Compliance with PCI DSS is a contractual obligation.
· Explain how this differs from a regulatory obligation.
· Which takes precedence a regulatory requirement or a contractual obligation? Explain your answer.
· Who enforces PCI compliance? How is it enforced?