Compliance Services

GLBA Services

GLBA Compliance Services

The Gramm-Leach-Bliley Act (GLBA), also referred to as the Financial Services Modernization Act of 1999, establishes guidelines for the handling of nonpublic personal information about consumers by financial institutions. GLBA applies to all organizations, no matter the size, that are “significantly engaged” in providing financial products or services to consumers. The penalties for non-compliance are severe, including fines and imprisonment. Organizations can be fined up to $100,000 for each violation, and directors can be fined up to $10,000 for each violation.

Compass IT Compliance can perform a risk assessment of your organization’s GLBA program as compared to the inter-agency guidelines which establish information disclosure and safeguarding standards surrounding nonpublic personal information. A Compass GLBA risk assessment will evaluate the following areas:

  • Notice Requirements
  • Opt-Out Provisions
  • Contracts
  • Board Involvement
  • Risk Assessment
  • Risk Management and Controls
  • Service Provider Oversight
  • Training
  • Program Adjustment
  • Implementation of the Standards, including:
    • Physical security at branch locations of servers
    • Equipment
    • Confidential information

Compass IT Compliance Services

  • GLBA Risk Assessment - Assess your current level of compliance with GLBA, identify gaps in controls, and identify key work areas that your organization must address to achieve and/or maintain compliance with the regulation
  • GLBA Audit - Our experienced, certified IT Auditors will examine your IT controls mapped against GLBA requirements, obtain evidence to determine if the controls are operating effectively to achieve your organization's objectives and satisfy regulation requirements, and provide attestation of audit along with remediation strategies. A deeper dive assessment compared to the GLBA Risk Assessment, the GLBA Audit will include evidence sampling
  • GLBA Advisory Services - Work with your organization and tailor our project to your specific needs to address any concerns that you have related to GLBA, assist in the implementation and updating of policies and procedures, or assist in assessing the risk your third party providers pose related to GLBA

Let Compass IT Compliance assist your organization in assessing any risks present through our GLBA services so you can secure your customer data environment, comply with regulatory compliance requirements, and save time, money, and resources in the process. Contact Us today to discuss your unique situation. Secure. Comply. Save.

Finance Blog Posts

Contact Us