Louisiana banks are required by law to develop and maintain robust internal protections to combat and address criminal attacks, and are required to protect consumer financial information and notify consumers when a breach occurs within their systems that will put their customers at risk.
The same cannot be said for other industries, like retailers, that routinely handle this same information and increasingly store it for their own purposes. The Identity Theft Resource Center has compiled a list of all publicly reported breaches in the United States and shows that banks accounted for only 5.5 percent of all breaches in 2014.
For more than 15 years, banks have been subject to significant regulatory requirements and internal safeguards which have been substantially enhanced over the years. These include:
• Federal Requirements to Protect Information - Title V of the Gramm-Leach-Bliley Act and its implementing rules and guidance requires banks to protect the security, integrity and confidentiality of consumer information.
• Federal Requirements to Notify Consumers – Louisiana banks are also required to notify customers whenever there is a data breach where the misuse of customer information has occurred or it is reasonably likely that misuse will occur.
• Strong Federal Oversight and Examination - Under their broad-based statutory supervisory and examination authority, the Federal Reserve System, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corporation regularly examine banks for compliance with data protection and notice requirements.
• Strong Federal Sanction Authority - Under numerous provisions of Federal law, banks are subject to substantial sanctions and monetary penalties (e.g., up to $1 million per day fines) for failure to comply with statutory and regulatory requirements.
This extensive legal, regulatory examination and enforcement regime ensures that Louisiana banks robustly protect customer personal financial information. In contrast, retailers that accept electronic payments face no similar requirements or oversight and, as a result, millions of American consumers’ personal financial information has been compromised in recent years. We will work with Congress to assure customer information will be protected across the business community that retains personal financial information.
Robert Taylor is CEO of the Louisiana Bankers Association