What are two of the control requirements under AACQ

All Acquirers must satisfy the control requirements under AACQ, irrespective of any additional archetype(s). This fundamental principle ensures that, no matter what the operating model, every Acquirer consistently adheres to the baseline standards needed to safeguard the payments ecosystem. Moreover, Acquirers must also meet the additional control requirements specific to their respective archetypes, reflecting the nuanced risks and obligations each model entails.

What are some of these control requirements? We will address many of them in future postings, but two areas warrant attention right now. First, Acquirers must establish contractual binding agreements with Merchants and Third-Party Agents that explicitly assure compliance with the acquiring strategy. Such agreements are pivotal for delineating the roles and responsibilities of each party, ensuring alignment with defined policies on risk management, transaction monitoring, and overall operational processes. By embedding clear expectations, Acquirers protect the integrity of their networks and cultivate a culture of accountability.

Second, there must be a clause in these binding agreements that enables exposure mitigation coverage. This clause is essential for protecting Acquirers from unforeseen financial, regulatory, or reputational issues that might emerge from Merchant or Third-Party Agent activities. Whether it’s a data breach, fraud, or another liability, having robust exposure mitigation measures in place can be the difference between quickly recovering versus enduring a prolonged crisis.

What does this mean for a Payment Facilitator that manages the Merchant Agreement? Simply put, the Payment Facilitator must incorporate these same control requirements into its Merchant Agreement. It should ensure that compliance obligations and exposure mitigation frameworks are thoroughly documented, reflecting the Acquirer’s overarching strategy.

We are happy to discuss this in more detail at ETA’s Transact next week in Las Vegas. Join us to delve deeper into how these requirements shape the future of acquiring and what best practices Payment Facilitators can adopt to stay ahead of the curve.