If you're a financial institution, you need to know about the Safeguards Rule

Kadian Douglas

June 8, 2022 at 10:00 AM·3 min read

Under the Gramm-Leach-Bliley Act, organizations defined as “financial institutions” must keep customer information secure and confidential. The Safeguards Rule, one of three sections of the GLBA, was updated Dec. 9, 2021. With this update, the Federal Trade Commission notes that an organization “engaging in an activity that is financial in nature or incidental to such financial activities” is considered a “financial institution” and must comply.

That said, key changes to the Safeguards Rule are slated to take effect Dec. 6, 2022.

Who must comply with the Safeguards Rule?

The following are examples of organizations deemed to be “financial institutions” under the Safeguards Rule:

Retailers extending a credit card
Dealerships leasing a car long term — longer than 90 days
Organizations appraising real estate or personal property
Counselors helping individuals associated with a financial institution
Businesses printing and selling checks on behalf of customers or wiring money
Businesses engaging in cash checking services
Income tax return preparers
Travel agencies
Real estate settlement services
Mortgage brokers
Colleges and universities accepting Title IV funds

Effective Dec. 6, 2022, organizations classified as “financial institutions” must implement security practices and then review and periodically update formal policies and procedures, including:

Designating a qualified individual to oversee the information security program
Developing, implementing, and maintaining a written information security program
Completing a written information security risk assessment
Design and implement safeguards to control the risks you identify through risk assessment
Establishing continuous monitoring of information systems
Engaging third-party penetration testing and vulnerability assessments
Conducting security awareness training
Assessing third-party service providers periodically
Establishing a written information incident response program
Providing the board or respective group with a written report periodically and at least annually from the qualified individual

Specific controls requirements regarding the implementation of safeguards include:

Implementing and reviewing access control
Inventorying the systems that handle customer information
Identifying and managing data based on risk
Encrypting data both in transit and at rest
Securing software development practices
Requiring the use of multifactor authentication for those accessing the information systems
Establishing secure procedures for disposing data
Developing change management procedures
Implementing logging and monitoring procedures

While these elements must be implemented as part of an information security program, the revised rule is flexible enough to cover large and small “financial institutions” alike. Specific safeguards must be appropriate for:

The size and complexity of an organization and its operations
The nature and scope of activities involving customer information
The sensitivity of the customer information handled by the organization

That means organizations classified as financial institutions are permitted to implement different programs based on the scope of their operations and assessment of security risks.

There are potential penalties for noncompliance with the Safeguards Rule, and penalties for not complying could be of a financial or nonfinancial nature. There is a maximum charge of $46,517 per consent order violation.

Getting in compliance with the new requirements could be a heavy undertaking. Depending on the sophistication and maturity of an organization’s personnel and security infrastructure, a comprehensive diagnostic assessment to evaluate compliance may be necessary. Some requirements may need to be implemented once with ongoing maintenance, while others may require recurring assessments such as penetration tests, risk assessments, and training.

For more information on cybersecurity and data privacy, contact Kadian Douglas at kadian.douglas@CLAconnect.com or 813-384-2735. For more information on CliftonLarsonAllen LLP, visit CLAconnect.com.

This article originally appeared on The Patriot Ledger: Federal Trade Commission's Safeguards Rule for financial institutions

