(Reuters) - Credit-reporting firms will be subject to stricter regulatory monitoring following the massive data breach that Equifax Inc (N:EFX) disclosed this month, the head of the Consumer Financial Protection Bureau (CFPB) said on Wednesday.
The CFPB is working with the Federal Trade Commission and the New York Department of Financial Services (DFS) on a new regulatory framework that includes onsite monitors at the three big credit-reporting firms, Equifax, Experian (L:EXPN), and TransUnion (N:TRU), Director Richard Cordray told CNBC.
"The old days of just doing what they want and being subject to lawsuits now and then are over," Cordray said.
"There has to be a scheme of preventive monitoring in place. They are going to have to accept that. They are going to have to welcome it. They are going to have to be very forthcoming."
The Equifax hack compromised the personal data of up to 143 million Americans and has prompted a number of investigations by regulators and lawmakers, including the DFS, which recently issued a subpoena to Equifax demanding it provide more information about the breach.
The CFPB will also have to work with Congress to put in place a better framework on data security, Cordray said.