CybersecurityU.S. financial industry pushes Congress to pass cybersecurity bill

Published 19 November 2013

Three financial-industry trade groups have issued a letter to senior members of the Senate Select Committee on Intelligenceto re-energize a campaign for moving forward with cybersecurity legislation. The trade groups, representing the U.S. largest financial institutions, said their ability to prevent cyberattacks will be hindered unless Congress acts.

Three financial-industry trade groups have issued a letter to senior members of the Senate Select Committee on Intelligence to re-energize a campaign for moving forward with cybersecurity legislation. The trade groups, representing the U.S. largest financial institutions, said their ability to prevent cyberattacks will be hindered unless Congress acts.

The Wall Street Journal reports that the industry is concerned with liability and threat of lawsuits if banks share their customers’ information with the government or halt certain financial transactions in response to cyber threats.

“Cybercriminals threaten consumer privacy by persistently and aggressively attacking while those who want to protect that private data are hindered from sharing attack information by a system that is weakened due to uncertainty over liability concerns,” wrote the heads of the Financial Services Roundtable, the Securities Industry and Financial Markets Association, and the American Bankers Association. “Congress can change that.”

Senator Dianne Feinstein (D-California), chair of the Intelligence Committee, is working with the committee’s senior Republican, Senator Saxby Chambliss (R-Georgia) on legislation which, she said, would “facilitate the sharing of cyber related information among companies and with the government and to provide protection from liability for so doing.”

President Barack Obama’s Executive Order, issued 12 February 2013, provides guidelines for facilitating data sharing but lawmakers and the financial industry believes legislation that offers liability protection is needed. Chambliss has expressed support of the legislation and hopes the Senate Intelligence Committee will act soon. “Those on the front lines of these attacks must be able to share cyber threat information freely and without fear of frivolous lawsuits, while still ensuring that the privacy interests of ordinary Americans are protected,” he told the Journal.

The financial industry supports an April 2013 House-passed cybersecurity bill, but the White House threatened a veto because the bill “does not require private entities to take reasonable steps to remove irrelevant personal information when sending cybersecurity data to the government or other private sector entities.”

Last month, President Obama met with Bank of America Corp. chief executive Brian Moynihan and other CEOs to discuss cybersecurity, and the Department of Commerce provided a draft of best practices for companies to manage cyber risks; however the financial industry insists that legislation is what is needed. “The industry is open to changes to the House bill if it means getting legislation passed,” said Karl Schimmeck, vice president of financial services at Sifma, the securities industry group. “We are supportive of the House bill, but we understand there probably is going to be some compromise,” Schimmeck said in an interview with WSJ “We really just want to see some progress.”