GLBA Compliance Assessment

FIPCO® will provide audit and security activities centered on compliance to GLBA including ensuring that various implementation specifications are in place for each of the standards identified in the following table.

The Gramm-Leach-Bliley Act (GLBA), officially known as the Financial Services Modernization Act, consists of multiple components. One of those key components calls for “Safeguarding Customer Information”. The Safeguards Regulation, Sections § 314.3, § 314.4 requires compliance to the standards in the following table.

Standard Section
Information Security Program Development GLBA § 314.3
Involve Board of Directors GLBA § 314.4.(a)
FDIC 225. III .(A)
NCUA 748. III .(A)
Assess Risk GLBA § 314.4.(b)
FDIC 225. III .(B)
NCUA 748. III .(B)
Manage and Control Risk

GLBA § 314.4.(b)
GLBA § 314.4.(c)
FDIC 225. III.(C).1
FDIC 225. III .(C).2
FDIC 225. III .(C).3
NCUA 748. III.(C).1
NCUA 748. III .(C).2
NCUA 748. III .(C).3

Oversee Service Provider Arrangements GLBA § 314.4.(d)
FDIC 225. III .(D)
NCUA 748. III .(D)

Adjust the Program

GLBA § 314.4.(e)
FDIC 225. III .(E)
NCUA 748. III .(E)
Report to the Board

FDIC 225. III .(F)
NCUA 748. III .(F)

Implement the Standards FDIC 225. III .(G)
NCUA 748. III.(G)

In order to safeguard customer information requires that financial institutions ensure the security of their customer data, protect the data against known or anticipated risks and secure the data protecting it from unauthorized access. In order to protect against risks, financial institutions must first have a proactive Security Program that involves the board of directors. FIPCO® can help with security consulting to understand how to make your security program proactive, ongoing and risk based.


"You do a wonderful job of explaining how things work and putting the perspective into the situation. That is the part that helps me the most. You are great at providing focus."

- Lori Krueger, Farmers State Bank, Markesan