The only newsletter that scans and analyzes the full breadth of regulatory developments every day. Written and curated by
9.8.17 - Thank God It’s Friday. Unless you happen to work in the Equifax public relations department.
When it comes to PR, about the best a credit reporting agency can hope for is that people don’t outright hate it. For members of the general public, interacting with them is like dealing with the cable company or going to the dentist. Everybody does it at some point, but never because they want to.
So it’s virtually never good news for a credit bureau when it’s name is in headlines, and that rule held true for Equifax on Friday morning, when the U.S. awoke to the news that the Atlanta-based company had admitted that a July data breach exposed vast amounts of personal information belonging to some 143 million consumers, including 209,000 credit card numbers.
The agency said that outside attackers were able to capture names, Social Security numbers, birth dates, addresses and driver’s-license numbers — a treasure trove of personal data for criminals seeking to commit identity theft or other kinds of financial fraud.
The Wall Street Journal
That, all by itself, is a disaster for the company. But it isn’t even close to the end of the story.
The most glaring fact outstanding in reports about the breach is that the company has known about it since July 29.
It offered no explanation for the 10-week delay in letting the victims of the breach know that their personal information was in the hands of hackers.
At a minimum, one would assume that given that much lead time, Equifax would have prepared an airtight response -- setting up a system to inform and assist consumers affected by the breach. But the company did not.
In brutal detail, Bloomberg’s Polly Mosendz on Friday morning
At this point, readers might be saying to themselves, “Wow! Could this possibly get any worse?”
Yes. Yes, it could.
The company also had to disclose that three senior executives unloaded $1.8 million in company stock shortly after the discovery of the breach. The company said in a statement that CFO John Gamble, president of U.S. information solutions Joseph Loughran, and workforce solutions president Rodolfo Ploder “had no knowledge that an intrusion had occurred at the time.”
Still, it’s not a good look for a company already doing serious damage control.
Like what you've just read?
Today’s Key Reads
Accounting Today - The audits of companies’ internal controls mandated by the Sarbanes-Oxley Act are good predictors of financial fraud, according to a new study. The study found the incidence of fraud disclosures at companies previously found by auditors to have material weaknesses in their internal controls is approximately 80 to 90 percent greater than companies on average.
Accounting Today - A group of four lawmakers has sent a letter to an internet governing body expressing concern about how the proposed .cpa domain extension might be exploited by fraudsters pretending to be CPAs.
American Banker - Since the Internal Revenue Service declared virtual currency to be a form of property in 2014, all bitcoin transactions have become a tax reporting nightmare. Now, two Congressmen are proposing to make cryptocurrency more viable by easing up on those requirements.
American Banker - One year after the San Francisco megabank paid $190 million in fines and restitution to settle charges that thousands of employees opened millions of unauthorized checking and credit card accounts for customers, Wells remains mired in scandal and struggling to repair its once-pristine reputation.
American Banker - The Senate Banking Committee on Thursday approved the nominations of Randal Quarles for vice chairman of supervision at the Federal Reserve Board and Joseph Otting to run the Office of the Comptroller of the Currency. They will now be sent to the full Senate for confirmation.
Credit Union Journal - Wells Fargo’s continued missteps following revelations last year that the bank created millions of unwanted accounts for customers may lead to additional hearings on Capitol Hill.
National Mortgage News - State regulators are modernizing their common licensing platform for nonbank financial institutions, hoping the update will help convince wary fintechs that they don’t need to pursue a national charter being developed by federal regulators.
Extra Credit
Reuters - Reports that European regulators have agreed in principle on the need for a cut in the European Central bank’s stimulus program drove stocks down and sent investors on the hunt for government and euro bonds.
Wall Street Journal - Lawmakers appear to be coalescing around a deal to continue controversial subsidy payments to health insurers, after a threat to eliminate the Affordable Care Act-mandated payments caused concerns about a collapse of the market for individual insurance policies.
Financial Times - The New York State Department of Financial Services fined Pakistan’s largest bank $225 million and will force it to stop operating in the US. Habib Bank, the regulator claimed, had numerous compliance failures that “opened the door” to terror finance.
The Financial Times - Catastrophe bonds, unsurprisingly, are taking a beating in the markets as investors consider the damage from Hurricane Harvey and the prospect of even more destruction from Hurricane Irma.
Bloomberg - As counter-intuitive as it may seem, this may be a very good time to be selling a home in Houston -- as long as you built it on a hill. In the wake of Hurricane Harvey, undamaged housing is fetching top prices.