FAQ

Merchant Risk Questions, Answered.

Short answers to the questions acquirers, risk, and compliance teams ask about transaction laundering, merchant monitoring, onboarding, and card scheme programs.

MERCHANT RISK FAQ
? What is transaction laundering?
? How is it detected?
? What is merchant monitoring?
? What is Mastercard BRAM?

Transaction laundering

What is transaction laundering?

Transaction laundering is when an approved merchant processes card transactions for another, undisclosed business that the acquirer never approved. It also goes by transaction aggregation or factoring. The hidden operation's card volume runs through a legitimate merchant account. Read the full explainer in What Is Transaction Laundering?

How is transaction laundering different from money laundering?

Money laundering disguises the origin of illicit funds across the financial system. Transaction laundering is a specific card-payments form of it. A hidden business processes card transactions through an approved merchant account, so the activity appears to belong to a different, legitimate merchant.

How do you detect transaction laundering?

Transaction laundering detection combines layered signals such as content and MCC analysis, infrastructure overlap, payment-flow verification, and continuous monitoring into a single risk outcome. Verifying the actual 3D Secure routing of a transaction shows whether a merchant's declared payment path is false.

Merchant monitoring and onboarding

What is merchant monitoring?

Merchant monitoring is the ongoing review of merchants in an acquirer's portfolio after they are approved. It checks each merchant's website, content, payment flow, and infrastructure on a regular schedule to catch risks that appear after onboarding.

Why is continuous merchant monitoring important?

Onboarding only checks a merchant at the moment it applies. A merchant that was clean at signup can change behaviour weeks or months later. Continuous merchant monitoring catches that change early, before it becomes chargebacks, a card scheme inquiry, or a regulatory problem.

What does merchant onboarding risk screening involve?

Merchant onboarding risk screening checks a new merchant before approval. It validates the Merchant Category Code against the site's real content, screens against card scheme programs such as BRAM and VIRP and local regulations, and assesses risk before the first transaction.

Card scheme programs and compliance

What is Mastercard BRAM?

BRAM stands for Mastercard's Business Risk Assessment and Mitigation program. It holds acquirers responsible for monitoring their merchants and removing illegal or prohibited content from the Mastercard network, with financial penalties for non-compliance.

What is Visa VIRP?

VIRP stands for the Visa Integrity Risk Program. It sets requirements for acquirers to control high-integrity-risk merchants and prevent illegal activity on the Visa network, with registration rules and fines for breaches.

What is an MMSP?

MMSP stands for Merchant Monitoring Service Provider. It is a provider that monitors merchant websites and payment activity on behalf of acquirers to support card scheme compliance programs such as Mastercard BRAM.

Threats and evidence

What is a mule account?

A mule account is a real bank account used to collect or move funds from illegal activity. In illegal-content payment flows, operators rotate many mule accounts, often opened under shell companies or individuals, to receive deposits.

What is brand abuse in payments?

Brand abuse is the unauthorized use of an institution's name or logo in external channels. In payments, an illegal-content site may show a bank's brand in its payment interface so users believe they are transferring money through that bank.

What is 3D Secure flow verification, and why does it matter?

3D Secure flow verification confirms the real payment path a transaction follows, including the actual gateway, acquirer, and 3D Secure routing. It produces outcome-based evidence rather than relying on what a merchant declares, which matters when a merchant's stated payment setup does not match reality.

About MinRisk

What does MinRisk do?

MinRisk is a merchant risk intelligence platform for banks and acquirers. It covers onboarding intelligence, continuous monitoring, transaction laundering detection, and verified 3D Secure payment flows, using layered open intelligence and no integration with core banking systems. Explore the MinRisk platform.

What is RavenTrace?

RavenTrace is an investigation and reporting service built on MinRisk. It produces institution-specific, evidence-grade reports on illegal-content sites that abuse a bank's IBANs, brand, and payment infrastructure. Learn more about RavenTrace.

Have a question we did not cover?

Request a 30-minute live demo. MinRisk scans a merchant of your choice in real time and walks through the complete risk assessment.

Request a Demo