Notice of Exempt Solicitation
Pursuant to Rule 14a-103 | January 9, 2026
Name of Registrant: Visa, Inc.
Name of person relying on exemption: Bowyer Research
Address of person relying on exemption: P.O. Box 120, McKeesport, PA 15135
Written materials are submitted pursuant to Rule 14a-6(g) (1) promulgated under the Securities Exchange Act of 1934. Filer of this notice does not beneficially own more than $5 million of securities in the Registrant company. Submission is not required of this filer under the terms of the Rule but is made voluntarily in the interest of public disclosure and consideration of these important issues.
Visa, Inc. (V)
Closing Loopholes on AI-Driven Child Exploitation: Vote YES on Proposal 7
Contact: Gerald Bowyer | [email protected]
Bowyer Research urges shareholders to vote FOR Proposal No. 7, submitted on behalf of the Oklahoma Tobacco Settlement Endowment Trust, at Visa’s 2026 annual meeting of shareholders.1 This proposal requests Visa to report on the company’s risk management strategies regarding the use of Visa products in facilitating the sale of deepfake content, particularly child exploitation. The business case is straightforward: unmanaged exposure to this risk not only contributes to exploitation, but threatens brand equity, invites regulatory and legal scrutiny, and can impair long‑term shareholder value.
1 https://s29.q4cdn.com/385744025/files/doc_downloads/2025/PRO014524_WO80_Visa_DEF-14A_WORKIVA_CourtesyPDF.pdf
1) Visa’s public controversies over deepfake/NCII payments
A bipartisan coalition of U.S. state attorneys general recently called on2 major payment platforms, including Visa, to take stronger action to identify and remove payment authorization for deepfake NCII tools and content. Their letters explicitly ask3 how payment companies “currently work to identify and remove payment authorization for deepfake NCII tools and content” and to commit to further action to avoid being complicit in creation or spread of such content. These requests reflect growing public concern that payment networks can be used to monetize AI‑driven sexual exploitation.
Regulatory and industry commentary has also flagged deepfakes as an emerging financial‑crime vector, underscoring the need for proactive controls in payments. FinCEN has warned4 of a rise in deepfake identity fraud that enables criminals to circumvent bank controls, and sector analyses describe5 deepfakes as a cross‑border fraud accelerant.
These concerns are not theoretical. Investigative reporting and whistleblower allegations have placed payment networks, including Visa, under scrutiny6 for processing funds connected to platforms where abusive content has been documented, intensifying public pressure on payments firms to demonstrate credible controls.
2) Relevant class action and enforcement context
Litigation risk around platforms carrying sexual exploitation content has been real and material. Visa and Mastercard halted7 certain processing relationships with Pornhub and its advertising arm following court rulings and public controversy, illustrating how payment companies can be drawn8 into litigation narratives even when not the content host, including Visa in 2022.
2 https://www.naag.org/wp-content/uploads/2025/08/LTRS-Combined-Payment-and-Seach-Platform-FINAL.pdf
3 https://www.paymentsdive.com/news/ags-attack-deepfake-porn-payments-apple-visa-paypal-google/758827/
4 https://www.dwt.com/blogs/financial-services-law-advisor/2024/11/fincen-warns-banks-deepfake-fraud-threat-is-rising
5 https://www.visaacceptance.com/en-us/blog/article/2025/fraud-trends-shaping-the-future-of-payments.html
6 https://www.usatoday.com/story/money/2025/01/24/visa-mastercard-illegal-onlyfans-abuse/77932811007/
7 https://finance.yahoo.com/news/mastercard-stop-processing-payments-pornhub-195112440.html
8 https://www.paymentsdive.com/news/visa-mastercard-pornhub-trafficjunky-lawsuit-court-ruling-react/628967/
Municipal and state enforcement has also targeted deepfake porn operators. In 2025, the San Francisco City Attorney secured9 a settlement and a permanent injunction against a deepfake “nudes” website operator, highlighting a widening enforcement perimeter around AI‑generated sexual exploitation and the platforms that monetize it.
While case particulars differ, the common investor takeaway is clear: payment networks’ exposure to unlawful or non‑consensual content invites10 reputational harm and litigation risk that can spill over to networks facilitating funds flow.
How Hidden Link Services Process Payments for AI-Generated Child Exploitation
Despite growing legal and platform scrutiny, “hidden link” services, particularly on the dark web, continue to process payments for AI-generated CSAM, relying on anonymity and covert payment channels.
●Law enforcement investigations have documented offenders11 using generative AI to produce synthetic CSAM, then distributing it via dark web forums that offer guides and tutorials on creation, sharing, and monetization. These forums often include instructions on payment mechanisms and direct links to accept credit cards or cryptocurrency, illustrating12 a clear pipeline from AI creation to paid access.
