SDBA eNews

October 5, 2017

As Former CEO Testifies, Equifax Reveals More Breach Victims

Equifax on Monday disclosed that data of an additional 2.5 million Americans was implicated in its recent data breach, bringing the total number of U.S. consumers affected to 145.5 million. The disclosure came as former Equifax Chairman and CEO Rick Smith prepared to testify before the House Energy and Commerce Committee Tuesday--the first of three appearances before congressional committees this week.

Smith, who is serving as an unpaid adviser to Equifax during the post-breach process, outlined the circumstances around the breach. “This attack was made possible by a combination of human error and technological error,” he said. In March, Equifax’s IT department failed to patch a software vulnerability in its online disputes portal identified by the Department of Homeland Security. This vulnerability was the portal through which hackers accessed Equifax’s data starting in May, Smith said.

Apologizing for the breach, Smith told the committee that Equifax personnel noticed suspicious network traffic on July 29 and took down the vulnerable application the next day, after which Equifax began assessing the extent of data compromised before the breach was publicly announced on Sept. 7.

Smith also discussed the new “credit lock” product his successor announced last week in a Wall Street Journal op-ed. Starting in January 2018, Equifax will offer a free app that allows consumers to “lock” or “unlock” their credit files at the bureau at will for life. The service is distinct from a security freeze, but “as far as protection to the consumer, it is” the same, Smith said. He added that the locking and unlocking process would take place “instantly.” Read Smith’s testimonyAccess ABA communications resources on the Equifax breach.

ABA, FS-ISAC to Host Free Webinar on Post-Breach Fraud Risk

As part of the ongoing fallout from the Equifax breach, ABA and the Financial Services Information Sharing and Analysis Center are hosting a free, ABA members-only webinar on how banks can mitigate fraud risks. The webinar will take place on Thursday, Oct. 12, at noon CDT.

Speakers from ABA, FS-ISAC and PwC will address the background of recent events, describe how stolen data and credentials can be reused on the dark web and how banks can proactively change their anti-fraud strategy after a large breach. They will also discuss best practices in fraud monitoring and detection. Q&A will follow the presentation. Register now.

ABA Files Notice in Field of Membership Case after NCUA Approves Expansions

ABA on Tuesday filed a notice of supplemental authority in its ongoing case challenging the National Credit Union Administration’s final rule to expand credit union fields of membership far beyond the limitations imposed by Congress. The association submitted the notice after the NCUA recently approved several field of membership expansions--exactly the kind of overbroad fields that ABA warned against in its lawsuit.

One such expansion was granted to Utah Community Credit Union, allowing it to serve the entire Salt Lake City-Provo-Orem combined statistical area, a large geographical area of 2.4 million residents, which ABA noted extends far beyond a single “well-defined local community, neighborhood or rural district” established by the Federal Credit Union Act. NCUA has also authorized several expanded rural districts, many of which encompass urban areas and fall just under the 1 million-person limit for credit union service areas to be designated as “rural.”

The case--which has been fully briefed--is currently awaiting a decision from Judge Ketanji Jackson on whether to hold oral arguments. Read the notice.

Pentagon: No Delay for Credit Card Provisions of MLA Rules

The Department of Defense last week denied a request by ABA and several financial trade groups to postpone the effective date of the amended Military Lending Act rules for credit card accounts. The compliance date for those account was Tuesday, Oct. 3.

In a joint comment letter earlier this year, ABA and the trade groups highlighted several inconsistencies between the MLA amendments and a subsequent interpretive rule issued by DoD. The groups recommended several changes to ensure that military servicemembers and their families continue to have access to affordable credit, in addition to requesting the compliance delay.

The Pentagon’s response indicated that a further interpretive rule addressing some of ABA’s concerns is forthcoming, but noted that certain issues “are not… likely to be addressed in any future guidance.” ABA has been highly engaged on this issue and will continue to provide feedback to DoD as it moves forward with the interpretive rule.

ABA Supports Proposal to Increase CRE Appraisal Threshold

ABA last Friday wrote to the regulatory agencies in support of a proposal that would raise the appraisal threshold for commercial real estate transactions from $200,000 to $400,000. The association noted that the proposal reflects “a simple and clear-cut change that can be implemented with ease,” and that it would provide immediate relief to banks that are currently struggling with a shortage of certified appraisers--particularly in rural areas--and long appraisal turnaround times.

