News & Events


The era of procrastination is over. In its place we are entering a period of consequences.

Hackers are no longer targeting the Targets and Home Depots of the world. Increasingly, they’re targeting small and medium-sized businesses that have not gone through the risk and compliance efforts needed to protect themselves. As incidents of credit card hacks and data breaches mount, these businesses face increased compliance obligations and liabilities.

Payment Card Industry (PCI) Compliance is high on the agendas of Audit Committees and Executive Leadership due to increasing pressure from credit card brands and regulatory agencies. Lack of compliance may prevent businesses from being allowed to accept credit cards as a form of payment. Businesses that have a data breach where credit card data is actually stolen will be subject to much larger fines and fees from the banks, card brands, etc., and are required to report the breach, which quickly makes the news and causes further reputational damage.

The PCI Data Security Standard (PCI DSS) is used to assess organizations that handle credit cards from the major card brands including Visa, MasterCard, American Express, Discover, JCB and China Union Pay. PCI DSS applies to all entities that store, process, and/or transmit cardholder data. If your business accepts or processes credit cards, PCI DSS applies to you. However, the PCI DSS is so complex that most businesses do not know where to begin.

At UHY, we manage PCI-related initiatives as consultants rather than auditors, which allows us to provide guidance and recommendations throughout the effort. We offer a full suite of PCI Compliance consulting services to help businesses of all sizes address their compliance obligations. We tailor each PCI-related initiative to the individual needs of our clients. The cornerstone of our methodology is to translate IT risks into business risks and provide meaningful insight to your business. Alongside the compliance deliverables, our PCI service offerings are regularly used to assess and improve the security posture of our clients.

David King, Senior Manager at UHY Advisors, spoke with CNBC reporter Jon Marino about the risks and liabilities that small business owners face as incidents of credit card hacks and data breaches mount.

You can read the full article here: http://www.cnbc.com/2016/03/01/retail-businesses-face-big-new-hack-liability.html