Skip to main content

State Regulators Enter into Consent Order with Equifax

Today, eight state financial regulators entered into a consent order with Equifax, Inc. The order addresses serious deficiencies in the company’s cybersecurity program that resulted in the breach of personal data of almost 150 million consumers last year. 

The consent order can be read here. Announcements from individual states: California, New York, North Carolina, Texas.

Key facts:

  • Financial regulators from eight states led the action. The states represented are: Alabama, California, Georgia, Maine, Massachusetts, New York, North Carolina and Texas. 
  • The consent order arose from a joint examination these regulators performed of the company.
  • In the consent order, Equifax agreed to dramatically improve how it protects personally identifiable information. The company will undertake a restructuring of its risk management processes, strengthening of internal controls and processes, and enhanced oversight by the Board of Directors on the information security program.
  • The corrective actions will apply to Equifax’s operations nationwide.
  • Compliance with the consent order will be subject to regulator approval. Follow-up reports are required from the company.
  • The consent order preserves the right of individual states to bring additional actions.

Recent Blog Posts

Blog post
CSBS reports that the money services business is a large, growing and increasingly fintech-oriented sector within financial services
Oct 17, 2019
Blog post
This edition of the CSBS Data Corner explores trends in asset distribution between the largest institutions and all other institutions going back to 1976.
Oct 8, 2019
Blog post
The CSBS Community Bank Sentiment Index for September shows that bank optimism remains strong.
Oct 3, 2019
Blog post
State regulators are increasingly relying on new technology systems, data analytics, and common practices and standards to oversee fintechs and other financial institutions
Sep 26, 2019
exit