On August 21, 2019 the Conference of State Bank Supervisors (“CSBS”) launched three new online tools designed to help non-bank financial services companies navigate state regulations and protect against cyber security risks: a State Regulatory Guidance Portal, a State Survey Map of Money Transmission Laws, and Cybersecurity 101: A Resource Guide for Financial Sector Executives.

Ballard Spahr is proud to partner with Venminder, Inc., on this podcast posted today discussing third-party vendor risk management concerns of financial institutions and service providers. Hosted by Venminder’s Chief Risk Officer Branan Cooper, the podcast features Glen Trudel, a partner in Ballard Spahr’s Consumer Financial Services Group with extensive experience in this area.

The

Equifax announced on September 7, 2017 a massive data breach affecting an estimated 143 million consumers.  Richard Cordray, the then Director of the CFPB, shortly thereafter authorized an investigation according to several media reports.  Reuters reported yesterday that the investigation sputtered since then, according to several government and industry sources.  That is not surprising since

We are pleased to announce that Ballard Spahr has launched CyberAdviser, a new blog focused on the latest news and developments in privacy and cybersecurity law.  It will offer insights into the latest transactional, governance and compliance matters, investigations, civil and criminal litigation, regulatory and legislative developments, industry trends, emerging technologies, and other cyber

Last week, the OCC released its semiannual risk report highlighting credit, operational, and compliance risks to the federal banking system.  The report focuses on issues that pose threats to those financial institutions regulated by the OCC and is intended to be used as a resource by those financial institutions to address the key concerns

The FTC has released its annual report summarizing its activity during 2017 relating to privacy and data security issues.  In its self-declared role as “the nation’s primary privacy and data security enforcer,” the FTC outlines 10 privacy cases and 4 data security cases that it brought in 2017, including Uber Technologies (transportation service), Vizio (television

On December 14, the Financial Stability Oversight Council (FSOC), which was established by the Dodd-Frank Act to analyze and mitigate potential threats to the financial sector, released its first report under the Trump administration (the “Report”).  FSOC is comprised of representatives from each of the federal financial regulators, including the CFPB.  Mick Mulvaney, President Trump’s

The cities of Chicago and San Francisco and the Massachusetts Attorney General have filed the first enforcement actions against Equifax following the announcement of a data breach affecting an estimated 143 million consumers.  Equifax announced the data breach on September 7, 2017, after hackers allegedly exploited a vulnerability in open-source software used by Equifax to

The recent data breach disclosure by Equifax raised an outcry from consumer advocates trying to link the data breach to the Consumer Financial Protection Bureau’s (CFPB) final arbitration rule.  They are portraying this cybersecurity incident as a prime example of why class actions are needed to protect consumers, hoping to persuade the U.S. Senate not

On May 15, 2017, the Federal Reserve Office of Inspector General – which also oversees the CFPB – released a report finding deficiencies in the CFPB Office of Enforcement’s (Enforcement) processes for securing sensitive information.  The evaluation, conducted between February 2016 and July 2016, reviewed Enforcement’s processes for protecting the information it collects from the