M Data Privacy: Pass the Hot Potato! By Dr. Kevin Streff, American Security and Privacy LLC My last article stated, “Just when you thought the world could not get any more confusing, the Consumer Financial Protection Bureau (CFPB) finalized and published its rulemaking for Dodd-Frank Act Section 1033. Section 1033 introduces consumers’ personal financial data rights, including consumer access to financial records linked to the financial products and services involved.” Well, in the past 30 days, the data privacy world has continued to muddy the waters and not provide clarity as to what banks are to do to promote data privacy. As I travel around the United States and speak to bankers, it is clear that most bankers understand that data privacy is important and that they need to do something in this space; however, what is equally clear is that banks do not have a clue where to start. CFPB 1033 has an implementation time frame of six to 60 months, depending upon your asset size, so how important is this issue if a bank has five years to address it? The published CFPB 1033 ruleset states that banks under $850 million never have to comply with CFPB 1033! Eighteen Colorado Banker 14
RkJQdWJsaXNoZXIy MTg3NDExNQ==