Merchant Reporting Requirements
Merchant Levels
Merchant reporting requirements are dependent upon a merchant defined merchant level.
Merchant levels are defined by the individual card brands and are based on the number of
payment card transactions a merchant does each year. Merchant levels and reporting
requirements are identified in the table below.
Every Year:
● Report of Compliance completed by a
QSA or ISA certified internal auditor
Quarterly:
● Conduct quarterly ASV scans
Every Year:
● Report of Compliance completed by a
QSA or ISA certified internal auditor;
or
● Self-Assessment Questionnaire
completed by a QSA or ISA certified
internal auditor
Quarterly:
● Conduct quarterly ASV scans
20,000 to 1 Million
E-Commerce only
Every Year:
● Self-Assessment Questionnaire
completed by merchant or QSA
Quarterly:
● Conduct quarterly ASV scans
Every Year:
● Self-Assessment Questionnaire
completed by merchant or QSA
Quarterly:
● Conduct quarterly ASV scans
Note: Please review processing statements for the previous fiscal year to estimate your transaction volume
per Card Brand.
PCI Instruction Guide
© Toast 2018
Page 6 of 44
To Next Page
Loading...
