Please fill in the form below to subscribe to our blog

Best Practices for GLBA and FINRA Compliance

September 26, 2019

When it comes to security compliance and regulatory oversight across America, no verticals or functions are being spared. The financial services industry is one that has recently come under scrutiny, as stakeholders begin to realize the sensitivity of data flowing through their processes and organizations. Keep reading for a breakdown of Gram-Leach-Bliley Act (GLBA) compliance, along with a checklist of the top 10 cybersecurity best practices as reported by the Financial Industry Regulatory Authority, Inc. (FINRA).

Financial Privacy and Safeguards
The Gram-Leach-Bliley Act, also known as the Financial Modernization Act of 1999, requires financial institutions to explain how they share and protect their customers’ private information. Additionally, these rules apply to entities outside of the financial services industry that process or receive such information, which can range from real estate companies to tax preparers and more.

Below are the two key components to the GLBA, with the second holding specific implications for data security:

Financial Privacy Rule – 
In order to be compliant, organizations must communicate how they share sensitive data, inform customers of their right to opt out of information-sharing agreements, and explain how they protect customer data.

Safeguards Rule –
Regulating the confidentiality of customer information is separated into three main initiatives: employee security awareness training, information systems, and system failure. Although there are many steps and requirements, we’ve got you covered. With BullPhish ID™, you can check security awareness training off the list and move one step closer to compliance.

The ROI of Compliance
At this point, you may be wondering why you have to be compliant. The threat of non-compliance penalties may seem enough, amounting to $100,000 per violation, but it barely scratches the surface.

Individuals can face additional charges that include prison time, and although the risk of reputational damage is not easily quantifiable, it is often even more crippling. In a world where customer loyalty and trust are king, unauthorized sharing or leaks in customer data can result in brand erosion and revenue loss.

Practice Makes Perfect
As your go-to solutions provider, we’re not here to spell out doom-and-gloom, but instead to help solve your problems. Click the link below to download the Small Firm Cybersecurity Checklist by FINRA:

Ready to take the first step to being GLBA compliant?

Learn how BullPhish ID can help you easily manage the recommended security awareness training: