GLBA Compliance Assessment

FIPCO® will provide audit and security activities centered on compliance to GLBA including ensuring that various implementation specifications are in place for each of the standards identified in the following table.

The Gramm-Leach-Bliley Act (GLBA), officially known as the Financial Services Modernization Act, consists of multiple components. One of those key components calls for “Safeguarding Customer Information”. The Safeguards Regulation, Sections § 314.3, § 314.4 requires compliance to the standards in the following table.

Standard Section
Information Security Program Development GLBA § 314.3
FDIC 225.II
NCUA 748.II
Involve Board of Directors GLBA § 314.4.(a)
FDIC 225. III .(A)
NCUA 748. III .(A)
Assess Risk GLBA § 314.4.(b)
FDIC 225. III .(B)
NCUA 748. III .(B)
Manage and Control Risk

GLBA § 314.4.(b)
GLBA § 314.4.(c)
FDIC 225. III.(C).1
FDIC 225. III .(C).2
FDIC 225. III .(C).3
NCUA 748. III.(C).1
NCUA 748. III .(C).2
NCUA 748. III .(C).3

Oversee Service Provider Arrangements GLBA § 314.4.(d)
FDIC 225. III .(D)
NCUA 748. III .(D)

Adjust the Program

GLBA § 314.4.(e)
FDIC 225. III .(E)
NCUA 748. III .(E)
Report to the Board

FDIC 225. III .(F)
NCUA 748. III .(F)

Implement the Standards FDIC 225. III .(G)
NCUA 748. III.(G)

In order to safeguard customer information requires that financial institutions ensure the security of their customer data, protect the data against known or anticipated risks and secure the data protecting it from unauthorized access. In order to protect against risks, financial institutions must first have a proactive Security Program that involves the board of directors. FIPCO® can help with security consulting to understand how to make your security program proactive, ongoing and risk based.

 

"Ken has been extremely efficient and prompt with everything we have requested from him and he always gets back to me within the same day."

- Rachael Gadbois, Assistant Vice President of Operations, The Pineries Bank