Achieving Payment Compliance

Every business that accepts credit cards must follow specific regulations. Failure to comply with these rules can be a costly mistake for your organization.

For example, a GDPR violation can range up to €20 million ($21.79 million), or 4% of the company’s global annual revenue from the previous year, whichever is higher. 

To protect your business, you must achieve payment compliance. So how do you do it?

In today’s day and age, achieving payment compliance can feel like an uphill battle. There are lots of different rules and regulations that you must follow. Within the last year alone, some of the world’s biggest regulations have been enacted. 

While payment compliance is a complex subject, it’s not impossible to achieve. Plus, it’s crucial for the health and success of your company. 

CFOs, CTOs, and CSOs alike must all understand the importance of achieving payment compliance, which is what inspired me to create this guide. 

Payment Compliance Categories

Despite the intricacy involved with payment compliance, there’s a way to simplify things for you. Rather than looking at payment compliance as a whole, it’s much easier to comprehend if you segment different regulations by category.

I’ve identified the top six payment compliance categories that every business needs to know.

Payment Network Compliance

Every card brand has its own specific requirements for processing transactions. These rules are continually changing, although most are minor, and won’t necessarily have a dramatic impact on merchants. 

For example, Visa recently enacted a new policy for subscription merchants offering free trials or intro promotions.

The National Automated Clearing House Association (NACHA) also has its own set of rules and policies that merchants must follow.

Data Privacy Compliance

Two examples of the biggest names in data compliance include GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act).

Both of these regulations have rules related to personal consumer data privacy, such as names, emails, browser history, location, and more. While these laws aren’t directly tied to payment processing, any merchant that sells online must abide by these rules. 

PCI Compliance

PCI compliance is something that every merchant should be familiar with. PCI DDS is short for Payment Card Industry Data Security Standard. This set of guidelines helps ensure that all cardholder data remains secure.

The card networks segment businesses into different risk categories based on the number of transactions they process each year. 

Failure to follow PCI standards can result in PCI non-compliance fees. Merchants must complete a self-assessment questionnaire on an annual basis. Most merchant service providers will start charging you these fees on a monthly basis if you don’t remain compliant.

Tax Collection Compliance

Tax collection compliance is crucial for ecommerce businesses to understand. One recent example was the Wayfair ruling (South Dakota v. Wayfair).

Based on this Supreme Court ruling, states can collect sales tax on businesses without a physical presence in the sate. Any business with more than 200 transactions or $200,000 of in-state sales is subject to state taxes.

For example, if your headquarters and warehouse are in Texas, but you have more than 200 transactions to customers in South Dakota, you have to pay taxes to South Dakota. 

Each state has its own rules and regulations for what businesses are subject to taxes.

It’s important that you understand these tax collection compliances for each state where you sell, even if you don’t have a physical presence. 

Consumer Security Compliance

The Revised Payment Services Directive, better known as PSD2, is an example of consumer security compliance. The directive was made to level the playing field in the payment processing industry with banks while making the payments process safe and secure for consumers in Europe. 

How to Achieve Payment Compliance

Broadly speaking, all of the payment compliance regulations can be segmented into the categories that are listed above. But within each category, there are always new rules, policies, and changes happening. 

From payment networks to states, countries, and more, there are lots of components for you to keep in mind as a merchant. This is especially true for anyone that sells online. 

With that said, there are a couple of ways that you can achieve and maintain payment compliance.

Upgrade Your Technology

The first thing you need to do is make sure that your technology infrastructure is updated. This will help you meet the majority of regulations that we’ve discussed. I’m referring to your payment processing technology, as well as your website functionality.

For example, visitors shopping on your website need the ability to opt-out of cookies under data privacy compliance laws. Card networks also require you to have an additional checkbox for website visitors to store payment information on your site. 

Having the right technology makes everything easier, but it’s just the first step. You also need to understand what regulations to follow, which is what we’ll discuss next.

Monitor Everything

With so many regulations for payment compliance, we’ve reached a point where merchants need to be monitoring everything. You must keep an eye on any regulation that impacts your payments, including existing rules that are being updated or changed.

In some instances, you may need legal counsel to walk you through regulations. This is especially true for businesses selling online. You want to make sure that you’re paying taxes properly to each state based on local laws. So speaking to a tax attorney or an accountant would be highly beneficial, since there isn’t a single “blanket” rule applying to all states. 

Final Thoughts

Achieving payment is difficult, but it’s not impossible. The most important thing that you need to do is start with PCI compliance since this is directly related to credit card processing and your credit card processing fees. 

If you’re currently being charged for PCI non-compliance fees, contact our team here at Merchant Cost Consulting. Not only can we help you with those charges, but we’ll also help you lower your credit card processing fees as a whole.