I don't have pr0n industry experience, but I worked for the largest merchant acquirer (MA) (the orgs that allow merchants to accept CCs) in the U.S. The merchant acquirer ecosystem has a pyramid structure where many Independent Sales Organizations (ISOs) service specific industries while re-selling CC acceptance from ~6 companies (~80%+ market share). These pr0n companies pay monthly rates that correspond with their chargeback numbers, etc and do not deal directly with the MAs.

Big porn companies are very serious about PCI compliance. They also closely monitor their fraud numbers. If a MID (merchant ID) goes above 5% (volume or cash amount) fraud, the processor could get fined by Visa/MasterCard/etc ($50k+) and lose the right to accept credit card payments for that particular payment network. Processors who handle porn (high-risk) accounts will often have a general, shared account they'll let you use, because they can take measures to average down and hide the fraud. However, they charge you a premium to use that general account, so you're better off using your own if you have other measures to control fraud.

My former company solved this problem by simply acquiring a payment processor company. They had total control over their processing that way. As a bonus, they had access to other porn vendors' account activities, since it was one of the 4-5 major high-risk processors used by porn companies. It was a win-win for them.

re acquisition of their and competition's processor

They just keep getting more clever, devious, and entertaining, don't they? Shit, I'd do my own Braintree for my porn company with the company's positive gains from legit customers covering the losses from the others. Who cares if my bottom line at my main company was good. Success of processor could even pay for better fraud management.

Of course, already having enough cash to buy an established one is always nice. :)

In my experience the overwhelming majority of process introduced in the name of PCI compliance are not actually required by any of the documentation.

Whether you can find an auditor that will let you get away with merely following the rules is another matter.

We don't handle the payments ourselves, they re all handled by high-risk merchants so we don't need to worry about being PCI compliant. Fees are bigger than the usual merchant ones though, lots of fraud and chargebacks.