It isn’t something you can simply ignore. If you remain in-compliant, you risk strict penalties. Today, I wanted to spend a little time delimiting what it would look like if you continue to remain in-compliant.
Penalties from Payment Processors and Credit Card Companies For In-compliance—Certainly grow to expect penalties from payment processors and credit card companies. The risk you take is hefty fines of over $100,000 (!) if you are found in-compliant.
If you’re kept on as a client (some companies are ditching vendors that are not compliant), you should expect higher transaction fees, which will cut into your bottom line. One way or another, if your business is not compliant, you eventually risk higher costs.
If you have specific concerns about what may happen to if your business does not comply to PCI policies, heck with your merchant agreement(s) with processors for details. Make sure to read the fine print.
How do banks determine fines?
The fact is most processors are performing bank forensic research to validate a history of PCI compliance. Some processors or banks will levy fines on what they are charged for your non-compliance. Depending on how long you have been outside of compliance, your fines may be rather harsh. Even a month of incompliance may result in hard-to-handle costs:
One to three months incompliant: expect a fine of 5-10K a month (depending the amount of transactions).
Four to six months incompliant: 25-50K PER MONTH depending on your sales volume.
Over 6 months: $100K EACH MONTH you’ve been outside of compliance!
Even if you’re incompliant for just a couple of months, you’re likely spending MUCH MORE money than keeping compliant.
Penalties For Data Breaches EVEN If You’re Compliant—don’t think for a second that even if you’re complying to PCI regulations that in the event of a data breach, a bank or credit processing company is going to foot your risk! Expect hefty penalties to the likes of:
- $50-$90 per CARDHOLDER whose data was compromised
- Termination of your credit processing contract
- Bad Publicity—realize user data breaches often become public knowledge. Can you risk being the next Home Depot or Target for the next year?
- Lawsuits from customers—if your customer data was compromised, don’t expect everyone to tolerate their data being stolen.
How Can Your Business Decrease Chances Of Penalties, Fines and Negative Consequences Related to PCI Compliance?
Here Are 5 Initial Things You Should Be Thinking About:
Install and maintain a firewall—specifically configured to protect cardholder data, you need to keep hackers and malicious cyberattacks from penetrating your customer data. You should really have the protection of a smart firewall.
Keep your passwords secure and safe—make sure your passwords are difficult to hack and that you take proper password hygiene when it comes to granting access to sensitive accounts and databases.
Regularly update your systems—make sure your servers and workstations have regular patches and updates. By omitting updates, you risk exposing your cardholder data to data breaches and hefty fines.
Track and monitor access to secure cardholder data—keep a magnifying glass around who accesses your sensitive data. Make sure you have proper tracking procedures in place. Dynamic Edge makes sure their customers are tracked and identify suspicious activity before it becomes a compliance problem.
Test and maintain a PCI security policy—your business needs a security policy and should test that your policy actually works. Dynamic Edge provides security policies to meet your needs- regardless of whether you need PCI, HIPAA, NCUA or more finely tailored security policies. We have experts that know what requirements your business needs, why each requirement is important and steps needed to avoid being incompliant.
The best way for your business to stay safe AND avoid fines and penalties is to assess your PCI compliance on a regular basis (we recommend quarterly audits). PCI compliancy mandates annual audits to remain compliant.
Does your business handle credit transactions? Are you certain you’re compliant with current PCI regulations? Contact Us TODAY for a PCI compliance health assessment and avoid risking 10’s to 100’s of thousands in penalties!