Data security breaches at Target, Neiman Marcus and other retailers do more than jeopardize the financial well-being of consumers, they also red flag what could very well be the next hot-button banking topic in Congress and raise the issue of how many firms collect this data while lacking the appropriate systems to protect it.
The banking industry is particularly susceptible to these debates considering the potential for all types of fraud on the lending side of the market. (HousingWire covered this risk extensively last week) Not to mention, the ongoing credit risk that many victims face.
The National Association of Federal Credit Unions (NAFCU) is taking a more proactive approach. The group – along with the Independent Community Bankers of America – sent a letter to the U.S. Senate asking for streamlined security requirements that apply to all firms that handle this type of information.
The groups also want a single national standard for protecting this data, which would be a clear break away from states enacting a series of different laws.
NAFCU leaders point out in their letter that the Gramm-Leach-Bliley Act passed years ago forces banks, thrifts and credit unions to work and follow a set of standards in protecting consumer data, but similar rules do not apply to retailers, data processors and brokers or other entities collecting the same information.
"This gaping loophole, which has created significant risk and given rise to the recent breaches, must be closed. An important part of this standard is the requirement for timely notification when a data breach occurs," the groups wrote in their letter.
While the discussion over security breaches has often led to the belief that a switch to chip and pin technology – or technology that relies on embedded chips and a pin number -- will mitigate the risks, it may not be enough for analysts on the credit union side.
"Chip and pin cards can be compromised and used in online purchase fraud, as the technology is designed to hinder card duplication and card information can still be compromised," NAFCU said. "While card technology is continuing to evolve, so are the criminals that pursue personal financial data. The best way to truly help protect consumer financial information is to enact comprehensive national data security standards that stand up no matter what the technology."