Well it's certainly not something as a developer I would be willing to be liable for, but I imagine you could just bypass the calls to the payment gateway. I just turn down jobs when the client asks me to do something illegal. Makes me sleep better at night. :)