What is the Visa Issuer Monitoring Program (VIMP)?

Sydney VaccaroIndustry TrendsLeave a Comment

What is the Visa Issuer Monitoring Program (VIMP)_
Visa introduced their issuer fraud monitoring program, which will go into effect on October 19, 2019

This April, Visa introduced an issuer monitoring program that will go live in October 2019. The Visa Issuer Monitoring Program will be tracking, investigation, and helping issuers that have high levels of fraud activity.

Visa Issuer Fraud Monitoring

Visa introduced their issuer fraud monitoring program, which will go into effect on October 19, 2019, in the US, Canada, CEMEA, Europen, and LAC regions. The goal of VIMP is to monitor and investigate issuers that generate a high level of fraud activity. An issuer will be placed in VIMP if it meets or exceeds both of the following:

  • $500,000 monthly fraud amount  
  • 1% ratio of fraud-to-sales (calculated monthly)

In the US, Visa will identify an issuer under 3-D Secure Fraud Activity monitoring. For these merchants, on domestic 3-D Secure fraud only, they will be placed in VIMP if they meet or exceed both of the following:

  • $100,000 monthly 3-D Secure fraud amount
  • 0.75% ratio of 3-D Secure fraud-to-sales dollar amount (calculated monthly)

Because this is an introduction of a new program, Visa may modify or create new monthly VMIP requirement thresholds.

What the Monitoring will Include

The program monitoring includes all card-not-present environment activity. This includes fraud activity reported by the issuer to Visa in the preceding month and all card-not-present sales transactions settled with the issuer preceding month.

If there is an unusual activity, Visa may require the issuer to use appropriate tools or technologies to address the fraud issue.

An issuer will no longer be enrolled in VIMP if they are below the program threshold for three consecutive months.

High Total Fraud Loss Monitoring Program – Europe Region

In Europe, Visa will identify the 15 issuers, and 15 acquires with the highest level of fraud. This is calculated in “absolute transaction value terms.” Once these issuers and acquirers are identified, they will be given a three-month notice of the review and asked to agree to a review start date. After the review, they will receive a report that will map out actions that can be taken to improve their fraud management.

VIMP Timelines

This program will go into effect on October 19, 2019, in the US, Canada, CEMEA, Europe, and LAC regions. April 18, 2020, it will go into effect in the AP region.

If an issuer is identified and put into the Visa Issuer Monitoring Program, they must comply with the following:

Program Status

Issuer Actions

Month 1 – 3

  • Review portfolio activity, determine the cause of the excessive Card-Absent Environment Fraud Activity and take actions to mitigate the Fraud Activity

Month 4 – 11

Enforcement Period

  • Non-compliance assessments apply
  • Provide to Visa an action plan to reduce the portfolio’s Card Absent Environment Fraud Activity

Month 12

Enforcement Period

  • Non-compliance assessments apply
  • Provide to Visa a final, written summary of the portfolio’s performance and Card-Environment Absent Fraud Activity remediation initiatives

Visa states that it “reserves the right to withhold Visa Chargeback Monitoring Program reimbursements to Issuers identified in the enforcement phase of the VIMP program.”

What is the Visa Chargeback Monitoring Program?

Just like the Visa Issuer Monitoring Program, Visa also monitors its merchants for too much fraudulent activity. On a monthly basis, if any merchant has excessive disputes, Visa will notify the acquirer. Once notified, acquirers are expected to reduce the merchant’s disputes. Visa says, “merchants should work with their acquirer to develop a detailed dispute-reduction plan which identifies the root cause of the dispute issue and an appropriate remediation action(s).”

These remediation actions will depend on the dispute condition, merchant’s line of business, business practices, fraud controls, and operating environment, sales volume, geographic location, and other factors.

The acquirer is required to fill out a VCMP/VFMP Remediation Plan with the merchant. This remediation plan is to help merchants improve their chargeback or fraud mitigation efforts with the goal to get the merchant out of the risk compliance program. The plan starts with a current fraud solution and root cause evaluation. Visa provides a list of available fraud deterrents and asks if the merchant is currently using them. These include :

  • AVS
  • CVV2
  • Verified by Visa
  • Velocity checking
  • Negative/Positive Data Base
  • EMV
  • Geolocation/IP Detection
  • Device Fingerprinting
  • Tokenization
  • Fraud Scrubbing System

The next step is to list out the corrective actions the merchant will take in order to reduce fraud and disputes. Here Visa does not give a list, but simply a fill-in-the-blank response. Here is where merchants need to show their true game plan to reduce disputes.