SAN ANTONIO, TX ― April 14, 2009 ― Harland Clarke Corp.’s proprietary Information Security Program has achieved recertification in two critical industry evaluations: the Payment Card Industry Data Security Standard (PCI DSS) and the Verizon Business Security Management Program (SMP) Cybertrust Certification. The leading provider of solutions to financial institutions also completed the annual American Institute on Certified Public Accounts (AICPA) Statement of Auditing Standards Number 70 (SAS-70), Type II audit. The widely-recognized certifications and audit help ensure the protection of credit card and consumer information. All three are considered essential for organizations entrusted with financial data.

“At Harland Clarke, information security is considered a core competency,” said Chief Operating Officer Dan Singleton. “Our Information Security Program is based upon proven standards with fundamentals driven by risk management decisions made at the executive level. This oversight and commitment is what our clients and their account holders deserve.”

Harland Clarke’s information security effort is led by Chief Information Security Officer John Petrie, CISSP, CISM, CHS-III. Under Petrie’s direction, the company built the program using the company’s enterprise-wide quality processes, linking security and risk mitigation decision processes to the organization’s operating plan and strategic growth goals, then ingraining security into the mind-set of employees. Petrie also committed senior-level information security professionals to client-facing roles, further strengthening the support Harland Clarke provides its clients’ organizations.

“With an experienced team of in-house information security professionals, Harland Clarke is able to maintain a standards-based program that transfers the overall risk across multiple security areas. This gives our clients the confidence to share their risk with us,” noted Petrie.

Upon its completion of a recent security audit of Harland Clarke, one of the company’s largest financial institution clients commented, “I found no critical issues and assessed that Harland Clarke had a well-documented, mature security program, and that the processes supporting the program were sound.” Harland Clarke’s ongoing investment in its integrated Information Security Program helps ensure its controls are effective and functioning, and that risk is reviewed and mitigated to acceptable levels. Its in-house staff of experienced information security professionals sets the program’s standards with the goal of not only meeting industry criteria, but exceeding them.

Harland Clarke Marketing Services’ production and printing facility located in Baltimore, Maryland was again certified by VISA® using the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. When awarded its first certification in early 2007 following a year-long evaluation process, Harland Clarke Marketing Services was one of the first financial services direct marketing firms to meet all of the PCI DSS requirements. It is one of the few certified direct marketing companies specializing in the financial services industry, as well as one of the few direct marketing firms doing its own print production that has achieved this security certification.

For the fourth consecutive year, Harland Clarke received the Cybertrust Enterprise Certification for its Dallas and San Antonio manufacturing operations. The coveted Verizon Business Security Management Program (SMP) Cybertrust Certification demonstrates an organization’s continued commitment to security assurance practices. It helps companies reduce risk by reviewing their information security measures and addressing a broad range of security needs, from network and system analysis to security policy inspection. Harland Clarke has expanded this critical program to other locations, achieving Enterprise Certifications at its Chicago and Nashville manufacturing facility locations.

The company also completed its annual American Institute of Certified Public Accounts (AICPA) Statement on Auditing Standards Number 70 (SAS-70), Type II audit conducted by PriceWaterhouseCoopers, a tier one independent auditing firm. The SAS-70 Type II audits verify that adequate controls and safeguards are in place for service organizations that have access to and process shareholder, client, and customer data. The audits are widely considered the financial industry’s best practices standard, and are accepted and referenced by bank examiners, financial auditors, and Securities and Exchange Commission (SEC) auditors.

About Harland Clarke Corp.

Harland Clarke Corp. is a leading provider of integrated payment solutions, marketing services and technology solutions. It serves approximately 15,000 financial institutions, as well as major investment firms, business-to-business clients, small businesses, and individual consumers. With its corporate headquarters in San Antonio, Texas and a regional headquarters in Decatur, Georgia, Harland Clarke employs approximately 5,500 people and has manufacturing facilities nationwide. Harland Clarke Corp. is a wholly-owned subsidiary of Harland Clarke Holdings Corp., which is also the parent company of Harland Financial Solutions Inc. and Scantron Corporation.