Newsroom

Back to the Newsroom
November 15, 2019

Compliance Blog tackles CCPA requirements for CUs

compliance blogNAFCU Senior Regulatory Compliance Counsel Elizabeth LaBerge details the requirements and proposed regulations of the California Consumer Privacy Act (CCPA) in a new post on the Compliance Blog. The CCPA, which was enacted in 2018, is set to take effect Jan. 1, 2020.

"After the CCPA was passed, at least twenty amendments to address ambiguities, technical problems, drafting errors and substantive changes were considered before the California Legislature went into recess for the last time in 2019," notes LaBerge. "Eight of these amendments were passed."

NAFCU, in a joint letter with the United States Chamber of Commerce and other organizations representing every sector of the American economy, earlier this year urged the California governor, attorney general and members of the California state senate and assembly to delay the effective date of the CCPA by two years.

In the blog, LaBerge highlights the requirements that credit unions would likely be subject to under the CCPA, if they meet the threshold requirements. LaBerge also discusses the proposed regulations, which remain open for comment, highlighting that they do not include specific implementing rules for every piece of the CCPA. NAFCU will submit written comments on the proposed regulations ahead of the Dec. 6 deadline.

A number of congressional hearings have reviewed efforts to establish consumer data privacy standards as lawmakers consider national data security and privacy laws, and NAFCU has previously urged Congress to create uniform standards to prevent confusion stemming from a patchwork of different state laws.

Credit unions doing business in California may want to start preparing now to be in compliance by the effective date, as no further legislative clarification on the act is expected this year.

The association has multiple resources available to help credit unions prepare, including a webinar on CCPA and the future of privacy laws available on-demand. NAFCU members can also access a previous edition of the  NAFCU Compliance Monitor on the substantive requirements of the GDPR and how they differ from existing U.S. mandates.

Related Resources

Macro Data Report - Consumer Credit

Reports

NCUA Overturns CAMEL Rating On Appeal

Examination & Enforcement

Blog Post
Add to Calendar 2021-12-07 14:00:00 2021-12-07 14:00:00 Protect your CU: Building a Secure Cloud Infrastructure About the Webinar Moving to the cloud saves time, upskills resources, and reduces costs. Most importantly, it makes infrastructure more secure and automates security checks and monitoring. With increases in ransomware scares and other security concerns, financial institutions are leaning on the cloud to better provision for these threats. Join AWS, Think|Stack, and ALPS Federal Credit Union to learn more about how you can build security protocols into your infrastructure and mitigate risks by migrating to the cloud. Watch the Webinar Web NAFCU digital@nafcu.org America/New_York public

Protect your CU: Building a Secure Cloud Infrastructure

preferred partner
Amazon Web Services
Webinar

DOJ Investigates the Use of Gift Cards in Financial Schemes

BSA, Fraud

Blog Post