How to Become a PayFac: A Roadmap for Software Developers
If you have ever considered how to become a PayFac or payment facilitator, you already know that payment monetization is a powerful revenue-generating strategy that’s rapidly picking up steam in the software world. What you may not know, though, is how to get started. We’ve found that the real challenge for most non-payment companies isn’t grasping the PayFac model’s many benefits — it’s knowing what it takes to become a PayFac.
The reality is that building a full in-house PayFac infrastructure can be a complex process. But the good news is that you don’t have to accumulate all this information to become a PayFac overnight. At this point in your PayFac exploration journey, it’s most important to focus on attaining a general knowledge of the setup process. With this in mind, we’ve put together a handy guide with the steps to become a PayFac— a roadmap that lays out the typical path-to-PayFac timeline and SaaS PayFac requirements.
Table of Contents
Step 1: Assess your Payment Monetization Goals and Resources
Step 2: Partner With Financial Institutions
Step 3: Build Out Your Payment Tech Stack
Step 4: Obtain PCI Certification
Step 5: Develop Your Go-To-Market Strategy
Step 6: Decide on Your PayFac Pricing Strategy
Step 7: Manage Day-to-Day PayFac Operations
Step 1: Assess Your Payment Monetization Goals and Resources
Is becoming a PayFac the right move for your business? The answer to this question requires a keen understanding of your business’s goals, budget, and resources. Consider asking yourself the following questions:
- What are my key business drivers?
Do you want to add a new revenue stream? Improve the end-user experience? Expand into new market segments?
- Do I have the budget — both for upfront costs and ongoing maintenance costs — to afford the PayFac model?
Keep in mind that PayFac expenses can vary quite a bit depending on whether you choose to build or buy your infrastructure.
- Do I have enough internal resources to operate as a PayFac?
If you choose to become a PayFac by building a full PayFac infrastructure, you’ll need to staff in-house customer support, development, and risk management teams.
- What is my current (or expected) processing volume?
Knowing the hard numbers for your processing volume will allow you to estimate your return on investment – and the time it’ll take to reap that ROI.
Step 2: Partner With Financial Institutions
You’ve conducted your assessment, and you’re ready to go the PayFac route. Now, it’s time to get started!
One of the first things you’ll need to do to become a PayFac is partner with several financial institutions in order to receive your PayFac status and operate as one. Specifically, you will need to go through a PayFac application process:
- Register with an acquiring bank
- Register with the card brands (Visa, Mastercard, American Express, Discover)
- Decide on a payment gateway (this is only relevant if you won’t be using or developing a proprietary payment gateway).
Step 3: Build Out Your Payment Tech Stack
Payment facilitators, or PayFacs, need to have several platforms and systems in place to facilitate payment processing and manage back-office functions. This typically includes a payment gateway, end-user interfaces, merchant management platforms, and merchant dashboards.
As you develop and license these technologies, you’ll want to make sure that they not only include cutting-edge payment features but can also help you manage a range of operational tasks — such as fraud screening, onboarding, reporting, merchant payouts, and much more.
Step 4: Obtain PCI Certification
Every business that transmits or handles payment information must comply with the Payment Card Industry’s Data Security Standards or PCI DSS. These standards help ensure that sensitive data is kept secure during every step of the transaction process.
Unless you’re already covered by a third-party provider’s end-to-end PCI certification, or your system is out of scope for compliance, you will need to undergo the PCI certification process. Complying with PCI standards involves many steps, such as establishing a secure network, encrypting data, developing an information security policy, and undergoing an on-site audit. Typically, becoming PCI certified takes several months and no less than $50,000.
Step 5: Develop Your Go-To-Market Strategy
To ensure a successful embedded payments launch, your internal teams will need to join forces and craft a carefully thought-out launch strategy. The following tactics are all crucial components of a successful go-to-market strategy:
- Segmenting and defining your target market
- Creating a competitive analysis
- Honing in on your unique value proposition and messaging
- Planning marketing efforts
- Pursuing business development partnerships
- Creating user guides and training materials
- Prepping your internal teams
Step 6: Decide on Your PayFac Pricing Strategy
With a better understanding of your position in the marketplace and overhead costs, the next step to become a PayFac is to decide how to price your payment offering. As you do so, be sure to keep in mind your target market, desired ROI, and the competitive landscape.
