CHAPTER 64

U.S. LEGAL AND REGULATORY SECURITY ISSUES

Timothy Virtue

64.1 INTRODUCTION

64.2 SARBANES-OXLEY ACT OF 2002

64.2.1 Section 404 of SOX

64.2.2 Management Perspectives on SOX

64.3 GRAMM-LEACH-BLILEY ACT

64.3.1 Applicability

64.3.2 Enforcement

64.3.3 Consumers and Customers

64.3.4 Compliance

64.3.5 Privacy Notices

64.3.6 GLBA Safeguards Rule

64.3.7 Flexibility

64.4 EXAMINATION PROCEDURES TO EVALUATE COMPLIANCE WITH GUIDELINES FOR SAFEGUARDING CUSTOMER INFORMATION

64.5 CONCLUDING REMARKS

64.6 FURTHER READING

64.7 NOTES

64.1 INTRODUCTION.

The regulatory requirements facing today's business leaders can strengthen the overall business environment while offering increased safeguards to stakeholders such as consumers, suppliers, shareholders, employees, and other interested parties transacting with today's businesses. Although regulatory requirements vary from institution to institution and across different industries, the recurring theme is that management must be proactively involved and fully accountable for the actions of its organization.

Compliance is an ongoing process that can be achieved successfully only when the organization's senior leaders support compliance from both a cultural and operational perspective. In other words, the right attitudes (integrity, honesty, transparency, etc.), also known as tone at the top, must be exemplified in all facets of the organization while working in tandem with operational processes to create a comprehensive compliance environment. ...