●In February 2025, Europol’s Operation Cumberland uncovered13 a hidden-paywall platform distributing exclusively AI-generated child sexual abuse content. The operation resulted in 25 arrests. Importantly, users paid via symbolic online payments to access the site: an explicit example of payment processing structures operating in defiance of both legal and ethical norms.
9 https://www.cbsnews.com/sanfrancisco/news/san-francisco-deepfake-porn-lawsuit-settlement-briver-llc-shutdown/
10 https://www.paymentsdive.com/news/visa-mastercard-pornhub-trafficjunky-lawsuit-court-ruling-react/628967/
11 https://www.dhs.gov/sites/default/files/2024-09/24_0920_k2p_genai-bulletin.pdf
12 https://pulitzercenter.org/resource/how-we-investigated-epidemic-ai-generated-child-sexual-abuse-material-internet
13 https://www.cbsnews.com/news/ai-generated-child-sexual-abuse-content-bust-europol-operation-cumberland/
●The Department of Homeland Security’s GenAI bulletin14 highlights that offenders employ generative AI to create CSAM and share it through dark web channels using obscured payment systems, including cash-out services and hidden merchant links, to evade detection.
These findings confirm that payment networks remain integral to the distribution infrastructure of AI-generated CSAM, even when cloaked. Visa’s current compliance framework appears to overlook (or at the very least, underweight) these “hidden link” scenarios.
Without explicit governance and transparency, Visa is at risk of facilitating exploitation through dark net monetization channels, regardless of explicit legality.
Responding to Visa’s Statement of Opposition
In its statement of opposition, Visa asserts that its existing prohibition on illegal activity sufficiently addresses the concerns raised in Proposal No. 7. While we acknowledge the company’s commitment to compliance, this position overlooks a critical reality: AI-generated child sexual abuse material (CSAM) and non-consensual deepfake imagery occupy a rapidly evolving15 legal grey area.
Currently, federal law criminalizes certain AI-created CSAM that appears to depict real minors, but it does not explicitly prohibit synthetic CSAM depicting non-existent children. Enforcement often relies on obscenity statutes (18 U.S.C. §1466A), which have faced constitutional challenges, and at least one district court has dismissed charges under these provisions, underscoring the unsettled16 legal landscape (Wisconsin case, 2024). At the state level, while 45 states have enacted17 laws addressing AI-generated CSAM, five states and the District of Columbia still lack explicit coverage, leaving exploitable gaps in enforcement.
14 https://www.dhs.gov/sites/default/files/2024-09/24_0920_k2p_genai-bulletin.pdf
15https://www.ag.ky.gov/Press%20Release%20Attachments/LTR%20TO%20PAYMENT%20PLATFORM S _FINAL%20%2847%29.pdf
16 https://law.justia.com/cases/federal/appellate-courts/ca5/19-40319/19-40319-2020-02-14.html
17 https://enoughabuse.org/get-vocal/laws-by-state/
Recent legislation, such as the Take It Down Act18 (2025), targets non-consensual deepfake intimate imagery, but its focus is on takedown19 obligations rather than preventive measures or payment processing oversight.20 Advocacy groups and legal scholars have emphasized21 that many statutes fail to address synthetic CSAM comprehensively, creating loopholes for actors monetizing exploitative content through payment networks.
Relying solely on current legality in such a rapidly developing area is not responsible risk mitigation. The reputational and financial damage from public associations with exploitative content does not wait for statutes to catch up. Consumer trust and brand equity are eroded by perception alone, regardless of whether a transaction technically violates existing law. Visa demonstrated leadership when it cut ties with Pornhub amid allegations of unlawful content; applying similar foresight now, before the next wave of scrutiny, would protect shareholder value and reinforce Visa’s reputation as a trusted global payments leader.
Proposal No. 7 does not ask Visa to police the internet. It asks for clear governance and disclosure on how the company is addressing emerging risks tied to AI-driven exploitation. This is a forward-looking, value-protective measure, not an operational burden.
3) Combatting CSAM *is* a matter of shareholder concern.
Recent shareholder engagement at Apple demonstrates that mainstream issuers are being asked to report on policies and trade‑offs involving CSAM‑related technologies. The American Family Association (AFA) and Bowyer Research sponsored a proposal requesting a transparency report on Apple’s decisions regarding CSAM‑identifying software. The SEC denied22 Apple’s “ordinary business” exclusion and allowed the proposal to proceed, confirming that such matters transcend ordinary business and merit shareholder consideration.
