Skip to main content

Liability Structures

Last Updated: 2025-02-17 Status: Complete

Understanding how liability flows across payment entities is critical for partnership decisions, contract negotiations, and risk management strategies. This guide compares chargeback liability, fraud exposure, and reserve requirements across ISO, ISV, and PayFac models.

Quick Reference

Liability TypeISOISV (Non-PayFac)PayFac
Chargeback Loss0%0-100% (by contract)100% first-line
Fraud Loss0%Contractual100%
Network FinesIndirectIndirectDirect
Reserve ObligationNoneNoneYes
MATCH ListingPrincipal onlyRareCommon

Chargeback Liability

How Chargebacks Flow by Model

The chargeback liability chain differs dramatically between payment models:

ISO: Pass-Through Liability

Do ISOs have chargeback liability? ISOs have zero direct chargeback liability in the standard model:

StageISO RoleFinancial Impact
Chargeback receivedNone - goes to acquirer$0
RepresentmentMay assist merchant$0
Loss realizationMerchant/acquirer absorbs$0
MATCH listingOnly if ISO principal involvedReputational

Why ISOs Escape Liability:

  • Merchants have individual MIDs with the acquirer
  • ISOs are sales/service agents, not payment principals
  • Acquirer/processor holds the merchant relationship
  • ISO agreement typically excludes financial liability

Exceptions:

  • ISO provided false information during onboarding
  • ISO principal engaged in fraud
  • Contractual indemnification clauses (rare)

ISV: Variable Liability by Model

ISV liability depends entirely on how payments are integrated:

Integration ModelChargeback LiabilityWhy
Referral0%Not a payment party
API Integration0%Processor holds merchant relationship
PFaaS (Connected)0-50%Shared per PFaaS agreement
PayFac100%Full PayFac liability

PFaaS Liability Nuances:

Typical PFaaS Liability Structures:

ProviderISV LiabilityNotes
Stripe Connect (Standard)0%Stripe handles all
Stripe Connect (Custom)ConfigurableISV can take liability for better economics
Adyen for PlatformsNegotiatedDepends on contract tier
FinixConfigurablePlatform decides

PayFac: Full First-Line Liability

PayFacs bear complete financial responsibility for sub-merchant chargebacks:

PayFac Chargeback Economics:

ComponentAmountResponsibility
Transaction amount$500PayFac debited
Chargeback fee$25PayFac pays
Representment cost$15PayFac pays
Total exposure$540PayFac
Recovery from sub-merchantVariablePayFac attempts
Net loss$0-540PayFac absorbs remainder

Reserve Requirements

Reserve Obligations by Entity

EntityReserve Required?Who Holds Reserves?Purpose
ISONoN/AN/A
ISV (Referral)NoN/AN/A
ISV (PFaaS)RarelyPFaaS providerProvider protection
PayFacYesPayFacSub-merchant losses

PayFac Reserve Structure

PayFacs manage reserves at two levels:

Typical Reserve Cascading:

LevelReserve HeldTypical Amount
Sub-merchant → PayFacRolling or fixed5-10% of volume
PayFac → Sponsor BankCorporate reserve$500K-$5M+

ISO Reserve Considerations

While ISOs don't hold merchant reserves, they may face:

ScenarioISO Impact
Merchant generates lossesISO residuals may be reduced or clawed back
High-risk portfolioAcquirer may require ISO performance bond
Fraudulent merchant referralISO may face contractual penalties

Fraud Liability

Fraud Loss Distribution

Fraud TypeISO LiabilityISV LiabilityPayFac Liability
Card testingNoneContractualFull
Friendly fraudNoneContractualFull (via chargeback)
Merchant fraudContractualNone (referral)Full
Account takeoverNoneVariesFull

PayFac Fraud Exposure

PayFacs face layered fraud exposure:

Sub-Agent Liability Cascading

ISO Hierarchy Liability

In ISO hierarchies, liability flows contractually:

Typical Sub-Agent Contractual Terms:

TermMaster ISOSub-ISOAgent
Merchant quality standardsDefinedAcceptedFollows
Prohibited MCC liabilityIndemnifies bankIndemnifies masterLimited
Residual clawbackOn lossesOn lossesOn commission
MATCH reportingCooperatesCooperatesReported

PayFac Sub-Merchant Liability

PayFacs manage sub-merchant liability through:

MechanismPurposeImplementation
ReservesCover future lossesWithheld from payouts
Delayed settlementEnsure delivery1-7 day payout delay
Volume limitsControl exposurePer-transaction and daily caps
Merchant agreementsLegal recourseChargeback responsibility clauses

Contractual Risk Allocation

Key Contract Terms by Entity

Contract ElementISO AgreementISV AgreementPayFac Agreement
IndemnificationLimited to misrepresentationVaries widelyComprehensive
Loss sharingNone typicallyNegotiatedFull first-loss
Insurance requiredE&O commonCyber liabilityE&O + Cyber + Crime
Termination for lossesPortfolio performanceN/AChargeback thresholds

Sample Liability Allocation Matrix

When negotiating partnerships, use this framework:

Risk CategoryAllocate to ISOAllocate to PayFacShared
Merchant misrepresentation✓ (if ISO sourced)✓ (if PayFac onboarded)
Transaction fraud
Merchant bust-out✓ (if early warning missed)
Network fines
Compliance violations✓ (if caused)✓ (baseline)

Self-Assessment Questions

  1. Why do ISOs have zero chargeback liability in the standard model?
  2. How does PFaaS change liability allocation compared to a direct processor relationship?
  3. What happens when a PayFac cannot recover a chargeback from a sub-merchant?
  4. Why might a Master ISO include indemnification clauses for sub-ISO merchant quality?
  5. How do reserves protect PayFacs from sub-merchant losses?

References

Share: