When I was the CEO of a large credit union in California, I saw firsthand how consumers could panic -- and rightly so -- when their credit or debit cards were lost or stolen.
We obviously couldn't always prevent the initial panic, but we knew what to do to fix the problem: Reassure the member/customer, make sure the old card was canceled, wipe out any fraudulent charges, and issue a new card at no cost.
It was the simple, right way to do business, and thankfully our way of doing business is the norm throughout the country at credit unions and banks to this day.
I thought about all this last week as Sony announced that the personal information of its roughly 77 million consumers had been compromised in a data breach (and a second major breach was reported this week).
Those consumers were correctly advised by the media to contact their bank or credit union and ask that their debit and credit cards be reissued. As I write, I know firsthand that credit unions are working with their members affected by this breach, and reissuing cards to them at no cost. Again, that's the right way to do business, and we have a legal and ethical responsibility to absorb the cost.
But, contrary to what some might think, the expense for taking this action is not and will not be reimbursed by Sony. Rather, credit unions and banks rely on interchange revenue to cover the cost of debit program administration, including in these circumstances, reacting to a merchant data breach.
When all is said and done, credit unions and banks will have spent millions on what appears to be a major security failure caused by Sony's inability to protect its consumer data.
This is another reason why members of Congress should support senators Jon Tester (D-MT) and Bob Corker's (R-TN) legislation (S. 575) to delay new interchange rules proposed by the Federal Reserve Board that are slated to go into effect July 21 of this year.
Today, the debit interchange rate is a percentage of the total value of a transaction; under the board's proposed rule, the rate could not exceed $0.12 per transaction. This capped rate would be significantly below the operational cost of providing debit program services, including fraud protection. An exemption to the cap is provided for smaller institutions, but it won't work; there's no way to actually enforce the exemption.
The board's proposed rule will affect all debit-card-issuing credit unions and other financial institutions. Data breaches such as the one we learned about last week will only exacerbate the problem for credit unions because the proposal and the underlying legislation would not allow these costs to be taken into consideration in terms of our ability to collect interchange revenue.
And sadly, while the size of Sony's data breach is significant, this is not the first merchant data breach and it certainly will not be the last.
Yes, credit unions will continue to protect their members when merchants lose consumer data. But if the senators' legislation is not enacted, merchants will receive a windfall while credit unions will cover even more of the costs of merchant data breaches -- costs they will have no other way to make up but to raise fees on consumers when they would prefer not to do so. That's why we continue to encourage all senators to support the legislation to delay and study the impact of debit interchange fee regulation.
Whether one is a credit union CEO or a consumer, it's clear that data theft is a major and growing problem, and unfortunately, there will be many instances in which cards will need to be canceled and reissued.
We standby as always, ready to help, but we need to be able to afford the cost of helping the consumer.
Dean Baker: The Big Retailers Versus the Big Banks: It Makes a Big Difference
Interchange fee revenue is used by all financial institutions to help offset the cost of issuing debit cards, providing ongoing support services and fraud losses, so consumers do not have to pay those costs. I'm not a big fan of big banks, but they have lost a lot of revenue used to recover their costs of providing services.
If the Durbin Amendment is implemented, all banks and credit unions will be forced to recoup those losses by increasing fees on "free" banking services, and eliminating rewards. That will have a direct effect on the poorest of society first, and cause many of them to seek more expensive ways to pay their bills. We will all feel the pain of added costs to our banking services, and banks and credit unions will struggle to keep from laying off employees because of this legislation.
It is extremely unlikely that consumers will see any decrease in the cost of goods, especially in light of the higher input costs that are most certain to follow the Fed's loose policies.
This was a bad amendment, that was snuck in at the last moment, and sets dangerous precedence for government to control prices on all goods. It will kill American enterprise and remove all incentive to operate a business here.
In my opinion, there is a simple solution to this problem that doesn't require legislation:
- shoppers who use a card should be billed directly for the interchange fee (put it on their monthly statement)
- banks should be allowed to charge the card user whatever fee it wants.
- merchants should eliminate the interchange fees from the price of their merchandise.
I also think it is interesting that the author points out that a $0.12 per transaction is unreasonably low, without offering his oppinion of what would be a more appropriate fee per transaction.
Also, I wish the author would have addressed the fact that other countries have lower interchange fees (some as low as $0.12 per transaction), which would suggest that a cap of $0.12 per transaction IS a reasonable limit.
What I am certain of, though, is that most companies that issue the cards prefer lax security in favor of convenience. Considering that merchant agreements stipulate that a merchant must NOT require a shopper to show proof of identity when making a purchase, it suggests to me that debit/credit card issuers are really not that interested in implementing a secure transaction environment. In comparison, if a shopper chooses to pay by check, the cashier will always ask for driver license, and possibly other information.
The author wants the reader to feel compassion for the banks that rescue the consumers who have been victimized by these types of crimes. But, what the author doesn't say is that the banks are not doing this out of the goodness of their heart, nor out of their pocket. They sweep the fall-out of the crime under the rug by charging higher interchange fees, and spreading the cost of the risk to EVERYONE.
The unintended victims of this scheme are those shoppers who pay with cash or food stamps. Since merchants are forced by the banks to charge the same price regardless of method of payment, merchants have raised the prices on goods for everyone, including those who don't even use the services for which the interchange fee pays.
Continued below.
Asking the entire base of consumers to pay extra in order to offset the cost of security flaws introduced by Sony seems a bit overmuch.
I'd say it is taking advantage of a serious problem (poor security practices on the part of vendors who should know much better) in order to further a personal agenda (the CEO of a national bank lobbying group).
I'd say a much better answer to the security problem is to (a) make merchants like Sony liable for costs associated with data breaches, as determined in a court- have the big companies sue each other, and (b) have banks take out insurance polices for such breaches to help amortize the real costs of security flaws.
The interchange rate has little to nothing to do with merchant security, and the Sony breach is a red herring. The debit card interchange rate is too high already (since the banks are not floating credit as in credit cards, debit transactions carry far lower risk of default and therefore *should* have a lower interchange fee), and the legislation in question is clearly an improvement for consumers.