An acquiring bank (also known simply as an acquirer) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant. [1] The acquirer allows merchants to accept credit card payments from the card-issuing banks within a card association, such as Visa, MasterCard, Discover, China UnionPay, American Express.
The acquiring bank enters into a contract with a merchant and offers it a merchant account. This arrangement provides the merchant with a line of credit. Under the agreement, the acquiring bank exchanges funds with issuing banks on behalf of the merchant and pays the merchant for its daily payment-card activity's net balance — that is, gross sales minus reversals, interchange fees, and acquirer fees. Acquirer fees are an additional markup added to association interchange fees by the acquiring bank, and those fees vary at the acquirer's discretion.[2]
The acquiring bank accepts the risk that the merchant will remain solvent. The main source of risk to the acquiring bank is fund reversals. Consumers can trigger the reversal of funds in three ways:
Card associations consider a participating merchant to be a risk if more than 1% of payments received result in a chargeback.[3] Visa and Mastercard levy fines against acquiring banks that retain merchants with a high chargeback frequency. To defray the cost of any fines received, the acquiring banks are inclined (but not required) to pass such fines on to the merchant. These fees are generally charged to the merchant.
New merchants pose risk to acquiring banks as well, beyond solvency concerns. A fraudulent new merchant could take a large number of orders, and after receiving payment, disappear without delivering the promised goods or services. As such, identifying legitimate vs. fraudulent new businesses is critical for acquiring banks.[4]
Due to the high amount of risk that acquiring banks are anticipated to face, as well as their key position in the payment chain, the security of electronic payments is a great concern for these institutions. For this reason, they have been involved in the development of electronic point-of-sale security standards such as PCI DSS. Many acquiring banks insist on their merchants being PCI DSS compliant. If merchants are not PCI DSS compliant, the merchants themselves may be responsible for losses due to fraud, which may result in fines from the card schemes.[5]