Compaytence Logo
Subscription Operations Playbook
Strictly Confidential

Bulletproof Your
Payments

v1.4 • Last Updated June 2026 Supplements • Coaching • Digital Products • Trial Offers

The field guide for high-risk subscription merchants. Every rule here exists because a real merchant skipped it and lost their processing account. Follow them and you keep processing. Skip them and you inherit the same outcome.

What's Covered

Website Audit

Claims, Policies, Badges, Endorsements

Checkout

Opt-In, Funnels, Term Bubbles, Emails, Shipping

Chargebacks

Visa, Mastercard, Alerts, RDR

Marketing Strategy

Ad Claims, AI Imagery, Reviews

Token Ownership

Shopify Risk, Migration, Reserve Recovery

Authorization Rates

Processor Tiers, Declines, Secure Data

Entity Setup

Local Currencies, Cross-Border, Merchant of Record

Operations

Support Standards & Contact Structures

Quick Reference

Threshold Cheat Sheet & Glossary

Brand Audit

Your Live Compliance Score & Checklist

MODULES
At a Glance
  • Use structure/function language — describe what a product supports, never what it cures or treats.
  • Remove fake “doctors,” FDA-approval claims, and unverifiable badges before the card networks’ scanners find them.
  • Publish real COAs and genuine Trustpilot badges to build legitimate trust.
  • Make every landing-page promise match your Terms & Refund policy word-for-word.
01

Compliant Language and Claims

Your checkout site is the first point of evaluation during a merchant review. Underwriting teams continuously audit active stores to identify compliance violations. High-risk verticals like supplements, coaching programs, subscription-based services, and trial-based offers face the most scrutiny. Using the wrong phrasing on a website can result in an immediate application denial or a sudden account suspension.

The wrong sentence on your homepage can cost you the account.

Shutdown Risk

Disease claims, fake FDA approval badges, and stock-photo "doctors" with no real credentials are immediate underwriting triggers. Visa and Mastercard's monitoring programs scan for these constantly. Getting caught means holds, reserve increases, or MATCH listing.

Frame your copy around supportive benefits. Focus on what the product supports, not what it treats or cures. Maintaining accuracy and caution with every claim protects your merchant standing.

Copy Auditing Matrix

Kills Your Account Protects Your Processing
"Cures diabetes"
"Supports healthy blood sugar levels already in normal range"
"FDA Approved"
"Made in an FDA-registered facility" / "GMP certified"
"Detoxes parasites"
"Supports the body's natural digestive cleansing process"
"Burns fat fast"
"Supports your body's natural metabolism"
"Works with GLP-1 drugs"
"Supports your body's natural GLP-1 pathway"
Deceptive stock doctors / unqualified clinical claims
Verified, licensed medical practitioners with active credentials on file
"Third-party certified" (without docs)
Same claim - with COA on file to back it up
02

Fake Endorsements

Clinical & Sourcing Verification Audit

Violative Setup

Deceptive Stock Doctor Endorsement

Deceptive Stock Doctor Banner
💰 CLINICALLY APPROVED • ELIMINATES DISEASE FAST 💰
MD
APPR
OVED

Underwriting Verdict: Stock imagery, unsupported medical claims, and unverified seals. Instant account rejection.

Compliant Setup

Verified Credentials & COAs

Active COA Public Registry
GMP Certified Production Batch #304
FDA-Registered Facility Link VERIFIED

Underwriting Verdict: Public batch logs and GMP documentation. Onboarding approved.

03

COA & Sourcing Transparency

Bulletproof Your Setup: Sourcing Transparency

Build a public Transparency Directory linked in your footer. Host third-party Certificates of Analysis (COAs) for every product batch, GMP manufacturing proof, sourcing details, and active FDA facility registration links. Underwriters reward this with faster approvals and higher processing limits.

04

Trustpilot Badge Compliance

Ensure all displayed online reviews are genuine. Link directly to your live Trustpilot profile rather than using static, unlinked graphics. Display your actual rating and review counts honestly without inflating the numbers.

Audit Failure

Deceptive Static Badge

Trustpilot
★★★★★
Excellent   4.9 / 5
Based on 20,847 reviews

Underwriting Verdict: Displaying an inflated review count that contradicts your live profile.

Compliant

Transparent Directory Link

Trustpilot
See what our verified customers are saying →
trustpilot.com/review/yourbrand.com

Underwriting Verdict: Authentic review badges linked directly to an active, verified profile.

05

Policy Templates

Every eCommerce store must maintain clear and accessible legal documents, including a Refund Policy, Privacy Policy, Terms of Service, and Shipping Policy linked in the website footer. If you run a recurring billing model, a standalone Subscription Policy is required. Similarly, service providers, appointment-based models, live events, ticketing, and custom order businesses must publish a distinct Cancellation Policy. Underwriting teams require these core policies to be clearly visible in your website footer. Linking them throughout the checkout flow and including them in transaction emails is a recommended best practice to maximize account stability.

Shutdown Risk

A missing or buried cancellation policy fails underwriting instantly. Card networks also require your physical business address displayed clearly inside every policy document.

Auditing Standard: Address Consistency

Processors verify your corporate address appears in both your policy pages and your global footer. A mismatch or missing address means instant application rejection.

Copy the template below and publish it at `/pages/subscription-policy`. The email, phone, and physical address must match your merchant account filings exactly.

Template 1: Subscription & Cancellation Policy

[INSERT BRAND NAME] - SUBSCRIPTION & CANCELLATION POLICY

Last Updated: June 1, 2026

At [INSERT BRAND NAME], we stand behind every purchase. This policy covers your rights and obligations for returns, refunds, and exchanges.

1. Eligibility for Returns & Refunds: We accept return or refund requests for most physical products within ninety (90) days of delivery, subject to the conditions below:

  • Customers are responsible for all return shipping fees.
  • The item must be unused, in the same condition in which it was received, and returned in its original packaging.
  • Proof of purchase (order number or receipt) must be provided.
  • Exclusions: Opened supplements or consumable products (due to safety and quality control standards), gift cards, opened health or personal care items, and marked final sale/clearance items are not eligible for return or refund.
  • After 90 days from delivery, no refunds, returns, or exchanges will be accepted under any circumstances.

2. How to Request a Return or Refund: To initiate a return, contact our support team at support@yourbrand.com. Once approved, we will provide instructions and the return address. Please do not send items back without prior authorization.

3. Refunds: Upon receipt and inspection of your return, we will notify you of the status. Approved refunds are issued to the original payment method within 5-10 business days. Refunds cover the product cost only; original shipping charges are non-refundable.

4. Subscription Cancellations: If you are enrolled in a subscription, you may cancel at any time using one of the options below:

  • Option 1 (Online Portal): Click the "Manage Your Subscription" link available in your confirmation email or on our website. Enter your email, and follow the prompts to cancel instantly.
  • Option 2 (Support Email): Email us at support@yourbrand.com requesting manual cancellation. Include your full name, shipping address, order number, and registered email address.
  • Timing: Cancellation requests must be submitted at least twenty-four (24) hours prior to your scheduled billing date to avoid being charged for the next scheduled shipment.

5. Disputes & Chargebacks: Before filing a chargeback or payment dispute, please contact our support team so we can resolve the issue directly. We are committed to resolving all concerns in compliance with Stripe, PayPal, and gateway processing policies.

6. Customer Support:
Support Email: support@yourbrand.com
Support Number: +1 (800) XXX-XXXX

Merchant Copy Tip:

Link this at `/pages/subscription-policy`. Ensure the email, phone, and physical address are exact and match your merchant account filings.

Template 2: Privacy Policy

[INSERT BRAND NAME] - PRIVACY POLICY

Last Updated: June 1, 2026

Thank you for using [INSERT BRAND NAME]'s online resources and for viewing this Privacy Policy. This policy gives notice about the types of personal information we collect, how we use it, and who we share it with and why.

1. Important Vocabulary:
- "Company", "we", "us", or "our": Refers to [INSERT BRAND NAME] / [INSERT CORPORATION NAME].
- "Personal Information": Means any data that can be used to distinguish, trace, or discover your identity.
- "Online Resources": Means all websites, subdomains, and funnels linking to this Statement.

2. How We Collect Personal Information:
- Voluntary Submissions: We collect data you give us when creating accounts, making purchases, signing up for newsletters, sending emails, or contacting support.
- Automatic Collection: When you use our site, information about your device, browser, and internet activity (IP address, pages visited) is automatically collected via tracking tools like cookies.
- External Sources: We obtain data from third-party advertising partners, marketing databases, and social media platforms where you interact with our brand.

3. Types of Personal Information Collected:
- General Identifiers: Real name, IP address, shipping address, email address, phone number.
- Commercial Information: Records of products purchased, billing logs, and consuming histories.
- Internet Activity: Browsing history, checkout interactions, search queries on our online portals.
- Audio/Visual Logs: Recordings of customer support calls for quality and compliance checks.

4. How We Use the Personal Information: We use your data for legitimate business purposes including: transaction processing, performing contracts, delivering promotional offers, improving website experience, security monitoring, debugging, and customer service.

5. Secure Token Vaulting: We process credit card transactions using PCI-compliant payment gateways. All recurring billing credentials are encrypted and stored in secure tokens within gateway vaults (NMI/Authorize.net). We do not store raw card numbers on our storefront servers.

6. Sharing Personal Information: We may share personal information with corporate affiliates, operations support vendors, customer support partners, software/technology hosts, payment processors, and marketing networks. In some jurisdictions, marketing transfers may count as "selling" or "sharing" data under CCPA. You have the right to opt-out.

7. Do Not Track & Global Privacy Control (GPC): While we do not respond to browser "Do Not Track" (DNT) signals, we honor Global Privacy Control (GPC) signals as valid requests to opt-out of sales/sharing where legally required.

8. Your Privacy Rights: Depending on your location, you may have the right to know, delete, correct, opt-out of data selling, withdraw consent, or appeal privacy decisions. To exercise these rights, email us at support@yourbrand.com.

