How MCC Codes Restrict Autonomous AI Agent Spending

TL;DR

• MCC (Merchant Category Code) is a 4-digit code Visa and Mastercard assign to every merchant identifying what they sell. There are ~600 codes covering everything from "Drug Stores" to "Direct Marketing — Insurance Services."
• MCC controls let you allow or block whole categories of spend for an agent. Practical strength: stops "agent buys gambling tokens" without managing a per-merchant list.
• Combine with a merchant whitelist (stricter) and policy rules (broader) for layered control.

Merchant Category Codes are the network's way of categorizing every merchant. They're an operationally cheap way to control what categories of merchants an agent can pay. Combined with a merchant whitelist and per-transaction policy rules, MCCs let you express "agents can buy travel and SaaS, never gambling or crypto" without managing a list of every legitimate vendor.

What's an MCC?

A 4-digit code assigned to a merchant by their acquirer when they're onboarded. The code identifies what the merchant sells. Examples:

• 3000-3299: Airlines (specific airline by code — 3001 American, 3002 Pan American, etc.)
• 4511: Airlines, Air Carriers (general)
• 5411: Grocery Stores, Supermarkets
• 5942: Book Stores
• 5967: Direct Marketing — Combination Catalog and Retail Merchant
• 6051: Non-Financial Institutions (used for crypto)
• 7011: Lodging — Hotels, Motels, Resorts
• 7995: Betting / Gambling
• 8398: Charitable Organizations

Visa and Mastercard each maintain a list. They're mostly aligned but not 100% identical.

How do MCC controls work in practice?

Two list types:

Allow list: "Only these MCCs." Agent can only spend at merchants in the allowed set. Strict.

Block list: "Never these MCCs." Agent can spend anywhere except merchants in the blocked set. Permissive default with specific exclusions.

Use one or the other depending on your model:

• Narrow-purpose agents: Allow list. Travel agent allows 3000-3299 (specific airlines), 4511 (airlines general), 7011 (hotels), 7512 (car rentals).
• General-purpose agents: Block list. Block gambling (7995), crypto (6051), tobacco (5993), pharma (5912), adult (5967). Allow everything else.

How does this compare to merchant whitelisting?

Whitelist is per-merchant. MCC is per-category. Both have a place:

| | MCC control | Merchant whitelist |

|--|--------------|---------------------|

| Granularity | Category | Specific merchant |

| Operational cost | Set once | Maintain the list |

| Best for | Unknown merchant set within known categories | Known merchant set |

| Failure mode | Mis-coded merchants | Unknown new merchants |

Layered: whitelist as outer boundary (only these merchants), MCC as inner filter (within those, only these categories). See [How to Prevent AI Agents From Spending at the Wrong Merchants](/blog/prevent-ai-agents-wrong-merchants).

What MCCs should you definitely block by default?

For most consumer/business agents:

• 7995 Betting / Gambling
• 6051 Non-Financial Institutions (crypto exchanges)
• 6540 Non-Financial Institutions — Stored Value Card Purchase / Load (gift cards / stored value)
• 5993 Tobacco / Cigar Stores
• 5921 Liquor Stores
• 5912 Drug Stores / Pharmacies (allow with specific carve-outs only)
• 5967 Direct Marketing — Adult / Audio Text
• 8398 Charitable Organizations (unless explicitly intended)

Some of these (especially crypto, gambling) are also commonly blocked at the issuer level — your card may already have network-side blocks. Confirm with your platform.

What about MCC categories specific to AI agent use cases?

Two emerging patterns:

1. Ad spend controls. MCC 7311 (Advertising Services). Agents that buy ads need careful caps + approval workflows. Default: blocked unless explicitly enabled with strict per-transaction limit.

2. Subscription / SaaS controls. MCC 5734 (Computer Software Stores), 5816 (Digital Goods - Games), 7372 (Computer Programming, Data Processing). Common for SaaS procurement agents. Allow with policy caps.

What can MCC controls NOT do?

Three known limits:

1. Mis-coded merchants. A consumer SaaS company coded as MCC 5942 "Book Stores" because of legacy onboarding. MCC controls can't catch this — pair with merchant whitelisting.

2. Sub-category granularity. MCC categorizes "Restaurants" (5812) without distinguishing fast food from fine dining. If your policy needs that distinction, MCC alone can't express it.

3. Region-specific category practices. Some MCCs are used differently in different countries. A European SaaS company may be coded differently than a US peer.

How are MCCs assigned to merchants?

By the merchant's acquirer at onboarding, based on the merchant's described business. Acquirers can re-classify; merchants can dispute. In practice, MCCs are sticky once assigned.

This means:

• Long-tail merchants are sometimes mis-coded for years.
• Acquirers vary in coding rigor.
• Your policy needs MCC + merchant whitelist for high-stakes restrictions.

What does an MCC-controlled policy look like in production?

``json

{

"policy_name": "SaaS procurement agent",

"mcc_allow": ["5734", "5816", "7372", "7379"],

"mcc_block": ["5993", "7995", "6051"],

"rules": {

"max_per_transaction": 50000,

"max_per_month": 500000,

"geo_allow": ["US", "CA"]

}

}

``

The agent under this policy can spend on software (5734, 5816, 7372, 7379) up to $500/transaction, $5,000/month, US/CA only. Tobacco, gambling, and crypto are explicitly blocked even though the allow list already excludes them — defense in depth.

FAQ

How many MCCs are there?

Around 600-650, depending on which network's list you reference. Visa and Mastercard maintain separate lists with significant overlap.

Can a merchant have multiple MCCs?

Generally one MCC per merchant. Multi-line merchants may have separate Merchant IDs for different lines (e.g. a hotel chain that runs both lodging MCC 7011 and food MCC 5812 may have two MIDs).

What happens when a merchant gets re-coded mid-relationship?

The new MCC applies to subsequent transactions. Existing transactions in flight evaluate against the MCC at auth time. No retroactive re-coding.

Are there agent-specific MCCs being proposed?

Not yet, formally. Discussion exists about a "Software Agent" or "AI Service Provider" code. As of now, agent-related merchants are coded under the closest existing category (usually 7372 or 5734).

Where do you find the MCC list?

Visa publishes it in their merchant data standards docs. Mastercard publishes theirs separately. Most issuers also maintain internal references.

Related reading

• [How to Prevent AI Agents From Spending at the Wrong Merchants](/blog/prevent-ai-agents-wrong-merchants) — layered defense
• [Merchant Whitelisting for AI Agents](/blog/merchant-whitelisting-ai-agents) — stricter complement
• [How We Built a 100ms Policy Engine](/blog/building-spending-controls-for-ai-agents) — engine that evaluates MCC rules

External references

• [Visa Merchant Category Codes](https://developer.visa.com) — Visa MCC reference
• [Mastercard Merchant Category Codes](https://www.mastercard.us/en-us.html) — Mastercard MCC reference
• [PCI Council on merchant categorization](https://www.pcisecuritystandards.org/) — relevance to compliance

---

By Vlad K.. Last updated 2026-04-29.