State Focus: Texas
By Texas Department of Banking Commissioner Charles G. Cooper
I am currently serving in my eleventh year as the Commissioner of the Texas Department of Banking (DOB), which is responsible for the supervision, regulation and examination of 228 state-chartered banks with aggregate assets of approximately $276.3 billion. Additionally, the DOB supervises trust companies, money service businesses, foreign bank agencies and branches, perpetual care cemetery trust funds and prepaid funeral contract sellers. I have more than 49 years of experience in the financial services industry – 12 as an FDIC bank examiner, 26 as a banker in both community and large banks, and the last 11 years as the Texas Banking Commissioner. I’m especially proud of the last 11 years, as we have been able to help protect the citizens of Texas while laying the groundwork for a vibrant economy and banking system.
In banking and regulation, risk mitigation is incredibly important. State statutes give regulators a set of authorities that allow us to help find risk before it develops into a major problem. When Equifax was breached in 2018, I found myself frustrated, as our state code provided the DOB no clear examination authority over consumer reporting agencies except to the extent they could be classified as third-party service providers. Our business and commerce code regulated consumer reporting agencies, but only the attorney general was involved as an enforcement mechanism, meaning there was no active supervision.
After the breach was announced, my state counterparts and I believed strongly that a targeted regulatory response was required. This resulted in a multistate examination that led to Equifax agreeing to strengthen its data security efforts. Among other things, while our efforts demonstrated the flexibility and responsiveness of the state financial regulatory system, I still felt that the Texas Legislature needed to act to give the DOB clearer statutory authority to examine consumer reporting agencies moving forward.
Our legal staff and I worked with bill sponsor State Senator Donna Campbell to pass S.B. 1823. The bill recognizes the significant relationship between banks, consumers and consumer reporting agencies and gives my agency the necessary tools to oversee these companies and protect consumers. Fundamentally, the bill expands the definition of third-party service provider to include credit reporting agencies and further subjects a third-party service provider that refuses to submit to an examination by the banking commissioner to an enforcement action under the Texas Banking Act or Texas Trust Company Act.
We faced stiff lobbying opposition from consumer reporting agency advocates, and I testified multiple times when the bill was in committee. Still, we had tremendous support in the legislature. The legislature shared our frustration over Equifax’s cyber negligence. The bill passed and was signed into law by Gov. Greg Abbott in June 2019.
Our original third-party service provider statute was the result of a lengthy effort from CSBS to create a model law. I worked very closely with my fellow states to develop the model law and then partnered with legislators and third-party service provider executives in Texas to ensure its passage.
Banks outsource a wide variety of critical business services to third-party service providers, including when they adopt cloud computing solutions or partner with innovative fintech companies. Third-party service providers are coming to the forefront at CSBS as the legislative committee has been advocating for the bipartisan H.R. 241, the Bank Service Company Examination Coordination Act. Introduced by Rep. Roger Williams (R-Texas) along with Rep. Gregory Meeks (D-N.Y.), this bill enhances state and federal regulators’ ability to coordinate examinations of and share information on banks’ technology vendors in an effective and efficient manner.
Texans and all Americans should know that the DOB and state banking departments across the country, along with leaders like Reps. Williams and Meeks, are working to keep the system safer. I cannot stress enough the importance of both S.B. 1823 and H.R. 241 as we seek to keep our citizens’ data secure and ensure bank service providers are supervised appropriately.
Aug 3, 2020
Aug 3, 2020
Aug 3, 2020
Aug 3, 2020
Jul 31, 2020