WASHINGTON - The Federal Deposit Insurance Corp. on Tuesday proposed guidelines to encourage adoption of universal data-protection measures.
The Federal Reserve Board, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision are expected to issue similar proposals soon, as required by the Gramm-Leach-Bliley Act of 1999.
If approved after a 60-day comment period, the guidelines would unify standards protecting the confidentiality of customer information. Though they highlight specific areas of concern - including encryption of information, access to sensitive systems, and contracts to service providers - the proposals would not implement regulations and are intended to be "technology-neutral," the FDIC said.
At an open meeting Tuesday, FDIC Vice Chairman Andrew "Skip" Hove and Comptroller John D. Hawke Jr. voiced concerns over the impact the guidelines might have on small banks.
"This could add to the workload of community banks," Mr. Hove said. "I encourage those banks to take a close look at this to see what the impact is going to be."
Reactions from the community banking associations were mixed.
Compliance could be expensive, as community banks are forced to hire information technology assistants because they do not have enough in-house expertise, said Karen Thomas, director of regulatory affairs for the Independent Community Bankers of America.
However, both Ms. Thomas and Robert Davis, managing director of government relations for America's Community Bankers, praised the FDIC for proposing guidelines rather than a rule that would require stricter adherence.
Separately, the FDIC said it is working on a deal with the Federal Reserve Board that would allow the insurance funds to collect assets of failed institutions held by the 12 Federal Reserve Banks.
