May 18, 2017 / 5:31 PM / 10 months ago

Inspector finds holes in U.S. consumer agency's information safeguards

WASHINGTON (Reuters) - The U.S. watchdog agency that investigated and fined Wells Fargo & Co for creating phantom accounts, and which regularly penalizes large banks and lenders on behalf of consumers, has holes in its systems for protecting confidential information, the office charged with inspecting its operations said on Thursday.

The relatively new Consumer Financial Protection Bureau has made confidential investigative information “available to employees when they do not need it to perform their assigned duties, increasing the risk of inadvertent or unauthorized disclosure,” the Federal Reserve Inspector General’s office found in its report.

The inspector general only looked into whether the CFPB’s enforcement arm had effective safeguards for sensitive information, and not if the information had been disclosed without authorization.

The CFPB, created in the 2010 Dodd-Frank Wall Street reform law to protect individuals against fraud, receives its funding from the central bank and is subject to checks by the Fed’s internal inspection office.

The inspector general pointed to the enforcement office’s “challenges with updating access rights” and an information technology system migration for giving 113 CFPB staff members the ability to read the restricted records.

It added the enforcement office is not consistent in naming and storing files, creating other opportunities for unauthorized people to view information.

Ultimately, when a worker was moved from one case to another the agency was slow in cutting off the person’s ability to access information on the prior case.

The office, which the report said has obtained $11.5 billion in relief for more than 27 million consumers, began working to improve protections while the inspector general was conducting the study and in its responses in the report the CFPB said it had already limited the access of unauthorized users.

A spokesman for the CFPB said there were no indications of unauthorized access to information outside CFPB or of inappropriate access within the agency.

Reporting by Lisa Lambert; Editing by Bernadette Baum

0 : 0
  • narrow-browser-and-phone
  • medium-browser-and-portrait-tablet
  • landscape-tablet
  • medium-wide-browser
  • wide-browser-and-larger
  • medium-browser-and-landscape-tablet
  • medium-wide-browser-and-larger
  • above-phone
  • portrait-tablet-and-above
  • above-portrait-tablet
  • landscape-tablet-and-above
  • landscape-tablet-and-medium-wide-browser
  • portrait-tablet-and-below
  • landscape-tablet-and-below