How to Start an ISO: Step-by-Step Legal Guide

March 31, 2026 | By: Max Dilendorf, Esq.

Max Dilendorf, Esq.

Starting an Independent Sales Organization (ISO) in the payment processing industry can be highly profitable. ISOs generate recurring revenue through merchant portfolios and residual payments tied to transaction volume.

But building a successful ISO is not just about signing merchants. It is about structuring a business where you actually control your rights, revenue, and exit options.

As courts and industry practice consistently show, these issues are determined not by sales performance—but by contracts.

Dilendorf Law Firm assist businesses launching ISOs, negotiating processor agreements, and structuring merchant portfolio rights to protect long-term value.

Step 1: Define Your ISO Business Model

Before launching, you need to decide how your ISO will operate, as this decision will shape your growth strategy, risk exposure, and contractual relationships.

Retail ISO

A retail ISO functions primarily as a sales and relationship-driven business. It focuses on sourcing and onboarding merchants, often working with one or more processing partners to place those merchants with the provider best suited to their needs—based on pricing, service, risk profile, or technical integration.

Retail ISOs typically do not control the back-end processing, adjudicate merchant applications, or manage servicing at the processor level. Instead, their value lies in building and maintaining merchant relationships and steadily growing a portfolio through internal sales teams or independent agents.

When structured properly, this model can offer relatively low startup costs and scalable, recurring revenue through residual income.

Wholesale ISO

A wholesale ISO, by contrast, operates at a higher structural level, building and managing a network of sub-ISOs, agents, or referral partners.

Rather than focusing solely on direct merchant acquisition, the wholesale model emphasizes distribution and scale. This approach can accelerate growth but introduces additional legal and operational considerations, particularly around supervision, compliance, and contractual risk allocation.

Choosing between these models is a foundational decision. It determines not only how the ISO acquires merchants, but also how liability is distributed, how agreements with processors are structured, and how the business can scale over time.

Step 2: Form Your Legal Entity

Once you have defined your business model, the next step is to establish the legal entity through which your ISO will operate.

Most ISOs are structured as limited liability companies (LLCs) or corporations, depending on ownership, tax considerations, and long-term business goals.

This step is more than a formality. The entity you choose will serve as the contracting party in your agreements with processors, acquiring banks, and partners. It will also determine how liability is allocated and how profits are distributed.

From a legal perspective, proper entity structuring helps:

limit personal liability for owners and principals
create a clear ownership framework for partners or investors
support future growth, including adding agents or sub-ISOs
facilitate a potential sale of the business or merchant portfolio

In practice, processors and acquiring banks will evaluate the ISO entity itself during underwriting. They may review ownership structure, financial stability, and the backgrounds of principals before approving the relationship.

Because the ISO’s value is tied to contractual rights and revenue streams, forming the entity correctly at the outset is an important step in building a business that can scale and be monetized over time.

Step 3: Secure a Processor or Acquiring Bank Relationship

An ISO cannot operate independently—it must partner with a payment processor and an acquiring bank. This relationship is the foundation of the business, as the processor controls the infrastructure for transaction processing, settlement, and compliance.

To establish this relationship, the ISO must go through underwriting, which typically includes background checks, a review of the business model, and an assessment of risk and compliance procedures.

As recognized in Process America v. Cynergy Holdings, ISOs “[…] solicit merchants […] and provide first-line customer support,” while processors manage the core payment system.

Because processors control access to the network, they also retain significant authority over approval and termination, making this step critical when launching an ISO.

Step 4: Negotiate the ISO Agreement

Once you secure a processor relationship, the next—and most critical—step is negotiating the ISO agreement. This document defines the economic and legal foundation of your business.

The agreement governs key issues such as:

ownership of the merchant portfolio
how residuals are calculated and paid
whether residuals continue after termination
your ability to transfer or sell accounts
termination rights and restrictions

As courts have made clear, these rights are entirely contractual. In Process America v. Cynergy Holdings, the agreement provided that the processor “owns” the merchant agreements, and even where ownership could “vest” in the ISO, transfer remained subject to strict contractual conditions.

This means that the value of your ISO—your residual income and your ability to sell your portfolio—depends directly on how this agreement is structured and negotiated at the outset.

For a more detailed breakdown of key provisions and negotiation strategies, see our article “Negotiating ISO Agreements: Key Tips for Agents & ISOs.”

Step 5: Complete Registration and Network Approval

After entering into an agreement with a processor or acquiring bank, the ISO must complete registration within the card network system. This typically involves sponsorship by an acquiring bank and registration with networks such as Visa and Mastercard.

