Practice Area
FTC Civil Investigative Demands (CIDs)
A Civil Investigative Demand (CID) usually marks the first formal step in an FTC investigation. In the payments space, the initial response can shape how the FTC views the billing practices, merchant-account activity, transaction data, and processing relationships at issue.
A CID that begins with consumer complaints about billing, refunds, cancellation, or unauthorized charges can quickly expand into a broad review of onboarding records, merchant-account ownership and control, chargeback activity, settlement records, routing decisions, and the movement of funds.
Regulators routinely examine how customers were enrolled and billed, what billing disclosures and confirmations were provided, whether cancellation and refund practices matched those disclosures, how chargebacks and refunds were handled, and how merchant accounts and acquiring relationships were arranged across related entities.
A payments CID is rarely limited to consumer complaints
It can require the company to identify and explain merchant-account ownership, transaction activity, chargeback data, settlement records, and related-entity activity.
Transaction Data and Payment Records
For CIDs involving payment issues, no single party holds the full picture.
Records may sit with:
- Acquiring bank
- ISO or payment facilitator
- Processor or gateway
- Chargeback vendors or monitoring platforms
- CRM and onboarding systems
- Sales agents or outside service providers
Regulators routinely request electronically stored information in native format together with metadata, transaction logs, underwriting files, and historical account files. A CID response often has to identify the relevant systems and custodians and collect these records from multiple sources.
The acquiring bank may control reserve balances and settlement activity, while reserve ledgers, merchant communications, and account-management records may sit with the ISO or payfac. Authorization and settlement data may reside with the processor or gateway, while chargeback and dispute activity may be maintained through third-party vendors or monitoring platforms.
Merchant applications, underwriting materials, onboarding records, and communications concerning merchant-account setup or transaction activity may be spread across CRM systems, onboarding platforms, ISOs, sales agents, and outside service providers.
The FTC may need to review all these records together before it can understand who controlled the accounts, how funds moved, what risks were known, and what the acquiring side understood at the time.
Fragmented Records and Conflicting Narratives
Different participants may characterize the same conduct differently.
Disputes can emerge over why volume moved across certain merchant accounts, who approved onboarding or underwriting decisions, what the acquiring side understood, and why processing relationships changed over time.
One participant may characterize activity across multiple merchant accounts or entities as an effort to obscure risk or avoid monitoring, while another sees the same structure as a response to increased reserves, volume caps, or changes in acquiring relationships.
Those disputes can affect how the CID response is handled. The company may need to locate missing onboarding materials, reconcile CRM notes with underwriting files, and compare processor communications against transaction, chargeback, and settlement data before regulators draw conclusions from an incomplete record.
From CID to Enforcement
Related: FTC Enforcement Actions, Asset Freezes, and Receiverships
Complaints about unauthorized charges, recurring billing, failed cancellations, refund delays, fulfillment problems, or customer support failures can push a CID beyond the original consumer issue. Regulators may then compare the customer-facing offer with the merchant file and processing history for the relevant accounts, including chargeback activity, descriptors, applications, and transaction data.
Processing activity across multiple entities or merchant accounts can draw a separate line of inquiry. Regulators may examine whether volume and routing patterns were consistent with the represented business, whether the entities were actually related or operated independently, and whether the merchant accounts matched the onboarding disclosures.
If the matter escalates beyond the CID stage, emergency litigation may involve TROs, asset freezes, receivership issues, and restrictions on merchant accounts or settlement funds.
Engage Counsel Early
A payments CID is not simply a document request.
The company must respond to the FTC’s demands, but the response also affects how regulators understand the account activity, transaction data, and processing relationships under review.
The response should identify the systems and custodians that matter, preserve account files and transaction data, address gaps in CRM or onboarding records, and put transaction activity, chargeback history, and account-control issues in context.
Early involvement can help prevent incomplete files, isolated comments, or data pulled from different systems from shaping the investigation before the underlying payment activity is understood. It can also help address suspended funds or account-access issues while the CID response is being prepared.
If your business is facing an FTC inquiry tied to payment processing or merchant-account activity, we can help manage the CID process and address related reserve or account-access issues.
