Skip to content

Capital One hit with enforcement actions

McLean, VA
Fine Amount: 
$80 million
Penalty Type: 
Issued by: 

The Federal Reserve Board issued a cease and desist order against Capital One Financial Corporation, McLean, Virginia, resulting from a significant March 2019 data breach at the firm's national bank subsidiaries affecting the personal information of Capital One credit card customers and applicants for credit card products.

The Office of the Comptroller of the Currency, in a coordinated action, assessed an $80 million civil money penalty order against Capital One, N.A., and Capital One Bank (USA), N.A., based on the banks' failure to establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment and the bank's failure to correct the deficiencies in a timely manner. The OCC found the noted deficiencies to constitute unsafe or unsound practices and resulted in noncompliance with 12 C.F.R. Part 30, Appendix B, "Interagency Guidelines Establishing Information Security Standards." The OCC also issued a cease and desist order requiring the banks to take specified corrective actions.

Penalties View All

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Penalties