Appearing before the House Financial Services Committee Tuesday at a hearing entitled “The Annual Report of the Financial Stability Oversight Council” (FSOC), Treasury Secretary Mnuchin indicated that he intends to discuss the CFPB’s handling of its investigation of Equifax’s massive 2017 data breach with the FSOC.
We blogged Tuesday about Reuters’ report that that the CFPB’s investigation has sputtered since it was authorized by former CFPB Director Cordray shortly after Equifax revealed the data breach. We commented that the Reuters report was not surprising since there is substantial doubt as to whether the CFPB has enforcement jurisdiction over data breaches. We also noted that even though the CFPB appears not to be involved in the Equifax matter, this has not stopped the FTC and state attorneys general from aggressively pursuing their own investigations.
Secretary Mnuchin’s statement that he plans to discuss the CFPB’s investigation with both the FSOC and Mick Mulvaney, President Trump’s designee as CFPB Acting Director, was made in response to concerns expressed by a Committee member about the CFPB’s inaction. The FSOC, which was established by the Dodd-Frank Act to analyze and mitigate potential threats to the financial sector, is comprised of representatives from each of the federal financial regulators, including the CFPB.
The Consumer Law & Policy Blog, in a blog post yesterday, quoted a CFPB spokesperson who stated that reports that the CFPB is not looking into the Equifax data breach and Equifax’s response are incorrect. The blog post also referenced an American Banker article that suggested that the CFPB is taking a backseat to the FTC, the lead investigator, and rather than abandoning its investigation, may in fact be coordinating with the FTC.