9. EU GDPR Obligations: For individuals in the EU/UK, we process data based on consent, performance of contracts, or legitimate interests. You have the right to erasure, portability, restriction, and lodging complaints with a data protection authority.

10. Promotional Messages (SMS & Email): By subscribing to promotions, you authorize email/SMS communications, including automated dialer text messages. To unsubscribe from emails, use the link provided. To opt-out of SMS, text "STOP" to any of our messages.

11. Contact Information:
[INSERT BRAND NAME] Compliance Office:
[INSERT BUSINESS PHYSICAL ADDRESS]
Email: support@yourbrand.com

Template 3: Terms of Service

[INSERT BRAND NAME] - TERMS OF SERVICE

Last Updated: June 1, 2026

IMPORTANT NOTICE: PLEASE READ THESE TERMS CAREFULLY BEFORE ACCESSING, USING, OR PLACING AN ORDER. THESE TERMS CONTAIN BINDING ARBITRATION, CLASS ACTION WAIVERS, AUTOMATIC SUBSCRIPTION TERMS, AND LIMITATIONS OF LIABILITY.

1. Acceptance of Terms: These Terms of Use and Conditions of Sale govern your access to the website, purchases, and auto-ship subscriptions offered by [INSERT BRAND NAME] ("Company", "we", "us"). By using the website, you warrant that you are at least 18 years old, have legal capacity, and purchase products for personal use only.

2. Electronic Assent & Clickwrap Consent: Your affirmative actions, such as checking unchecked boxes or clicking accept buttons during checkout, constitute your legally binding electronic signature and assent.

3. Subscriptions, Automatic Renewals, and Billing:
- Enrolling in a subscription establishes a billing contract.
- You authorize recurring charges (e.g., $49.99 billed every 30 days) to the card on file.
- Auto-ship subscriptions renew automatically. To avoid renewal charges, cancellation must be completed at least 24 hours prior to the next billing date.

4. Product Information & FDA Disclaimer: All products are sold for personal use. Products and claims made on this website have not been evaluated by the FDA. Products are not intended to diagnose, treat, cure, or prevent any disease. Information on the website is not medical advice.

5. Limitation of Liability: Under no circumstances shall [INSERT BRAND NAME] or its affiliates be liable for indirect, incidental, special, or consequential damages arising out of your website access, purchase, or product usage. Our total liability is capped at the amount paid by you for the specific product purchased.

6. Claims Limitation: You agree that any claim or cause of action arising out of your transaction or website access must be filed within one (1) year after the claim arose, or be forever barred.

7. Dispute Resolution & Binding Arbitration:
- You agree that any dispute relating to purchases, subscriptions, or site access will be resolved through individual binding arbitration.
- Class Action Waiver: You waive your right to participate in any class-action lawsuit.
- Mass Action Waiver & Batching: If 25 or more similar claims are filed, they will be batched into groups of 10 for arbitration to control fees and ensure speedy resolutions.
- Jury Trial Waiver: You waive your right to a trial by jury.

8. Corporate Office Address:
[INSERT BRAND NAME] is operated by [INSERT CORPORATION NAME]:
[INSERT BUSINESS PHYSICAL ADDRESS]
Email: support@yourbrand.com

Template 4: Shipping & Delivery Policy

[INSERT BRAND NAME] - SHIPPING & DELIVERY POLICY

Last Updated: June 1, 2026

1. Order Processing: All orders are processed, packaged, and prepared for carrier dispatch within one to two (1-2) business days (excluding weekends and major national holidays). You will receive a confirmation email once placed, and a shipping notification once shipped.

2. Shipping Timelines & Rates: We offer fast and reliable shipping on all orders. You can expect standard delivery within five to fourteen (5-14) business days depending on your location, shipped via reliable carriers (such as USPS Ground Advantage).

3. Tracking Your Order: Once shipped, you will receive a carrier tracking number via email. Please allow up to 24 hours for the tracking link to update in carrier systems.

4. Lost or Delayed Orders: If your order has not arrived within seven (7) business days of the expected delivery date, please contact us at support@yourbrand.com, and we will assist.

5. Support Directory:
Support Email: support@yourbrand.com
Support Number: +1 (800) XXX-XXXX

Bulletproof Your Setup

Synchronized Footer Links. Confirm every footer link is live. Business name, phone, LLC, and physical address must be identical across every policy page. Any mismatch fails the audit.

06

Policy Alignment

Ensure all marketing promises and landing page guarantees align with your published refund policy. Discrepancies between your website copy and legal terms increase dispute rates and chargebacks.

Mismatched Offers (Audit Failure)

Landing Page Banner:
"90-Day Money-Back Guarantee, No Questions Asked!"
Refund Policy Page:
"All sales are final on opened items. We do not accept returns or refunds on custom shipments."

Underwriting Verdict: Deceptive advertising flag.

Synchronized Offers (Compliant)

Landing Page Banner:
"90-Day Satisfaction Guarantee on Unopened Packages"
Refund Policy Page:
"We accept returns on unopened supplements in original packaging within 90 days of delivery."

Underwriting Verdict: Aligned. Passes underwriting verification.

Bottom Line

Get your site’s language and policies aligned and you clear the first underwriting gate, which is also the harshest. A large share of denials happen right here, so a clean site removes the most common reason to reject you.

Want a second set of eyes before underwriting does?

Claims, policies, and descriptors are read line by line when your MID is reviewed, and the details that trigger a decline are easy to miss on your own store. Book a call and our team audits your site against current card network standards, learns how your business actually operates, flags the exposures that matter for your industry, and maps the fixes in order of risk.

At a Glance
  • Require active consent: Ensure customers actively choose subscription options at checkout rather than using pre-checked boxes.
  • Design transparent funnels: Avoid negative option billing structures and hidden terms to prevent customer confusion.
  • Define terms at checkout: Display clear billing frequencies, amounts, and cancellation steps in plain language.
  • Standardize transactional communications: Deliver automated welcome, renewal, and shipping emails on time.
  • Implement order tracking: Attach valid carrier tracking to every delivery to prevent non-receipt disputes.
01

Subscription Opt-In

Pre-checking subscription boxes at checkout is a high-risk practice for merchants. Customers who do not consciously enroll often dispute subsequent charges as unauthorized, because to them, they are. When this happens, you ship product, absorb a chargeback fee, and face a spiking dispute rate that draws processor scrutiny.

Compliance Risk

Pre-checked subscription boxes, terms in tiny font, and mismatched trust badges are standard compliance violations.

Case Study: RYZE Superfoods
Compliance Assessment
Understanding Checkout Standards: You may be wondering why several high-profile brands still use pre-checked subscription boxes at checkout. Established brands with years of transaction history, high customer volume, and dedicated support systems have built significant credibility with processing networks. Newer or scaling brands carry a higher risk profile. For these companies, following strict active-consent guidelines is the most reliable way to prevent processing issues and maintain account stability.

Pillar 1: Exceptional Public Trust Score

Established brands with tens of thousands of verified customer reviews present a low risk profile. For these merchants, occasional checkout friction or customer disputes do not significantly impact their overall processing metrics.

4.8 Trustpilot Score
20K+ Verified Reviews

Pillar 2: Long-Standing Transaction History

High-volume brands with years of consistent transaction history and dispute ratios below 0.2% build long-term credibility. Scaling merchants with under a year of processing history face stricter risk assessments and have less operational flexibility.

< 0.2% Dispute Rate
3+ Years Processing Longevity

Pillar 3: Massive Support Firewall

Large-scale brands maintain dedicated support teams to resolve customer issues immediately. If your support response time is delayed, customers are more likely to contact their bank directly, resulting in avoidable chargebacks.

< 12h Response Time
100% Cancel-on-Demand

Pillar 4: Advanced Gateway Redundancy

Established brands route transactions across multiple redundant gateways. If one merchant account experiences elevated dispute levels, backup accounts prevent processing disruptions.

Multiple Gateway Vaults
Active Interception Networks
High Risk

Pre-Checked Opt-Ins

Checkout Summary
Total Due: $49.99

Risk Assessment: Enrolls customers without explicit consent.

Compliant

Explicit Selection Flow

Choose Purchase Type
One-Time: $59.99
Subscribe: $49.99

Risk Assessment: Confirms explicit customer consent, ensuring processing stability and compliance.

Bulletproof Your Setup

Subscription checkboxes: unchecked by default. Terms visible in standard font at checkout. Build real Trustpilot and BBB scores through legitimate post-purchase campaigns. Transparency protects processing.

02

Negative Option & Funnel Structures

Negative option billing, where customers are charged automatically unless they actively reject the offer, remains a major focus for regulatory enforcement and card network compliance. When a customer does not recognize a recurring charge or cannot easily stop it, they frequently file a payment dispute. At scale, negative option structures often produce high dispute rates that can lead to processing restrictions. To mitigate this risk, merchant underwriters prefer subscription models that require a clear, unchecked active opt-in.

Forced continuity, such as converting a free trial into a paid subscription, represents another area of high dispute exposure. If a customer is charged the full recurring rate after a trial period without clear notice, the subsequent charges are often disputed. Card networks recommend presenting the exact billing dates and amounts prominently before the trial ends. Obtaining clear, active consent before billing begins helps ensure a compliant relationship.

Aggressive post-purchase upsells can also inadvertently commit customers to subscription billing agreements they did not intend to make. Even when terms are included, presenting multiple upsell screens without clear choices can generate customer complaints. A compliant funnel flow should feature distinct opt-ins for each subscription offer, clear notifications of billing dates prior to charges, and automated confirmation receipts detailing the exact agreements.

High Risk

High-Risk Funnel Pattern

  • Pre-checked subscription boxes at checkout
  • Buried trial details with billing timelines in fine print
  • Multiple one-click subscription upsell screens without separate consent
  • No pre-billing reminders
  • Restricted cancellation options
Compliant

Compliant Funnel Flow

  • Unchecked subscription checkboxes for explicit opt-in
  • Prominently displayed trial billing schedules
  • Separate confirmation steps for upsells
  • Pre-billing reminder notifications delivered 3 to 7 days before recurring transactions
  • 24/7 self-serve cancellation access
03

Term Bubbles & Checkout Clarity

A common source of subscription chargebacks is customers who forget they enrolled and fail to recognize subsequent billing statements. While these are often simple misunderstandings, they can escalate into serious fraud-related chargebacks that negatively impact your processing portfolio.

