Versapay NetSuite CEDP Compliance in 7 Steps

If your company uses Versapay in NetSuite for payment processing and accepts Visa commercial cards, you need to take action to qualify for reduced interchange rates.

CEDP compliance in Versapay and NetSuite doesn’t happen automatically, and it’s not something your processor can just turn on behind the scenes. The setup needs to be configured inside NetSuite by you. 

And once it’s configured, the data being sent must be 100% accurate, fully complete, and tied to the actual transaction. 

Failing to set this up properly can actually backfire, as your transactions could downgrade (aka cost more) instead of qualifying for lower fees under Visa’s Commercial Enhanced Data Program. 

This is a must-read for any B2B or Versapay/NetSuite user who accepts commercial cards. Here’s what you need to update and implement:

Before You Start (Prerequisites)

This guide specifically applies to merchants using NetSuite with the Versapay SuitePayment bundle. If you’re using another processor or integrated payment solution, your steps will vary, and you can reach out to us or your processor for help setting that up. 

Before you make any changes, you need to have:

• NetSuite Admin access.
• Versapay SuitePayment bundle installed.
• Versapay SuitePayment bundle version 2025.7 or later.
• Access to Payment Processing Profiles in NetSuite.
• Access to scripting and deployment settings.
• A clear understanding of whether you use SuiteCommerce Advanced.

I’ll walk you through the version update as part of the step-by-step compliance guide below. But that’s only part of the process. So don’t just skip ahead if you already have the correct version, as there are still key configuration requirements that you need to verify.

You’ll also need to confirm that NetSuite is sending enhanced transaction data to Visa, and not generic or incomplete values. 

Read More: Does Visa CEDP Apply to Your Business? Exclusions Explained

Step 1 – Verify Your Versapay SuitePayment Bundle

The first thing you need to do is check what Versapay bundle version you’re using. You’ll do this within NetSuite by going to:

Customization > SuiteBundle > Search & Install Bundles > List

From there, you can manually search for “Versapay SuitePayment” if it doesn’t show up right away.

The bundle ID you need is: 124110 and it must be version 2025.7 or later.

If you’re using an outdated version, you need to update this to support enhanced transmission of Level 3 data that’s now required for CEDP compliance. 

DO NOT SKIP THE VERSION CHECK. I can’t overstate this enough. If your bundle is outdated, the rest of the configuration won’t matter because the integration won’t send the right data in the correct format. 

Step 2 – Set “List” and “Record” Preferences

Once you’ve located the Versapay SuitePayment bundle, use the dropdown next to the bundle name and select the update option.

This is where the update needs to be handled carefully. You can’t just blindly accept every default setting because some of those choices can overwrite existing data or affect how the bundle behaves in your NetSuite environment. 

For lists, the general rule is to select “Preserve Data.” That allows the bundle to receive the update while maintaining your existing data. The exception is the Solupay Gateway List, which should be set to “Replace Data.”

For records, the same general rule applies. Select “Preserve Data.” Exceptions: Versapay Bundle Data and Versapay Datadog K should be set to “Replace Data.”

This part of the process isn’t really a CEDP task. It’s just part of the bundle upgrade. But it matters because selecting merge or replace in the wrong place can overwrite important data that should have been preserved. 

Step 3 – SuiteScript Deployment Preferences

Next, review your preferences for the SuiteScript deployment. You should choose Do Not Update Deployments for most of these scripts, including:

• Client scripts
• Map/Reduce scrips
• RESTlets
• Scheduled scripts
• Suitelets
• User Event Scripts

The reason behind this is that updating deployments across the board can enable unwanted features in your NetSuite environment. 

Exception: Solupay Payment Token List – select Update Deployments for this specific User Event script. 

After this update is completed, future bundle updates should use Do Not Update Deployments for all scripts on the screen.

Once these preferences have been reviewed:

• Apply the bundle update from the preview page
• Confirm Versapay SuitePayment bundle shows version 2025.7 or later

Step 4 – Verify Each Versapay Payment Processing Profile

After your bundle has been updated, you need to review your Versapay payment processing profile (or profiles). In NetSuite, go to:

Setup > Accounting > Payment Processing Profile

Note: If you have multiple profiles each one needs to be reviewed. You can’t update one and assume the others have been configured the same way. 

Open each applicable profile individually and scroll to the Gateways section.

If the Gateway field says “Global” or “CDS” continue reviewing the rest of the profile settings in Step #5 below. If not, you can skip ahead to the script deployment review. 

This is an important distinction because the next setting is tied specifically to certain gateway configurations. 

Step 5 – Update the Visa Purchase Level 3 Settings (for Global or CDS profiles only)

Again, this step only applies to Versapay payment processing profiles in NetSuite that have a Global or CDS gateway setting. 

