Our nation’s community banks are held to the same data-protection standards as the country’s largest banks.
Washington, D.C. (PRWEB) November 22, 2014
Camden R. Fine, president and CEO of the Independent Community Bankers of America® (ICBA), released this statement following remarks from CEOs of two large banks warning that the government and banking industry, especially small banks, need to do more to prepare for the risks of a cyber-attack.
“Our nation’s community banks are held to the same data-protection standards as the country’s largest banks. To say that they aren’t held to the same standards, or don’t hold themselves to the same standards, or don't understand their obligations for data protection is entirely false and an insult to the 6,500 community banks nationwide. The Gramm-Leach-Bliley Act (GLBA), enacted by Congress in 1999, requires financial institutions of all types to protect consumer data. In particular, these rules mandate strong internal procedures, investigatory requirements where potential breaches exist, and broad-based consumer-notification requirements.
“The real issue that needs to be addressed is that retailers aren’t held to these same vital data-protection standards as banks. As we come upon the one-year anniversary of the Target breach, it serves as a stark reminder that the payments chain is only as strong as the weakest link.
“This is why ICBA remains steadfast in its data-security principles and will continue to strongly advocate to Congress the need for all participants in the payments system—including retailers—to be subject to Gramm-Leach-Bliley Act–like data-security standards for the protection of our nation’s consumers.”
ICBA continues to advocate the following data-security principles to Congress and the payment card networks. ICBA’s core principles include:
- the costs of data breaches should ultimately be borne by the party at fault for the breach,
- all participants in the payments system—including retailers—should be subject to Gramm-Leach-Bliley Act–like data-security standards,
- a national data-security breach and notification standard should be implemented to replace the current patchwork of state laws,
- unnecessary barriers to effective threat-information sharing between law enforcement and the financial and retail sectors should be removed, and
- while community banks and other financial institutions continue to move to chip technology for debit and credit cards, these technologies alone may not have prevented the recent retailer breaches and do not protect against fraud in “card-not-present” transactions, such as online purchases.
The Independent Community Bankers of America®, the nation’s voice for more than 6,500 community banks of all sizes and charter types, is dedicated exclusively to representing the interests of the community banking industry and its membership through effective advocacy, best-in-class education and high-quality products and services. For more information, visit http://www.icba.org.