The CFPB is led by a single, unaccountable, presidentially appointed Director. There is no commission or board to oversee the Bureau’s actions.
Since the Dodd-Frank Act required the CFPB receive its funding directly from the Fed, instead of from Congress, the Bureau is not subject to the budgetary limitations or oversight that other federal agencies are.
The CFPB acts as a rogue agency, issuing rules and obtaining consumer data without permission, outside consultation, or public input. Though the Fed funds the CFPB, they have no authority over, and are unable to approve or reject, the Bureau’s rules or orders. Much of the Bureau’s operations are carried out largely in secret.
The Bureau has refused to effectively manage and protect the massive amounts of personally identifiable data it collects from both consumers and companies. As such, the CFPB has received recommendations from Congress, the Government Accountability Office, and the Office of Inspector General, to address immediate information security vulnerabilities.