How Does PCI Compliance Work?
Merchants are responsible for ensuring that their merchants use, service providers that are PCI compliant. Visa may impose a fine on non-compliant merchants and in sever cases bar the merchant from accepting Visa Credit Cards.
Merchants receive protection from fines in the event of a data compromise when their merchant service provider is found to be PCI compliant at the time of the security breach. Merchants are, however, subject to fines—up to $500,000 per incident—if they are not PCI compliant at the time of the breach.