The regulator is suggesting it should have even more power – but should it?
The Consumer Financial Protection Bureau is calling for more oversight over credit reporting agencies in the wake of Equifax’s data breach. But should it be given that power?
Richard Cordray, CFBD director, has argued there is a regulatory gap when it comes to overseeing credit agencies, including Equifax and TransUnion, and has suggested the regulator should be given more power to prevent data breaches such as the one currently plaguing Equifax.
“It is not enough to have enforcement come after the fact. We’re going to have to have preventative monitoring in place,” Cordray recently told CNBC in a recent interview. “The companies are going to have to change their behaviour; they can’t just deal with these problems on their own and think it’s good enough.
“We are going to have to work with Congress to put in place a better framework on data security,” he said.
As it stands, CFPB is tasked with supervising large credit reporting companies; the Federal Trade Commission, meanwhile, is in charge of enforcing cybersecurity standards of non-banks – including credit companies.
However, the FTC does not have authority to supervise these entities.
Cordray claimed the CFPB should have examiners within the credit bureaus.
“We are going to have to have monitoring in place that’s preventative. It’s going to have to be a different regime than they’re used to,” Cordray said. “If they are going to restore public confidence in this marketplace, and if they’re going to create the kind of reforms necessary, they are going to have to recognize that the old days of just doing what they want, and being subject to a lawsuit now and then, are over.”
Equifax is currently dealing with a wide-scale data breach that has potentially impacted 145.5 million of its customers.
The breach resulted in stolen names, social security numbers, addresses, and birth dates – all valuable information that could put Americans at risk of identity theft.
Cordray said companies who find themselves in these situations should be held accountable.
The CFPB seems to believe more regulatory power may minimize the chances of a similar breach from happening in the future.
Do you agree? Let us know in the comments below.