January 28, 2014

Cordray pressed on data security, QM

Jan. 29, 2014 – CFPB Director Richard Cordray was pressed by three House Financial Services Committee members on data security Tuesday in a hearing on the bureau's fourth semiannual report to Congress.

The hearing discussion covered a wide range of consumer financial protection issues, including CFPB's mortgage rules. Additionally, three committee members specifically aired concerns about data security amid ongoing reports of the known breach at Target and the suspected one at Michaels Stores.

Rep. Ed Royce, R-Calif., raised privacy concerns about the national mortgage database maintained by the Federal Housing Finance Agency and CFPB and pointed to a Government Accountability Office report that government breaches are up 42 percent over the last year. He also entered NAFCU's most recent letter to Capitol Hill on data security into the hearing record.

Rep. Ed Perlmutter, D-Colo., asked if CFPB has any jurisdiction over retailer breaches; Cordray said the bureau has put out a bulletin on how consumers can protect themselves.

Rep. Randy Neugebauer, R-Texas, chairman of the housing and insurance subcommittee, asked how CFPB ensures the safety of the consumer data it maintains. Cordray said the bureau attempts to safeguard any aggregated information it has and complies with all security and privacy requirements.

CFPB's ability-to-repay/qualified mortgage rule received continued scrutiny. Rep. Shelley Moore Capito, R-W.Va., who chairs the financial institutions subcommittee, referenced NAFCU's Jan. 14 testimony by Orion FCU CEO Daniel Weickenand, whose credit union has pulled back from non-QM loans.

Capito asked what was CFPB's "plan B," and Cordray pointed to the rule's small creditor exemption, which applies to lenders at less than $2 billion in assets that make less than 500 mortgages a year and hold their loans in portfolio. He also said CFPB would monitor implementation and its impact.