• Scroll to the Purchase Level 3 
• Make sure the VISA checkbox is unchecked. 

I realize that this may sound counterintuitive because the setting is under Purchase Level 3. But for CEDP, leaving the Visa checkbox checked can actually result in outdated or incorrect data being sent, which creates a downgrade risk.

That setting is specific to Visa.

This is also another reason one shouldn’t assume that old Level 3 settings still work the same way under CEDP. The whole point of what we’re doing here is to ensure the right data is being sent in the format that Visa now validates (which wasn’t the case with old settings).

For merchants using commodity codes, populate the Commodity Code field with the correct standardized value. This needs to be accurate (placeholder values won’t be validated). 

Step 6 – Confirm the Solupay Payment Token List Deployments

This is separate from the deployment preference step that was selected during the bundle update. Step #3 from earlier controls how the script deployment is handled during the update, whereas this step confirms that the necessary deployments are actually active afterward.

• Go to: Customization > Scripting > Scripts
• Find the User Event Script for Solupay Payment Token List
• Then open the Deployments subtab

Once you’re in here, you need to make sure that the “Deployed” checkbox is checked. Do this for:

• Cash Sale
• Customer Deposit
• Customer Payment
• Customer Refund
• Sales Order

It’s easy to overlook this step because it’s separate from the bundle version confirmation (though similar). But it’s necessary to do this because if the deployments aren’t active, the updated data flow may not work the way you expect. 

Step 7 – Update Record Permissions (SuiteCommerce Advanced only)

This final technical step only applies to you if you’re using SuiteCommerce Advanced. For those of you who do:

• Customization > Lists, Records & Fields > Record Types
• Find custom records for “Versapay Bundle Data” and “Versapay Account Route”
• Edit records to ensure External Roles Access is set to “View”
• Go to the Permissions subtab
• Add the Customer Center role
• Save the records

Again, if you’re not using SuiteCommerce Advanced, this section doesn’t apply to you. 

After the Update: Confirm the Enhanced Data is Complete

Once the technical confirmation has been updated, now you need to focus on data quality.

CEDP compliance only works if the enhanced transaction data is complete, accurate, and descriptive. Partial Level 3 data, inaccurate data, or placeholders won’t work.

At minimum, NetSuite should be able to pass:

• Item descriptions
• Quantities
• Unit cost or rate
• Line-item amount
• SKU or item codes
• Unit of measure

The line-item amount should match the quantity multiplied by the unit cost. If the math doesn’t add up, it will create issues with your data submission.

Other fields depend on the transaction itself.

For example, taxation rules vary by location or customer. Merchant or supplier tax IDs may be required in others. If shipping applies to the order, you’ll need the shipping amount, shipping item, ship-to address, and ship-from postal code. (The ship-from information should also be properly populated in the location or subsidiary record).

Customer reference numbers are not always mandatory, but if you have them, it’s better to submit them to ensure you’re actually qualifying for Level 3 CEDP rates.

Generic item descriptions like “Product” or dummy values inserted just to satisfy a field requirement can still cause the transaction to fail validation. Those days are over. 

Verified vs. Non-Verified Merchants

Under CDEP, verified merchants are eligible for lower rates at the interchange level. The savings are applied during the transaction itself, and those rates are passed through to your merchant statements like any other interchange category.

However, Visa paused its verification process back in November 2025.

But you can still qualify for reduced CEDP rates via NetSuite and Versapay even as a non-verified merchant.

The difference is that your savings will be applied in the form of a CEDP credit. Meaning you’ll pay the regular interchange rate, and then the credit gets applied to your account as a separate line item.

So even if you haven’t been verified, it’s still worth going through the steps above because you’re still eligible for savings. And then once Visa resumes verifications, your settings and submission process will already be configured. 

Final Thoughts

Anyone using Versapay with NetSuite needs to upgrade to version 2025.7 or later before they can qualify for reduced interchange rates on commercial Visa transactions. But the version update alone isn’t enough for CEDP compliance. 

There are several other preferences and settings that need to be adjusted and applied correctly to your environment. And then you need to make sure that NetSuite is properly storing and passing complete commercial transaction data.

This entire process speaks to a larger issue at hand industry-wide right now, where so many processors claim to offer CEDP compliance so merchants just assume they’re getting reduced rates.

So just because your processor supports CEDP compliance, you don’t automatically qualify for reduced rates unless you go through a process like this.

The exact steps look a bit different for every processor, ERP system, or integrated software. So if you’re not sure what to do, need help with the configuration, or need someone to verify whether you’re actually getting CEDP rates on all eligible transactions, just reach out to our team here at MCC for a free audit.