The CFPB fined Dwolla Inc. for a failure to implement “‘reasonable and appropriate’ security policies governing the ‘storage of consumers’ personal information.” Dwolla agreed to pay $100,000 in fines.

• In March 2016, “Iowa-based fintech firm Dwolla Inc. agreed to pay a $100,000 financial penalty this month after the consumer protection bureau alleged the peer-to-peer online payments system provider had failed to adopt and implement ‘reasonable and appropriate’ data security policies and procedures governing the collection, maintenance, or storage of consumers’ personal information.” [Barbara Shecter, “Fintechs Face Calls For More Regulation,” Vancouver Sun, 04/10/16]