February 28, 2006 Assistant Secretary for Financial Institutions Emil Henry Good morning. I appreciate you having me here today. When Dan Mica asked me to speak, I was delighted to accept. He continues to be a great advocate for credit unions and cares deeply about the mission of CUNA and I appreciate his continued leadership. Before assuming my position as Assistant Secretary of the Treasury for Financial Institutions last October, I had spent more than 20 years on Wall Street. Since then, I am learning quickly that there are many great organizations – such as CUNA – working to provide financial services to so many hard working Americans. I would like to thank you for your hard work in communities all over the United States. I would like to spend my time here on a few topics. Today, I am thrilled to be able to announce the creation of a new federal forum to focus on consumer financial issues. Next, I want to discuss an issue that is important to CUNA and Treasury: data security and its effect on consumer confidence. I would be negligent if I didn't add issues that I know are close to your hearts – regulatory burden and National Credit Union Administration's (NCUA) prompt corrective action (PCA) proposal. But first, let me start out with a few thoughts on the economy. General Economic Overview
It should be heartening to all of us to think for a moment of how we got to this place amidst all the obstacles that stood in our way. Let us spend a minute on some history, and please indulge me while I give you a perspective on this history from my former perch on Wall Street. The President took office in January of 2001, a time when it had become clear that the lofty valuations of the technology, internet and telecommunications boom that peaked in early 2000 had been premised on forecasts and assumptions that were unrealistic and unsustainable. As you all saw in the spike and subsequent drop in your 401(k) statements, stock market valuations in the period immediately preceding this administration were, indeed, a bubble. So, it is a fact that the President inherited an economy in retrenchment. The consensus is that the recession began in March of 2001 tied to the natural process of squeezing out the excesses and exuberance of the latter 1990s. So, it is just not credible to pin the economic decline of that period on this Administration. Then of course there were the attacks of September 11th. As you heard in my introduction, I spent over 20 years on Wall Street as an investment banker and manager of investment funds before coming to Washington. One of the benefits of sitting at a prominent Wall Street firm is that when you deal with the largest most sophisticated corporations in the world, you have a window into their most sensitive, non-public financial and strategic plans. You often hold and review the most sensitive forecasts of key indicators such as earnings and capital spending. You deal directly with CEOs and CFOs and are privy to their key strategic thinking. Indeed, you help mold it. When there is a dislocation like September 11th, investment bankers have a quick and clear view of how wrenching such a dislocation will be by virtue of their access to information at the highest level. Let me give you a sense of what we saw. First, we witnessed a phenomenon across Wall Street referred to as "pencils down" which means every banker, every lawyer, every consultant, and every financial service provider simply stopped working on the financial imperatives of corporate America. Merger negotiations ceased. IPOs came to a full stop. Debt financings were put on hold. Then, and as we all know, we witnessed economic activity slow to a snail's pace. Travelers stopped getting on airplanes, and destination spots of the hotel and leisure industry saw bookings plummet. And all the attendant spending associated with these activities slowed demonstrably. Then, as if a recession followed by an attack impacting trillions of dollars of net worth were not enough, the markets were dealt further uncertainty: two of their highest flying, most highly valued, most entrepreneurial, most forward thinking non-bubble companies built in the midst of the bubble were suddenly shown to be pure fiction. I am speaking of course of Enron and WorldCom. When these companies were shown to be laden with fraud, the market further suffered. The impact of this realization on the confidence of our markets cannot be overstated. I sat in my office in the summer of 2002 and watched the markets react in full plummet. June and July saw equity prices fall 8-9% each month. Credit spreads blew out to unprecedented levels. We felt like we had been punched in the stomach. As an investment manager, there simply was no place to hide. Enron and WorldCom cast a pall over the markets that impaired investor confidence and reduced financial asset valuations, resulting in a substantial hit to household net worth. When it was all said and done, the NASDAQ dropped about 75% from its peak level in early 2000 to its lowest point in 2002. More broadly, equities did something they have never done in history: they declined for three years in a row (2000, 2001, and 2002). I would bet there are few in this room without a personal story of their net worth being impacted by these events. Of course, Enron and WorldCom like the recession of 2001 were born of the bubble and, like the recession of 2001, their legacies were inherited by this Administration. Think once again of the sequence of events: recession and industry retrenchment, terrorist attacks, further retrenchment, fraud and further retrenchment, market uncertainty, net worths declining. In response, as you know, the President