Merchants in the payment industry try to avoid labels that include “high risk.” The markers they try to avoid include high-risk merchant and high risk Merchant Category Code (MCC).

The rap on merchants labeled high risk is that they tend to create vulnerabilities for themselves and the banks. We talked recently about the difficulties faced by high-risk merchants.

But what about the low risk merchants? Do they also face or potentially create damaging situations that produce issues for banks, and perhaps unwittingly for themselves?

The sad reality is Yes. All merchants can be negatively impacted by the latest generation of online fraudsters who specifically target low risk businesses as modern-day fronts for crime.

In today’s technology-driven take on the gangster-era crime of money laundering, fraudsters hide behind (or mask) the payment platforms of lawful websites to sell illegal goods.

They use the legitimate website so charges for their own illegitimate sales will appear as innocent transactions in the bank’s records.

These devious financial experts are known as transaction launderers.

When Making the News Isn’t a Good Thing

Instances of transaction laundering are peppering the financial news. And research indicates that many low-risk merchants are the ones hiding illegal or unreported activity. Examples abound:

  • A legitimate business with a merchant processing account agrees to accept credit card charges for a company that doesn’t have those privileges. Thus illegitimate transactions enter the payment system via what’s known as a funnel account.
  • For example, a legitimate online shoe store sells shoes and also accepts payments for sales of illegal drugs. The shoe merchant either cooperates with the drug seller, or actually sells both products. Payments are routed through the shoe merchant’s payment processor via its online payment gateway.
  • Payment facilitators are especially vulnerable to transaction laundering because of the large number of merchants they sponsor. Registered by an acquirer to handle CNP transactions on behalf of those merchants, they own the aggregate risk of their entire transaction portfolio. It takes only one TL crook among sponsored merchants to bring the facilitator down.
  • One notorious TL scandal hit the U.S. national news in 2015. Former NBA All-Star Chris Gatling was indicted for alleged credit card fraud, aggravated identity theft, and forgery. He allegedly  “persuaded” a fitness studio owner to use her merchant account to charge a list of credit card numbers provided by him. In return, she received a 10% share of the transaction amounts. The fitness studio owner was saddled with $90,000 in chargeback debt, and lost her business. Gatling awaits trial.

Transaction launderers tend to target certain merchant codes to funnel their transactions through legitimate online shopping sites and stay below the radar: online convenience stores, bookstores, cosmetics, household appliances, souvenirs; and hobby, toy, and game shops.

Why Is Transaction Laundering (TL) Hard to Detect?

Once a merchant earns a positive, low-risk rating and appropriate MCC from their acquiring bank, scrutiny of ongoing operations lessens. Not that scrutiny stops completely; it’s simply lower than that focused on higher risk merchants using most banks’ risk management processes.

Banks tend to focus on monitoring chargeback levels, especially for merchants scored up-front as high-risk. But TL merchants go to great lengths to avoid raising red flags. Merchants initially considered low risk may in reality be anything but.

For transactions launderers, chargebacks will be non-existent or minimal. They want the transactions being laundered to appear inconspicuous. Initially scored as low-risk merchants, some take advantage of that and knowingly engage in transaction laundering.

The Future of Risk Monitoring

Ignorance of TL occurring within a merchant portfolio doesn’t protect an acquiring bank or an unsuspecting merchant. They’re still held responsible by credit card brands, which may levy sanctions or fines.

They are facilitating the sale of illegal goods, and may also be breaching KYC rules, AML requirements, and other laws.

Going forward, banks will need to develop new risk management processes to specifically address transaction laundering, separate from front-end risk scoring and back-end chargeback monitoring.

A cyber-intelligence based solution to monitor an entire transaction portfolio on the back end — both low- and high-risk merchants — is a likely component needed for future of risk management.


The advent of new payment systems combined with the evolution of e-commerce technologies pushes fraudsters to become more and more sophisticated. Increased capabilities led them to migrate money laundering to the online space.

“Low-risk” doesn’t always mean low risk. With TL in full swing and not likely to end anytime soon, even the good guys —scammed low risk merchants and their acquiring banks — pay a hefty price.

One way to protect your business from the issues related to risk and fraud is to work with one of the good guys… a global payments processing partner.

MerchACT helps merchants avoid any and all issues related to risk and fraud, including transaction laundering (whether direct or peripheral). For us, clients are more than a means to an end.

They’re our partners and are treated as such. We’ll work with you and our banks to tailor solutions to suit your business model to make sure that the payment side of your business operates seamlessly.