WASHINGTON (3/6/14)--The Credit Union National Association made sure that every lawmaker on Capitol Hill got this message Wednesday: America's credit unions spend millions of dollars--without skipping a beat--to protect consumers from merchant data breaches by re-issuing cards, monitoring accounts and reimbursing customers for fraud.
CUNA called on merchants to start working
financial institutions now to implement the best solutions to secure the system and protect consumers from fraud and identity theft--even though these solutions may be costly.
That message to Congress came in the form of a CUNA rebuttal to a recent blog post by the National Association of Convenience Stores (NACS) in
blog post Wednesday--which CUNA circulated to every federal lawmaker's office-- Executive Vice President of Government Affairs John Magill refutes mistaken claims NACS made about who covers costs of a merchant's data breach: It is credit unions and other financial institutions.
"Merchants are not required to reimburse financial institutions for the cost of card re-issuance after a data breach. Nothing in the Visa and MasterCard network rules provide for merchants to cover the costs of card re-issuance.
"This cost can be quite substantial, particularly for smaller financial institutions such as credit unions: The recent Target breach has cost credit unions about $5.68 per card affected, and that doesn't even include actual fraud losses," Magill states.
Magill goes onto to rebut the merchants' claim of "forced reimbursements" from merchants to card issuers to cover the cost of fraud losses after a breach--calling the whole notion "flawed."
"The Durbin amendment only applies to debit transactions, not credit, and the rate adjustment does not cover the cost of card re-issuance."
Even when merchants are made to take responsibility--like in a recent settlement reached among TJ Maxx, Visa and MasterCard after a recent data breach at the retailer-- the credit unions involved received only pennies on the dollar to cover fraud costs. (Magill also notes that if network rules really did provide for "forced reimbursements," then there would be no need for this type of settlement in the first place.)
Magill calls on merchants to start working together with financial institutions to implement the best solutions to secure the system and protect consumers from fraud and identity theft, "even though these solutions may be costly."
"While we have all had our disagreements about issues in the past, now is the time to put our customers first and collaborate to ensure the best outcome for Americans," he concludes.