evaluation 2026-04-18 10 min read the underwriting desk

Why PayFac aggregators leave you exposed

Share X LinkedIn Reddit HN Email
3-minute scan
  • Aggregator PayFacs bundle thousands of sub-merchants under one master MID for card-brand purposes.
  • One bad sub-merchant anywhere in the pool triggers a risk review that affects every sub-merchant, including yours.
  • You have no direct relationship with the underlying acquirer. When the PayFac cuts you, you have nowhere to appeal.
On this page

    PayFac aggregators — the category includes Stripe, Square, PayPal, Shopify Payments, Checkout.com for certain products, and a long tail of smaller players — serve a critical function: they let a merchant start processing in hours instead of weeks. They achieve this by bundling thousands of sub-merchants under a master MID with a sponsor bank. You never see the sponsor bank relationship. You deal with the aggregator, and the aggregator deals with the acquirer and card brands.

    This architectural choice is why pay-as-you-go processors can onboard you in minutes. It is also why, at scale, they leave multi-brand operators exposed to failure modes that traditional direct acquirer relationships do not have.

    1. The aggregator structure explained

    In a direct acquirer relationship, you have your own MID assigned by an acquiring bank. Your transactions settle from the card network to your MID to your bank account. The card brands see you as a distinct merchant.

    In an aggregator structure, you are a "sub-merchant" under the aggregator's master MID. Your transactions settle from the card network to the aggregator's master MID. The aggregator then settles with you via their ledger. The card brands see only the aggregator as the merchant. Your business is an accounting entry inside the aggregator's books.

    The architectural reality: In an aggregator model, you do not exist to the card networks. The aggregator exists. You are a row in their database.

    2. What this means operationally

    • No merchant account contract with an acquirer — only a sub-merchant agreement with the aggregator.
    • No direct relationship with a sponsor bank you can call.
    • No card-brand registration in your business name.
    • No direct MATCH exposure for your business (technically) — the aggregator is the registered merchant.
    • All risk decisions are made by the aggregator on their own terms.

    This structure works fine until the aggregator's risk team or sponsor bank decides to re-evaluate the pool.

    3. The pool-level risk audit

    Sponsor banks and card brands periodically audit aggregators' sub-merchant pools. When this happens, the aggregator scrambles to clean the pool — dropping sub-merchants that might draw scrutiny. This is when multi-brand operators get surprise-closed.

    The pattern:

    • Aggregator has 100,000 sub-merchants on their master MID.
    • Card brand or sponsor bank identifies concerning pool metrics — elevated chargeback rates, concentrated high-risk verticals, or compliance concerns.
    • Aggregator performs internal pool clean-up, dropping sub-merchants that match the concerning profile.
    • Your multi-brand portfolio, because it includes supplements or CBD or high-ticket subscription, matches the profile.
    • You receive a closure email citing "updated risk policy" or similar.
    • The closure is not a dispute with you — it is aggregator housekeeping. There is no appeal because there was no specific wrongdoing.

    4. The contagion at the aggregator level

    Aggregator-level contagion works like this: when another sub-merchant (not yours) in a similar category gets flagged or investigated, the aggregator tightens policy on that entire category. Your brands in that category — which had no issues — are pulled to reduce pool-level exposure.

    This is structurally different from direct-acquirer risk. If you have your own MID with Fiserv and another Fiserv merchant has a bad quarter, your MID is unaffected. If you are a sub-merchant on Stripe and another Stripe supplement merchant has a bad quarter, Stripe's supplement policy tightens and you may lose access.

    5. The no-direct-recourse problem

    When a direct acquirer closes your MID, you can:

    • Appeal to the underwriter who approved you.
    • Escalate to the sponsor bank.
    • Work through your ISO if applicable.
    • Document the closure for regulatory recourse.

    When an aggregator closes your sub-merchant account:

    • You appeal through the aggregator's support queue.
    • There is no acquirer relationship to escalate to.
    • The sponsor bank will not talk to you because their relationship is with the aggregator, not with you.
    • Regulatory complaints (CFPB, state AG) are ineffective because the aggregator can point to their ToS.

    Your only leverage is public pressure (Twitter, news) or legal action. Neither is fast.

    Recourse depth matters. Direct acquirer relationships have multi-step appeal. Aggregator relationships have one step: the aggregator's policy team.