18 https://www.congress.gov/bill/119th-congress/senate-bill/146
19 https://washingtonstatestandard.com/briefs/washington-ag-joins-push-to-stop-spread-of-deepfake-pornography-online/
20 https://www.paymentsdive.com/news/ags-attack-deepfake-porn-payments-apple-visa-paypal-google/758827/
21 https://www.vice.com/en/article/visa-suspends-pornhub-advertising/
22 https://www.sec.gov/files/corpfin/no-action/14a-8/afaapple1225-14a8.pdf
Public advocacy23 around Apple’s 2025 ballot further underscores that ethical AI, CSAM safeguards, and disclosure are now established topics for shareholder resolutions and corporate governance dialogue.24
The parallel is instructive for Visa: investors are already pressing25 global brands to document governance, risk management, and mitigation plans for AI‑related harms in consumer‑facing ecosystems. In our view, payments networks warrant at least equivalent transparency, given their central role in monetization flows.
4) How Reputational Controversies Impede Brand Growth
Using commonly applied FactSet workflows, screening peers with prior controversy/litigation headlines and conducting event‑study windows, investors 26can observe that heightened public scrutiny tied to sexual‑exploitation allegations tends to coincide with near‑term spread widening, volatility expansion, and drawdowns among exposed names, while longer‑term effects include higher disclosure and compliance costs. Although individual outcomes vary by fact pattern, this directionally corroborates broader risk‑management research that reputational damage can be swift, costly, and value‑eroding. (For external context, Aon’s Global Risk Management Survey ranks damage to reputation/brand among top enterprise risks; sector commentary ties AI‑enabled deception, including deepfakes, to accelerated reputational shocks.) Evaluations using FactSet data further illustrate this point.
How Much Do Reputational/Crisis Shocks Hurt Brand Value?
·SenateSHJ Crisis Index
An analysis27 of 300 major crises globally revealed that companies suffer an average 35.2% decline in share price at the onset of a reputational crisis, while earnings per share (EPS) drop 68.6%, with the full recovery taking an average of 427 days.
23 https://adflegal.org/press-release/adf-shareholder-coalition-allies-set-agenda-apples-annual-shareholder-meeting/
24 https://www.marketscreener.com/quote/stock/APPLE-INC-4849/news/Apple-Inc-Receives-a-Shareholder-Proposal-from-American-Family-Association-48737664/
25 https://www.sec.gov/files/corpfin/no-action/14a-8/afaapple1225-14a8.pdf
26 https://www.aon.com/en/insights/reports/global-risk-management-survey/damage-to-reputation-or-brand-a-critical-risk
27 https://apac.prca.global/corporate-crises-cost-big-new-hard-hitting-data-reveals-financial-impact-of-reputation-disasters/
·Aon 2025 Global Cyber Risk Report
Among 1,414 cyber events28 studied, 56 incidents triggered reputational harm, with affected companies experiencing29 an average 27% drop in shareholder value following those disclosures.
Financial Estimates: How Much Does CSAM/Deepfake Risk Hurt VISA?
Using these studies as analogues, we can use FactSet data to reasonably extrapolate the potential financial drag Visa may face if exposed in an AI-related sexual content controversy:
●Scenario A: Deepfake/CSAM payment processing scandal
○Short-term market value hit: ~30–35% share price drop
■Applied to Visa’s ~$450 billion market cap → $135–158 billion in lost value
○Earnings stress: ~65–70% decline in quarterly EPS
○Recovery timeline: ~1–1.5 years to return to pre-crisis levels
●Scenario B: Cyber-like reputational event tied to payments
○Market cap loss: ~25–30% reduction
○Magnitude range: $112–135 billion marker decline
○Recovery period: >1 year
●Operational & Compliance Overhang:
○Additional 5–10% erosion in annual revenues or margins via higher compliance, litigation reserves, PR/spend, and program maintenance.
28 https://aon.mediaroom.com/2025-06-17-Aons-2025-Global-Cyber-Risk-Report-Reveals-Reputation-Risk-Events-Can-Reduce-Shareholder-Value-by-27-percent
29 https://www.stocktitan.net/news/AON/aon-s-2025-global-cyber-risk-report-reveals-reputation-risk-events-sbkho7dwjs85.html
Summary Table of Loss Ranges (compiled using FactSet data)
Scenario | Share Price Impact | Market Cap Loss | EPS/Revenue Pressure | Recovery Period |
Deepfake/CSAM scandal | 30–35% | $135–158 B | 65–70% EPS drop | 12–18 months |
Cyber/reputational incident | 25–30% | $112–135 B | 5–10% revenue drag | ~12 months |
These quantified precedents highlight the magnitude of reputational shocks linked to content moderation or its failure. Even more modest outcomes (e.g., a 25% share price decline) represent a financial erosion of over $100 billion, alongside significant second-order costs (regulatory, consumer trust, and compliance overhead).
