Payment Facilitator Compliance
What Is Payment Facilitator Compliance? Definition and How It Works
Definition
Payment facilitator (PayFac) compliance refers to the regulatory, scheme, and operational obligations that a payment facilitator must meet in order to onboard and process payments for sub-merchants under its master merchant account, including KYC, AML, scheme registration, and ongoing monitoring requirements.
How it works
A payment facilitator is an entity that has registered with Visa and Mastercard (and other card schemes as applicable) as a payment facilitator, enabling it to onboard sub-merchants under its own master merchant ID (MID) without requiring each sub-merchant to establish a direct acquiring relationship. In exchange for this onboarding flexibility, the PayFac assumes direct compliance obligations.
Scheme registration is the starting point: Visa and Mastercard require PayFacs to register before they can begin onboarding sub-merchants. Registration requirements include a sponsoring acquirer relationship, minimum net worth requirements, and agreement to comply with PayFac program rules. Registration thresholds and requirements vary by scheme and market.
Sub-merchant KYC/AML obligations are central to PayFac compliance: the PayFac must conduct identity verification and due diligence on each sub-merchant before onboarding. Minimum requirements include verifying business identity, collecting beneficial ownership information, screening against sanctions lists, and assessing the sub-merchant's business model for compliance risks. Enhanced due diligence applies to sub-merchants in higher-risk categories.
Ongoing monitoring obligations require the PayFac to continuously monitor sub-merchant transaction activity for AML indicators, unusual patterns, and chargeback ratio breaches. Sub-merchants who breach chargeback thresholds must be managed by the PayFac; this may mean imposing transaction limits, requiring additional verification, or offboarding the sub-merchant entirely.
Why it matters
Scheme registration thresholds determine when registration is mandatory: Mastercard requires PayFac registration when a single sub-merchant processes more than $100,000 annually. Visa has its own registration thresholds and requirements. Operating an aggregation model above these thresholds without registration is a scheme rule violation.
PayFac compliance is materially more complex than standard merchant compliance: the PayFac is responsible not just for its own compliance but for the compliance of every sub-merchant it onboards. The failure of a single sub-merchant can create scheme consequences for the PayFac's entire portfolio.
Acquirer sponsorship is required: PayFacs do not hold acquiring licences themselves, they operate under the sponsorship of a licenced acquirer who takes on ultimate responsibility for the PayFac's scheme compliance. Choosing the right sponsoring acquirer and negotiating appropriate program terms is a foundational PayFac decision.
Sub-merchant chargeback liability is borne by the PayFac: chargebacks filed against sub-merchants flow back through the PayFac to the acquirer. If a sub-merchant cannot cover a chargeback, the PayFac absorbs the loss. Reserve requirements for PayFac programs reflect this aggregate liability.
With PXP
PXP provides acquiring sponsorship and compliance infrastructure for merchants operating as payment facilitators. PXP's PayFac program covers scheme registration, sub-merchant KYC/AML tooling, transaction monitoring, and chargeback management. PayFac merchants access PXP's compliance framework rather than building it from scratch.
Frequently asked questions
What is the difference between a PayFac and a standard aggregator?
A payment facilitator (PayFac) is formally registered with card schemes and operates under a defined scheme program with specific compliance obligations. An aggregator operates similarly, pooling sub-merchants under a master MID, but may be operating below scheme registration thresholds or outside formal program registration. Both models have the same underlying compliance obligations; PayFac registration is triggered when volume or scheme thresholds are reached.
What are the minimum KYC requirements for PayFac sub-merchant onboarding?
At minimum: verify the business is legitimately registered; collect and verify beneficial ownership information (identifying natural persons with significant control); screen the business and its owners against sanctions lists (OFAC, EU, UN); assess the business model for AML and scheme compliance risks; and document the onboarding decision. Enhanced due diligence applies for sub-merchants in higher-risk MCCs, higher-volume businesses, or those with complex ownership structures.
How do PayFacs manage sub-merchants with elevated chargeback rates?
When a sub-merchant's chargeback ratio approaches scheme thresholds, the PayFac must take action: implementing transaction limits, requiring the sub-merchant to improve their fraud controls, placing a rolling reserve, or offboarding the sub-merchant if the issue is not resolved. PayFacs should monitor sub-merchant chargeback ratios at least monthly and have defined escalation procedures for sub-merchants entering elevated territory.
What net worth requirements apply to PayFac registration?
Net worth requirements vary by scheme and market. Mastercard requires a minimum net worth (or a letter of credit or performance bond) as part of PayFac registration. Visa has its own financial requirements. Specific current thresholds should be confirmed directly with the sponsoring acquirer and from the card schemes' current program documentation, as these requirements are updated periodically.
Revolutionize your business with PXP
Take complete control of your commerce and payments with one platform.
Get Started