The Federal Trade Commission (FTC) Safeguards Rule is a set of regulations that require financial institutions to protect the security of customer information. The rule was revised, and certain revisions took effect on June 9, 2023, to reflect the changing landscape of financial services and technology.
So, what does this mean for your business? Whether or not your business is covered by the Safeguards Rule depends on a few factors, including:
- What kind of business you have. The Safeguards Rule applies to financial institutions, which are defined as businesses that engage in activities that are financial in nature or incidental to such financial activities. This includes a wide range of businesses, such as banks, credit unions, mortgage lenders, payday lenders, and investment advisors.
- What information you collect. The Safeguards Rule applies to businesses that collect nonpublic personal information about their customers. This includes information such as names, addresses, Social Security numbers, and financial account numbers.
- How you collect and store the information. The Safeguards Rule applies to businesses that collect and store nonpublic personal information in electronic or paper form.
What kind of businesses are considered “financial institutions” under this Rule? Below are some examples per Section 314.2(h) of the Rule:
|Mortgage Lenders||Mortgage Brokers|
|Payday Lenders||Finance Companies|
|Account Servicers||Check Cashers|
|Wire Transferors||Collection Agencies|
|Credit counselors and other financial advisors||Tax Preparation Firms|
|Non-federally Insured Credit Unions||Investment Advisors that aren’t required|
to register with the SEC
In addition to the list above, the 2021 amendments to the Safeguards Rule added finders, companies that bring together buyers and sellers, as a new example of a financial institution. Finders do not participate in the transaction themselves, but they do collect sensitive financial information from both parties. Therefore, they are now subject to the Safeguards Rule’s requirements for protecting customer information.
To learn more about the revised FTC Safeguards Rule and how HPSI can help your business comply, click here.