Federal security standards don’t apply to credit bureaus, retailers, others
Washington, D.C. (March 14, 2019)—The Independent Community Bankers of America® (ICBA) today told Congress that all entities that handle personal information should be required to safeguard personal information similar to how it is protected at financial institutions. In a letter to the heads of the Senate Banking Committee, ICBA said privacy standards like those mandated under the Gramm-Leach-Bliley Act should apply to third-party contractors, credit bureaus such as Equifax, retailers and other non-bank entities with access to personal information, and federal regulators themselves.
“Community banks and other financial institutions are required by statute and regulation to safeguard personally identifiable information,” ICBA President and CEO Rebeca Romero Rainey wrote in a letter to Chairman Mike Crapo (R-Idaho) and Ranking Member Sherrod Brown (D-Ohio). “To ensure consumers receive enhanced protection of their personal information, all entities that handle personal information should be required to safeguard this information, in a manner comparable to financial institutions.”
By their very nature, community banks and other financial institutions must collect personally identifiable information about customers to meet their financial services needs and to protect them against fraud and identity theft. To most effectively secure customer data and thereby protect consumer privacy, all entities that store or process sensitive personal information or have access to customer financial information should be subject to standards such those created by the Gramm-Leach-Bliley Act, ICBA wrote in its letter.
Third parties that are not currently examined, including credit bureaus, should be examined and supervised for their compliance with safeguarding nonpublic personal information, ICBA wrote. ICBA’s letter also calls for non-bank entities that access customer account information to be held responsible for ensuring the security of the customer information they are accessing and liable for any data breach and consumer harm they cause. Further, ICBA continues to support a single national breach notification standard to replace the current patchwork of state laws.
ICBA looks forward to continuing to work with Congress and the Trump administration to address the protection of consumer privacy.
The Independent Community Bankers of America® creates and promotes an environment where community banks flourish. With more than 52,000 locations nationwide, community banks constitute 99 percent of all banks, employ more than 760,000 Americans and are the only physical banking presence in one in five U.S. counties. Holding more than $4.9 trillion in assets, $3.9 trillion in deposits, and $3.4 trillion in loans to consumers, small businesses and the agricultural community, community banks channel local deposits into the Main Streets and neighborhoods they serve, spurring job creation, fostering innovation and fueling their customers’ dreams in communities throughout America. For more information, visit ICBA’s website at www.icba.org.
# # #