Data Protection for Compliance with Financial Services Regulations

The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to protect customers’ data.

GLBA requires Financial Services Institutions to implement and maintain a comprehensive information security program, especially for Anti Money Laundering (AML) and Know Your Customer Regulations. These procedures often break sales workflows and frustrate important customers. Until all data can be protected equally, FSIs have more to lose when it comes to a breach. FSIs, including insurance providers, must protect by encryption all customer information held or transmitted both in transit over external networks and at rest.

In line with the National Institute of Standards and Technology (NIST) Cybersecurity Framework and FINRA’s Report on Cybersecurity Practices XQ helps:

• Identify and assess cybersecurity threats

• Protect assets from cyber intrusions

• Detect when systems and assets have been compromised

• Support AML and KYC validation as it is key to securing data even when outside of your control throughout its lifecycle

Payment Card Industry (PCI) data security standards apply to those who accept or process payment cards. Those standards include protecting data transmission of cardholder data across open, public networks and stored cardholder data. XQ helps payment processors maintain policies that address information security for employees and contractors.

The Federal Consumer Financial Protection Bureau (“CFPB”) and the Federal Trade Commission (“FTC”), as well as federal functional regulators and State insurance authorities, have the power to enforce GLBA concerning the entities within a particular agency's authority.