What Is A Registered ISO? Where Do You Start?
If you want to enter the world of merchant services as an Independent Sales Organization (ISO), the process to become registered can seem daunting at first. An ISO is a business that partners with payment processors to sell merchant accounts and payment processing services to merchants. ISOs act as an intermediary by finding new merchant customers and handling the onboarding process, while the payment processor handles the backend functions like transaction processing.
While becoming an ISO grants you the freedom and flexibility of running your own business, there are many steps and requirements you must meet first. This involves not just registering yourself but also forming your ISO business, obtaining the necessary ISO certifications and licenses, acquiring ISO insurance and bonding, and signing contracts with payment processors.
In this article, we will explore the essential steps you need to take and the requirements you should understand to officially register as a legal ISO-serving merchant. We recommend researching the ISO regulations in your state or states you plan to operate in.
Research requirements to become an ISO
The first step is to research the ISO registration requirements from major payment card networks like Visa, Mastercard, American Express, and Discover. Each network has its own ISO certification program with application forms, fees, and ISO compliance rules you must follow.
Check on their websites for the ISO program guides and fact sheets which outline things like:
- ISO application forms and fees
- OK to originate merchant accounts (OTA) qualifications
- merchant boarding and underwriting guidelines
- chargeback monitoring requirements
- data security rules and PCI compliance
- prohibited transaction monitoring obligations
Understand ISO Licensing in Your State(s)
You’ll also need to research if ISOs need to obtain any specific state licensing. Some states require ISOs to register as a “sales finance company” or “third-party seller” in addition to general business licensing.
Check with your state department of financial institutions or comparable agencies. Understand any state laws governing ISOs including:
- State ISO licensing or registration requirements
- Fees and application forms
- Ongoing reporting obligations
- Restrictions on activities like deduction of residuals from merchant payments
With this information in hand, you’ll have a solid foundation to form your ISO business and ensure compliance with regulations as you onboard your first merchants. But do your homework—each state and payment network has different ISO rules.
Form your merchant services business entity
Once you have a thorough understanding of ISO licensing requirements, it’s time to form your legal merchant services business entity. You have a few options for your business structure as an ISO:
Single Member LLC: This is a popular choice for ISOs since it provides liability protection while being easy and inexpensive to form. Just make sure your state allows single-member LLCs to provide merchant services.
C Corporation: A C Corp allows for greater flexibility with financing and ownership structures. However, C Corps are more expensive and complex to administer due to paperwork and double taxation.
S Corporation: Similar to a C Corp but avoids double taxation. S Corps have limitations on the number and type of shareholders.
Register your Business Name with the State
Regardless of business structure, you must register your business name or “doing business as” (DBA) with your state. This involves:
- Filling out a name registration application
- Doing a name search to avoid duplicates
- Paying a registration fee (around $50 to $100)
Apply for an EIN/Tax ID Number
Next, you will need an Employer Identification Number (EIN) from the IRS. An EIN serves as your business’s tax ID number and is required to:
- Open business bank accounts
- Apply for merchant accounts
- File business tax returns
You can apply for an EIN online or by mailing Form SS-4 to the IRS. Be sure to keep records of your:
- Articles of organization/incorporation
- Business license
- EIN confirmation
With these essential items in hand, you’ll be ready to complete the ISO certification process and start building a pipeline of new merchant customers for onboarding.
Get necessary ISO certification and registrations
After forming your merchant services business, you must obtain the necessary ISO certifications and registrations. This typically involves:
Payment Network ISO Certifications
The first step is to apply for and obtain ISO certification from the payment card brands you plan to serve. You’ll need to:
- Fill out the ISO application forms and pay the fees
- Pass background checks
- Demonstrate adequate capital, experience, and business structure
This certification allows you to officially originate and sponsor merchant accounts through acquirers and processors.
State ISO Registration (If Required)
Check if your state requires ISOs to obtain a state-issued registration or license. If so, you’ll need to:
- Submit a registration application providing your business details, key personnel info, and payment network certifications
- Pay applicable registration fees
Some states also mandate ongoing reporting obligations for ISOs like renewal applications and financial disclosures.
You’ll likely want to register with CardNet and TeleCheck to provide check guarantee and verification services for your merchants. This requires:
- Filling out registration forms and paying application fees
- Passing a background check and office review
- Designating an authorized check acceptance employee
Visa, Mastercard, and others also require ISOs to register with these agencies to provide check-related services.
With these certifications and registrations in hand, you’ll be ready to obtain the required ISO insurance and bonding to protect both your merchants and your fledgling business. This complete “registration package” will make you an attractive ISO partner for merchant account providers.
