Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU/merchant parity in data rules a must: CUNA to lawmakers
WASHINGTON (3/6/13)--Inconsistent data security standards need to be addressed before a solution to merchant data breaches can be achieved, the Credit Union National Association said in a Wednesday letter to the U.S. Congress.
The letter was sent for the record of a House Financial Services subcommittee on financial institutions and consumer credit entitled "Data Security: Examining Efforts to Protect Americans' Financial Information." Subcommittee members Rep. David Scott (D-Ga.) and Spencer Bachus (R-Ala.) during the hearing queried government witnesses on the need for merchants to be under uniform data security and consumer notification standards.
CUNA, the National Credit Union Administration and others have recently called for data security standard parity between merchants and financial institutions.
"Simply put: credit unions and other financial institutions are subject to high data protection standards under the Gramm-Leach-Bliley Act; merchants are not. When merchant data breaches occur, financial institutions--not merchants--bear the costs of replacing credit and debit cards and fraud costs," CUNA President/CEO Bill Cheney wrote.
The Target data breach cost credit unions an estimated $30.6 million, and future fraud could increase these costs, CUNA said. Merchant data breaches are a top credit union concern. "It is an issue of such great concern because these breaches cost credit unions and their members significantly, and they divert resources from other credit union activity, including lending," Cheney wrote.
"Until and unless merchants are held accountable for the damages that breaches to their systems cause financial institutions and consumers, we have little confidence that they will be incentivized to properly secure their systems," the letter added.
To address credit union data security concerns, CUNA suggested that Congress:
  • Hold all payment system participants to comparable levels of federal data security requirements;
  • Hold those responsible for the data breach responsible for the costs of helping consumers; and
  • Ensure consumers know where their information was breached.
"Credit unions also support legislation that requires merchants to provide notice to those consumers affected by a data breach, and permits credit unions to disclose where a breach occurs when notifying members that their account has been compromised...Consumers need transparency and knowledge to understand where their data has been put at risk," the letter said.
CUNA also encouraged the committee to hold additional data breach hearings.
For the full letter, use the resource link.
Other Resources

CUNA Letters to Congress
RSS print
News Now LiveWire
The Hill reports House Republicans plan to delay Aug. recess to stay in D.C. until they have enough votes to pass bill on border crisis.
11 hours ago
The FHLBs of Des Moines and Seattle announce they have entered into an exclusivity arrangement regarding potential merger of the 2 entities.
12 hours ago
SunCorp and @AlloyaCorp have announced their intent to merge.
14 hours ago
.@TheNCUA bars former employee of Southwest Communities FCU,Melissa Rosing,from work at any federally insured FI.
14 hours ago
Fryzel added @TheNCUA is fed. governmt, thereby will B criticized, but always tried 2 do what is right. McWatters still 2 B sworn in.2of2
17 hours ago