Equifax Hack Points to Possible Corporate Governance and Business Model Factors Leading to Weak Protections for Borrowers’ Personal Data

Equifax, one of the “big three” credit reporting firms, recently disclosed that social security numbers and other personal information of some 143 million mostly U.S. consumers had been compromised through hacking. This was not a sudden discovery of a serious security issue. Equifax had been alerted in March 2017 by Cisco of an online security flaw affecting…

Read More

Prescriptive, “Rules-Based” Regulation is Key to Enhancing Cybersecurity in Financial Institutions

There is much debate in the compliance community about the virtues and drawbacks of a “principles-based” versus a “rules-based” regulatory approach in ensuring effective compliance with regulatory obligations. On the one hand, in “principles-based” regulation agencies establish broad but well-articulated principles that a business is expected to follow. There is clarity about the regulatory objective,…

Read More