The Consumer Financial Protection Bureau should extend its inquiry of the six largest technology companies to all tech firms that participate in payments and financial services or hold consumer data, ICBA said.

Background: The CFPB is investigating how six big tech companies operating payment systems use personal payments data and manage data access to users.

Comments: In a comment letter to the CFPB, ICBA urged the agency to:

  • Not limit examinations to big tech payment platforms, but also consider data aggregators and other entities that manage consumer financial data.

  • Ensure all companies in the payments and financial services ecosystem are held to Gramm-Leach-Bliley Act-like data security standards.

  • Hold breached companies liable for the costs of making consumers whole.

  • Work with regulators to ensure tech companies don’t abuse the industrial loan company loophole, citing ILC applications from Square and SoFi.

  • Require data minimization standards for tech companies accessing consumer financial data.

More: Testifying before Congress last month, ICBA called on lawmakers to extend GLBA-like data security standards to retailers, technology companies, and other parties that process or store consumer financial data.

READ ICBA LETTER