Don't Do This to Members, Like My Credit Union Did to Me
The news arrived in a Thursday morning text message announcing a zero balance in my checking account. After years of writing about data breaches and card fraud, someone had stolen my debit card number and counterfeited my card.
The thieves hit my account from Northern California, visiting an AutoZone, a Food Maxx, a Target and a Valero gas station for a little more than a day before I checked my online banking and reported their perfidy to my credit union's call center. Their last transaction had overdrawn my account as well, so part of my negative balance included a $30 overdraw fee.
The retailer who did not protect my data, the retailers who accepted the fraudulent card, and even my credit union for not checking adequately for fraud all deserved my wrath for this failure of the payment system to protect me.
Then I took a deep breath. This, I decided, could be a good thing.
For years, I had somewhat blithely written about payment fraud without experiencing it, at least not in such a raw way. Like nearly everyone else, I have replaced compromised debit and credit cards. Likewise, I have changed account payment settings from a closed card many times. Nevertheless, I had never had my card stolen and counterfeited.
Now I could write about the topic from the point of view of the wronged credit union member.
First, if your credit union cannot get a replacement credit or debit card into a member's hands in fewer than seven to 10 business days, fix or replace your card issuing system. Your members, particularly your younger members, use their debit or credit card far more than they use cash. They will not understand or accept cutting them off from on-demand access to their funds for almost two weeks.
In addition, if you offer new cards overnight, do not charge the member. Find a shipping partner, negotiate a good rate and then pay it. If your board of directors balks at the expense, remind them in order for members to generate debit card interchange, they have to have your debit card.
If the board still objects, point out many of your banking competitors already replace debit cards overnight.
If that still doesn't sway them, tell them charging members to get the credit union's card more quickly is just short-sighted. The credit union wants and needs members to use their debit cards and should do everything it reasonably can to help that happen.
Second, the promise to reimburse cardholders for stolen funds rings hollow if you do not do it in less than 10 working days. Members do not understand why their credit union cannot find a way to return the stolen funds to their account in a matter of hours. In addition, a member who has temporarily lost money to card fraud should not face fees for loan payments they have had to delay.
Third, do not suggest to your members, particularly your long-term members, that restoring their finds is contingent on the fraud investigation. How does it make any sense to treat members who use their debit cards as though they might have defrauded the credit union? Credit unions are supposed to know and value their members better than bankers know their customers. Live up to that, at least up to $1,500.
Finally, remind your call center staff that members who report card fraud have had money stolen. They need assistance, not suspicion. Do not have them claim the credit union cannot provide a replacement card more quickly or restore the stolen funds more swiftly because “we aren't a big bank.” That kind of sentiment only reminds the member the credit union is, indeed, not a big bank and suggests they should become a customer of an institution that can do those things–particularly since being a member of the credit union appears to count for so little.
As I readied this piece for publication, the CEO of my credit called me to apologize. He has held the position for only the past two months and said he has only just begun to work for change. I wish him all success. According to NCUA data, the credit union lost more members than it recruited last year.
David Morrison is a senior staff reporter for CU Times. He can be reached at 202-370-4816 or email@example.com.