On Aug. 11, 2022, the U.S. Consumer Financial Protection Bureau issued guidance indicating that financial institutions and service providers that fail to adopt sufficient data security measures to protect consumer financial data may violate the Consumer Financial Protection Act provision prohibiting unfair acts and practices.

Click here to continue reading the full GT Alert.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Benjamin M. Saul Benjamin M. Saul

Benjamin Saul is a shareholder in the firm’s Financial Regulatory and Compliance Practice. For two decades, Ben has handled high-stakes regulatory, enforcement, and litigation matters for corporate and individual clients in the consumer finance, specialty finance, fintech, and banking sectors.

Ben has helped

Benjamin Saul is a shareholder in the firm’s Financial Regulatory and Compliance Practice. For two decades, Ben has handled high-stakes regulatory, enforcement, and litigation matters for corporate and individual clients in the consumer finance, specialty finance, fintech, and banking sectors.

Ben has helped clients navigate dozens of contentious supervisory, enforcement, and litigation matters involving the Consumer Financial Protection Bureau (CFPB), and has been a leader in the private bar on CFPB matters since the Bureau’s inception in 2011. He also routinely assists clients in matters involving the FTC, DOJ, HUD, OCC, FRB, FDIC, state financial services authorities, state attorneys general, and state civil rights commissions. Ben’s enforcement matters have concerned fair lending and servicing, unfair deceptive and/or abusive trade practices, other federal and state consumer finance laws, AML/BSA, troubled or failed banks, fiduciary duties, financial institution fraud, supervisory ratings, and other safety and soundness issues.  These matters often have involved parallel proceedings by multiple enforcement agencies and/or private parties.

Ben also advises lenders, servicers, alternative financial service providers, and money service businesses on product and service development, licensing, compliance program enhancement, and the applicability of federal and state consumer credit and other financial services laws. He frequently helps clients understand how financial services law maps onto new technologies and innovative products, having worked on matters involving big data, artificial intelligence, marketplace and online lending, blockchain, digital assets and cryptocurrencies, digital banking, and payment systems.  In addition, Ben provides financial services regulatory support for corporate and capital markets transactions.

Photo of Kevin M. Scott Kevin M. Scott

Kevin Scott counsels small and large entities, including merchants, medical providers, financial institutions, and educational institutions on the identification, evaluation, and management of first- and third-party data privacy and cybersecurity risks. Kevin advises on data privacy, cybersecurity breach response, and payment card industry…

Kevin Scott counsels small and large entities, including merchants, medical providers, financial institutions, and educational institutions on the identification, evaluation, and management of first- and third-party data privacy and cybersecurity risks. Kevin advises on data privacy, cybersecurity breach response, and payment card industry standards and investigations. He has handled hundreds of breaches, often reducing public and regulatory scrutiny and protecting clients’ reputations. Kevin’s practice also includes advising clients on compliance with state, federal, and international laws and regulations.

Photo of Jessica D. Pedersen Jessica D. Pedersen

Jessica Pedersen advises businesses on complex data privacy and cybersecurity issues. Jessica has experience counseling a diverse range of companies on compliance with both existing and emerging privacy and security laws, including the E.U.’s General Data Protection Regulation (GDPR) and the California Consumer…

Jessica Pedersen advises businesses on complex data privacy and cybersecurity issues. Jessica has experience counseling a diverse range of companies on compliance with both existing and emerging privacy and security laws, including the E.U.’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). In addition, she assists clients in preparing for and responding to cybersecurity threats, including designing data breach tabletop exercises, managing data breach response, and defending privacy and data breach litigation. Jessica also represents clients in related regulatory investigations. She is a certified privacy professional through the International Association of Privacy Professionals (CIPP/US).