NAFCU advances call for national data security standard in joint letter
In 2017, NAFCU testified twice on Capitol Hill, reiterating the need for consumer protections in data breach legislation
WASHINGTON, DC (December 21, 2017) — The National Association of Federally-Insured Credit Unions (NAFCU) joined six other financial industry trades in suggesting legislative fixes to address the recent trend of data breaches affecting companies, financial institutions and consumers. In a joint letter, the trade groups call for a strong national data security standard and breach notification requirements.
“Stopping breaches is critical for consumers, and also important to our members who often have the closest relationships with those affected,” the trades wrote. “Data breaches impose significant costs on financial institutions of all sizes because our first priority is to protect consumers and ensure that they have no liability for fraud that typically follows a breach. Our members provide relief to victims of breaches, regardless of where the breach occurs.”
NAFCU has been at the forefront of calling for a national data security standard since the Target breach in 2013, and, this year alone, were invited to testify at two hearings on Capitol Hill. Below is a timeline of recent NAFCU testimonies calling for a national data security standard.
- On November 1, 2017, Mission Federal Credit Union President/CEO and NAFCU Board Member Debra Schwartz, in her testimony, stressed the effectiveness of the Gramm-Leach-Bliley Act (GLBA) and called for the creation of a national standard for data security at the hearing, “Data Security: Vulnerabilities and Opportunities for Improvement,” by the House Financial Services Subcommittee on Financial Institutions and Consumer Credit.
- On March 8, 2017, Chevron Federal Credit Union President/CEO Jim Mooney, who also chairs NAFCU’s Cybersecuirty and Payments Committee, testifiedbefore the House Small Business Committee at a hearing entitled “Small Business Cybersecurity: Federal Resources and Coordination.” In his testimony, Jim called on Congress to introduce legislation similar to the Data Security Act of 2015 to create a national standard of data security that applies to all entities in the payments chain.
- In the 114th Congress, Reps. Randy Neugebauer, R-Texas, and John Carney, D-Del. introduced a NAFCU-backed bipartisan bill, the Data Security Act of 2015(H.R. 2205), setting data protection standards, outlining a process for notifications and recognizing financial institutions’ compliance with the Gramm-Leach-Bliley Act.
- On October 7, 2015, Jan Roche, President and CEO of State Department Federal Credit Union and NAFCU board member, testified before the House Small Business Committee at a hearing regarding the EMV transition entitled, “The EMV Deadline and What it Means for Small Businesses.” Roche’s testimonyemphasized that the best way to protect the financial system against payments fraud is through a national data security standard and urged the committee to support H.R. 2205, the Data Security Act of 2015.
- On April 22, 2015,NAFCU President and CEO B. Dan Berger testified before the House Small Business Committee during a hearing titled “Small Business, Big Threat: Protecting Small Businesses from Cyber Attacks.” In his testimony, Berger detailed how credit unions have successfully minimized data breaches and why it’s important that others do the same.
The letter outlines three goals of legislation:
- ensure that all entities are required to protect sensitive personal and financial data;
- require timely notification of consumers and impacted parties that are at risk in the event of a breach; and
- ensure compliance through appropriate state and federal oversight, recognizing existing federal obligations for the financial industry to both secure data and notify consumers of a breach, and eliminate overlapping and inconsistent laws and regulations.
The National Association of Federally-Insured Credit Unions is the only national trade association focusing exclusively on federal issues affecting the nation’s federally-insured credit unions. NAFCU membership is direct and provides credit unions with the best in federal advocacy, education and compliance assistance. For more information on NAFCU, go to www.nafcu.org or @NAFCU on Twitter.