Banks Challenge Retailers Over Cyber Attacks

Groups point fingers in debate over who should pay when retailers are breached.

November 11, 2014

WASHINGTON – Banks are gearing up for a big fight with retailers over who covers the cost of cyber attacks, saying they foot most of the bill for breaches due to retailers’ own security deficiencies, says a new article in the Financial Times.

Banks and retailers have sparred for years over transaction costs, but the increasing frequency and severity of cyber attacks has heightened tensions between the two groups. Now, the banking industry is banding together to urge lawmakers to introduce legislation in Congress next year that would force retailers to pay for the clean-up themselves.

At the same time, retailers’ representatives reject the banking industry’s claims that banks are made to unfairly cover the cost of security breaches. "Retailers already pay twice for fraud and the banks’ cost of re-issuing cards. The banks now seeking to make retailers pay these costs for a third time is outrageous," explained NACS Senior Vice President of Government Relations Lyle Beckwith. "The banks issue fraud prone cards and are shocked when there are breaches. Banks shouldn’t profit from data breaches and fraud, but that is just what they are trying to do."

Currently, there are a few bills in Congress that would establish national standards for reporting cyber security breaches, but those proposals have stalled, in part because various committees in Congress all claim jurisdiction over cyber security issues, delaying action.

Last week, NACS was one of more than 40 signatories on a letter sent to Congress, emphasizing that any legislative efforts to combat threat of cyber attacks must be comprehensive in scope and cover all types of entities that handle sensitive information, in order to keep Americans e adequately protected and informed.

Advertisement
Advertisement
Advertisement