Another ATM company closes its doors
Published: Wednesday, June 18, 2025
By Joe Woods, Dolphin Debit Access
Over the past year, two ATM outsourcing and operating companies have gone out of business. This has affected credit unions across the country. The cause of these closures? Greed and theft. The credit unions with ATMs under the management of these companies now must scramble to find new partners to assist in rebuilding their ATM networks.
This highlights the critical importance of due diligence and risk assessment when selecting a partner for ATM operation and maintenance. Many small outsourcing or as-a-service companies originally were formed as ATM ISOs. An ISO operator primarily places ATMs in public areas to profit from the surcharge and network interchange income. The ATMs operated by these organizations are typically cheaper, with minimum security and in many cases a business-type safe rather than a traditional level one vault.
In addition to poor security, the ATM ISO operators typically employ minimal staff to handle the maintenance and cash loading of the ATM. It is common to see someone loading cash into one of these machines without an armored truck or personal protection. Some of these individuals carry cash as well as the toolbox for the ATM. Their approach is the more they can cut costs, the more profit they can take out of their fleet of ATMs.
Over the past 20-plus years, debit and credit cards have replaced cash as the top method of payment. This has hurt the revenue generation of independent ATM operators, who went looking for new opportunities to maintain and grow their business.
To offset the attrition of transactions, these ATM companies started offering their services to credit unions. And although it may appear to be a very cost-effective solution for ATM management, there can be considerable risks and vulnerabilities. In the case of the most recent closure, the company in question had key internal operating vulnerabilities that led to their demise.
When the same organization that operates the ATM is also managing and loading the cash, numbers can be manipulated as funds are stolen. The financial institution that is paying for this service is usually the last to know. There needs to be a complete separation of the three elements – operating systems, cash management, and service staff – to close the gap on this vulnerability. Without full separation, the vulnerability still exists.
Many credit unions, regulators, and insurance providers have become keenly aware of this in recent months. From a due diligence perspective, clarity needs to be provided by these ATM operators to ensure they are operating appropriately. Credit unions can expect a line of questioning related to this during future exams and will need to be prepared. Your state association representative can provide assistance and help you better understand these vulnerabilities to ensure safe operation of your ATMs.