Texas House committee hears CU’s data breach concerns

April 20, 2016

Ron Fox, president of Fort Worth (Texas) Community CU, described the impact of data security breaches on Texas credit unions in testimony before the Texas House Investments and Financial Services Committee last week.

The committee met in Dallas to take testimony for three topics it is conducting interim studies on: cybersecurity issues facing financial institutions, challenges to community banking and startup funding for new businesses in Texas (Leaguer April 18).

Fox testified about the challenges credit unions face when merchant data breaches occur, from monitoring card activity for fraud costs and issues related to reissuing cards that may be compromised, fraud losses, and, because of the lack of information from merchants, the members' perception that the breach is the credit union’s fault.

The committee was also advised that the techniques criminals use when committing fraud with the stolen card info are evolving.

Fox offered four suggestions to the committee for legislative changes to strengthen the card-processing security in Texas:

  • Require merchants receiving payment by credit or debit cards to protect the sensitive personal financial information they receive;
  • Require card recipients to notify their card processor immediately upon detecting a breach, and require the information be provided to the issuing financial institutions by the card processors;
  • Allow card issuers to recover costs and losses resulting from a business’s failure to protect or destroy the data; and
  • Require anyone taking credit or debit cards to remove card data once the transaction is completed.

The Credit Union National Association continues to press lawmakers to pass legislation that would ramp up data security standards for merchants. Until merchants are required to protect customer data at the same level as financial institutions, the nation’s largest credit union association has said, the payments network will continue to have gaps and consumer data will remain vulnerable.

Community banks testified about similar problems regarding card fraud due to data breaches and their related expenses.

The committee also heard from venture capital firms on startup investing in Texas and how government can support startup efforts.