One of the fundamental tenets of business is trust, from clients, acquirers and card providers alike. If you should find yourself on the MATCH List, this trust can be seriously eroded, impeding your company’s ability to open a merchant account.
The MATCH (Member Alert to Control High-Risk Merchants) List is a reference database initiated and maintained by Mastercard which provides information to acquirers about the relative risk of a merchant when deciding to grant them an account. High risk firms are usually those that have had at least one account terminated. Not only that, but this List details all merchants who were added to the List in the past 5 years, even if they have been compliant since.
Now, being on the MATCH List does not necessarily mean you will be unable to open a merchant account anywhere, just that it will be made more difficult for you, involving multiple applications and more stringent terms. For example, the processing fees may be more severe, contracts may be longer with higher penalties for early termination and even a reserve account may also be asked for by the acquiring bank. For some on the List, the only option would be to open an offshore account or contact a high-risk UK provider.
So how would you end up on the MATCH List? There could be many reasons that Mastercard, or more likely your acquiring bank, would add you. The most common one is for regularly surpassing chargeback limits as set by Mastercard. But there are other specific reasons to be added, from a compromise in account data security to excessive fraudulent transactions to identity theft as outlined in the List’s Reason Codes.
| MATCH list reason code |
Title |
Description |
| 01 |
Account Data Compromise
|
An occurrence that results, directly or indirectly, in the unauthorized access to or disclosure of Account data. |
| 02 |
Common Point of Purchase (CPP)
|
Account data is stolen at the Merchant and then used for fraudulent purchases at other Merchant locations. |
| 03 |
Laundering
|
The Merchant presented to its Acquirer Transaction records that were not valid Transactions for sales of goods or services between that Merchant and a bona fide Cardholder. |
| 04 |
Excessive Chargebacks
|
With respect to a Merchant reported by a Mastercard Acquirer, the number of Mastercard chargebacks in any single month exceeded 1% of the number of Mastercard sales Transactions in that month, and those chargebacks totalled USD 5,000 or more. |
| 05 |
Excessive Fraud
|
The Merchant effected fraudulent Transactions of any type (counterfeit or otherwise) meeting or exceeding the following minimum reporting Standard: the Merchant’s fraud-to-sales dollar volume ratio was 8% or greater in a calendar month, and the Merchant effected 10 or more fraudulent Transactions totaling USD 5,000 or more in that calendar month. |
| 06 |
Not in use |
|
| 07 |
Fraud Conviction
|
There was a criminal fraud conviction of a principal owner or partner of the Merchant. |
| 08 |
Mastercard Questionable Merchant Audit Program |
The Merchant was determined to be a Questionable Merchant as per the criteria set forth in the Mastercard Questionable Merchant Audit Program. |
| 09 |
Bankruptcy / Liquidation / Insolvency |
The Merchant was unable or is likely to become unable to discharge its financial obligations. |
| 10 |
Violation of Standards
|
With respect to a Merchant reported by a Mastercard Acquirer, the Merchant was in violation of one or more Standards that describe procedures to be employed by the Merchant in Transactions in which Cards are used, including, by way of example and not limitation, the Standards for honouring all Cards, displaying the Marks, charges to Cardholders, minimum/maximum Transaction amount restrictions, and prohibited Transactions set forth in Chapter 5 of the Mastercard Rules manual. |
| 11 |
Merchant Collusion
|
The Merchant participated in fraudulent collusive activity. |
| 12 |
PCI Data Security Standard Non-compliance |
The Merchant failed to comply with Payment Card Industry (PCI) Data Security Standard requirements. |
| 13 |
lIlegal Transactions
|
The Merchant was engaged in processing of illegal Transactions. |
| 14 |
Identity Theft
|
The Acquirer has reason to believe that the identity of the listed Merchant or its principal owner(s) was unlawfully assumed for the purpose of unlawfully entering into a Merchant Agreement |
Source: Mastercard, Inc.
Being taken off the MATCH List can be a long drawn-out affair, with most listed companies staying there for 60 months even after the initial circumstances that got them there no longer apply. To be removed sooner, you would have to fulfil one of two criteria. The first is that the acquiring bank contacts Mastercard and tells them that being added to the List was an unfortunate oversight. However, you may need to have an abundance of evidence to prove this. The second way is resolving a code 12 issue (noncompliance with PCI-DSS), as long as this is the only code violation, and being taken off the List is entirely the bank’s discretion.
Therefore prevention is the best cure, namely being hyperaware of and limiting your chargeback rate, while making sure your business is compliant and fraudproof. Otherwise there may be years of increased costs and lower profits for your merchant site.
