New Visa Acquirer Monitoring Program (VAMP): What merchants need to know

Visa is making some important changes to its monitoring programs that will affect how global online merchants manage fraud and dispute metrics. Here’s the lowdown.

TL;DR: Starting April 1, 2025, Visa will retire VDMP, VFMP, and the current VAMP and replace them with one enhanced VAMP program. With this update, VAMP introduces a risk metric and its thresholds, which will roll out in two phases. These changes will require merchants to implement a more deliberate approach to dispute and fraud management to stay within the thresholds.

Visa Acquirer Monitoring Program: What’s сhanging?

Come April 1, 2025, Visa is hitting refresh on its approach to fraud and dispute management. It will retire the Visa Dispute Monitoring Program (VDMP), the Visa Fraud Monitoring Program (VFMP) and the current Visa Acquirer Monitoring Program —Visa’s system for managing risk in the payment ecosystem—and combine them into one VAMP program. It will introduce a unified metric that counts both fraud and non-fraud disputes together. 

Under the current rules, Visa thresholds are as follows:

With the updated Visa acquirer monitoring program, more responsibility shifts to acquirers when it comes to managing their merchant portfolios. Visa is stepping up its involvement, too. Representatives may connect with acquirers to go over performance results, offer remediation plans, and answer any questions along the way. To make it easier, Visa has also rolled out a performance dashboard in OneERS, giving clients a clear breakdown of what’s driving their numbers.

New VAMP performance metrics and definitions

The updated program introduces a new transaction count-based metric called the VAMP ratio. This metric combines reported fraud and non-fraud chargebacks into a single measurement, providing a clearer picture of overall risk.

Merchants will also need to account for a criteria called “enumerated transactions”. Similar to brute force attacks, these refer to unauthorized attempts to test payment card details by systematically guessing combinations of card numbers, CVV codes, and expiration dates to identify valid card information.

Here’s how the criteria are calculated:

*In this equation:

1. Fraud transactions (TC40)—transactions flagged as fraud by issuers and reported to Visa;
2. Non-fraud disputes—Visa chargebacks with all reason codes except 10.XX for fraud-related disputes that were processed through Visa;
3. Total sales count—all transactions where the card is not physically present, such as online purchases processed through Visa;
4. Enumerated transactions—transactions, both approved and declined, that are linked to enumeration attacks. 

What is excluded from VAMP Ratio threshold calculations:

• Rapid Dispute Resolution (RDR);
• Cardholder Dispute Resolution Network (CDRN);
• Compelling Evidence 3.0.

Beyond the VAMP Ratio itself, acquirers will still need to monitor key metrics like the Fraud Amount Ratio to stay on top of risk management, regulatory requirements, TRA exemptions, and reputation concerns. With this program, Visa aims to put more responsibility on acquirers to manage their portfolio’s risks.

VAMP program thresholds for acquirers and merchants

The thresholds for the Visa monitoring metrics will change in two iterations: 1 April 2025 and 1 Jan 2026. Here are the updated thresholds for the EU and Northern America:

Non-compliance assessments and enforcement fees

If you exceed the thresholds, you will have a 3 month grace period to adjust your practices without incurring penalties. Starting from the 4th month, the enforcement fees will apply to each dispute (fraud and non-fraud) for merchants and acquirers exceeding specified thresholds. These fines are intended to encourage both acquirers and merchants to behave responsibly regarding fraud and dispute management.

Exit Criteria: A VAMP case is considered closed once the acquirer or merchant brings their performance back under the excessive threshold for the specific activity being monitored.

Advisory period

From April 1 to June 30, 2025, the updated Visa acquirer monitoring program will include an advisory period. During this time, acquirers, including Solidgate, will receive “Advisory” notifications if they or their merchants hit or exceed the program thresholds. Any identifications made during the Advisory Period are not considered a breach of the MP thresholds.

How can you prepare for the Visa acquirer monitoring program?

Overall, this update serves as a reminder for merchants to use Prevention Alerts, as well as have strong monitoring, chargeback management, and antifraud practices in place. To stay in the green, implement the following strategies:

1. Sign up for Prevention Alerts: If your MIDs are leveraging Prevention Alerts, you can reduce fraud & dispute ratios by up to 90%;

2. Set up PayPal Solidgate pre-dispute alerts: PayPal doesn’t cover most early dispute alerts for Visa transactions, leading to increased dispute volume. To avoid exceeding PayPal thresholds, you can set up Solidgate pre-dispute alerts for PayPal;

3. Setup Antifraud solution to fight enumeration attacks: Tools like Solidgate Antifraud help you identify and prevent potentially suspicious or risky activities without blocking legitimate customers;

4. Have clear refund, cancellation, and subscription policies: Having clear and transparent terms of service can save you from numerous payment disputes and help defend your case to the card issuers if a dispute occurs;

5. Make your terms of service agreement easy to find: Provide a full version of your ToS on the checkout page or as a pop-up with a requirement to agree to them before submitting the order;

6. Track shipping: Use carriers and services that provide online tracking and delivery confirmation whenever possible;

7. Keep detailed records of all customer interactions: Having IP addresses, timestamps, email correspondence, and order history can be valuable evidence in case of a chargeback dispute;

8. Immediately refund any payment you’re sure is fraud: Unless you’re covered by some form of liability shift, as with 3D Secure, a proactive refund will save you from increase in chargeback volume, extra fees, and other negative consequences;

9. Remove non-obvious write-offs: Don’t charge people in an ambiguous way;

10. Stay in touch with your acquiring bank: Regular contact will help you stay updated on your chargeback and fraud metrics and give you tips on improving them.