Main Content

TCH recommends stricter, more robust data security requirements for Fintech companies in order to align them with the requirements that govern functionally similar activities at banks.

Consumer protection gaps remain in the revised FTC Safeguards Rule between the regulatory data security requirements for fintechs as compared to traditional financial institutions, even when they engage in the same activities. Fintechs, like banks, hold vast amounts of highly sensitive consumer financial data. Proper handling of that data is essential for both. But, due to their operational jurisdiction, fintechs are not always required to maintain sufficient safeguards to protect that data, which puts consumers and providers at risk of compromise. TCH states in this comment letter that the proposed Safeguards Rule should be modeled after the Interagency Guidelines/FFIEC guidance. Banks and fintechs need to be subject to the same standards aimed at properly protecting consumer financial data when they are engaged in functionally similar activities.

Download the full comment letter here.