Previous ArticleKey takeaways: what did we learn at SaaStr Annual?Next ArticleAre vehicles the next payment platforms?

An introduction to credit risk in payments

Credit risk is often overlooked by acquirers, and this can be catastrophic. In this article we take a closer look at what credit risk exists for payment processors, and how it should be managed.

Consider the analogy of a payments company operating like a cruise ship. The sales teams sell tickets and bring in the passengers, without which the endeavour would make no money. The account management and customer support teams are the onboard stewards, making sure everyone is comfortable and ensuring reputation is upheld and repeat custom continued. The operations, development and product teams are the engineers, navigators and stokers that make sure the boat continues to travel in the right direction.

And the risk teams are the iceberg spotters; while sailing conditions are fine and the icebergs are avoided, no one realises their value. It’s only when the boat hits an iceberg and is sinking that the value of a spotter is understood. Of course, by this time it may be too late to avoid disaster.

While all roles within a payments company are equally important, it’s better to have robust risk management that is able to spot an ‘iceberg’, judge the severity of any impending collision, and recommend a change of course. Simply pointing out the boat has already hit an iceberg and is sinking is of little use to anyone.

What is credit risk?

Before looking into the intricacies of credit risk in payments, we need to understand what credit risk actually is.

Credit risk is the possibility of financial loss resulting from a corporate or consumer’s inability to fulfil its contractual obligations. For banks and other financial institutions credit risk arises following an initial extension of a credit line (mortgage, loan facility, credit card etc.), and loss occurs when the corporate or individual is unable to repay their facility.

Payment companies offering card processing facilities do not extend credit facilities in the traditional sense. So why should payment companies worry about credit risk?

This is an intriguing question and one that many payment companies, especially smaller start-ups and those operating ISO and PF models, often fail to address properly. While other risk areas such as fraud, scheme and reputational risk are prioritised, credit risk often gets forgotten about; this is usually because until credit losses are seen (the iceberg hit), a lot of companies don’t realise this risk is present in their portfolio.

Although payment companies do not lend tangible amounts or extend a fixed “line of credit” to merchants, payment companies are contingently liable as soon as a merchant’s card transactions are processed and cleared through the card schemes. As such, credit risk includes a contingent liability in the event of a chargeback whereby the merchant is unwilling and/or unable to fund the amount of the receivable of the acquirer.

It is not unusual for payment to be taken well in advance of delivery. Payment companies will often settle to the merchant a few days after the transaction, so the payment company has in effect pre-funded the merchant and offered a ‘line of credit’ on the premise that merchant will deliver a purchased good as promised. If the merchant goes bankrupt between the initial purchase and expected delivery date consumers can go to the bank who issued the credit/debit card used for the purchase and request a chargeback.

As a payment company we in essence indemnify that consumer and in turn are required to repay funds. The payment company can then try in turn to reclaim the funds from the merchant, however if that merchant is no longer trading this could prove impossible and thus a credit loss is incurred.

“Trying to prevent all loss is not only impossible but would also require such strict and overbearing risk rules that the business would be uncompetitive.”

The role of credit risk

A common misperception is that a credit risk team, as well as wider risk functions, are there to prevent loss, which is not strictly true. The function should be to understand and manage credit risk within the risk tolerances of the business. Trying to prevent all loss is not only impossible but would also require such strict and overbearing risk rules that the business would be uncompetitive. As such, every payments company should be willing to accept a degree of acceptable loss, and the key is to understand what is considered acceptable.

We should consider the following core concepts which can help define this position.

1. Exposure

This is the total loss if a merchant becomes insolvent or there is a failure to fulfil its contractual obligations. Exposure can generally be considered as the value of processing during a merchant’s average delivery period, also referred to as NDX or fulfilment period. Some credit functions may also build in additional margins to the exposure position to cover BAU chargebacks/refunds, the sector, and risk of contagion.

2. Likelihood of failure

Credit risk functions can utilise a range of tools to understand the likelihood of failure, from financial analysis of the merchant and tracking macro and micro economic issues, to utilising external credit ratings or developing an internal rating methodology. It’s often a case that a mixture of all of these techniques proves most successful in tracking the likelihood of failure.

“Termination is often the last resort and can in some instances cause the very thing you are trying to avoid, merchant failure and credit loss.”

Mitigating credit risk

While there is little a payments company can to do to change the likelihood of failure, with a clear appetite for risk the credit risk function can look to reduce exposure across a portfolio to more acceptable levels, which is commonly referred to as risk mitigation. Mitigation can take many forms, with sources of mitigation including, but not limited to, cash collateral, bonding, insurance, trust/escrow arrangements, letters of credit, and guarantees. The profitability of a merchant relationship should also be considered a mitigant.

If securing against a risk is not a viable option, then the clearest way to remove exposure from the portfolio is to terminate a merchant relationship. However, this presents its own risk. Removing payment facilities can often mean the merchant is no longer able to trade or they see a significant impact to their liquidity, especially if they fail to obtain facilities elsewhere. Thus, the merchant may through the action of termination subsequently fail. You may think that upon termination this failure would no longer be an issue to the payment company, but even upon termination the payment company is still liable for the transactions processed previously. As such, termination is often the last resort and can in some instances cause the very thing you are trying to avoid, merchant failure and credit loss.

To discover more about managing risk in payments, or about Paysafe Acquiring, visit our website.