5) Visa’s prior leadership precedent: cutting ties with Pornhub
Visa has previously demonstrated30 decisive leadership when confronted with credible evidence of sexual exploitation risks, including suspending31 acceptance on Pornhub’s user‑generated content sites (2020) and later suspending32 TrafficJunky advertising transactions following an adverse court ruling regarding MindGeek’s operations (2022). In public statements, Visa emphasized zero tolerance for unlawful activity on its network. These actions were widely covered and applauded33 by child‑safety advocates.
30 https://www.vice.com/en/article/visa-suspends-pornhub-advertising/
31 https://finance.yahoo.com/news/mastercard-stop-processing-payments-pornhub-195112440.html
32 https://www.paymentsdive.com/news/visa-mastercard-pornhub-trafficjunky-lawsuit-court-ruling-react/628967/
33 https://endsexualexploitation.org/articles/statement-visa-and-mastercard-cut-ties-with-pornhub/
Proposal No. 7 simply asks Visa to apply similar rigor and transparency to the next generation of risks, AI‑generated deepfakes and NCII/CSAM, by clarifying how policies, monitoring, and enforcement are evolving to keep harmful actors out of the network.
6) Why a “FOR” vote is warranted on Proposal 7
Regulatory trajectory: Bipartisan AG letters34 specifically naming Visa show regulators expect action from payment platforms on deepfake NCII. Proactive disclosure reduces35 surprise risk and helps align Visa’s controls with rising expectations.
Litigation and enforcement signals: Recent court decisions and settlements in adjacent contexts36 (Pornhub, deepfake site shutdowns) demonstrate real legal exposure when payments are linked37 to exploitative content. Enhanced governance and disclosure are cost‑effective risk mitigants.
●Peer benchmark: Apple’s SEC outcome38 affirms that CSAM/deepfake governance is squarely a shareholder matter, not excludable “ordinary business.” Visa can lead with clarity rather than react under duress.
●Brand and value preservation: External risk literature and investor analysis39 (including FactSet‑based event studies) indicate reputational shocks carry measurable financial drag, from incremental compliance and PR costs to potential revenue impacts and multiple compression, making transparency a shareholder value imperative.
●Existing capabilities: Visa already invests heavily40 in AI‑enabled fraud defenses, preventing tens of billions in fraud annually, which positions the company to extend controls to new AI‑facilitated harms and to explain those efforts to shareholders.
34 https://www.naag.org/wp-content/uploads/2025/08/LTRS-Combined-Payment-and-Seach-Platform-FINAL.pdf
35 https://www.paymentsdive.com/news/ags-attack-deepfake-porn-payments-apple-visa-paypal-google/758827/
36 https://www.paymentsdive.com/news/visa-mastercard-pornhub-trafficjunky-lawsuit-court-ruling-react/628967/
37 https://www.cbsnews.com/sanfrancisco/news/san-francisco-deepfake-porn-lawsuit-settlement-briver-llc-shutdown/
38 https://www.sec.gov/files/corpfin/no-action/14a-8/afaapple1225-14a8.pdf
39 https://www.aon.com/en/insights/reports/global-risk-management-survey/damage-to-reputation-or-brand-a-critical-risk
40 https://www.cnbc.com/2024/07/26/ai-and-machine-learning-helped-visa-combat-40-billion-in-fraud-activity.html
For the reasons above, we urge shareholders to vote FOR Proposal No. 7. The proposal asks for prudent, investor‑oriented disclosure and board oversight on a fast‑moving risk where payments networks are under increasing scrutiny. A “FOR” vote supports Visa’s brand leadership, regulatory readiness, and long‑term value protection, ensuring the company applies the same principled stance it demonstrated in prior actions (e.g., Pornhub) to the evolving challenges of AI‑generated sexual exploitation.
The foregoing information may be disseminated to shareholders via telephone, U.S. mail, e-mail, certain websites and certain social media venues, and should not be construed as investment advice or as a solicitation of authority to vote your proxy. The cost of disseminating the foregoing information to shareholders is being borne entirely by the filers.
The information contained herein has been prepared from sources believed reliable but is not guaranteed by us as to its timeliness or accuracy and is not a complete summary or statement of all available data. This piece is for informational purposes and should not be construed as a research report. Bowyer Research is not able to vote your proxies, nor does this communication contemplate such an event. Proxy cards will not be accepted by us. Please do not send your proxy to us. To vote your proxy, please follow the instructions on your proxy card.
For questions, please contact Gerald Bowyer, president of Bowyer Research, via email at [email protected].