Reason codes / VMSS codes / VMSS 32: Account Information Security Program Noncompliance
VMSS code 32: Account Information Security Program Noncompliance
Official definition and what it means for your removal request.
Definition
The Merchant or Third Party Agent was non-compliant with the Payment Card Industry Data Security Standard (PCI DSS) and/or the Payment Application Data Security Standard (PA-DSS) requirements.
What this means in plain language
PCI DSS or PA-DSS requirements were not met—security standards for card data and payment software. This is Visa’s compliance-focused listing for security gaps.
What you can do
If you were listed under VMSS code 32, you can submit a formal removal request to the PSP or acquirer that added you. They will review your case and, if satisfied, can request removal from the VMSS list. We help you draft and submit that request. See VMSS removal and all MATCH and VMSS reason codes.