In this article, we’re breaking down the basics of Payment Card Industry (PCI) Compliance with Nick Benz, our Director of Treasury Management and Merchants Services. If you’re a business that takes
card payments, it’s important to ensure your compliance by the end of the calendar year to avoid additional fees and secure your customers’ payment information.
The Basics of PCI Compliance
PCI Compliance is a common security standard created by the Payment Card Industry Council. All entities who take credit or debit card payments, send card payments or process card payment information from a customer are required to be compliant. This includes businesses and non-profits, regardless of size.
“The main goal with PCI Compliance is to keep payment information secure,” shares Nick. “If your current card processor hasn’t talked to you about PCI Compliance, it’s an important conversation to have now.”
Why Should a Business be PCI Compliant
There are a few key benefits to ensuring your business is PCI compliant, including:
- Minimizing fraud
- Saving money
- Avoiding penalties
First and foremost, following this security standard helps your business minimize the risk of fraud associated credit and debit card payments. The standard lays out exactly what businesses need to do to protect customer information. Being compliant can make a crucial difference in the case of a business being hacked, limiting the amount of information fraudsters may be able to get their hands on.
In addition, there are monetary and disciplinary penalties involved if your business is not PCI compliant. For example, you will be charged a monthly fee until you become compliant or report your compliance to your card processor. If you experience a data breech without PCI Compliance, you may even lose your ability to process card payments.
How to Become PCI Compliant
If you’re unsure if your business is currently compliant, reach out to your card processing contact. At Merchants Bank, this is our
Treasury Management team. “We can absolutely help you figure out the current status of your PCI Compliance and walk you through any next steps you need to take,” explains Nick. “The only notification you may currently be receiving about your status would appear on your statement, and that can be easy to miss.”
The process for becoming compliant – which needs to be completed each calendar year – involves answering a questionnaire called the Self-Assessment Questionnaire (SAQ). There are different versions of the questionnaire based on specific attributes of your business. The questionnaire will guide you through the appropriate version and share your compliance with your associated card processor.
Nick’s tip? “Set a calendar or task reminder for submitting your annual SAQ. It’s one less thing you have to try and remember as a busy business owner.”
If you have questions about PCI Compliance and your current card processing program, reach out to Nick and
Treasury Management team. With their expertise, you can create an efficient and secure card processing solution that algins with your business needs.