Checkout Term Bubbles & Opt-In Clearances

Display subscription terms where customers cannot miss them. Use prominent term bubbles next to checkout options to ensure the customer clearly understands the billing frequency and recurring amount. Here is an example of a compliant setup:

checkout.yourbrand.com/secure
SECURE SSL GATEWAY
1. Shipping & Payment
customer@email.com
123 Main Street, New York, NY
Credit Card Details
•••• •••• •••• 4242 12/28 123
2. Review & Complete
One-Time Purchase
$59.99 USD
Subscribe & Save (Save 20%) Delivered every 30 days
$49.99 USD
Superfood Greens Blend
Recurring 30-Day Auto-Ship
1x
Subtotal: $49.99
Shipping: FREE
Total Due: $49.99 USD
Complete Order
04

Pre-Billing Email Flows

Surprising customers with an unexpected charge is an easy way to trigger disputes. If you skip pre-billing reminder emails, customers are much more likely to dispute the charge immediately. Sending consistent reminders before they are charged keeps everything transparent and reduces customer confusion. You should also include a direct link to their subscription profile in the email, so they can easily cancel or adjust their plan if they don't want to pay again.

Premium Subscription Email Flows

Bulletproof Your Payments

Order confirmation emails should list subscription terms and billing details clearly at the bottom, even for one-time purchases that include a subscription cross-sell. Deliver pre-billing emails exactly 3 to 7 days before recurring charges, providing a direct link to manage or cancel the plan. The cancellation process should be simple and seamless for the customer.

05

Shipping, Tracking & Delivery Alignment

Deceptive delivery claims and delayed shipments drive chargebacks. When customers have no visibility into their package's status, they may think their order has not arrived and file a dispute.

Shipping Delays

Vague shipping promises or delays past your stated delivery window cause disputes. If you advertise 5 to 7 business day delivery but fulfillment takes four weeks, it frequently results in "order not received" chargebacks, which is one of the major causes of merchant account issues.

Sourcing & Shipping Guidelines

Clear Timelines

State your processing time (e.g., 2 business days) and a clear delivery window (e.g., 5 to 7 business days). Match exactly what your policy pages say.

Automated Tracking

Use Zendrop or a shipping platform to send automated updates at fulfillment, in-transit, and delivery.

Mandatory Proactive Delay Alerts

Automated Alert Email Flow: If fulfillment slips more than 48 hours past your stated window, trigger an alert email immediately. Tell the customer why, and give them one-click options to pause billing, request a new date, or cancel. Proactive communication kills shipment disputes.

Visual Package Delivery & Tracking Interface

Active Delivery Pipeline

Order Tracking: #CMP-8392

IN TRANSIT
Order Placed & Confirmed

Subscription terms accepted & payment authorized

June 1, 10:24 AM
Fulfillment & Batch Packing

Lot #GMP-829 COA verified and loaded in shipment box

June 2, 2:15 PM
In Transit (USPS Facility)

Tracking ID: 9400111899562918839210

June 3, 7:30 AM
Package Delivered

Out for local courier drop-off

June 5 (Est.)
Estimated transit time: 3 business days Track Live on Carrier Site →

Bulletproof Your Shipping

Automate your shipping tracking notifications and provide customers with honest, specific delivery timelines. Proactive communication is a highly effective way to prevent disputes before they occur.

Fulfillment & Tracking Partner

06

Checkout Solutions

The checkout and subscription platforms we put merchants on to run everything above compliantly. These systems manage your offers, route your billing across MIDs, and keep your funnels clean.

Third-Party Checkout & Subscription Platforms

Native Shopify Apps

Bottom Line

A transparent checkout and honest, specific delivery timelines are your best dispute-prevention tools. When you automate shipping tracking notifications and communicate proactively, customers know exactly what to expect. Ensuring they understand what they agreed to helps disputes, including friendly fraud, drop on their own.

Building your checkout and subscription stack?

Sticky.io, Phoenix, Loop, Checkout Champ, and Apptics each fit a different platform and billing model, and the right one depends on how you run offers and route MIDs. Book a call and we will learn how your funnel works, match your checkout and subscription stack to your business, and board you with partner pricing and a dedicated account manager.

At a Glance
  • Monitor network ratios: Visa and Mastercard enforce strict dispute thresholds that can lead to fines.
  • Set up chargeback alerts: Intercept disputes from card networks before they register.
  • Set up automatic refunds: Resolve disputes inside the payment network to protect your chargeback ratio.
  • Protect your processing: Keep your dispute rate low, as the chargeback ratio is the primary metric processors monitor.
01

Visa VAMP: The Unified Monitoring Program

It is a structural overhaul. Visa collapsed dispute monitoring (VDMP) and fraud monitoring (VFMP) into a single unified ratio. As a result, your dispute performance is evaluated as a single combined number, making the math harder to game.

The VAMP formula is: (All Disputes + TC40 Fraud Alerts) ÷ Total Settled CNP Transactions. The challenge is double-counting. A transaction flagged by both a TC40 alert and a formal dispute counts twice in the numerator. For subscription brands running high-frequency billing, this compounds quickly.

The merchant-level enrollment threshold is 1.5%. That drops to 0.9% for fraud-related activity. Your acquirer faces a 0.5% "Excessive" flag and a 0.3% "Above Standard" flag, meaning your bank has a strong incentive to offload your account before Visa forces the issue.

Compliance Risk

VAMP enrollment triggers a $10 fee per chargeback on top of standard processing costs. Enrollment can also result in reserve increases, delayed settlement, and account holds. Sustained enrollment can lead to account termination and being placed on the MATCH list.

1.5%
Enforcement Threshold
Merchant-level enrollment threshold.
0.9%
Fraud Threshold
Fraud-related ratio ceiling for elevated monitoring.
0.5%
Acquirer Excessive
Threshold that flags your processor to the network.
0.3%
Acquirer Above Standard
Early warning threshold. Your processor is already watching.
You cannot auto-refund your way out of fraud alerts.

Two exclusions are worth knowing: RDR-resolved disputes and Compelling Evidence 3.0 (CE 3.0) disputes can be excluded from the VAMP ratio. However, TC40 fraud alerts still count even when RDR is enacted. A transaction resolved through RDR drops from your dispute count, but if an issuing bank simultaneously files a TC40 fraud report on it, that TC40 stays in your numerator. You cannot auto-refund your way out of fraud alerts, which is why alert-only strategies are not sufficient. You need active interception and root-cause suppression.

Visa also runs Visa Account Attack Intelligence (VAAI), which tracks card-testing enumeration fraud through your checkout. VAAI operates independently of the VAMP ratio. If fraudsters run card tests on your site, it represents a separate exposure.

Bulletproof Your Payments

Run a tri-layered alert system: Ethoca for Mastercard, Verifi RDR for Visa, and CDRN for international coverage. Track your VAMP ratio monthly. Break chargeback data down by reason code to separate dispute-driven exposure from fraud-driven exposure, because the fix is different for each. Fix your upstream policies (opt-in clarity, pre-billing emails, cancellation flows) to stop TC40 alerts from accumulating.

02

Mastercard SMMP: The Scam Merchant Crackdown

Mastercard SMMP (Scam Merchant Monitoring Program) represents a significant shift from traditional chargeback monitoring. Legacy fraud programs track stolen cards. SMMP tracks something harder to defend against: transactions that were technically authorized, but tied to deceptive business practices. The hard number: a combined refund and chargeback ratio above 5% puts you on Mastercard's radar.

In plain terms: SMMP is Mastercard's answer to the complaint they keep hearing: "I bought something, I got charged, but I feel deceived." No stolen card, no fraud dispute, just a feeling of being misled. Mastercard built a monitoring system to detect and act on those patterns at scale.

What gets merchants flagged: misleading subscription offers, deceptive ads, fake investment or coaching claims, confusing checkout flows, poor post-sale communication, and complaint spikes from new traffic sources. Mastercard also extends accountability to your entire acquisition chain. If your media buyers run misleading ads that generate complaints, that risk flows directly to your merchant account.

5%
SMMP Trigger Ratio
Combined refund + chargeback ratio ceiling. Exceeding this triggers SMMP review.
Jul 24
Enforcement Date
Mastercard SMMP actively monitoring as of July 24, 2026.

SMMP Trigger Checklist

If any of these apply to your business, you're an SMMP candidate:

  • Subscription enrollment buried in checkout fine print or pre-checked
  • Billing descriptors that don't match the brand customers recognize
  • Cancellation policy is hard to find or requires phone calls only
  • Sudden spike in complaints tied to a new ad campaign or affiliate push
  • GRIP letters or fulfillment documentation requests from your processor
  • Post-sale communication that doesn't reference the subscription or billing terms clearly
  • Affiliate marketers or lead generators running unvetted ad claims on your behalf
  • New merchant account with no processing history but high CNP volume

Acquirer Scrutiny: GRIP Letters

GRIP letters from your acquiring bank are often the first visible signal that SMMP-related review is underway. Once a processor requests fulfillment records, customer communication logs, or proof of marketing disclosures, the account is under elevated scrutiny. A merchant can have strong sales and a clean technical chargeback rate and still trigger SMMP flags if the business model appears designed to confuse customers.

