The recent Target credit card scandal has colored last-minute Christmas shopping with fear — fear of security breaches and lackluster controls and privacy. No doubt, American Express should add to that fear.
The federal government today slapped American Express — officially the company’s American Express Centurion Bank — with more than $40 million of fines as a result of the card company’s “unfair and deceptive practices.” What exactly did Amex do? Essentially, it preyed on consumers’ security fears.
The three programs that caused Amex’s run-in with the Federal Deposit Insurance Corp and Consumer Financial Protection Bureau were its “Account Protector” insurance-like program; its identity theft program; and its “Lost Wallet” program, also an insurance-like service. All three products sell to consumers’ fear of loss or security breach. In each case, Amex deceived consumers about the products’ coverage and/or services.
For example, in the case of the “Account Protector” program, here’s how the FDIC described what Amex did:
Consumers were led to believe that the benefits would continue for up to 24 months in the event of a qualifying life event, when in fact the majority of events had benefit periods of one, two, or three months. Consumers were also led to believe that if they purchased the product, their monthly minimum payment would be cancelled in the event of a qualifying event. However, the benefit payment was limited to 2.5% of the consumer’s outstanding balance, up to $500, which could be less than the minimum monthly payment.
Consumers, therefore, are fair to conclude that they cannot expect to be protected from theft (Target) nor can they expect to be protected when they pay for protection from theft (Amex). This is the dark side to all the hype surrounding security risk. Consumer fears have become so acute that they are willing to pay for protection — and, to some degree, this desperation creates an environment where consumers are abused by the very financial services companies they hope will help. How the FDIC and CFPB can only fine Amex $40 million for its offenses is beyond me. How the banking industry does not call for greater fines from Amex is equally baffling. Equally unfortunate is the fact that the FDIC and CFPB did not require Amex to admit wrongdoing. (Read the consent order here.)
Every banker involved in card products should be mortified by these two events. Cumulatively, they represent a probable systemic failure for the card industry, not just isolated hiccups. And here I thought banking was headed for a Merry Christmas.