[marshray]

You're begging the false dichotomy here.

Insisting on personal liability for a corporate account is equivalent to denying the account to the corporation.

Bankers would prefer to have you sign away your first born children too (sounds like something out of Dickens). But we've made such practices illegal and there's no evidence that the money supply is suffering for it.

[tptacek]

Help me understand. What you're suggesting is that, simply by having paid a couple hundred bucks to incorporate, regardless of my personal credit, I should be able to establish a merchant account?

[marshray]

Asking to see some personal references and a personal background check is one thing. But requring a 'natural person' to become personally liable for a corporate contract is basically equivalent to denying the corporation.

So maybe the bank is willing to issue the merchant account to the individual with the understanding that it may be used by a corporation. But let's not call it something it isn't.

[tptacek]

You said it earlier: requiring a personal guarantee is indeed the equivalent of denying the account to the corporation. I'm not sure what else there is to talk about, unless you think contracts for merchant accounts should be compulsory.

[Silhouette]

I'm not sure what else there is to talk about, unless you think contracts for merchant accounts should be compulsory.

Completely automatic is obviously silly because of the fraud risk, but a presumption in favour and/or formal restrictions on acceptable criteria for refusal aren't nearly as absurd as you're implying.

We're talking about a very closed industry and a service that, in practice, directly affects people's ability to trade.

We regulate service providers in other essential industries, and they can't deny provision to a customer just because they don't like them. It's part of the deal if you want to operate in those markets.

And there are all kinds of laws to prevent or restrict one-sided deals that inhibit people's ability to trade. There are laws about monopolies and anti-competitive behaviour. The handling of non-compete agreements in employment law would be another obvious example in a slightly different context.

[tptacek]

The "service providers" in those other "essential industries" that can't "deny provision" because they "don't like them" have, as a general rule, been granted monopolies. This is a silly conversation. The system that works the way you seem to want it to is the subject the thread; it's Paypal.

[Silhouette]

No, PayPal is almost the opposite extreme: they do very little in the way of checking up-front, and that's why there can be problems later when their aggressive fraud checks kick in.

I'm not looking for anything so dramatic, just that merchant account providers should recognise that they are dealing with a separate legal entity. Identifying the key personnel is reasonable, and so is wanting to check them against databases of known fraudsters etc. Asking to see financial statements, business plans, projections, etc. is all reasonable too. So is requiring a cautious degree of funds retention until the trading patterns become clear is reasonable. I really don't have a problem with a merchant account provider wanting to know who they're dealing with and to have some confidence that the company is a viable business; that's only fair.

I'm simply arguing that putting members of the company on the hook personally is not fair. If you're going to have companies at all then you have to protect them against such arrangements by law or you've devalued the entire concept and undone whatever benefits you were hoping to achieve in terms of incentivising entrepreneurial behaviour in your economy.

For the record, I'd add demanding direct control of the company bank account as a red flag as well. Aside from the glaring potential for abuse or error by the merchant account provider (for which, by the way, the company directors will once again take the heat), this has obvious implications if the company ever fails: it allows the payment company to grab whatever it decides it's due before the usual legal mechanisms for dealing with corporate bankcrupty get a look in, for example. And what if there's more than one payment service involved? Do they get to race to see who can empty a company's bank account first if anything does go severely wrong?

IIRC the US has a concept of bankruptcy protection to isolate a company that's in trouble if they have a reasonable plan to extricate themselves rather than failing. Not running a business in the US, I don't know all the details, but it seems a reasonable premise. But what happens if that company has signed over direct access to its bank account to a merchant account provider, who is risk averse and doesn't like the chapter 11 filing?

The bottom line is that these are all worst-case, doomsday scenarios, and even if a company is going to fail, it's usually not going to fail out of the blue and to that extent. I think you're obsessing over a fraud risk at the expense of making it much harder for people to run honest companies. If the system is set up in such a paranoid way, it's hardly going to be surprising if legitimate entrepreneurs are put off starting up, obviously leaving a disprortionate number of fraudulent applicants.

