ICBA Taking Meaningful Steps to Stronger Payments System
To the nation’s community bankers,
We at ICBA recognize how frustrated you are by the recent retailer data breaches, which have forced many of you to reissue cards and use valuable resources to protect your customers against fraud. In fact, ICBA today released survey results that found that community banks have reissued more than 4 million credit and debit cards at a total reissuance cost of more than $40 million following the data breaches. We know that it’s the community bank that is left footing the bill for others’ lax security.
That is why ICBA is with you every step of the way. We are addressing this issue with Congress, regulators, the card networks and other stakeholders and are actively working to minimize the impact of the breach on our industry and to prevent these kinds of breaches from ever happening again.
ICBA has released various resources to help community banks respond to the breaches. We have also been in frequent communications with policymakers advocating a stronger payments system in which the parties responsible for a breach are responsible for its costs. And most recently, ICBA joined a partnership of financial services and retailer organizations designed to enhance inter-industry collaboration in improving cybersecurity.
This partnership of national trade associations is designed to enhance communication to more effectively identify areas of agreement and disagreement between industries. ICBA and other members of the partnership will explore how to increase information sharing, improve card security technology and maintain the trust of customers.
ICBA will continue to pursue more effective data-security standards and greater accountability following data breaches. Meanwhile, we have taken important steps to find common ground with all parties in the payments system so we can achieve long-term solutions for community banks and their customers.
Our goals themselves remain. As we have advocated to Congress, the card networks and the national news media, ICBA believes that:
the costs of data breaches should ultimately be borne by the party at fault for the breach,
all participants in the payments system—including merchants—should be subject to Gramm-Leach-Bliley Act–like data security standards already applied to financial institutions,
a national data-security breach and notification standard should be enacted to replace the current patchwork of state laws,
unnecessary barriers to effective threat-information sharing between law enforcement and the financial and retail sectors should be removed, and
while community banks and other financial institutions continue to utilize chip technology for debit and credit cards, these technologies alone may not have prevented the recent retailer breaches and do not protect against fraud in “card-not-present” transactions, such as online purchases.
ICBA will continue pushing these priorities for as long as it takes to enact meaningful protections for our industry, our customers and our communities. Meanwhile, we will continue working first and foremost with you—the nation’s community bankers—to maximize the impact of our collective response.