Debit card issuers with more than $10 billion in assets can charge a $0.01 fraud-prevention adjustment, according to a final rule released by the Federal Reserve Board.
The rule issued July 27 is effective Oct. 1, although the one-cent provision was already included in an earlier interim final rule.
NAFCU Regulatory Affairs Counsel Dillon Shea called the board’s decision not to consider the fraud costs of smaller institutions “an unfortunate one,” noting that the capped rate will likely become the default rate for all card issuers, regardless of size.
“Unfortunately, the Durbin amendment and the Board’s interchange rules will ultimately disadvantage Main Street credit unions and consumers to the benefit of big box retailers,” Shea said.
NAFCU and CUNA had recommended a higher allowable adjustment, which they said would better represent actual fraud costs incurred by financial institutions, particularly those with assets fewer than $10 billion. That includes all but four credit unions.
CUNA last year urged the Fed to allow four to five cents per transaction to cover fraud prevention costs. That adjustment would better cover costs incurred when financial institutions investigate the source of a data breach or theft, attempt to stop any instances of fraud, and deal with the aftermath of the theft or data breach, CUNA said.
The trade also reasoned that an increased fraud prevention adjustment would help protect smaller issuers, whose fraud prevention costs often represent a larger portion of their total debt card program costs.
Under the final rule, debit card issuers must develop and implement policies and procedures that are designed to reduce the occurrence and costs of fraudulent debit card transactions, and review them at least annually, to be eligible for the one cent-per-transaction charge.
Issuers will also be required to update policies and procedures as necessary in light of effectiveness and cost-effectiveness and, as currently required, in light of changes in the types of fraud and available methods of fraud prevention.
The final rule retains and clarifies the requirement that an issuer that meets these standards and wishes to receive the adjustment must annually notify the payment card networks in which it participates of its eligibility to receive the adjustment.
In addition, the final rule explicitly prohibits an issuer from receiving or charging a fraud-prevention adjustment if the issuer is substantially noncompliant with the Fed’s fraud-prevention standards, and describes steps an issuer must take once it becomes substantially noncompliant to become eligible to receive the fraud-prevention adjustment in the future.