2/3 of the World is Covered by Water – the Other Third is Covered by the Gramm-Leach-Bliley Act

With the possible exception of medical providers, financial institutions handle some of the most sensitive information consumers possess—Social Security numbers, income and employment details, credit histories, account balances, and more. Protecting this data is not only essential to maintaining consumer trust but is also a legal requirement under the Gramm‑Leach‑Bliley Act (“GLBA”) and the Federal Trade Commission (“FTC”) Safeguards Rule. Together, these regulations establish a comprehensive framework for how financial institutions must secure, manage, and protect consumer information throughout its lifecycle.

Although the GLBA has been in effect for a couple of decades, and the FTC Safeguarding Rule was put into effect in 2003 and updated for smart phone usage in 2021 with penalties taking effect in 2023, we thought a review would be helpful for executives of financial institutions as well as fintechs. Below, we break down the core requirements of GLBA and the Safeguards Rule ...