Iowa Banking Law Blog

The District of Columbia City Council is considering legislation that would deposit a larger portion of the city's $2 billion of cash in local community banks.  Currently, most of D.C.'s funds are deposted in large national enterprises such as Bank of America and Wachovia.  Up to 10% of the city's funds could be deposited in smaller banks without the requirement of competitive bids.  The current version of the bill would set the asset size of banks exempt from submitting a bid at $550 million.       

Although the legislation may result in lower interest rates, proponents believe this would be far outweighed by the benefit to the community.  Proponents believe that community banks are more likely to lend to local businesses.   

            The Seventh Circuit dismissed a class action lawsuit against Old National Bancorp, ruling consumers had no right to recover for a 2005 data breach.  The plaintiffs accused Old National Bancorp of failing to properly secure personal data collected through its web site after a hacker obtained access to a 2005 online customer application.  The breach exposed financial data and personal information, including social security numbers, of thousands of customers.

            The plaintiffs believed they should be compensated for the credit monitoring services they needed after the breach.  The Court ruled that Indiana law did not provide recovery for plaintiffs’ mere “allegations of increased risk of future identity theft.”  The Court stated the consumers “have not suffered a harm that the law is prepared to remedy.” 

            In sum, victims of data breaches cannot recover until they can show the breach actually led to identity theft.  At least according to this Court's determination, no remedy exists for an increased likelihood of identity theft, or for the expenses of credit monitoring.

For other articles on this see Wired, and Computerworld. 

The National Credit Union Administration approved an agreement whereby Kinecta Federal Credit Union in Manhattan Beach, California would acquire 55 Nix Check Cashing retail outlets in the greater Los Angeles area.  Over time, the 55 outlets will be converted to full-fledged credit union branches.  Prior to the transaction, Kinecta had $4 billion in assets, 200,000 members, 700 employees and 23 branches.  For Nix's press release, click here.

This transaction is one the largest in credit union history.  The field of membership allowed in this transaction is as broad as we have seen.  It is still unclear whether this transaction will have a ripple effect through the industry and trigger other large transaction and field of membership expansions. 

Minnesota has become the first state to enact legislation shifting the costs of data breaches from financial institutions to merchants in certain circumstances, thus holding merchants responsible for sensitive customer information. (Link)  Under the Plastic Card Security Act, merchants are prohibited from storing PINs, security codes, or magnetic stripe data from customer’s credit or debit cards for more than 48 hours after authorization of the transaction.  The law mirrors industry standards contractually required by credit card vendors such as Visa and Mastercard. Under the Act, If a merchant violates the statute and a breach occurs, the retailer must reimburse the financial institution for the costs of reasonable actions taken by the institution as a result of the breach.  The TJX (parent of T.J. Maxx and Marshalls) data breach, which is thought to have originated at a St. Paul Marshalls, was the likely impetus of this law.  A similar bill was rejected in Texas.  As of yet, it is unclear whether other state legislatures will follow suit with a similar statute.  See the Minneapolis-St. Paul Star Tribune for another article on the law.   

For more information contact Howard O. Hagen.