showed his fine leadership in 2003 to stem this negative tide by passing the Jobs and Growth Act with resulting tax relief. This leadership helped create the impressive economic statistic that I mentioned earlier. We are fighting hard today to make sure that tax relief is permanent to keep our economy on the right track. One final note: when this Administration lowered taxes, the hue and cry from our political opponents, of course, was that revenues would decline and that we were being irresponsible. The opposite happened. Tax receipts at the Treasury for the past 3 quarters have been at their highest level in recorded history. Tax cuts are not placed under a mattress or locked in a safe. They are spent, invested or saved--all of which produces or supports economic activity which, of course, leads to further tax revenue. Consumer Forum The Forum will provide a mechanism for sharing information about patterns of abuses, including emerging trends and on-going problems at financial institutions that are subject to federal or state supervision. The Forum will encourage discussion about consumer protection issues affecting financial institutions. This will assure that the most effective and pervasive remedies are pursued. The Forum will review how consumer complaints are handled by the participating agencies, including how the process currently operates, and develop suggestions as to how it can be improved. It will also support public education efforts to help consumers recognize and avoid abusive practices in the financial institutions arena. The Forum's first meeting will take place at the Treasury Department next month. We are excited about this effort and we will keep you apprised of the Forum's activities. Data Security Let me share some troubling information. Between 9 and 10 million consumers per year are victims of identity theft. I am one of them. I imagine that others in this room have had their identities stolen from them. Collectively, identity theft victims spend millions of hours trying to restore their records. The Federal Trade Commission estimated that the costs business is at least $50 billion. Therefore, this is a problem that requires our attention. The President recognized the importance of data security and the threat of identify theft when he recently noted "the crime of identity theft undermines the basic trust on which our economy depends." Secretary Snow built on the President's wise remarks when he stated that identify theft presents the most serious threat to financial consumers today. In recognizing the importance of data security to foster consumer confidence, Treasury has partnered with financial services organizations, financial regulators, and consumer groups to support prudent and safe personal financial management and to provide education and best practices and safeguards against identity theft. I think it is fair to say that most agree that data security is important and identify theft is a serious problem. The more difficult question is what can and should be done to address these issues? At the outset, I must note that protecting consumer information is the responsibility of both businesses and consumers. Most of the legislative attention on this issue revolves around businesses' responsibility, but I do not want to ignore the responsibility and opportunity for consumers to protect their identities. Like many people, I get annoyed when my computer prompts me to change my password or requires that I use a "powerful" password instead of an easy-to-remember password like 1-2-3-4-5-6. However, these mild annoyances are nothing when compared to the time and expense necessary to reclaim your identify once its stolen. Consumers cannot ignore their responsibility to protect their identities. A person's identity is an incredibly valuable asset. It must be treated as such. I brought with me some copies of a DVD that Treasury produced about protecting yourself from identity theft. It is called "Identity Theft – Outsmarting the Crook". It is an excellent product, and you can go to our website at www.Treasury.gov to find out how to get your copy. I encourage you to notify your members of this valuable tool. As we approach legislative proposals to strengthen businesses' data security requirements, we must balance the need to take all reasonable steps to ensure that people are not unnecessarily vulnerable to identity theft and related frauds with the need to ensure that government requirements do not inhibit the innovation that is vital to our free enterprise system. Data security is a complex issue. The best way to deal with these complexities is a combination of awareness and education, technology, and an increased interest and effort to punish those who commit these crimes. Currently, there are a number of legislative proposals that address these issues. These proposals put forth interesting ideas that have merit and are worth further study. However, as we move towards a legislative solution to this complex problem, we must be mindful of a few important considerations. First, there can be benefits to establishing a uniform, Federal standard of data security. This could prevent a fragmented approach to an issue that is clearly of national importance. Because of the absence of a uniform standard, states are currently filling the void and adopting their own data security standards. This could lead to inconsistent rules across multiple jurisdictions. Considering a uniform standard could standardize the process and reduce undue compliance and notification costs. Of course, if we consider a uniform standard, we should not sacrifice substance simply to streamline costs and build in