Assessments are carried out annually through either a dedicated assessor in larger-volume merchants or a self-submitted questionnaire for smaller businesses. Who needs PCI compliance? PCI compliance applies to all entities or individuals who charge non-cash payment for any type of goods or service through one of these third-party financial service providers: Visa, MasterCard, American Express, Discover or JCB.
Does your business need to be PCI compliant? Yes. Although not required by law, if found to be out of compliance with PCI standards businesses may be subject to fines by the entity they use to process their card transactions. Whats more, if your payment system is breached and your customers’ data is stolen you may be found liable for any losses incurred by banks and financial service providers, charged for card replacement costs, or sued for brand damage.