Acquirer processors, ISOs and aggregators

What you will learn

  • What issuing banks are
  • What acquiring banks are
  • What merchant accounts are
  • What underwriting is
  • Why a merchant’s credit rating matters for accepting credit cards
  • What card associations are
  • What processors are
  • What ISOs are

What you should read first

Full article

This is part 1 of 6 of the credit card basics article. Here are links to each part:


The goal of this article is to expand on the basic concepts of the merchant and acquiring bank relationship and explain how these two entities are connected in today's payment ecosystem.

Acquirer processors and ISOs

The relationship between acquiring banks and “acquirer processors” is similar to that between issuing banks and issuer processors. The most substantive difference is that servicing a merchant account involves slightly different tasks than servicing a credit card account:

  1. Merchant acquisition: Soliciting merchants to provide them with merchant accounts and developing “point of sale” (POS) solutions.
  2. Account maintenance: Setting up and performing record keeping of merchant accounts.
  3. Card network communication: The electronic communication with card networks.
  4. Merchant customer service: Resolving merchant issues and reporting account activity information to merchants.
  5. Monitoring account activity: Analyzing merchant sales patterns and flagging unusual sales.[1]
Acquirer processor
Acquirer processors are processors that perform merchant related processing functions.
Point of sale (POS)
A point of sale (POS) is the hardware or software where a cardholder's card information is input.

Most acquiring banks and acquirer processors have their own internal sales forces that perform merchant acquisition tasks. These sales forces primarily focus on offering generic payment processing that works for many merchants but not all. Acquiring banks and acquirer processors very frequently outsource a portion of their merchant acquisition tasks to third party organizations called “independent sales organizations” or ISOs. All ISOs need to be approved by the card associations, acquiring banks and acquiring processors that they work with before they can begin selling to merchants.

Independent Sales Organization (ISO)
An independent sales organization (ISO) is an entity that signs up new merchants on behalf of acquiring banks and acquirer processors.

The value proposition of most ISOs is that they tailor payment processing for specific types of merchants or industries for which the generic solution is not good enough. Hospitals, for example, need to keep track of how much a cardholder’s healthcare provider has paid and what remainder should be charged to the cardholder’s credit card. Some ISOs cater to this market niche by providing reports that are tailored specifically to the needs of hospitals.[2] Similarly, web developers want an easy way to set up websites with the ability to accept online payments. Some ISOs cater to this market niche by creating plug-in payment solutions with clearly defined processing rates and an underwriting process that takes minutes, not days.[3] An ISO’s competitive advantage over most acquiring banks' and acquirer processors’ internal sales teams is that they can be more nimble and effective at servicing these specific market niches.

Many acquiring banks and acquirer processors outsource to ISOs because ISOs provide a revenue source that requires very little ongoing investment from the acquiring banks and acquirer processors.

There are two types of ISOs: “retail ISOs” and “wholesale ISOs”. The primary difference between these two types of ISO is the amount of underwriting liability that they take on for the merchants that they sell merchant accounts to.

Retail ISOs do not take on the underwriting liability if a cardholder requests to have their money returned and a merchant is incapable of returning it. Instead the acquiring bank and acquirer processor are the ones that take on this risk and so they give retail ISOs very strict guidelines for the type of merchants that they can sign up and what information they need to collect before a merchant can be underwritten. A retail ISO’s role in the underwriting process is primarily gathering the documents and information that the acquiring bank and acquirer processor needs to underwrite a merchant.[4]

Unlike retail ISOs, wholesale ISOs do take on the underwriting liability for their merchants. The acquiring bank and acquirer processor become responsible if the wholesale ISO cannot return the money on behalf of the merchant. Acquiring banks and acquirer processors try to reduce the likelihood of this happening by mandating that their wholesale ISOs follow certain merchant underwriting processes and annually auditing the ISO to ensure that they are following these predetermined procedures.[5]

Wholesale ISOs frequently get a larger share of the fees that the acquiring bank charges a merchant than a retail ISO because of the additional risk that a wholesale ISO takes on.

Wholesale ISO
A wholesale ISO is an ISO that takes on underwriting liability.
Retail ISO
A retail ISO is an ISO that does not take on underwriting liability.

Wholesale and retail ISOs also frequently outsource sales to independent contractors known as “ISO agents” who re-sell payment processing services on behalf of the ISO.[6]

ISO agent
ISO agents are independent contractors, frequently individuals or small groups of individuals, who re-sell payment processing services on behalf of sponsoring ISOs.

One final nuance to the acquirer processor and ISO ecosystem is what is called an "aggregator". Aggregators are unique from ISOs in that they allow merchants to accept card payments without needing a merchant account or having any direct contractual relationship with an acquirer processor or acquiring bank. An aggregator takes on more of the underwriting risk than a wholesale ISO because the aggregator directly pays the merchant from the aggregator’s own bank account instead of the acquiring bank doing so in the case of a wholesale ISO. Essentially an aggregator acts as a very large merchant that pools funds and then pays out to a number of small sub-merchants. It is this additional risk that has allowed aggregators to have more power to dictate their underwriting processes than a wholesale ISO.

An aggregator is an entity that allows merchants to accept card payments without needing a merchant account or having any direct relationship with an acquirer processor or acquiring bank.

Square is a payments company that uses the aggregator model to provide very small merchants, who traditionally had trouble getting underwritten for merchant accounts, with the ability to quickly and economically accept card payments.

An important nuance with the aggregator model is that if a merchant has more than $100,000 in annual Visa transactions, which usually translates to a little under $200,000 in total annual credit and debit card volume, the merchant must enter into a direct merchant agreement and thus get a full merchant account with an acquiring bank and its acquirer processor.[7]


This article should have provided readers with a strong understanding of the basic structure of the credit card industry. This understanding is by no means exhaustive but it provides enough of a foundation for readers to begin breaking down the mechanics of the industry in more detail. In our next article we explain the fees that a merchant is charged for payment processing.

What you should read next

  • Our "Fees" article which begins with Interchange (Part 1 of 4)


  1. First Data 10-K March 2014 p. 2
  2. Transaction World: Price chopper or value builder
  3. Spreedly: Did Balanced just (inadvertently?) kick off a price war with Stripe?
  4. Transaction World: What is an ISO, really?
  5. Transaction World: Why do ISOs take risks?
  6. Transaction World: Retailing vs wholesaling
  7. Visa expands payment Service provider model