CFPB reaffirms that nonbank fintechs must maintain adequate data security safeguards
The CFPB reaffirmed in a circular on Thursday that nonbank entities may violate the Consumer Financial Protection Act’s (CFPA) prohibition on unfair, deceptive, or abusive acts and practices (UDAAP) if they fail to maintain adequate data security safeguards.
The CFPB stated that “In addition to other federal laws governing data security for financial institutions, including the Safeguards Rules issued under the Gramm-Leach-Bliley Act (GLBA), ‘covered persons’ and ‘service providers’ must comply with the prohibition on unfair acts or practices in the CFPA.”
In its white paper on Data Privacy and Security, NAFCU says that “there is no reason that a small credit union should be subject to more stringent requirements than an organization like Equifax, or that an organization like Facebook should not be subject to any requirements. Similar data security requirements should be imposed for fintech companies, retailers, and other entities that handle personal and financial information.”
NAFCU supports holding nonbank fintech companies to the same data security standards that apply to credit unions to create competitive equality. However, the broad applicability of the circular to “covered persons” and “service providers” means that the extension of UDAAP-related liability for inadequate data security practices could potentially impact credit unions.
Under the GLBA, the NCUA is responsible for administering the law’s data safeguard provisions for federally-insured credit unions. NAFCU will continue to engage the bureau to emphasize the NCUA’s role as the primary functional regulator for examining credit union data security.
Add to Calendar 2022-09-29 14:00:00 2022-09-29 14:00:00 Coming Soon: CECL This is a deep-dive refresher into the requirements of the Current Expected Credit Losses (CECL) standard. ASC 326 (CECL) is the most significant accounting standard to impact credit unions in many years. Your credit union should be prepared to adopt CECL in 2023 – this will be an effort to make sure you have a sound calculation, appropriate accounting policies and sufficient disclosures. In this Coming Soon: CECL webinar, you’ll get a baseline understanding of the accounting decisions required by the standard, with a focus on those that have tripped up earlier adopters; lessons learned from previous adopters; best practices and key items to consider for your model on a go-forward basis. Key Takeaways Understand requirements of the CECL standard Analyze lessons learned and best practices from previous adopters Evaluate key items to consider for future maintenance of the CECL model(s) Register Now$295 Members | $395 Nonmembers(Additional $50 for USB)One registration gives your entire team access to the live webinar and on-demand recording until September 29, 2023.Go to the Online Training Center to access the webinar after purchase » Who Should Attend Presidents and CEOs CFOs Accounting titles NCRMs Risk titles Education Credits NCRMs will receive 1.0 CEUs for participating in this webinar CPA credit information is below; recommended 1.0 CPE credits. CPA Certification Credit Information Reviewer: Josie Collins, Senior Associate Director of Education, NAFCU Learning Objectives: See key takeaways Program Level: Basic Prerequisites Needed: None Advance Preparation Needed: None Delivery Method: Group Internet-Based Recommended CPE Credits: 1.0 credits Recommended Field of Study: Accounting – Technical About Our Webinars Our webinars are streamed live from NAFCU headquarters near Washington, DC. Your audio/video feed of the presenters includes presentation slides and downloadable handouts. You can easily submit your questions to the presenters at any time during the live broadcast, with no dialing over the phone! The audio and video stream directly through your computer. Web NAFCU email@example.com America/New_York public
Credits: NCRM, CPE
Get daily updates.
Subscribe to NAFCU today.