Home » Visa VAMP Explained: New Rules, Thresholds, and Compliance Tips

If you accept online Visa payments, you’ve probably heard rumblings about something called VAMP. Maybe your processor mentioned it in passing, or you got an email full of terms like “portfolio monitoring” and “thresholds.” 

Visa VAMP (Visa Acquirer Monitoring Program) is a new, all-in-one rulebook that changes how Visa measures fraud and disputes across its entire payments ecosystem.

Why should merchants care if this is “acquirer monitoring”? Because when your transactions contribute to higher fraud or dispute levels, your acquirer feels the pressure, and that pressure passes directly to you. 

That can mean new requirements, tighter fraud controls, higher fees, reserve accounts, or — in extreme cases — losing your ability to process Visa payments.

Once you understand how VAMP works, what Visa is measuring, and the new thresholds, staying compliant becomes much easier. And that’s exactly what this guide will help you do.

Quick refresher: How Visa used to monitor fraud & chargebacks

Before VAMP, Visa kept an eye on fraud and disputes using several different programs:

1. Visa Fraud Monitoring Program (VFMP): This program looked specifically at fraud levels—mainly transactions that turned out to be unauthorized. If your fraud rate got too high, you could be placed into a monitoring program that came with extra requirements, fees, and increased scrutiny.
2. Visa Dispute Monitoring Program (VDMP): This was the program that tracked chargebacks. If too many of your Visa transactions turned into disputes, you could land in VDMP. Again, more rules, more monitoring, potential penalties.
3. Legacy VAMP (Acquirer-Level Monitoring): This older version of VAMP focused on acquirers (your payment processor’s bank). It measured overall portfolio risk but didn’t give merchants much insight into how they fit into the picture.

Each program had different ratios, thresholds, and timelines. In total, there were 38 separate remediation processes! 

For merchants, this created a ton of confusion. It was easy to end up in a program without really understanding why. And it was tough for acquirers too — meaning merchants often got mixed signals, or were surprised by stricter rules out of nowhere.

That’s why Visa introduced the new VAMP: to bring all of these older systems together into one unified framework that monitors risk in a simpler, more predictable way.

What is VISA VAMP?

Visa VAMP is Visa’s new, unified system for tracking fraud and disputes across online (card-not-present) transactions.

Instead of separate fraud programs, separate dispute programs, and a maze of escalation steps, VAMP brings everything together. That means:

• One combined metric (the VAMP ratio)
• One set of thresholds
• One remediation path
• One monthly monitoring cycle

This makes it easier for Visa to see the big picture — but it should also make it easier for acquirers and merchants to understand how they’re performing.

Now, VAMP only applies to both domestic and cross-border card-not-present (CNP) VisaNet transactions — basically, online and digital payments. It does not include card-present transactions from physical stores.

Visa tracks three main data points: Fraud reports (TC40), disputes/chargebacks (TC15), and settled transactions (TC05). These are combined into a single ratio that determines your level of risk.

In general, Visa uses these transaction codes to classify different scenarios:

• TC05 = Sale
• TC06 = Refund
• TC15 = Sale that has been disputed
• TC40 = Sale that has been reported as fraud

How VAMP works in practice

The basic idea is simple: Visa checks your numbers once a month and calculates a single ratio that reflects your fraud and dispute levels.

Here’s what that looks like behind the scenes.

1. Monthly monitoring cycle

Every month, Visa pulls data from your acquirer about:

• How many of your online transactions were reported as fraud?
• How many turned into disputes/chargebacks?
• How many card-not-present transactions have you successfully processed?

Visa then plugs these numbers into one formula — the VAMP ratio — to see whether you (or your acquirer’s overall portfolio) are within acceptable limits.

2. Two main metrics Visa tracks

Although Visa uses one main ratio, it actually looks at two areas of risk:

• The VAMP Ratio: It combines fraud + disputes and compares them to the total number of settled online transactions. It doesn’t matter if the fraud and disputes come from lost cards, friendly fraud, subscription billing issues, or anything else — if they’re coded as fraud or become disputes, they count.
• The Enumeration Ratio: This tracks suspicious activity, such as bot-driven card-testing attacks. Even if these transactions don’t turn into successful sales, they can still hurt your performance if Visa sees patterns that look like card testing abuse.

This part matters because enumeration and fraud often go hand in hand. Visa wants acquirers to clamp down on both.

3. How Visa interprets the numbers

Visa uses these ratios to decide whether:

• Your acquirer is Above Standard or Excessive.
• You, as an individual merchant, are Excessive (if your acquirer is otherwise compliant).

If a threshold is crossed, Visa starts a remediation process. That might involve:

• Warning notices
• Requests for corrective action
• Enforcement fees
• Or, in more severe cases, processing restrictions.

