MATCH List? Is that a dating app?
Published on December 8, 2025 by Peter Hawkins
What is the MATCH List and why should you care about it? The MATCH (Member Alert to Control High-Risk Merchants) List is a database populated with businesses that match 1 of 14 very specific reason codes, see table 1 below. And when a business is on this list, they will find that regular credit card processing accounts are not available to them. Those businesses, if they can get an account at all, will have to deal with high risk credit card acquirers, which translates to high rates and very restrictive processing rules.
The first time that I was exposed to the MATCH list in my career happened shortly after I started in the industry. We were attempting to get a new credit card processing account for a merchant and the business came up as a match on the then Terminated Merchant File (TMF), the precursor to the MATCH List. So, our bank declined to board this business. After a little digging, we found out that the business had had a merchant account years ago and the acquirer placed him on the TMF because of money owed. The acquirer was using the TMF as a collections tool. In this case, the merchant settled his bill, was removed from the TMF, and moved on.
This was an abuse of the system which was not supposed to be used as a collection tool. However, there was poor oversite by the card brands and some of the acquirers were not strict about allowed use. So, this type of scenario happened more often than expected.
Fast forward a dozen years. The card brands have revamped the system to be more codified, and MasterCard now operates the database that is the MATCH List. The intent of the list is to identify merchants that (1) have the potential to harm the reputation of the card brands, or (2) flagrantly and repeatedly disregarded the terms of service in their agreement, or (3) could cause serious financial harm to the credit card ecosystem. Towards this end, an acquirer may only place a business on the MATCH list if it clearly meets one of the submission codes in table 1 below. And, by the rules and regulations of the card brands, an acquirer is required to place a business on the MATCH list if at the time they terminate an acquiring relationship the business matches any of the reason codes in table 1.
By extension, while it is more regulated to place a business on the MATCH List, it also is more regulated to remove a business before the five-year term is up. To remove a business, an acquirer has only two options; the merchant was originally put on through error, or the merchant was put on for not meeting PCI Standards (code 12) and has since become PCI compliant. As you can probably guess, acquirers are very conservative in submitting merchants for inclusion on the MATCH List in today’s environment.
Years later I was exposed to the MATCH list a second time. One of my customers was dealing with his first chargeback. I got him started and gave him contact information. The risk department of the acquirer helped him to understand the overall process. Unfortunately, the business owner had a problem with the concept of chargebacks and was argumentative from the start. During the four-month process of working with risk, the owner reversed the ACH debits from the acquirer three times, repeatedly questioned the accounting of the acquirer (for which he was provided reports on each occasion), and finally told a supervisor at the risk department that he would never pay them for the lost chargeback in very colorful language. At this time the merchant was informed that he could lose his ability to accept credit cards if he chose to continue down this path. The merchant hung up. The acquirer terminated his account and submitted him to the MATCH List.
Why go over this when, by my own experience, it is a very rare occurrence? Rare does not mean businesses are never placed on the match list. The credit card processing as an industry is an oligarchy. The card brands have a set of rules that they expect all to abide by, and as a group they enforce these rules. Therefore, if you or anyone you know ever is informed, they could lose the ability to process credit cards my advice is to slow down and work with the acquirer to resolve the issue. It might be an error or an issue with an easy fix! And, losing the ability to process credit cards through a normal merchant account can be costly.
Table 1, Match List Submission Reason Codes
| MATCH Reason Code | Detail | Description |
| 01 | Account Data Compromise | A situation that either directly or indirectly results in unauthorized access to or disclosure of account data. |
| 02 | Common Point of Purchase (CPP) | Account data is compromised by the merchant, then used to complete fraudulent purchases at other merchant locations. |
| 03 | Laundering | The merchant presented transaction records to the acquirer that were not valid transactions of sales of goods or services between the merchant and a bona fide cardholder. |
| 04 | Excessive Chargebacks | The number of chargebacks in any single month exceed 1 percent of sales transactions in that month, and those chargebacks totaled $5000 USD or more. |
| 05 | Excessive Fraud | The merchant experiences fraudulent transactions of any type meeting or exceeding the minimum reporting standard of a fraud-to-sales dollar volume ratio greater than 8 percent in a calendar month, and the merchant experienced 10 or more fraudulent transactions totaling more than $5000 USD in a calendar month. |
| 06 | Reserved for Future Use | – |
| 07 | Fraud Conviction | The principal owner or partner of the merchant was convicted of criminal fraud. |
| 08 | MasterCard Questionable Merchant Audit Program | The merchant fulfills the criteria set forth in the MasterCard Questionable Merchant Audit Program. |
| 09 | Bankruptcy/Liquidation/Insolvency | The merchant either is unable or will likely become unable to meet its financial obligations. |
| 10 | Violation of Standards | The merchant violated one or more standards and procedures required in transactions where payment cards are used. |
| 11 | Merchant Collusion | The merchant participated in fraudulent and collusive activity. |
| 12 | PCI Data Security Standard Noncompliance | The merchant did not comply with Payment Card Industry (PCI) Data Security Standard requirements. |
| 13 | Illegal Transactions | The merchant participated in illegal transactions. |
| 14 | Identity Theft | The identity of the merchant or its principal owner were unlawfully assumed to unlawfully enter into an agreement. |
