The FTC Safeguards Rule requires any institution engaged in significant financial activities to take specific steps to protect the customer data they collect. But it’s not only financial institutions that need to comply. It also covers organizations that:
- Handle large amounts of money.
- Offer loans or extended lines of credit.
- Connect consumers with financial institutions.
- Are involved with gaining or accessing capital.
If this is you, there’s an important date approaching that you should keep in mind. The FTC Safeguards Rule has a compliance deadline of June 9, 2023. After this date, you risk facing significant penalties and damage if you are not in full compliance. It includes:
The FTC has built time and awareness into this latest change, expecting you to comply by the deadline. They can fine you as much as $100,000 per violation, with an additional $10,000 against officers and directors. While they might not impose fines for first-time offenders, it’s better to comply early. They can also charge other penalties, including damages for consent violations, totaling as much as $43,000 per day for each violation.
The FTC does not shy away from enforcing penalties against rulebreakers. If you are found to be non-compliant, you can incur a long list of penalties, including long-term consent decrees or extensive injunctive relief. In some cases, these penalties can be so severe they hamper business operations and force you to cease some or all financial activities.
Customer trust is a cornerstone of any business. Swift action from the FTC can unravel that trust in a blink of an eye. Yet the damage doesn’t stop there. Once non-compliance is made public, it can worsen relationships with vendors, partnerships, and other affiliates. You can lose relationships that have taken years to build.
The FTC didn’t update the FTC Safeguards Rule without reason. Every industry is currently reworking security practices to protect businesses and consumers alike. A current IBM study found that the average data breach costs Americans $9.44 million, higher than any other country. Your data is valuable. Cybercriminals are getting more sophisticated every day. The FTC Safeguards Rule helps put some of that risk at bay.
As if fines, penalties, and reputational damage aren’t enough, you’ll also increase your risk for litigation. As people discover your lack of compliance, they may sue for damages. In the case of a data breach, you’ll have to notify victims, which could trigger a slew of lawsuits. You’ll become subjected to probing regulatory audits for years. And for worse-case scenarios, key business stakeholders can be imprisoned for criminal negligence for up to five years.
Where To Go From Here
Don’t delay. Now is the time to ensure you comply with the FTC Safeguards Rule by the deadline of June 9, 2023. Take advantage of our free whitepaper, “FTC Safeguards Rule Compliance Guide” for more information on how to comply.
TPx helps organizations like yours become defensible for the FTC Safeguards Rule by helping to run effective security programs customized with the right support model to meet your needs. Ready to take the next step? Contact a TPx representative today