How to Exit a Mastercard Monitoring ProgramIn Hot Water With Mastercard? Here’s How to Get Yourself Out.
Simple Requirements, Difficult to Fulfill
On paper, the path to exiting a monitoring program is crystal clear: get your fraud or chargeback numbers below the threshold and keep them there. In reality, it’s far more difficult than it looks.
Getting out requires you to make sustained efforts. You have to prove to Mastercard that you’ve not only solved the immediate problem, but have also built up your defenses to prevent it from happening again.
In this chapter, I’ll address exit requirements for the Mastercard chargeback monitoring program and the Mastercard fraud monitoring program, along with how you can stay in compliance.
What are the ECM & EFM Exit Requirements?
You aren’t immediately removed from either the ECM or EFM program just because you got your chargeback or eCommerce fraud rate under the acceptable threshold.
In fact, your merchant status won’t be reset to “compliant” until you manage to keep your chargeback rate (in the case of the ECM) or eCommerce fraud rate (in the case of the EFM) below the program threshold for three consecutive months.
Remember: consecutive. If you do good for two months, but then slip up in the third and end up breaching the chargeback or fraud limit again, then you’ll have to start over.
Why Do You Need an Action Plan for Exiting the Program?
Once you’re in a Mastercard merchant monitoring program, getting out becomes an immediate top priority. But where do you start?
Passivity is your worst enemy here. Instead, you need a formal, documented action plan that you can present to your acquirer, showing that you have a roadmap for fixing the problem as quickly as possible. This shows you’re serious about addressing the issue and staying in compliance with Mastercard rules.
Here, we’re gonna talk about the “how” behind the “what,” so that you have a game plan for getting out of hot water.
Things Can You Do to Exit a Mastercard Monitoring Program
As a reminder, you’ll need to maintain compliance with Mastercard rules — that is, remain below program thresholds — for three consecutive months in order to exit from either the ECM or EFM program.
But how exactly can you turn the corner? Here are some tactics to consider as part of your plan:
Root Cause Analysis
Before you can fix the problem, you have to know where the problem really lies. Keep in mind that a high chargeback or fraud rate is just a symptom; the actual cause of the disease lies elsewhere.
For this reason, conducting a proper root cause analysis can force you to dig deeper. Are your product descriptions misleading? Is your return policy impossible to find? Are you being targeted by a specific type of fraud?
Your chargeback remediation plan will need an accurate diagnosis. This will show Mastercard, as well as your acquirer, that you’ve done your homework and that you’re serious about a real and lasting cure to your troubles.
Technology Implementation Timeline
A vague promise to “do better” or “make changes” isn’t going to placate your acquiring bank. You need to present a concrete project plan, and a critical part of that is a technology timeline.
This means specifying exactly what tools you will deploy — like fraud scoring tools, Address Verification Services (AVS), or 3-D Secure — and setting firm deadlines for when each will be implemented. A detailed and actionable timeline with clear milestones demonstrates that you are serious about getting in compliance with Mastercard rules.
Expected Result & Metrics
Your acquirer will look for measurable, quantitative metrics so that they know you are clear about what success looks like and what it takes to get there.
To be clear, that means it’s not enough to say you’ll merely reduce chargebacks; you need to define what success looks like with specific and detailed goals. For instance, you might aim to “reduce the chargeback ratio from 1.5% to 0.8% within 90 days.”
By setting clear key performance indicators (KPIs) and committing to regular progress reports, you can show your acquirer that you are managing the problem professionally and can be held accountable to your goals.
Backup Strategies
What happens if your plan doesn’t work as expected? Hope is not a strategy. So, having a fully fleshed-out Plan B can show your acquirer that you understand this.
After all, every strong action plan should include contingency strategies. For example, if a botched fraud tool deployment ends up generating too many false negatives (i.e. fraudulent transactions that should have been blocked but weren’t), what course corrections will you take?
Outlining backup tactics can demonstrate that you have thought thoroughly about potential challenges and are prepared to adapt to different scenarios.
Program Re-Entry Consequences
Once you re-establish compliance by staying below program thresholds for three months in a row, you’ll be unenrolled. There is no probationary period once you are deemed compliant; you can just go back to operating as usual.
However, if your chargeback or eCommerce fraud rate exceeds program thresholds again, you’ll be immediately re-enrolled.
You’ll restart from month one, so you’ll effectively receive a one-month grace period every time you’re re-enrolled again after having been previously unenrolled. But, you’ll need to go another three months without exceeding Mastercard’s fraud or chargeback threshold to get out again.
