CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Jobs
  • Contact

News

Home » Sponem Delivers Oral Testimony at FSOC Hearing
Press

Sponem Delivers Oral Testimony at FSOC Hearing

February 6, 2018

FOR IMMEDIATE RELEASE  

CONTACT: Lauren Williams – CUNA Communications; (202) 626-7642; lwilliams@cuna.coop                                                                                             

Washington, DC (February 14, 2018) – Credit Union National Association witness Kim Sponem, President/CEO of Summit Credit Union in Madison, Wis., delivered the following oral testimony at today’s hearing in the House Financial Services Subcommittee on Financial Institutions and Consumer Credit, titled “Examining the Current Data Security and Breach Notification Regulatory Regime.” 

Chairman Luetkemeyer, Ranking Member Clay, Members of the Subcommittee –    

Thank you for the opportunity to testify on this extremely important topic.  My name is Kim Sponem and I am the Chief Executive Officer and President of Summit Credit Union, testifying on behalf of the Credit Union National Association. 

Summit Credit Union, headquartered in Madison, Wisconsin, is a state chartered credit union founded in 1935.  We have $3 billion dollars in assets and serve 175,000 consumers, which is quite small compared to regional or national banks.  Like all credit unions, we are a not-for-profit institution owned by the very members we serve. 

Summit Credit Union offers a full array of financial services to meet the needs of our members, including debit and credit cards. Unfortunately, data breaches occur far too often.  Consumers and financial institutions are harmed by data breaches when entities and organizations, including merchants, fail to take necessary steps to protect consumer data. Community financial institutions foot the bill when companies fail to secure customer information – when many do not need to store it in the first place.  Breaches cost Summit Credit Union over one-million dollars in 2017 alone.  More importantly, the negative impact on consumers is significant and sometimes devastating.  

Imagine you are making a purchase and your card is declined. You don’t know why. There is a line behind you. You are embarrassed and concerned. You figure out a different way to pay or walk away angry. You call your financial institution. There are fraudulent charges on your card. You now know the purchase was declined because of fraud and you have the stress of wondering just what information a fraudster has on you.  

Or you are using your debit card in another country to get currency. It is shut down. Now what do you do? You are worried someone is depleting your checking account. How long will it take to get resolved? How will you get money in another country? Panic sets in.  

Even worse. Someone stole your identity and took out a loan in your name. Now your credit is compromised. How do you get it back? It can take years and tens of thousands of dollars to rectify.   

Meanwhile, my credit union is working hard to get you replacements at $3-5 per card, overnighting them when needed at our expense. We work with you to address fraudulent charges that we pay for. We look to increase our fraud monitoring systems that are expensive and labor intensive. And, most of all, we spend the much needed time with members to help them navigate the financial system.   

Once you have your new cards, then remembering to update your automatic payments is the next step. If you forget, you are now delinquent with that company.  

 All fraud and fraud mediation is paid for by financial institutions. There is no incentive for companies that hold personal information to protect it – and that is just plain wrong!  

Under current law, credit unions and banks are subject to data security requirements, necessitating the development of procedures and systems to protect consumer information from theft, including notifying consumers in the event of a data breach.  However, other entities that hold personal information are subject to no such standards.  Any company that holds consumers’ personal information necessarily or unnecessarily should be held to a national standard. 

Americans deserve a strong national data security standard that requires all businesses to protect and safeguard personal information.  Companies that do not need to store personal information should either not store it or be subject to the standard.  Companies should not be allowed to put consumers at undue risk.  And, communicating a data breach in a timely manner allows consumers and financial institutions the ability to try to reduce possible losses with early detection and awareness.   

The current system is not fair or sustainable.  Consumers are protected from loss because financial institutions bear the responsibility for reimbursing them.  Those that are negligent should bear the cost! 

Protecting data is expensive and labor intensive. But a company that stores information needs to invest in these protections for consumers as a cost of doing business, or not store the information at all.  

In summary, it is our hope that this committee makes data security one of its top priorities for 2018. We ask that any legislation proposed include these three priorities: 

• One - A standard for all companies holding personal information; 

• Two – A requirement to communicate breaches in a timely manner; AND 

• Three – A responsibility for negligent companies to bear the cost.

We will work with you to protect consumer data and increase accountability.  Companies may not want to invest in protecting data, but it is a matter of responsibility and duty that goes with holding that information.          

On behalf of Summit Credit Union and the Credit Union National Association, I'd like to thank the subcommittee for the opportunity to share my views and would be happy to answer any questions.  

Thank you. 

###

Credit Union Magazine: Winter 2022

Winter 2022

Credit Union Magazine’s Winter 2022 issue highlights data-driven marketing, the board’s role in cybersecurity, elder abuse scams, credit unions’ auto lending advantage, and more.
Digital Edition •  Subscribe

Trending

  • House passes CUNA, League-led board modernization bill

  • CFPB issues CUNA-opposed proposal on credit card late fees

  • Key committee leaders supportive of credit union priorities

Tweets by CUNA_News

Polls

Vote for the 2023 CU Hero of the Year

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us