efficiencies. Second, we should recognize that financial institutions are already highly regulated and actively supervised entities. Any solution should take this into consideration and avoid duplicative requirements and unnecessary overlap with current regulatory regimes. Third, when determining whether and how to notify an affected party of a data security breach, many factors should be taken into account. Risk-based notifications, as opposed to arbitrarily-mandated notifications, might provide consumers with more meaningful and manageable information. Of course, businesses have an absolute responsibility to protect the information of their customers. Thus, businesses must quickly notify their customers if they believe that their customer will be exposed to fraud. That being said, a highly prescriptive notification requirement, with no room for judgment, could create a situation in which consumers become overwhelmed by "defensive" notifications in situations in which they face no reasonable likelihood of harm. Notifications sent to satisfy a rigid regulatory requirement could load up a consumer's inbox with information that the consumer does not need or want, similar to the situation we currently have with privacy notices. Further, if notifications must be sent out prior to an institution being able to assess or describe the risk associated with the breach, it might unnecessarily undermine confidence and existing business relationships, or disrupt a law enforcement investigation into the incident. Finally, it might be premature to consider instant file freeze on demand. An "on demand" file freeze system allows consumers to lift and impose a credit file freeze instantly. On its face, this approach appears to be elegant for its simplicity. However, this approach is extremely resource-intensive and could lull consumers into complacency believing that such a file freeze is adequate protection against fraud. Before we go down this road, should we first examine the data gleaned from fraud alerts, which were mandated under the Fair and Accurate Credit Transactions Act in 2003? We must give this system time to work and see what lessons can be learned from it. Credit Union Issues Particularly noteworthy in this regard are credit unions' activities promoting economic development and financial education in their local communities. Both your organization and the Treasury Department share a strong commitment to financial education. Treasury is working hard to fulfill the President's vision of an Ownership Society and an important part of that is equipping people with the skills they need to understand their money. Currently, there a number of efforts underway in Congress to address unnecessary regulatory burdens imposed on financial institutions. To promote the efficient operations of our Nation's financial institutions, it is important that we continue to evaluate the structure of our regulatory oversight. We need to keep an eye towards eliminating outdated regulations and unnecessary requirements. At the same time, we must remain aware of the fundamental purpose of existing regulations, both in terms of chartering differences among financial institutions and basic safety and soundness requirements. We understand that there are a number of regulatory burden relief provisions that credit unions are concerned about:
Beyond this type of temporary PCA waiver, another area that often falls under the regulatory relief heading is the overall reform of the PCA rules that apply to credit unions. The NCUA, CUNA, and other credit union trade associations have been actively working to develop proposals that alter credit union capital requirements. This work has led to a number of positive proposals, such as applying a risk-based framework to more credit unions and properly accounting for credit unions' investment in the NCUSIF. Thank you for your hard work on this front. As you know, credit unions are subject to a higher minimum leverage capital requirement than is required for other insured depository institutions, and the risk-based capital framework that applies to credit unions operates in a slightly different manner than the framework for other insured depository institutions. One common thread in capital requirements across types of financial institutions is that either the leverage or the risk-based requirement is the binding constraint. While the leverage requirement is currently the binding constraint for most credit unions, this is also the case for other insured depository institutions that have a relatively low-risk portfolio of assets. While often discussed in the context of PCA, the core issue is the minimum capital standards that apply to credit unions. The most challenging aspect of this debate is what to do after the credit unions' investment in the National Credit Union Share Insurance Fund (NCUSIF) is properly accounted for? The general rationale for imposing a higher minimum leverage capital requirement on credit unions is that, unlike many other insured depository institutions, credit unions can generally only build capital through increases in retained earnings. Other factors that have been cited for imposing a higher leverage capital requirement surround the proper accounting for credit unions' investment in the NCUSIF and their investments in corporate credit unions. So, should credit unions be subject to the same minimum leverage capital requirements as other insured depository institutions? In considering this and other issues related to credit unions, let me make a few observations:
Our analysis of this issue is ongoing and we appreciate the assistance that you have provided to us thus far. Conclusion
|
||