- One ratio is simpler to manage than two separate programs
- Rewards proactive fraud prevention, not just chargeback cleanup after the fact
- Pre-dispute tools like RDR and CDRN can reduce your ratio count entirely
- Compelling Evidence 3.0 removes qualifying TC40s from the calculation
- Aligns Visa with a more global, consistent view of payment integrity
- Acquirers get a cleaner, fuller picture of merchant risk
BLOG
>
Blog
VAMP Is Fully Enforced. What Regulated Merchants Need to Know Right Now.
Visa’s VAMP threshold is now stricter. Learn what changed, how the 1.5% ratio impacts regulated merchants, and how Approvely helps reduce fraud and disputes.
Elizabeth Balash
6/12/2026
.svg)
6
MIN READ
.svg)
Visa quietly rearranged the rulebook. If you process card-not-present transactions in the US, Canada, the EU, or Asia-Pacific, your chargeback monitoring thresholds just got 32% tighter. Effective April 1, 2026, the Visa Acquirer Monitoring Program (VAMP) dropped its Excessive merchant threshold from 2.2% down to 1.5%. No grace period. No easy bypass. Just a new, stricter ceiling on how much combined fraud and dispute activity Visa will absorb before fees and enforcement action follow.
For mainstream e-commerce, that shift is manageable. For businesses in regulated verticals; iGaming, crypto, sports betting, nutraceuticals, telehealth, travel, it hits differently. Your margin for error just shrank considerably, and if your infrastructure was already operating close to the line, you may already be past it.
We will break down what Vamp is, what changed, what it gets right, where it creates friction, and how Approvely's fintech infrastructure helps regulated merchants stay well inside the thresholds without treating compliance like a fire drill.
Key Takeaways Before You Read On
The threshold just got tighter.
Visa dropped the Excessive merchant VAMP ratio from 2.2% to 1.5% on April 1, 2026. That is a 32% reduction in how many combined fraud and dispute events you are allowed before enforcement kicks in.
One incident can count twice.
VAMP combines TC40 fraud reports and TC15 disputes into one ratio. A single chargeback can appear in both categories, inflating your ratio faster than your actual fraud volume would suggest. This double-counting effect is the program's biggest operational trap.
Your acquirer's threshold is probably stricter than Visa's.
Visa publishes 1.5% as the Excessive ceiling, but many acquirers apply internal thresholds closer to 0.5% or 0.7% for their own VAMP compliance. You can be within Visa's rules and still lose your processing relationship.
Some events can be removed from your count entirely.
Pre-dispute tools like Verifi RDR and Compelling Evidence 3.0 can exclude qualifying disputes and fraud reports from your VAMP ratio before they formally count. This is not a workaround. Visa built these mechanisms into the program.
Regulated merchants need to operate as if the threshold is 1.0%, not 1.5%.
Between acquirer-level pressure, double-counting, and the structural dispute rates common in industries like gaming and crypto, your effective real-world ceiling is significantly lower than what Visa publishes.
So, What Exactly Is VAMP?
VAMP stands for the Visa Acquirer Monitoring Program. It is Visa's framework for watching fraud and dispute activity across its network, holding both acquirers and merchants accountable for keeping those numbers inside an acceptable range.
Before April 2025, Visa ran two separate merchant-level programs: the Visa Dispute Monitoring Program (VDMP), which tracked chargeback ratios, and the Visa Fraud Monitoring Program (VFMP), which tracked fraud losses as a percentage of sales. On April 1, 2025, both were consolidated into a single unified metric under VAMP.
The official reason was simplification and a more complete picture of risk. In practice, it also meant that merchants who were previously managing two separate thresholds now face one combined ratio that can hit harder and faster.
The VAMP Timeline (Where We Are Now)
The program did not arrive fully formed overnight. Visa phased it in over roughly a year, with an advisory window before formal penalties began:
The buffer is gone. We are in full enforcement, and the thresholds are now at their most restrictive level since the program launched.
