What Are Card Scheme Penalty Programs — and Why Should You Care?
By Rihab Oudda (September 2, 2025)
When people think about card payments, names like Visa or Mastercard immediately come to mind. These card schemes form the backbone of the global payments ecosystem, connecting merchants, payment service providers (PSPs), acquirers, and issuers.
Most businesses are familiar with interchange fees or acquirer fees, for example, but there’s another category of costs that can be even more damaging if left unmanaged: scheme penalty programs. These programs are designed to enforce compliance with the schemes’ operational and risk standards, and if your business falls short, the penalties can quickly pile up.
In this post, we’ll explain what card scheme penalty programs are, why they matter, and how to stay ahead of them.
What Are Card Scheme Penalty Programs?
Card scheme penalty programs are fee-based mechanisms enforced by Visa, Mastercard, and other schemes to ensure compliance with their rules.
Unlike standard processing fees, these are reactive fees — they’re only triggered when a merchant, PSP, or acquirer violates certain requirements. For example: submitting excessive retries after declines, sending poor-quality data, or generating too many chargebacks.
In other words, they act as a financial deterrent to keep participants aligned with the schemes’ performance and security expectations.
Common Types of Penalty Programs
Penalty programs differ across schemes and regions, but the most common categories include:
- Excessive transaction retries (e.g., continuing to attempt declined authorizations)
- Data quality issues (e.g., invalid account numbers, CVV mismatches, expired cards)
- Excessive disputes or fraud cases
- Failure to respect cardholder revocations of authorization
Here’s a snapshot of some major programs across different card schemes:
| Fee Name | Scheme & Region | Description | Conditions/Thresholds | Fee Rate | Billing Delay |
|---|---|---|---|---|---|
| Visa System Integrity Fee (Excessive Retry Fee) | Visa; Global | Charged for excessive retries on declined transactions. | Cat. 1: Any retry; Cat. 2–4: 16th+ retry in 30 days. | Domestic: $0.10; Cross-Border: $0.15 ($0.25 LATAM) | 1 month |
| Visa System Integrity Fee (Data Quality Fee) | Visa; EU, APAC, LATAM | Charged per transaction above threshold for data-quality declines. | >25,000 Category 3 declines/month per MID. | Domestic: $0.10; Cross-Border: $0.15 ($0.25 LATAM) | 1 month |
| Mastercard TPE Excessive Authorizations Fee | Mastercard; Global | Penalty for excessive account testing on a single PAN. | Region-specific retry limits (e.g., 10 per 24h, 35 per 30 days). | $0.3–0.55 EUR (region dependent) | 2 months |
| Mastercard TPE Merchant Advice Code Fee | Mastercard; Global | Fee on retries after declines with MAC 03 or 21. | Applies if similar decline occurred in past 30 days. | $0.03–0.50 (region dependent) | 1 month |
| Visa Stop Payment Service Fees | Visa; Global | Charged for retries after “Revocation of Auth” refusal. | 4th+ retry on same card after R0/R1/R3. | €1 per instance | 1 month |
| Mastercard Acquirer Performance Development Fund Not Tokenized CoF Fee | Mastercard, EEA. | Fee applied when a Credential-on-File transaction is processed without using a network token. | Applies whenever a card-on-file (COF) transaction is processed without a Mastercard token (non-tokenized). | Rate varies by country in the EEA: e.g., 0.07% in Germany; approximately 0.05% in Austria, Poland, Spain. | 2 months billing delay (the fee is billed two months after the transaction occurs) |
| VAMP | Visa; Global | Monitoring program for fraud, disputes, and enumeration (card-not-present) – penalties for exceeding thresholds. The enforcement will start on October 1 2025. | Based on monthly VAMP ratio (TC40 + TC15 ÷ settled txns) and enumeration thresholds. | $8 per CNP dispute, whether fraud or non-fraud. | 3 months grace; then billed monthly |
| Fraud monitoring mastercard | Mastercard; Global | Penalties for persistent e-commerce fraud above thresholds. | Thresholds include: ≥ 1,000 e-commerce MC payments, fraud-chargebacks > $50,000 (USD/EUR), fraud chargeback rate > 0.50%, and low 3DS usage | Escalating fines: Month 2: $500; M3: $1,000; M4–6: $5,000; M7–11: $25,000; M12–18: $50,000; M19+: $100,000. | 1-month grace; then billed monthly from month 2 onward |
Visa System Integrity Fee (Excessive Retry Fee)
This fee is designed to discourage merchants and acquirers from repeatedly submitting authorization requests after a decline. Excessive retries can stress Visa’s processing systems and indicate poor payment practices or attempted fraud. Visa classifies declines into four categories, with stricter limits on categories more prone to fraud or poor merchant behavior. Once the retry limit is breached (e.g., more than 15 retries within 30 days for certain categories), Visa applies the fee. The cost varies by region, with higher rates in cross-border and LATAM transactions.
