© Copyright 2019    RISC Management & Consulting, LLC 

                      RISC Associates, PLLC

Gramm-Leach-Bliley Act (GLBA)

GLB Act compliance is mandatory and RISC Management & Consulting can assist institutions  in ensuring appropriate policies are  in place to protect the information from foreseeable threats in security and data integrity​.

The Gramm-Leach-Bliley Act is also known as the Financial Services Modernization Act of 1999. GLBA requires financial institutions or organizations that provide financial services such as loans, investment advice, and insurance to disclose their information-sharing practices to their customers and to ensure sensitive information remain secured and confidential. In addition, part of its implementation of the GLB Act, the Federal Trade Commission (FTC) issued the Safeguards Rule requiring financial institutions under its jurisdiction to safeguard customer records and information.


The Safeguards Rule applies to all businesses, regardless of size, who offers financial products or services including check-cashing businesses, payday lenders, mortgage brokers, nonbank lenders, real estate appraisers, and professional tax preparers. The Safeguards Rule also applies to companies like credit reporting agencies and ATM operators that receive information about the customers of other financial institutions.


How do companies comply with the Safeguards Rule?


The Safeguards Rule requires each financial institution to develop a written information security plan to protect customer information. The plan must be appropriate to the company’s size and complexity, the nature and scope of its activities, and the sensitivity of the customer information it handles.


RISC can assist these organizations in complying with the Safeguards Rule that requires each financial institution to develop a written information security plan to protect customer information. The plan must be appropriate to the company’s size and complexity, the nature and scope of its activities, and the sensitivity of the customer information it handles. Contact us to learn how we can help.