The Visa/Heartland settlement agreement is contingent upon acceptance by financial institutions representing 80% of the eligible issuers' U.S. accounts that Visa considered to have been placed at risk of compromise during the Heartland intrusion. The settlement also includes mutual releases between Heartland and its sponsoring bank acquirers, on the one hand, and Visa on the other. Heartland will fund up to $59.22 million of the amounts to be made available to Visa and its issuers under the settlement program.
Additionally, Visa will credit the full amount of intrusion-related fines it previously imposed and collected from Heartland's sponsoring bank acquirers towards the $60 million maximum funding of the program. The settlement amount represents a significant recovery to Visa issuers for losses they may have suffered from the Heartland data security breach.
All U.S. card issuers who participate in the program will be eligible to receive a portion of the specified recovery. The settlement also includes recovery for international issuers of accounts Visa considered to have been placed at risk of compromise.
Participation in the settlement program supplants any other recoveries that may be available to issuers through Visa and requires accepting issuers to release Heartland, its sponsoring bank acquirers and Visa from any legal and financial liability related to the Heartland intrusion. Visa will be notifying eligible issuers in the coming days with details about the program and how to participate, and Visa will send eligible issuers their formal offers to participate in the program on January 14. To facilitate payment, eligible issuers will have until 5:00 p.m. PT on Jan. 29, 2010, to opt-in to the program before the offer expires.
"We believe issuers will benefit by participating in this settlement program because it offers an immediate recovery with respect to losses they may have incurred from the Heartland intrusion," said Ellen Richey, chief enterprise risk officer for Visa Inc. "Helping financial institutions mitigate costs after a data security breach has been a long-standing component of Visa's security strategy, along with promoting new security technologies, preventing fraud and leading efforts to secure sensitive data across the entire payment system."
Bob Carr, Heartland's chairman and CEO, said, "We are pleased to have reached a fair settlement agreement that helps issuers obtain a recovery with respect to losses they may have incurred from the intrusion. At Heartland, we are also committed to helping issuersas well as all stakeholders in the payment ecosystemmitigate future risk. We have assumed a leadership position in the development of enhanced data security and fostering the sharing of information."
San Francisco-based Visa is a global payments technology company that connects consumers, businesses, financial institutions and governments in more than 200 countries and territories to fast, secure and reliable digital currency.
Heartland Payment Systems, the 5th largest payments processor in the United States, delivers credit/debit/prepaid card processing, payroll, check management and payments solutions to more than 250,000 business locations nationwide. Heartland is the founding supporter of The Merchant Bill of Rights, a public advocacy initiative that educates merchants about fair credit and debit card processing practices.
Members help make our journalism possible. Become a CSP member today and unlock exclusive benefits, including unlimited access to all of our content. Sign up here.