Transaction Laundering

Transaction laundering (also called payment laundering or merchant laundering) is a payment fraud scheme in which an approved merchant processes card transactions on behalf of an unauthorized third party. This allows prohibited or high-risk businesses to access card networks without undergoing proper underwriting or compliance review.

‍

‍

‍

Why Transaction Laundering Is a Critical Challenge

‍

Transaction laundering creates systemic risk across the payment ecosystem. Card networks and regulators view it as a severe violation because it bypasses the controls designed to prevent illicit activity from entering the payment system.

‍

Key challenges include:

‍

• Detection difficulty: The scheme is designed to hide in plain sight. Transactions appear under legitimate merchant identifiers (MIDs), cardholder statements show approved business names, and transaction metadata matches the front merchant's expected activity.

‍

• Regulatory exposure: Acquirers and payment facilitators (PayFacs) are held accountable for the merchants they enable. When transaction laundering is discovered, the consequences include immediate termination of processing rights, card brand fines, potential regulatory enforcement, and reputational harm. PayFacs face unique risks because they aggregate multiple submerchants under a single MID, which allows bad actors to hide behind the PayFac's brand. This makes effective PayFac oversight essential for detecting laundering at scale.

‍

• Scale and sophistication: Bad actors continuously adapt. We see fronts that use dynamic page content to hide illicit goods, complex corporate structures to obscure ownership, and coordinated networks of shell merchants to distribute volume and evade detection thresholds.

‍

The challenge begins at onboarding. Strong initial merchant underwriting reduces the likelihood of approving merchants that will later engage in laundering. Effective underwriting includes website verification, ownership checks, and product category validation. However, even well-underwritten merchants can shift into prohibited activities after approval, which is why ongoing surveillance is critical.

‍

‍

‍

How Transaction Laundering Works: A Real-World Example

‍

Merchant A operates an approved e-commerce business selling motorcycle parts. The acquirer reviewed this merchant, assigned a MID, and approved standard processing limits.

‍

Merchant B sells counterfeit pharmaceuticals, a category explicitly prohibited by card network rules. Merchant B cannot obtain its own MID because it would fail underwriting. Instead, Merchant B routes its transactions through Merchant A's payment gateway using Merchant A's MID.

‍

When a cardholder purchases counterfeit drugs from Merchant B:

1. The transaction is processed using Merchant A's MID
2. The cardholder statement shows Merchant A's descriptor (e.g., "Motorcycle Parts Co")
3. The acquirer's transaction records show a sale categorized under Merchant A's approved merchant category code (MCC)
4. Settlement funds flow to Merchant A, which then remits a portion to Merchant B (often after deducting a fee)

‍

From the acquirer's perspective, all activity appears to originate from an approved merchant. The illicit business remains invisible unless proactive detection controls are in place.

‍

‍

‍

How to Detect and Prevent Transaction Laundering

‍

We recommend a layered approach combining automated surveillance, web intelligence, and periodic re-screening. Continuous merchant monitoring systems track transaction patterns, website changes, and external risk signals to identify emerging threats after merchants are approved.

‍

‍

1. Continuous Website Monitoring

‍

Deploy automated web crawling to:

• Capture and archive merchant website content at regular intervals
• Identify changes in product categories, branding, or domain structure
• Detect hidden pages, subdirectories, or alternate domains not disclosed during onboarding
• Compare website inventory against the merchant's stated business model and approved MCC

‍

When website content diverges from the approved business description, this signals potential laundering activity or undisclosed business lines.

‍

‍

2. Transaction Pattern Analysis

‍

Analyze transaction behavior for anomalies such as:

• Sudden volume spikes inconsistent with historical patterns or business seasonality
• Transactions originating from geographies where the merchant does not operate
• Descriptor mismatches, where cardholder inquiries reference products not sold by the approved merchant
• Chargeback rates or dispute reasons that do not align with the merchant's stated product category

‍

Pattern-based detection requires baseline modeling and threshold tuning. Machine learning models can improve detection accuracy by learning merchant-specific behaviors and flagging deviations.

‍

‍

3. Network and Infrastructure Analysis

‍

Examine relationships across the merchant ecosystem:

• Identify shared infrastructure such as payment gateways, hosting providers, or domain registrars
• Map corporate ownership and ultimate beneficial ownership (UBO) to detect shell networks or common controllers
• Cross-reference merchant contact details (emails, phone numbers, addresses) to uncover undisclosed affiliations

‍

Transaction laundering schemes often involve coordinated networks. Identifying these connections helps acquirers detect organized fraud before it scales.