What happens if you’re Excessive? 

While the exact steps vary from acquirer to acquirer, most merchants experience a similar pattern. Here’s what typically happens:

1. Increased monitoring by acquirer: Expect more frequent check-ins, requests for data, and closer tracking of your chargebacks and fraud. Some acquirers will move you into a “high-risk” internal category, which means your performance is reviewed monthly (or even weekly).
2. Required remediation plan: Your acquirer may ask you to add or upgrade fraud tools, improve customer communication, fix billing issues, adjust transaction flows, and make policy or operational changes.
3. Stricter account controls: The acquirer might also lower your monthly processing limits, restrict certain transaction types, and delay settlements.
4. Higher fees or penalties: If you stay in the Excessive range, you may face pre-dispute penalties, higher processing fees, rolling reserves, and monthly compliance charges. 
5. Potential termination of Visa processing: If performance doesn’t improve — or if your numbers rise even further — your acquirer may be required to stop processing Visa transactions for your business.

If a merchant shows effort and responsiveness, most acquirers will continue working with them — as long as the merchant can keep their chargebacks in check. 

Unfortunately, many high-risk businesses, due to the nature of their industry and business models, will not be able to match the stricter requirements. If they have not done so already, they are better off switching to a reliable high-risk merchant services provider like SecureGlobalPay to avoid costly freezes or shudowns.

What these changes mean for merchants

In the VAMP world, your acquirer’s compliance status is tied to your performance. If your numbers spike, their ratio goes up — and Visa holds them accountable.

This means acquirers are much more likely to:

• Implement stricter approval and onboarding (more detailed underwriting, additional documentation, and closer scrutiny of high-risk businesses)
• Require tougher fraud and chargeback controls (3-D Secure, fraud detection, velocity limits, clear billing descriptors)
• Flag risky traffic early
• Step in more quickly if they see trouble coming

One of the biggest shifts under VAMP is the importance of keeping cases out of formal dispute status. Tools like Order Insight, Rapid Dispute Resolution (RDR), Ethoca/Verifi alerts, and Compelling Evidence 3.0 will become a must-have.

Calculating and understanding your own VAMP Ratio 

VAMP ratio calculation let’s you answer one simple question: Out of all my online Visa transactions, how many ended up as fraud reports or disputes?

You only need three numbers from your acquirer or payment provider:

1. TC40 (fraud reports)
2. TC15 (disputes; all reasons)
3. TC05 (settled card-not-present transactions)

Once you have those, here’s the formula:

Let us do a quick example.

Let’s say this month you had:

• 40 TC40 fraud reports
• 60 TC15 disputes
• 10,000 settled online Visa transactions (TC05)

Here’s the math:

VAMP RATIO = ((40+60) / 10,000)

VAMP RATIO = (100 / 10,000)

VAMP RATIO = 0.001

That means your VAMP ratio is 1% (or 100 basis points). In VAMP terms, that’s on the higher side depending on your region — so it’s something you’d want to watch closely.

Important nuances to keep in mind for the VAMP calculation:

• Fraud that turns into a chargeback gets double-counted (once as TC40, once as TC15).
• Cases resolved via RDR/CDRN/Ethoca or CE 3.0 don’t count.
• Only CNP transactions are included (card-present fraud/disputes are out of scope).

Most merchants should track their VAMP ratio monthly, at a minimum. High-risk or fast-growing merchants may want to check it bi-weekly or even weekly, depending on volume. If you see your ratio creeping upward, that’s your signal to tighten fraud controls, improve customer communication, or turn on more pre-dispute tools.

Visa VAMP thresholds: What counts as “Above Standard” vs “Excessive”?

Under the new Visa Acquirer Monitoring Program, there are specific ratio levels and case-counts that define when you (or your acquirer) move from “Normal” to “Above Standard”, and from “Above Standard” to “Excessive.” 

For acquirers (portfolio-level)

The rules vary somewhat by region, but the global baseline is:

• Above Standard: VAMP ratio of ≥ 0.50% (50 basis points)
• Excessive: VAMP ratio of ≥ 0.70% (70 basis points)

Once an acquirer hits those levels (and meets minimum monthly case‐counts), they must begin remediation or face enforcement.

For merchants (individual level)

If your own ratio climbs high enough, you yourself may be treated as “Excessive.” Here are the current plus future thresholds for merchants by region:

Merchants must hit minimum volume requirements before they can be classified as “Excessive”. This is done to protect low-volume merchants from being flagged based on a small number of issues.  

Enforcement timeline: When do the new VISArules bite?