Common pricing models include revenue-sharing (if you’re partnering with a third-party PayFac provider), tiered plans, and usage-based pricing.
Step 7: Manage Day-to-Day PayFac Operations
Once you’re operating as a payment facilitator, you’ll need to regularly oversee several core processes to ensure compliance, prevent risk, and satisfy merchants. As the last step in the PayFac journey, this one never truly ends. It consists of:
Compliance with Financial Regulations
In addition to complying with PCI DSS, you’ll need to ensure that your systems, technology, and underwriting guidelines comply with anti-money laundering (AML) laws and the Office of Foreign Assets Control’s (OFAC) regulations. Note that your sponsoring bank and the card networks will regularly request proof of your compliance with these regulations.
Ongoing Risk and Fraud Monitoring
Payment facilitators must constantly ensure that not only are their merchants legitimate and legally operating businesses, but also that their merchants’ transactions are valid and non-fraudulent.
Preventing fraud and risk concerns requires a multi-layered approach, consisting of various procedural systems and technologies. Some necessary practices include:
- Assessing merchant risk before onboarding
To become a PayFac, it’s crucial to create robust underwriting guidelines that utilize Know Your Customer (KYC) and Know Your Business (KYB) criteria to vet new accounts. KYC and KYB guidelines are used in the financial industry to verify customers and map out risk levels.
It’s also a good idea to make sure your new merchants aren’t on the OFAC Sanctions List or the Mastercard MATCH List (Member Alert to Control High-Risk Merchants).
- Monitoring existing merchants’ processing patterns
Even after your merchant has been onboarded, you should continue to monitor their processing activity to detect any suspicious changes in processing behavior that are indicative of fraud. Be sure to use fraud detection tools that can help automate this process for you.
- Effectively managing chargebacks
As the entity that owns the merchant processing account, payment facilitators are held liable for any chargebacks, or customer-filed disputes. To avoid losses from chargebacks, be sure to actively monitor incoming chargebacks, respond promptly, and properly maintain chargeback documentation. Keep in mind that vetting merchant risk before onboarding and screening for fraud go hand in hand with preventing excessive chargeback activity in your portfolio.
Pay Your Merchants
Because transaction funds are routed through the payment facilitator, you’ll need to develop or contract with a third party to ensure that merchants are accurately funded on a set schedule.
Become a PayFac Fast With Pay-Fac-as-a-Service Technology
Becoming a PayFac is clearly lucrative, with the ability to dramatically boost your business’s per-customer revenue and valuation.
But for many companies — such as those with smaller processing volumes or rapid go-to-market timelines — it’s just not realistic to build a PayFac infrastructure by following the above roadmap. Not only does this process typically take several years, but it can cost upwards of a million dollars.
Fortunately, there’s another option for businesses that want to become a PayFac but aren’t ready or able to build a full in-house infrastructure: PayFac-as-a-Service (PFaas).
PFaaS providers equip software companies with out-of-box APIs, end-to-end compliance, and outsourced operational management to become a PayFac. All you need to do is integrate and deploy your PFaaS solution, and the rest is in the hands of your PFaaS provider. No need to shoulder the burden of ongoing compliance, merchant payouts, and chargeback and risk monitoring.
By partnering with a leading PFaaS provider like Exact Payments to become a PayFac, you can offload the complexities of the payment facilitator model while enjoying competitive margins. You’ll be able to embed valuable, customer-friendly features within your platform that boost merchant satisfaction, all while earning a cut of total processing fees.
For a closer look at various build vs. buy considerations for aspiring PayFacs, be sure to check out our white paper, Build Vs. Buy: Becoming a Payment Facilitator Versus PayFac-as-a-Service. Exact Payments is one of the top PayFacs in the industry. If you have questions about the payment facilitator model, how to become a PayFac, or are unsure if it’s the right move for your business, don’t hesitate to reach out to a member of our team!