Home
gpo.gov
govinfo.gov

e-CFR Navigation Aids

Browse

Simple Search

Advanced Search

 — Boolean

 — Proximity

 

Search History

Search Tips

Corrections

Latest Updates

User Info

FAQs

Agency List

Incorporation By Reference

eCFR logo

Related Resources

Electronic Code of Federal Regulations

We invite you to try out our new beta eCFR site at https://ecfr.federalregister.gov. We have made big changes to make the eCFR easier to use. Be sure to leave feedback using the Help button on the bottom right of each page!

e-CFR data is current as of October 21, 2020

Title 17Chapter IPart 160 → Subpart D


Title 17: Commodity and Securities Exchanges
PART 160—PRIVACY OF CONSUMER FINANCIAL INFORMATION UNDER TITLE V OF THE GRAMM-LEACH-BLILEY ACT


Subpart D—Relation to Other Laws; Effective Date


Contents
§160.16   Protection of Fair Credit Reporting Act.
§160.17   Relation to state laws.
§160.18   Effective date; compliance date; transition rule.
§§160.19-160.29   [Reserved]
§160.30   Procedures to safeguard customer records and information.

return arrow Back to Top

§160.16   Protection of Fair Credit Reporting Act.

Nothing in this part shall be construed to modify, limit or supersede the operation of the Fair Credit Reporting Act, 15 U.S.C. 1681 et seq., and no inference shall be drawn on the basis of the provisions of this part regarding whether information is transaction or experience information under section 603 of that Act.

return arrow Back to Top

§160.17   Relation to state laws.

(a) In general. This part shall not be construed as superseding, altering or affecting any statute, regulation, order or interpretation in effect in any state, except to the extent that such state statute, regulation, order or interpretation is inconsistent with the provisions of this part, and then only to the extent of the inconsistency.

(b) Greater protection under state law. For purposes of this section, a state statute, regulation, order or interpretation is not inconsistent with the provisions of this part if the protection such statute, regulation, order or interpretation affords any person is greater than the protection provided under this part, as determined by the Bureau of Consumer Financial Protection, after consultation with the Commission, on its own motion or upon the petition of any interested party.

[66 FR 21252, Apr. 27, 2001, as amended at 76 FR 43879, July 22, 2011]

return arrow Back to Top

§160.18   Effective date; compliance date; transition rule.

(a) Effective date. This part is effective on June 21, 2001. In order to provide sufficient time for you to establish policies and systems to comply with the requirements for this part, the compliance date for this part is March 31, 2002.

(b)(1) Notice requirement for consumers who are your customers on the effective date. By March 31, 2002, you must have provided an initial notice, as required by §160.4, to consumers who are your customers on March 31, 2002.

(2) Example. You provide an initial notice to consumers who are your customers on March 31, 2002 if, by that date, you have established a system for providing an initial notice to all new customers and have mailed the initial notice to all your existing customers.

(c) One-year grandfathering of service agreements. Until March 31, 2003, a contract that you have entered into with a nonaffiliated third party to perform services for you or functions on your behalf satisfies the provisions of §160.13(a)(1)(ii) even if the contract does not include a requirement that the third party maintain the confidentiality of nonpublic personal information, as long as you entered into the agreement on or before March 31, 2002.

[66 FR 21252, Apr. 27, 2001, as amended at 66 FR 24061, 24183, May 11, 2001; 67 FR 6790, Feb. 13, 2002]

return arrow Back to Top

§§160.19-160.29   [Reserved]

return arrow Back to Top

§160.30   Procedures to safeguard customer records and information.

Every futures commission merchant, retail foreign exchange dealer, commodity trading advisor, commodity pool operator, introducing broker, major swap participant, and swap dealer subject to the jurisdiction of the Commission must adopt policies and procedures that address administrative, technical and physical safeguards for the protection of customer records and information. These policies and procedures must be reasonably designed to:

(a) Insure the security and confidentiality of customer records and information;

(b) Protect against any anticipated threats or hazards to the security or integrity of customer records and information; and

(c) Protect against unauthorized access to or use of customer records or information that could result in substantial harm or inconvenience to any customer.

[85 FR 29614, May 18, 2020]

return arrow Back to Top

Need assistance?