Scoop: Lawsuit against BAMS alleges deliberate non-compliance with PCI rules – Published October 30, 2020. The article covering this case not only went out in FinLedger’s newsletter, but as is visible in the screencap, was the anchor article and was the lead piece in the opening preview.

In a complaint filed under a series of acts – including Dodd-Frank, Sarbanes-Oxley and the Consumer Finance Protection Act – in September 2019, Eric Slawin alleges that he was unfairly terminated after he objected to what he described as BAMS’ strategy “of misleading its customers to believe that it was PCI-compliant when it was not.” Those customers include the likes of huge retailers such as Target, Amazon and Home Depot.

According to Slawin’s attorneys – Robert N. Marx and Jean Simonoff Marx of Atlanta-based Marx & Marx L.L.C. – the former BAMS employee was concerned when he observed non-PCI-compliance with regard to PAN data. PAN data refers to primary account number data on consumers’ credit and debit cards and is contained within information that is stored and/or transmitted by BAMS.