Excessive Chargeback (ECM) and Excessive Fraud (EFM) Programs

In addition to SMMP, Mastercard runs two other primary compliance programs: the Excessive Chargeback Merchant (ECM) program and the Excessive Fraud Merchant (EFM) program. ECM tracks dispute volume using the Chargeback-to-Transaction Ratio (CTR), which is calculated as your current month's chargebacks divided by your previous month's settled transactions. A merchant enters ECM if they exceed 100 monthly chargebacks and a chargeback ratio between 1.5% and 2.99%, which escalates to High ECM (HECM) at 300 or more monthly chargebacks and a ratio of 3.0% or higher. EFM focuses specifically on fraud in eCommerce environments, triggering when a merchant has 1,000 or more eCommerce transactions, over $50,000 in monthly fraud claims, and a fraud ratio of 0.50% or higher. Mastercard generally prioritizes fraud monitoring over dispute ratios, meaning that managing chargebacks alone is not enough, as fraud performance receives just as much attention.

Why Refund Rates Matter

Refund rates aren't as dangerous as chargebacks, but they're an independent risk signal that processors and card networks both track. A high refund rate tells the processor your business has a structural problem. Either your product isn't meeting expectations, your shipping timelines are broken, or your sales process is too aggressive and customers are bailing after purchase.

Think of it this way: a refund is a customer telling you directly that something is wrong. A chargeback is the same customer telling their bank instead. Both point to the same root cause. Mastercard's SMMP is designed specifically to catch merchants who light up a business, run aggressive acquisition, and then see refund rates spike because the experience doesn't match the promise.

Refund Diagnostics

If your refund rate is climbing, do not ignore it. Analyze refund reasons by category (such as shipping delays or subscription confusion). Working backwards from these reasons helps you fix the root cause and maintain a healthy merchant standing.

Bulletproof Your Payments

Remaining compliant should involve demonstrating good faith at every step: requiring explicit opt-ins, using clear billing descriptors, publishing a direct cancellation portal, delivering pre-billing emails 3 to 7 days before recurring charges, and maintaining customer logs.

03

Chargeback Alerts: Your Last Line of Defense

Even when you run a clean operation, some disputes are inevitable. The goal is to catch them before they become formal chargebacks that impact your dispute ratio and processing history. A chargeback alert service intercepts the dispute from the card network before it registers, giving you a window to refund or resolve the issue directly. If you are interested in setting up chargeback alerts, reach out to our team at Compaytence, and we can assist you with the setup process.

1.0%
High-Risk Limit
Triggers automated monitoring and escalating monthly fines.
0.5%
Safe Target
Where you need to be. Safely under every monitoring threshold.
3% → 0.5%
Alert Impact
Typical drop after enrolling in Ethoca and Verifi alert networks.

Recommended Vendors

We prescribe four primary vendors for chargeback alert and fraud prevention services. Each handles both alert interception (catching disputes before they register) and front-end fraud screening (validating purchases as they happen). You don't need all four, but you need at least one active and configured.

Front-End Fraud Prevention

Front-end fraud tools prevent unauthorized transactions at checkout, whereas back-end alerts manage disputes after they occur. An effective fraud tool verifies more than card details. It should evaluate the customer's device, geographic location, and purchasing patterns. For instance, a transaction initiated from a new device in a country mismatching the billing address carries a different risk level than an order placed by a returning customer on their primary phone.

  • Device Fingerprinting: Identifies the specific hardware used to place an order, allowing returning customers to build positive trust scores.
  • Region Verification: Validates that the purchaser's IP address matches their billing profile and issuing bank location.
  • Buyer Behavior Analysis: Examines cart activity, page navigation, and transaction velocity to flag anomalies such as automated card testing.

Descriptor Enrollment

To ensure alerts route correctly, billing descriptors should be registered and mapped to your alert provider. Unregistered descriptors will result in disputes bypassing interception and hitting your merchant account.

Bulletproof Your Payments

Integrating alert notifications directly with your payment gateway allows your system to issue refunds automatically. Setting up automated refunds for alerted transactions helps keep dispute ratios within safe limits.

Match your business to the right alert coverage

Disputifier, Chargeblast, Chargeback.io, and Chargemont each catch disputes at a different point in the flow, and the right mix depends on your processor, your average ticket, and where your chargebacks originate. Set them up through Compaytence and a dedicated account manager configures the alert routing, auto-refund rules, and fraud screening against your gateway — with partner pricing you would not get signing up on your own. Book a call and we will match you to the coverage that fits your volume.

04

RDR & 90-Day PoC

A Note on RDR (Rapid Dispute Resolution)

Visa's Rapid Dispute Resolution (RDR) allows you to auto-resolve certain disputes by issuing automatic refunds before they hit your formal chargeback count. While this tool is useful, processors still track your raw underlying dispute data. RDR treats the symptom, so you should also identify and resolve the root causes of disputes.

New Merchant Tip: 90-Day Proof of Concept

Avoid scaling processing volume on day one. Spend the first 90 days running controlled, low transaction volumes to build a clean history of refunds, cancellations, and sub-1% dispute ratios. This history helps unlock higher processing limits, redundant gateway slots, and lower reserve requirements from underwriters.

Bottom Line

Staying under card network thresholds helps your business maintain a low risk profile. Alerts and RDR provide the necessary tooling to protect your processing.

Chargebacks get harder to manage as you scale

VAMP and SMMP thresholds, alert routing, RDR, and refund timing all interact, and one misconfigured piece can push your ratio into a monitoring program. Book a call and we will review your dispute data, learn where your chargebacks come from, and build a prevention system around how your customers actually buy so you stay clear of the card network programs.

At a Glance
  • Adhere to compliant copy standards: The marketing claims governing your website govern your ads too. Avoid exaggerated claims and fake urgency.
  • Maintain visual integrity: Never present synthetic, AI-generated imagery as authentic customer photos or real results.
  • Prioritize authentic feedback: Build genuine reviews because fabricated ratings represent a substantial legal and processor risk.
01

Deceptive Ad Claims: What Gets Your Account Flagged

Marketing campaigns face strict oversight from multiple entities, including ad networks like Google and Meta, card networks, and federal regulators. When a customer files an order dispute, underwriting teams do not merely review your product page; they actively analyze the ad creative that drove the customer to your store. Because of this multi-layered scrutiny, the ad itself is often the starting point of a compliance review.

Under regulatory frameworks enforced by the FTC, marketing claims should focus on supportive structure and function benefits rather than promising cures or disease treatment. Using aggressive or misleading copy that overpromises results is a major driver of disputes. When customers feel misled by the initial ad, they are far more likely to contact their issuing bank directly instead of reaching out to your customer support team.

Card networks track the origin of these complaints. If chargeback trends show a spike linked to specific ad creatives or traffic sources, it triggers manual underwriting reviews and card network monitoring flags. Ensuring your promotional campaigns remain fully aligned with compliance standards protects your merchant standing and prevents payment account holds.

Ad Copy Audit Matrix

Kills Your Account Protects Your Processing
"Store closing sale, everything must go! Buy now before it is too late!"
"End of season sale, shop our remaining stock while supplies last."
"Every item is carefully handmade by local artisans in Hungary." (when the product is actually drop-shipped from China)
"Sourced globally and manufactured in partnership with verified international suppliers."
"100% satisfaction guarantee: if you are not completely satisfied, we will issue a full refund instantly, no questions asked."
"See what thousands of satisfied customers have to say about our product quality and returns."

Shutdown Risk

When ad claims trigger card network scrutiny, the fallout is worse than a single account flag. Visa and Mastercard correlate complaint spikes with specific merchant descriptors. If your campaigns generate a wave of disputes, pattern analysis can place you in a monitoring program before your rate technically crosses the line. Rewriting ad copy costs nothing. Losing a merchant account costs everything.

02

AI-Generated Imagery: The New Red Flag

AI-generated before and after photos are increasingly detectable by advertising platforms, payment processors, and regulators. The FTC has issued guidance stating that synthetic imagery used to imply real customer results is deceptive advertising. If your ad shows an AI-generated transformation, regulatory agencies treat it as a misrepresentation of customer results, regardless of the product's actual efficacy.

Card networks utilize marketing documentation verification during chargeback reviews. When a customer disputes a transaction citing misleading visuals, the processor will request the original customer assets and consent documents. If those assets are synthetic, the dispute is extremely difficult to defend because you cannot produce a signed consent agreement for a synthetic persona.

As detection technologies improve, brands using synthetic customer imagery face elevated chargeback rates, regulatory scrutiny, and platform bans. Utilizing real user-generated content (UGC), authentic photos with written consent, and ingredient education should be prioritized to build sustainable long-term consumer trust.

High Risk: AI Before and After

What the ad shows:
Synthetically generated customer transformation photos, such as dramatic split-panel weight loss comparisons, with no disclaimers or real customer identities.
FTC compliance exposure · Non-defendable disputes · Platform account suspension

Compliant: Authentic UGC with Disclaimers

What the ad shows:
Real customer video testimonials with signed consent. Includes visible on-screen disclaimers stating that individual results may vary, and avoids health treatment claims.
Aligned with FTC guidelines · Defendable with proper documentation · Ad platform compliant
03

Building Real Reviews

Maintaining strong, positive public review scores on directories like Trustpilot and the BBB is an important factor during card network reviews. Processing banks actively evaluate these platforms to gauge customer satisfaction. It is critical to avoid purchasing fake reviews, as auditors can check reviewer profiles against actual customer order history to verify authenticity.

Klaviyo Email Campaigns

Automating post-delivery review requests via Klaviyo helps generate a steady stream of authentic feedback to build your public score.

Incentive Programs

You should consider offering a 20% discount on subsequent shipments or a small gift in exchange for honest customer feedback.

Review Response Program

Responding professionally to both positive and negative reviews shows active complaint resolution, which helps prevent manual audit flags.

Bottom Line

Honest marketing isn’t just safer — it converts better over time and keeps your ad accounts and merchant accounts alive at once.

Your ads and your merchant account are reviewed together

The claims, imagery, and funnel structure that scale your revenue are the same ones card networks and ad platforms audit. Book a call and we will pressure-test your marketing against compliance standards, learn what drives your sales, and structure it to grow while your processing stays stable.

