What can happen if I choose not to comply with the PCI DSS?
If you choose not to comply with the PCI DSS then you risk:
- Potentially being fined by your acquiring bank
- Potentially being restricted from accepting credit cards as a payment method
- Greater risk of potential financial loss arising from security incidents
- A system compromise may potentially result in fines and/or restrictions. Whilst data breach reporting is not mandatory at this stage the OIAC does have powers to fine organisations for not adequately safeguarding client’s personal information.