What Changed on April 1, 2026
The headline number is straightforward. Visa's Excessive merchant threshold dropped from 2.2% to 1.5% across the US, Canada, EU, and Asia-Pacific. For CEMEA, the 2.2% threshold holds for now.
To make that tangible: a merchant processing 60,000 orders a month could previously absorb up to 1,320 combined fraud and dispute events before being flagged. Under the new threshold, that ceiling drops to 900. Four hundred and twenty fewer incidents before Visa starts paying attention. For regulated merchants with structurally higher dispute rates, that gap closes fast.
The program also has a minimum event floor. You need at least 1,500 combined TC40s and TC15s per month before Visa formally monitors you at the merchant level. Below that, you are technically not in their direct sights. But do not get too comfortable if you are under the floor. Your acquirer almost certainly has their own internal thresholds that apply regardless of Visa's minimum.
The Honest Take: What VAMP Gets Right (and Where It Gets Messy)
Most coverage of VAMP lands in one of two camps. Either it is a smart, necessary evolution in payment integrity, or it is an overreaching framework that punishes merchants who are already operating responsibly
The businesses that struggle with VAMP are not always the ones committing fraud. They are often merchants in dispute-heavy verticals who lack real-time visibility into their own ratios, or businesses whose acquirers apply internal thresholds far below what Visa publishes. Both of those are infrastructure problems, not operational failures.
Why Regulated Merchants Have a Harder Job Here
VAMP applies across all card-not-present merchants, but the impact is not evenly distributed. A software subscription company and an iGaming operator can have identical chargeback rates and face completely different VAMP risk profiles.
In regulated and specialized verticals, a few structural realities make the math harder:
- Higher baseline dispute rates because of subscription confusion, friendly fraud, and more complex fulfillment timelines
- Greater scrutiny from acquirers means a VAMP flag in a regulated vertical triggers faster and harsher responses than for standard merchants
- Friendly fraud rates tend to be structurally higher in consumer-facing regulated industries, and friendly fraud counts just as hard against your ratio as third-party fraud
- Shorter merchant-acquirer relationships in some categories limit the historical data needed to build proactive ratio management
The practical implication is that a regulated merchant probably needs to treat 1.0% as their real operational ceiling, not 1.5%. Because acquirers facing their own VAMP compliance often run internal thresholds of 0.5% to 0.7% for their portfolios, and if you are pushing their numbers, you will feel the consequences before Visa's formal enforcement ever arrives.
How Approvely Helps You Stay Ahead of It
Approvely is a fintech infrastructure platform built for regulated and specialized businesses. Not a generic processor that reluctantly handles high-risk accounts, but a platform purpose-built around the compliance, risk, and operational realities that come with industries like iGaming, crypto, nutraceuticals, and travel.
VAMP compliance is not something you can bolt on after the fact. It requires the right acquiring relationships, real-time data visibility, pre-dispute tooling, and chargeback management built into how your payments operate from day one. Here is how Approvely's infrastructure addresses each of those layers:
Chargeback Protection That Actually Moves the Number
Approvely's integrated chargeback protection covers 98.05% of chargeback events. That is operational protection that directly reduces the TC15s feeding your VAMP ratio. The goal is not to fight chargebacks after they have already been filed. It is to prevent them from counting in the first place, including through pre-dispute resolution workflows that can remove eligible events from your ratio entirely.
Real-Time Fraud Monitoring That Cuts TC40s
97% of high-risk activity blocked in real time. Fewer fraudulent transactions mean fewer TC40 fraud reports, which means a lower combined VAMP ratio. This is the most direct lever a merchant has for ratio management, and it requires fraud infrastructure that operates at the authorization layer rather than cleaning up after the fact.
Authorization Rates That Reduce the Friendly Fraud Spiral
Approvely maintains a 96.43% acceptance rate across its merchant portfolio. Higher authorization rates reduce the confusion that leads to friendly fraud disputes, where cardholders file chargebacks on transactions that were technically authorized but in ways that felt unclear or unexpected. A clean authorization experience is one of the underrated inputs to a healthy VAMP ratio.
