Jump to Content
ABA: The American Bankers Association
Compliance News

GAO Recommends Beefing Up FTC, CFPB Enforcement of Nonbank Data Privacy

To mitigate the risk of data breaches like the Equifax breach in 2017, the FTC should have civil penalty authority to enforce the consumer privacy requirements of the Gramm-Leach-Bliley Act, according to a report by the Government Accountability Office.

To mitigate the risk of data breaches like the Equifax breach in 2017, the Federal Trade Commission should have civil penalty authority to enforce the consumer privacy requirements of the Gramm-Leach-Bliley Act, according to a report by the Government Accountability Office. The GAO also said that the Consumer Financial Protection Bureau, which has supervisory authority over large consumer reporting agencies, should identify additional sources of information to ensure it is supervising all the CRAs that it should be, and that the bureau should prioritize data security in its examinations of CRAs.