Visa System Integrity Fee (Data Quality Fee)
This fee penalizes acquirers and merchants that contribute to high volumes of “Category 3” declines — meaning issuer-declined transactions resulting from inaccurate or poor-quality data (e.g., wrong CVV, expired card data). When the monthly threshold of 25,000 such declines is exceeded by a given MID (Merchant ID), Visa imposes this fee per transaction above the limit. It encourages merchants to maintain accurate cardholder data and reduce unnecessary issuer traffic.
Mastercard TPE Excessive Authorizations Fee
Mastercard introduced this Transaction Processing Excellence (TPE) fee to prevent “account testing” attacks, where fraudsters test stolen card details by submitting numerous low-value authorization requests. If authorization attempts on a single PAN (Primary Account Number) exceed Mastercard’s retry thresholds (e.g., more than 10 in 24 hours, 35 in 30 days), the fee is triggered. The amount depends on region, generally ranging between €0.30–0.55. This incentivizes acquirers and merchants to adopt stronger fraud detection and retry logic.
Mastercard TPE Merchant Advice Code (MAC) Fee
This TPE fee targets situations where merchants ignore issuer guidance. Specifically, it applies when authorization requests are retried after receiving declines with Merchant Advice Codes 03 (“Do not retry – fraudulent transaction”) or 21 (“Do not retry – lost or stolen card”). If a merchant retries a transaction after such a decline within 30 days, Mastercard applies a per-transaction penalty ranging from $0.03 to $0.50. This protects cardholders and reduces unnecessary issuer traffic caused by merchants disregarding issuer instructions.
Visa Stop Payment Service (SPS) Fees
The SPS fee enforces Visa’s Stop Payment rules. When issuers send a “Revocation of Authorization” (R0, R1, or R3), merchants are expected to stop processing further authorizations on the affected card. If the merchant submits more than three retries after receiving such a code, Visa charges a €1 fee per instance. This protects cardholders from unwanted charges and ensures that revocation requests are respected.
Visa Acquirer Monitoring Program (VAMP)
Launched in April 2025, VAMP consolidates Visa’s previous Fraud Monitoring (VFMP) and Dispute Monitoring (VDMP) programs into a single global framework. It monitors acquirers and merchants on two key ratios:
- VAMP Ratio: The proportion of fraud (TC40 reports) and disputes (TC15) compared to settled transactions.
- Enumeration Ratio: The rate of card-testing attempts identified by Visa’s Advanced Authorization Intelligence (VAAI) tool.
Merchants or acquirers that exceed VAMP thresholds are enrolled in the program and receive a three-month grace period for first-time violations. If they remain non-compliant after this period, Visa begins assessing monthly fines. Starting October 1, 2025, merchants will be charged $8 for each card-not-present (CNP) dispute, whether fraud-related or not. However, merchants with five or fewer total fraud or dispute cases in a given month are excluded from fee calculations. For more details, check out our VAMP blog post.
Mastercard Excessive Fraud Merchant (EFM) Program
The EFM program targets merchants generating excessive fraud in e-commerce transactions. A merchant is placed in EFM if they:
- Process ≥ 1,000 Mastercard e-commerce transactions in a month,
- Incur fraud chargebacks totaling more than $50,000,
- Exceed a fraud chargeback rate of 0.50%, and
- Fail to use 3D Secure (or use it at very low levels).
Once enrolled, the merchant receives a one-month grace period without fines. If still above thresholds, escalating penalties apply: $500 in month 2, rising to $100,000 by month 19 and beyond. This structure strongly incentivizes merchants to implement fraud prevention measures quickly.
Why They Matter
Penalty programs may seem minor — just a few cents or euros per transaction — but they can erode margins silently, costing thousand of dollars per month. For large merchants processing millions of transactions, these fees can amount to thousands or even millions annually.
What’s worse, many businesses don’t realize they’re incurring them until fees suddenly spike. By then, the damage is already done.
How to Monitor and Manage These Penalties
Avoiding scheme penalties requires constant monitoring and compliance discipline. Best practices include:
- Monitoring decline reason codes and retrial strategies;
- Monitor additional card scheme codes, such as merchant advice codes;
- Monitor efficient retrial logics that don’t exceed thresholds;
- Proactively tracking fraud and chargeback ratios;
- Improving data quality on transaction submissions
Manual tracking is possible, but it’s often too complex, especially when multiple regions and schemes are involved. That’s where analytics and visibility tools become essential.
How Congrify Helps
At Congrify, we specialize in bringing clarity to complex scheme fees, including penalty programs.
With our solution, businesses gain:
- Visibility: Full transparency into penalty program costs.
- Alerts: Early warnings before thresholds are breached.
- Analytics: Historical insights to spot patterns and optimize performance.
Instead of being surprised by hidden penalties, you’ll know exactly where they’re coming from and how to stop them.
Wrapping Up
Card scheme penalty programs are a silent cost in payments. They’re designed to enforce compliance, but for businesses, they represent an avoidable drain on revenue if you have the right visibility and controls in place.
👉 Want to know if you’re silently losing revenue to scheme penalties? Get in touch with our payments experts at Congrify.