ICBA to Congress: Extend Data Security Standards to Retailers, Tech Firms

ICBA Press Release Banner 2020

Washington, D.C. (Nov. 3, 2021) — The Independent Community Bankers of America (ICBA) today called on Congress to extend Gramm-Leach-Bliley Act data security standards to retailers, technology companies, and other parties that process or store consumer financial data.

Testifying before the House Financial Services Subcommittee on Consumer Protection and Financial Institutions, Bank of Idaho President and CEO Jeff Newgard said extending the banking industry’s strict security standards to all participants in the payments system will help prevent security breaches.

“Securing data at financial institutions is of limited value if it remains exposed at the point-of-sale and other processing points,” said Newgard, whose $700 million-asset community bank is headquartered in Idaho Falls. “To effectively secure customer data, all participants in the payments system, and all entities with access to customer financial information, should be subject to and maintain well-recognized standards such as those created by GLBA.”

Newgard, who chairs ICBA’s Cyber and Data Security Committee, also called on policymakers to:

  • Harmonize regulatory standards to enhance security and mitigate threats.
  • Ensure supervision of core processors, fintech companies, and other third-party providers.
  • Subject credit reporting agencies to appropriate oversight following the 2017 Equifax breach.
  • Institute a national data security breach and notification standard to replace the patchwork of state notification laws.
  • Require the costs of data breaches to be borne by the party that incurs the breach.

Newgard also weighed in on the following bills:

  • Rep. Stephen Lynch’s (D-Mass.) Safeguarding Non-Bank Consumer Information Act (H. R. 3910), whose definition of “data aggregators” should be revised to cover non-financial institutions.
  • Rep. Bill Foster’s (D-Ill.) Strengthening Cybersecurity for the Financial Sector Act, which should expand on closing the credit union service organization loophole to correct lax credit union oversight.
  • The Enhancing Cybersecurity of Nationwide Consumer Reporting Agencies Act, ICBA-supported legislation that would extend cybersecurity supervision to credit reporting agencies.
  • The Cyber Incident Reporting for Critical Infrastructure Act of 2021, which calls for enhanced information sharing and cyber incident reporting provisions but should include a safe harbor for small entities operating in good faith.

For more information, visit icba.org.

About ICBA
The Independent Community Bankers of America® creates and promotes an environment where community banks flourish. ICBA is dedicated exclusively to representing the interests of the community banking industry and its membership through effective advocacy, best-in-class education, and high-quality products and services.

With nearly 50,000 locations nationwide, community banks constitute 99 percent of all banks, employ more than 700,000 Americans and are the only physical banking presence in one in three U.S. counties. Holding more than $5.8 trillion in assets, over $4.8 trillion in deposits, and more than $3.5 trillion in loans to consumers, small businesses and the agricultural community, community banks channel local deposits into the Main Streets and neighborhoods they serve, spurring job creation, fostering innovation and fueling their customers’ dreams in communities throughout America. For more information, visit ICBA’s website at www.icba.org.

###