General Requirement
OM-5.1.19
Licensees must maintain up to date Payment Card Industry Data Security Standards (PCI-DSS) certification. The initial certification must be obtained by 31st December 2017. Failure to comply with this requirement will trigger a supervisory response, which may include formal enforcement measures, as set out in Module EN (Enforcement).Added: January 2017OM-5.1.19A
In order to maintain up to date PCI-DSS certification,
licensees will be periodically audited by PCI authorised companies for compliance.Licensees are asked to make certified copies of such documents available if requested by the CBB.Added: January 2017
