Retail banks must maintain up to date Payment Card Industry Data Security Standards (PCI-DSS) certification. Failure to comply with this requirement will trigger a supervisory response, which may include formal enforcement measures, as set out in Module EN (Enforcement).