Acquiring Bank
What is an Acquiring bank?
An acquiring bank is the regulated financial institution authorized to process credit and debit card transactions on behalf of a merchant. It receives the payment request, sends it to the issuing bank through the card schemes (Visa, Mastercard or Amex), and once approved, settles the funds from its segregated account into the merchant’s business account.
Without an acquirer, neither physical stores nor ecommerce businesses can accept card payments. It is the banking partner that connects the merchant to the global payments network and assumes the financial responsibility for each transaction.
An acquirer is not the same as a PSP (payment service provider). The PSP provides the technology layer. The acquirer is the licensed, regulated entity recognized by the card schemes and is financially liable for every processed transaction.
How an acquiring bank works
Card payment processing follows a flow executed in milliseconds across four actors:
- Initiation: the customer pays with a card through a POS terminal or online gateway. The data reaches the acquiring bank.
- Routing: the acquirer sends the request to the card scheme, which forwards it to the customer’s issuing bank.
- Decision: the issuer verifies identity, balance, and risk level. It approves or declines the transaction.
- Settlement: the response returns to the merchant. If approved, the acquirer settles the funds, deducting the interchange fee and its acquiring margin.
The settlement cycle typically completes within 1 to 2 business days in Spain, depending on contract terms and volume.
Regulatory impact and applicable security
The Directive (EU) 2015/2366 (PSD2) requires strong customer authentication (SCA) for most electronic payments. The European Banking Authority’s RTS define exemptions (low‑value, TRA) that the acquirer may request to reduce friction without compromising security.
In Spain, Royal Decree‑Law 19/2018 transposes PSD2 and regulates the obligations of entities providing acquiring services.
The PCI DSS v4.0 standard applies to any entity that stores, processes, or transmits cardholder data. The acquirer requires merchants to comply with its 12 core requirements, from network security to vulnerability management, and may terminate the contract in case of non‑compliance.
AML/CFT regulations require the acquirer to perform KYC and KYB procedures before onboarding any merchant, verifying identity and risk profile.
Operational advantages and disadvantages
| Aspect | Advantage | Disadvantage |
|---|---|---|
| Network access | Enables acceptance of Visa, Mastercard and other global schemes | Contractual dependency if multi‑acquiring is not implemented |
| Risk management | The acquirer is liable to the schemes for chargebacks | If the ratio exceeds 1%, the merchant may face fines or account closure |
| Settlement | Consolidates all transactions into a single reconciliation flow | Rolling reserves may impact cash flow |
| Compliance | Facilitates integration with 3D Secure and tokenization | PCI DSS and AML/CFT require internal resources from the merchant |
Choosing an acquiring bank is not just about fees. The approval rate depends on the quality of the data the acquirer sends to the issuer and its ability to apply SCA exemptions intelligently. A single percentage point improvement in approvals can represent thousands of euros in recovered revenue for an ecommerce business.
Was this term useful?
Leave a Comment