Finder is committed to editorial independence. While we receive compensation when you click links to partners, they do not influence our content.
PCI fees: Why compliance matters and what it costs
Are these ambiguous security fees really mandatory? Here’s how to avoid payment card industry fees.
Many providers proudly advertise their service as PCI compliant. So what’s with the PCI fees that crop up on your monthly processing bill? Here’s how PCI fees work — and how you can avoid them.
What is PCI compliance?
Payment card industry (PCI) compliance comprises a set of standards that help maintain the security of credit card transactions. These standards are developed and regulated by the PCI Security Standards Council — a council founded in 2006 by American Express, Discover, JCB International, Mastercard and Visa Inc.
The standards maintain the security of credit card networks and protect sensitive cardholder data. A provider that meets the council’s standards — a set of 90 key and base requirements alongside 400 test procedures — are considered PCI compliant.
What is a PCI compliance fee?
A PCI compliance fee is a payment processing fee — typically charged in return for PCI compliance services. But payment processing providers tend to handle this fee differently.
Some don’t charge PCI compliance fees and don’t provide PCI compliance services. Others charge the fee and offer compliance services. While others still charge the fee and don’t provide a service — an unsavory business practice that leaves you responsible for PCI compliance while tacking on an ambiguous fee for nothing.
Most providers that charge the fee do offer some degree of service, including security scans, data breach insurance and educational resources on PCI compliance to help you understand how to keep your business safe.
Why am I being charged this fee?
Payment processors charge PCI compliance fees to help cover the costs of keeping onboarded merchants PCI compliant. These standards are mandated by credit card issuers and help regulate credit card security, so it’s something all businesses, regardless of size or industry, must deal with.
What is a PCI noncompliance fee?
Your payment processor charges you a PCI noncompliance fee for failing to keep your business PCI compliant.
Why am I being charged this fee?
The most common reason for your business being nailed with a PCI noncompliance fee is for failing to complete your annual Self-Assessment Questionnaire (SAQ).
SAQs are drafted by the PCI Security Standards Council and require you to disclose information about how your business processes payments. Some processors help you fill out the form or will even complete it on your behalf. Guidelines and forms can also be found on the PCI Security Standards Council’s website. Businesses are considered non-compliant if they fail to complete the form or fail to answer all questions in the SAQ affirmatively.
Do all providers charge PCI fees?
Many providers charge PCI fees in some form or another. Some charge PCI compliance fees, but no PCI noncompliance fees — and vice versa. There are a handful of providers that don’t charge any PCI fees at all, including Chase Merchant Services and Stripe.
How much do PCI fees cost?
PCI compliance fees are charged monthly or annually. Monthly fees typically range from $4.99 to $19.95, while annual fees tend to fall between $50 and $99.
PCI non-compliance fees are usually charged monthly and may or may not include a grace period. Fees tend to fall between $10 and $45 for each month your business remains noncompliant.
How can I avoid paying PCI fees?
Whether or not you’re charged PCI fees depends on your payment processing provider. While you can typically avoid noncompliance fees by completing your annual Self-Assessment Questionnaire, PCI fees are at the discretion of your provider.
If you’re interested in a provider that charges no PCI compliance or noncompliance fees, check out Chase Merchant Services or Stripe.
How to tell if you’re being charged PCI fees
PCI fees are sometimes called security or regulatory fees. But more often than not, the fee will be clearly identified on your processing bill. There are a few different ways it can appear, but the PCI designation makes it easy to identify:
- PCI fee
- PCI validation fee
- PCI non-compliance fee
- PCI CHG
- NONPCI CHG
Compare payment processors
If you're being charged more fees than you're comfortable with, compare your processing options to get the best deal.
PCI fees are prevalent in the processing industry, but far from mandatory. Explore your payment processing options to find a provider that offers the best service for your business.
Frequently asked questions
Is PCI compliance mandatory?
PCI compliance applies to any business that accepts credit or debit card payments. For these businesses, PCI compliance is mandatory.
What happens if my business remains noncompliant?
Card issuers can fine acquiring banks and payment processors between $5,000 and $100,000 monthly for PCI compliance violations. These fines can be passed along to the merchant or business found to be noncompliant.
More guides on Finder
Small business loan interest rates are low — but will it last?
Business loan interest rates dropped in 2020 and are likely to stay low. Here’s why.
Methodology: Kids’ checking accounts and prepaid debit cards
We look for the following features when rating kids debit cards: monthly fees, features, availability, customer service, interest rate and more.
Union Bank home equity review
Offers no annual fee, discounted HELOCs — but locations are limited.
AdvancePoint Capital review
This online marketplace can connect your business with a factoring company, even with bad credit.
Citizens Bank home equity review
Tap your equity without paying closing costs or fees.
Compare $600,000 business loans
Find a $600K business loan and calculate the monthly payment before you apply.
Merrill Cash Management Account review
The Merrill Cash Management account offers several perks, but it has a high annual fee.
Coinbase vs Coinbase Pro
We compare Coinbase and Coinbase Pro side-by-side so you can see the differences in fees, features, supported cryptocurrencies and more.
How to start a solo 401(k)
A retirement plan for self-employed individuals but may come with high administrative fees.
Kickfurther inventory financing review
Inventory financing to the tune of $2 million to help your business grow without supply chain hiccups.
Ask an Expert