Newsroom

NAFCU last week joined with six other financial industry trades in suggesting legislative fixes to address the recent trend of data breaches affecting companies, financial institutions and consumers. In a joint letter, the trade groups call for a strong national data security standard and breach notification requirements.

The groups were responding to a request for comments from Reps. Greg Walden, R-Ore., and Bob Latta, R-Ohio, on data breach legislation. Walden is the chairman of the Energy and Commerce Committee, and Latta is the chairman of the Subcommittee on Digital Commerce and Consumer Protection.

"Stopping breaches is critical for consumers, and also important to our members who often have the closest relationships with those affected," the trades wrote. "Data breaches impose significant costs on financial institutions of all sizes because our first priority is to protect consumers and ensure that they have no liability for fraud that typically follows a breach. Our members provide relief to victims of breaches, regardless of where the breach occurs."

NAFCU was the first financial trade group to call for a national data security standard for retailers in the wake of the 2013 Target breach. In November, the association testified before a House subcommittee and provided ways to curb data breaches.

Last week's joint letter outlines three goals of legislation:

• ensure that all entities are required to protect sensitive personal and financial data;
• require timely notification of consumers and impacted parties that are at risk in the event of a breach; and
• ensure compliance through appropriate state and federal oversight, recognizing existing federal obligations for the financial industry to both secure data and notify consumers of a breach, and eliminate overlapping and inconsistent laws and regulations.

"Our existing payments system serves hundreds of millions of consumers, retailers, financial institutions and the economy well," the letter states. "Protecting this system is a shared responsibility of all parties involved and we must work together and invest the necessary resources to combat never-ending threats to the payments system."