LOGIN Request a call


FTC Expanded Safeguards Rule Affects Non-Banking Small Business

06 Feb

Update Applicable to:Effective date
All businesses who have a security breach involving the information of at least 500 consumersMay 13, 2024

What happened?

On November 13, 2023, the Federal Trade Commission (FTC) published an amended final rule of “Standards for Safeguarding Customer Information” (Safeguard Rule), for which non-banking institutions would have to comply. 

What are the details? 

The FTC new amended rule will require some businesses (that perform banking-like activities) to: 

  • Notify customers and FTC when there is a cybersecurity breach, when a Notification Event as defined in the amended rules happens.
  • Report to the FTC within 30 days of discovery of the notification event via their website. 
  • Be mindful that there is a reverse presumption of knowledge.
  • Non-compliance can be met with up to $100.000 fine per violation for the institution, plus fines to directors and officers which can be personally fined. 

The rule will apply to financial institutions, defined as those that engage in an activity that is financial in nature or incidental to such financial activities (See definition here)

Business Considerations 

  • Covered entities should review their policies and procedures related to incident response and notice to ensure compliance with the Safeguards Rule and consider areas for enhancement.
  • Expect to see an increase in FTC engagement on cybersecurity-related risks for financial institutions and an increase in investigative activity, as well as media and litigation risk.
  • It is recommended to speak to an attorney to fully understand if your business is required to comply and how it can do so properly. 


Source References

Schedule a Call

Learn more about VensureHR and how we can make an impact on your business.

Contact VensureHR

This communication is intended solely for the purpose of conveying information. The present post might incorporate hyperlinks directing readers to websites managed by third-party entities. The inclusion of any links within this communication is meant to serve as points of reference and could encompass opinion articles from various law firms, articles from HR associations, official websites, news releases, and documents of government agencies, and other relevant third-party sources. Vensure has no authority over these external websites and bears no responsibility for their content. Furthermore, Vensure does not endorse the materials present on these websites. The contents of this communication should not be interpreted as legal advice or as a legal standpoint concerning specific facts or scenarios. Nor should it be deemed an exhaustive compilation of facts potentially pertinent to federal, state, or local laws. It is strongly advised that employers solicit legal guidance from an employment attorney when undertaking actions in response to any legal updates provided. This is due to the possibility of future alterations occurring in federal, state, and local laws, regulations, as well as the directives and guidelines issued by governing agencies. These changes may transpire at any given time, potentially rendering certain portions of the content within this update void or inaccurate.

Keep Your Business Compliant

Fill out the form below to receive monthly Employment Law Updates right in your inbox.

Keep Your Business Compliant

Fill out the form below to receive monthly Employment Law Updates right in your inbox.


You're all set.

Thanks for subscribing. Be on the look out for the Legal HR updates in your email.

Celebrating PEOs!

VensureHR joins the nationwide celebration, reflecting on an industry of excellence in providing payroll, employee benefits, compliance assistance, and HR services to thousands of SMBs across North America.

Tracking Convertion image