Skip to main content

State Regulators Enter into Consent Order with Equifax

Today, eight state financial regulators entered into a consent order with Equifax, Inc. The order addresses serious deficiencies in the company’s cybersecurity program that resulted in the breach of personal data of almost 150 million consumers last year. 

The consent order can be read here. Announcements from individual states: California, New York, North Carolina, Texas.

Key facts:

  • Financial regulators from eight states led the action. The states represented are: Alabama, California, Georgia, Maine, Massachusetts, New York, North Carolina and Texas. 

  • The consent order arose from a joint examination these regulators performed of the company.

  • In the consent order, Equifax agreed to dramatically improve how it protects personally identifiable information. The company will undertake a restructuring of its risk management processes, strengthening of internal controls and processes, and enhanced oversight by the Board of Directors on the information security program.

  • The corrective actions will apply to Equifax’s operations nationwide.

  • Compliance with the consent order will be subject to regulator approval. Follow-up reports are required from the company.

  • The consent order preserves the right of individual states to bring additional actions.

Recent Blog Posts

Blog post
Greg Gonzales speaks at the 2017 Research Conference on the value of state financial regulation.
Sep 20, 2018
Blog post
The FDIC joins the Federal Reserve and CSBS in cosponsoring the annual conference, now in its sixth year
Sep 19, 2018
Blog post
CSBS report points to a retiring workforce of appraisers as well as limited waiver options for affected communities
Sep 6, 2018
Blog post
CSBS continues to press the Senate to confirm Miki Bowman as a Federal Reserve Board Governor, filling a seat per federal law requiring community bank supervisory experience or that of a community banker
Aug 24, 2018