Newsroom
CFPB seeks insights into data broker practices
The CFPB issued a request for information (RFI) Wednesday to better understand data broker business practices, including those that contribute to consumer harms or abuses. While credit unions do not act as data brokers, NAFCU will review the RFI and provide comments to the CFPB as it relates to the bureau’s implementation of section 1033 of the Dodd-Frank Act.
The RFI defines data brokers as firms that collect, aggregate, sell, resell, license, or otherwise share consumers’ personal information with other parties, such as those that specialize in preparing employment background screening reports and credit reports.
The request noted that “[g]overnment agencies, technology and privacy experts, financial institutions, consumer advocates, and others have identified numerous consumer harms and abuses related to the operation of data brokers, including significant privacy and security risks, the facilitation of harassment and fraud, the lack of consumer knowledge and consent, and the spread of inaccurate information.” The bureau indicated it will use feedback from the RFI to inform its statutory duties, including planned rulemaking under the Fair Credit Reporting Act.
Under section 1033, the CFPB has avidly monitored the aggregation services market and has since identified the main participants as consumers, data holders, data users, and data aggregators. The bureau acknowledged that while the use of consumer financial data by these participants could lead to improved and innovative consumer financial products, there are still several data privacy and security concerns to consider.
Last year, NAFCU and other trades raised concerns about data aggregators as they “hold a tremendous amount of consumer financial data” and consumers are likely unaware of how data is collected, stored, or shared. The groups called on the CFPB to subject data aggregators to similar supervision as financial institutions to ensure they are complying with applicable laws.
NAFCU has advocated for the implementation of section 1033 in a way that ensures the security of consumer financial data and that provides a level playing field between credit unions and fintech companies. NAFCU previously sent a letter to the CFPB stating “the extent to which nonbank technology companies are gathering and exchanging potentially sensitive transaction information raises unique privacy concerns which the Bureau should address through direct supervision before proceeding with any effort to implement section 1033.”
Share This
Related Resources
Add to Calendar 2024-06-26 14:00:00 2024-06-26 14:00:00 Gallagher Executive Compensation and Benefits Survey About the Webinar The webinar will share trends in executive pay increases, annual bonuses, and nonqualified benefit plans. Learn how to use the data charts as well as make this data actionable in order to improve your retention strategy. You’ll hear directly from the survey project manager on how to maximize the data points to gain a competitive edge in the market. Key findings on: Total compensation by asset size Nonqualified benefit plans Bonus targets and metrics Prerequisites Demographics Board expenses Watch On-Demand Web NAFCU digital@nafcu.org America/New_York public
Gallagher Executive Compensation and Benefits Survey
preferred partner
Gallagher
Webinar
Add to Calendar 2024-06-21 09:00:00 2024-06-21 09:00:00 2024 Mid-Year Fraud Review Listen On: Key Takeaways: [01:16] Check fraud continues to be rampant across the country. Card fraud is affecting everyone. [04:31] Counterfeit US passport cards are just another new toolbox in the bad actors’ toolbox. [07:21] Blocking the fallback is the only way to defeat counterfeit cards. [11:17] The best way is constant education to your members in as many channels as you can. [13:02] We are still seeing overdraft lawsuits. Make sure the programming you have at your credit union matches what you have displayed for the members. Web NAFCU digital@nafcu.org America/New_York public
2024 Mid-Year Fraud Review
Strategy & Growth, Consumer Lending
preferred partner
Allied Solutions
Podcast
Add to Calendar 2024-06-21 09:00:00 2024-06-21 09:00:00 The Evolving Role of the CISO in Credit Unions Listen On: Key Takeaways: [01:30] Being able to properly implement risk management decisions, especially in the cyber age we live in, is incredibly important so CISOs have a lot of challenges here. [02:27] Having a leader who can really communicate cyber risks and understand how ready that institution is to deal with cyber events is incredibly important. [05:36] We need to be talking about risk openly. We need to be documenting and really understanding what remediating risk looks like and how you do that strategically. [16:38] Governance, risk, compliance, and adherence to regulatory controls are all being looked at much more closely. You are also seeing other technology that is coming into the fold directly responsible for helping CISOs navigate those waters. [18:28] The reaction from the governing bodies is directly related to the needs of the position. They’re trying to help make sure that we are positioned in a way that gets us the most possibility of success, maturing our postures and protecting the institutions. Web NAFCU digital@nafcu.org America/New_York public
The Evolving Role of the CISO in Credit Unions
preferred partner
DefenseStorm
Podcast
Get daily updates.
Subscribe to NAFCU today.