When Visa tightened its Visa Acquirer Monitoring Program (VAMP) merchant threshold to 1.5% for most regions (US, Canada, EU, AP) on 1 April 2026, industry commentary largely focused on acquirers and merchants: who faces the fines, which merchant categories hit the Excessive line first, and how the enforcement compares to the old fraud and dispute monitoring programmes it replaced.
That framing is logical:
- The Visa Acquirer Monitoring Programme is named for acquirers.
- The enforcement fees land on merchants.
- The compliance burden, on the surface, sits upstream.
But for issuing banks, the story starts after the merchant crosses the threshold.
The operational impact is indirect and it's already here
VAMP calculates its ratio over card-not-present settled transactions by combining two data streams: TC40 fraud reports, filed by issuing banks when they detect fraud on their issued cards, and TC15 disputes, which capture chargebacks and related activity.
When merchant ratios climb, more merchants enter active monitoring. When merchants enter active monitoring, the volume of disputes and fraud cases routed back to issuing banks increases: more investigation requests, more representment responses, more cases to resolve.
This is not a forward-looking risk. The 1.5% threshold has been active since April. Merchants are enrolled into VAMP only when they exceed both the 1.5% ratio and a minimum volume floor of 1,500 combined TC40 and TC15 events per month. The structure at the merchant level is straightforward: unlike acquirer portfolios, which sit within a two-tier framework with an "Above Standard" band of 0.5%-0.7% before the Excessive line at 0.7%, merchants face a single Excessive threshold with no equivalent early warning tier, which is a point Ravelin's analysis of the VAMP changes makes clear. The pipeline from merchant enrolment to issuer case volume is running now.
Issuer dispute operations calibrated for steady-state volumes will feel the difference. Those with the capacity to absorb a sustained increase without SLA degradation are better placed.
TC40 accuracy: A compliance obligation that's become more consequential
There is a quieter dimension to VAMP that issuing banks should review carefully.
TC40 fraud reports, filed by issuing banks to flag fraud on issued cards, are not new. Banks have filed them as a scheme obligation for years. But VAMP's unified ratio makes TC40 accuracy more consequential than before.
Every TC40 filed by an issuer feeds directly into the network-wide signal that determines where merchant ratios sit. Inconsistent filing, late submissions, or inaccurate fraud classification can distort those signals. In a programme designed to produce an accurate picture of fraud and dispute activity across the network, data quality from issuers is part of the mechanism, not a peripheral concern.
Scheme expectations around proactive fraud prevention and timely fraud reporting have not changed. But the context in which those expectations operate has. TC40 filings that previously had a contained operational effect now contribute to broader network indicators. That is worth reviewing against your current fraud classification and reporting workflows.
The role of pre-dispute tools, and the limit issuers should understand
The interaction between VAMP and pre-dispute resolution tools is set out in Visa Bulletin AI14170, and the framework matters more for issuers than it might first appear.
Pre-dispute tools (Verifi's Cardholder Dispute Resolution Network (CDRN), Visa's Rapid Dispute Resolution (RDR), and equivalents) continue to exclude resolved TC15 disputes from a merchant's VAMP ratio, provided the resolution and the original dispute fall within the same monthly window. That part of the framework protects merchants whose pre-dispute flows work as intended.
The nuance sits on the TC40 side. When Visa updated VAMP (announced January 2025 and effective from 1 April 2025), it confirmed that TC40 fraud reports tied to disputes later resolved through RDR or CDRN are not removed from the ratio. The only mechanism that removes a TC40 after the fact is a successful representment under Compelling Evidence 3.0.
For issuing banks, this is the operational point worth holding onto. The TC40 is the issuer-filed report, and it contributes to merchant VAMP ratios regardless of whether the underlying case is later refunded through a pre-dispute tool. Issuer fraud classification and filing workflows therefore carry direct weight in the network-wide compliance picture, which is one reason to review consistency and timeliness in TC40 reporting against current scheme expectations.
Subscription and CNP portfolios: where exposure concentrates
Not all issuer portfolios face equal exposure to the downstream effects of VAMP tightening.
VAMP ratios are calculated over card-not-present settled transactions. Recurring billing and subscription merchant categories generate disproportionate dispute activity relative to their transaction volumes. Cardholders cancel subscriptions, dispute unrecognised charges, and encounter billing errors at higher rates than in one-off CNP purchases.
Issuing banks with material exposure to subscription merchants, whether through portfolio composition or cardholder spending patterns, may see a disproportionate share of the dispute volumes that follow enforcement. The merchant categories most likely to cross the 1.5% threshold are the same ones whose disputes flow back to issuers.
If your portfolio carries significant subscription spend, VAMP tightening is a reason to examine your dispute volumes by merchant category, not just in aggregate.
Volume absorption is now a compliance matter
The business case for automated dispute management has historically been built on efficiency: lower cost per dispute, reduced manual processing, lighter call centre load.
VAMP tightening adds a different dimension. The ability to absorb a sustained case volume increase without SLA breaches, missed payment network deadlines, or degraded cardholder outcomes is not just an operational preference. It is a compliance requirement.
Missed deadlines are risk events. Delayed refunds invite regulatory scrutiny. Slow or opaque resolution drives cardholder escalation and destroys customer trust: a global FICO survey on banking customer experience shows that 47% of customers would leave their bank provider due to a bad customer experience, ranking it as an even higher churn risk than experiencing a fraud event. These are not abstract scenarios for dispute teams not built to handle a sustained increase in throughput.
What to review now
Three areas are worth a structured review in the context of VAMP enforcement:
- TC40 reporting quality and timeliness: Review your fraud classification process and filing cadence. Inconsistent reporting is a data quality problem that now has broader implications under the unified VAMP ratio.
- Dispute case volumes by merchant category: Subscription and CNP-heavy merchant exposure in your portfolio is a leading indicator of the downstream dispute volumes you are likely to see. Understanding that composition now gives you time to plan.
- Operational capacity against a sustained volume increase: A spike that runs for several quarters is not the same challenge as a seasonal peak. If your current model is calibrated for steady-state volumes, VAMP enforcement represents a structural stress test, not a temporary disruption.
Issuer dispute operations that have automated the repeatable parts of the dispute lifecycle, from intake and pre-dispute submission through evidence collection and deadline tracking, are structurally better placed to absorb what VAMP is now generating.
Amiko, Rivero's agentic dispute management platform, automates repetitive and mundane parts of dispute processing and prioritises cases by payment network deadline proximity, giving issuing banks the capacity to absorb volume growth without degrading outcomes.
Enforcement is live, and the threshold isn't going to ease. The question worth asking now is whether your dispute operations were built for the volume that is coming, or only for the load you have always had.