Gramm Leech Bliley Act
- Facilitates affiliation among banks, securities firms, and insurance companies
- Provides standards for constructing and executing organizational, technical, and physical safeguards in order to protect the security, confidentiality, and integrity of the customer´s information.
- Sets out practices for the realization of a written Information Security Program involving the Board of Directors that assesses, manages, and controls risk
- Requires institutions to use due diligence in selecting outside service providers for contracts as well as monitoring and evaluating outside service providers
- Requires monitoring, evaluating, and appropriately adjusting the Information Security Program due to relevant changes
- Requires at a minimum, an annual report to the Board on the status of the Information Security Program and compliance with the GLBA
- Violations of the GLBA are punishable in a civil suit brought to court by the United States Attorney General
The Gramm Leech Bliley Act (GLBA), also known as the Financial Services Modernization Act, allows banks, brokerage companies, and insurance companies to affiliate with one another, which is a repeal of some parts of the Glass-Steagall Act. The passage of personal customer information between these entities prior to the enactment of this act was more difficult. Hence, the GLBA provides for three major requirements and policies following from the increased risk of the transfer of personal information. These three main requirements are part of the standards enacted by GBLA that require financial institutions to take due care in handling and storing personal financial information securely, advise customers of the sharing of said information, and give customers the option to circumvent the sharing of personal financial information. This is accomplished through a complete, thorough, and evolving Information Security Program.
|
