Home
About Us
Services
Products
Support
Login
Gramm-Leach-Bliley Act and Ultimate RBS
Gramm-Leach-Bliley Act
The 1999 Gramm-Leach-Bliley Act (GLBA)
gives authority to eight federal agencies and the states to enforce the Act’s Financial Privacy Rule and Safeguards Rule.
These two regulations apply to “financial institutions,” which, in addition to banks, include securities firms, insurance companies and also companies providing many other types of consumer financial products and services. Among those covered by GLBA are any companies lending, brokering or servicing consumer loans, transferring or safeguarding money, preparing tax returns, providing financial advice or credit counseling, real estate settlement services, consumer debt collections and an array of other activities. These non-traditional “financial institutions” are regulated by the Federal Trade Commission, which enforces GLBA mandates.
Threats
abound
Layers of vulnerabilities raise significant threats
to the confidentiality and integrity
of non-public personal information
(NPI) protected by GLBA. In addition to controlling access to NPI you also must capture and log potential privacy violations. Violations must be followed up with specific actions to rectify any security incidents. Common threats include:
Malicious code or malware (viruses, worms, trojans and spyware)
Malicious or misguided employees or consultants
Hardware or software failure
Hackers
Non-compliant business partners
Ineffective or unclear security policies and procedures
Natural disasters.
What are the penalties for non-compliance?
If a financial institution is found to be non-compliant with the rules, or to have deficiencies in its administrative, technical or physical safeguards, the regulatory agencies have the responsibility and authority to take enforcement measures. Enforcement measures range from corrective actions to fines or other penalties.
The potential liability for a bank is staggering. For example:
Non-compliant banks can have FDIC insurance terminated
Corporate officers and directors can be held personally liable for civil penalties up to $10,000 and fines of up to $1M
Corporate officers and upper management can be removed from positions and permanently barred from working in the banking industry
Copyright 2004-2010 LucentGlow