WASHINGTON—Senate Banking Chairman Mike Crapo (R-ID) has sent a letter to three federal agencies questioning their ability to oversee credit bureaus and ensure consumer data is protected.
In it, Crapo expresses concern about a "regulatory gap" for data security standards, noted NAFCU in its analysis.
Crapo sent the letter to the Federal Reserve, the Federal Deposit Insurance Corporation and the Office of the Comptroller of the Currency. He asks six questions about the banking agencies' ability to supervise the credit bureaus, including their legal authority and technical capability, and how credit bureau supervision compares with supervision of banking organizations.
Crapo requests the agencies respond to his questions by Oct. 20. The Senate Banking committee has a hearing on data security on Tuesday.
Also last week, Rep. Patrick McHenry (R-NC) introduced the PROTECT Act, which would create uniform cybersecurity standards for national credit bureaus and subject them to examinations via the Federal Financial Institutions Examination Council (FFIEC), noted NAFCU, adding that the trade association has advocated for such a move in the wake of the Equifax breach. It also establishes a national process for consumers to request a credit freeze and would prevent credit bureaus from using Social Security numbers as the basis for consumer identification beginning in 2020.