Payment Processing Agreements: Key Provisions for Retailers, Banks, and Payment Processors

Recording of a 90-minute CLE video webinar with Q&A

Conducted on Thursday, March 11, 2021

Recorded event now available

or call 1-800-926-7926
Course Materials

This CLE course will provide counsel with the tools to understand and negotiate payment processing agreements (PPAs). The panelist will break down the many layers in accepting and processing payments from major card networks down through banks, third-party payment processors, sales channels, and merchants, and provide an understanding of the roles and legal responsibilities of each party on issues relating to regulatory compliance, card network compliance, data security, confidentiality, exclusivity, indemnification, fee structures, discount rates, interchange, and reserves.


Engaging a vendor to provide payment processing services for a retail operation can be a daunting task, especially without an adequate understanding of the complex roles and relationships of those involved in the payments chain.

The merchant is typically presented with a form PPA from its processors. Still, counsel should review and negotiate key provisions relating to compliance with industry standards, data security, confidentiality, use of third parties, reserves, and more. Additional standards and guidelines are often incorporated by reference and should be part of the review.

Among other things, data security is a fundamental issue in PPAs, and a merchant's obligations under PCI Data Security Standards or otherwise may vary depending on the size of its business and the payment types accepted. Contractual liabilities that flow from a data breach often exceed all other financial liabilities, including the cost to defend litigation or regulatory investigation. Target, Eddie Bauer, Intercontinental Hotels, Arby's, and Wendy's are recent examples of companies that have experienced data breaches relating to payment card accounts.

Listen as John L. Barton, Partner at Pillsbury Winthrop Shaw Pittman, discusses standard terms in PPAs, provisions that may be nonnegotiable due to regulatory or network requirements, and the negotiating points that may mitigate the vendor's potential liability.



  1. Payment processing agreements: understanding the parties and their roles
  2. Standard provisions: what you should expect to see in a PPA
  3. Issues for review
    1. Regulatory compliance
    2. Card network compliance
    3. Data security responsibilities
    4. Assignment rights; subcontractors
    5. Confidentiality
    6. Exclusivity
    7. Fee structures (discount rates, interchange, reserves)
    8. Indemnity obligations
    9. Additional terms and conditions incorporated by reference
  4. Data protection: reviewing internal controls to ensure compliance with the PPA


The panelist will review these and other key issues:

  • What are the roles and responsibilities of the banks, card networks, payment processors, and merchants under a PPA?
  • Which provisions in standard form PPAs are problematic for vendors and which are negotiable?
  • What are the parties' obligations concerning data security under the PPA, and how might the merchant limit its exposure?
  • What does the merchant need to understand fee structures and financial liability under a PPA?


Barton, John
John L. Barton

Pillsbury Winthrop Shaw Pittman

Mr. Barton counsels global industry leaders on complex commercial and legal issues that arise in sourcing and...  |  Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video