trending Market Intelligence /marketintelligence/en/news-insights/trending/mxJKChxM2_G68kMYY10ZRQ2 content esgSubNav
In This List

Lawmakers call for enhanced oversight of cloud services after Capital One breach

Blog

Price wars in India: Disney+ Hotstar vs. Amazon Prime Video vs. Netflix

Blog

Volume of Investment Research Reports on Inflation Increased in Q4 2021

Blog

Using ESG Analysis to Support a Sustainable Future

Podcast

Next in Tech | Episode 48: The everything that is Industrial IoT


Lawmakers call for enhanced oversight of cloud services after Capital One breach

In the wake of the Capital One Financial Corp. data breach that jeopardized millions of consumers' private information, two Democratic lawmakers are calling for enhanced supervision of cloud services companies that banks use to store data.

New York Rep. Nydia Velázquez and California Rep. Katie Porter sent a letter to the Financial Stability Oversight Council asking it to apply a rarely used regulatory designation to Amazon Web Services, Microsoft Azure and Google Cloud.

That designation, known as a "systemically important financial market utility," or SIFMU, places an institution under more rigorous oversight. FSOC, which determines whether to label more-risky companies, is made up of the heads of each financial regulator.

The designation is less common than the "systemically important financial institution" label, which places banks under enhanced supervision and more-stringent capital standards. Only eight companies have been designated SIFMUs by FSOC since 2012.

The Capital One data breach, first disclosed in July, occurred when an alleged hacker, currently in custody, exploited a vulnerability in Amazon.com Inc.'s web services platform.

"Last month's data breach at Capital One was the most recent in a string of incidences demonstrating the dangerous breadth of banks' and financial institutions' increasing reliance on cloud computing — and the reach of Amazon Web Services in particular," the lawmakers wrote to FSOC.

The lawmakers' letter follows other efforts to oversee financial institutions' relationships with data service providers and to investigate how to avoid future breaches.

"While it has been determined that an error by Capital One enabled the breach, the incident raises new and serious questions about banks' and financial institutions' dependence on cloud services for their data needs —and the risks these systems pose to the safety and stability of the financial system," the lawmakers wrote.

Velázquez and Porter requested that FSOC reply with its decision on whether to designate the companies as SIFMUs by Sept. 15.