At a Glance
  • Know who actually owns your payment tokens; on many platforms, it isn’t you.
  • Plan migration so you can change processors without losing recurring customers.
  • Recover reserves methodically when winding down a processor relationship.
01

The Token Problem: Why Shopify Will Destroy Your Recurring Revenue

When you run subscriptions on Shopify, you don't own your subscriber payment tokens. Shopify does. Every encrypted card credential that powers your recurring charges lives inside their proprietary ecosystem, not yours.

The moment Shopify flags, restricts, or terminates your account, those tokens vanish with it. In the nutraceutical space, that flagging happens. When it does, you lose your entire billing database instantly.

Shutdown Risk

If Shopify terminates your account, migrating your subscription list is nearly impossible. On a live but restricted account, a vault migration is slow and extremely difficult. On a banned account, Shopify will refuse to transfer token data. Your entire subscriber list, built over months, is gone.

Your subscription billing needs to live at the gateway level, not the platform level. Route through a third-party checkout provider that vaults token data directly inside gateways like NMI or Authorize.net. Platforms like Checkout Champ handle the operational layer, pulling subscription data, vaulting tokens at the gateway, and routing recurring transactions. You own the vault. Shopify owns nothing.

Bulletproof Your Setup

Own your token data or you don't own your subscription business. Gateway-level storage at NMI or Auth.net gives you complete redundancy. If a processor terminates you, swap in another processor. Your subscribers keep billing.

Gateways & Platforms That Vault Your Tokens

NMI Gateway

Gateway vaulting and network tokens that power recurring billing and portable card tokens.

Authorize.net Gateway

CIM token vault stores cards securely for recurring billing and reduced PCI scope.

Checkout Champ Funnels & Billing

Build high-converting funnels and checkouts with upsells, subscriptions, and multi-gateway billing.

Learn more

Not sure which gateway should hold your tokens?

Holding your card tokens on NMI or Authorize.net keeps your subscribers portable across MIDs, while Checkout Champ runs the funnel-side billing. Which one anchors your vault depends on your platform and how you route volume. Set it up through Compaytence and we migrate your existing tokens, configure the vault, and give you a dedicated account manager and partner pricing on the way in. Book a call and we will map it to your billing model.

02

Migration Strategy

Making the Transition Without Killing Your Subscriptions

If you're already running subscriptions on Shopify, don't just turn it off. You have two ways to migrate safely:

Option A

Run in Parallel

Keep legacy subscriptions on Shopify while capturing all new subscribers in your gateway.

  • Keep Shopify active for existing subscribers, letting them naturally wind down
  • Route all new transactions to your new checkout provider
  • New tokens are captured at the gateway level going forward
  • Old subscriptions fizzle out on their own timeline
Option B

Duplicate the Storefront

Clone your brand frontend completely onto a parallel platform with native gateway checkout integrations.

  • Keep the Shopify store live strictly for legacy subscribers
  • Run a parallel version of the brand with the new checkout integrated
  • Same domain, same premium branding, new independent backend
  • Direct all new incoming traffic to the new version
03

Reserve Recovery & 90-Day Proof of Concept

Reserve Recovery Plan

If a platform shutdown has already occurred and your recurring tokens are locked, put together a Reserve Recovery Plan. Our team can build a compliance-first proposal for your processor, outlining your gateway vault structure to negotiate the release of held capital and the reactivation of your subscriber list.

Bottom Line

Being able to move your tokens means no processor can hold your recurring revenue hostage. That’s leverage every serious subscription business should hold.

Own your tokens before you need them

Migrating a subscriber vault, negotiating token ownership, and recovering reserves get far harder once a processor has already frozen you. Book a call and we will learn how your recurring billing runs and map your token and MID structure around it, so your subscribers stay portable as you grow.

At a Glance
  • Qualify for a Tier 1 processor: Match your processor tier to your risk profile to set a high baseline approval rate and secure a stable processing environment.
  • Manage declines with smart retry logic: Route failed transactions through cascading gateways to recover soft declines while avoiding hard decline retries.
  • Use secure transactions: Leverage network tokenization, request full transaction data, and run front-end fraud screenings to maximize issuer approval rates.
  • Optimize approval rates: Every point of authorization rate is revenue you already earned, meaning small gains compound.
01

Processor Tiers

Not all processors are built the same. One that handles tire shops and restaurants runs a completely different risk engine than one built for card-not-present subscription brands. We sort processors into three tiers, and the tier you land on decides your authorization rates, your fees, and the stability of your processing environment.

Tier 1: Top-Level Banks

Adyen, Checkout.com, Worldpay, Paysafe, and Nuvei. These are gated processors. To get in, you generally need $1.5M+ in monthly volume, 12+ months in business, sub-1% chargeback rates, and proof of product-market fit. Not everyone qualifies, and that's the point. Because they reject risky merchants at the door, issuing banks trust transactions routed through their BINs. On Tier 1, authorization rates consistently hit 85% to 95% for compliant subscription brands.

Some Tier 1 processors are the bank themselves. Adyen holds banking licenses in both Europe and the US, and Checkout.com is a principal member of Visa and Mastercard. When your transaction routes through their infrastructure, there's no middleman sponsor bank sitting in the chain.

Tier 2: Mid-Level Processors

PayPal, Shopify, Stripe, and Airwallex. These platforms are known to quickly onboard merchants and offer simple initial setups. However, they also rely on fully automated risk decisioning that can later place sudden shutdowns or rolling reserves on your account. A spike in disputes or fraud flags can trigger automated algorithms to freeze your funds or close your account without warning. For scaling brands, relying on a single Tier 2 setup represents a significant single point of failure.

While these platforms typically maintain card-not-present authorization rates of 80% to 90%, they are not a substitute for Tier 1 gateway setups. To protect your operations, you should use these processors as part of a multi-merchant account stack rather than your entire foundation.

You can be doing $3M a month and still lose access overnight.

Tier 3: High-Risk Processors

These processors specialize in gaming, crypto, adult, telehealth, and anything the Tier 1 and Tier 2 platforms reject. They waive volume requirements. They accept startups. They onboard merchants with elevated chargeback histories. The tradeoff is brutal.

Every processor has a sponsor bank behind it that actually acquires the transactions. Tier 3 sponsor banks carry huge aggregate risk from all the high-risk merchants they board. So when a cardholder checks out on your site through a Tier 3 processor, the issuing bank sees a BIN tied to fraud-heavy verticals. Even if your customer has funds and your business is clean, the bank declines as a precaution. On Tier 3, authorization rates routinely drop to 65% to 75%.

The Guilt-By-Association Problem

Tier 3 processors share BIN ranges with gambling sites, adult content platforms, and crypto exchanges. Issuing banks see this and flag the entire BIN. Your legitimate supplement subscription gets declined because it shares a payment rail with a casino. There's no appeal process. The only fix is getting onto a cleaner processor.

Tier Examples Auth Rate Range Access Requirements
Tier 1 Adyen, Checkout.com, Worldpay, Nuvei, Paysafe 85% to 95% $1.5M+/mo, 12+ months, sub-1% CB rate
Tier 2 PayPal, Shopify, Stripe, Airwallex 80% to 90% Quick onboarding, automated risk monitoring
Tier 3 High-risk specialists (gaming, crypto, adult) 65% to 75% Minimal requirements, elevated fees

Processors We Onboard Merchants To

Adyen Processor

In-house acquiring and smart routing across many countries, built to lift card approval rates.

Checkout.com Processor

End-to-end acquiring with machine-learning acceptance to raise approvals across 150+ currencies.

Airwallex Global Payments

Local-currency acquiring and accounts across 60+ countries to lift approvals and cut cross-border declines.

Nuvei Processor

Global acquiring and hundreds of local payment methods engineered to raise cross-border approval rates.

Not sure which processor tier fits you?

Your approval rate and your reserve terms come down to matching your business to the right acquirer and processor tier. Compaytence boards you across 30+ processor and acquiring relationships, preps your underwriting file, sets up each MID, and configures smart routing so volume keeps flowing if one processor pauses. Book a call and we will place you on the stack that fits your model and get you approved the first time.

30+ processor & acquiring relationships we board merchants on
Adyen Checkout.com Airwallex Nuvei NMI Authorize.net + 25 more
02

Declines & Retry Logic

Every failed transaction returns a reason code from the issuing bank, and your entire dunning strategy depends on reading those codes correctly. Retry a hard decline and you waste money and damage your processor relationship. Ignore a soft decline and you lose revenue you could have recovered.

Hard Declines

Permanent failures. The bank won't approve this card under any circumstances.

Reason Code What It Means Action
Lost/Stolen Card Cardholder reported the card missing. Bank closed it. Stop. Request new card from customer.
Invalid Card Number Customer fat-fingered the card number at checkout. Show inline error: "Card number is incorrect."
Expired Card Card passed its expiration date. Prompt for updated card details.
Incorrect CVV The 3-digit security code doesn't match. Show inline error: "CVV is incorrect."
Restricted Card Card type is restricted for this transaction type. Request alternate payment method.

Soft Declines

Temporary failures. The bank isn't saying no permanently. It's saying "not right now" or "give me more information." These are recoverable.

Reason Code What It Means Action
Insufficient Funds Customer doesn't have the balance to cover the charge. For subscriptions, retry in 3 to 7 days via the dunning flow.
Do Not Honor Issuer declined with no specific reason. Most common soft decline. Retry in 24 to 48 hours. If using Tier 3 processor, this may be BIN-level distrust.
Suspected Fraud Transaction flagged by issuer's fraud model. Trigger 3DS/SCA challenge. If customer passes, resubmit.
Authentication Required Bank requires Secure Customer Authentication (3DS2). Send SMS or biometric challenge, then resubmit with auth data.
Transaction Limit Exceeded Customer hit their daily or per-transaction spending cap. Retry next business day. Common on corporate and prepaid cards.
Issuer Unavailable The issuing bank's system is temporarily down. Retry in 1 to 2 hours. Not a customer issue.

High-Risk Processor Warning

If you're on a Tier 3 high-risk processor, you'll see far more "Do Not Honor" and "Suspected Fraud" soft declines than normal. Even after you add 3DS challenges and extra cardholder data, the issuing bank may still refuse the transaction because of the processor's BIN reputation. Retry logic won't fix that. The only solution is moving to a cleaner payments stack.