While the proposal would lift the dollar threshold at which an appraisal would be required, it would also put in place risk control measures for banks that choose to forego appraisals in order to maintain safety and soundness. ABA supported these measures, noting that they “will serve as an effective safeguard to the proposed threshold increase because alternative valuation methods can be highly reliable and assure accuracy via various approaches to value conclusions.”

The association also called on regulators to consider increasing the threshold for appraisal requirements for residential transactions. Read the comment letter. For more information, contact ABA's Sharon Whitaker.

ABA Urges Bankers to Support Puerto Rico Recovery, Emergency Response

With Puerto Rico facing a daunting recovery from the massive destruction of Hurricane Maria, ABA President and CEO Rob Nichols has announced that the association will contribute $100,000 for Hurricane Maria relief, as it did after both Hurricanes Harvey and Irma. ABA is also encouraging bankers across the country and ABA staff to support Puerto Rico’s recovery.

Consulting with the Puerto Rico Bankers Association, ABA is contributing to United for Puerto Rico, a fund established by Puerto Rican First Lady Beatriz Rossello in collaboration with the private sector to provide post-hurricane relief. ABA will match employee contributions to relief efforts as it did after Harvey and Irma. ABA staff members have contributed a total of $25,000 to the overall relief effort, bringing the total relief contribution this year from ABA and its employees to $350,000.

ABA staff, working with federal agencies and the Financial Services Information Sharing and Analysis Center, are in close contact with local banking personnel and assisting with Puerto Rican banks’ efforts to recover and restore full access to the banking system. Contribute to United for Puerto Rico. View ABA resources on hurricane response and recovery.

SDSU Extension to Hold Ag Lenders Conferences in October

Agriculture lenders are invited to attend one of three Ag Lender Conferences hosted by SDSU Extension throughout the month of October in Sioux Falls, Watertown and Rapid City.

“SDSU Extension understands the relationship agriculture producers have with their lender and its impact on the success of their operations,” said Jack Davis, SDSU Extension crops business management field specialist. “By providing lenders timely market, financial and production information, they are better able to assist agriculture producers.”

The conferences will be held:

  • Sioux Falls: Oct. 23, SDSU Extension Regional Center (2001 E. Eighth St.) 
  • Watertown: Oct. 25, SDSU Extension Regional Center (1910 W. Kemp Ave.)
  • Rapid City: Oct. 27, West River Ag Center (1905 Plaza Blvd.)

The early registration rate of $75 is available until Oct. 16. Learn more and register online. Questions, contact Jack Davis.

Don't Miss Onsite Certified Banking Security Manager Training

SBS Institute, along with the SDBA and ICBSD, will offer the Onsite Certified Banking Security Manager training Oct. 18-19 in Sioux Falls at the Sheraton Sioux Falls & Convention Center. The onsite certification provides an opportunity to work closely with a security expert and network with peers.

Attendees will learn about U.S. information security laws and regulations, information security program components, security awareness programs, IT audit, social engineering, preparing for IT examinations, and running effective IT and audit committees.

Learn more and register.

Compliance AllianceQuestion of the Week

Question: Does it violate Regulation B (ECOA) to predetermine that all fixed rate loans made to individuals over the age of 60 will be sold on a secondary market?

Answer: Yes. While Regulation B does not specifically mention selling loans on the secondary market, the official interpretation to the regulation defines its scope to include all dealings between applicants and creditors, including the administration of accounts. Age is included in the list of prohibited bases, and selling a loan on the secondary market is an administrative matter. 

Not a Compliance Alliance member? Learn more about membership with Compliance Alliance by attending one of our live demos:

Compliance rules and regulations change quickly. For timely compliance updates, subscribe to Compliance Alliance’s email newsletters.

Compliance Alliance offers a comprehensive suite of compliance management solutions. To learn how to put them to work for your bank, call 888.353.3933 or email.

Advertising Opportunity
Learn more about sponsoring the SDBA eNews.

SDBA eNews Archive
View past issues of the SDBA enews

Contact Alisa DeMers, SDBA, at 800.726.7322 or via email.