Helping High-Risk Merchants Maintain VAMP Compliance

Do you regularly process online, card-not-present transactions? Are disputes a common part of your business model? If yes, then Visa’s new VAMP rules likely apply to you.

With the alarming rise of digital fraud, merchant revenue is projected to take a serious hit, exceeding $362 billion globally by 2028. And since Visa has pledged to hold everyone accountable for unchecked fraud, high-risk merchants now face extremely heightened scrutiny from acquiring banks.

That’s why partnering with a specialized, tech-savvy provider has never been more important. It’s not just about who’s willing to take on “risky” businesses, but who’s able to keep these merchants afloat when major card networks like Visa tighten their regulatory ropes. To safeguard revenue under VAMP, businesses need:

With all of the above, plus an extensive banking network, Adaptiv Payments is already built to help high-risk merchants stay compliant and ahead of the curve.

Getting approved is one thing. Staying approved — and in Visa’s good graces — is another. Apply for a specialized merchant account with Adaptiv, and gain a team that protects your account so growth doesn’t come at a cost.

Get Started Today

What Does VAMP Stand For?

VAMP stands for the Visa Acquirer Monitoring Program. It is a compliance and risk monitoring framework created by Visa to identify merchants whose payment activity shows elevated levels of fraud, chargebacks, or other behaviors that can threaten the stability and integrity of the card network.

VAMP is how Visa evaluates whether acquiring banks and payment processors are effectively managing the merchants they sponsor. While acquirers are the entities formally monitored, the impact of VAMP is directly felt by merchants, especially those operating in moderate to high-risk industries.

Under VAMP, Visa aggressively reviews transaction data, dispute patterns, and fraud indicators tied to individual merchant accounts. When certain thresholds are exceeded, those accounts may be flagged for increased surveillance. In some cases, this can lead to restrictions, higher reserves, or even account termination if corrective action is not taken.

How Does VAMP Affect High-Risk Merchants?

For high-risk merchants, VAMP doesn’t penalize growth. Rather, it scrutinizes how that growth shows up in your payment activity.

Visa uses VAMP to monitor whether transaction volume, chargebacks, and customer behavior stay within its specified risk thresholds. Businesses with recurring billing, international customers, or rapidly scaling revenue tend to draw closer review, even when they’re operating fully above board.

Understanding how VAMP works is essential to protecting your merchant account, avoiding financial penalties, and maintaining stable payment processing as your business grows.

How Does VAMP Affect Acquirers?

VAMP fundamentally changes how acquiring banks manage fraud and dispute risk across their entire merchant portfolios. Think of it as shared responsibility. Visa looks at how all of an acquirer’s merchants perform together, not just in isolation.

Acquirers are now held accountable for any and all events of elevated fraud, chargeback, and enumeration activity in their merchant portfolio. These values are measured through a new unified VAMP ratio that combines TC40 fraud and TC15 dispute events against total settled transactions.

Under VAMP, if an acquirer’s overall performance exceeds defined thresholds (“Above Standard” or “Excessive”), Visa can issue a corrective action, enhanced monitoring, or enforcement fees tied to each disputed or fraudulent transaction, often without merchant-specific fault.

This shift means acquirers must:

Continuously monitor and segment risk across all merchants, not just outliers, to stay within Visa’s tighter tolerance levels.
Engage with merchants proactively on fraud prevention and dispute resolution to protect the acquirer’s aggregated ratios.
Invest in fraud-detecting technology, reporting, and controls that detect problematic patterns early, because Visa’s enforcement now hinges on count-based metrics and portfolio performance, not just individual incidents.

In short, acquirers are expected to employ rigorous oversight and faster remediation when thresholds are approached. VAMP is a direct financial incentive to push merchants toward stronger fraud and dispute management.

Apply for a High-Risk Merchant Account

System hacked warning alert on a laptop showcasing the dangers of fraud

Why Visa Introduced the VAMP Program

Visa introduced VAMP in 2024 to better combat fraud and enumeration attacks as digital commerce continues to expand. With more online transactions come higher (and more sophisticated) fraud, more disputes, and less stable payment behavior, especially in high-volume and cross-border industries.

Earlier monitoring programs focused on chargebacks, which appear after serious problems are already well underway. VAMP takes a broader view, examining fraud patterns, dispute activity, and merchant behavior so risk can be identified and adequately addressed earlier.

VAMP also reinforces accountability. Because Visa doesn’t work directly with most merchants, it relies on acquiring banks and processors to properly underwrite and manage the businesses they support. The program ensures acquirers stay actively involved in monitoring risk, not just reacting once issues escalate.

And while that scrutiny can feel frustrating, VAMP isn’t meant to punish legitimate businesses. It’s meant to surface risk sooner and get ahead of suspicious activity, all before small issues turn into account freezes, processing interruptions, or even bigger problems down the road.

Bottom line: Visa wants acquiring banks and processors to take chargebacks and payment card fraud much more seriously.

Key Visa VAMP Requirements for High-Risk Merchants

Visa’s Acquirer Monitoring Program evaluates merchant risk using defined ratios and behavioral indicators that signal instability within the payments ecosystem.

