As is the case with the Gramm-Leach-Bliley Act as a whole, the privacy title adopts the "functional regulator" approach to enforcement. A financial institution's primary federal regulator also enforces the privacy title.

Notably, the statute gives the Federal Reserve Board privacy enforcement authority over bank holding companies and their nonbank subsidiaries. Exceptions are brokers, dealers, investment companies, and advisers, which the Securities and Exchange Commission oversees, and insurance companies, over which the appropriate state regulators have enforcement authority.

Subscribe Now

Access to authoritative analysis and perspective and our data-driven report series.

14-Day Free Trial

No credit card required. Complete access to articles, breaking news and industry data.