[ad_1]
If your financial institution suffers a security breach, they’ll have to let you know within 30 days.The Securities and Exchange Commission adopted changes to Regulation S-P this week, which deals with the treatment of consumers’ personal information, Ars Technica reports.Based on the new amendments, financial institutions will now have to notify any individual whose personal information is compromised due to a breach of their systems “as soon as practicable, but not later than 30 days after becoming aware that an incident involving unauthorized access to or use of customer information has occurred or is reasonably likely to have occurred.”The update impacts broker-dealers (including funding portals), investment companies, registered investment advisers, and transfer agents.“Over the last 24 years, the nature, scale, and impact of data breaches has transformed substantially,” says SEC Chair Gary Gensler. “These amendments to Regulation S-P will make critical updates to a rule first adopted in 2000 and help protect the privacy of customers’ financial data. The basic idea for covered firms is if you’ve got a breach, then you’ve got to notify. That’s good for investors.”
Recommended by Our Editors
When financial institutions notify customers, they’ll also need to include details about what happened, what data was compromised, and provide information about how the impacted individuals can protect themselves.The amendments will go into effect 60 days after they’re published in the Federal Register, though larger entities have 18 months to comply and smaller ones have two years.
Get Our Best Stories!
Sign up for What’s New Now to get our top stories delivered to your inbox every morning.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
[ad_2]