Global expertise with local knowledge
18 May 2017
In reference to advice given by IATA concerning the risks associated with payment card (credit or debit cards) transactions and potential data breaches, there is a need to confirm the compliance of Accredited Agents operating within the BSP to be Payment Card Industry (PCI) Data Security Standard (DSS) compliant (http://www.iata.org/services/finance/Pages/pci-dss.aspx). Effective March 2018, PCI DSS compliance might be made a mandatory condition to obtain and retain accreditation as an IATA Accredited Agent in all IATA Accredited locations under the Passenger Sales Agency Rules in Resolution 818g. Non-compliance with PCIDSS could result in 2 irregularities being recorded against your agency.
PKF Control Case has been active in PCI-DSS in Malaysia since 2010 and we are one of the vendors selected by Maybank’s merchant management program to bring compliance to the bank’s over 40,000 merchants nationwide. It is with this experience that we believe we can implement for the travel industry to ensure that travel agencies can comply to this standard with the optimised effort, cost and time required. We have developed an effective PCI-DSS methodology, along with an online compliance portal to be optimized for faster and more cost effective compliance every year. Our scope of work will include:
a) Determining your PCI-DSS level, your assessment requirements and type of assessmentb) Determining your scope of compliance for PCI-DSSc) Provide support and facilitating your first time compliance with our assessment checklistd) Provide a subject matter expert to facilitate discussions and queries to IATA about your complianced) Provide PCI Policies and Procedures templates for faster compliance timee) Provide PCI training materials to ensure compliance requirements are coveredf) Provide access to PCI Compliance portal to monitor the compliance progressg) Provide additional PCI services at a discounted rate
We would like to explore the opportunity to be your compliance partner, guiding you through the PCI-DSS compliance. PCI-DSS is a unique standard whereby it applies differently to different business, so there is a very real possibility of companies overdoing their compliance by choosing the wrong self assessment document (there are 9 different SAQ documents!), and we want to assure our clients that their compliance efforts are optimised as we recognise your focus on your daily business.
We can further clarify and explain these offerings either through our email or phone call below:
Mr Stevie Heong
Contact: +60192788629Email: email@example.com
About ControlCase International and PKF Malaysia
ControlCase International (“ControlCase”) is a United States based company with headquarters in Reston, Virginia and PCI centre of excellence in Mumbai, India. ControlCase focuses on compliance services and solutions related to regulations such as PCI, ISO27001, Sarbanes Oxley, GLBA and J-Sox globally. PCI compliance services are the core focus for ControlCase and the company has PCI experience on all sides of the card business, acquiring as well as issuing. As ControlCase’s Malaysia representative, PKF, one of the top 10 international business advisory firms, works closely with ControlCase to ensure efficient and local support is provided to all our clients.
For more information on how our services can help your business get in touch.