‍

‍

4. Periodic Re-Screening and Re-Underwriting

‍

Merchant risk profiles change over time. Implement:

• Scheduled reviews (e.g., quarterly or semi-annually) for all merchants, with higher frequency for elevated-risk categories
• Triggered reviews when thresholds are breached (e.g., volume increase above 200%, chargeback ratio spike, descriptor change)
• Re-verification of business licenses, domain ownership, and website content

‍

Periodic reviews ensure that approved merchants continue to meet underwriting standards and have not shifted into prohibited activities.

‍

‍

5. Collaboration with Card Networks and Industry Partners

‍

Participate in information-sharing initiatives:

• Visa's Global Brand Protection Program and Mastercard's Merchant Compliance programs provide alerts and guidance on known laundering schemes
• Industry forums and consortiums share threat intelligence and emerging tactics
• Internal escalation protocols ensure that detected laundering cases are reported to card networks and, where applicable, law enforcement

‍

Collaboration improves detection speed and helps the industry respond to evolving threats collectively.

‍

‍

‍

The Business Impact of Transaction Laundering

‍

For acquirers, PayFacs, and ISOs, transaction laundering creates:

• Compliance risk: Violations of card network rules (such as Visa Core Rules or Mastercard's Merchant Monitoring Program Standards) trigger fines and sanctions. Repeated violations can result in loss of sponsorship or exclusion from card networks.

‍

• Financial exposure: Acquirers are liable for chargebacks and fraud losses associated with laundered transactions. When an illicit merchant is terminated, the acquirer often absorbs outstanding disputes and penalties.

‍

• Reputational damage: Being associated with laundering schemes undermines trust with card networks, regulators, and downstream partners. It can also attract regulatory scrutiny, leading to audits or enforcement actions.

‍

Proactive detection reduces these risks. Acquirers that invest in monitoring infrastructure and maintain rigorous underwriting standards protect their portfolios and demonstrate operational integrity to card networks and regulators.

‍

‍

‍

Strategic Context: Transaction Laundering and Regulatory Evolution

‍

Transaction laundering is a regulatory priority. Card networks have increased enforcement in recent years, and regulatory agencies (such as the Financial Crimes Enforcement Network, or FinCEN, in the United States) have signaled greater attention to payment facilitators' compliance obligations.

‍

We see three trends shaping the landscape:

‍

• Enhanced monitoring requirements: Card networks are raising the bar for merchant surveillance. Programs such as Mastercard's Merchant Monitoring Program (MMP) standards require acquirers to implement continuous monitoring controls and demonstrate effective detection capabilities. These programs set specific expectations for website monitoring, transaction analysis, and network mapping.

‍

• Increased penalties: Fines for laundering violations have escalated. In some cases, acquirers face penalties in the hundreds of thousands to millions of dollars, along with mandated remediation plans and external audits.

‍

• Technology expectations: Regulators and card networks expect acquirers to use modern detection tools, including web scraping, machine learning, and network analysis. Manual reviews alone are no longer considered sufficient.

‍

Acquirers operating in the merchant acquiring industry that adopt advanced monitoring infrastructure position themselves to meet evolving compliance standards and avoid the operational disruptions that come with enforcement actions. The shift toward automated, continuous surveillance reflects the reality that transaction laundering schemes evolve faster than periodic manual reviews can detect.

‍

‍

‍

How Ballerine Supports Transaction Laundering Detection

‍

Ballerine provides a merchant risk management platform designed for acquirers, PayFacs, and ISOs. The platform automates detection workflows that are critical for identifying transaction laundering.

‍

Key capabilities include:

‍

• Automated website monitoring: Ballerine continuously crawls merchant websites, captures content changes, and flags deviations from approved business models. This helps risk teams detect laundering fronts before they generate significant volume.

‍

• Transaction behavior analysis: The platform ingests transaction data and applies pattern detection models to surface anomalies such as volume spikes, geographic inconsistencies, and descriptor mismatches.

‍

• Network mapping: Ballerine identifies shared infrastructure, ownership connections, and affiliate relationships across merchant populations. This reveals coordinated laundering networks that manual review processes often miss.

‍

• Policy automation: Risk teams can configure detection rules based on card network guidelines, internal risk policies, and regulatory requirements. Automated workflows route flagged merchants to investigation queues and track resolution status.

‍

The platform is built to integrate with existing payment infrastructure and scale with merchant portfolio growth. Risk teams can deploy detection controls without overhauling their technology stack or hiring additional analysts.

‍

To learn more about how Ballerine's merchant monitoring tools address transaction laundering, visit the merchant monitoring solution page.

‍