Merchant Account Compliance Fees – Legit?
As you may know, I review business merchant account statements on regular basis. One thing I keep seeing more and more on statements are terms like “Annual Compliance Service Fee” or “PCI Compliance Program.” The shocking thing about these fees is how much they are; I have a statement on my desk that reads $119.75 for such a fee. So what are these fees for? What do you get from them? Are they legitimate or just another profit center for merchant account providers?
I am sure there are going to be some industry insiders that wildly disagree with what I am about to say, but here goes any way. I believe these fees, for the most part, are just another profit center for this industry. Here is why:
- If you pay these fees are you made PCI Complaint? Answer: No you are not.
- Are you given tools or guides for becoming PCI Compliant when you pay these fees? Answer: Only sometimes.
- If you have a security breach and you were not following the rules of the PCI Security Standards Council are you insured against the fines you’ll receive? Answer: Probably not.
So what are you getting for these fees? Most of the time – zip, nada, and nothing!
I know there are exceptions to this but they are few and far between.
The next issue I have with these fees is they typically are added without any foreknowledge of the merchant. In other words they just show up on the statement, with what seems to be hope that the merchant will not see them. If these fees are legitimate why the secrecy? If these fees bring real value why not communicate what that value is? I think the answer is obvious – they provide little to no value so the fees are snuck on to the statement.
The last issue I am going to bring up (I could bring up many more!) is the lack of choice. Typically these fees are not optional, they are mandatory. These fees almost have a feel like they were mandated by the US Government or maybe even God! How dare we question such fees! Here is why I am puzzled about the lack of an option. I have a client that is a restaurant, they have a band new terminal and pin pad, the software file that was installed on that terminal is PCI compliant, the Pin Pad is PCI-PED approved, they have taken their PCI Self Questionnaire. So why do they need to pay this fee, they are compliant, why don’t they have the option to say no to this fee? That would be fair and logical wouldn’t it? I am afraid the answer is that providing such an option would reduce the profit of the merchant account provider.
The truth is that PCI Compliance has created some much needed data security guidelines while at the same time providing a wonderful tool to increase profits for this industry. We can use the fear of a $50,000 fine for not being compliant to manipulate you into paying fees like these. I know this hard to believe that anyone in the financial services area would use such tactics to increase profit. Wait a minute, that is not hard to believe at all is it!
Here are my suggestions for dealing with these fees:
1. If you see these fees on your statements call your provider and ask what you are receiving in return for your money. If you don’t like their answer find a provider who either does not charge these type of fees or actually provides something of value for the fees.
2. Educate yourself on becoming and staying PCI Compliant. Here are some links check out:
Security Metrics (They will assist you in becoming compliant)
PCI DSS News and Information Blog
PCI Compliance Demystified blog
Bottom line: Educate yourself about PCI Compliance, take what ever steps you must to become PCI compliant and stop paying these fees if they provide no real value for your business.
Please feel free to add your comments below. I would love to have someone defend these fees, I am very open to being wrong on this.
Like this post? Then subscribe by RSS | Email
Related Posts
Leave a Comments »
Trackback | RSS 2.0
on my statement that annual compliance fee notice states that it does NOT affect your compliance responsibilities. When I called to ask what it did affect, they rattled of a list of stuff that sounded like normal business expenses.
To ME, this annual fee is just that. An annual fee. A way for the cc processor to get a little bit extra from EVERY SINGLE merchant.
And you cannot fight it, and it provides no visible benefit.
Amanda, thanks for your comment. I think you have it correct, the compliance fee is in effect an annual fee.
I actually have a merchant provider that does offer something of value with this fee. While they do not protect me from my compliance responsibilities, they provide me with the tools to know where I am not compliant at all times and 24/7 support to remediate these issues. And they have, by far, the cheapest cost of any of the providers I have spoken to
I also called my processor and got no explanation for the fee other than it was mandatory and could not be waived or modified. That made me mad so I read my merchant agreement and using their contract against them Cancelled them. I also had to close my bank account because they attempted to take the fee anyway. This is just another attempt to get more of my money. I told them NO and I hope more people will do the same.
i have been looking around online and it seems i am the only one being charged more, they charged me for 139.xx!!!!
I received a compliance fee from my credit card processor. Every time I tried to get a straight answer about what I am supposed to be compliant to, they said processing transactions. They would not give me a straight answer and said that this fee was being charged by Visa/Mastercard, not them. I know that’s a load of bull. Anyway, I placed a stop payment on the transaction and now my account will be sent to collections because I refuse to pay them $540 to cancel my account. They broke our agreement since I never authorized them to take this fee. They told me that I don’t have to authorize it.
