Who is affected by the Safeguards Rule?

The FTC Safeguards Rule & Standards apply to all non-banking financial institutions or organizations that facilitate financial transactions and services related to banking, but which are not licensed to perform banking directly.  Affected parties include:

  • Wealth Management
  • CPAs
  • Auto dealers
  • Higher education
  • Mortgage brokers
  • Payday lenders
  • Insurance firms
  • Collections agencies
  • Venture capitalists
  • Pawn shops
  • Currency exchanges
  • + more

What does the FTC Safeguards Rule & Standards Mean?

The Safeguards Rule requires non-banking financial institutions to develop and maintain an information security program that protects customer information. Your program is required to ensure the maintenance and system integrity to protect against threats, the confidentiality of private customer information, and protect against unauthorized access to secure information. 

IS Program & Staff Training

IS Program & Staff Training


Monitoring, Testing & Reviews


Consistent Program Updates

anti-virus shield

Incident Response Planning

FTC Safeguards Compliance Checklist

The FTC has outlined 9 specific criteria that every security program must meet in order to comply with the appropriate standards. 

  • Designation of a Qualified Individual
  • Periodic Written Reports
  • Risk Assessment
  • Staff Training
  • Monitoring and Testing
    Service Provider Review
  • Regular Program Updates
  • Incident Response Planning
  • The Design, Implementation, and Maintenance of an Information Security Program


With over 25 years of industry experience, our team of information privacy and security experts is accountable, transparent, and always prepared to prioritize client needs. We’re available to help your organization develop a customer information security program that’s compliant with FTC Standards for Safeguarding Customer Information. Contact us today to get started.