Visa isn’t flipping the switch all at once. The rollout of VAMP comes in phases, and each phase changes how seriously Visa — and your acquirer — treat your fraud and dispute numbers. 

Here’s the timeline:

• April 1 – September 30, 2025: Advisory period. Visa begins monitoring VAMP ratios and sending warnings, but no fines or enforcement actions are applied yet. This is the “fix it before it counts” phase.
• October 1, 2025: Excessive-level enforcement begins. Merchants and acquirers that cross Excessive thresholds may face penalties, required remediation plans, and tighter fraud/dispute controls.
• January 1, 2026: Above Standard enforcement begins for acquirers. Visa expects acquirers with elevated ratios to take corrective action and may apply oversight, fees, or stricter portfolio management.
• April 1, 2026: Merchant thresholds tighten in APAC, Canada, EU, and the U.S. The Excessive threshold drops from 2.20% to 1.50%, potentially flagging more merchants unless fraud and disputes are reduced.

How to comply with VISA VAMP 

There is no secret sauce. Your goal is to consistently keep fraud and disputes low. The good news is that most of the steps are things you can implement right away, even without a dedicated risk team.

1. Track your VAMP ratio

First, make sure you have access to:

• TC40 counts (fraud reports)
• TC15 counts (disputes)
• TC05 totals (settled CNP transactions)

Your acquirer or payment provider can give you these monthly. If you can track them weekly, even better — it helps you catch spikes early.

Additionally, make the VAMP ratio a recurring internal KPI. Share it with your fraud team, customer service, billing/operations, and leadership. When everyone watches the same number, decisions become aligned and proactive.

2. Maximize pre-dispute resolution

Anything that prevents a dispute from becoming a formal TC15 helps your VAMP ratio. Make sure you’re using tools like:

• Order Insight (pre-dispute data sharing)
• RDR (automatic refunds to avoid disputes)
• Ethoca & Verifi alerts (stop disputes before they happen)
• Compelling Evidence 3.0 where possible.

These tools dramatically reduce the number of cases that count against you.

3. Strengthen your fraud controls

Fraud that becomes a dispute is counted twice under VAMP, so prevention matters more than ever.

Consider:

• Strong AVS and CVV checks
• 3-D Secure for risky regions or high-value orders
• Device fingerprinting (identifies returning or suspicious devices during online checkout by analyzing browser, network, and device data to help block fraud before it happens)
• Velocity/behavioral rules
• Blocking obvious bot or card-testing patterns.

Even small improvements to your fraud settings can significantly lower your ratio.

4. Monitor for enumeration (card testing)

Card testing can cause sudden spikes in fraud reports, which blow up your VAMP ratio.

Put protections in place, such as:

• Bot detection tools
• Rate limiting (limit retries and rapid-fire attempts)
• Captchas on payment pages
• Monitoring sudden increases in tiny or $0 authorization attempts

5. Fix dispute root causes

Many disputes come from preventable issues like unclear billing, slow delivery, or confusing subscription terms. Some quick wins:

• Use a clear billing descriptor that customers recognize.
• Send order confirmations and delivery updates.
• Offer easy refunds and customer support.
• For subscriptions, send pre-billing reminders and make cancellation simple.

6. Work closely with your acquirer

If you get a warning or advisory notice:

• Respond quickly
• Provide the requested information
• Show you’re taking action.

Acquirers are much more likely to support merchants who communicate and demonstrate progress.

Bonus: Create a checklist

Create a checklist to put all of these steps into action:

• Do I know my current VAMP ratio and trend?
• Do I know my regional Excessive threshold?
• Do I have pre-dispute tools enabled?
• Are bot/card-testing defenses in place?
• Do we know the root causes behind fraud and disputes?
• Do we have a written remediation plan if we get a warning?

How SecureGlobalPay can help 

The reality is that stricter VAMP rules mean some merchants — especially those with higher chargeback or fraud risk — may find themselves pushed off platforms like Stripe, PayPal, or other aggregators that don’t support higher-risk business models. 

If that happens, you do have options.

SecureGlobalPay is built for merchants who need a more flexible, hands-on payments partner. We work directly with higher-risk, fast-growing merchants and provide the tools they need to stay compliant. 

This includes:

• Advanced fraud protection (AVS, CVV, 3DS, device fingerprinting, velocity limits).
• Support for high-risk verticals that large processors often decline.
• Direct integrations with major dispute-prevention systems (Order Insight, RDR, Ethoca, Verifi).
• Personalized monitoring and guidance when fraud or disputes start to climb.
• A modern gateway with real-time reporting and customizable risk settings.

If you’re worried about being restricted or off-boarded by a mainstream platform, SecureGlobalPay offers a stable, scalable payments solution tailored to your needs.

Start the switch today by filling out our online application.