PSP Merchant Onboarding Process Steps in the UK

If you've ever applied for a merchant account in the UK and thought, "Why do acquirers or PSPs need all of this information?" - you're not alone.

The PSP merchant onboarding process is a series of checks and approvals that a payment service provider (PSP) or merchant acquirer must complete before a business can use their payment processing solutions including accepting payment cards, digital wallets, or process online customer transactions.

In the UK, this isn't just best practice - there are regulatory requirements. PSPs are governed by frameworks set out by the Financial Conduct Authority (FCA) under the Payment Services Regulations 2017, as well as being subject to anti-money laundering, counter-terrorist financing, and sanctions obligations under the Money Laundering Regulations 2017.

Together, these frameworks require PSPs and merchant acquirers to carry out risk management-based merchant onboarding, due diligence, and ongoing monitoring before and after go-live.

That means merchant onboarding goes well beyond a simple application form. It involves verifying business details, confirming customer identities and ownership structures, assessing risk based on how the business actually operates, and making sure a merchant's payment processing setup is compliant before a single transaction goes live.

From a regulatory perspective, this also includes safeguarding requirements. From May 7, 2026, the FCA is strengthening safeguarding checks, introducing enhanced governance, reporting, and safeguarding reconciliation requirements — including reconciliations on each ‘reconciliation day’ — alongside existing obligations to safeguard and segregate customer funds.”

In this article, we'll walk through the PSP merchant onboarding process steps in the UK, from the initial merchant application through to final approval and go-live. We'll explain what PSPs are actually checking at each stage, why certain documents are required, and where delays most often happen - so businesses can prepare properly, avoid unnecessary friction, and get up and running faster with an efficient payment processing system.

Content Summary

This blog explains the payment service provider (PSP) merchant onboarding process in the UK, outlining each regulatory, compliance, and technical step required before a business can accept payments.

Merchant onboarding in the UK is often perceived as slow or overly complex, but it is a regulatory requirement supervised by the FCA under the Payment Services Regulations 2017. Anti-money laundering and financial crime obligations also apply under the Money Laundering Regulations 2017.

PSPs must carry out detailed checks to manage risk, prevent financial crime, and ensure compliant payment processing - making onboarding far more than a simple application form.

Key Takeaways:

Merchant onboarding is a mandatory, risk-based process that verifies a business's legitimacy, ownership, and payment activity before any transactions go live.

UK PSP onboarding includes multiple stages: merchant applications, KYC and KYB checks, AML and sanctions screening, website and business model review, risk assessment, contractual setup, technical integration, and final approval.

PSPs assess not only who the merchant is, but how they operate, how customers pay, and what level of risk the activity presents.

Risk classification (low, medium, or high) influences transaction limits, fraud controls, settlement terms, and ongoing monitoring requirements.

Onboarding timelines vary from a few days to several weeks, depending on complexity, industry risk, and the completeness of information provided.

Common delays are caused by incomplete applications, unclear business models, website compliance gaps, inconsistent documentation, or slow responses to follow-up requests.

Merchant onboarding continues after go-live through ongoing monitoring to detect changes in transaction behaviour or compliance risk.

Readers - such as UK merchants, founders, finance teams, or businesses applying for a merchant account - gain a clear, step-by-step understanding of the UK PSP merchant onboarding process, what providers are checking at each stage, and how proper preparation can reduce friction, speed up approval, and support compliant, long-term payment processing relationships.

What is Merchant Onboarding?

Merchant onboarding is how a payment service provider makes sure it really understands the business it's onboarding - before any money starts moving.

For PSPs, this means answering a few fundamental questions early on: Who is this merchant? What do they do? How will they accept payments? And what level of risk does that activity carry? The answers shape everything that follows, from transaction limits and payment methods to monitoring and fraud prevention measures.

In the UK, merchant onboarding is a regulatory obligation. PSPs are required by the Financial Conduct Authority (FCA) to carry out risk management, including checks to verify business legitimacy, customer identity verification, and prevent money laundering or terrorist financing. These checks protect: the PSP, but also the acquiring banks, payment partners, and end customers.

To meet KYC and AML obligations, businesses must gather and submit specific compliance documentation during onboarding, including proof of identity, ownership information, financial statements and other supporting business records.

