Which conditions trigger Mastercard's Excessive Fraud Merchant Compliance Program (EFM)?

• A. Payment count 1K+, total fraud volume 50K, fraud chargeback rate greater than 0.5%, total 3DS Mastercard payment count below 10% (non-regulated countries) or 50% (regulated countries); fines begin in the second month.
• B. Payment count 10K+, total fraud 5K, chargeback rate greater than 1%, 3DS Mastercard share above 50%.
• C. Payment count 500, total fraud 1K, chargeback rate 0.9%, 3DS share above 60%.
• D. Payment count 1K+, total fraud 50K, rate greater than 2%, 3DS count irrelevant.

Answer: (A)

Mastercard’s Excessive Fraud Merchant Compliance Program looks for a pattern of ongoing, excessive fraud driven by a combination of factors: the size of the merchant’s customer activity, the total fraud amount, the rate at which fraud leads to chargebacks, and how often Mastercard transactions are authenticated with 3-D Secure. The strongest trigger occurs when there is meaningful volume and significant fraud, paired with a high fraud-related chargeback rate and insufficient use of 3-D Secure on Mastercard payments. Specifically, crossing all of these thresholds—at least 1,000 payments, at least $50,000 in fraud, a chargeback rate above 0.5%, and a Mastercard 3DS share below the required minimum (under 10% in non-regulated countries or under 50% in regulated countries)—would put a merchant into the program, with fines beginning in the second month.

This framing matters because the program targets persistent risk, not isolated incidents. It emphasizes that both the scale of fraud and the failure to leverage 3-D Secure adequately contribute to triggering enforcement, whereas scenarios with lower fraud totals, lower volume, or higher 3DS adoption don’t meet the same composite bar.