The PCI SSC stated that while Visa is not requiring merchants to file a ROC or AOC, the merchant still has to ensure that it is PCI DSS compliant. This means that the merchant still must go through the PCI compliance assessment process of a ROC or respective SAQ to ensure that their controls are functioning properly.
via The (EMV/Contactless) World According To Visa « PCI Guru.
You must be logged in to post a comment.