Revised standards - Excessive Fraud Merchant compliance program

Mastercard 01/11/2019

What’s changing?

MasterCard will update the Excessive Fraud Merchant (EFM) compliance program in order to include two compliance frameworks.

One framework will be used for regulated countries, the other for non-regulated countries¹.

The EFM program will monitor the total amount of fraud as well as the number of transactions authenticated through 3D Secure (3DS). Merchants will be considered non-compliant when all the following conditions are met:

  • The total USD amount of fraud-related chargebacks in a given month exceeds USD 50,000.
  • The total number of fraud chargebacks exceeds 50 basis points.
  • The percentage of monthly clearing volume processed using 3DS is lower than 10 percent in non-regulated countries, or lower than 50 percent in regulated countries.

This program doesn’t apply to merchants in Germany, Liechtenstein, St. Helena, and Switzerland.

What does the change mean?

The EFM Compliance Program measures compliance at the merchant ID (MID) level. It will send the notifications and potential financial assessments to the acquirer which are ultimately passed on to merchants.

How will this affect you?

For merchants in regulated countries, it will be particularly important to deploy EMV 3DS, which will contribute to their ability to ensure effective fraud prevention policies and procedures are in place.

Effective date

  • October 1, 2020 for Canada
  • March 1, 2020 for all other regions

¹ Regulated countries are countries where there is a legal or regulatory requirement for Strong Customer Authentication (SCA)