Our underwriting team has reviewed thousands of high-risk merchant accounts across various industries. Through this extensive experience, we’ve identified the most common compliance issues high-risk businesses face when applying for credit card processing. This guide is designed to help high-risk merchants understand the compliance hurdles they must overcome to secure and maintain a viable merchant account.
Let’s take a look at the compliance issues our underwriting team has identified for five high-risk industries: Adult Content, CBD, E-Cigarettes/Vapes, Credit Repair, and Debt Consolidation.
Compliance Tip
When going through the underwriting process with your high-risk credit card processor, maintain full transparency and respond to emails in a swift manner. Never try to hide any compliance issues, as these will be brought to light and can seriously damage your chance of getting your merchant account approved.
The Underwriting Process for High-Risk Industries
The underwriting process for high-risk merchants can be invasive and exasperating for business owners. Providers ask for extensive documentation and carefully scrutinize a business’s operations, financial stability, and reputation to determine whether they are a liability.
This is especially true for industries like debt collection, where the actions of a few unethical players have tarnished the entire sector’s reputation. However, understanding the common compliance issues and preparing the right documentation can make the process smoother and improve your chances of approval.
Here are the key compliance issues our underwriting team encounters across high-risk industries:
Telemedicine Compliance
Telemedicine businesses face significant compliance challenges due to regulatory complexities, high fraud potential, and chargeback risks. Here’s what businesses must address to remain compliant and maintain stable payment processing:
LegitScript Certification and Regulatory Complexities
Telemedicine businesses handling prescriptions and healthcare services must obtain LegitScript certification to demonstrate compliance with state and federal laws. Certification is often required by payment processors and advertising platforms like Google and Facebook.
Regulatory complexities stem from state-specific telehealth laws, HIPAA compliance, DEA regulations, and prescribing limitations. Businesses must ensure they follow all applicable guidelines to avoid fines and legal penalties.
Potential for Higher Fraud
Telemedicine is classified as high-risk due to increased fraud potential. Common fraud issues include:
- Identity fraud – Stolen patient identities used to obtain prescriptions.
- Chargeback fraud – Patients disputing legitimate transactions.
- Prescription fraud – Unauthorized access to medications.
To mitigate risks, businesses should implement identity verification tools, multi-factor authentication (MFA), and fraud detection systems.
Chargeback Management to Avoid High Chargeback Rates
Excessive chargebacks can lead to merchant account termination and higher processing fees. To reduce chargebacks, telemedicine businesses should:
- Use clear billing descriptors to prevent disputes.
- Implement robust refund and dispute policies.
- Utilize AI-driven fraud detection tools.
- Maintain detailed transaction records to defend against chargebacks.
Regulatory Compliance with State, Federal, and Card Brand Requirements
Telemedicine providers must comply with:
- State medical board regulations governing provider licensing and telehealth services.
- Federal laws such as the Ryan Haight Act, which regulates online prescriptions.
- HIPAA requirements for patient data protection.
- Card brand rules (Visa, Mastercard, Amex, Discover) for high-risk merchants.
Failure to comply can result in legal penalties, financial losses, and payment processing restrictions.
Prescribing Prescriptions in States Where the Merchant is Not Licensed
Telemedicine providers must be licensed in the patient’s state at the time of consultation. Prescribing without the proper license can lead to:
- Regulatory violations and legal action.
- State medical board penalties.
- Merchant account restrictions due to non-compliance.
To stay compliant, businesses should use automated license verification and ensure providers are licensed in multiple states.
Prescribing State License Issues (Revoked/Expired)
Operating with an expired or revoked medical license can result in:
- Severe financial and legal penalties.
- Loss of provider credentials and malpractice coverage.
- Reputational damage and service disruptions.
Businesses should implement license tracking systems and require ongoing compliance training to ensure providers remain in good standing.
Corepay Tip
Telemedicine businesses should use real-time identity verification and AI fraud detection to prevent chargebacks, fraud, and compliance issues. corepay offers high-risk payment solutions to help merchants stay compliant with card brand rules, state regulations, and LegitScript requirements.
