Victim of Fraud? You Might Be on The MATCH List

Fraud and identity theft are extremely difficult to navigate and undo. This is especially true if your business has become the victim of fraudulent activity and identity theft. One of the worst things that can happen is that your business can be placed on The MATCH List. That’s right—even when it is no fault of your own, you can suffer very severe consequences for fraud and identity theft. If your business has been a victim of fraud and you have been placed on the MATCH List, this article is for you. Keep reading to learn more about the MATCH List, why businesses are placed on it, and how you can successfully win early removal.

What is the MATCH List?

An article by Stripe describes the MATCH List as card networks, such as Visa and Mastercard, operate databases known as Terminated Merchant Files (TMFs) that contain information about accounts that have been closed by credit card processors around the world for high chargebacks or violations of card brand rules.

All payment processors must check these databases when accepting a new user, and must also add merchants to the database if they close the account and it meets TMF criteria. Being placed on a TMF can have serious effects. While they’re only supposed to be informational tools during the account application process, many entities refuse to accept businesses or individuals listed on a TMF. For this reason, it’s important to be aware of TMF criteria and ensure you avoid becoming eligible.

The most common list—and the only one with global reach—is Mastercard’s MATCH, or the Mastercard Alert to Control High-Risk Merchants. In the following sections, we describe how MATCH qualification works and what happens to MATCH entries.

What Information is on The MATCH List?

One of the major downsides of the MATCH List is that it is very comprehensive. There is a lot of information that gets placed on it to ensure that no loopholes can be made as far as opening up another business or changing the business’s name.

The information on the MATCH List includes:

• Business Legal Name and DBA
• Business Address
• Business Phone Number
• Business Tax ID
• Business URL
• Principal Owner Name
• Principal Owner Address
• Principal Owner Phone Number
• Principal Owner Tax ID
• Account Opening Date and Termination Date
• MATCH Reason Code

It may also include any associates and their phone numbers, addresses, and more. This can be very devastating to everyone involved in the business, which is why seeking early removal is essential when it comes to dealing with the MATCH List.

Why Can Fraud Get Me On The MATCH List?

Mastercard and other card networks want to ensure that their customer’s information is as safe as possible. This is one of the major reasons the MATCH List exists so that security is as tight as can be, and there are penalties if it is not. If you are a victim of fraud, that means that there has been a security breach somewhere that you need to patch up. Even though it is no fault of your own that you have become a victim of fraud, there are still things you can do to tighten security to ensure this never happens to you and your business again.

If you follow the security compliance checklist to a T, there should be no breaches in security. However, it does happen from time to time as hackers and criminals become more sophisticated. Unfortunately, the MATCH List does not have a lot of mercy, especially for merchants, which makes security a top priority when it comes to having a merchant account.

Understanding PCI Data Security Compliance

One of the most common reasons that businesses get placed on The MATCH List is through PCI Data Security Non-Compliance. When a business has been placed on The MATCH List due to this reason, it means that ​​the Merchant failed to comply with Payment Card Industry (PCI) Data Security Standard requirements. These exist to ensure the safety and security of card members.

According to Tokenex, the PCI DSS consists of 12 requirements, or demands, each made up of several more specific, related controls for a grand total of more than 300 security checks. For example, PCI Requirement 1 covers the construction and maintenance of a secure network infrastructure. Meeting this overall requirement entails confirming the presence of properly secured firewalls, routers, and other applications to prevent unauthorized access to the cardholder data environment.

What Other Reasons Get You On The MATCH List?

Credit card processors have a standard of rules to follow, which means they must ensure all their merchants adhere to 13 very important codes. If a merchant breaks one of these codes, they will likely be placed on the MATCH List so that the processor does not get penalized. The 13 reason codes for being placed on the MATCH List include:

The 13 reasons your business may have landed on the MATCH List include:

1. Account Data Compromise
2. Common Point of Purchase
3. Laundering
4. Fraud Conviction
5. Excessive Chargebacks
6. Excessive Fraud
7. Mastercard Questionable Merchant Audit Program
8. Bankruptcy/Liquidation/Insolvency
9. Violation of Standards
10. Merchant Collusion
11. PCIDSS Non-Compliance
12. Illegal Transactions
13. Identity Theft

Can I Still Run My Business While On The MATCH List?

When you are placed on the MATCH List, it means you cannot use your merchant account for a period of five years. This can be a death sentence to many businesses and can be very devastating to families and livelihoods. Luckily there are ways to still run your business while you are on the MATCH List and seeking removal. These include:

1. Accepting cash only. You can become a cash business, even temporarily, while you are seeking removal from the MATCH List. However, this can put a sour taste in new customers’ mouths, and people rarely carry cash these days.
2. Finding a high-risk processor. There is a chance you can find a new processor to work with you and grant you a merchant account to use. However, these high-risk processors often come with very long contracts and high fees that cut into your profits significantly.

How Can I Get Off The MATCH List?

There are only two ways you can get off the MATCH List. They are:

1. Wait out the five-year waiting period. The penalty for breaking a reason code on the MATCH List is that your business remains on it for a maximum of five years. After five years is up, you are aged out of the list, and all traces of you having been on it are gone. Then, you can go back to business as usual. However, as mentioned, this can be extremely difficult for most businesses to endure.
2. Seek early removal with professional help. It is possible to get early removal from the MATCH List quickly so that you do not have to wait out the five-year period. However, credit card processors are notoriously difficult to work with on this issue, because they have a standard of rules to follow as well. Luckily, professional help with TMF Law can help you navigate these waters and get back to business.

Early MATCH List Removal with TFM Law

The MATCH List is devastating and difficult to get removed from early. This can be especially heartbreaking when you, yourself, are a victim of fraud or identity theft. These crimes can cause large tidal waves of headaches, bad consequences, and hardship, including being placed on the MATCH List.

If you have found yourself on the Match List, we can help you. The Law Offices of Theodore Monroe focuses on litigation and counseling in the areas of payments, credit card processing, e-commerce, direct response marketing, and Federal Trade Commission enforcement. Last year the firm got 100% of the people who came to us off the MATCH list.

Theodore F. Monroe, Founder of TFM Law, has successfully:

• Represented merchants recovering funds from processors
• Structured processing relationships to comply with Card Brand requirements
• Drafted and negotiated contracts involving payment facilitators and ISOs
• Represented continuity merchants in compliance and litigation issues
• Fought for numerous companies in suits brought by the Federal Trade Commission and obtained excellent results for firms in the digital products, loan modification, government grant, and nutraceuticals industries

Before opening his firm, Mr. Monroe practiced law with Crosby, Heafey, Roach & May (now Reed Smith LLP) and Lewis, D’Amato, Brisbois & Bisgaard (now Lewis, Brisbois, Bisgaard & Smith), where he defended numerous accounting and law firms in professional liability actions, and insurance carriers in bad faith actions.

Before becoming a lawyer, Mr. Monroe worked as a forensic accountant at Coopers & Lybrand, which provided him a background in forensic accounting and financial analysis that is unique among litigators in Los Angeles. Mr. Monroe studied at Duke University Law School, achieved a BS with Honors, Accounting, University of Kentucky, and is a member of the California State Bar and the Kentucky State Bar.