Perhaps it's the end of the calendar year or maybe it's your fiscal year end, and your organization is prepping for some large donations to come in. It's critical that nothing prevents these gifts from processing properly.
This article is a guide to ensure you are doing all you can to minimize and remove any potential blocks created from your organization receiving larger than average donation amounts.
Evaluating Risk
Your Payment Gateway and Merchant Accounts are the vendors that ultimately transfer a donation into your bank and as such, they are always closely monitoring risk.
For example: Your organization receives a $100,000 donation (#generosity). That donation settles into your bank account, you leverage those funds - life is good! But, then the donor unexpectedly reports that $100,000 donation as fraud. What happens next? That $100,000 will be immediately pulled out of your account and if that full amount isn't available, your Gateway and Marchant are responsible for the balance!
Technology Layers
Let's understand the layers of technology that securely process credit card and ACH gifts.
Layer 1: Security
Every person who visits a RaiseDonors donation form goes through a process where their perceived threat-level is evaluated. As you know, there are plenty of bad actors out in the world who delight in abusing donation forms and attempt to acquire donor data. Assuming the visitor is not a threat - they are allowed to use the donation form.
Layer 2: The Donation Form
RaiseDonors does not impose any upper limit on donation amounts. Those limits are set by your Payment Gateway. So if a donor wants to give $1,000,000 (yep, it does happen!), whether that gift is approved or declined is determined by your Payment Gateway, not RaiseDonors.
Layer 3: Submitting the Donation
Once a donation is submitted, RaiseDonors performs additional threat-level analysis. For security we don't provide additional information around this, but rest assured that RaiseDonors monitors all donations and evaluates changes, anomalies, and threats. When a donation is perceived as a threat, security protocols are triggered.
Layer 4: The Gateway
Assuming a donation makes it through the first three layers, the specific gateway in use (Authorize.net or Stripe) will have various safeguards in place. If the gateway declines the donation for any reason, the donor will receive the decline message and be allowed to re-attempt the donation.
Every gateway has security settings that you can modify that will play an important role in whether donations will be allowed to process.
When adjusting security settings in your gateway, it is possible create scenarios where you end up preventing valid - or even all of your - donations from processing. This is an "art" and you need to closely monitor these settings to find the appropriate balance for your organization.
Authorize.net
Authorize.net has an Advanced Fraud Detection suite of tools which can be configured to the needs of your organization. We recommend reviewing these specific settings:
- Hourly Velocity Filter - Limits the total number of transactions received per hour
- Transaction IP Velocity Filter - Identifies excessive transactions from the same IP address
- Suspicious Transaction Filter - Reviews highly suspicious transactions using proprietary criteria identified by Authorize.Net’s Fraud Management Team
- Amount Filter - Sets an upper dollar amount threshold to restrict high-risk transactions
Stripe
Stripe Radar is a real-time, artificial intelligence monitoring system. We recommend upgrading (it's free!) to Stripe Radar for Fraud Teams, as this product offers tremendous features and control. Review the list of rules in your Stripe account and make any appropriate changes.
Understanding Declines
It is the Gateway, not RaiseDonors, that approves or declines a gift. So to understand a decline, it's important to see what the Gateway has to say about a gift.
If a donor contacts you regarding a declined gift, you can review the message from the gateway by searching for the transaction in RaiseDonors. When reviewing a Transaction there is a section titled, "Gateway Transaction Details" that will display the message from the Gateway. This message will give you insight into what happened. If you need more information about a decline, you'll need to contact your Gateway directly.
Authorize.net provides "error codes". You can look up the error codes on their website:
https://developer.authorize.net/api/reference/responseCodes.html
Layer 5: Merchant account
The merchant account is responsible for determining which payment types are accepted, if the size of the donation falls within normal parameters for your organization and for settling the funds into your bank account.
If a donation has successfully flowed through all five layers discussed in this article, it can still be flagged and declined by your Merchant. These reasons are specific to your Merchant Account and the details of your contract. You'll need to review your contract to understand what risk profiles would trigger a decline.
A common scenario is that a donation will be approved by the Gateway so the donor receives a success message. However, the funds are held for review by the Merchant (meaning they will not deposit funds into your bank account without further validation). The reasoning behind this goes back to the original story at the start of this article about the $100,000 donation. Your Merchant has a profile which includes items such as:
- Monthly Volume (ex: $75,000/month)
- Average Donation Size (ex: $108)
- Largest Donation Size (ex: $22,000)
If the activity in your Merchant Account exceeds these settings, it is common that the funds will not be released into your bank account without additional information.
Because there are literally thousands of Merchant Account providers, you'll need to reach out to your merchant provider directly to take the appropriate next steps.
Here are recommendations for three merchant providers we are familiar with:
- EVO Payments (Credit Card payments)
- Authorize.net (Credit Card and ACH payments)
- Stripe (Credit Card Payments)
EVO Payments
Depending on how much higher the donation is above your profile, the funds may be held until 3 months of bank statements and/or a copy of the donation receipts are provided.
We recommend that you contact EVO as soon as you can to give them a heads up that you are expecting larger than average donation volumes. This will help you get in front of any potential delays in settling the funds.
Keep in mind that if you use EVO, but accept both Credit Cards and ACH Payments - EVO only manages your Credit Card payments. For ACH Payments, you'll need to reach out to Authorize.net.
Contacting EVO
Email: RiskSupport@evopayments.com
Phone: 877-877-3737 option 5
Authorize.net Merchant Services
Depending on how much higher the donation is above your profile, the funds may be held until supporting documentation of the transaction is provided.
If you have ACH services through Authorize.net, then Authorize.net is your Merchant provider for ACH transactions regardless of who processes your CC transactions.
Contacting Authorize.net
Online: https://www.authorize.net/support/
Live Help: Log into Authorize.net and click "live help" from the top navigation.
Phone: 877-447-3938
Support tickets: https://account.authorize.net/UI/themes/anet/ContactUs/support.aspx
Twitter: https://twitter.com/authorizenet
Stripe Merchant Services
Depending on how much higher the donation is above your profile, the funds may be held until supporting documentation of the transaction is provided.
Contacting Stripe
Email: https://support.stripe.com/contact/email
Phone and Live Chat: https://support.stripe.com/
We hope this guide gives you the confidence to proceed into your big fundraising season with clarity and awareness of the payment landscape. You should be better prepared and able to react quickly if anything should occur with large donations.
Helpful Reading
Checkout our blog post, "Astonishingly Easy Way to Avoid this Online Giving Nightmare", that provides a great overview of how to avoid getting large gifts declined.