaceuticals.
Get Help Uncovering Issues
What can you do to protect yourself from this type of behavior? It all starts by understanding whom you’re working with. As a merchant, you need to have a robust Know Your Customer (KYC) process in place when you set up your affiliates. Make sure you gather government-issued identification documents and confirm their address and banking information. Also, pay attention to the affiliate’s name or registered company to ensure it is legit. Watch out for discrepancies in the data they provide.
Tools from third-party providers can also be helpful. Merchant-monitoring service providers (MMSPs) use algorithms and machine-learning technology to detect shady merchants and activity. G2 and Webshield are two MMSPs used by our industry to guard against transaction laundering.
Data analytics can also help identify transaction laundering behavior, by tracking unique price points, surges in traffic during an unusual time of day, uncommon email addresses or email addresses created with random letters or numbers. Watch out for large quantities of orders from the same IP or VPN provider, as this may indicate an affiliate network entering payment data themselves. Capturing referring URLs to your join or payment pages might also help you spot possible transaction laundering; if a referring URL is not associated with one of your registered affiliates, it could be worth checking it out.
Register all of your processing websites with your acquirers. This is a requirement of the card brands and failure to do so can result in noncompliance assessments even if the unregistered URLs are not being used to launder illegal activity or content.
Lastly, it is a great idea to set up a script to make sure paying consumers are logging into your website. A purchase without an actual customer login could be a sign of someone filtering transactions through your website.
Being considered a high-risk industry places us under intense scrutiny, so it is especially important to stay on top of fraud and block any transaction laundering schemes. Following the tips above will help protect you, as well as your relationships with your acquirers and payment facilitators.
Cathy Beardsley is president and CEO of Segpay, a merchant services provider offering a wide range of custom financial solutions including payment facilitator, direct merchant accounts and secure gateway services. Under her direction, Segpay has become one of four companies approved by Visa to operate as a high-risk internet payment services provider. Segpay offers secure turnkey solutions to accept online payments, with a guarantee that funds are kept safe and protected with its proprietary Fraud Mitigation System and customer service and support. For any questions or help, contact sales@segpay.com or compliance@segpay.com.