How to Vet and Manage Affiliate Subnetworks

Some subnetworks are worth working with. Others will quietly cost you money. The difference usually comes down to what you ask before you approve them, and how quickly you act when something looks wrong.

This guide covers how to assess a subnetwork before letting them in, what to monitor once they're live, and when to remove them.

If you're not yet familiar with what subnetworks are and why they carry higher fraud risk than direct publishers, start with [What Is an Affiliate Subnetwork?] first.

Should You Work with Subnetworks at All?

The honest answer is: it depends on the subnetwork.

Some are genuinely well-run. Skimlinks, for example, operates with strong publisher standards, offers advertisers meaningful transparency, and has exclusive relationships with high-quality editorial publishers you can't access any other way. Working with a subnetwork like that makes sense.

Others are essentially open networks with minimal vetting, aggregate-only reporting, and a compliance process that amounts to "we'll look into it" when you raise a violation. Those aren't worth the risk.

The default shouldn't be to avoid subnetworks entirely, but it shouldn't be to approve them casually either. Treat a subnetwork application with more scrutiny than you'd give a direct publisher, not less. The potential downside is larger because one approval opens the door to an unknown number of sub-publishers.

What to Ask Before Approving a Subnetwork

These aren't box-ticking questions. They're designed to test whether the subnetwork has the infrastructure to actually manage their publishers, and whether they'll be a useful partner when something goes wrong.

How do you vet sub-publishers?

You want a specific answer, not a general one. Do they manually review every application? What do they check? Do they verify that applicants haven't been banned from other programmes? Can they blacklist a specific sub-publisher if you identify one as fraudulent? Ask whether they use any compliance technology to help with this — some reputable subnetworks work with monitoring tools to screen publishers before they're approved.

What tracking parameters do you pass?

At minimum, you need SubID, ClickID, or SiteID visibility — whichever your affiliate network supports. These are the identifiers that let you trace a violation back to the specific sub-publisher responsible. If they can't or won't provide them, you have no enforcement mechanism.

One important caveat: saying they pass these parameters and actually passing them are different things. Many subnetworks agree in principle and don't follow through. Verify it with a test transaction before relying on it, or use a monitoring tool that extracts these identifiers directly from the redirect chain rather than depending on what the subnetwork reports.

Can you provide individual sub-publisher reporting?

Aggregate reporting which shows total clicks and conversions from the subnetwork as a whole — tells you almost nothing useful. You need to be able to see which domains or profiles are driving traffic and sales. Reputable subnetworks can provide this. If they can only show you the top-line number, you're working blind.

How have you handled compliance violations in the past?

Ask for a specific example. How quickly did they act? Did they identify the offending sub-publisher? What was the outcome? A subnetwork that claims to have never had a compliance issue is either very small or not being honest with you. What matters is whether they have a process that works.

What are your terms for sub-publishers?

Ask to see their sub-publisher agreement. Does it explicitly prohibit brand bidding, ad hijacking, and use of unauthorised browser extensions? If their own terms don't prohibit the behaviour you care about, they have no grounds to remove a sub-publisher who does it.

Setting Expectations Before They Go Live

Get your requirements in writing before the subnetwork starts generating traffic. This isn't about being difficult — it's about having a clear basis for action if things go wrong.

Your terms with the subnetwork should cover:

The last point matters. Subnetworks sometimes treat violation reports as negotiations. If they know the consequence of non-compliance is just another warning, there's no real incentive to act quickly.

How to Monitor Subnetworks Once They're Live

Approving a subnetwork isn't the end of the process. It's the beginning of an ongoing oversight requirement.

Check performance against benchmarks regularly. If you have a subnetwork bringing in influencer or content traffic, compare their conversion rates against your direct publisher activity in the same category. Significant divergence — particularly suspiciously high conversion rates — is a signal worth investigating.

Review the sub-publisher mix periodically. Ask for an updated sub-publisher report monthly. You're looking for new additions that raise questions, unexplained changes in which publishers are driving volume, and any domains or profiles that don't look capable of generating the traffic attributed to them.

Monitor for ad violations. A meaningful proportion of the brand bidding and ad hijacking we detect at Marcode routes through subnetworks. Automated monitoring that detects violations and traces them back through the redirect chain to the sub-publisher level is the only reliable way to catch this systematically. Manual spot-checks miss too much.

Watch your brand search terms. Regularly search your brand name and check whether unfamiliar ads are appearing. If a hijacker is operating through one of your subnetworks, those ads often show your brand name in the headline and route through a fake discount site or affiliate redirect.

Red Flags That Should Trigger Removal

Some issues are worth working through. Others mean the subnetwork either can't or won't control their publishers, and there's no good reason to keep them.

Remove a subnetwork if:

Two warnings is the most you should give. Either they have the infrastructure and willingness to act, or they don't. If a violation isn't resolved within a few days of a clear report with all the relevant parameters, you're not dealing with a subnetwork that's in control of its own publishers.

What to Do When You Suspect Fraud but Can't Prove It

This is one of the most common situations we encounter at Marcode: a brand has a subnetwork driving revenue that looks off, but the evidence isn't conclusive enough to act on.

The aggregate reporting shows sales. The conversion rate is high but not impossible. The subnetwork insists everything is legitimate. But something doesn't feel right.

In these situations, the answer is to get into the tracking chain, not to wait for cleaner evidence. Request the SubID and ClickID data for the specific sales in question. Cross-reference the traffic source with what that source could realistically generate. Ask the subnetwork to identify the specific sub-publisher and provide their domain. Then check that domain: does it have real traffic (use a tool like Simiarweb)? Is your brand featured there? Does the content justify the conversion rate?

If the subnetwork can't or won't answer those questions to your satisfaction, that's your answer.

Marcode's ad analysis extracts sub-publisher identifiers directly from the redirect chain when violations are detected, providing the evidence brands need to move from suspicion to action. We're regularly brought in at exactly this stage — when a brand knows something is wrong but needs the proof to act on it.

Whilst we cover search and browser extensions, if the fraudster is using other tactics we won't show it so you need to act when something is obviously wrong.  

Key Takeaways

If you need help detecting violations coming through subnetworks and extracting the evidence to act on them, Marcode can help. We identify ad hijacking, fake discount sites, and browser extension fraud, trace it back to the sub-publisher level, and give you what you need to hold subnetworks accountable.