'Comply with data security standard' warns business group

The Forum of Private Business (FPB) has warned SMEs to comply with the Payment Card Industry Data Security Standard (PCI DSS) or face penalties.

The PCI DSS was developed by leading credit card companies in 2005 to help firms that process card payments prevent fraud.

However, the FPB says that details of the standard, and the costs of failing to comply with it, are not widely known.

FPB director of finance Nick Palin said: "The FPB's members who have contacted us about the PCI DSS believe it has not been adequately publicised.

"However, the consequences of not complying could be costly."

Companies found not to be filing PCI DSS compliance reports may be fined, made to pay the cost of a full audit, or have their ability to process cards withdrawn.

Latest figures from the card clearing service APACS show an increase in credit card fraud. In the first six months of 2008, financial losses caused by card fraud increased to over £300 million, up 14% on the same period in 2007.