While Visa formally monitors acquiring banks, these measurements are driven by merchant-level transaction data.

For high-risk merchants, understanding these ratios is essential to maintaining VAMP compliance:

VAMP Ratio

The VAMP ratio is a core metric used to assess overall risk tied to a merchant’s payment activity, specifically involving both domestic and cross-border card-not-present transactions. It evaluates the relationship between these two values over a defined monitoring period:

Confirmed fraud reports and non-fraud disputes
Total transaction volume

A rising VAMP ratio indicates that a merchant’s transactions are producing an unacceptable level of fraud relative to their transaction volume. This can stem from weak fraud controls, high-risk customer acquisition channels, insufficient authentication, or poor transaction filtering.

The numbers: While Visa initially rolled out a 1.5% “excessive” threshold at the program’s debut, merchants now face even tighter fraud and dispute restrictions. As of January 2026, VAMP mandates that businesses keep their monthly combined dispute ratios below 0.9% to avoid fines, heftier chargeback fees, and even termination of Visa processing privileges.

How To Calculate Your Monthly Visa VAMP Ratio

Total # of Fraudulent CNP Transactions (TC40) + Total # of Disputed CNP Transactions (TC15)

Total # of Settled CNP Transactions (TC05)

The tricky part? One bad transaction can count as two strikes. If a payment is flagged as fraud and later disputed, it gets logged twice under VAMP. Think of it like one missed payment triggering both a late fee and a ding on your credit score.

Enumeration Ratio

VAMP also holds acquirers accountable when merchants fail to stop large-scale “enumeration” attacks, a type of fraud where criminals rapidly submit thousands of card attempts to test stolen card numbers and confirm which ones are active.

If a merchant allows this activity to spiral, Visa will impose fines or other enforcement actions on the acquirer. Here’s what that looks like by the numbers:

Exceeding 300,000 suspected enumeration attempts in a month (both approved + declined)
Having more than 20% of authorization requests tied to fraud

The good news is that most enumeration attacks are preventable. Simple safeguards like CAPTCHA tests, caps on payment attempts, and authorization controls can stop these attacks before they become a serious problem.

How To Calculate Your Monthly Enumeration Ratio

Total # of Enumerated Authorization Transactions (Approved + Declined)

Total # of Authorization Transactions (Approved + Declined)

Additional Risk Indicators

Beyond these two important ratios, Visa also evaluates:

Unauthorized fraud reporting trends
Dispute behavior and resolution patterns
Sudden spikes or changes in transaction volume or speed
Refund and reversal activity
Billing descriptor clarity and consistency

These indicators are assessed in context, taking into account the merchant’s industry, business model, and historical behavior.

For high-risk merchants, VAMP compliance depends on proactively controlling fraud and enumeration risk rather than reacting after the above ratios deteriorate.

Need A Merchant account?

Apply

Trusted by 1000's of customers

5k+

Who Needs to Worry About VAMP Compliance?

VAMP compliance isn’t just a concern for deceptive merchants. It affects legitimate businesses whose models often carry more fraud and dispute exposure. If your company processes high volumes, bills customers repeatedly, offers digital payment options, or operates across borders, VAMP should definitely be on your radar.

This includes businesses in higher-risk categories, such as:

CBD, Kratom, and gambling merchants
Travel and online dating businesses
Subscription and recurring billing models
Telehealth and digital service providers
Nutraceutical and supplement merchants
International, high-volume eCommerce brands
Rapidly scaling businesses
Trial and promotional offer programs

Apply for a High-Risk Merchant Account

VAMP vs VDMP: What’s the Difference Now?

The Visa Dispute Monitoring Program (VDMP) was Visa’s original program for monitoring disputes and chargebacks. But as of April 1, 2025, Visa rolled those dispute rules, along with fraud monitoring, into an updated umbrella program: VAMP.

In other words, VAMP is the “all-in-one” transaction monitoring system. It evaluates risk using combined signals, like disputes and fraud, instead of treating them as entirely separate programs.

For merchants and acquirers, the practical takeaway is simple: You can’t manage chargebacks in isolation anymore. Fraud controls and dispute prevention now live under a single compliance framework.

What Happens If You Fall Out of VAMP Compliance?

When a merchant’s payment activity exceeds Visa’s acceptable risk thresholds under the Visa Acquirer Monitoring Program, enforcement rarely begins with immediate termination. Instead, action usually escalates in stages, guided by Visa requirements and carried out by the acquiring bank. Essentially, acquirers have also become auditors.

Increased Monitoring and Scrutiny

The first step is heightened oversight. Acquirers may be required to submit additional reports to Visa, closely track transaction activity, and document the corrective steps being taken. Merchants are often asked to adjust fraud controls, refine billing practices, or strengthen customer authentication during this phase.

Account Controls and Risk Mitigation Measures

If risk indicators continue to rise, acquirers may impose protective controls on the account. These can include higher rolling reserves, delayed settlements and payouts, transaction volume limits, or tighter authorization rules. The goal is to reduce exposure while giving the merchant time to stabilize payment activity.

