By agreeing to Stripe's terms, you also agree to follow the rules of Visa, Mastercard, American Express, and other card networks, even though those rules are not fully reproduced in the agreement and can change at any time.
This analysis describes what Stripe's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The terms bind Users to card network rules that exist in separate, external documents and that can be modified by the networks at any time, meaning Users' obligations can change without a direct amendment to the SSA itself.
This new provision explicitly incorporates third-party Card Network rules and makes their changes binding without requiring Stripe to modify its terms, shifting compliance burden to users.
View full change record →This provision incorporates card network rules by reference, making businesses responsible for complying with Visa, Mastercard, and other network requirements that are not fully disclosed within the SSA itself, and that can change independently of the SSA's amendment process.
How other platforms handle this
You may not use the Services to: access or use any system without authorization; interfere with or disrupt the integrity or performance of any system, network, or data; or conduct or facilitate any security or vulnerability scan, penetration test, or similar assessment of third-party systems or netw...
To the maximum extent permitted by applicable law, Kit shall not be liable for any indirect, incidental, special, consequential or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly, or any loss of data, use, goodwill, or other intangible losses, resulting ...
We have implemented appropriate technical and organizational security measures designed to protect the security of any Personal Information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technolo...
Monitoring
Stripe has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"By accepting this agreement, you agree to comply with the applicable Rules set by Card Networks (such as Visa, Mastercard, American Express, and Discover). We may share information about you and your transactions with Card Networks and our financial services partners. Card Networks can make changes to their rules at any time, and those changes may affect your ability to use some or all of the Services. Stripe will notify you of material changes to the Card Network rules that affect your use of the Services to the extent we are permitted to do so.— Excerpt from Stripe's Stripe Terms of Service
REGULATORY LANDSCAPE: Incorporation of card network rules by reference in payment processing agreements is a standard industry practice but creates a compliance monitoring obligation that engages both contractual and regulatory dimensions. Card network rules interact with the Electronic Fund Transfer Act, Regulation II (debit card interchange), and applicable state money transmission law. The FTC may have jurisdiction over disclosure practices if network rule changes create material obligations that were not adequately disclosed at onboarding. GOVERNANCE EXPOSURE: Medium. The provision creates an ongoing compliance monitoring obligation: Users must track card network rule changes to maintain compliance, but the agreement states that Stripe will notify Users of material changes only 'to the extent we are permitted to do so,' acknowledging that some rule changes may not be communicated by Stripe. The scope of what constitutes a 'material' change is not defined in the provision. JURISDICTION FLAGS: EU merchants operating under European card network rules (including the EU Interchange Fee Regulation framework) should confirm that the incorporated rules align with applicable EU regulatory requirements. The treatment of American Express and Discover network rules may differ from Visa and Mastercard given their distinct network structures and any applicable regulatory frameworks. CONTRACT AND VENDOR IMPLICATIONS: Procurement and compliance teams should not treat the SSA as a complete statement of payment processing obligations, and should assess whether their business category is subject to specific card network requirements (such as travel industry rules, digital goods rules, or high-risk merchant category codes) that impose additional constraints. The provision that card networks can affect a User's 'ability to use some or all of the Services' through rule changes creates a force majeure-adjacent risk that should be noted in operational risk assessments. COMPLIANCE CONSIDERATIONS: Compliance teams should establish a process for monitoring card network rule updates independently of Stripe's notification obligations, given the limitation 'to the extent we are permitted to do so.' Businesses should verify their merchant category code assignment and assess whether applicable network rules impose additional documentation, disclosure, or operational requirements specific to their industry.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The terms bind Users to card network rules that exist in separate, external documents and that can be modified by the networks at any time, meaning Users' obligations can change without a direct amendment to the SSA itself.
This provision incorporates card network rules by reference, making businesses responsible for complying with Visa, Mastercard, and other network requirements that are not fully disclosed within the SSA itself, and that can change independently of the SSA's amendment process.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Stripe.