ACI Blog

What you need to know about Visa’s new acquirer monitoring program (VAMP)

On this page

Visa’s newly launched Acquirer Monitoring Program (VAMP) is a significant shift in how fraud and dispute risks are measured and managed across the payments ecosystem. Replacing the long-standing Visa Fraud Monitoring Program (VFMP) and Visa Dispute Monitoring Program (VDMP), VAMP introduces a unified, acquirer-level approach that demands new levels of visibility, control, and collaboration between acquirers, merchants, and payment service providers (PSPs).

Why does VAMP matter to merchants and acquirers?

Effective April 1, 2026, VAMP will consolidate fraud and dispute monitoring into a single framework. Unlike its predecessors, which focused on merchant-level metrics, VAMP holds acquirers accountable for the performance of their entire merchant portfolios, and PSPs responsible for sub-merchant ecosystems they onboard and manage.

This change reflects Visa’s broader push for ecosystem-wide accountability and reducing systemic risk by encouraging acquirers and PSPs to take a more proactive role in managing merchant behavior.

Understanding the VAMP ratio

At the heart of the program is the VAMP ratio, which combines card-not-present (CNP) fraud and non-fraud disputes into a single metric:

VAMP ratio = (CNP fraud + non-fraud disputes) / Total settled CNP transactions

  • Minimum threshold for fraud and disputes (TC40 and TC15):
    • ≥ 1,500 in Asia Pacific, Canada, the EU, and the U.S.
    • ≥ 150 and amount ≥ USD 75,000 in CEMEA
  • Above standard threshold: VAMP ratio > 50bps — effective June 1, 2025
  • Excessive threshold: VAMP ratio > 70bps — effective June 1, 2025

This ratio gives Visa a clearer picture of acquirer-level risk and helps identify portfolios that may be contributing disproportionately to fraud and dispute volumes.

Payment service providers must aggregate sub-merchant fraud and dispute data into their own VAMP ratio calculation, ensuring every level—from PSP to acquirer to merchant—is visible under the new program.

Bot attacks or enumeration attacks: A new dimension

VAMP also introduces a new enumeration ratio, which tracks authorization abuse, such as bot-driven testing of stolen card credentials, using Visa’s VAAI Score. This metric applies to acquirers and PSPs processing more than 300,000 authorizations per month and is designed to detect and mitigate enumeration attacks before they escalate.

Learn more about how ACI predicts anomalous behavior with its AI-powered self-learning mechanism, powered by its position in the payments ecosystem

How does VAMP impact acquirers?

For acquirers, VAMP represents a fundamental shift in compliance responsibility. You can no longer risk being siloed at the merchant level. Instead, acquirers must:

  • Monitor merchant performance in real time
  • Segment portfolios by risk profile
  • Implement early warning systems for fraud and disputes
  • Engage merchants proactively to address issues before thresholds are breached
  • Coordinate with PSPs to ensure sub-merchant compliance

Failure to do so could result in penalties, reputational damage, or even restrictions on privileges.

How does VAMP impact PSPs?

For PSPs, VAMP extends compliance responsibility across the entire sub-merchant ecosystem. To meet the new requirements, PSPs must:

  • Aggregate sub-merchant CNP fraud and dispute data into a consolidated VAMP and enumeration ratio
  • Embed real-time dashboards and set automated alerts at 50bps (above standard) and 70bps (excessive)
  • Build VAMP-aligned controls into onboarding and underwriting, mandating fraud-prevention tools and streamlined dispute workflows for every sub-merchant
  • Offer co-branded remediation playbooks, APIs, and training so sub-merchants can stay below their thresholds

How does VAMP impact merchants?

Merchants, especially those in high-risk verticals or with high CNP volumes, will face increased scrutiny from their acquirers. Those who consistently contribute to elevated VAMP ratios may find it harder to onboard with new acquirers or maintain existing relationships. To stay competitive, merchants must:

  • Invest in robust fraud prevention tools
  • Streamline dispute resolution processes
  • Collaborate closely with acquirers on risk mitigation strategies

How can PSPs, acquirers, and merchants prepare for VAMP?

Mark these key dates on your calendar to stay ahead of critical deadlines.

DateWhat’s Happening
September 30, 2025End of VAMP advisory period: Warnings turn into live assessments
October 1, 2025Enforcement begins for “excessive” merchants and acquirers
January 1, 2026Enforcement begins for acquirers flagged “above standard”
April 1, 2026Merchant excessive threshold in AP, Canada, EU, and the U.S. drops from 220bps to 150bps

Using VAMP to gain a strategic edge in today’s competitive markets

At ACI Worldwide, we understand the complexities of managing fraud and dispute risk across diverse portfolios by providing AI-powered solutions with self-learning capabilities to financial institutions, acquirers, biller organizations, PSPs, and merchants. Built for security and scalability, these solutions:

  • Track VAMP and enumeration ratios in real time
  • Detect and prevent enumeration attacks
  • Automate dispute workflows to reduce chargebacks
  • Gain portfolio-wide visibility with AI-powered advanced analytics

Conclusion

The time to act is now. Avoiding costly penalties, loss of consumer trust, and protecting revenue begins with understanding what you need to do to reduce risk.

The new payments era report
The new payments era report

The New Payments Era

Embracing change at full speed and future–proofing payments for tomorrow’s needs

✔ Urgent case for modernization
✔ Strategies to combat fraud

✔ Faster, cheaper, more inclusive cross-border payments
✔Navigating complex regulations

About the authors

Jennifer Fox

Jennifer Fox

Manager, Fraud and Risk Strategy, Payments Intelligence

As Manager for Fraud & Risk at ACI Worldwide, Jennifer Fox drives payments intelligence and advances risk solutions to optimize acceptance rates, mitigate fraud, and boost revenue. Since joining ACI in 2016, she has led global teams in leveraging advanced analytics, machine learning, and AI-driven signals for proactive threat detection.