Community Banks Reissue More Than 4 Million Payment Cards Following Retailer Data Breaches

Washington, D.C. (Feb. 19, 2014)—The Independent Community Bankers of America® (ICBA) today said that the nation’s community banks have already reissued more than 4 million credit and debit cards at a total reissuance cost of more than $40 million following recent data breaches at major retailers (numbers are based on a sampling of community banks). Due to their quick action in reissuing affected cards, community banks’ initial fraud costs were relatively low, with less than 1 percent of community bank customers reporting fraud on their accounts following the breaches at Target and Neiman Marcus.

“Community banks absorb the costs of data breaches upfront because their primary concern is to protect their customers,” Bill Loving, ICBA chairman and president and CEO of Pendleton Community Bank, Franklin, W.Va., said. “However, in the long-term the lion’s share of costs associated with data breaches should ultimately be borne by the party that experiences the breach. This is critical to aligning incentives to maximize data security by all parties that store consumer data—making the payments system stronger over time, which is a win for everyone, especially consumers.”

While ICBA’s recently announced participation in a joint cybersecurity partnership with other financial services and retailer trade organizations is a strong and much-needed step in the right direction to protect consumers, the association has not wavered  in its commitment to represent the best interests of its member community banks and their customers in the wake of wide-scale data security breaches at major retailers.

ICBA continues to advocate our key data security principles to Congress and the payment card networks.  ICBA’s core principles include:

  • the costs of data breaches should ultimately be borne by the party at fault for the breach,
  • all participants in the payments system—including merchants—should be subject to Gramm-Leach-Bliley Act–like data security standards,
  • a national data-security breach and notification standard should be implemented to replace the current patchwork of state laws,
  • unnecessary barriers to effective threat-information sharing between law enforcement and the financial and retail sectors should be removed, and
  • while community banks and other financial institutions continue to move to chip technology for debit and credit cards, these technologies alone may not have prevented the recent retailer breaches and do not protect against fraud in “card-not-present” transactions, such as online purchases.

“ICBA will continue to advocate for community banks and their customers and will not rest until these key principles are addressed for the betterment of our payments system, community banks and, most importantly, consumers,” Loving said.

More information on ICBA’s efforts and data-security resources for community banks and their customers are available on ICBA’s online security breach toolkit.

About ICBA

The Independent Community Bankers of America®, the nation’s voice for nearly 7,000 community banks of all sizes and charter types, is dedicated exclusively to representing the interests of the community banking industry and its membership through effective advocacy, best-in-class education and high-quality products and services.