Mark Dunn
January 26, 2023
min read

The traditional organization for selling merchant services to businesses is the Independent Sales Organization or ISO*. Registered ISOs come in two types: retail ISO and wholesale ISO. The far more common type of ISO is the registered retail ISO. There are around eighteen hundred registered retail ISOs in the US. These ISOs may only sign up merchants domiciled in the fifty US states.

Many sales teams will refer to themselves as an ISO when they are, in fact, an agency or team of agents. That means they represent an ISO but are themselves, agents. An agent is a sales representative that has not gone through the formal registration process to become an ISO.

All ISOs must register with VISA and MasterCard through a sponsor bank. Establishing and registering a retail ISO most often takes place through signing an agreement with a third-party processor. At the retail level, the third-party processors, such as Fiserv First Data, Global TSYS, and WorldPay, drive the process of getting the ISO registered and set up. The third-party processors have already negotiated sponsorship with a banking partner, such as Well Fargo or First National Bank of Omaha. When the ISO signs a retail ISO deal with the third-party processor, the sponsor bank comes along with the agreement.

When it comes to ISO deals, one size does not fit all. The folks that run the big ISO programs will want you to follow your instincts to start selling asap. They will tell you how quick and easy it is to get started right away. But you should take it slow and easy. It’s important to have the guidance of an experienced consultant and negotiator before signing a deal. You need to understand all the options, alternatives, and amazingly complex pricing. You will save yourself a lot of grief later if you get help. Also, make sure you hire a qualified payments industry attorney to review the agreement before you sign.  

Registration as an ISO requires a business plan, sales and financial projections, bios, tax returns, personal financial statements, and other personal information about the principal owners. Along with some additional forms and an application, all are submitted to the sponsor bank for review. All principal owners will undergo a background check. The review and approval usually take 4-6 weeks. The new ISO should be up and running a few weeks after approval.

ISOs must conform to the Rules of the card brands. The word “Rules” is usually written with a capital ‘R’ for a reason. Merchant processing is a self-regulated industry. The card brands regulate themselves according to these Rules. The Rules are a matter of public record and are accessible online. Failure to follow the rules can lead to fines and cancellation of the ISOs registration. Several Federal agencies and the States’ Attorney Generals investigate claims of bad business practices by ISOs.

Once an ISO is properly registered, the ISO may advertise its brand with a website, social media, and marketing materials with its branding. Typically, all marketing materials must first be approved by the third-party processor before they can be distributed to prospective merchants or posted online.

Properly registered ISOs will have a statement on their website that says something to the effect of: “XYZ Merchant Services is a registered ISO of Such-and-Such Bank, NA, Anywhere, CA.”

The purpose of this statement is to identify the sponsor bank with which the ISO has a contractual relationship and to which the merchant is signing a processing agreement. It should be noted here that the ISO does not sign the merchant to a processing agreement with itself, but rather with the sponsor bank.

So let’s look at what a registered retail ISO does. The primary function of a registered retail ISO is this: The ISO solicits merchants for bankcard processing. In today’s highly competitive environment, the ISO’s sales staff will prospect for merchants interested in seeing their payment solutions and getting a competitive quote for processing. The ISO will get a recent processing statement (or several recent statements) and do a head-to-head comparison of what the merchant is currently paying versus what the ISO can offer. The ISO will try to get the merchant to switch.

If the merchant agrees, the ISO will present – either physically or virtually – a merchant application for signature. In today’s virtual environment, this means click through to sign an online form. Often the merchant will have to submit supporting documentation, such as their business license, owner’s drivers license copies, financial statements, etc. The ISO’s staff will check for completeness. Submit the application to the third-party processor and get the ok from underwriting to board the merchant. The ISO’s staff will board the merchant on the third-party processor’s online merchant set-up system.

In some cases, there is new equipment that must be deployed, and the ISO will initiate the order. The ISO staff will arrange for the installation of the POS system or terminal equipment and provide training.

The ISO is responsible in most cases for the ongoing support of the merchant. Typically, after-hours support is provided under a contractual arrangement with the third-party processor. Some retail ISOs will take on other functions of the merchant signing, set-up, and support process.  

Retail ISOs do not do their own underwriting. They do not bear the risk of losses. Most losses come in the form of chargebacks to the merchant that the merchant cannot cover. However, the ISO can be held liable for losses and fines resulting from gross negligence, misrepresentation, or fraud. Also, retail ISOs do not carry out any of the functions of the merchant back-end processing. Underwriting, bearing risk and operating the merchant back end is the province of the registered wholesale ISO.

In our next blog post, we will address the registered wholesale ISO.

* Just a note about the term “ISO”: You will sometimes hear an ISO referred to as a Merchant Services Provider or MSP. This is the MasterCard term for this entity. Also, you may come across the acronym TPA, which stands for Third Party Agent. There are several types of ISO and all are a sub-category of TPA according to VISA.

Posts you may like