Like Target and The Home Depot before it, Wendy’s has suffered a credit card data breach. In the case of the big box retailers, millions of credit card numbers were stolen. Recent reports put the total number of impacted franchise-owned restaurant locations at more than 1,000, and the criminal infiltration came through malware placed by remote access on Wendy’s POS machines.

While cyber theft is a constant threat to businesses — there have already been 507 data breaches this year through July 5, according to the Theft Resource Center — how banks and credit unions can react to protect their customers and manage their credit/debit accounts (and concerns) is evolving. Simply following a recovery road map is not enough, the financial institution must also make sure the execution of these steps is swift and standardized for customer protection and satisfaction.

We spoke to some of our customers and obtained a few best practices on how to manage and rectify compromised credit card accounts resulting from a retailer’s or restaurant’s data breach. Here are a few steps proactive banks and credit unions can take in order to protect their accountholders after a big breach:

Step 1: Query Customer Accounts for Potential Fraudulent Purchases
After notification of a suspected breach by your card association, waiting for the Compromised Account Management System (CAMS) alert containing jeopardized card accounts can take way too long. With the latest robotic process automation (RPA) tool like Foxtrot, proactive banks can scan customer accounts for transactions at the retailers in question, during the time period in question, and flag them. At that point, the safe bet is to cancel and reissue a card immediately. Customers rarely mind their financial institutions going above and beyond to protect them.

Step 2: Adjust Spending Limits
If a customer’s card isn’t flagged, but the account does appear on the aforementioned CAMS alert, the next step should be to immediately reduce the account’s spending limits. For our customers, such as NexTier Bank, this adjustment protects accountholders from outlandish charges; allows them to continue making at least small purchases; and gives the company time to “hot card” and reissue. Be advised that if troubled cards number into the hundreds of thousands, you’ll need to consider how you will go into each account and make the changes. A manual approach will cost a great amount of time, and outsourcing could cost a large amount of money.

Step 3: Hot Carding
Now, the compromised cards need to be flagged and cancelled. While most card issuance and core systems allow you to designate this, the problem of how remains: How will you identify the accounts, go into each account and then add the hot card designation? Three steps per account multiplied by thousands, perhaps even millions, of accounts could make for quite a daunting task.

Step 4: Get New Cards to Customers Fast
Your customers want to make purchases, and they need your card to do it, but how fast can your institution’s team reissue thousands of cards manually? NexTier Bank knows RPA is the way: Foxtrot easily completed the task in one day what would have taken two employees more than 16 hours to do. “In our old world, it would’ve all been done by one department, late nights and weekends,” said Justin Steele, core systems administrator of NexTier Bank.

Step 5: Notify Your Customers
An informed customer is usually a happy one. Make sure your bank or credit union is writing, calling and electronically communicating with your accountholders — and documenting such in their account files — during each step of the recovery. You can’t prevent a big data breach, but you can control how your accountholders view your operation in the aftermath.

Relying on RPA during a data breach like Wendy’s saves time, money and, quite possibly, customers. Not all losses can be computed — what does it cost to lose a customer? That can easily happen if a financial institution does not disable and reissue affected cards in a timely fashion, possibly leading to identity theft.

Foxtrot automation software can query customer accounts for suspicious transactions, then work between your core and card systems to cancel and reissue cards at the push of a button. The RPA tool even sends e-mails and notes accounts to keep everyone informed. Foxtrot scripts can be written in advance to be deployed at the first hint of trouble.

For more information, read this quick case study about how we helped one customer immediately after last year’s breach at Target stores.