@daddo May I ask you a few questions? Have you ever been the victim of fraud or identity theft? Did you read the terms of the agreement you signed with Intuit/QuickBooks?
Reference 1 in the T&C of your merchant agreement:
Compliance with Law, Card Network, and NACHA Rules. In connection with your use of QuickBooks Payments, or in the course of your interaction with your customers or us, you agree to comply with all laws and regulations applicable to you, your business, and QuickBooks Payments. You further agree to use QuickBooks Payments in a manner that is consistent with all applicable laws, including laws pertaining to privacy and data protection, as well as rules and operating regulations issued from time to time by: credit card and payment networks (i.e. VISA, MasterCard, American Express, JCB, Discover, Apple Pay, PayPal, Venmo, etc.); the Payment Card Industry, including but not limited to the Payment Card Industry Data Security Standards (“PCI DSS”) and Payment Application Data Security Standard (“PA-DSS”) (collectively, “Rules”). The Rules are made available at the following page: https://quickbooks.intuit.com/payments/legal/; however your obligation to comply with the Rules apply regardless of whether we have posted such Rules on our website or otherwise made them available to you. The current versions of the Rules may be viewed on the Legal Documents page. In requesting an ACH or card transaction, you agree to take all measures, actions and steps in order to ensure that no transactions or interactions with any persons (natural or entities) included in lists maintained by the United States or other applicable jurisdictions prohibiting transactions with and the export of US products to certain entities, people and jurisdictions to include Cuba, Iran, North Korea, Syria and the Crimea region of the Ukraine. Specific to NACHA Rules, you agree to obtain customer consent to debit or credit their bank account and initiate a transaction over the ACH network. Such consent must be in a form and manner that complies with NACHA Rules and the documentation for ACH transactions.
Merchant Agreement
Other Payment and Legal Documentation
Basically when you signed the agreement, you already stated that you were going go comply with their rules, now because they are enforcing something, your made that you are being held accountable to what you said you were going to do
Just so you know, I run a 3rd party provider and have created a SaaS for merchants to automate the requirements of PCI.
