Great ResignationInflationSupply ChainsLeadership

National Retail Federation CEO to banks: Breaches are your responsibility, too

November 23, 2014, 3:00 PM UTC
Credit Crunch Threatens Economy
LONDON - DECEMBER 06: In this photo illustration a man holds up some credit and debit cards on December 6, 2007 in Glasgow,Scotland.The British economy is beginning to feel the effects of the credit crisis which began this year. House prices have begun to fall and the retail sector is predicting a difficult Christmas period. (Photo by Jeff J Mitchell/Getty Images)
Photograph by Jeff J. Mitchell—Getty Images

With the holiday season now in full swing, retailers are waging a fierce battle with one another to win customers as finicky and price conscious as ever. The National Retail Federation has forecast sales for the season will rise 4.1%, the fastest clip since the recession. But there is plenty of reason for retailers to be on tenterhooks.

Countless retailers from Wal-Mart Stores (WMT) to Target (TGT) to (AMZN) have started their Black Friday sales earlier this year and ramped up the deals. And despite its bullish forecast, the NRF expects slightly fewer Americans to go shopping over Thanksgiving weekend. Meanwhile, Macy’s (M), J.C. Penney (JCP) and Kohl’s (KSS) are all coming off of tough third quarters.

So far, some retailers, including Target, have said November is off to a good start. Yet so much could still go wrong for the sector. For one thing, there’s the matter of labor strife on the West Coast ports that could cause some supply chain problems, as Best Buy (BBY) pointed out last week. For another, who knows if there will be a repeat massive data breach of the kind that struck Target right before Christmas last year, ruining its 2013 holiday quarter.

NRF CEO Matt Shay spoke to Fortune about the retail environment as the holiday season hits its peak, the West Coast port problem and why banks should foot more of the bill for cyber-security.

Matt Shay Photo: Carl Cox
Photograph by Carl Cox

Fortune: The intense, earlier discounting by many retailers suggests it is a more promotional holiday season so far. Is that so? And does that threaten profits?

Shay: “Some of these (economic) indicators look really positive, for many Americans, but they’re still not sure we are out of the woods, and also they’ve been trained to expect that there will be great deals.”

“The real question is whether retailers can continue to operate in this highly competitive and highly promotional environment successfully and profitably in the long term. The answer will most certainly be ‘yes’ for some retailers, but ‘no’ for others. That will be the sorting out of the winners and the losers.”

After disappointing retail numbers for some stores in September and October, do you stand by NRF’s holiday season forecast for growth of 4.1%?

“I have been on the road around the country for the last month visiting CEOs and retail execs—there was softness generally in September, people felt better about October—thus far in November, generally people are feeling better than they were at the end of the last quarter, and so we’re still comfortable our forecast 4.1% is accurate.”

Best Buy, Macy’s and Target are among the retailers to have said the West Coast port labor strife could have some impact on their holiday business. What is your stand on the dispute?

“We think that the potential disruption at the West Coast ports is potentially very significant.” [Shay said he wants the Obama administration to name a federal mediator.]

“Even the potential of a disruption and a further slowdown in the offloading of goods is a completely 100% man-made, totally avoidable shot in the foot that our economy and customers don’t need right now. There’s never a good time for this— but if there is a worst time for it, this is it.”

Home Depot’s sales doesn’t seem to have taken a hit from that retailer’s data breach. Generally it looks as though consumers have begun to shrug off data breaches, given how frequently they seem to be happening. Why?

“It’s not just retailers that have this information. In fact, retailers have less personal information than financial institutions and others do, and there have been other breaches. The biggest breach was the one that happened in September, and that was a financial institution, and not a retailer.”

Banks and retailers are at odds over how to pay for protection against another breach. What is the NRF’s stand on this?

“It’s our view that the card companies and the companies that issue cards should have primary responsibility for protecting that piece of the payments system. Those are their cards.”

“There are obviously dollars and cents involved here and retailers are going to bear the brunt of the expense if we have to do this on our own because we’ve got to put in all those new terminals into stores and that’s something on the order of $25-or-$30 billion based on the number of terminals in the United States. To issue new cards with chips and pins is going to cost a fraction of that. ”

“So we don’t see eye to eye on that piece because we don’t think we should pay for the cost of the new terminals to fix somebody else’s card problems until they really protect the cards. That’s a point of friction that needs to be resolved.”

“We want to continue to work together to resolve this very important issue, and we recognize we are business partners and most importantly, we all have a role to play.”