Initial Purchase Cascading

When a new customer gets a soft decline on your primary MID, cascade the transaction to a secondary MID. If it fails there, cascade to a third. You waterfall down until it approves or fails on all available processors. Platforms like Checkout Champ, Phoenix, and custom gateway routing rules support this natively.

Only cascade soft declines. If the decline code is "Lost/Stolen Card" or "Invalid Card Number," don't cascade. The card is dead. Pushing a known-bad card through three more processors just burns your relationships with all of them.

Never Cascade Subscription Rebills

Don't cascade recurring charges to a different processor than the one that approved the original purchase. When a customer subscribes through Processor A, their card token lives in Processor A's vault. Moving that rebill to Processor B forces re-tokenization, which breaks the chain of trust. The issuing bank sees a brand-new merchant trying to charge the card and declines it. Keep every rebill on the original processor.

Subscription Dunning Strategy

For recurring subscription charges that fail (insufficient funds, transaction limits, issuer unavailable), build a dunning schedule inside your subscription platform. Space retries strategically.

  • Day 1: First attempt fails. Send the customer an email: "Your payment didn't go through. Update your card to keep your subscription active."
  • Day 3: Second attempt. Many insufficient funds issues resolve after a paycheck cycle.
  • Day 7: Third attempt. Send a final warning email with a direct link to update payment info.
  • Day 14: Final attempt. If this fails, cancel the subscription and send a winback email.
03

Secure Transaction Data

Submitting enriched and verified cardholder data is one of the most effective ways to build issuer trust and raise approval rates. Gated networks expect modern security signals to validate transactions.

Data Enrichment for Higher Approvals

The more data you send with a transaction, the more likely the issuing bank approves it. Collect and transmit all of the following at checkout:

  • Network Tokenization: Swap standard credit card numbers for secure network tokens provided directly by Visa and Mastercard. This keeps card details updated automatically and improves approval rates by 2% to 3%.
  • Full AVS Data: Collect and transmit the customer's billing street address and ZIP code. Partial Address Verification Service (AVS) matches are declined more frequently.
  • CVV/CVC Verification: Require the security code on the back of the card at initial purchase. While you should never store this data, sending it with the initial transaction is essential.
  • Device Fingerprinting: Link each transaction to a unique hardware fingerprint. When returning customers buy from a verified device, their transaction approval rates increase.
  • IP Geolocation: Confirm the customer's IP address matches their billing profile and card-issuing location to reduce transaction risk.
  • 3DS2 / SCA Challenges: Implement Secure Customer Authentication challenges. While required in Europe, running 3DS2 selectively on high-risk domestic transactions significantly reduces suspected fraud declines.

Bulletproof Your Payments

A secure payment foundation relies on complete data transmission. Combining network tokenization with full billing verification and selective 3DS2 challenges ensures issuing banks recognize and approve your transactions. Enriched data is the most reliable way to increase your baseline approval rates.

The ROI of Authorization Optimization

Every point of authorization rate represents revenue you already paid to acquire. Transitioning to a gated Tier 1 processor and configuring cascading gateways can recover 10% to 15% of declined transactions. For a merchant processing $1,000,000 monthly, this optimization can secure $100,000 to $150,000 in additional revenue without any additional marketing spend.

Bottom Line

Improving authorization rates is the fastest way to increase profitability. By aligning your business with Tier 1 requirements, routing soft declines intelligently, and transmitting enriched customer data, you maximize transaction approvals and protect your bottom line.

Approval rates are won across your whole stack

Decline codes, retry logic, processor tiers, and MID redundancy all move your authorization rate, and small routing changes compound at volume. Book a call and we will go deep on your current setup, pinpoint where transactions are dropping, and build the redundancy that keeps revenue flowing when a processor tightens up.

At a Glance
  • Bill customers in their local currency to cut cross-border declines.
  • Know when a Merchant of Record makes sense versus running your own entities.
  • Get KYC/KYB right - clean ownership docs prevent payout holds.
  • Match your legal entity name to your bank account exactly to avoid suspended payouts.
01

Local Currencies

Set up your corporate entity where your customers actually live. Processing internationally on a single entity can push currency conversion fees onto your buyers, inflate interchange rates, and trigger high decline volumes. As a standard operating threshold, you should apply the 30% rule: if you process more than 30% of your total payment volume in a single foreign region, you should consider establishing a localized corporate entity to handle that market.

The 5% FX Tax on Your Customers

For example, if you sell to UK buyers while only presenting USD at checkout, the customer's UK-issued card has to convert from USD to GBP, and their bank often charges a 3% to 5% foreign transaction fee. This quietly adds an unexpected surcharge to every international order. When customers notice these additional costs and billing complications on their statements, they are far less likely to complete subsequent purchases or remain subscribed. Present prices in local currency at checkout. Always.

The 1% to 2% Processing Cost Penalty

Cross-border transactions also carry higher processing fees, because card networks charge elevated interchange rates on international sales. For example, a localized domestic transaction in the US might cost 1.5% in interchange. The same transaction run cross-border from a European entity to a US buyer can cost 2.5% to 3.5%. That extra 1% to 2% comes directly out of your margin on every sale.

The Hidden Cost Stack

Operating without a local entity in your primary market (such as selling to US cardholders from an international entity) is highly inefficient. You pay an extra 1% to 2% in interchange fees, face 3% to 5% in FX fees passed on to your customers, and lose 10% to 15% of your volume to cross-border false declines. Combined, this can drain a significant portion of your international margins.

Multi-Currency Partners

02

Cross-Border Declines

Even when you present prices in local currency, processing cross-border still trips automated fraud flags at issuing banks. The issuer doesn't care what currency you display. It cares where the acquiring bank sits.

Here's how it plays out. A customer in New York buys a coffee at a local shop, and their US bank logs a domestic transaction. Ten minutes later they get home, see your ad, and try to buy your supplement online. Your Europe-based processor routes that transaction through a European acquiring bank. Now the customer's US issuing bank sees two charges within minutes: one domestic, one hitting a European entity. Its fraud engine flags "impossible travel" and auto-declines. The customer never sees an error message that makes sense. They just leave.

This isn't theoretical. Cross-border false declines hit 10% to 15% of international card-not-present transactions. For a merchant doing $500,000 monthly in international sales, that is $50,000 to $75,000 in lost revenue every month. These are not chargebacks or refunds; they are sales that never happened because the bank blocked the transaction before it started.

The Cross-Border Penalty

Processing cross-border without a localized entity can cost you 10% to 15% of total international transaction volume to false fraud declines, 1% to 2% in extra interchange fees, and 3% to 5% in FX fees passed to your customers. At this point, you should consider establishing a localized corporate entity to process transactions through local acquiring networks.

03

Merchant of Record (MoR)

A Merchant of Record is the fastest way into new international markets without the overhead of registering foreign entities. If you're doing $50,000 to $100,000 monthly in a market and you've proven product-market fit, an MoR might be your bridge.

How an MoR Works

An MoR (like Paddle, Lemon Squeezy, or FastSpring) acts as a legal reseller. At checkout, it technically buys the product from you and instantly resells it to the customer. The MoR's name and local entity show up on the cardholder's statement, and the transaction runs through the MoR's local acquiring bank in the customer's country. As far as the issuing bank is concerned, it's a domestic transaction.

Stripe acquired Lemon Squeezy specifically to add MoR capabilities to its platform, reflecting the growing adoption of this model in international payment architectures.

What an MoR Solves

International Tax Compliance

The MoR collects and remits VAT, GST, and local sales tax in every country it operates. You don't register for VAT in the UK, file GST returns in Australia, or hire a local tax advisor in Germany. The MoR is the legal seller, so tax is their problem.

Local Payment Methods

Without a local entity, you can't offer region-specific payment methods. In the Netherlands, 60%+ of online transactions use iDEAL. In Belgium, it's Bancontact. In India, UPI processes billions of transactions a month. Show up in those markets with only Visa and Mastercard and you're invisible to half your potential customers. An MoR's local entity turns all of these methods on automatically.

Cross-Border Decline Elimination

Because the MoR processes through a local acquiring bank, the customer's issuing bank sees a domestic transaction. The 10% to 15% false-decline penalty from cross-border processing disappears, and authorization rates in that market jump to domestic levels.

When an MoR Makes Sense

Use an MoR when you've got product-market fit in a region ($50,000 to $100,000 monthly) but the cost and complexity of a full entity doesn't justify the revenue yet. MoR fees run higher than direct processing (typically 5% to 8% vs. 2% to 3%), but the revenue you win back from killed cross-border declines and newly available local payment methods more than covers the spread.

Evaluating Entity Setup vs. Merchant of Record

The choice between an MoR and a dedicated local entity represents a tradeoff between setup speed and operational margin. A Merchant of Record charges higher fees, typically 5% to 8% compared to the 2% to 3% standard processing rate, which eats into your margins to pay for their markup. However, as your sales volume in a region grows, establishing a local corporate entity and your own payment processor stack allows you to cut out the middleman, yielding higher net revenue and full control over your customer billing experience.

04

KYC & KYB Compliance

Setting up an entity is only half the job. To actually process payments, you have to pass Know Your Customer (KYC) and Know Your Business (KYB) audits, mandated by federal anti-money-laundering (AML) law and card network rules. If you can't satisfy them, processors will hold your funds or shut down your MIDs on the spot.

US Entity Requirements Notice

The documentation and checks outlined below are specific to establishing and verifying a US corporate entity. Compliance regulations and audit requirements vary significantly from region to region.

Know Your Customer (KYC) Requirements

KYC verifies the actual humans behind the legal entity. Underwriters require verification for all Ultimate Beneficial Owners (UBOs), who are typically defined as anyone owning 25% or more of the company. For high-risk subscription businesses, processors often lower this threshold to 10% or require complete KYC verification on every corporate director, meaning these checks affect all UBOs and key decision makers.

