The Gramm Leach Bliley Act (GLBA) was signed into law in 1999. GLBA is intended to ensure that the personal financial data of consumers is adequately secured by financial firms, so as to prevent unauthorized disclosure. When GLBA was put into law, it provided for various regulatory agencies to add more specific requirements in the form of Safeguard Rules. The exact requirements for compliance with GLBA thus vary depending on the type of financial firm. The following regulatory agencies are charged with administering GLBA for their regulated firms:
|
Regulatory Agency |
Regulated Firms |
|
Federal Deposit Insurance Corp. |
FDIC insured banks |
|
Office of the Comptroller of the Currency |
National banks |
|
National Credit Union Agency |
Credit unions |
|
Office of Thrift Supervision |
Savings and loans |
|
State Regulators |
State chartered banks |
|
Federal Reserve |
Bank holding companies, state member banks |
|
Securities and Exchange Commission |
Brokers, investment companies |
|
Federal Trade Commission
|
All other financial firms, including mortgage companies, mortgage brokers, consumer credit companies, and others |
When it comes to complying with GLBA, the devil is truly in the details!
In order to assist organizations affected by GLBA, Compliance Focus is creating a comprehensive, forty page Guide to GLBA Compliance. Check back on May 1, 2008 to receive a free copy of this valuable resource free of charge. Or you can register to receive it by subscribing to our newsletter on our home page.
Compliance Focus also maintains a current list of other resources and websites that are useful in understanding GLBA compliance. This resource list can be found here.
For a list of vendors providing products and services that can help organizations to comply with GLBA, click here.