Home Info Newsroom CFPB Turns Its Attention to Data Security – Seven Industry Practices You Need to Know Now

CFPB Turns Its Attention to Data Security – Seven Industry Practices You Need to Know Now

Authored By: Lewis Wood on 8/19/2022

On Aug. 11, the Consumer Financial Protection Bureau (CFPB) published a circular, answering the question, “Can entities violate the prohibition on unfair acts or practices in the Consumer Financial Protection Act (CFPA) when they have insufficient data protection or information security?” with a resounding “yes.”

Specifically, the CFPB pointed to three practices — inadequate authorization, poor password management, and lax software update policies — as examples of data security practices that would likely cause substantial unavoidable injury to consumers without a countervailing benefit and that could trigger liability for financial institutions and/or their service providers.

Failure to comply with these requirements may violate the CFPA’s prohibition on unfair acts or practices.

Read more

  • Share:
Tags: data security, cybersecurity, Consumer Financial Protection Act, CFPA, CFPB, Consumer Financial Protection Bureau


« Return to "Latest News" Go to main navigation