Absolutely makes sense to have something like that, for genuine scammers, mass offenders, etc. But being but on that list for a few measly test payments to make sure your software is working properly? That to me sounds LUDICROUS.
When I worked on PCI certified software it was a 'you will be fired' thing. If you are just implementing something for a single customer and they have a processor account for a single site, I wouldn't do it but I guess you could. But if they have say 40 sites using this payment processor, and you could bring down all 40 sites so that they can't make any sales?
Edit: Do you really think banks' compliance departments are going to care about your argument? 'I was only doing this thing your documentation says not to do a few times'? 'I only knowing made the first transactions across your gateway in intentional violation of your requirements but I was going to stop violating them later'? Do you want to put your job/work on the line for that?
