Yet again, Understand that these aren’t “fines” in the same sense that, say, you’d pay for violating some authorities regulation or traffic regulation; they’re penalties constructed right into a deal between merchants, payment processors, and card manufacturers. The distinction between the different types of SOC audits lies within the scope https://www.nathanlabsadvisory.com/blog/nathan/maximize-business-trust-and-security-with-hitrust-compliance/
