DocMagic Blog

CFPB Issues Circular Regarding Data Protection Security

The Consumer Financial Protection Bureau (“CFPB”) published Circular 2022-04 on August 11, 2022 which confirmed that financial institutions may violate the prohibition on unfair acts or practices under the Consumer Financial Protection Act (“CFPA”) by having insufficient data protection or information security.

“Financial firms that cut corners on data security put their customers at risk of identity theft, fraud, and abuse,” said CFPB Director Rohit Chopra. “While many nonbank companies and financial technology providers have not been subject to careful oversight over their data security, they risk legal liability when they fail to take common-sense steps to protect personal financial data.”

The circular provides that under the CFPA an unfair act or practice would be one that (1) causes or is likely to cause substantial injury to consumers, (2) is not reasonably avoidable by consumers, and (3) is not outweighed by countervailing benefits to consumers or competition. Additionally, an actual injury is not required to prove an unfair act or practice under the CFPA. Examples of data security practices which are widely used to protect consumer data are provided in the Circular.

Further, three examples of data security measures which are indicated to reduce the likelihood of a violation of unfair act or practices include multi-factor authentication, password management policies and practices, and timely software updates. Not using these types of security measures may indicate a financial institution has inadequate data protection.

Circulars are a new tool being used by the CFPB to provide supervisory guidance on individual topics. For more information on this type of guidance, see DocMagic’s prior compliance article here.


Related Content:

One partner. One platform. A complete solution.

Let us digitally transform your mortgage process for increased efficiency and ROI. See how by scheduling a demo today.

Topics from this blog: Compliance

  • Recent
  • Topics
The essential role of an eVault in today’s digital mortgage...
Gaining seamless eClosings through notaries at the Agent’s...
DocMagic named 2024 Tech100 Mortgage winner
DocMagic’s 2023 in review: Pioneering the future of digital...
Enhanced integration of Empower LOS and DocMagic supports...

Download the Truliant Federal Credit Union Case Study

Truliant took several key steps to refine its 100% digital eClosing process — including finding the right technology partner.

Download now