The approval process includes underwriting and due diligence, where the processor and bank assess the ISO’s ownership, business model, and risk profile. They may also review compliance procedures and the types of merchants the ISO intends to onboard.

Although this step is often viewed as administrative, it is a key control point in the payment ecosystem. Approval can be delayed or denied if the ISO presents elevated risk, and ongoing compliance with network rules is required to maintain the relationship.

Step 6: Build Your Merchant Acquisition System

Once your ISO is approved and operational, the next step is building a reliable system for acquiring merchants. This can be done through a direct sales model or by working with agents and sub-ISOs, depending on your chosen structure.

In a retail model, the ISO develops its own sales channels—through internal teams, marketing efforts, or independent contractors—and manages merchant onboarding directly. In a wholesale model, the ISO scales by recruiting agents or partner ISOs who bring in merchants.

While this stage is focused on growth, it also introduces significant legal risk. The ISO is responsible for how merchants are onboarded and how services are represented. Misleading sales practices, onboarding high-risk merchants, or failing to supervise agents can lead to chargebacks, compliance issues, and potential termination by the processor.

For that reason, successful ISOs treat merchant acquisition not just as a sales function, but as a controlled process with clear guidelines, training, and oversight.

Step 7: Implement Compliance and Risk Controls

At this stage, the ISO must establish basic compliance and risk controls. This includes screening merchants, monitoring chargebacks, and ensuring adherence to card network rules and data security standards.

Even though ISOs are not always directly regulated, processors expect them to manage risk effectively. Weak compliance—especially onboarding high-risk merchants or failing to supervise agents—can lead to termination and loss of residuals.

Step 8: Structure Your Residual Income

Residual income is the core of an ISO business, but it is entirely defined by the ISO agreement. You need to understand how residuals are calculated, when they are paid, and under what conditions they can be reduced or terminated.

Key issues to review include:

how residuals are calculated (percentage, split, tiered structure)
when residuals are paid and whether there are delays or reserves
whether residuals continue after termination
conditions that may reduce or eliminate residuals (e.g., chargebacks, compliance issues)
whether residuals depend on ongoing servicing obligations
any rights of the processor to modify pricing or revenue splits

In many agreements, residuals are tied to merchant activity and continued compliance, and may not survive termination of the relationship. As a result, what appears to be recurring revenue can be subject to significant contractual limitations.

Because these provisions directly affect the long-term value of your business, it is important to review and structure them carefully.

If you are unsure how your residuals are defined or protected, seeking legal guidance can help you avoid costly mistakes. Contact Dilendorf Law Firm to discuss your matter.

Step 9: Understand Transfer Restrictions and Exit Strategy

Many ISO founders plan to eventually sell their merchant portfolio, but the ability to do so depends entirely on the terms of the ISO agreement.

These agreements often include transfer restrictions such as consent requirements, Rights of First Refusal (ROFR), and anti-assignment clauses. As a result, the processor may have the right to approve, block, or match a proposed sale.

Courts enforce these provisions strictly. In Process America v. Cynergy Holdings, the court held that transferring merchant accounts without complying with contractual conditions constituted a breach of the ISO agreement.

For a detailed discussion of how ROFR provisions operate and how they can affect portfolio sales, see our article “Rights of First Refusal (ROFR) in Merchant Portfolio Transfers.”

For this reason, exit strategy should be considered from the outset. The value of an ISO is closely tied to whether its portfolio can be transferred—and on what terms.

Step 10: Avoid Common Mistakes When Starting an ISO

Across the industry, new ISOs often make the same mistakes—many of which only become apparent when the business faces termination, loss of residuals, or a failed sale:

Signing ISO agreements without negotiating key terms
Assuming they “own” merchant accounts without reviewing contract language
Ignoring transfer restrictions and ROFR provisions
Relying on “lifetime residuals” that are actually conditional
Failing to implement proper compliance and risk controls
Scaling too quickly through agents without adequate supervision
Not planning for an exit strategy from the outset

Avoiding these issues early can make a significant difference in whether the ISO ultimately retains value and control over its business.

Contact Us

If you are launching an ISO, negotiating a processor agreement, or planning to sell a merchant portfolio, experienced legal counsel can help protect your rights and structure your business for long-term value.

Dilendorf Law Firm assists and represents Independent Sales Organizations in negotiating ISO agreements, including provisions related to residuals, transfer restrictions, and Rights of First Refusal (ROFR), as well as in structuring retail and wholesale ISO models.

This article is provided for your convenience and does not constitute legal advice. The information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Prior results do not guarantee a similar outcome.