[Silhouette]

No, we're suggesting that if you're going to offer a merchant account to a company, your decision and terms should be based on the nature of that company.

You might reasonably do a credit check on the principals, since someone running a company who has a track record of bad debts is obviously a warning sign. Likewise you can check them against the databases of people who've been kicked off payment services before.

But in the end, you should be looking at whether a company has a credible business plan and people who are likely to execute it well. That's apparently good enough for other major financial transactions, including attracting investors and things like company credit cards for principals on the day you open a bank account. How come everyone else in the world can use common sense and make an informed judgement about risk, but merchant account providers can't?

[tptacek]

Ok, and now the answer to that question is, "No, actuarially, we cannot offer you a merchant account backed only by your corporation." Like I said before. Your response is... what? No merchant account for you?

[marshray]

No, I've outlined two other options:

A. The bank offers a merchant account to a party they feel is worthy with the understanding that this party is going to use the account for the corporation.

B. The bank re-evaluates their criteria for merchant accounts and/or develops new products with which to serve the demand for merchant accounts.

But the status quo seems to me like a situation in which an entrepreneur can't start an honest corporation without putting his kids' college savings at risk of highly unpredictable fraud loss. Unless this person is connected to the right people in finance and banking, of course.

Why shouldn't my local tree-trimmer be able to accept credit cards? Like Greece, imagine the uncaptured tax that results from this sector of the economy dealing instead in mostly cash. I don't think this the current system is optimal or fair.

[Silhouette]

But the status quo seems to me like a situation in which an entrepreneur can't start an honest corporation without putting his kids' college savings at risk of highly unpredictable fraud loss.

And to add insult to injury, that kind of risk is entirely the fault of the payment industry itself, for failing to implement sufficiently robust security measures. And yet, the merchant typically carries the risk, not the payment industry.

Perhaps any compulsory refunds should be classified as either based on fraud or based on dissatisfaction, and the card payment services should be required to indemnify the merchant against fraudulent ones provided that the merchant has followed the recommended security steps before completing the transaction.

In fact, I've noticed recently that a few payment services are offering to eat chargebacks based on claims of fraud if an on-line transaction included a test such as Verified by Visa, so this situation may be starting to change, albeit rather slowly.

For losses based on dissatisfaction, it's probably as fair as anything practical to make the merchant carry the risk, but it is extremely unlikely that this kind of chargeback would result in a sudden spike in refunds a long time after the initial payments. It seems reasonable to handle this case via a level of retained funds commensurate with the observed level of loss.

That really only leaves catastrophe-scale events, such as a product having a fundamental flaw where everything dies at midnight on 1 January 2000. But in that case, either the business has the funds to cover the loss (in which case there's no problem and the card services can go to court if the merchant doesn't pay back what they owe) or the business is toast (in which case unless it's a very small business, probably no individual who gave a personal guarantee could do much to cover the costs anyway, and if it was a very small business, there's no substantial danger to the card service companies on the relatively rare occasions that they have to write the client off and eat the loss themselves).

In short, to the individual a piercing agreement may be an existential threat to their way of life, but such agreements make little real difference to the card companies in cases where the problem is not essentially their fault anyway.

[tptacek]

Merchant account providers are not in the insurance business. If you're starting a business and worried that your own product failures are going to bankrupt you, pay for insurance.

It seems to me at this point that we've lost track of what a merchant account provider even does, and that your argument in some way depends on the fact that it's easier for large companies to bear losses than small ones, and so they should bear those losses regardless of who causes them. Why not just say Apple and Walmart should insure all new startups against personal losses at the same time? It's the same argument.

[tptacek]

What does it help that the corporation is going to use the account only for the corporation? How does that cover the bank when the corporation fails to deliver on its promises to customers and then goes bankrupt, leaving the bank on the hook for chargebacks?