Processing Restrictions or Account Termination

When non-compliance persists, enforcement can escalate to processing restrictions or, as a last resort, account termination. In these cases, the acquiring bank may be required to end the relationship to remain compliant with Visa’s obligations. Merchants may also be placed on the MATCH list, which can make securing future payment processing significantly more difficult.

Why Timing Matters

Merchants are often unaware that risk is rising until intervention begins, at which point options are more limited, and timelines are tighter. This is why early detection and proactive risk management are critical. Addressing fraud and enumeration activity sooner is far less disruptive than trying to recover after compliance action has already been triggered.

Important Note: The first time a merchant has a VAMP compliance issue within a rolling 12-month period, a three-month grace period is usually provided to correct it.

Any repeat offenses can result in immediate penalties. Once a business hits or exceeds VAMP’s threshold, Visa charges them $8 per fraudulent or disputed transaction until their monthly ratios return to acceptable levels.

Protect Your Payments With These Key Compliance Strategies

Protecting your payments today is about staying one step ahead. Vigilant monitoring and proactive controls help keep risk in check as your business grows. To meet updated VAMP requirements, make the following key compliance strategies a normal part of your business:

Control fraud at authorization, not after settlement

Use layered fraud controls that stop high-risk transactions before approval. This includes velocity limits, device and IP analysis, and adaptive rules that respond to changing traffic patterns. Reducing unauthorized fraud directly improves VAMP ratio performance.

Implement advanced fraud tools into your payments platform

Layer in tools like 3D Secure, Address Verification Service (AVS), and Card Verification Value (CVV) checks to help block unauthorized transactions. To prevent “friendly fraud,” use clear, recognizable billing descriptors so customers can easily identify charges on their statements.

Detect and stop enumeration quickly

Enumeration activity escalates fast and can trigger monitoring even during short bursts. Merchants should implement authorization throttling, bot mitigation, and alerts for abnormal low-value or repeated attempts. Rapid response matters more than long-term averages here.

Stabilize transaction behavior

Visa evaluates trends, not just totals. Sudden spikes in volume, sharp drops in approval rates, or inconsistent refund behavior can all raise flags. Gradual scaling, predictable billing cycles, and clear refund practices help maintain stable patterns.

Monitor dispute ratios closely

Regularly review your TC40 (fraud) and TC15 (dispute) activity to understand how your numbers contribute to your overall VAMP ratio. As a proactive step, many teams choose to set internal alerts well before the official thresholds, so they have time to spot trends and course-correct early.

Act before thresholds are breached

The best compliance strategies don’t wait for a warning. By the time an acquirer reaches out, risk metrics have often already slipped. Ongoing monitoring helps high-risk merchants stay steady as they grow.

Don’t partner with a provider who bypasses due diligence in the underwriting process

Fast approvals don’t matter much if you’re hit with crippling penalty fees, account restrictions, or termination later on. Now more than ever, merchant account providers who utilize thorough underwriting are a massive green flag for high-risk merchants. The right provider offers built-in safeguards, matches you with the best acquiring bank, and provides clear guidance on risk mitigation. The wait is worth it.

How Adaptiv Positions Merchants for Long-Term VAMP Compliance and Steady Payment Processing

VAMP enforcement is administered through acquiring banks under rules set by Visa. When merchants encounter compliance issues, acquirers are required to take action. That action depends on whether a merchant’s processor can demonstrate active oversight, timely intervention, and a credible remediation plan.

Tools can surface data, but they cannot:

Adjust processing behavior in coordination with an acquirer
Modify authorization strategies in real time
Adjust where your traffic comes from when certain channels begin driving more fraud
Guide merchants through corrective actions before enforcement escalates

Effective VAMP compliance requires active account management. That includes continuous monitoring, early identification of emerging risk, and direct coordination with banking partners when adjustments are needed.

It also requires understanding how different business models, growth patterns, and customer bases affect risk ratios over time.

For high-risk merchants, compliance is not a static setting. It is an ongoing process that must evolve alongside the business. Tools can support that process, but they cannot replace experienced payment oversight.

The Adaptiv Difference

At Adaptiv, we take an active role in long-term VAMP compliance. Our dedicated support team remains closely aligned with acquiring banks, keeps a pulse on emerging risk, and helps merchants make smart adjustments before minor issues turn into bigger disruptions. We understand how Visa evaluates activity under VAMP and how growth, traffic sources, and billing models influence risk over time. The result is more stable payment processing and fewer surprises as your business grows.

Payments Handled. Compliance Covered. That’s Adaptiv.

Man holding a credit card while making an online purchase on his laptop

If you process online transactions, fraud and chargebacks are inevitable. And when you know the pressure is coming, the answer isn’t to play defense and hope for the best. It’s to prepare, adapt, and stay one step ahead.

That’s where Adaptiv shines. We know payments. We manage compliance. And while we’re handling the complexity behind the scenes, merchants are free to focus on what matters most: running and growing their business.

Stable payments start with the right partner. Contact our sales team today to ask questions or get started on your application for a merchant account.