Data and information management

The agency proposed reporting standards for any institution that originates 25 or more small-business loans a year. The measure would be especially burdensome for very small lenders and could limit credit access in underserved communities, critics say.

Though banks were not directly affected by security flaws discovered in Azure systems last week, they need to be aware of the kinds of misconfigurations that could lead to massive data breaches.

For banks that want to replace usernames and passwords with more secure options, there's hope: Consumers are becoming more comfortable with biometrics, the technology is getting easier to use and regulators are starting to require it.

Chief executives from across the business world are set to join President Biden for a discussion Wednesday on how industry and the federal government can partner to improve cybersecurity in the face of debilitating ransomware and cyberattacks.

Infrastructure will command most of lawmakers’ attention, but expect banks to keep pushing for bills that would ease the transition away from a key benchmark rate and help them serve legal cannabis businesses.

The U.S. and its neighbor to the north are each developing frameworks to give consumers control over financial data and allow companies to transfer account information. A recently issued Canadian government report could influence efforts in both countries, analysts say.

The incident, which may have exposed customers’ account information to other customers, was caused by a technical glitch, the company wrote in a notice posted on a state attorney general's website.

The size of the financial commitments was not disclosed, but they add to a $425 million fundraising round that the data aggregator announced earlier this year.

Online attacks on travel and other nonfinancial industries grew at a much faster rate in the second quarter than those on financial services companies. Yet hackers pose considerable risk to banks and credit unions, especially in payments.

The Federal Financial Institutions Examination Council says bank accounts and information systems have become more vulnerable as mobile and other technologies have expanded. It issued guidelines on detailed steps financial institutions should take to heighten security.

The San Francisco data aggregator has committed to minimizing how much data it extracts from bank accounts.

Companies like Arkose Labs say they're so confident in their ability to deter the attacks — automated attempts to break into online banking sites using stolen usernames and passwords — that they can offer banks a warranty.

Banks should favor the development of U.S. data rules that let them freely share consumer information with, and receive it from, fintechs. The alternative, where banks merely send data to third parties for a fee, would be less competitive and less beneficial for all parties.

Criminals' efforts to steal identities and take over accounts have become increasingly sophisticated. Banks must upgrade their mitigation processes, which can be held back by antiquated systems and organizational silos.

Citigroup’s chief financial officer said China’s recent moves to crack down on companies isn’t likely to harm the bank’s business across the Asia-Pacific region.

After recent attacks on ATM networks, the PCI Council, a prominent standards body, recommended extra protections for mainframes that handle card and payment data.

The Reserve Bank of India says the card brand failed to comply with a requirement to store transaction details locally. The handling of payment information has become a point of contention between the Asian nation and American firms.

Salt Labs researchers exploited four types of vulnerabilities in the application programming interfaces of a large financial company. Their findings contradict conventional wisdom about the safety of APIs in the sharing of consumer data.

The technology holds great promise for financial services, but it could be just as powerful for scammers looking to break payment card encryption. Visa, Mastercard and others are already building new defenses.