    6. The funds-hold mechanism at aggregators

    Aggregators hold funds on closure under sub-merchant agreements. Terms are typically 90-180 days. Because the funds are in the aggregator's account, not a segregated merchant reserve, they are:

    • Not insured at FDIC-level as merchant reserves.
    • Not subject to NACHA protections for merchant funds.
    • Held at the aggregator's discretion.
    • Potentially at risk in a bankruptcy-of-aggregator scenario (relevant: Wirecard, Synapse).

    For multi-brand operators, aggregator funds-hold is a concentration risk. If 6 of your 8 brands run on the same aggregator and the aggregator pauses payouts for a pool-level audit, your working capital is gone across most of the portfolio.

    7. Which "aggregators" are aggregators

    To be precise about what we are calling aggregator PayFacs vs not:

    • Stripe Standard — aggregator model.
    • Stripe Connect (Standard, Express, Custom) — aggregator model with sub-merchant structure.
    • Square — aggregator model.
    • PayPal — hybrid (aggregator for standard flow, direct for larger merchants).
    • Shopify Payments — aggregator via Stripe.
    • Checkout.com — hybrid (direct for enterprise, aggregator for lower tiers).
    • Adyen — direct for most merchants (not aggregator).
    • Traditional ISOs with Fiserv/Chase/WorldPay — direct merchant accounts.
    • Specialized high-risk ISOs — direct merchant accounts.

    Direct relationships give you a real MID, a sponsor bank you can name, and contractual recourse. Aggregator relationships give you sub-merchant status and policy discretion.

    8. When aggregator exposure is acceptable

    • Small single-brand operations where the convenience beats the concentration risk.
    • As a secondary/failover rail alongside a direct acquirer relationship.
    • For non-core brands — use aggregators for testing, direct acquirers for established portfolio brands.
    • For purely mainstream categories with no high-risk component anywhere in the portfolio.

    9. What multi-brand operators should do

    • At least one direct acquirer relationship per portfolio, not just aggregator-stack.
    • Orchestration layer that routes between aggregators and direct acquirers based on brand, risk, and volume.
    • Diversify across aggregators if you must use them — do not put all brands on one.
    • Cash flow buffer that can survive a 90-day hold on your largest aggregator account.

    10. If you are all-in on aggregators today

    • Identify the 1-2 brands with highest category-risk exposure. These are your most likely cascade victims.
    • Open a direct acquirer relationship for those brands as insurance. 5-10 business days onboarding.
    • Run parallel flows for 30-60 days, then shift primary volume to direct acquirer for at-risk brands.
    • Keep aggregator rails active as secondary/failover.
    • Build working capital buffer to 90 days of payouts as baseline.

    Apply in 12 questions and we will return a portfolio recommendation that splits aggregator and direct-acquirer exposure appropriately.

    Found this useful? Share it X LinkedIn Reddit HN Email

    FAQ

    But aggregators have better tech — isn't direct acquirer slower and clunkier?
    Traditionally yes. Modern orchestration layers give you direct acquirer rails with aggregator-grade developer experience. The either/or framing is outdated.
    What's the minimum scale to leave aggregators?
    We see the math flip around $2-5M/year per brand. Below that, aggregator convenience usually wins. Above, direct relationships become meaningfully cheaper and safer.
    Do I have to leave Stripe entirely?
    No. Keep Stripe for mainstream single-brand volume. Add direct acquirer for high-risk or portfolio-critical brands.
    Is Adyen a safe alternative?
    Adyen operates as a direct acquirer for most merchants, which is structurally safer than aggregator models. Cost floor is higher — typically $30M+/year of volume justifies Adyen.
    What happens to my funds if an aggregator goes bankrupt?
    It depends on how the aggregator segregated customer funds. Some do, some do not. The Synapse failure in 2024 demonstrated that unsegregated funds can be trapped in bankruptcy proceedings.

    Keep reading

    Orchestration vs aggregation

    Architecture primer.

    Acquirer multi-brand underwriting checklist

    Direct-relationship prep.

    Best holding company payment stacks 2026

    Stack design.

    Running multiple brands?
    multiflow was built for this.

    Start your application How it works

    The Operator Briefing

    Twice-monthly. No fluff.

    Processor shutdowns, reserve-hold playbooks, reconciliation lessons, and the merchant-account decisions that save operators six-figure years. Delivered to your inbox — never spam.

    No spam. Unsubscribe in one click.

    We use essential cookies · Privacy