Try again, MasterCard.
The largest card-issuing banks for MasterCard were not happy with the recent $19 million deal the company struck with Target to settle claims over the retailer’s massive data breach in late 2013, the Wall Street Journal reports, citing unnamed sources. And their objections have caused the plan to be scrapped.
The three banks that rejected the proposal—Citigroup , Capital One Financial, and JPMorgan Chase —wielded substantial veto power: Data from the industry newsletter Nilson Report reveals that they represent about 40% of all purchases made on MasterCard’s credit cards, according to WSJ.
Normally, companies like MasterCard and Visa negotiate such settlement deals on banks’ and credit unions’ behalf. In this case, the banks banded together to slam the breaks on the proposed pact.
The banking trio apparently did not feel that $19 million would adequately compensate them for their losses from the Target hack, which led to the compromise of 40 million credit cards. In addition, the companies wanted to “send a message,” WSJ reports, that they are displeased with the security practices of merchants.
In order for the pact to pass, it would have needed 90% buy-in from the banks affected by the breach. Just how many votes in favor or against the proposed settlement received remains unclear.
Now MasterCard and Target must reenter talks, aiming to appease the set of card issuers. In March, the retailer settled a class-action lawsuit instigated by victims of the data breach by agreeing to pay out $10 million.
For a more in-depth take on the challenges Target and its new CEO now face, read this cover story from the March 1, 2015 issue of Fortune magazine.