Debt Collection: Key Compliance Issues
Debt collection agencies face significant underwriting hurdles due to the industry’s reputation and the potential for regulatory scrutiny. Here’s what underwriters typically look for:
- Adherence to Federal and State Laws: Agencies must comply with the Fair Debt Collection Practices Act (FDCPA) and state-specific regulations.
- Excessive Program Costs and Fees: Charging unreasonable fees can lead to legal action and customer disputes.
- Non-Compliance with Card Brand Rules: Merchants must adhere to card network policies to avoid account termination.
- Required Licensing and Accreditations: Debt consolidation businesses must have the appropriate licenses to operate legally.
- Documentation Requirements: Debt collectors must provide licenses, proof of a physical office, and financial stability (e.g., having at least $15,000 in the bank).
- Red Flags for Underwriting: Negative press, high chargeback ratios, financial instability, or other reputational risks.
Corepay Tip: To avoid legal scrutiny, ensure your agency’s contracts and fee structures comply with FDCPA guidelines. Also, regularly review your documentation and licensing to maintain compliance.
Learn more about our Debt Collection Payment Processing Services
Adult Content Industry: Compliance Issues
The adult content industry is one of the most scrutinized sectors in credit card processing. Merchants in this space must navigate a complex web of regulations to avoid penalties and account terminations.
Common Compliance Issues:
- Ineffective or No Content Moderation Policies: Platforms must implement strict content moderation to prevent the sharing of illegal or harmful material.
- Models or Content Creator Verification and Documentation: Merchants must verify the identity and age of all content creators to avoid exploitation and fraud.
- Verifying Third-Party Consent: Content involving multiple parties must have documented consent to avoid legal risks.
- Age Verification Requirements: Some states mandate third-party government ID verification to confirm users are of legal age.
- Adverse or Negative Media Reporting: Businesses in this space are prone to reputational risks from negative media coverage.
- Potential for Higher Chargebacks and Fraud: Adult content merchants experience more chargebacks due to disputes and fraud.
- Compliance with Local, State, and Federal Laws: Merchants must follow all applicable laws to avoid penalties and account terminations.
- Illegal or Brand-Damaging Content: Hosting illegal or harmful content can result in legal action and card brand penalties.
- Adherence to Card Brand Rules: Merchants must comply with specific card network rules or risk account closure.
Corepay Tip: Use third-party age verification tools and maintain a rigorous content moderation policy to reduce the risk of non-compliance and chargebacks.
Learn more about our Adult Content Payment Processing Services
CBD Industry: Compliance Issues
The CBD industry presents significant compliance challenges due to evolving regulations at the federal and state levels.
Common Issues:
- Counterfeit Products: Merchants must ensure their products are legitimate and not imitations.
- Synthetic Derivatives: Some CBD derivatives are banned and may cause compliance issues.
- Farm Bill Non-Compliance: Products must meet the requirements of the 2018 Farm Bill, which legalized hemp-derived CBD with less than 0.3% THC.
- Selling or Shipping to Prohibited States: Merchants must avoid selling products to states where CBD is restricted.
- Compliance with State Requirements: Each state has unique rules regarding labeling, testing, and selling CBD products.
- Deceptive Marketing Practices: Misleading health claims can result in regulatory penalties.
- Manufacturing, Distribution, and Product Testing Regulations: Merchants must meet strict guidelines to ensure product quality and compliance.
Corepay Tip: Stay current on state-specific regulations and ensure all product labels clearly reflect compliance with the 2018 Farm Bill.
Learn more about our CBD Payment Processing Services
E-Cigarettes/Vaping Industry: Compliance Issues
The e-cigarette and vaping industry faces heavy regulatory scrutiny, particularly from the FDA and card brands.
Common Issues:
- Non-FDA Approved Products: The FDA regulates vaping products; merchants must ensure compliance to avoid penalties.
