Cardholders   Commercial   Merchants   Value of Visa   Media Center      Southeast Asia  


    Card Acceptance Agents Account Info Security Chip Technology Travellers Cheque Acceptance Merchant Education

Registry of Service Providers (VRSP) (for Agents)

Frequently Asked Questions (Service Providers)

I have submitted the Certificate of Compliance for December 2008, do I need to submit a new Attestation of Compliance at the time of registration? 
No, you only need to submit the completed registration form. Do note that you are required to submit the new Attestation of Compliance upon expiry of your current Certificate of Compliance
My company is already on the list of compliant service providers in another Visa region. Do I need to register again with Visa Asia Pacific?

Frequently Asked Questions (Visa Clients)

Can a service provider that has only completed a PCI DSS self-assessment be listed on the Registry?
No. Only service providers that have validated their PCI DSS compliance based on an onsite review by a PCI SSC QSA can be listed on the Registry.
Can I use a service provider that is not listed on the Registry to process card transactions on my behalf?
Yes, as long as the service provider is PCI DSS compliant. It is your responsibility to validate their compliance at least once every year.
Do I need to submit the annual Attestation of Compliance to Visa for all my service providers?
No - if your service provider has directly registered with Visa. For those that are not directly registered with Visa, you are required to submit to Visa the required attestation documents on their behalf.
Am I still liable for my service providers that are listed on the Registry?
Yes. You remain liable for all service providers that you have a contractual relationship in accordance with the Visa International Operating Regulations (VIOR).
Do I still need to register my service providers with Visa if they are listed on the Registry? 
Yes. You are still required to register all your service providers under the Third-Party Agent registration program as mandated in Visa International Operating Regulations (VIOR) Section 1.15 (using Exhibit 5E). 
Do I need to perform due diligence prior to registering a service provider?
Yes. Visa client banks are still required to perform due diligence as required by the Visa International Operating Regulations (VIOR) Section 1.15 and the applicable Visa International By-Laws to mitigate any potential risk.

  • Printable Page

Quick Links

Home | About Visa | Careers | Site Map | Legal | Privacy Policy | Hyperlink Guidelines | Global Sites | Asia Pacific Sites
© Copyright Visa. All Rights Reserved.