Yahoo Sports
Based on the odds, here's what the top 10 picks of the NFL Draft will be
What would a mock draft look like using just betting odds?
3d ago
Yahoo Sports
Broncos, Jets, Lions and Texans have new uniforms. Let's rank them
Which new uniforms are winners this season?
1d ago
Yahoo Finance
Jamie Dimon is worried the US economy is headed back to the 1970s
JPMorgan's CEO is concerned the US economy could be in for a repeat of the stagflation that hampered the country during the 1970s.
2d ago
Yahoo Sports
Luka makes Clippers look old, Suns are in big trouble & a funeral for Lakers | Good Word with Goodwill
Vincent Goodwill and Tom Haberstroh break down last night’s NBA Playoffs action and preview several games for tonight and tomorrow.
23h ago
Autoblog
These are the cars being discontinued for 2024 and beyond
As automakers shift to EVs, trim the fat on their lineups and cull slow-selling models, these are the vehicles we expect to die off soon.
2d ago
Yahoo Sports
Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion
The Red Sox were already mourning the loss of Tim Wakefield from that 2004 team.
5d ago
Yahoo TV
Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.
Ryan Gosling, who starred in the skit, couldn't keep a straight face — and neither could some of the "Saturday Night Live" cast.
2d ago
Yahoo Sports
Ryan Garcia drops Devin Haney 3 times en route to stunning upset
The 25-year-old labeled "mentally fragile" by many delivered the upset for the ages.
5d ago
Yahoo Sports
Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal
Dan Wetzel, Ross Dellenger & SI’s Pat Forde react to the huge performance this weekend by Texas QB Arch Manning, Michigan and Notre Dame's spring games, Jaden Rashada entering the transfer portal, and more
3d ago
Yahoo Sports
Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions
Reid's deal reportedly runs through 2029 and makes him the highest-paid coach in the NFL.
3d ago
Yahoo Sports
Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal
Cortés' attempt didn't fool Andrés Giménez, who fouled off the pitch.
5d ago
Yahoo Life
Here’s when people think old age begins — and why experts think it’s starting later
People's definition of "old age" is older than it used to be, new research suggests.
3d ago
Yahoo Sports
NBA playoffs: Who's had the most impressive start to the postseason? Most surprising?
Our NBA writers weigh in on the first week of the playoffs and look ahead to what they're watching as the series shift to crucial Game 3s.
2h ago
Yahoo Finance
Retirement confidence in the US ticks up; new rule for financial advisers is set to start
Two-thirds of Americans reported that they feel confident they have enough money for a comfortable retirement, up a notch from last year.
8h ago
Yahoo Finance
Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock
Trump is entitled to an additional 36 million shares if the company's share price trades above $17.50 "for twenty out of any thirty trading days" over the next three years.
2d ago
Autoblog
UPS and FedEx find it harder to replace gas guzzlers than expected
Shipping companies like UPS and FedEx are facing uncertainty in U.S. supplies of big, boxy electric step vans they need to replace their gas guzzlers.
6h ago
Yahoo Sports
Lions' new uniforms get leaked early, and they find some humor in it
The Lions' new uniforms got released prematurely.
7d ago
Yahoo Sports
2024 NFL mock draft: With one major trade-up, it's a QB party in the top 5
Our final 2024 mock draft projects four quarterbacks in the first five picks, but the Cardinals at No. 4 might represent the key pivot point of the entire board.
4d ago
Yahoo Sports
Dylan Edwards set to be latest Colorado running back to enter transfer portal
All four rushers who had more than 10 carries in 2023 for the Buffaloes are transferring.
2d ago
Yahoo Finance
GDP: US economy grows at 1.6% annual pace in first quarter, falling short of estimates while inflation increases
The reading of first quarter economic growth comes at a crucial time as investors digest the potential impacts of the Fed holding interest rates higher for longer.
6h ago

News

Life

Entertainment

Finance

Sports

New on Yahoo

David Pecker returns to witness stand in Trump's hush money trial

If you're a financial institution, you need to know about the Safeguards Rule

Who must comply with the Safeguards Rule?

Recommended Stories

Based on the odds, here's what the top 10 picks of the NFL Draft will be

Broncos, Jets, Lions and Texans have new uniforms. Let's rank them

Jamie Dimon is worried the US economy is headed back to the 1970s

Luka makes Clippers look old, Suns are in big trouble & a funeral for Lakers | Good Word with Goodwill

These are the cars being discontinued for 2024 and beyond

Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion

Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.

Ryan Garcia drops Devin Haney 3 times en route to stunning upset

Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal

Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions

Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal

Here’s when people think old age begins — and why experts think it’s starting later

NBA playoffs: Who's had the most impressive start to the postseason? Most surprising?

Retirement confidence in the US ticks up; new rule for financial advisers is set to start

Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock

UPS and FedEx find it harder to replace gas guzzlers than expected

Lions' new uniforms get leaked early, and they find some humor in it

2024 NFL mock draft: With one major trade-up, it's a QB party in the top 5

Dylan Edwards set to be latest Colorado running back to enter transfer portal

GDP: US economy grows at 1.6% annual pace in first quarter, falling short of estimates while inflation increases