Finder is committed to editorial independence. While we receive compensation when you click links to partners, they do not influence our content.

PCI fees: Why compliance matters and what it costs

Are these ambiguous security fees really mandatory? Here’s how to avoid payment card industry fees.

Many providers proudly advertise their service as PCI compliant. So what’s with the PCI fees that crop up on your monthly processing bill? Here’s how PCI fees work — and how you can avoid them.

What is PCI compliance?

Payment card industry (PCI) compliance comprises a set of standards that help maintain the security of credit card transactions. These standards are developed and regulated by the PCI Security Standards Council — a council founded in 2006 by American Express, Discover, JCB International, Mastercard and Visa Inc.

The standards maintain the security of credit card networks and protect sensitive cardholder data. A provider that meets the council’s standards — a set of 90 key and base requirements alongside 400 test procedures — are considered PCI compliant.

What is a PCI compliance fee?

A PCI compliance fee is a payment processing fee — typically charged in return for PCI compliance services. But payment processing providers tend to handle this fee differently.

Some don’t charge PCI compliance fees and don’t provide PCI compliance services. Others charge the fee and offer compliance services. While others still charge the fee and don’t provide a service — an unsavory business practice that leaves you responsible for PCI compliance while tacking on an ambiguous fee for nothing.

Most providers that charge the fee do offer some degree of service, including security scans, data breach insurance and educational resources on PCI compliance to help you understand how to keep your business safe.

Why am I being charged this fee?

Payment processors charge PCI compliance fees to help cover the costs of keeping onboarded merchants PCI compliant. These standards are mandated by credit card issuers and help regulate credit card security, so it’s something all businesses, regardless of size or industry, must deal with.

What is a PCI noncompliance fee?

Your payment processor charges you a PCI noncompliance fee for failing to keep your business PCI compliant.

Why am I being charged this fee?

The most common reason for your business being nailed with a PCI noncompliance fee is for failing to complete your annual Self-Assessment Questionnaire (SAQ).

SAQs are drafted by the PCI Security Standards Council and require you to disclose information about how your business processes payments. Some processors help you fill out the form or will even complete it on your behalf. Guidelines and forms can also be found on the PCI Security Standards Council’s website. Businesses are considered non-compliant if they fail to complete the form or fail to answer all questions in the SAQ affirmatively.

Do all providers charge PCI fees?

Many providers charge PCI fees in some form or another. Some charge PCI compliance fees, but no PCI noncompliance fees — and vice versa. There are a handful of providers that don’t charge any PCI fees at all, including Chase Merchant Services and Stripe.

How much do PCI fees cost?

PCI compliance fees are charged monthly or annually. Monthly fees typically range from $4.99 to $19.95, while annual fees tend to fall between $50 and $99.

PCI non-compliance fees are usually charged monthly and may or may not include a grace period. Fees tend to fall between $10 and $45 for each month your business remains noncompliant.

How can I avoid paying PCI fees?

Whether or not you’re charged PCI fees depends on your payment processing provider. While you can typically avoid noncompliance fees by completing your annual Self-Assessment Questionnaire, PCI fees are at the discretion of your provider.

If you’re interested in a provider that charges no PCI compliance or noncompliance fees, check out Chase Merchant Services or Stripe.

How to tell if you’re being charged PCI fees

PCI fees are sometimes called security or regulatory fees. But more often than not, the fee will be clearly identified on your processing bill. There are a few different ways it can appear, but the PCI designation makes it easy to identify:

  • PCI fee
  • PCI validation fee
  • PCI non-compliance fee

Compare payment processors

If you're being charged more fees than you're comfortable with, compare your processing options to get the best deal.

Name Product Monthly fees start at Processing fees start at Processing time High-risk merchants accepted?
Chase Merchant Services
2.6% + 10¢ per swiped credit card
Next day when you deposit into a Chase business checking account
Accept, process and deposit customer payments in your store, online or on-the-go.
$0.08 + interchange per transaction
Next day for qualified businesses
Businesses that process more than $10,000 monthly can save with Stax's interchange+ pricing.
2.6% + 10¢
Next day
Square is a one-stop shop with both e-commerce and in-person solutions.
1.92% + $0.08 per transaction
Two business days
Conveniently packaged into three service tiers for in-person and online sales.

Compare up to 4 providers

Bottom line

PCI fees are prevalent in the processing industry, but far from mandatory. Explore your payment processing options to find a provider that offers the best service for your business.

Frequently asked questions

Is PCI compliance mandatory?

PCI compliance applies to any business that accepts credit or debit card payments. For these businesses, PCI compliance is mandatory.

What happens if my business remains noncompliant?

Card issuers can fine acquiring banks and payment processors between $5,000 and $100,000 monthly for PCI compliance violations. These fines can be passed along to the merchant or business found to be noncompliant.

More guides on Finder

Ask an Expert

You are about to post a question on

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked provides guides and information on a range of products and services. Because our content is not financial advice, we suggest talking with a professional before you make any decision.

By submitting your comment or question, you agree to our Privacy and Cookies Policy and Terms of Use.

Questions and responses on are not provided, paid for or otherwise endorsed by any bank or brand. These banks and brands are not responsible for ensuring that comments are answered or accurate.
Go to site