TL;DR: Visa’s updated Acquirer Monitoring Program now counts fraud and dispute events against the same thresholds, and the article says merchants can be flagged when merchant ratios reach 2.2% or when acquirer portfolios hit 0.7%, according to Riskified. The operational lesson is that payment risk is now a governance problem, not just a fraud operations problem.
NHIMG editorial — based on content published by Riskified: VAMP compliance pressure and Shopify merchant account closures
By the numbers:
- Merchant excessive 2.2% ratio or higher, with at least 1,500 fraud and dispute transactions per month
- Acquirer excessive 0.7% portfolio ratio or higher
Questions worth separating out
Q: How should merchants reduce the risk of VAMP-driven account closures?
A: Merchants should treat VAMP as a governance programme, not only a fraud review task.
Q: Why do high-dispute ecommerce models face more payment risk?
A: Card-not-present, subscription, digital goods, and cross-border fulfilment models tend to generate more disputes because the buyer, delivery, and evidence chain are weaker than in face-to-face commerce.
Q: What breaks when merchants have alerts but no response workflow?
A: Alerts lose value when no one is accountable for acting on them during the narrow pre-chargeback window.
Practitioner guidance
- Unify fraud and dispute governance Track fraud, chargeback, and alert outcomes in one operating view so the same merchant cannot be judged against three disconnected risk processes.
- Create a pre-chargeback response path Define who can refund, pause fulfilment, or contact customers during the alert window before a TC40 or TC15 is issued.
- Review exposure for high-dispute business models Prioritise card-not-present, subscription, digital goods, and cross-border fulfilment merchants because these segments naturally produce more disputes and are more likely to hit portfolio thresholds.
What's in the full article
Riskified's full article covers the operational detail this post intentionally leaves for the source:
- Merchant-specific examples of how VAMP thresholds affect Shopify Payments closures and payout disruption.
- The article’s explanation of how TC40 and TC15 events are combined into a single monitoring ratio.
- Practical use of Ethoca Alerts and Compelling Evidence CE 3.0 to reduce chargeback exposure.
- Riskified’s implementation context for merchants that need faster dispute response and representment workflows.
👉 Read Riskified's analysis of VAMP compliance pressure on Shopify merchants →
VAMP thresholds and merchant fraud controls: what teams need now?
Explore further
Threshold-driven payments governance now behaves like identity policy enforcement: merchant account status is increasingly determined by a composite of risk signals rather than a single incident type. That shifts the control problem from isolated fraud review to ongoing policy governance, evidence quality, and accountable exception handling. Payment teams should treat the threshold itself as the control surface, not just the warning sign.
A question worth separating out:
Q: Who is accountable when acquirer-level compliance triggers merchant closures?
A: Accountability is shared, but not evenly. The acquirer is responsible for portfolio compliance, while merchants are responsible for the transaction behaviour that contributes to the ratio. Practically, both sides need transparent reporting, escalation rules, and evidence that shows which controls were operating at the time.
👉 Read our full editorial: VAMP compliance is forcing ecommerce merchants to rethink fraud controls