Is The CFPB PCI Compliant? It Has 600 Million Cards On File

Consumers might need a bit of protection from the Consumer Financial Protection Bureau, as the Government Accountability Office reported Monday (Sept. 22) that not only does the CFPB have access to more than 600 million payment card records but “the CFPB lacks a consistent plan to keep that sensitive information safe.”

“The oversight office’s main privacy concern is that the CFPB does not have written data-collection and security procedures, which could result in ‘inconsistent’ application of privacy policies,” according to a report in The National Journal. “The report also noted that other institutions, including the Federal Reserve and the Comptroller of the Currency, collect similar data on a comparable scale.”

To be fair, the CFPB only collected data on a small percentage of those account—somewhere between 25 million and 75 million accounts—with “the rest of the access (coming) from data-sharing agreements with another financial agency. Also, it only collected data with personal identifiers, such as a name or address, in very limited circumstances and much of the data was collected in a onetime occurrence,” the Journal said.

Click to comment


To Top