A funding company can not hold an ISO responsible for an irresponsible merchant. In the case where the ISO placed the merchant with multiple companies, then the funder should have a problem with that ISO... But if an ISO places a deal with me and I fund it, and that merchant then goes direct to Pearl and gets a stack, I am not going to go crying to the ISO that they sent me a huckster of a merchant... Also, we are direct lenders here and we rarely ask for bank login. In the last 3 months, I haven't even heard of any merchant being asked for it...