Fiscal Note
The proposed amendment authorizes a non-competitive agreement with Windcave Inc. and Synovus Financial Corporation for services related to preventing credit card data liabilities and losses in the Parking Division. The cost of the contract will be based on a percentage of credit card payments made and the Parking Division estimates it will be approximately $200,000 per year. The contract is for a term of two years with automatic two-year renewals to be approved by the Parking Division Manager. Funding for 2024 is included in the Parking Division’s operating budget. No appropriation is required.
Title
Authorizing the Mayor and the City Clerk to enter into an agreement with Windcave Inc. and Synovus Financial Corporation for payment services on behalf of Madison’s Parking Utility, including PCI compliance.
Body
WHEREAS, the major credit cards brands created the PCI Security Standards Council in 2006 to implement the Payment Card Industry Data Security Standards (PCI DSS) aimed at preventing liabilities and losses related to credit card data; and,
WHEREAS, a breach of cardholder data reduces customer confidence, creates liability from fraud loss and legal actions subjecting a merchant to fines, penalties and potential loss of card acceptance; and,
WHEREAS, the PCI DSS requires a merchant to create and maintain systems to safeguard cardholder data that includes maintaining a secure network, protecting cardholder data, maintain a vulnerability management program, implement strong access control measures, regularly monitor and test the network and maintain an information security policy; and,
WHEREAS, a merchant is required to document these elements and provide an attestation of compliance and assessment questionnaire to the card brands as evidence of a system and related maintenance; and,
WHEREAS, the City of Madison Parking Utility processes a high volume of card transactions per year at Parking Utility garages, with such transactions totaling approximately seven (7) million dollars annually; and,
WHEREAS, the Parking Utility needs to achieve compliance with PCI standards for this payment process at garages; and,
WHEREAS, noncompliance subjects the City to fines from the card brands of $5,000 per month; and,
WHEREAS, a noncompetitive selection request form was completed and is attached to this resolution; and,
WHEREAS, costs from the contract will be based on a percentage of payments made; and,
WHEREAS, this software will support parking operational activities including PCI compliance;
NOW, THEREFORE BE IT RESOLVED, that the Mayor and the City Clerk are authorized to sign a contract as set forth above with Windcave Inc. and Synovus Financial Corporation for payment services at Parking Utility facilities for a term of two years with automatic two-year renewals to be approved by the City Parking Division Manager.
BE IT FURTHER RESOLVED the City Parking Division Manager or designee is authorized accept or reject automatic two-year renewals, so long as estimated funds for the contract will be included in the applicable Parking Division Operating Budget.