Merchant Verification

‍

Merchant verification is the process of confirming that a business applicant is who they claim to be before payment processing access is granted. It is a structured step within merchant onboarding and covers three connected checks: verification of the business entity, verification of the individuals who own or control it, and an initial assessment of the business model against the acquirer's risk criteria.

‍

Decisions made during merchant verification set the parameters for the entire merchant relationship, including processing limits, reserve requirements, and the intensity of post-approval monitoring.

‍

‍

‍

What Merchant Verification Covers

‍

Business identity: Confirmation that the legal entity exists, is in good standing with the relevant company registry, and operates under the declared name, address, and registration number. This includes cross-referencing tax identification numbers and incorporation records against official government sources.

‍

Ownership and control: Identification and verification of Ultimate Beneficial Owners (UBOs), the natural persons who own at least 25% of the entity or exercise effective control. This obligation is established under FinCEN's Customer Due Diligence Final Rule for covered financial institutions in the United States, and under FATF Recommendation 10 on customer due diligence for institutions operating across jurisdictions. The identity verification methods applied to UBOs draw on the same principles used in individual-level Know Your Customer (KYC) processes. The entity-level dimension is addressed through Know Your Business (KYB).

‍

Risk fit: A preliminary assessment of whether the business model, industry vertical, declared product or service, and expected transaction profile fall within the acquirer's risk appetite and card scheme acceptance criteria. This includes MCC (Merchant Category Code) classification, website review, and screening against sanctions lists, adverse media, and scheme watch programs.

‍

‍

‍

Where Merchant Verification Commonly Breaks Down

‍

Two failure patterns account for the majority of verification gaps we see in practice.

‍

The first is incomplete UBO verification. Entity-level checks confirm that a business is registered, but the actual controlling individuals remain unscreened. Principals operating under nominee structures, using name variations, or controlling multiple entities can pass corporate registry checks while carrying sanctions exposure, litigation history, or links to prior terminations that UBO verification would surface.

‍

The second is surface-level business model review. A merchant declares a permissible Merchant Category Code and submits a functional website. The review confirms the site exists and the MCC is plausible, without examining the actual product offering, gated content, or related storefronts operated by the same principals. This allows merchants operating in restricted categories to pass initial review.

‍

Custom KYB flows, calibrated to merchant risk tier, address both gaps by adapting verification depth to the actual risk profile rather than applying uniform processing to every application. Ballerine's Merchant Onboarding platform enables over 80% of applications to be auto-approved, while routing higher-risk cases to enhanced review without slowing the overall process.

‍

‍

‍

Merchant Verification Is Not a One-Time Event

‍

Risk profiles change after onboarding. Ownership transfers, business model pivots, and new adverse signals alter the original risk assessment without triggering automatic re-verification unless monitoring controls are in place. Merchant verification establishes the baseline; merchant underwriting and ongoing surveillance maintain it.

‍

‍

‍

How Ballerine Supports Merchant Verification

‍

Ballerine's Merchant Onboarding platform supports configurable KYB flows that adapt verification steps to each merchant's risk profile. Corporate registry lookups, UBO identification, sanctions screening, adverse media checks, and AI-powered web analysis run within a unified workflow, reducing the coordination overhead between data sources and accelerating time-to-decision.

‍

For cases where an instant pre-application signal is needed, the Scam & Fraud API delivers a severity assessment on any merchant across six risk dimensions within 60 seconds, before verification resources are fully deployed.

‍