GLBA (Gramm-Leach-Bliley Act)
The Gramm-Leach-Bliley Act (GLBA) is the U.S. federal law, enacted in 1999, that governs how financial institutions handle customers’ nonpublic personal information. It requires those institutions to explain their information-sharing practices to customers and to protect the security and confidentiality of that information.
The Two Pillars of GLBA
- The Privacy Rule governs how financial institutions collect, use, and disclose nonpublic personal information, and requires them to give customers privacy notices and, in many cases, the ability to opt out of certain sharing.
- The Safeguards Rule requires financial institutions to develop and maintain a written information security program to protect customer information.
How GLBA Is Enforced
GLBA is implemented and enforced by several regulators depending on the type of institution. For many investment advisers and broker-dealers, the SEC’s Regulation S-P implements GLBA’s privacy and safeguards requirements; for firms under the FTC’s jurisdiction, the FTC Safeguards Rule and Privacy Rule apply. The underlying obligation — protect customer financial information — is consistent across regulators.
Why GLBA Matters for Investment & Professional Firms
For DFW investment advisers, accounting firms, and other financial-services firms, GLBA is the foundation beneath the more specific rules they follow — Regulation S-P and the FTC Safeguards Rule both implement it. DKBinnovative helps professional firms in Plano, Frisco, Irving, and Las Colinas meet the safeguards obligations that flow from GLBA.