Dwolla’s $100K CFPB Security Fine Wasn’t For What It Did As Much As What It Said

Dwolla got slapped down hard on Wednesday (March 2) by the Consumer Financial Protection Bureau for a series of security violations. But due to a dearth of meaningful federal security laws, CFPB’s $100K fine of Dwolla had to follow in the footsteps of fellow federal regulator Federal Trade Commission. They can’t punish a company for what it did nearly as easily as they can punish it for not doing what it says.


That said, once Dwolla opened the door to federal investigators by boasting about its security on its Web site, every security violation discovered was fair game. Takeaway: In the same way that marketers of publicly-held companies were beaten down by senior staffers from investor relations to never say anything publicly without IR’s blessing, payment facilitators today must reign in anything involving security that even smells a little of hype. See? Our mothers were right. Boasting can deliver real problems. Once those doors were opened, according to a federal consent order published on Wednesday, security violations aplenty were found.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s