  • Personal Identification Documents: Underwriters frequently ask for supporting personal documentation, such as government-issued photo IDs, personal tax returns, or official tax documents to verify your identity.
  • Personal Identifier: US citizens must provide a Social Security Number (SSN). Non-US citizens must provide an Individual Taxpayer Identification Number (ITIN) or a valid passport scan.
  • Personal Residence Address: You must list a physical home address. Processors check this address against utility bills (electricity, water, gas) or cell phone bills dated within the last 90 days.

Note on Non-US Founder Verification

If you are a non-US citizen operating a US entity, you still need to provide a valid personal residence address. Some founders use the address of a US associate or relative. If you do this, you must still be able to provide a cell phone or utility bill in your legal name at that address to satisfy verification systems.

Know Your Business (KYB) Requirements

KYB verifies that your business is a legally registered, active operation. Processors audit your business registry to ensure your entity is in good standing and not a shell company.

  • Verifiable Business Address: You must supply a Google-verified physical business address. Post office boxes and virtual mail forwarders are routinely flagged and rejected by processor risk engines.
  • EIN (Employer Identification Number): The tax ID for your business. Non-US residents who don't have an EIN yet can submit Form SS-4 (the preliminary application document) as a temporary placeholder, but you have to provide the official EIN to keep the account active.
  • Official IRS Verification: Processors will not accept state registry screenshots. You must upload the official IRS EIN assignment letter (Form CP 575) or a replacement verification letter (Form 147C).
  • Corporate Documents: High-quality uploads of your state-issued Business License and Articles of Organization (for LLCs) or Articles of Incorporation (for Corporations). These must clearly list all members and ownership percentages.
  • Bank Name Matching: The bank account connected to your processor must match the legal name on your corporate registration exactly. DBAs have to be registered; you can't route payouts to a personal account or an unregistered brand name.

The Registered Agent Address Trap

Many founders register in Delaware or Wyoming and use their registered agent's address as their business address. That doesn't satisfy KYB. Risk systems cross-reference application addresses against Commercial Mail Receiving Agency (CMRA) databases, and if one flags a registered agent address, the processor locks the account and demands a utility bill or commercial lease in your business name.

The Physical Business Address Solution

To pass KYB, you need a Google-verified physical business address. The cheap way to get one is renting a hot desk or virtual office at a co-working space (WeWork or a local equivalent). These plans usually run $150 to $200 monthly, require no long-term contract, and give you a unique street address where you can receive mail. Your co-working contract plus a mail receipt works as proof of a physical business address.

Tax Implication Myth: many international founders worry that a physical US business address triggers US income tax liability. As long as you don't store physical inventory in the US and don't have employees physically working there, a co-working address doesn't create a US tax nexus. Always confirm with a certified tax advisor, but processing safety requires a physical business address.

KYC & KYB Document Checklist

Before applying to any Tier 1 or Tier 2 processor, gather this exact document stack: (1) Passport/ID scans and personal verification documents (like tax documents) for all UBOs and owners holding 25% or more (or 10% or more for high-risk accounts), (2) Utility or cell phone bills matching personal residential addresses, (3) Official IRS CP 575 or 147C letters, (4) State Articles of Organization or Articles of Incorporation, and (5) A co-working contract or utility bill matching your physical business address.

Keep Your Books Underwriting-Ready

05

Banking Setup

There's no single required bank for subscription merchants. You can open with any US-based, FDIC-insured bank. That said, most of our clients run a dual-bank setup: one traditional brick-and-mortar bank for stability and one fintech bank for speed and flexibility. Here's what we recommend, and why.

Brick-and-Mortar Banks

Chase, Bank of America, and Wells Fargo are the most common choices. Chase is especially popular because it's friendly to international customers and non-US founders opening US-based accounts. A brick-and-mortar bank gives you a branch to walk into when something goes wrong, a stable institution that isn't going anywhere, and a safe place to park your operating reserves. When you need to resolve a hold, a wire issue, or a compliance question, talking to a human at a branch matters.

Fintech Banks

Mercury and Slash are our two primary fintech recommendations. They're built on top of banking infrastructure (typically Column Financial or a similar banking-as-a-service provider). They aren't banks themselves; they're fintech wrappers that put a modern interface on top of FDIC-insured partner banks.

The upside: instant virtual card issuance, clean reporting dashboards, fast bank-letter generation, and simple online account management. Need to issue a virtual card to a vendor right now? Mercury does it in seconds. Chase doesn't. Need a bank verification letter for a processor application? Fintech banks generate one on demand, where a traditional bank may take days.

Traditional Bank

Chase, BofA, Wells Fargo. Park your operating reserves here. Physical branches for in-person problem resolution. Chase is the most international-friendly for non-US founders.

Fintech Bank

Mercury, Slash. Use for day-to-day operations. Virtual cards, instant bank letters, clean dashboards, and fast onboarding. Slash offers outstanding support and Compaytence referral pricing.

The Dual-Bank Playbook

Run both. Use Chase (or equivalent) as your safety net: the account you park funds in and never worry about. Use Mercury or Slash as your operational account: the one you issue cards from, pull reports from, and connect to your processor for payouts. That split gives you the stability of a major bank and the speed of a fintech platform without leaning entirely on either.

Recommended Banking Partners

Entity, Banking & Processing — Done For You

Everything in this module — your US entity, EIN, business banking, and payment processing — is what Compaytence stands up for international founders. Our US Expansion service runs the full setup: incorporation, business banking with partners like Slash and Mercury, and processor onboarding, so you land a compliant, payments-ready US presence and a team that keeps managing it as you scale.

Bottom Line

Your entity and banking structure is the foundation everything else sits on. Set it up correctly once and you get local approval rates, clean payouts, and room to scale across borders.

Cross-border processing is where structure pays off

The entity you register, the banking you hold, and the currencies you settle in decide your approval rates and how cleanly you get paid across markets. Book a call and we will learn where you sell, design your banking and FX setup around it with partners like Airwallex, Slash, and Mercury, and stand it up with you.

At a Glance
  • Prioritize customer support to improve refunds, chargebacks, reviews, and overall conversion rates.
  • Make it easy to reach you: visible contact options help resolve questions before they turn into complaints.
  • Respond fast: rapid communication satisfies frustrated buyers and prevents disputes.
01

Customer Support as Your Chargeback Firewall

Your customer support team is your primary line of defense. Excellent service addresses customer issues early, directly improving refund processing, public review scores, and billing retention. When customers receive quick cancellations or prompt replies, they avoid the frustration that leads to negative ratings or billing complaints. Providing a responsive support experience protects your brand reputation and preserves processing longevity.

Support Vulnerabilities

Slow support, hidden cancellation links, and ignored emails put your merchant account at serious risk. While underwriters may not always audit your contact page directly, they easily detect poor customer service through elevated chargeback rates, negative online reviews, and sparse support resources. You should display a real support email address and an active phone line to keep communication channels open.

Contact Us Page Structure & Standards

Your contact page must show a legitimate operational structure. That means real contact channels an auditor can verify.

Direct Support Email

List your active support inbox (e.g. `support@yourbrand.com`) clearly. Customers should be able to reach you directly from their email.

Support Phone Line

List an active phone number that directs to a real person. Direct phone support resolves customer questions immediately and prevents billing issues.

Office Hours & Forms

State your business hours explicitly (e.g., Mon-Fri, 9am-5pm EST) and offer a backup contact form. Transparency reduces processor concern.

Compliant Contact Us Page Structure

To satisfy merchant account guidelines, you should display clear and direct contact options on your website instead of relying on a simple email form. A compliant layout features direct phone numbers, active support emails, operational hours, and your registered corporate address.

Contact Customer Care

Support Phone:
+1 (800) XXX-XXXX
Mon-Fri, 9:00 AM - 5:00 PM EST
Support Email:
support@yourbrand.com
Replies within 24 hours
Corporate Office:
[INSERT CORPORATION NAME]
123 Wellness Way, Suite 400
Austin, TX 78701, United States
Send Us a Message
Full Name
Order Number
Describe your cancellation or refund request here...
Submit Request

Bulletproof Your Setup

Respond to support emails within 24 hours and resolve tickets within 24 to 48 hours maximum. Process cancellations immediately in the gateway vault before anything else. Fast support prevents disputes, keeps your ratings clean, and satisfies underwriter standards.

Bottom Line

Great support is the cheapest, highest-ROI chargeback tool you have. Every dispute you resolve in the inbox is one that never touches your ratio.

Support is an operations problem once you're scaling

Response times, cancellation handling, and refund workflows shape your dispute ratio directly, and they get harder to hold as volume climbs. Book a call and we will review how your support runs today and build the workflows that keep disputes in the inbox and off your processing history.

At a Glance
  • Bring it together: your brand should signal legitimacy at every touchpoint.
  • Use the 40-point checklist to score your real compliance and surface priority gaps.
  • Re-run the audit whenever you launch new offers or switch processors.
01

Build a Brand, Not a Blip

A durable brand is built on product quality, exceptional customer experience, and transparent business practices. Deceptive shortcuts and compliance workarounds might offer a brief initial conversion lift, but they ultimately result in customer dissatisfaction, high refund rates, and processor scrutiny. Real success in eCommerce comes from establishing trust and delivering genuine value.

By prioritizing customer satisfaction and aligning your operational standards with industry compliance guidelines, you create a legitimate, stable brand. Ensuring that your product matches your marketing promises and that customer interactions are handled with transparency helps protect your merchant accounts and builds long-term customer loyalty.

The CX Standard: Full Subscriber Control & Retention

Give subscribers real control. Deliver checkout transparency, pre-billing reminders, one-click self-serve cancellation, and sub-24-hour support response times. That combination produces low dispute rates, high retention, and the long-term brand stability no checkout shortcut can buy.

Audit

Bulletproof Checklist

Run through this before you launch or before your next operational audit. Every unchecked item is an active exposure. Use the audit below to calculate your compliance rating.

Evaluating Infrastructure

Check items below to calculate your active Subscription Compliance Rating.

