Merchant Payment

A merchant payment is a card-based payment where money is transferred to a merchant using a credit card, debit card or stored value card, and the beneficiary institution initiates the transfer process. AUSTRAC treats merchant payments and refunds as a travel rule exemption, so you generally do not need to collect or verify payer or payee information for those transfers. The transfer message only needs the card number, which can also be a tokenised reference.

What Is a Merchant Payment in AML?

AUSTRAC explains that a transfer is a merchant payment when the payment is made with a card, the ordering institution issued the card to the payer, and the beneficiary institution initiates the transfer and conveys the instructions to the ordering institution before making the money available to the payee. In practice, this means the card-based payment flow is treated differently from ordinary value transfers under the travel rule.

This exemption is travel rule specific. It does not remove your broader AML/CTF obligations, and card issuers still need to collect and verify payer information as part of initial customer due diligence where relevant.

Why Merchant Payments Matter

Merchant payments matter because they are a common high-volume payment type and the compliance logic is different from standard transfer of value reporting. AUSTRAC says a merchant payment, refund of a merchant payment or ATM cash withdrawal must include the card number in the transfer message, and the card number can include a tokenised reference that allows the card issuer to trace the payment back to the payer’s card.

For reporting entities, the key is correct classification. If you misclassify a payment as a merchant payment when it is not, you can create a travel rule gap. If you classify it correctly, you can keep the transfer traceable while avoiding unnecessary payer and payee data collection for that specific exemption.

Merchant Payment Examples

A common example is a customer paying a retailer with a debit card. In that case, the merchant acquirer initiates the process and the card issuer authorises it, which fits AUSTRAC’s merchant payment treatment.

Another example is a refund to the same card used for the original purchase. AUSTRAC treats refunds of merchant payments under the same exemption logic, so the transfer message still centres on the card number or tokenised reference rather than full payer and payee details.

Legal and Regulatory References

AUSTRAC’s travel rule guidance explains the merchant payment exemption and the minimum transfer message content. The ordering institution guidance says the requirement to verify the specific elements of payer information does not apply to a merchant payment or refund of a merchant payment, while the overview page says these transfers must include the card number in the transfer message.

The beneficiary institution guidance adds that merchant payment services must have policies enabling the institution to provide relevant information to other institutions in the value transfer chain within 3 business days. Beneficiary institutions must also have systems, procedures and controls that support travel rule compliance.

Best Practices for Merchant Payment Compliance

Treat the exemption as travel rule specific only. Keep your normal customer due diligence, sanctions screening and transaction monitoring controls intact. The fact that payer and payee details are not collected for the merchant payment exemption does not mean the transaction is outside AML/CTF controls altogether.

Ensure your systems retain the card number or tokenised reference so the transaction can be traced if requested. AUSTRAC specifically recognises tokenised references as a valid card-number equivalent for tracing purposes.

Train staff to distinguish merchant payments from other value transfers that do require payer and payee information. AUSTRAC’s transfer-type rules differ for general transfers, domestic transfers, multiple transfers, merchant payments, refunds and ATM withdrawals, so correct classification is essential.

Common Challenges

One common challenge is misclassifying non-merchant card flows as merchant payments, which creates avoidable travel rule gaps. Another is poor record keeping around tokenised references, which makes later traceability harder than it should be.

How Tranche 2 Consultants Can Help

At Tranche 2 Consultants, we help you align merchant payment controls with your wider AML/CTF framework through practical support across ML/TF Risk Assessment, Managed KYC Services, AML Training, AML Health Check, AML/CTF Program design, AML Regulatory Reporting, AML Software Selection, and AML Compliance Department Setup. We can help you classify card-based flows correctly, strengthen transfer traceability, and keep your compliance process clear, consistent and regulator-ready.

Concluding Remarks

Merchant payments are a recognised practical exception within the travel rule framework. The compliance focus is correct classification, keeping the card number or tokenised reference available for traceability, and maintaining your wider AML/CTF controls outside the exemption.