Removing Barriers Blog

CUNA shares concerns with HFSC on draft legislation including third-party vendor authority
Posted October 18, 2019 by CUNA Advocacy

Today, the House Financial Services Committee’s FinTeach Task Force held a hearing entitled, “AI and the Evolution of Cloud Computing: Evaluating How Financial Data is Stored, Protected, and Maintained by Cloud Providers.”  Prior to the hearing, CUNA wrote to Chairman Foster and Ranking Member Hill addressing concerns with draft legislation that would grant NCUA direct supervisory authority over third party vendors and credit union service organizations.

“Despite our reservations with the proposal and our association policy to oppose extending this authority to NCUA, in the interest of ensuring that our nation’s information security apparatus is as strong as it needs to be to combat cyberattack and data breach, we are open to continued dialogue regarding proposed amendments to the BSCA that could augment NCUA’s current oversight of third-party vendors and CUSOs,” the letter reads. “We have discussed this topic in detail with our membership committees and look forward to working with all stakeholders on this issue.”

CUNA’s concerns with the draft legislation include:

  • NCUA has exercised very effective regulation of CUSOs and third-party vendors without the authority, rendering the change proposed in the draft legislation a solution in search of a problem;
  • Extending this authority to NCUA could result in the agency increasing its budget to hire personnel with appropriate expertise to supervise these organizations; and
  • NCUA has yet to develop a clear vision of the scope of this authority or how they would implement it. This has made it impossible for CUNA to assess the impact it would have on credit union operations