From a PSP's perspective, it's all about building a complete picture of the merchant's business plan and risk profile - not creating unnecessary friction.

Importantly, merchant onboarding doesn't stop once a merchant is approved. UK PSPs are required to carry out ongoing monitoring, reviewing transaction behaviour and business activity over time to ensure compliance is maintained as they grow and evolve.

Ongoing monitoring is essential to detect changes in transaction patterns or business activity that may indicate increased risk or potential non-compliance.

Done properly, merchant onboarding sets the very foundation for reliable payment processing capabilities, a secure customer experience, and long-term business relationships. Done badly, it creates problems later - often when fixing them is far more disruptive for everyone involved.

PSP Merchant Onboarding Process Steps (UK)

While onboarding can feel complex from the outside, the UK PSP merchant onboarding process follows a logical flow.

Each step answers a different question - and together, they help PSPs decide whether a business can safely and compliantly process payments.

In practice, the full process tends to include pre-onboarding preparation, merchant application and review, compliance and risk assessment, account setup and integration, and ongoing monitoring once live.

1. Merchant Application Submission

The onboarding process starts when a business submits a merchant application to a payment service provider.

This isn't just a formality. The information provided here shapes how the rest of the onboarding process unfolds - including what checks are required, how long approval may take, and whether additional review is needed later.

At this stage, PSPs typically collect:

Core business details (legal entity, trading name, registration number, tax identification number).

A clear description of the merchant's business model.

Expected transaction volumes and average transaction values.

How the business plans to accept payments (online, in-app, via a payment gateway, digital wallets like Apple Pay or Google Pay).

Initial bank account details for settlement.

Any available merchant history, including previous PSP or acquiring bank relationships.

Transaction history, where the business has processed payments before.

PSPs use this information to understand what kind of business they're onboarding, how money will move through the payment platform, and whether there's any existing content that could affect risk assessment or compliance requirements.

A well-completed merchant application doesn't guarantee approval, but it gives the onboarding process a clear starting point - and that makes every step that follows smoother.

2. Business Verification (KYB Checks)

Once the merchant application, financial statements and other documents have been reviewed, the next step is business verification, often referred to as KYB (Know Your Business).

This stage is about confirming that the business behind the application legally exists and operates as described. It's less about risk judgement and more about establishing a reliable, factual baseline before the payment solution can be enabled.

During KYB checks, PSPs typically verify necessary documents such as:

The business's legal registration and status.

Company details such as registration number and registered address.

Trading names and operating locations.

Ownership and control structure, including directors and significant shareholders.

That the business activity matches what was outlined in the application.

Entity verification involves validating information against official sources such as Companies House, supported by documents like Certificates of Incorporation, where required. Much of this happens through automated checks, with manual review stepping in if anything doesn't line up.

3. Identity Verification (KYC Checks)

With the business is verified, the focus then moves to the individual behind it. This is where KYC (Know Your Customer) checks come into play.

At this stage, PSPs need to confirm the identity of the people who own, control, or are responsible for the merchant's payment activity and their business relationships. This isn't about ticking boxes - it's about understanding who ultimately benefits from the financial transactions being processed.

Typically, KYC compliance documentation includes:

Company directors and officers.

Significant shareholders or beneficial owners.

Anyone with meaningful control over the merchant account or settlement bank account.

The merchant onboarding process involves submitting identity documentation and ownership information to meet KYC compliance regulations.

From a merchant's perspective, this is often the hands-on part of onboarding. From a PSP's perspective, it's a critical step in meeting anti-money laundering obligations and ensuring accountability from day one.

4. AML & Sanctions Screening

Once identities have been verified, PSPs carry out anti-money laundering (AML) and sanctions screening.

This step goes far beyond simply checking the business's reputation. It checks whether the business or the people connected to it appear on any sanctions lists, watchlists, or databases linked to financial crime, money laundering, or terrorist financing.

At this stage, PSPs typically screen:

The merchant entity.

Directors, beneficial owners, and authorised signatories.

Relevant jurisdictions linked to the merchant's operations or customer base.

