The Green Sheet Online Edition
April 13, 2026 • 26:04:01
VAMP turns one as acquirers reassess risk
Visa launched the Visa Acquirer Monitoring Program (VAMP) on April 1, 2025, a global initiative aimed at curbing fraud, disputes and enumeration attacks that account for more than $2.5 billion in annual losses, according to Paul Fabara, chief risk and client services officer at Visa.
Designed to push risk management toward earlier intervention, the program's core ratio measures card-not-present fraud and disputes across Visa's domestic and cross-border networks:
VAMP Ratio = Count of [Fraud (TC40) + Disputes (TC15)] ÷ Count of Settled Transactions [TC05]
Fabara gave VAMP an enthusiastic review in a March 12, 2026, blog, "What's possible when the payments ecosystem moves together on security," noting that nearly half of participating acquirers improved risk performance within a quarter of implementing the guidelines.
"For acquirers, improved risk performance is translating into higher approval rates and a payment volume growth rate that was more than double that of the broader ecosystem, reinforcing that sound controls and strong business outcomes go hand in hand," Fabara wrote.
One year in, VAMP is already reshaping how acquirers measure and manage risk. With additional updates taking effect April 1, 2026, The Green Sheet sought perspectives on VAMP deployments from payments industry experts.
Lower thresholds, higher penalties
Experts noted that in October 2025, Visa began penalizing merchants whose disputed and fraudulent transactions exceeded its 2.2 percent threshold, charging $8 per disputed transaction. A year later, Visa lowered the threshold to 1.5 percent in the United States, Europe, Canada and Asia-Pacific regions.
Visa also changed how it evaluates acquirer risk, moving from legacy programs like the Dispute Monitoring Program (VDMP) and Fraud Monitoring Program (VFMP), which assessed risk by merchant category, to a portfolio-wide approach. Under the new guidelines, acquirers are classified as "Above Standard" when disputes exceed 0.5 percent and "Excessive" at 0.7 percent of total transactions.
Colin Martin, co-founder and chief operations officer at RouteSense, said high-risk merchants now carry greater weight within an acquirer's portfolio. "Under VAMP, Visa is evaluating fraud and dispute ratios at the acquirer portfolio level," he said. "A single high-risk merchant can put their entire acquiring relationship in jeopardy."
Martin added that merchants that lose their accounts may face fines, reserve requirements and potential placement on the Member Alert to Control High-Risk Merchants (MATCH) list, a Mastercard database of businesses flagged for policy violations, excessive chargebacks or fraud.
James Huber, managing partner at Global Legal Law Firm, put it bluntly: "If a merchant ignores VAMP, the risk is concrete: higher fees, tighter controls and eventually losing their ability to run cards. ... These consequences escalate quickly. You're looking at per-dispute penalties, forced remediation plans, volume caps, rolling reserves or early termination if the ratios don't improve fast enough."
Continuous monitoring mandates
By collapsing risk into a single portfolio score, VAMP has challenged organizations to rethink how they manage exposure, according to Adam Riley, sales director at ChargebackHelp.
"The biggest risk is that VAMP combines fraud and disputes into a single ratio," Riley said. "Issues like poor customer experience or unclear billing can now push merchants into monitoring programs just as much as fraud."
Huber said merchants can no longer treat risk as a periodic review but must manage it continuously as part of daily operations. "VAMP is basically Visa's way of saying, 'If you want access to our network, everyone in the food chain has to care about risk, not just the fraud team,'" he said.
Martin noted that a single transaction can generate both a TC40 fraud report and a TC15, Visa's transaction code that's triggered when cardholders initiate disputes, effectively making one isolated event count twice against a merchant's ratio. "In this competitive landscape with razor-thin margins, organizations need real-time data," he said.
Multi-MID strategies, dynamic routing
Courtney Kelly, vice president of global business development at FreedomPay, said real-time control of transactions is now critical to staying within VAMP thresholds. "Intelligent routing is no longer just a performance or cost tool; it's becoming a compliance requirement," she said. "The ability to choose the best path across the ecosystem is what keeps merchants optimized while staying under VAMP thresholds."
Martin and Huber also observed that routing has evolved from static configurations to more dynamic, risk-aware use cases.
"Merchants operating across multiple MIDs have a real advantage if they use it correctly," Martin said. "The difference comes down to visibility and speed of response."
