CFPB warns non-bank financial businesses about data security

The Consumer Financial Protection Bureau published a circular on Aug. 10 explaining that non-bank financial firms – such as fintech companies and credit reporting agencies – may violate the Consumer Financial Protection Act’s prohibition on “unfair acts or practices” if they fail to protect sensitive consumer financial information.

The circular notes that insufficient data protection may also violate the Gramm-Leach-Bliley Act’s Safeguards Rule, but states “while these requirements often overlap, they are not coextensive.”

You can click here read the circular on the CFPB website.