These background checks are largely automated and run against global sanction lists, politically exposed persons (PEP) databases, and adverse media sources. If a potential match is flagged, the digital merchant onboarding application will need further review before onboarding can continue.

This is also the point where enhanced due diligence may be applied. Merchants operating in higher-risk industries, processing larger transaction volumes, or working across multiple regions may be asked for additional information to satisfy compliance requirements.

5. Website & Business Model Review

Once the core compliance checks are underway, PSPs take a closer look at how the merchant actually presents and operates its businesses. This is where the website and business model review comes in.

The goal here isn't design critique. It's about validating that what the merchant says they do, matches what customers will experience when they try to make a payment.

When underwriting merchant accounts, PSPs look at:

The merchant's website or app, including product or service descriptions.

How payments are taken and where customers are directed to pay.

Refund, returns, and cancellation policies.

Terms and conditions, privacy policy, and customer contact details.

Any content that could indicate restricted or high-risk activity.

This step helps PSPs understand the full customer payment journey - from checkout through to settlement and customer satisfaction - and identify any issues that could lead to disputes, chargebacks, or compliance concerns later on.

When a merchant's website clearly reflects their business model and includes the right customer-facing information, this step is usually quick.

6. Risk Assessment & Industry Classification

By this point, the PSP has a full picture of the merchant: who they are, how they operate, and how they plan to accept payments. The next step brings all of that information together into a formal risk assessment.

This part of the merchant onboarding process involves the assessment of the merchant's overall risk profile and assigning an industry classification, which helps determine how the account should be set up and monitored going forward.

Risk is typically assessed across several factors, including:

Industry type and business model.

Expected transaction volumes and average transaction values.

Payment methods and processing currencies.

Geographic reach of customers and operations.

Merchant history and any previous transaction behaviour.

Based on this assessment, merchants are usually categorised as low, medium, or high risk. This classification allows the acquiring bank, PSP or payment gateway to apply the right controls, transaction limits, and monitoring levels from day one.

A higher-risk classification doesn't automatically mean a merchant can't be onboarded. It does, however, mean that additional safeguards may be required, such as tighter fraud prevention measures or more frequent monitoring.

Getting this right ensures the merchant can process transactions in a way that will ensure compliance and business growth, without unnecessary restrictions or surprises once payment processing begins.

This risk-based approach reflects FCA expectations that payment firms apply proportionate controls based on the nature, scale, and complexity of a merchant’s activities.

7. Commercial & Contractual Setup

Once the payment service provider has conducted the risk assessment, the focus shifts to the commercial and contractual side of the relationship.

This is where the practical details are agreed: how the merchant account will operate, what services are included, and the terms under which payments will be processed. It's also where expectations are set on both sides - before anything goes live.

At this stage, the following should be finalised:

Pricing and fee structures.

Settlement schedules and bank account details.

Transaction limits and any risk-based controls.

Supported payment methods.

Contractual terms covering compliance with relevant regulations, chargebacks, and account management.

The contractual side on onboarding is intrinsically linked to the earlier risk assessment. A merchant's industry classification and expected transaction volumes directly influence how the account is configured and what safeguards are applied.

For merchants, this is where everything becomes tangible. You know what you're paying, how quickly funds will settle, and how the payment solution fits into your wider business operations.

Separately, from May 28, 2026, new UK rules introduce additional requirements around termination notices for certain payment services framework contracts, including providing clearer reasons for termination and longer notice periods in specific circumstances.

8. Technical Integration & Testing

The next step is technical integration and testing. This is where the merchant complies and connects their systems to the PSP's payment platform, whether that's through APIs, hosted payment pages, plugins for an online store, or a combination of all three.

Integrating the payment solution into the merchant's existing sales channels only happens after approval, ensuring live payment processing is enabled in a controlled and compliant way.

The goal is to make sure that transaction processing is done reliably, securely, and exactly as expected before anything goes live.

Integrating with a payment company involves:

Integrating PSP APIs or installing plugins for their payment gateway.

Configuring supported payment methods and processing currencies.

Setting up webhooks, redirects, and data analytics reporting tools.

Connecting settlement bank accounts.

Testing the full payment flow in a sandbox or test environment.

