Top 5 Things You Need to Know About Financial Data Regulations

Money rules — no, seriously. The Gramm-Leach Bliley Act (GLBA) and Fair Credit Reporting Act (FCRA) are regulations established by the United States Federal Government for commercial and investment banks, insurance companies, wealth management services, and more. In addition to ensuring the accuracy and fairness of consumer information, these laws seek to protect and uphold consumer privacy. Interested in learning more? Here are the top five things you need to know about financial data regulations:

1. The U.S. financial services industry is regulated by several different bodies and subject to federal law

There is no “one-size-fits-all” institution that regulates the collection, use, and sharing of consumer financial information. Instead, the Federal Trade Commission, Consumer Financial Protection Bureau, States’ Attorney General, and other federal banking agencies work together to implement and enforce critical financial data regulations.

2. U.S. financial institutions are legally required to take steps to protect consumer privacy

Under a federal law known as “The Financial Modernization Act of 1999,” also referred to as the Gramm-Leach Bliley Act (GLBA), financial institutions and their affiliates must maintain and safeguard consumers’ confidentiality surrounding personally identifiable information (PII) gathered from customer records in paper, electronic, or other forms. The three rules that agencies enforce based on this law are:

  1. The Financial Privacy Rule, which dictates how financial institutions can collect and/or disclose customers’ personal information
  2. The Safeguards Rule, which requires that financial institutions undertake a risk assessment & develop and implement security measures to protect nonpublic personal information (NPI)
  3. Pretexting Provisions, which prohibits pretexting or accessing private information using false pretenses — such as impersonating an account holder to ask for private information by phone, email, and mail.

3. Financial data regulations also apply to credit reporting agencies

The Fair Credit Reporting Act (FCRA) is another federal law that helps ensure the accuracy, fairness, and privacy of the information in consumer credit bureau files. This law regulates the way credit agencies can collect, use, and share the data they collect in consumer reports. FCRA contains responsibilities for consumer reporting agencies and persons that operate in any of the following capacities:

  • Procurers and users of information, such as credit grantors, purchasers of dealer paper, or those opening deposit accounts
  • Furnishers and transmitters of information by reporting information to consumer reporting agencies, other third parties, or to affiliates
  • Marketers of credit or insurance products; and
  • Employers

4. Emerging industries challenge existing financial data regulations

Buy Now Pay Later (BNPL) is an example of an emerging industry, featuring popular companies such as Affirm, Klarna, Afterpay, Sezzle, and more. BNPL allows customers to pay for goods in a set number of payments by issuing a short-term loan without interest. Instead of running hard credit checks, they often have different approaches for credit underwriting –– such as employment, salary, and bank account verification. For thin-file borrowers, BNPL is a game-changer. Products and services previously inaccessible become easy to purchase in installments, and short-term BNPL loans allow customers who might not have access to other forms of credit build good credit history.

By using alternative mechanisms for credit underwriting, BNPL companies often avoid incurring legal requirements. However, while BNPL is currently insulated from financial regulations like FCRA by not requesting credit checks, this practice potentially increases financial risks for retailers and consumers. Short term loans issued by BNPL companies can lead to debt accumulation, missed payments, and hefty late fees. In a study conducted by Qualtrics on behalf of Credit Karma, 34% of respondents stated that they’d fallen behind on one or more payments, resulting in decreased credit scores. Without valuable data regarding a consumer’s credit history, BNPL companies, retailers, and consumers risk making sales and purchase decisions based on inadequate information. 

5. Privacy enhancing computation can help support regulatory compliance

Privacy enhancing technology enables BNPL and other financial services to unlock the intellectual property value of data while remaining FCRA & GLBA compliant. By protecting data in use, financial enterprises can now implement data analytics without seeing or sharing sensitive information. The TripleBlind Solution offers the following advantages:

  • Promotes secure, high-quality analysis. By leveraging a complete and scalable set of privacy technologies, our solution allows for BNPL services offered by FinTechs to alleviate compliance concerns while collaborating with robust data.
  • Rapid development of product offerings via improved insights. With TripleBlind, emerging companies in financial services achieve better credit insights faster by gaining access to new data previously unavailable due to privacy and trust concerns.
  • Reduces business risks and costs simultaneously. Our solution enables the financial services industry to dramatically reduce the risk and liability of a potential data breach. Organizations can work simultaneously with multiple vendors, without compromising security.

If your company is looking to remain compliant with financial regulations while leveraging the most complete and scalable solution for privacy enhancing computation, please contact us today to schedule a personalized demo of our revolutionary technology.