California and Nevada Credit Union Leagues Deliver Data Security Win in Congress

Reps. Pete Aguilar and Lucile Roybal-Allard
Reps. Pete Aguilar and Lucile Roybal-Allard added a small provision into the funding bill requiring CISA to conduct a review of basically why data breaches occur at the point-of-sale or card-not-present transaction.

Amidst the news of the COVID-19 Stimulus and Government Funding bill being signed into law this week, the California and Nevada Credit Union Leagues have notched a small but significant win for credit unions in the battle of data and payments security.

Included in the government funding portion of the bill is a threat assessment and briefing to Congress from the Cybersecurity and Infrastructure Security Agency (CISA) on the topic of vulnerabilities of point-of-sale and online purchase systems. This assessment came about during conversations between the Leagues’ advocacy team and Rep. Pete Aguilar (D-California), vice chairman of the House Appropriations Committee and member of the subcommittee on Homeland Security.

“In pre-pandemic conversations discussing credit union issues, the Leagues expressed concern that data breaches continued to plague credit unions and while the House and Senate lack consensus on legislation, we could be aided by examining the root cause of breaches,” said Leagues Vice President of Federal Government Affairs Jeremy Empol. “The result was asking for direct input from the government agency that oversees cybersecurity to weigh on how to help break the logjam on this issue.”

Reps.  Aguilar and Lucile Roybal-Allard (D-California), chairwoman of the House Appropriations Subcommittee on Homeland Security, added a small provision into the funding bill for the Department of Homeland Security, requiring the Cybersecurity and Infrastructure Security Agency (CISA) to conduct a review of basically why data breaches occur at the point-of-sale or card-not-present transaction. CISA then must provide information to the appropriate committees of Congress along with recommendations to address this issue.

The path to law includes checking multiple boxes, Empol said. While a threat assessment and review of the problem seems nominal, in the end having an agency suggest options for a resolution brings additional credibility to this issue impacting credit unions.

“This won’t change the policy overnight—think of it as a getting a runner to first or a 20-yard pass down the field; they are all important steps in get to the goal, Empol added. “The Leagues express great appreciation to Reps. Roybal-Allard and Aguilar for their leadership in protecting consumers and financial institutions.”

Click here to read the exact language within the bill (found at the bottom of page 52) 

Pin It