Visa has announced an extension of the advisory period for its new Visa Acquirer Monitoring Program (VAMP) to ensure a smooth transition for merchants and acquirers. The program, aimed at combating fraud and streamlining dispute management in the global payments ecosystem, was initially set to launch on April 1, 2025. However, to provide additional time for stakeholders to establish compliant internal controls, Visa has extended the advisory phase to June 30, 2025.
Key Details of the VAMP Program
Program Integration
VAMP consolidates five existing fraud and dispute management initiatives, including the Visa Fraud Monitoring Program (VFMP) and Visa Dispute Monitoring Program (VDMP), into a unified framework. This simplification reduces the complexity of compliance by merging 38 separate remediation processes into one streamlined mechanism.
VAMP consolidates five existing fraud and dispute management initiatives, including the Visa Fraud Monitoring Program (VFMP) and Visa Dispute Monitoring Program (VDMP), into a unified framework. This simplification reduces the complexity of compliance by merging 38 separate remediation processes into one streamlined mechanism.
Global Fraud Thresholds
VAMP introduces harmonized risk thresholds for cross-border and domestic "Card-Not-Present" (CNP) transactions. For 2025, the global VAMP ratio threshold is set at 1.5% (Latin America/Caribbean at 9.0%), while the enumeration ratio threshold is 2,000 basis points (bps). These thresholds will tighten to 0.9% and 2,000 bps respectively in 2026.
VAMP introduces harmonized risk thresholds for cross-border and domestic "Card-Not-Present" (CNP) transactions. For 2025, the global VAMP ratio threshold is set at 1.5% (Latin America/Caribbean at 9.0%), while the enumeration ratio threshold is 2,000 basis points (bps). These thresholds will tighten to 0.9% and 2,000 bps respectively in 2026.
Lifecycle Risk Management
The program shifts from reactive post-incident management to proactive fraud prevention. By monitoring transaction authorization volumes and enumeration rates (automated card testing), VAMP enables continuous risk assessment and intervention.
The program shifts from reactive post-incident management to proactive fraud prevention. By monitoring transaction authorization volumes and enumeration rates (automated card testing), VAMP enables continuous risk assessment and intervention.
Dispute and Penalty Framework
Merchants exceeding thresholds face a three-month grace period (April–June 2025) for adjustments without penalties. From July 2025, non-compliant disputes (fraudulent and non-fraudulent) will incur a $10 fee per transaction. Dispute resolution tools like RDR (Rapid Dispute Resolution) and CDRN (Dispute Collaboration Network) are integral to meeting compliance.
Merchants exceeding thresholds face a three-month grace period (April–June 2025) for adjustments without penalties. From July 2025, non-compliant disputes (fraudulent and non-fraudulent) will incur a $10 fee per transaction. Dispute resolution tools like RDR (Rapid Dispute Resolution) and CDRN (Dispute Collaboration Network) are integral to meeting compliance.
Background and Impact
The impetus for VAMP stems from the evolving threat landscape, where sophisticated fraudsters exploit complex transaction patterns and automated tools. In August 2024, Visa reported global fraud losses of $2.5 billion, underscoring the need for a more robust framework. By standardizing compliance and enhancing monitoring capabilities, VAMP aims to reduce enumeration attacks and systemic fraud risks, ultimately fostering a safer and more efficient payments ecosystem.
For merchants, the transition to VAMP requires investments in fraud detection technologies (e.g., 3D Secure, AI-driven analytics) and optimized dispute management strategies. Partnerships with fintech providers specializing in risk compliance, such as Forter and WeTech, can help mitigate challenges and ensure readiness.
Implementation Timeline
Implementation Timeline
April 1, 2025: VAMP becomes effective; three-month warning phase begins.
July 1, 2025: Official enforcement phase commences.
October 1, 2025: Advisory period concludes (extended from June 30).
January 1, 2026: Thresholds tighten, and stricter acquirer requirements take effect.
July 1, 2025: Official enforcement phase commences.
October 1, 2025: Advisory period concludes (extended from June 30).
January 1, 2026: Thresholds tighten, and stricter acquirer requirements take effect.
Visa’s VAMP represents a pivotal shift toward proactive risk management in the payments industry, balancing security enhancements with operational efficiency for all stakeholders.
