ICBA News Release
FOR IMMEDIATE RELEASE
ICBA Outraged at National Retail Federation Letter Blaming Banks for Retail Data Breaches
Washington, D.C. (Jan. 22, 2014)—The Independent Community Bankers of America® (ICBA) today expressed its shock and outrage at a National Retail Federation (NRF) letter blaming the financial services industry for recent data breaches at retailers such as Target and Neiman Marcus.
“The NRF should focus its attention on responding to the harm that security breaches at several retailers have done to consumers and their financial institutions rather than hurling false allegations blaming the banking industry for these retail breaches,” ICBA President and CEO Camden R. Fine said. “Retailers and their processors—not banks—are responsible for the systems in their stores that process payment cards. ICBA hopes that the massive retail security breaches at Target, Neiman Marcus and others will spur retailers to adopt security solutions going forward.”
Nearly every retailer security breach in recent memory has revealed some violation of industry security agreements. In some cases, retailers haven’t even had technology in place to alert them to the breach intrusion, and third parties, like banks, have had to notify the retailers that their information has been compromised. Further, even card security controls such as chip and PIN technology would not have prevented the breach of personal information of more than 70 million U.S. consumers. Retailers must step up to the responsibility that comes with handling personal information of consumers.
Community banks have worked aggressively to protect their customers following the recent security breaches at Target, Neiman Marcus and other retailers. They have been informing customers about community banks’ multiple layers of security protection, monitoring customer accounts for fraudulent activity, reissuing cards to customers as appropriate and educating customers on how to avoid fraud.
ICBA has called on Congress to ensure that parties that suffer a data breach are required to bear responsibility for fraud losses and restitution to affected parties. In recent letters to House and Senate lawmakers, ICBA wrote that the party that suffers a data breach—whether it is a retailer, data broker, financial institution, or other entity—should be responsible for fraud losses and the costs of mitigation and restitution when consumer information is compromised. Additionally, ICBA called for a single national standard to replace the patchwork of state laws on data security breaches that fosters confusion and puts consumers at risk.
ICBA will continue working with community banks to support consumer protection and confidence while advocating policies that maximize incentives to secure consumer data.
The Independent Community Bankers of America®, the nation’s voice for nearly 7,000 community banks of all sizes and charter types, is dedicated exclusively to representing the interests of the community banking industry and its membership through effective advocacy, best-in-class education and high-quality products and services. For more information, visit www.icba.org.