- Age Restrictions: Merchants must implement strict age verification processes to prevent underage sales.
- Youth Appeal and Marketing Practices: Marketing materials must avoid targeting minors to stay compliant.
- Potential for Higher Chargebacks: Vaping products often face high dispute rates due to regulatory concerns and dissatisfaction.
- Evolving Regulations: The vaping industry faces constant regulatory changes, making compliance a moving target.
- FDA Oversight on Labeling and Advertising: Merchants must adhere to FDA rules governing packaging and promotional practices.
Corepay Tip: Implement robust age verification systems and keep up with evolving FDA regulations to stay ahead of compliance issues.
Learn more about our E-Cigarette/vape Payment Processing Services
Credit Repair Industry: Compliance Issues
Credit repair businesses must comply with federal and state regulations to avoid fines and account closures.
Common Issues:
- Adherence to Federal Laws (FCRA & CROA): Credit repair companies must follow strict federal guidelines to avoid regulatory action.
- Deceptive Marketing and Claims: False guarantees or unrealistic claims can result in fines and legal action.
- State Laws: Each state has unique regulations that credit repair businesses must follow.
- Appropriate Bonds or Surety Bonds: Some states require credit repair businesses to carry bonds to protect consumers.
- Non-Compliant Contracts: Contracts must include mandatory disclosures to avoid penalties.
- Higher Chargebacks and Fraud: This industry sees higher chargebacks due to disputes over service results.
- Fraudulent Merchants or Scams: The sector is prone to fraudulent operators, increasing scrutiny from regulators.
Corepay Tip: Ensure all contracts comply with CROA and state regulations. Use clear, non-deceptive language to set realistic client expectations.
Learn more about our Credit Repair Payment Processing Services
What to Expect During Underwriting
High-risk merchants should be prepared for a detailed review of their business practices. Underwriters often request additional documentation, interviews, or clarifications to fully understand the merchant’s operations.
Red flags that may slow down or halt the underwriting process include:
- High or Increasing Chargeback Ratios
- Negative Press or Regulatory Actions
- Financial Instability or Shared Accounts
- MATCH List
The key to a successful underwriting process is transparency. To build trust with your provider, disclose any potential issues upfront.
VAMP & What It Means for Merchant Chargeback Ratios
Visa’s Visa Advanced Merchant Program (VAMP) is an initiative aimed at helping merchants reduce excessive chargebacks and maintain compliance with card brand rules. Starting in April 2025, the VAMP chargeback threshold will be set at 1.5%, with a stricter threshold of 0.9% taking effect from January 2026. Merchants exceeding these limits will be classified as “excessive,” facing increased scrutiny and potential penalties from Visa.
Corepay Tip: Your chargeback ratio has never been more important than it is today. We recommend working with a chargeback prevention company to keep your chargebacks at bay.
Visa Chargeback Thresholds
Visa has established strict thresholds for chargebacks. Merchants exceeding these limits risk fines, increased scrutiny, and potential termination of their merchant accounts.
- Standard Threshold: 0.9% chargeback ratio or 100 chargebacks per month.
- High-Risk Threshold: 0.75% chargeback ratio or 75 chargebacks per month for high-risk merchants.
Exceeding these thresholds can result in merchants being placed in Visa’s Chargeback Monitoring Program (VCMP).
Mastercard Chargeback Thresholds
Mastercard also enforces chargeback thresholds through its Excessive Chargeback Program (ECP). Merchants exceeding these thresholds are subject to penalties and additional scrutiny.
- Standard Threshold: 1% chargeback ratio or 100 chargebacks per month.
- High-Risk Threshold: 1.5% chargeback ratio or 50 chargebacks per month.
Merchants exceeding these thresholds can be categorized as Excessive Chargeback Merchants (ECM) and face financial penalties.
Wrapping Up
High-risk industries must navigate a complex regulatory landscape to comply with credit card processing rules.
If you have any questions regarding compliance, our team would love to hear them. We are confident we can assist with ensuring your company maintains compliance.