January 28, 2014

NAFCU, ICBA jointly push data security standards

Jan. 29, 2014 – NAFCU President and CEO Dan Berger and Camden Fine, the president and CEO of the Independent Community Bankers of America, together wrote the House and Senate Tuesday to urge higher standards for retailers regarding data security.

The two wrote in response to the series of high-profile data security breaches at large retailers, including a breach at Target Corporation which may have affected as many as 110 million consumers, and a possible breach at Michaels Stores Inc.

They advocated standards akin to the Gramm-Leach-Bliley Act which apply to financial institutions and emphasized that the party responsible for the data breach should be liable for the resulting losses.

"The cost of reissuing a single payment card alone may be as high as $10 to $15 for smaller institutions," they wrote. "A bank or credit union may have to reissue thousands of cards in the event of a major breach. The party at fault for a breach should bear responsibility for these costs. This change would better align incentives to keep consumer data safe and foster good business practices."

During the House Financial Services Committee hearing on the CFPB on Tuesday, Reps. Randy Neugebauer, R-Texas, Ed Perlmutter, D-Colo., and Ed Royce, R-Calif., all stressed the importance of data security while questioning bureau Director Richard Cordray.

Two NAFCU-sought hearings have been scheduled for Feb. 3 and 4 on data security; NAFCU will submit statements for both.

NAFCU was the first financial trade association to call on Congress for hearings and legislation on national data security standards for retailers in the wake of the Target breach.