Visa Acquirer Monitoring Program (VAMP) Changes 2024: New Rules and Compliance Tips

A safe credit card card system is a usable payment system. If we didn’t have several security defenses, the integrity of all payments would fall apart. And that is why VISA enforces compliance with the Visa Acquirer Monitoring Program (VAMP).

VAMP focuses on merchant outlets of acquirers that have exceeded chargeback rates. So if you have excessive chargeback volume, Visa may require remediation. And that includes a range of consequences—from penalties and fees to the closing of your merchant account.

But, Visa recently announced an overhaul to VAMP, set for April 2025. There are new criteria and measurements—metrics that will impact merchants. Let's explore these changes and see how they affect you moving forward.  

Understanding the Visa Acquirer Monitoring Program (VAMP)

To start with some context, what exactly is VAMP? VAMP is part of a suite of Visa Compliance Programs. It monitors acquirers (and indirectly their agents) who exceed dispute activity and fraud thresholds. Those who go beyond acceptable levels face corrective action. The regulatory initiative helps hold everyone accountable—which limits the risks related to high chargeback ratios.

Visa enforces compliance by examining transaction activity of acquirers (who are mandated to report such data). The card issuer looks at things like the number of non-fraud disputes, fraud incidents, and unusual patterns in an aggregated portfolio. That data is then compared to historical numbers and preset metrics. If Visa discovers non-compliance, then remediation plans are necessary.    

‍

‍Recent Changes to VAMP

How is VAMP changing?

First, Visa will do away with the Visa Dispute Monitoring Program (VDMP) and the Visa Fraud Monitoring Program (VFMP) for merchants in the Visa Europe area. The updated VAMP will replace both. This consolidation should greatly simplify things for eurozone merchants. Retirements will come into effect March 31, 2025.

Secondly, Visa will set up new compliance criteria. Thresholds will change to a transaction count-based metric. Most notably, VAMP will combine fraud and non-fraud disputes to help reduce ratio pain points.

Third, Visa will update security protocols (e.i the Visa Account Attack Intelligence Score system) to reduce enumerated charges (brute force fraud attacks meant to ascertain valid payment information). There will also be new threshold criteria for enumeration attacks to enhance coverage.  

Lastly, enforcement will change. Visa will opt for a risk-based approach to “provide client flexibility and accommodate varying levels of risk appetite.” These new VAMP changes come into effect on April 1, 2025.

How the New VAMP Rules Affect Merchants and Chargeflow Products

So how will the update affect merchants? There are four key ways:

1. New Thresholds in Visa Acquirer Monitoring Program

European merchants will now work with new thresholds in the updated program.

Previously in VDMP, chargeback ratios operated with a dispute-to-transaction ratio set within a given month.

The formula will now change to include both fraud and non-fraud disputes:

Your calculated chargeback ratio will then apply to updated thresholds:

That two-level system differs from the previous system outlined for merchants in VDMP.

‍

2. Enumeration Ratio Updates With VAMP

Previously, VAMP and VFDP determined the fraud ratio and applicable fees for non-compliance. These programs will be combined.

With the launch of a new generative AI program meant to catch, Visa also provided an updated calculation for enumeration ratios:

The program will help real-time detection of 20 milliseconds. This should also improve authorization rates and lower operational costs.

3. Fines in the Updated Visa Acquirer Monitoring Program

The VAMP update will alter how Visa evaluates non-compliance. It specifically added adjustments that promote greater flexibility for acquirers:

• There is a three-month grace period for first-time identifications in a 12-month rolling period.
• Enforcement fees apply per dispute (fraud and non-fraud) for acquirer portfolios that exceed the above standard threshold. Merchants that exceed such thresholds will face enforcement fees individually.
• Threshold calculations include non-fraud Dispute Condition Codes 11, 12, and 13.
• Only card-absent, domestic, and cross-border VisaNet transactions are considered for VAMP.
• A monthly minimum of 1,000 combined fraud and non-fraud. Disputes apply to the acquirer and merchant thresholds.
• VAMP excludes Rapid Dispute Resolution (RDR), Cardholder Dispute Resolution Network (CDRN), and Compelling Evidence 3.0 disputes deflections

Non-compliance will result in fees, as outlined in the table below:

This differs from the previous fee structure:

4. Technical Adjustments in Visa's Monitoring Program

Since VDMP and VFDP are now part of VAMP with new threshold calculations, Visa will update its technical systems. All Ecosystem Risk Services (ERS) can access the new client tool OneERs as of April 1, 2025. There will be a 90-day grace period to support the transition.

OneERS will be a Microsoft dynamics-based interface. There, merchants will have a performance dashboard. All data, remediation info, and alerts will also occur through the platform, in addition to training material and educational resources.

Of greater importance, Visa will switch to a Visa Account Attack Intelligence (VAAI) Score system for enumerated transactions. It is a Generative AI system that will replace static Risk Operations Center (ROC)-blocked transactions. The technical update should help reduce the false positive rate by 85%.

How Chargeflow Helps Merchants Adapt to the New VAMP Rules

So what does this mean for merchants, and more particularly, Chargeflow clients?

• Data reporting: Acquirers and merchants must follow all reporting and compliance guidelines, including these VAMP changes. For Chargeflow clients, this places even greater importance on comprehensive data aggregation. Chargeflow remains committed to automating evidence collection and submission that meet Visa standards.  
• Alerts for non-compliance: Prepare to improve your risk control environment. Chargeflow will support risk-based strategies (as adopted by Visa here with VAMP) through real-time tracking of your compliance status. That type of automation is in addition to immediate alerts for any potential non-compliance.
• Proactive fraud prevention: Visa is clearly hoping to address the problem of fraud and chargebacks with these changes. Simply put, those who proactively limit fraud will be rewarded. Chargeflow supports this industry-wide goal with advanced fraud detection algorithms and easy technical integration with existing fraud prevention tools.
• Deflecting disputes: The changes show that Visa is giving merchants and acquirers more flexibility in their approach to chargeback and fraud defenses. The idea is to drive merchants to use RDR, CDRN, and Visa Compelling Evidence. These programs reward dispute deflection and better address the unique issue of friendly fraud. Using these programs – and the tools provided by Chargeflow – will significantly ease penalties and ratios for up-to-date and prepared merchants. VAMP will also help streamline processing and allow all players to assess dispute and fraud ratios strategically.      

Conclusion

VAMP is positive growth in Visa compliance activity. It should simplify processing by removing the complexities of VDMP and VFDP. It will also better match the fraud economy by focusing on risk-adjusted scoring. European acquirers and merchants will gain the ability to assess dispute and chargeback ratios strategically (and by extension, avoid undue penalties). It will also drive industry players to use updated Visa programs such as Order Insight to better deflect chargebacks and mitigate fraud.

‍Adapting to these future changes can be complex. Stay compliant with Chargeflow tools. And, be sure to review your current processes. If you need support, contact Chargeflow—we will be happy to help you through the update.