According to an article last Thursday by Evan Schuman of eWeek, Visa recently issued another reminder to Level 1 merchants (those that generate more than six million Visa transactions per year) that September 30 is the deadline to be compliant with the PCI DSS. Merchants will have to work quickly to meet this deadline, as only 39% of Level 1 merchants were reportedly in compliance as of July 18, according to an article posted on Digital Transaction News.

Failure to comply with PCI standards will cost merchants monthly fines of at least $25,000 along with higher commission fees. However, in my opinion, we will see a dramatic increase in the number of Level 1 merchants who reach compliance to avoid such penalties. Add to this the fact that most retailers and financial institutions go into a complete system lockdown during Q4. By some estimates, at least 30% of a retailer’s revenue is dependent upon the holiday shopping season, which officially begins on “Black Friday,” the Friday after Thanksgiving.

Let’s work through a simple non-compliant scenario for one of my favorite large chain department stores. First, take into account the system lockdown for Q4 at a base cost of $25,000 per month x 3 months = $75,000. Next, add on top the elevated commission fees. Let’s say this retailer does about $2.5 billion revenue in Q4 with 50% transacted by Visa. Because of its non-compliance, the uplifted commission fee to Visa is an extra 1%, which comes to about $12,500,000 for a grand total of $12,575,000 per quarter – serious dollars no matter how big the company.

To help organizations comply faster and reduce the risk of fines and elevated transaction commissions, McAfee today announced the Easy PCI initiative, combining technology and expert assistance to deliver a comprehensive approach to gaining PCI compliance.

It will be difficult for PCI to be implemented and enforced across such a broad range of large merchants. However, it’s a necessary standard that must be adopted to stay one step ahead of the increasingly coordinated efforts of cyber thief networks.