Money troubles: hosting security and CFPB compliance

When designing a website that deals with health, all responsible parties know that they need to be concerned about HIPAA protections, but there are many sites that handle financial issues without addressing CFPB protections. CFPB – the Consumer Financial Protection Bureau – isn’t a singular set of regulations regarding financial dealings, but rather an entire agency that works to prevent deception regarding mortgages, investments, and banking. In order to maintain a state of transparency, the CFPB shares important rules to consider regarding financial content on your website.


What the CFPB Does

The CFPB directly covers a number of sectors and is responsible for preventing predatory or discriminatory lending, protecting the financial privacy of individuals, encouraging open markets and fair competition, and eliminating unnecessary regulations. With such broad economic concerns, it’s unsurprising that everyone from stock brokers to realtors have responsibilities – in their direct dealings and online – to upholding CFPB standards.

Simply put, however, the CFPB has two major concerns: honesty or industry transparency and privacy or personal security. Its regulations, then, must balance the good of a publically regulated market with the importance of personal financial security.


Transparency as Protection

An exemplary model of transparency as regulated by the CFPB is the Know Before Your Owe mortgage initiative. Designed to emphasize the importance of pre-loan education and disclosure in the mortgage process, and to offset issues previously raised by subprime mortgages and other risky lending. By using straightforward language and easy to understand forms, Know Before You Owe drops the legalese and jargon in favor of clear, everyday terms.

How do transparency issues translate to your website? When designing a website that addresses financial issues, it’s important that your site not make any misleading statements. Review your site content thoroughly to ensure that potential clients don’t enter any process under false pretenses. Of course, there will be other opportunities to remedy miscommunications down the line, but avoid getting swept up in marketing language. Promotion can quickly transform into misinformation.


Privacy, Data Security, and the Web

More important than your site content, however, is how your site maintains client privacy. That’s why you’ll want to start out by doing careful research on your web host. For example, you should only host sites that deal in financial information on a dedicated server. Dedicated servers are used only by your company, reducing the likelihood that another entity will be able to access or hack into your data. Shared servers, on the other hand, pose too much of a risk to data security, and should be avoided when protected information is involved.

Until recently, it was unclear how firmly CFPB regulations would be enforced, but recently individual financial data privacy has become a top concern at all levels of government. An increased focus, coupled with the first CFPB security enforcement action in March 2016, demonstrate that companies need to take privacy concerns more seriously, or they’ll face regulatory and financial repercussions.

This first action, centering on Dwolla, an online payment system, draws on the language of “unfair, deceptive, and abusive acts and practices (UDAAP)” to claim that Dwolla failed to maintain the required financial privacy protections, although the company’s website claims that it not only offers adequate protections, but exceeds industry standards.

Here we see a perfect representation of the two core issues mentioned above – systematic transparency and personal privacy. According to CFPB, Dwolla’s site failed on both fronts.

Where you host your website and what it says are the two main ways your company may find itself in violation of CFPB regulations, which is why it’s important to make sure you’re accurately representing your business online, while also guarding your clients.

Build your site on honesty – and with a good host and secure server – and you should be fine.

About the author

With a passion for Knowledge, Smashinghub has been created to explore things like Free Resources For Designers, Photographers, Web Developers and Inspiration.

Twitter Visit author website

Subscribe to Smashing Hub

Comments are closed.