Equifax’s Big Little Fine

A lot of money, and a lot left to do

Jul 24, 2019

SMITH BRAIN TRUST  “It’s a lot of money,” says Maryland Smith’s Clifford Rossi, of the nearly $700 million that credit reporting giant Equifax has agreed to pay over a massive data breach it disclosed two years ago.

But far more needs to be done, adds Rossi, Executive-in-Residence and Professor of the Practice at the University of Maryland’s Robert H. Smith School of Business.

“That’s a big number for a company the size of Equifax. That’s almost a bank-like settlement, so they got slapped on the wrist pretty hard,” he says.

Still, he adds, little appears to have changed at Equifax in the nearly two years since the company disclosed the catastrophic breach that exposed the names, addresses, social security numbers and other data of some 146 million consumers.

“Take a look at Equifax’s website, and look at their board and senior leadership. You still won’t see anyone with a title of risk anything,” says Rossi, who before coming to Smith served as chief risk officer for Citigroup’s Consumer Lending Group. There’s no chief risk officer, or CRO. Neither is there a chief information security officer, or CISO, “a standard position at all the big banks these days for exactly these reasons.”

The credit reporting giants – Equifax, Experian and TransUnion – are “universally important” to the financial services industry, he says, but still face little regulatory oversight. “And as a result, we are all at their mercy. We are taking for granted that they know what they’re doing. And there’s no guarantee, as we saw with that breach, that they have good practices in place to prevent what happened.”

Rossi has also been calling for a holistic review of government oversight of the financial sector and the non-bank entities, or shadow banks, growing up around it.

There are worries, he says. Facebook’s proposed Libra cybercurrency is among the newest. There’s also the ongoing proliferation of nonbank financial institutions now dominating the origination and servicing of the mortgage industry, the boom in financial technology, or fintech, companies. “There is a transformation that is going on in financial services that our regulatory frameworks are not well-suited to handle going forward. Banks are also not in as good a position to really compete effectively at this point. So I do see a lot of change happening fast and our regulatory environment and our laws are kind of behind the times.”

Rossi is not “a big regulation person.”

“But my perspective is that if you are a significant provider of services to the financial sector, or a digital currency, or a fintech company, or a nonbank that provides mortgage origination or servicing, you are going to have to agree to be regulated in a significant way,” Rossi says.

There was one encouraging sign, he says, included in the settlement released this week. It’s a requirement that Equifax research methods of identity verification that do not include Social Security numbers, perhaps relying instead on digital voice prints. It’s a recommendation that Rossi says is long overdue.



About the Expert(s)

Clifford Rossi

Clifford Rossi is an executive-in-residence and professor of the practice at the Robert H. Smith School of Business, University of Maryland. Prior to entering academia, Rossi had nearly 25 years' experience in banking and government, having held senior executive roles in risk management at several of the largest financial services companies. His most recent position was managing director and chief risk officer for Citigroup's Consumer Lending Group where he was responsible for overseeing the risk of a $300+B global portfolio of mortgage, home equity, student loans, and auto loans with 700 employees under his direction. While there he was intimately involved in Citi's TARP and stress test activities. He also served as the chief credit officer at Washington Mutual (WaMu) and as managing director and chief risk officer at Countrywide Bank.

More In


2020’s Midyear Stocks To Watch

David Kass’ stock picks tend to outperform the market. Here is his latest list of stocks to watch.

Jul 01, 2020
What Young People Should Know About Money

It’s different when you graduate in a pandemic era. Some things haven’t changed, however, like the personal finance advice that young professionals should follow.

Jun 30, 2020
The Downside of the Credit Score Protection Bills

When faced with an economic downturn, policymakers look to adopt measures to ensure that consumers can gain access to vital credit. But sometimes the measures have unintended consequences.

Jun 23, 2020