[Silhouette]

Ok, and now the answer to that question is, "No, actuarially, we cannot offer you a merchant account backed only by your corporation." Like I said before.

Well, I don't believe that would be the universal answer in most cases, and perhaps where it really is there is a lesson that someone should learn cheaply. But let's assume you're right for the sake of this discussion.

Your response is... what?

That a financial service company with no new clients is not long for the business world.

[tptacek]

This is not a serious argument. It suggests that a simple form of contract between two consenting counterparties should be made unlawful, and then, to get around the fact that this would result in a market where small startups would never be able to get merchant accounts, suggests that the entire payment processing market would either restructure itself or be forced to restructure itself to get around that problem.

No. That's not going to happen. I'll go one further: if you so much as sign your name on a contract the wrong way, for instance by leaving out your title, you can easily create situations in which contracts that individual officers of your company sign bind directly to them; for instance, your VP/Engineering could easily sign a contract with a consulting developer that would leave them personally liable to that consultant if the company went out of business and didn't pay the consultant. The VP/Engineering in that scenario didn't even intend to create a personal attachment, and yet cases like this have been decided against people like that.

Similarly, in some states, payroll obligations --- which are contractual, precisely the type of exposure that limited liability covers --- can automatically pierce corporate liability and bind to the owners of the company.

I think you drastically overestimate the protection afforded by limited liability.

[Silhouette]

This is not a serious argument. It suggests that a simple form of contract between two consenting counterparties should be made unlawful

Which happens all the time, particularly when the parties have unequal bargaining positions, in which case frankly your characterisation of the parties as "consenting" is a stretch at best.

and then, to get around the fact that this would result in a market where small startups would never be able to get merchant accounts

Of course they would. The industry is extremely profitable despite the ever-present risk of fraud, and the rates that merchant account providers charge to start-ups are often at least double what they can get away with for more savvy established businesses. You keep saying that start-ups wouldn't be able to get a merchant account at all if piercing agreements weren't allowed, but you've given no evidence for this and your position defies all logic. As I've argued elsewhere, piercing agreements are unlikely to provide much cover for the merchant account provider most of the time anyway, and I'm quite sure that the people in the industry have concrete figures for things like how often they really have to rely on such agreements and how much of their losses they are really able to recoup in those cases.

suggests that the entire payment processing market would either restructure itself or be forced to restructure itself to get around that problem.

In case you hadn't noticed, the on-line payments industry is restructuring.

For one thing, companies like Stripe are taking traditional merchant account/payment gateway set-ups to the cleaners. Every HN discussion on this topic is full of people who are involved with start-ups bemoaning the lack of alternatives outside the US, and as the new generation of payment companies establishes itself globally, things are only going to get better for merchant-experience-focussed companies like Stripe. The industry giants with their month-plus application processes and hundred-page legalese documents are either going to have to play nicely with the new kids (and I'm betting even a young company like Stripe is already able to negotiate much better terms than their start-up clients could) or lose out in the ever-growing on-line sales market.

Obviously there are already alternatives with different business models like PayPal, and despite the horror stories, they still potentially offer a much better experience to merchants than the old school providers. As offerings from other big names like Google and Amazon improve, and as more companies like Stripe go international, competition will also force PayPal to improve rather than relying on often being the only salesman in town.

And then there's the small issue of companies like GoCardless, who eschew the anachronisms and merchant-hostile terms of the card payment industry entirely. I expect they're going to do pretty well out of that, too.

In short, I think you put way too much faith in dinosaurs. The question isn't if they're going to change, it's only when. The issue for most of us running small companies outside the US right now is just that we're a bit early. I expect in five years time we'll all look back on this conversation and laugh.

The VP/Engineering in that scenario didn't even intend to create a personal attachment, and yet cases like this have been decided against people like that.

I'm not sure what your argument was in that part, but surely you know that as a basic matter of law a contract requires understanding by both parties of what the agreement is, so whatever cases you're thinking of probably weren't as simple as you're suggesting.