Focus 1
Builder trigger
Check this when the product handles customer financial information or supports a business activity that may be financial in nature under GLBA.
Framework hub
FTC Safeguards
The FTC Safeguards Rule matters for US financial-in-nature products that handle customer information, including some fintech, lending, advisory, tax, and account-servicing workflows.
Focus 2
Security program
The rule points builders toward written security programs, risk assessments, access controls, encryption, app assessment, MFA, change management, monitoring, and incident response.
Focus 3
Breach notification
The FTC amended the rule to require certain breach and security-incident reporting, with notification requirements taking effect in May 2024.
Focus 4
Official FTC guide
Use the FTC guide and the rule text to decide whether your activity is covered and what security program elements apply.
Open related page