ABA Against Reg. E Amendment

Johnson Opens Dialogue About Schumer's Reg. E Suggestions

By , May 31, 2011.
ABA Against Reg. E Amendment

S

See Also: Cloud Infrastructure: Same Security Needs, Dynamic New Environment

en. Charles Schumer's amendment to Regulation E, which aims to give local governments and school districts the same level of protection as consumers, could set an adverse precedent for financial institutions, says Doug Johnson, vice president and senior advisor of risk management for the American Bankers Association.

"Absolutely no banker wants to see a municipality or a school district suffer fraud losses," Johnson says. Schumer's amendment is a response to the ongoing threat of ACH/wire fraud.

Giving local government and school districts such protections means that their liability could be capped at $50 for losses -- losses that could exceed hundreds of thousands of dollars, Johnson says.

The passing of Schumer's amendment could create even more problems for municipalities and school districts, because banks may not take on those entities on as clients because; the heightened risk associated with them would make them unattractive, Johnson says. Banks also may raise the price for services they charge, to cushion themselves if and when a breach does occur.

"If Regulation E protections apply to such accounts, banks would have to either significantly re-price those accounts, re-price their ACH and wire services, or just stop providing the online services," Johnson says. The APA is opening a dialogue with Schumer in an effort to ensure the needs of banks and their customers and clients are taken into consideration.

During this interview [transcript below], Johnson discusses:

  • Why the ABA is opposes changes to Reg. E;
  • How the ABA expects to educated Congress about the need for more commercial education about ACH fraud;
  • Why education is needed to maximize security.

Johnson is the American Bankers Association's vice president and senior advisor risk management policy, where he is involved in a variety of public policy and compliance issues. He currently leads the association's enterprise risk, physical and cyber security, business continuity and resiliency policy and fraud deterrence efforts. He has assisted in the ABA's release of a series of resources to deter bank robberies, assess information technology risk, deter phishing, safeguard customer information and buttress emergency preparedness.

Johnson represents the ABA on the Financial Services Sector Coordinating Council, which advises the federal bank regulatory agencies on homeland security and critical infrastructure protection issues, and serves on the BITS/Financial Services Roundtable Security Steering Committee. He is also a board member of the Financial Services Information Sharing and Analysis Center, a private corporation that works with government to provide the financial sector with cyber and physical threat and vulnerability information, as part of the nation's homeland security initiative.

Schumer's Amendment and the Banking Industry

TRACY KITTEN: This amendment to Regulation E, which is now before the Senate, if passed would give local governments and school districts the same level of protection under Regulation E as consumers. From a high-level perspective, what does this proposed amendment mean for the banking industry?

DOUG JOHNSON: Absolutely no banker wants to see a municipality or a school district suffer fraud losses. That is first and foremost why we are in the business of trying to protect those customers and helping those customers protect themselves. However, giving such customers Regulation E protections means that their liability could be capped at $50 dollars for losses that could be in the hundreds of thousands of dollars.

We certainly welcome the opportunity to discuss with the senator ways to protect these kinds of customers without shifting the liability for losses so dramatically. And that is particularly true when the municipality or school district did not adequately secure their computers or might not have appropriate internal controls in place.

I think that the bottom line for the industry is in partnership with those customers. We can go a long way toward solving these problems and we look forward to working with the senator to make sure that his concerns are addressed as well.

KITTEN: It has been suggested that if this amendment were to pass it could create more problems for local governments and school districts as banks might not want to take on these entities as clients because of the risk associated with them. Or the banks might raise the price for services they charge these entities to cushion themselves if and when a breach does occur. What is your perspective on this argument?

Follow Jeffrey Roman on Twitter: @gen_sec

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE The Privacy Manifesto

Intel Security CPO Michelle Dennedy has just written the book on privacy. What are the key...

Latest Tweets and Mentions

ARTICLE The Privacy Manifesto

Intel Security CPO Michelle Dennedy has just written the book on privacy. What are the key...

The ISMG Network