Despite a raging battle on Capitol Hill over member business lending, credit union and bank trade associations agree on four House bills that address cyber security.
A letter to House Speaker John Boehner (R-Ohio) and Minority Leader Nancy Pelosi (D-Calif.), signed by CUNA, NAFCU, the American Banker Association, Independent Community Bankers of America and others, primarily supports H.R. 3523, the Cyber Intelligence Sharing and Protection Act, which would remove roadblocks to the sharing of threat information and enhance analysis and prevention tools.
The bill would give the Financial Services – Information Sharing and Analysis Center increased access to and authority to share timely, actionable threat information with its private-sector members.
However, the White House has threatened a veto of this measure. CUNA Senior Vice President of Legislative Affairs Ryan Donovan said the Obama Administration instead wants the Department of Homeland Security to be the central government entity responsible for combatting cyber security threats.
However, Homeland Security’s involvement could lead to additional regulatory burden for credit unions, Donovan said. He called the DHS a “federal regulator that may not have an appreciation for the impact of its regulations on financial institutions in general and small financial institutions in particular.”
Additionally, the administration does not like the liability protections that protect financial institutions from being sued for privacy violations when they share information with the government.
Brad Thaler, NAFCU vice president of legislative affairs, said the Obama Administration feels the liability protections for financial institutions doesn’t do enough to protect civil liberties and personal privacy.
The bill is expected to pass the House on Thursday or Friday, Thaler said, but the Democrat-controlled Senate will likely “craft something different” that will address the White House’s concerns. The bill still has “a ways to go” between passing the House and landing on the president’s desk, Thaler said.
H.R. 3523 doesn’t address credit union-specific issues such as card breaches, Thaler said, but instead takes a broader approach, aiming to prevent large infrastructure attacks that attack payment systems, the Internet or power grids.
“It doesn’t go as far as we’d want in terms of data security, but at least it’s a step in the right direction,” the NAFCU lobbyist said.
The financial services coalition also supports H.R. 2096, the Cybersecurity Enhancement Act, which would increase public awareness and establish programs to increase the federal cyber work force; H.R. 3834, Advancing America’s Networking and Information Technology Research and Development Act, providing funding for government research and development of next-generation security controls; and H.R. 4257, the Federal Information Security Amendments Act, which would update the federal framework for protecting federal information technology systems.