Gramm-Leach-Bliley Act Compliance (GLB Act or GLBA)
The Gramm-Leach-Bliley Act (GLB Act or GLBA), also known as the Financial Modernization Act of 1999, is a federal law enacted in the UnitedStates to control the ways that financial institutions deal with the private information of individuals. The Federal Trade Commission (FTC) is one of eight federal agencies that enforces provisions of Gramm-Leach Bliley.
Who must comply with this law?
GLBA applies to all businesses, regardless of size, that provide financial products or services to consumers. This includes Banks, Securities Firms, Insurance Companies, Automobile Leasing Companies, Travel Agencies connected to Financial Services, Retailers that issue their own consumer credit cards, Check-cashing businesses, Payday lenders, Mortgage brokers, Nonbank lenders, Personal property or Real estate appraisers, Professional tax preparers, and Courier services. The law also applies to companies like credit reporting agencies and ATM operators that receive information about customers of other financial institutions.
GLBA compliance is mandatory. Whether or not a financial institution discloses NPI (Non Public Information) or PII (Personally Identifiable Information), there must be a policy in place to protect the information from foreseeable threats in security and data integrity.