Acquiring Built for Your Vertical, Not Borrowed from Someone Else's
VAMP compliance starts with your acquiring relationship. A processor not designed for regulated merchant categories will leave you with data gaps, communication delays, and internal thresholds that have nothing to do with your actual risk profile. Approvely's acquiring infrastructure is built around the MCC codes and risk characteristics of regulated industries, with same-day onboarding and go-live timelines of three to five business days.
Fast Settlement That Removes Liquidity Pressure
Approvely offers same-day and instant payout rails. That matters for VAMP more indirectly but genuinely. Merchants under financial stress from slow settlements or frozen funds tend to cut corners on fraud controls, and those corners show up in your VAMP ratio three months later. Clean, fast settlement keeps operations stable and dispute patterns predictable.
Frequently Asked Questions
What exactly is a VAMP ratio and how is it calculated?
Your VAMP ratio is the combined total of TC40 fraud reports and TC15 disputes divided by your total settled transactions in a given month. If you process 1,000 transactions and generate 10 TC40s and 20 TC15s, your VAMP ratio is 3.0%, which is well above the current Excessive threshold of 1.5%. The painful part is that a single fraudulent chargeback can appear in both categories, effectively counting twice against your ratio from one incident.
Does the 1.5% threshold apply to every merchant?
The 1.5% Excessive merchant threshold applies to card-not-present merchants in the US, Canada, EU, and Asia-Pacific as of April 1, 2026. Merchants in CEMEA regions remain at 2.2% for now. There is also a minimum event floor of 1,500 combined TC40s and TC15s per month before Visa formally monitors at the merchant level. Below that volume you are not in Visa's direct sights, though your acquirer's internal thresholds often apply regardless. You can read Visa's own VAMP fact sheet for the full program detail.
What are the penalties for going over the threshold?
Penalties range from fees of up to $8 per dispute to mandatory enrollment in compliance remediation programs and, in sustained cases, account termination. The more immediate risk for most merchants is actually at the acquirer level. Acquirers facing their own VAMP exposure will often act on their merchant portfolios well before Visa's formal process runs its course, so the practical consequences can arrive faster than the official timeline suggests.
Can any chargebacks be excluded from the VAMP count?
Yes, and this is one of the more useful mechanics in the program. Visa's Compelling Evidence 3.0 framework can remove qualifying TC40 fraud reports when you can demonstrate the cardholder previously used the product in an undisputed transaction. These are mechanisms Visa built specifically to reward merchants investing in proactive resolution infrastructure.
How should a regulated merchant approach VAMP differently than a standard e-commerce business?
Treat VAMP as an infrastructure problem, not a reporting one. The merchants that get into trouble are almost always those reacting to threshold breaches after they happen. The ones that stay in bounds have real-time visibility into their own ratio, pre-dispute tooling already running, acquiring relationships designed for their specific vertical, and fraud prevention that blocks TC40-generating events before they settle. If your current setup does not give you weekly visibility into your VAMP ratio, that is the first gap to close.
The Bigger Picture
VAMP is a real step forward for payment integrity. Consolidating fraud and dispute monitoring into one unified ratio makes logical sense. Holding acquirers and merchants jointly accountable for the health of their portfolios is directionally correct.
Where it gets complicated is execution. Regulated merchants, who already operate under elevated scrutiny, are being held to standards that require infrastructure most processors simply do not offer as a default. The double-counting issue is a genuine operational challenge. The acquirer-level thresholds sitting below Visa's published numbers create hidden exposure that most merchants do not see until they are already past it.
The answer is to build payment infrastructure that makes compliance a natural output of clean operations rather than a separate remediation exercise.
That is the kind of infrastructure Approvely is built to provide.Want to see where your VAMP exposure actually sits? Talk to the Approvely team at approvely.com.
Share this post
Blog
-min.avif)
-min.avif)