Visa’s Acquirer Monitoring Program (VAMP) reshapes how payment processors track fraud and disputes. Merchants need to understand these new rules to protect their businesses from account closures and costly fines.
Visa VAMP consolidates fraud monitoring into one comprehensive system that tracks every fraudulent transaction against total sales. If that scares you, then you’re in the right places. Find out how to survive Visa’s new program and keep your business grounded.
Visa VAMP Ratios and Thresholds
Visa launched VAMP to create a unified fraud monitoring system. The program tracks all fraud-related alerts and chargebacks, calculating them as a percentage of total transactions.
This fraud-to-sales ratio currently sits at 1.5% as the threshold merchants cannot exceed. However, Visa plans to lower this limit to 0.9% by January 2026, making compliance even more challenging for merchants with a VAMP ratio approaching these limits.
There is something of a silver lining. Visa provides a three-month grace period for first-time offenders within a rolling 12-month period. This grace period is the time merchants receive to correct their fraud ratios before Visa assesses penalties.
Starting October 1, 2025, when the initial grace period ends, fines will begin if merchants exceed the limits for more than one month. Merchants and acquirers who maintain 12 consecutive clean months receive an additional 3-month grace period if they later enter the program.
What Counts Toward Your VAMP Ratio
Many merchants misunderstand which transactions impact their VAMP ratios.
Visa now counts chargeback alerts like Rapid Dispute Resolution (RDR), Ethoca, and Verifi together with traditional chargebacks. These alerts previously protected merchants from account closures, but they now contribute to the fraud-to-sales ratio.
Business owners need to look past codes labeled “fraud” when calculating their VAMP thresholds. Visa considers multiple reason codes as fraud:
- “cardholder did not authorize”
- “not received”
- “credit not processed”
- “not as described”
All these codes add to the fraud ratio that determines whether merchants with a VAMP ratio exceed acceptable limits.
Why Visa Launched This Program
Visa created VAMP because processing chargebacks and disputes costs processors significant money.
The manual process of reviewing a dispute requires extensive review:
- taking in disputes,
- sending them to the merchant’s bank,
- reviewing responses manually,
- and sending decisions back to the customer’s bank.
Fraud prevention through VAMP helps Visa and processors reduce these costs while protecting the payment ecosystem.
The program (effective as of April 1, 2025) merged previous fraud monitoring programs into one comprehensive system. The consolidation aims to force merchants and acquirers to take fraud and dispute management more seriously.
Essential Strategies for Fraud Prevention
Merchants can implement several practical strategies to avoid VAMP violations.
The first step involves reviewing credit card statement descriptors. Customers who see unfamiliar business names or incorrect phone numbers on their credit cards grace periods often file fraud claims.
Merchants should process test transactions and check how descriptors appear both when authorized and when settled after 1-2 days.
For subscription-based businesses, communication prevents disputes. Merchants should send billing reminders at least five business days before the payment due date. These notifications give customers time to cancel before charges process, preventing fraudulent dispute claims later.
Clear disclosure at checkout eliminates confusion about pricing and billing frequency.
Post-purchase receipts must include complete contact information, subscription management details, and transaction summaries. When customers can easily reach merchants before contacting their bank, disputes decrease exponentially.
Quick customer service responses prevent customers from filing chargebacks, and refunds issued before bank involvement don’t count toward VAMP ratios.
A BETTER, MORE SECURE CHECKOUT
Hardening Your Fraud Controls
Every payment gateway offers fraud prevention tools that merchants should learn to configure properly.
PSPs like Stripe provide Stripe Radar with default rules, but merchants need to customize these settings to match their business models. Common fraud rules include:
- limiting transactions per day per card
- setting maximum amounts per purchase
- restricting countries
- monitoring IP addresses
Address Verification Service (AVS) and CVV checks provide additional fraud prevention layers. For U.S. transactions, merchants should verify that zip codes match.
The enumeration ratio tracks card testing attempts, and proper fraud controls help prevent these attacks that damage VAMP scores.
Three-domain secure (3DS) authentication adds an extra layer of protection. When customers complete 3DS validation, they cannot later claim fraud on that specific transaction. While mandatory for European and UK sales, U.S. merchants can implement 3DS for high-risk transactions or purchases exceeding certain dollar amounts.
SET UP 3DS ON YOUR CHECKOUT PAGE
Using Rapid Dispute Resolution and Order Insight
Rapid Dispute Resolution automatically resolves pre-disputes before they become chargebacks.
Merchants set rules determining which disputes RDR automatically accepts and refunds.
Order Insight provides an earlier intervention point, allowing merchants to share transaction details and receipts when issuers request more information. These disputes resolved through Order Insight prevent fraud alerts from counting against merchants.
Monitoring Your Data and Working with Processors
Merchants should track their VAMP metrics weekly rather than monthly.
More frequent monitoring allows quick corrections before ratios spiral out of control. Merchants should request data dumps of all fraud-coded alerts and chargebacks, then calculate their fraud-to-sales ratio using only Visa transactions.
The cash advance industry and other high-risk sectors face particular scrutiny under VAMP.
These merchants need payment processors with clean portfolios who understand compliance requirements. Having backup payment processors protects businesses if primary processors tighten restrictions to manage their own VAMP exposure.
Preparing for Enforcement
Merchants should prepare documentation folders containing:
- recent ID
- bank statements
- processing statements
- fulfillment agreements
- customer contracts
When processors request information during the enforcement period, quick responses show a high level of transparency and cooperation.
Grace periods typically provide breathing room, but merchants cannot rely on extensions indefinitely. If merchants achieve just one clean month within their 3-month grace period, they automatically exit the program. However, monthly evaluations mean merchants have to maintain constant vigilance rather than waiting for quarterly reviews.
Looking Ahead
Both payment processors and businesses are taking a hit from Visa VAMP.
While thresholds may adjust as Visa monitors the enforcement period starting October 1, 2025, merchants have to prepare now.
Most payment processors don’t yet offer VAMP-ready reporting, making it fundamental for merchants to proactively request their current standing.
Maintaining fraud prevention best practices and monitoring VAMP ratios protects merchant accounts from closure. Merchants who treat VAMP compliance seriously avoid penalties and increase profitability. All while reducing chargeback costs and protecting their payment processing relationships.
Leave a Reply