For small community banks that face a data breach, the cost of creating and mailing a new debit card is about $11 per card, while the cost of reissuing a credit card is $12.75. This substantial expense is the driver behind IronPro’s new coverage enhancement.
PRODUCT: Compromised Plastic Card Re-Issuance Expense endorsement
COMPANY: IronPro, the financial and professional lines division of Ironshore, Inc.
BEST RATING: A (Excellent)
AVAILABILITY: Coverage is available through approved independent agents and brokers.
FOCUS: Cybersecurity breaches can affect a company’s reputation, operations, morale and stock value. And when it comes to credit card fraud, there’s also the high cost of customer attrition, as well as the expense of reissuing cards.
“With all of the retail breaches taking place today, the burden falls on financial institutions,” explains Kurtis Suhs, global technology E&O and privacy practice leader at Ironshore. “When card data has been exposed in a data breach but has not yet been used for attempted fraud, banks have two choices. They can either proactively reissue cards for all individuals, or withhold reissuing cards and wait until fraud is attempted.”
Either way, the cost can be monumental. A recent study from the American Bankers Association and Kaspersky Lab measured the cost of cybersecurity breaches in regard to actual fraud losses. For small community banks—those with less than $1 billion in assets—the cost of creating and mailing a new debit card is about $11 per card, while the cost of reissuing a credit card is $12.75.
This substantial expense is the driver behind Ironshore’s Compromised Plastic Card Re-Issuance Expense coverage enhancement. The endorsement pays for the insured’s reissuance expense to replace compromised plastic cards that have been obtained by theft from an electronic database, computer, computer system or computer network that is not owned, operated or contracted by the insured or the insured’s service provider.
UNDERWRITING: “Plastic card” means credit, debit, charge, access, convenience, identification or other similar cards that are encoded, embossed or printed with a customer’s account number and issued by the insured.
“Compromised plastic card” means plastic cards or card numbers that have been, or are reasonably believed to have been, obtained by an unauthorized party and reported to the insured.
“Re-issuance expense” means the direct costs incurred by the insured to replace compromised plastic cards, limited to the cost of manufacturing and mailing replacement plastic cards, and notifying authorized cardholders. This expense does not include any of the insured’s employees’ salaries or other compensation, nor attorney’s fees.
The insured must cancel the compromised plastic card as soon as practicable, but in any event, not more than 30 days after receiving notification of the theft.
MINIMUM PREMIUM: $5,000.
TARGET: The financial services industry, specifically community banks with less than $30 billion in assets and credit unions.
COVERAGE TERRITORY: All 50 U.S. states.
CONTACT: Kurtis E. Suhs, global technology E&O and privacy practice leader; Ironshore, Six Concourse Parkway, Suite 1575, Atlanta, GA 30328; 404-845-7549.
Ronimarie Acord is an IA contributor.