0% Safe
Compliant claims audit completed Website

Review all website and ad copy to ensure claims are moderate and avoid exaggerated outcomes or fake urgency.

Sourcing Transparency page or COA directory is live Website

Certificates of Analysis (COAs) and sourcing information organized in an easily accessible public archive.

Complete offer alignment verified across policies Website

Landing page marketing guarantee claims align 100% with written refund policy documents.

Subscription & Cancellation Policy live Website

Dedicated policy visible in the footer, on all pages, and directly linked in checkout flows.

Website policy alignment verified Website

Refund, subscription, shipping, and terms pages are consistent with each other and match every offer and guarantee shown on the site.

Subscription terms and opt-in transparent at checkout Checkout

Subscription box is unchecked by default, and billing frequency, pricing, and auto-renew terms are clearly displayed in standard-size font before purchase.

Subscription email flows configured Checkout

Enrollment email lists subscription terms, a pre-billing reminder fires 3 to 7 days before each charge, every email carries a prominent cancel/manage link, and product-education emails run between cycles.

Shipping, tracking, and delay alerts automated Checkout

Clear processing and delivery windows stated consistently across policies, automated tracking updates at each fulfillment milestone, and delay-alert emails triggered if fulfillment slips 48+ hours.

Chargeback alert service is active Chargebacks

Ethoca and Verifi alert systems integrated to intercept chargeback disputes before they register.

RDR rules are actively configured Chargebacks

Visa's Rapid Dispute Resolution parameters set up to auto-resolve card alerts through gateway refunds.

Chargeback rate is monitored monthly Chargebacks

Active metric dashboard targeting under 0.5% dispute rate, with a hard operational ceiling at 1.0%.

90-day proof of concept scaling strategy in place Chargebacks

Controlled, low-volume scaling plan for the first 90 days to establish a clean historical processing record for underwriters.

Build authentic reviews Marketing

Real Trustpilot reviews sourced dynamically via subscriber email programs; no purchased or fabricated ratings.

Deceptive advertising removed Marketing

Ad copy avoids cure claims, fake urgency, and overpromised results that drive disputes and trigger underwriting reviews.

AI-generated imagery removed Marketing

No synthetic before/after or AI customer photos; visuals use real UGC with written consent and results-may-vary disclaimers.

Token data is owned at the gateway level (NMI / Auth.net) Tokens

Ensure credit card vault tokens are stored in the gateway, completely separated from Shopify.

Platform migration strategy drafted (Parallel/Duplicate) Tokens

Clear roadmap established for moving legacy subscriber vaults without billing interruptions.

Processor redundancy in place (multiple MIDs / backup processors) Auth Rates

More than one live MID across separate processors, so a single shutdown, hold, or reserve never stops your billing.

Hard and soft decline codes mapped in dunning system Auth Rates

Dunning flows correctly differentiate between permanent failures (stop retrying) and temporary failures (schedule retry).

Cascade routing configured for initial purchases only Auth Rates

Soft-declined first-time purchases waterfall to backup MIDs. Subscription rebills stay locked to the original processor.

Secure checkout data and Network Tokenization enabled Auth Rates

Transmit network tokens, full AVS and CVV data, device fingerprints, and selective 3DS2 challenges to maximize transaction approvals.

Local currency presentation enabled for all international markets Entity

Checkout displays prices in the customer's local currency to eliminate FX surprise charges and reduce chargebacks.

Local entities registered in primary international sales regions Entity

Corporate entity established in each region doing $100K+/month to eliminate cross-border decline penalties and reduce interchange fees.

Local payment methods activated in each international market Entity

Region-specific payment methods (iDEAL, Bancontact, UPI, etc.) enabled via local entity or MoR to capture non-card transaction volume.

KYC verification prepared for all UBOs (25%+ owners) Entity

For every owner at 25% or more (10%+ for high-risk): government-issued photo ID, SSN/ITIN or passport, and a personal residence address backed by a utility or cell phone bill dated within 90 days.

KYB documentation complete for the business Entity

Google-verified physical business address, EIN with the official IRS CP 575 or 147C letter, Articles of Organization or Incorporation listing ownership percentages, and a bank account whose name matches the legal entity exactly.

Contact Us page lists real phone number, email and hours Operations

Direct email inbox, active support phone line, and explicit working hours displayed for underwriters.

Support team responsive within 24 hours Operations

Guaranteed email response times within 24h, and active resolutions within 24 to 48 hours maximum.

Cancellation processed immediately inside vault Operations

Zero processing delays on cancellation tickets. Immediate vault updates to prevent future billings.

Physical address displayed in both footer and policies Operations

Exact physical office location listed in both the global website footer and terms/policies pages to satisfy processor audit checks.

Your Compliance Assessment
Complete the checklist above to generate your report.
0%
CriticalModerateCompliantBulletproof
Ready to close the gaps? Our team will review your setup, find your highest-risk exposures, and map the fastest path to compliant processing.
Book a Strategy Call
01

Threshold & Date Cheat Sheet

The numbers and deadlines that decide whether you keep processing. Everything here is summarized from the modules in this playbook — keep it close.

1.5%
VAMP enrollment ratio
5%
SMMP refund + CB ratio
$10
VAMP fee per chargeback
5 yrs
MATCH list duration
MetricThreshold / DateWhy it matters
VAMP merchant enrollment1.5% · Apr 1, 2026Combined dispute + TC-40 ratio that enrolls you in monitoring.
VAMP fraud threshold0.9%Fraud-related ratio ceiling for elevated monitoring.
VAMP acquirer “Excessive”0.5%Flags your processor to Visa — your bank may drop you first.
VAMP acquirer “Above Standard”0.3%Early-warning flag; your processor is already watching.
SMMP trigger ratio5% · Jul 24, 2026Combined refund + chargeback ceiling for Mastercard’s scam-merchant program.
Tier 1 auth rate85–95%Gated top-level processors (Adyen, Checkout.com).
Tier 2 auth rate80–90%Open-signup processors (Stripe, Airwallex) — automated risk cutoffs.
Tier 3 auth rate65–75%High-risk specialists; guilt-by-BIN declines.
MATCH listing5 yearsHow long a termination follows your business.
UBO disclosure≥ 25% ownershipAnyone owning a quarter or more must be disclosed in KYB.

Bottom Line

If you memorize only a few numbers, make it these. Staying under every threshold keeps you off the monitoring programs entirely — which is the whole game.

02

Glossary

Plain-English definitions for the acronyms and jargon used across this playbook.

MATCH
Mastercard Alert to Control High-risk Merchants — the industry blacklist a terminated merchant lands on, where it stays for roughly five years.
VAMP
Visa Acquirer Monitoring Program — Visa’s unified program that scores your combined dispute and fraud activity as a single ratio.
SMMP
Scam Merchant Monitoring Program — Mastercard’s program targeting transactions that were authorized but tied to deceptive practices.
TC-40
A fraud alert an issuing bank files with Visa. It counts toward your VAMP ratio even if you later refund the transaction.
RDR
Rapid Dispute Resolution — an automated rule that refunds eligible disputes before they become chargebacks.
CE 3.0
Compelling Evidence 3.0 — a Visa rule that lets merchants fight friendly fraud using a history of prior undisputed transactions.
Chargeback ratio
Disputes divided by transactions — the core health metric every processor watches.
MoR
Merchant of Record — the entity legally responsible for the sale, taxes, and chargebacks on a transaction.
KYC / KYB
Know Your Customer / Know Your Business — the identity and ownership verification processors require to onboard you.
UBO
Ultimate Beneficial Owner — any individual owning 25% or more of a business, who must be disclosed during KYB.
CNP
Card-Not-Present — online transactions where the card isn’t physically swiped; they carry higher fraud scrutiny.
COA
Certificate of Analysis — a lab document proving what a supplement actually contains.
Token
A stored, encrypted stand-in for a customer’s card that lets you bill them on a recurring basis.
Dunning
The retry-and-recovery process for failed subscription payments.
Reserve
Funds a processor withholds from your payouts as a buffer against future chargeback risk.
BIN
Bank Identification Number — the card-range prefix that signals the issuing bank (and the risk profile) behind a processor.
Structure/function claim
Compliant language describing what a product supports in a healthy body — never what it cures, treats, or prevents.
03

The Compaytence Partner Stack

Every tool we recommend across this guide, in one place. These are the providers we board merchants on through Compaytence. We recommend setting up each one through us: you get a dedicated account manager, a direct line to the partner's own team, partner pricing we have already negotiated, and a compliance review on every account before it goes live. Book a call and we will match you to the right stack for your business and handle the onboarding.

Payment Processors & Acquirers
Adyen Processor

In-house acquiring and smart routing across many countries, built to lift card approval rates.

Checkout.com Processor

End-to-end acquiring with machine-learning acceptance to raise approvals across 150+ currencies.

Airwallex Global Payments

Local-currency accounts in 60+ countries to cut FX fees and cross-border declines.

Avidia Bank Acquiring Bank

A sponsor and acquiring bank that backs merchant accounts and card processing for growing programs.

West America Bank Acquiring Bank

Sponsor-bank acquiring relationships that support stable card processing for established merchants.

Nuvei Processor

Global acquiring and hundreds of local payment methods engineered to raise cross-border approval rates.

Finix Processor

Full-stack payment processing and acquiring for businesses that want to own their payments infrastructure.

Payment Gateways
NMI Gateway

Gateway vaulting and network tokens that power recurring billing and portable card tokens.

Authorize.net Gateway

CIM token vault stores cards securely for recurring billing and reduced PCI scope.

Chargeback & Fraud Prevention
Third-Party Checkout & Subscription Platforms
Native Shopify Apps
Business Banking & FX
Fulfillment & Sourcing
Accounting & Compliance

Our recommendation: build this with us

Every partner in this guide is one we board merchants on directly. Set your stack up through Compaytence and you get a dedicated account manager, partner pricing we have negotiated, our relationships across 30+ processors and platforms, and a compliance review before each account goes live. Book a call and we will match you to the right partners for your business and manage the onboarding for you.