Could Your Vendor Hold Your Data Hostage?

February 26, 2021 at 9:38 am Leave a comment

In states across the country, including New York, data protection is all the rage. If Governor Cuomo has his way, the Department of Financial Services will be establishing a bill of rights, which will include the right of consumers to exercise control over what personal information is collected, and the right to have this information “returned and destroyed.” But the emerging legal framework presupposes that your credit union knows where your information is located and has control over how it is used. Recent events have underscored that this assumption is far from accurate, and that existing contract language can only go so far to protect the interests of your credit union and its members. 

First we have the high-profile example of FiServ being unable to provide core services to credit unions in the Northeast because of a winter storm in Texas. A less well-known but equally important development is a recent legal action in which Caliber, a prominent national servicer of mortgage loans, went to federal court and alleged that the provider of its core technology, Sagent, responded to Caliber’s decision to migrate its services to a new core processor by threatening “to hold Caliber’s data hostage, causing massive and irreparable damage to Caliber’s business and relationships, as well as to hundreds of thousands of mortgage borrowers across the country.” Far from working in good faith to help Caliber to migrate over to a new system, Sagent insisted that the company enter into a new contract with even more onerous terms than the previous agreement. The case has since been settled. What would your credit union be able to do in the same situation? Imagine how much more difficult your decision could be two years from now if this type of negotiation takes place as you’re trying to comply with new state data portability requirements. 

I’ve talked to a couple of legal colleagues about lessons to be drawn from this case, and obviously it underscores the importance of the contract drafting process. Just like any good coach knows the day they are hired, they will someday be fired. You should draft your major vendor agreements with an eye towards the day when you will want to migrate services to another company. As a result, it is crucial that when addressing issues relating to transitioning to a new vendor that respective requirements are made as specific as possible. Among the issues which should be addressed are the cost involved with a transition of services, a clear delineation of what information belongs to your credit union and a stipulation that your information will be maintained according to commercially reasonable standards. The importance of this last requirement was underscored in the Caliber dispute. Sagent argued that it was not able to transfer information to the new vendor. 

Caliber is a sophisticated company well aware of how to draft a good contract and still had trouble transitioning to a new vendor. Perhaps it is time for the credit union industry to reconsider its opposition to legislation allowing NCUA to have more oversight over CUSOs and other third-party vendors. My concern is that your average credit union simply does not have the negotiating leverage to insist on the baseline protections needed to ensure that it can have easy access to member data and enter into cost-effective agreements.

On that note, enjoy your weekend – see you all on Monday.

Entry filed under: Legal Watch, Mortgage Lending, technology. Tags: , , , .

CFPB Puts Brakes on Mortgage Reform Meet Walmart, Your Friendly, Small Town Community Banker

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


Authored By:

Henry Meier, Esq., Senior Vice President, General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association. In addition, although Henry strives to give his readers useful and accurate information on a broad range of subjects, many of which involve legal disputes, his views are not a substitute for legal advise from retained counsel.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 739 other followers

Archives