Bylined article by partners David Beam, Jonathan Jaffe, Jeff Taft and Kendall Burman. Partners Laurence E. Platt, Rajesh De and Stephen Lilley, and associates Matthew Bisanz and James K. Williams also contributed to this article.
Dodd-Frank Act
Whose Data Is It? CFPB Releases Consumer Protection Principles for Consumer-Authorized Financial Data Sharing and Aggregation
A new generation of fintech providers is offering products that allow customers to access and aggregate information about accounts at other financial institutions that have no relationship with the fintech provider, raising new questions around the privacy, security and accuracy of consumer financial data, as well as concerns around improper payment authorization and consumer dispute…
US Consumer Financial Protection Bureau Brings First Data Security Enforcement Action
On March 2, 2016, the Consumer Financial Protection Bureau (Bureau) undertook its first data security enforcement action in a consent order against Dwolla, Inc., a payment network provider that allegedly made deceptive representations about its data security practices. Although in this matter the Bureau relied upon its authority to take action against “deceptive” practices, the…
Information Technology Examination Handbook for U.S. Financial Institutions Updated
The members of the Federal Financial Institutions Examination Council (“FFIEC”) have released an update to the Management section of the Information Technology Examination Handbook (the “Handbook”).1 While the Handbook is written for examiners at the U.S. federal banking agencies and for the financial institutions subject to examination, it contains helpful guidance for other entities…