Card fraud affects merchants, not just shoppers. The Data Security Standard 3.0, released by the Payment Card Industry (PCI), urges companies to create a data flow diagram. This diagram would reveal all the systems, applications and employees who have access to cardholder data.
http://robertsiciliano.com/blog/2013/12/21/merchants-do-you-know-where-you-card-data-is/