"Merchants will start using risk-aware routing the same way they use cost-aware routing today," Huber noted. "Steering traffic by fraud profile, geography and dispute behavior to stay under thresholds."
Kelly added that some merchants in legacy systems are at risk of falling behind. "Merchants who have not adjusted their processes or are locked into a rigid payment stack that lacks flexibility or optionality will not be able to adapt quickly enough to stay within VAMP thresholds," she said.
Martin urged merchants to act. "First, get visibility," he said. "Second, map your portfolio against current thresholds. Third, talk to your ISO or acquirer now—before a breach, not after."
Riley agreed, noting that merchants must understand where risk originates. "If a merchant can identify which products, geographies, issuers or customer cohorts are generating disproportionate fraud and disputes, they can treat those transactions differently," he said.
Practical steps for merchants
Despite VAMP's complexity, experts affirmed technology and service providers can help simplify compliance and reduce exposure.
Allen Kopelman, co-founder and CEO of Nationwide Payment Systems, advised high-volume merchants to work with chargeback mitigation and fraud prevention partners. "Any merchant doing a high volume of transactions needs to work with a chargeback monitoring company and find a balance between Visa's Rapid Dispute Resolution and fighting chargebacks," he said.
Huber offered a more direct warning: "Get your numbers. If you don't know your fraud rate and dispute rate, you're flying into a mountain." He also advised merchants to fix operational gaps by eliminating bad traffic sources, tightening refund policies and improving customer support.
Kelly suggested that VAMP presents an opportunity for businesses to reassess risk and infrastructure. "Merchants should look at their payments stack and think about centralizing orchestration, which allows for control over the entire ecosystem and increases visibility into payments data."
Proactive dispute management
Visa's updated framework encourages merchants to take a proactive stance and to embed dispute management directly into workflows rather than treat risk and fraud as an afterthought. Ultimately, the goal is not just to win disputes, experts said, but to reduce how many occur in the first place. Kelly agreed, stating that merchants should be more concerned with preventing disputes than just winning disputes.
"'We'll get to it next week' is the fastest path to losing disputes and getting flagged in VAMP," Huber said. "Timelines are tighter, and dispute volume now feeds directly into your ratios." Riley agreed, stating, "Disputes should be treated as a prevention problem, not a recovery process. Merchants need to focus on deflection and quick resolution before disputes become chargebacks." This proactive posture, Riley added, includes improving communication with customers, tightening refund policies and ensuring support channels are easy to access.
"They need to make sure they have 24/7 support, easy login or email access so customers can cancel, even sending out emails prior to billing," Kopelman said.
"The strategy shift is from 'win as many disputes as possible' to 'prevent as many disputes as possible and respond flawlessly to the ones that get through,'" Huber said.
Preparing for tighter thresholds
Looking ahead, experts expect pressure to keep building. "As of April 1, 2026, the excessive merchant threshold falls to 150 basis points," Riley said. "That materially shrinks the margin for error." Huber described the shift as a move into active enforcement. "Behavior that was merely 'annoying' last year can become fine-worthy this year," he said.
Martin said future updates will raise the stakes for ISOs and agents, particularly in underwriting. "The merchants you board are now a direct reflection of your portfolio health," he noted. Kopelman added a note of realism. "VAMP was promoted so much you would think thousands of merchants would be shut off or drowning in fines, but that is not the case," he said. "Different ISOs and processors are taking different approaches, and in some cases, margins are large enough that they absorb the fines."
Unified risk roadmap
Across the industry, experts have asserted that VAMP is promoting a more agile and cohesive approach to payment transaction integrity. "Fraud prevention, dispute management and payment performance have been treated as separate disciplines for too long," Martin said. "The industry is being pushed toward a more unified approach."
Riley agreed: "It's pushing merchants to think of fraud, disputes and approvals as one unified performance metric."
Kelly pointed out that VAMP is forcing accountability across the entire ecosystem for merchants, ISVs and acquirers, adding that if they are not aligned with their partners, their risk will not be contained. "The future belongs to merchants who can adapt in real time," she said. "Static payment systems simply won't survive in a VAMP-driven world."
Dale S. Laszig, content strategy director at The Green Sheet and founder and CEO at DSL Direct, is a payments industry journalist, creator and consultant. Connect via email at dale@dsldirectllc.com and LinkedIn at www.linkedin.com/in/dalelaszig.
Notice to readers: These are archived articles. Contact information, links and other details may be out of date. We regret any inconvenience.
