Visa's Visa Acquirer Monitoring Program (VAMP) is the scorecard your processor watches when fraud notifications and chargebacks start piling up. It rolls fraud alerts (TC40) and disputes (TC15) into one ratio against your settled card-not-present transactions (TC05). If you cross the key thresholds, your processor can push you into remediation plans, add reserves, raise pricing, or shut down the MID.
This guide explains what counts in the VAMP ratio, the threshold numbers merchants should care about in 2026, and the practical changes that usually move the needle fastest: better transaction recognition, fewer "didn't authorize" reports, fewer disputes, and less account testing.
VAMP is Visa's monitoring program that measures combined fraud and dispute incident rates in a single monthly ratio. Even though Visa monitors acquirers (processors), merchant performance can trigger your acquirer to classify you as an "Excessive Merchant" and take action.
Visa's own fact sheet describes VAMP as a consolidation of the prior Visa Acquirer Monitoring Program, the Visa Fraud Monitoring Program, and the Visa Dispute Monitoring Program into one global program. It also defines the core metric as a count-based ratio of fraud notifications plus disputes divided by settled transactions.
For merchants, the practical takeaway is simple: your processor does not need to wait for chargebacks alone to spike. If fraud reports (TC40) rise, you can get attention even before disputes show up, because both can hit the numerator.
The VAMP ratio is a monthly count-based rate:
In Visa's VAMP fact sheet, the formula is written as: VAMP Ratio = Count of [Fraud (TC40) + Disputes (TC15)] divided by Count of Settled Transactions (TC05). The same document notes that the ratio excludes disputes resolved through pre-dispute solutions (timing dependent) and excludes some TC40 fraud that qualifies for Compelling Evidence 3.0 (timing dependent).
Two merchant implications matter:
1) A single customer problem can count twice. A cardholder might first report fraud (TC40) and later file a dispute (TC15). From a monitoring standpoint, it is possible for both events to appear.
2) You cannot manage VAMP using chargeback dashboards alone. Many teams watch TC15 chargebacks but do not have a clean way to see issuer fraud notifications in near real time.
TC40 is a fraud notification that issuers send into Visa systems when a cardholder reports a transaction as fraudulent. It is not a chargeback by itself, but it is an early signal.
TC15 is the dispute record for a chargeback. This is what most merchants think of when they say "chargeback count".
TC05 is the settled transaction count. Think of it as the count of Visa e-commerce transactions that actually cleared and settled.
For most merchants, the threshold that changes outcomes is the "Excessive Merchant" threshold, because that is where acquirers often start forcing a remediation plan.
Visa's VAMP fact sheet lays out two sets of thresholds:
Here is the distilled merchant view for the U.S. and Canada.
| Metric | What it applies to | Threshold | Notes |
|---|---|---|---|
| Above Standard | Acquirer portfolio | >= 50 bps (0.50%) | Count threshold applies too |
| Excessive | Acquirer portfolio | >= 70 bps (0.70%) | Count threshold applies too |
| Excessive Merchant | Individual merchant (in AP/Canada/EU/U.S.) | >= 220 bps (2.20%) | Effective June 1, 2025 with >= 1,500 incidents |
| Excessive Merchant (tightened) | Individual merchant (in AP/Canada/EU/U.S.) | >= 150 bps (1.50%) | Effective April 1, 2026 with >= 1,500 incidents |
The same fact sheet also states the advisory period ends September 30, 2025, which matters because it frames when enforcement and operational pressure started for many processors.
Yes. In the regions above, Visa includes a minimum monthly count of combined fraud and disputes of 1,500 to enter the Excessive Merchant threshold framework. If you are below that, you are less likely to be tagged by Visa's Excessive Merchant metric.
But do not treat that as safety. Your processor can still set internal limits far below Visa's minima, especially for high-risk categories, subscription billing, or any business with an elevated fraud surface. Also, the moment you scale, the same dispute rate produces a much larger raw count.
Start with what you can measure:
A simple estimate is:
VAMP Ratio ~= (fraud alerts + chargebacks) / settled Visa CNP transactions
If you cannot see TC40, create a range:
The goal is not a perfect number. The goal is to catch trendlines early enough to intervene before your processor does.