Testing is key to ensuring operational efficiency. It allows both the merchant and the PSP to confirm that the transactions are processed correctly, error handling works as it should, and customers' payments move smoothly from checkout through to settlement.

This step also helps to identify any areas that require technical support early, before they impact real customers or live transactions.

Once testing is complete and everything behaves as expected, the account is ready for final approval.

9. Final Approval & Go-Live

The final step in the process is approval and go-live. By this point, the business has passed compliance checks, commercial terms are in place, and technical integration has been tested. The PSP carries out a final review to confirm that everything aligns.

Go-live marks the point where a merchant begins accepting real customer payments, following successful testing in sandbox environments.

Reaching go-live is a big milestone for merchants - but it's also the start of an ongoing relationship with their PSP or payment gateway provider. Clear onboarding, accurate setup, and the right level of support at this stage make a significant difference to long-term performance, customer satisfaction, and business growth.

How Long Does Merchant Onboarding Take in the UK?

There's no single timeframe that applies to every business - and in the UK, that's largely because the merchant onboarding process is risk-based.

Straightforward, lower-risk businesses with clear documentation and a simple payment setup can look forward to a streamlined onboarding experience. Where automated checks are sufficient and minimal additional review is needed, approval and go-live happens relatively quickly - often in just a few working days.

For more complex businesses, onboarding naturally takes longer. PSPs are required to apply different levels of auditing depending on various business characteristics, and that additional scrutiny takes time.

What's consistent across the board is: onboarding moves fastest when information is accurate, complete, and provided upfront. When that happens, PSPs can move smoothly from application through to approval without bottlenecks.

Common Reasons for Delays

When merchant onboarding slows down, it's rarely cautious for the sake of it. In most cases, delays come down to a handful of avoidable issues that surface as checks progress.

Some of the most common causes include:

Incomplete or Inconsistent Information

Missing fields, incorrect tax identification numbers, unclear business descriptions, or details that don't quite align across documents often trigger follow-up questions.

Each clarification adds time, especially once compliance reviews are already underway.

Unclear Business Models

If it's not immediately obvious how a business makes money, how customers pay, or what the end customer experience looks like, the PSP or payment gateway provider will need more detail before moving forward.

Gaps Between Expected & Historical Transaction Activity

Large forecast transaction volumes with little or no processing history aren't necessarily a problem - but they do require explanation.

Without context, PSPs may need additional review before approving an account.

Website Issues

Missing terms and conditions, refund policies, or customer contact information are a common stumbling block.

If a website doesn't clearly reflect the business described in the application, onboarding may pause until this is resolved.

Delays in Providing Documentation

Expired identity documents, outdated company records, or slow responses to follow-up requests can quickly extend timelines, even for otherwise straightforward applications.

The good news is that most of these issues are avoidable. Merchants who understand what PSPs are looking for - and why - tend to move through onboarding far more smoothly than those encountering the process for the first time.

FAQs

Is Merchant Onboarding Mandatory in the UK?

Yes. UK PSPs are required to apply appropriate merchant onboarding, due diligence and risk controls before allowing merchants to process payments, in line with FCA expectations and UK financial crime regulations.

What Documents are Needed for PSP Merchant Onboarding in the UK?

Usually, business registration details, ownership information, identity documents, and basic information about how the business operates.

How Long Does the PSP Merchant Onboarding Process Take in the UK?

Anywhere from a few days to a few weeks, depending on the complexity and risk profile of the business.

Why Do PSPs Review a Merchant’s Website During Onboarding?

To confirm that the business model matches what was submitted and that customers are given clear, compliant information.

What Makes a Merchant ‘High Risk’ During Onboarding?

Certain industries, complex ownership structures, high transaction volumes, or higher fraud exposure can all increase risk.

Can a Merchant Be Rejected During Onboarding?

Yes. If a business can't meet compliance requirements or falls outside a PSP's risk appetite, onboarding may not proceed.

Need a Faster, Clearer Merchant Onboarding Experience?

Merchant onboarding doesn't have to feel slow, unclear, or overly complicated.

At DECTA, we combine regulated acquiring, smart risk management, and straightforward onboarding, so businesses can get approved, go live, and start accepting payments with minimal friction.

Learn more about DECTA's merchant onboarding.