Acquirers Expect Highest Compliance Rates on Record, Annual Report Finds

  • Security and Compliance
  • 01.05.2019 11:56 am

Sysnet Global Solutions, the leading provider of cyber security and compliance solutions, has established acquirers now hold higher expectations for compliance than they did 12 months ago. 

The annual report, which surveyed 30 global acquirers, found these providers now expect their level 4 merchant client-base to be performing at PCI compliance rates of 70 per cent or above - with none of those surveyed indicating 50 per cent or less as acceptable. In sharp contrast to this expectation, only 11 per cent of respondents currently have a compliance rate of greater than 70 per cent.

Acquirers also believe they have more responsibility and a duty of care to their merchants with eight in ten wanting to do more to drive awareness of compliance matters within their client-base. This is particularly pertinent when it comes to educating SMBs, with three quarters (75 per cent) of respondents believing that their merchant customers do not understand the need for compliance.

This change in opinion may have been driven by the advancement of managed services which are now deemed critical to the compliance process. These services have been particularly beneficial to SMBs, as processes and services are tailored to meet smaller businesses’ resources and requirements.

Gabriel Moynagh, CEO of Sysnet, commented: “By incorporating a managed service into your PCI compliance offering, providers will see higher compliance rates among their merchants. Sysnet can support this process by providing a day-to-day solution which actively manages merchants through the compliance and security process. We act as an extension of the internal team to allow a frictionless process from start to finish.”

The report further establishes that the majority (72 per cent) of those surveyed want to move away from obtaining income through PCI non-compliance fees, an increase of 20 per cent on last years’ figure. Almost 60 per cent believe that adding merchants to a managed compliance service is a viable alternative to charging for non-compliance. By ensuring merchants are compliant and secure, and moving away from these non-compliance fees, customer relationships are improved and risks are reduced for both merchant and acquirer.

This is a particularly important change for acquirers as, when merchants fold due to being unable to pay the fines associated with a breach, the cost falls to them. Although non-compliance fees generate lucrative revenue now, this may have a detrimental outcome in the long term.

By taking a preventative approach to non-compliance, merchants are able to flourish and grow. This is fuelled by the fact they will no longer be impacted by complex compliance regulations, which, more often than not, they do not fully understand.

Gabriel continued: “Current methods of charging fees to force merchants into complying simply do not work. We’ve seen that the key driver for raising compliance rates is that acquirers are now providing a managed service to support merchants through the journey.

“Not only does this change mean acquirers will migrate from a dependence on non-compliance revenue, but will also provide a preventative and responsible approach which in turn is driving higher expectations in the industry.”

One managed service which is driving change is Sysnet’s dedicated Proactive Data Security (PDS) service. With PDS, merchants have their compliance and security managed on their behalf. Sysnet has reduced the complexity behind PCI compliance to eliminate the tick-box style mentality that merchants have all too often fallen into. Not only do managed services enhance compliance levels, but they also increase the security of the business through the provision of appropriate security tools, resulting in a safer environment for all parties involved.

For the full report and survey results go to, https://sysnetgs.com/2nd-annual-acquirer-pci-sentiment-survey/.

Related News