President Barack Obama laid out a new, improved plan for shoring up the nation's cybersecurity defenses. The plan, which includes a 30 percent increase in federal budget allocations for cybersecurity initiatives in fiscal year 2017, which begins Oct.1, 2016, has been applauded by banking groups. Separately, the White House made clear the President will veto any legislation passed by Congress limiting Operation Choke Point, a controversial Justice Department program that seeks to disrupt financial flows that support criminal enterprises.
Operation Choke Point has been criticized by banks, acquirers and ISOs, who say the heavy hand of regulators, guided by the Justice Department, has forced them to deny access to the payment system for certain categories of merchants. Regulators, such as the Federal Deposit Insurance Corp., maintain they never insisted banks cease doing business with any one type business. Rather they want banks to stay clear of dubious accountholders and activities.
"Our supervisory efforts to communicate these risks to banks are intended to ensure institutions perform the due diligence, underwriting and monitoring necessary to mitigate the risks to their institutions," FDIC Chairman Martin Gruenberg stated in testimony in 2015 before a panel of the House Financial Services Committee.
Apparently, regulators' assurances that they weren't out to choke off entire vertical markets weren't enough to satisfy lawmakers. On Feb. 4, 2016, the Financial Institution Consumer Protection Act of 2016 (H.R. 766), intended to limit Operation Choke Point, was approved overwhelmingly by the U.S. House of Representatives. The bill, introduced by Rep. Blaine Luetkemeyer, R-Mo., stipulates, among other things, that regulators demonstrate "material reasons" for ordering financial institutions to cut-off high-risk accounts.
The legislation isn't expected to become law, however. The White House reacted to the vote by declaring the measure would likely be vetoed should it reach the President's desk. But first, the bill has to be approved by the Senate.
"Requiring federal banking agencies to satisfy a written materiality requirement is unnecessary, overly burdensome and could impede federal banking agencies' ability to ensure financial institutions comply with important regulatory obligations, including maintaining effective risk management and controls," the White House said in a statement following House passage of H.R. 766.
Meanwhile, the White House is interested in working with the private sector on a new Cybersecurity National Action Plan, or CNAP for short. But its fate doesn't seem much better than that of H.R. 766.
That plan, unveiled Feb. 9, calls for creation of a new federal executive, a Chief Information Security Officer. It also earmarks $3.1 billion to retire legacy information technology (IT) and invest in new IT, and billions of dollars more for a National Cyber Security Alliance. The Alliance's duties would include working with MasterCard Worldwide, Visa Inc. and other payment companies to bolster the security of online transactions and information through widespread implementation of enhanced technologies such as multifactor authentication.
President Obama, in announcing the initiative, noted that many of the computer systems that drive federal initiatives today are archaic. The Social Security system, for example, runs on a Cobalt platform dating back to the 1960s. "If you've got broken, old systems – computers, mainframes, software that doesn't work anymore – then you can keep putting a bunch of patches on it, but it's not going to make it safe," he said.
Business and banking groups have come out in support of the plan, which would boost federal budget outlays for cybersecurity initiatives by $19 billion for fiscal year 2017. "Community banks are on the front lines of defending against cyber-threats and take their role in securing data and personal information very seriously," the Independent Community Bankers of America said in a statement. "Today's initiative can further facilitate robust collaboration across industries and sectors and enable a better understanding of key cybersecurity interdependencies between the government and private sector."
But lawmakers aren't keen on taking up the proposal. In a jointly issued statement, the chairmen of the budget committees in the Republican-controlled House and Senate said they would not hold hearings on the President's budget proposals.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next