VAMP changes the math in two ways:
1) It expands the numerator. Older dispute monitoring programs focused on chargebacks. VAMP adds issuer fraud notifications.
2) It is count-based and monthly. You can have a single bad month from an attack wave, a fulfillment failure, or a marketing push that brought low-quality traffic.
Trade press summaries of the older Visa Fraud Monitoring Program (VFMP) show Visa historically used staged thresholds and remediation windows. The consolidation into VAMP pushes acquirers to act on a unified metric instead of waiting for separate triggers.
The fastest paths into elevated VAMP ratios usually look like one of these patterns.
"Unrecognized" disputes are often a merchant descriptor problem. You sold legitimately, but the statement line does not match the brand the customer thinks they bought from.
Fixes that tend to work:
Visa's Acceptance Risk Standards emphasize data integrity and consistent merchant identifiers across the transaction lifecycle, because it affects dispute resolution and fraud detection.
That can happen when:
From a merchant control standpoint, the best early actions are:
Visa's Acceptance Risk Standards explicitly call out using tools like AVS, CVV, geolocation, velocity checking, and Visa Secure to identify and prevent fraud.
Subscriptions are a common dispute generator when customers forget about a renewal, do not understand a trial-to-paid conversion, or cannot find cancellation.
Merchant fixes:
Even when you win representment, a high dispute volume still hurts relationships with your processor, because the operational burden shows up before the outcome.
Fulfillment failures drive both disputes and fraud reports. Customers who cannot get support often choose the fastest refund path they know.
Make sure your post-purchase flow has:
Start with a short list of interventions that can show results in 30 to 60 days.
Give customers more ways to recognize the purchase before they call the bank:
If you can support it technically, use tools that share order details with issuers (order insight style programs). The point is to reduce misunderstandings that become disputes.
Enumeration attacks can create fraud notifications even if most transactions decline.
Common merchant controls:
Visa's VAMP fact sheet includes separate enumeration thresholds that acquirers are expected to manage proactively, using an enumeration ratio and an enumeration transaction count.
3DS2 can reduce fraud, but it can also lower conversion if you challenge too broadly.
Best practice is to:
If your business is already under pressure, controlled step-up can help stabilize fraud reports and disputes.
Many disputes start because the customer wanted a refund but did not trust the merchant would deliver it.
Operational changes:
Support speed is a dispute control. If email tickets sit for days, the bank becomes the support channel.
Set an internal target like:
If you cannot meet that, consider adding phone support during peak billing windows.
Most processors follow a familiar ladder of responses:
This is why it is worth tracking VAMP drivers early. The cost of a reserve often exceeds the cost of most fraud tooling.
Ask direct questions that map to the way Visa measures you.
Also ask where they want you to route disputes (in-portal workflow, chargeback tool, or gateway integration), because timing matters.
VAMP's fact sheet notes that disputes resolved through pre-dispute solutions can be excluded from the ratio depending on the timing of the data extract.
In practical terms:
If you are already running RDR or other programs, confirm with your processor how those resolutions appear in their VAMP reporting.
If Visa's Excessive Merchant threshold is 1.50% in many regions as of April 2026, an internal operating target should be lower.
A practical approach:
The exact numbers depend on category, ticket size, and fraud surface. But the concept matters: do not wait for 1.50%.
Yes. Visa's VAMP fact sheet says Visa is consolidating the existing VAMP, Visa Fraud Monitoring Program, and Visa Dispute Monitoring Program into a single global program.
VAMP's core ratio in the fact sheet is count-based: a count of fraud notifications plus disputes divided by a count of settled transactions.
Not in the same way. A fraud notification is an issuer report, not a dispute case with a representment workflow. The best strategy is prevention: reduce account testing, reduce true fraud, and improve authentication and identity signals.
It helps, but not always. If fraud notifications (TC40) remain high, your ratio can stay elevated even if disputes fall.
Sometimes. Visa's fact sheet notes that disputes resolved through pre-dispute solutions may be excluded depending on timing of the data extract. Confirm the specifics with your processor.
You can apply for a merchant account through Easy Pay Direct or another processor that fits your model. Other options worth a look: