compliance  |  legislation

GLBA Compliance in 2024 - Reporting directly to the FTC

The U.S. Federal Trade Commission (FTC) approved amendments to its Safeguards Rule that require FTC-regulated non-banking financial institutions to report data breaches and other security events directly to the FTC. It was originally proposed to add a breach notification requirement back in late 2021. The rule requires financial institutions to report “notification events” to the FTC within 30 days of discovery of the notification event where the private information of 500+ consumers is involved.