The Payment Card Industry Data Security Standard is a collection of security criteria aimed at protecting card information throughout and beyond financial transactions. Every card brand is required to comply to the industry standards, and, although they are not always explicitly required to do so, most FinTech companies adopt PCI compliance to assure a superior level of security to their users.
PCI DSS ensures that every company that accepts, processes, stores or transmits card information maintains a highly secure environment. The PCI DSS is managed by the Payment Card Industry Security Standards Council (PCI SSC), an independent association that was created by the major payment card brands (Visa, MasterCard, American Express, Discover, and JCB.). Please note that the payment brands and acquirers are the ones responsible for enforcing compliance, not the PCI council.