So why should an entity bother spending money and manpower on complying with the requirements?

Benefits of compliance:

  • Increased security levels
  • Avoid loss of reputation and public trust in case of breach
  • Avoid Card Scheme penalties for non compliance
  • Full protection from penalties if breached when PCI compliant
  • Enhanced information security reputation
  • Extra customer comfort level
  • Sales opportunity to vend ‘compliant services’

Risks of non-compliance:

  • Increased risk of data breach
  • Significant damage to reputation and public trust when systems are breached, taking off your bottom line
  • Potential for non compliance fines
  • Substantial fines imposed for any data breach
  • Loss of right to conduct business using credit/debit card for payment in a worst case scenario