What your credit union needs to know about PCI DSS

February 14, 2017 by Chris Cote, SWBC

Working for a credit union can bring a lot of great benefits and opportunities. On the short list of negatives is the long—and always growing—list of regulatory and compliance requirements handed to the financial industry. One compliance requirement your credit union must be aware of is PCI DSS, or the Payment Card Industry Data Security Standard.

Overview

PCI DSS is a group of standard security processes designed to keep credit card information safe during data acceptance, processing, storage, and transmission. PCI DSS was created and agreed upon by American Express, Discover, JCB, MasterCard, and Visa, who work together to ensure compliance. All companies that accept, transmit, or store credit card data must comply with mandates of the PCI DSS.

Importance of PCI DSS

Working for a credit union, you probably know that all types of fraud and security breaches are rampant, with almost half of all organizations experiencing a security breach in the last year, according to Experian. The PCI DSS aims to address and reduce known danger zones for credit card information. The standards dictate procedures to be followed throughout the entire credit card process:

Card holder data usage
Transmitted data encryption
Stored data protection
Back-end storage

Compliance and consequences

As I stated earlier, all companies that accept, transmit, or store credit card data must comply with the PCI DSS; therefore, it’s highly likely your credit union is subject to its mandates. Even if you use a third-party credit card processing company, you must comply and are held accountable.

Though PCI DSS compliance is not required by the federal government, failure to comply may cost your credit union business and substantial penalty fees. Some states require compliance, and many businesses require proof of compliance before entering into business with your credit union. If your credit union suffers a security breach and is found in violation of any PCI DSS mandate(s), you may be subject to civil litigation and fines of $5,000 to $100,000 a month!

Unfortunately, the numerous rules and regulations that apply to credit unions are unlikely to grow less burdensome in the next few years. Fortunately, you have resources to help! For further guidance on PCI DSS requirements and information on the current state of payments, regulations, and financial technology, download our new ebook, Meeting Consumer Self-Serve Payment Demand.

Chris Cote

Chris Cote has been with SWBC since 2011 and has more than 12 years of experience in the financial services industry. As the Compliance Officer for the SWBC Financial Institution ... Web: https://www.swbc.com Details

What your credit union needs to know about PCI DSS

Chris Cote

Featured

3 terrible reasons for not teaching financial education in school

Five ways financial education drives brand awareness

Credit unions + financial education = brighter futures

Ways to lower your tax burden tomorrow (and the day after)

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!