Newsroom

NAFCU President and CEO Dan Berger indicated to six retail industry groups Thursday that they have more work to do if they want credit unions engaged in their inter-industry group working to protect "their shared customers."

"We will join their partnership when retailers and merchants begin properly protecting consumers' data and investing in the technology necessary to do so," Berger said.

The groups, in their letter sent jointly to Berger and CUNA President and CEO Jim Nussle, assert "a number of misleading and factually inaccurate points perpetuated" by the credit union groups about cybersecurity. They also complain of credit unions' absence from the Merchant-Financial Services Cyber Security Partnership, which they say has more than 250 executives from all segments of the merchant community, card networks and banks.

NAFCU has been pressing hard for passage of legislation setting national data security and breach notification standards for retailers, similar to those required of financial institutions, and to ensure all market participants bear their share of responsibility for breaches. The association is also participating in discussions at several levels on how to make the payments space more efficient and safe for consumers.

Thursday's letter to Berger and Nussle was sent by the top executives of the Retail Industry Leaders Association, National Retail Federation, Food Marketing Institute, National Association of Convenience Stores, National Grocers Association and Merchant Advisory Group.

NAFCU is a member of the Payments Security Task Force, a group focused on enhancing payments system security and including representatives from payment networks, banks, credit unions, acquirers, retailers, point-of-sale device manufacturers and industry trade groups. It is also a founding member of the Financial Services Sector Coordinating Council, which works with the FS-ISAC, the Financial Services Information Sharing and Analysis Center, on infrastructure cybersecurity.

NAFCU estimates that last year's Target Corporation breach alone could cost the credit union community nearly $30 million for fraud monitoring, reissuance of cards and actual losses, plus the staff time devoted to addressing related member service needs.