PDF Print E-mail


Who is required to comply?
All banks, credit reporting agencies, securities companies, tax preparation companies, real estate settlement service companies, debt collectors, insurance companies and those doing business with said companies.

What is it?

The Gramm-Leach-Bliley Act, or commonly referred to as the GLBA, signed in November 1999 and put into full effect in July 2001. The Act governs how customer’s financial information is collected and disclosed and demands financial institutions to implement and maintain safeguards to protect information and prevent corruption, fraud and leakage.

What are the requirements?

The Gramm-Leach-Bliley Act mandates that the confidentiality and security of customer information is enforced through securing the information, such as email correspondence, and limiting its access. Places of storage for this information must be protected with secure access controls. Email retention periods parallel that of the SEC 17a-4 regulation which requires retention of six years in an easily accessible space, secure from erasure and rewriting.

What is the cost of non-compliance?

Heavy fines, up to five years of imprisonment and loss of corporate reputation.

What is the significance of Gramm-Leach-Bliley compliance?

The significance behind the Gramm-Leach-Bliley Act is to enhance protection of non-public personal financial information and ensure its safety through proper record keeping, supervisory review and access.