So they basically told me that they can make up a fee whenever they want and take the money without my authorization. I have a feeling that I will be seeing them in court.
Maybe we should start a class action suit against these merchant service companies. After all, if they can’t explain clearly what they’re charging the fees for, they shouldn’t be charging them.
I too have rec’d this fee on my December 2008 statement with no warning. $69.95. When I called them they told me it was mandatory and that George Bush had mandated that it be added to all merchant accts. I asked several others that had merchant accts with different companies and they said no fee had been levied as of yet. I use Money Tree Services. The fees are so ridiculous. They also added a $9.95 per month fee automatically and enrolled me into a new merchant benefits program, which gave me free thermal paper for my little machine. I use maybe 2 rolls a year, which cost less than $10. When I called to question this, they said I could “opt out” but it would mean if my terminal has problems I have to buy a new one, and my contract that was signed initially about free replacements would no longer be valid if I opt out. They were reluctant to let me opt out and transferred me to several people who could “help” me with my problem, in the meantime disconnecting me more than once. I was persistant and as far as I know will not have the $9.95 fee, but the compliance fee was there to stay. They told me it should just be a one time fee, not once a year. But now I am on the
lookout for another company.
I am a merchant Account Specialist, and I Just want to confirm that these fees that you are getting charged are in fact a way of Processing Companies to charge you more. Processing Companies do have to pay to get registered for PCI Compliance then passes these astronomical fees down to you. However it is just an overhead as a cost of doing business, but should not get charged to you. My Company does not charge these fees. For More Info on how to avoid these fees, you can email me at data91nv@yahoo.com
Well so far my annual PCI Compliance “fee” tops the list: $129!! Here is the notice I received on my May 2009 statement:
“TO HELP MERCHANTS MEET THE REQUIREMENTS OF THE PCI-DSS STANDARDS, MERCHANT SERVICE PROVIDERS HAVE BEEN REQUIRED TO INCUR NUMEROUS EXPENSES AND COSTS. TO SUPPORT THESE CONTINUED PROCESSES AN ANNUAL PCI COMPLIANCE FEE OF $129.00 WILL BE ASSESSED TO YOU ON YOUR MAY 2009 MONTH-END MERCHANT STATEMENT OR SHORTLY THEREAFTER.”
I called and was told that this fee is “Mandatory” and “Nothing can be negotiated.” Needless to say I will be changing providers, but they will still walk away with $129 of my money this year. I feel completely scammed.
Credit card fraud is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account. Credit card fraud is also an adjunct to identity theft.
Tips to Prevent Credit Card Fraud
1. Keep a list of your credit card numbers, expiration dates, and the phone numbers of all card issuers in a safe place.
2. Credit card issuers offer a variety of terms (annual percentage rates, methods of calculating balances subject to finance charges, minimum monthly payments, and actual membership fees). When selecting a card, compare the terms offered by several card companies to find the card that suits your needs.
3. When you use your credit card, watch your card after giving it to a clerk. Take your card back promptly after the clerk is finished and make sure the card is yours.
4. Never sign a blank receipt. Draw a line through any blank spaces above the total when you sign receipts. Tear up the carbons when you take your credit card receipt.
5. Open credit card bills promptly and compare them with your receipts to check for unauthorized charges and billing errors.
Just ask your processor what you get for the fee. If you don’t belive that the benefit justifies the charge, tell the processor that you’d like to “Opt out”. Many processors will let you as long as you sign an indemnification saying that you will be liable for any and all security breaches at your business.
If your processor says that the charge is mandatory, well that’s a change to your original Merchant Account Contract and will allow you to switch processors without any Early Cancellation (Deconversion) Fees as long as you switch in a timely manner and SPECIFICALLY state that this new fee is why you are cancelling.
I am an Account Manager for a credit card processing company. If you have any further questions about this or any other issue, feel free to email me.
luieluie@hotmail.com
I pay $12.50 per month for each of my accounts. I have 8 separate merchant accounts for each of my eCommerce websites.
Providing the processor a written statement the I am PCI compliant several times to remove the fees.
Every couple of months they sneak the fees back in and I have to call and write more letters.
As long as your complying to the rules of the PCI Security Standards Council with your business practices you are not responsible to pay your processor any PCI fees.
Merchant accounts are marketed to merchants by two basic methods: either directly by the processor or sponsoring bank, or by an authorized agent for the bank and additionally directly registered with both Visa and MasterCard.
First Data just charged me $139.75, and I think they charged me that last year. Called and they said it was VISA/MC requirement. Funny how they all have a different story.