GSA assessing charge card contractors’ security policies

Under pressure from lawmakers to ensure federal charge card data is secure, the General Services Administration will review the security policies of the four other SmartPay contractors after Bank of America revealed late last month that it lost the records of 1.2 million federal employees.

In a response to questions from Sen. Susan Collins, chairwoman of the Homeland Security and Governmental Affairs Committee, GSA administrator Stephen Perry said in a letter that the agency will ensure that Bank One of Wilmington, Del., Citibank of New York, Mellon Bank of Pittsburgh and US Bank of Minneapolis will “provide adequate protection for personal information of federal employees.”

Collins, a Maine Republican, wrote a letter to GSA and Bank of America last week asking how both organizations would ensure federal data is better protected [See GCN story].

GSA and the Defense Department also will conduct a joint risk assessment to review Bank of America security procedures, Perry said. Bank of America lost more than 900,000 Defense employees’ information, DOD officials said.

GSA would not offer much detail on how they are conducting the review of SmartPay vendors or the joint risk assessment.

“GSA is taking all appropriate steps to ensure that SmartPay contractors maintain security policies consistent with current industry standards,” said MaryAlice Johnson, an agency spokeswoman. “We expect these activities to continue in the coming weeks.”

Johnson added that GSA still is developing the timetable to conduct the evaluations.

Bank of America also told GSA it has changed its method of handling SmartPay system back-up operations. Bank spokeswoman Alexandra Trower said the company does not comment on those procedures for security reasons.

“We are continually improving our processes and procedures for handling our customer’s information,” she said.

Bank of America also provided GSA with a list of names of the affected cardholders and is sending out a second letter to cardholders explaining how to obtain a free credit report and fraud alert.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Social Media
    Editorial credit: pcruciatti /

    They took all the tweets and put 'em in a tweet museum

    Twitter cancelled @realdonaldtrump, but the National Archives will bring presidential tweets back via the Trump library website.

  • Workforce
    Avril Haines testifies SSCI Jan. 19, 2021

    Haines looks to restore IC workforce morale

    If confirmed, Avril Haines says that one of her top priorities as the Director of National Intelligence will be "institutional" issues, like renewing public trust in the intelligence community and improving workforce morale.

Stay Connected