Obtain ISO insurance
As an ISO, you’ll need several types of insurance to protect your business and your merchants. The two most important policies are:
Errors & Omissions Insurance
This provides coverage for mistakes and omissions you may make as an ISO that result in financial loss for your merchants. E&O insurance covers claims for:
- Failed PCI compliance audits
- Mishandled chargebacks
- Misapplication of funds
- Missed deadline penalties
Cyber Liability Insurance
With so much sensitive merchant and cardholder data in your possession, cyber liability insurance is critical. It covers first-party and third-party claims resulting from:
- Data breaches
- Network outages
- Damage or loss of electronic data
- Regulatory fines and penalties
- Legal fees related to a data breach
Other Recommended ISO Insurance
While not always required, consider these other types of insurance:
General Business Insurance
These standard policies like commercial property, commercial auto, and business owner’s policies can help protect your assets and employees.
Also known as financial institution bonds, crime insurance reimburses losses from employee theft, embezzlement, forgery, and cyber fraud.
An excess liability policy that provides additional coverage over your primary policies if limits are exceeded. It can cover legal expenses and damages beyond E&O and cyber insurance limits.
ISO insurance is very specialized, so work with an agent experienced in this niche. Most payment processors will require proof of adequate insurance coverage before signing you as an ISO. So have these policies in place up front to smooth the contracting process.
Get ISO bonding
In addition to insurance, many ISOs are required to obtain a fidelity bond as part of the registration process.
What is an ISO Bond?
An ISO bond, or credit card service bond, provides financial protection to payment processors, card issuers, and merchants if an ISO commits fraud or mishandles funds. There are two main types of ISO bonds:
Fidelity bonds protect against employee dishonesty and theft. This includes employee theft of merchant funds, credit card numbers, or other sensitive data.
Surety bonds indemnify merchants and processors against losses due to an ISO’s non-compliance with payment network rules. This includes mishandling of chargebacks, breaches of PCI compliance, and other regulatory violations.
ISO Bond Limits
ISO bond amounts vary but are often in the following ranges:
- $25,000 for startups and small ISOs (fidelity bonds only)
- $100,000 to $250,000 for medium-sized ISOs
- $250,000 to $500,000 for large ISOs
Some payment processors mandate minimum bond amounts for their ISOs.
Getting an ISO Bond
You can purchase ISO bonds from most insurance providers. The bond application will ask for details about:
- Your merchant boarding and underwriting procedures
- Security measures to protect merchant and cardholder data
- Your chargeback monitoring and management
Many payment processors will require a copy of your ISO bond before signing you as a registered ISO partner. So have your bond ready along with your insurance and certification documents to speed up the ISO contracting process.
Apply for merchant accounts
Now that you have formed your ISO business, and obtained the necessary certifications, insurance, and bonding, you can begin applying with payment processors. Start by:
Researching Payment Processors
Look for reputable merchant account providers that work with ISOs and offer:
- Competitive pricing
- Low or no minimums
- Sophisticated technology and reporting
- Dedicated ISO support
Apply with Several Providers
Submit an ISO application along with all your registration documents to multiple processors. Applications typically require:
- Background checks
- Business and credit reports
- Proof of ISO certification, insurance, and bonding
Negotiate ISO Contract Terms
Processors will send you an ISO contract outlining the terms of your relationship, including:
- Residual and commission rates
- Underwriting criteria
- Chargeback and retrieval fees
- PCI compliance obligations
Signing ISO Contracts
Once you’ve negotiated acceptable terms, sign ISO contracts with one or more processors. This will allow you to:
- Open merchant accounts under their sponsorship
- Use their underwriting, onboarding, and tech platforms
- Access support for your merchants
Onboarding Your First Merchants
With active ISO contracts, you can now focus on bringing in your first merchant customers. Apply the processor’s underwriting guidelines and utilize any sales and onboarding tools they provide.
Over time, build relationships with multiple processors to ensure you always have options for the unique needs of your merchants. But start by signing at least one ISO contract to get your merchant services business up and running!
In summary, becoming a registered ISO in merchant services requires diligence, patience, and perseverance. You must navigate a complex web of payment network rules, licensing requirements, registrations, certifications, contracts, and more.
But with the right planning and research upfront, the process does not have to be overwhelming. Start by understanding ISO regulations in your targeted states. Then form your ISO business, obtain the essential certifications and licenses, and acquire the proper insurance and bonding.
Next, apply with several reputable payment processors and negotiate acceptable ISO contracts. With active contracts in place, you can onboard your first merchants and begin building a sustainable ISO business.
Though the ISO registration process comes with many hurdles, the freedom and earnings potential make it well worth the effort for those with a passion for the merchant services industry. We wish you the best of luck on your ISO journey!