Credit Card Acceptance Overview

University groups, organizations and departments that want to accept credit card payments need to contact the Credit Card Acceptance Team at

All groups, organizations, and departments at UWM that accept credit card are required to participate in mandator Payment Card compliance activities. These activities include:

  • Annual completion of a Self Assessment Questionnaire every academic / fiscal year
  • Participation in in-person assessments of your environment by the UWM designated PCI Compliance Analyst
  • Completion of mandatory, annual training in payment card acceptance best practices
  • Maintaining documentation at the group, organization, and department level of employees who have participated in the annual training, with the ability to produce to the PCI Compliance Analyst upon request
  • In some instances, maintaining relationships with third party vendors for departmental specific payment applications, to receive compliance documentation from the vendors (AOCs, etc)
  • Review annually the University Policies and Procedures related to the PCI compliance environment
  • Maintain accurate lists of individuals within your organization directly involved in the credit card processing environment
  • Review and submit annual Service Level Agreement to the Controller’s Office

Merchants must determine the method or application they wish to accept credit card payments through. If it is a solution that UWM currently doesn’t use, adequate research needs to be performed by the PCI Compliance Analyst to determine the appropriateness of the application for our environment, in an effort to reduce compliance costs, and most importantly, reduce the risk for UWM.

Credit Card Acceptance Procedure

  1. Contact the Credit Card Acceptance team with a statement of interest to accept credit card transactions. All merchants must be approved by the Controller’s Office. Email:
  2. Complete and return the Merchant Card Application
  3. Complete the Service Level Agreement
  4. Identify and coordinate with a project manager with your university group to manage the implementation
  5. Determine the technology you will require
  6. Review the current Policy and Procedures for University Information Security and the Credit Card Operating Regulations
PCI Policies & Procedures

Policies and Procedures have not been updated as we are waiting for PCI DSS 4.0. Below are the most recent Policies and Procedures, approved by the Credit Card Acceptance Committee and the PCI Policy and Procedure workgroup. You are required to review annually and verify with the PCI Compliance Analyst or Controller’s Office.

The most relevant Policies and Procedures to our current environment are:

Historical Policies and Procedures are:


Merchant Application (MID) – US Bank merchant application

Service Level Agreement – Service Level Agreement between the department/unit and Controller’s Office

Merchant Card Administration Procedure (ASM) – internal UWM Operating Principles and Responsibilities for accepting credit card activity

Service Level Agreement – Service Level Agreement between the department/unit and Controller’s Office

UWM Credit Card Acceptance Committee Team Charter – Under Review

Glossary of PCI Terms – Definitions of terms according to the PCI Security Standards Council

Approved Vendor List

Mandatory Training

For UWM Employee MANDATORY Cashier’s Training, please click on the following link: