Global eCommerce presents stakeholders in the payments business with exciting business opportunities, but with the growing amount of payment processors and merchant acquirers, the competition is fierce. Payment service providers (PSPs) are under great pressure to provide merchants with value-added-services (VAS) to improve client retention. These services may include risk management and the integration of solutions that prevent fraud, chargebacks and compliance risk. Merchants expect PSPs to help increase customer loyalty, by guaranteeing a secure and seamless payment experience in a growing number of currencies and alternative payment methods.
As the pressure to comply with stricter rules and regulations increases and fraud figures rise, merchants increasingly depend on the regulatory technology and VAS offered by payment facilitators to mitigate risk.
Risk categories include:
- Financial Risk
- Reputation Risk
- Fraud Risk
- Content Violation Risk
- Money Laundering Risk
- Transaction Laundering Risk
- Business Risk
- Brand Risk
- Chargeback Risk
- Other Risk
Not all "Content is King"
This article explores content violation risk. We live in an age when content is king. Content is everywhere! On our laptops, I-Pads and smartphones. We scroll through social media content, web content, web shops and video streaming sites for hours a day. Digital content is consuming us. Research firm DoubleVerify found that the pandemic accelerated this trend. If we spent an average of three hours a day surfing the Web before the pandemic, these figures rose to seven hours a day during lockdowns. YouTube streaming sky-rocketed, up 43%. Facebook usage increased with 40%, Smart TV use with 44% and Instagram and Twitter usage went up with 32% and 23%, respectively.
The same can be said about paid digital content. This is where payment facilitators and marketplaces feel the heat. Merchants are prohibited from selling products and/or services that are defined as illegal or violate intellectual property (IP) rights of rights holders in the jurisdiction of the acquirer and the merchant. Acquirers often rely on payment facilitators to ensure that illegal transactions are not passed on for payment services. Payment facilitators that process transactions that either infringe IP rights, violate regulatory requirements, or are illegal may be held liable for such transactions. If a PSP (Payment Service Providers), payment facilitator or an acquirer is identifies as repeatedly processing payments for illegal products or services, they risk high penalties and fines in accordance with the rules and regulations of the payment networks.
Payment networks like Visa and Mastercard define rules and regulations in their BRAM and GBPP programs to prevent their brands to be used for illegal activities:
The payment networks regularly update these rules. Therefore, it is crucial for financial institutions that handle card payments to always stay informed to prevent fines or account shutdown. In 2021, Mastercard updated its rules to fight anonymous adult content. Last Spring, Mastercard updated its BRAM program in response to alarming trends in illegal or brand-damaging online activity. Merchant acquirers and payment processors are liable if they do not monitor ‘their’ merchant’s websites, marketplaces, and creator platforms to detect the sales of goods and services that infringe IP rights (luxury brands, software licenses, games, etc.) or content that is illegal.
KYC/CDD, ECDD and Ongoing Due Diligence
Before merchant on-boarding and customer acceptance, risk experts must screen, identify, verify, and assess the risk profile of the merchant’s business as part of the legally required Know-Your-Customer (KYC) Customer Due Diligence (CDD) onboarding process. Additional information must be collected and analyzed as part of the Enhanced Customer Due Diligence (ECDD). Once the merchant has been accepted, Ongoing Customer Due Diligence (OCDD) must take place on a regular basis. Transaction Monitoring and Content Monitoring are part of OCDD procedures.
It can get rather complicated to identify content violations, when merchants offer a wide variety of products and services on their websites. Underwriters must review the merchant’s website, double-check Merchant Category Code (MCC) classification, website compliance requirements and detect illegal or brand-damaging products or services as part of the initial risk assessment and also continue the risk assessment as part of the ongoing risk monitoring.
Risk professionals must identify what control mechanisms and content monitoring tools are implemented by the merchants in the PSP’s portfolio to prevent non-compliance risk from materializing. Brand risk is especially high when websites offer user generated content. Digital content can be abused to cover-up other types activities. As part of CDD, merchants must also supply their written policies about their content review process.
Dating merchants often offer extended subscription models with discounts. Risk professionals should pay special attention to merchants that offer content on a subscription- or on a pay-per-download basis, because of the increased chargeback risk. The merchant must have monitoring procedures in place to prevent users from uploading IP infringing or illegal material. All merchants, including dating sites, must have a link on their website that allows consumers and content creators to identify and report content that could be illegal or uploaded without their approval. Merchants typically have 7 days to respond to such complaints. Bonafide merchants that are focused on live streaming and social platforms have teams of human content moderators that review the results of analytical AI-empowered tools implemented to monitor content. Web crawlers or Merchant Monitoring Service Providers (MMSP) for the detection of BRAM or GBPP violations are recommended.
Undetected content violations present acquirers and payment facilitators with high financial and reputational risk. The monitoring of websites, marketplaces and other creator platforms are often outsourced to specialized solution providers, but the alerts that are triggered must be analyzed by the PSP’s risk departments to avoid legal issues. PSPs and acquirers are not the only payment facilitators that run high risk. In the USA, Visa has been sued for facilitating the sale of explicit content of individuals and for not acting accordingly. Unfortunately, content violations committed by rogue merchants present a major business risk to all stakeholders in the payments value-chain.
Content Monitoring Solutions
Merchants that are in the cyberlocker, dating, streaming or visual content business should partner with a payment facilitator that offers value-added-services which include enhanced content monitoring. A PSP with legal experts in copyrights, licensing, and registrations. The merchant’s web policies must be scrutinized to ensure that content moderation, monitoring and instant removal take place. Special web crawler tools scan the website and any backlinks for known content violations according to card scheme rules. Content monitoring solutions typically include reporting tools. If the merchant’s business model evolves around subscription payments, it is best to process payments through a PSP with years of experience in handling recurring payments.
By partnering with a specialized PSP, merchants get access to AI and Machine Learning empowered solutions that simplify time-consuming merchant compliance checks and investigations. By protecting their brand, their business and their reputation, merchants avoid heavy penalties or even account shutdown because of violations of compliance rules and regulations and most importantly, all stakeholders in the payments value chain are protected from business, financial and reputational damage.