Compliance

The cryptocurrency exchange recently refunded $35 million to customers whose accounts had been drained by hackers. Here's what banks and other financial firms can learn from the attack.

The Consumer Financial Protection Bureau is in the early stages of developing a rule that could give bank customers far more say in how their information is being accessed by fintechs and data aggregators. What the final rule looks like will depend on how much consumers already know about the way their data is collected, stored and sold.

The Financial Services Information Sharing and Analysis Center has created a forum to let technology vendors provide security updates to their bank clients. Whether more steps need to be taken is a matter of debate.

The megabank is dealing with one less regulatory headache following the termination of an enforcement action related to the sale of identity protection products.

The Irvine, California, bank has been beset by compliance woes since early 2021, when state regulators issued an order requiring it to bolster its capital and reduce the concentration of its commercial real estate footprint.

The Consumer Financial Protection Bureau is more than a year away from issuing a proposal on consumers’ right to control the flow of their data between banks and third parties such as fintechs, according to people familiar with the bureau’s thinking. Many previously expected a plan to arrive this spring.

Chief Audit Officer Denise DeMaio will join Truist from MUFG, while Chief Information Security Officer Howard Whyte has experience at Boeing, Goldman Sachs and the FDIC.

Morgan Stanley agreed to pay $60 million to settle a class action suit by consumers claiming the firm failed to safeguard their personal information.

Banks have extra reason to be concerned by the news that a commonly used piece of software could be exploited by hackers.

Capital One Financial agreed to pay $190 million to settle a class action filed against it after a hacker broke into its cloud computing systems and stole their personal information.