Financial institutions, including banks, securities firms, credit unions, insurance companies, mortgage brokers, and investment houses face the following compliancy regulations:

Gramm-Leach-Bliley Act (GLBA)
The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) or GLB Act, requires financial institutions to design, implement and maintain safeguards to protect customer information. In particular, financial organizations must meet the following safeguard requirements:

1. Designate an employee or employees to coordinate its [safeguards] program
2. Assess risks in each area of its operations
3. Design and implement an information security program to control these risks
4. Require service providers (by contract) to implement appropriate safeguards for the customer information at issue
5. Adapt its program in light of material changes to its business that may affect its safeguards.

Since the loss of confidential data through email poses a substantial risk, the implementation of an email security system is an important part of GLBA compliance.

Securities and Exchange commission (SEC) and NASD
SEC rules 17a-3 and 17a-4 and NASD rules 3010 and 3110 require financial institutions to save their emails for at least six years and to be able to search and restore specific messages and threads in a short turnaround. Steep penalties can apply to those companies that do not comply. In 2002, the SEC, NY Stock Exchange and NASD forced five major Wall Street firms to pay over $8 million in non-compliance fees for failure to retain email for the required 6 years. In order to ensure compliance and avoid penalties, financial service companies must put in place archiving policies and systems for long-term retention of email communications.

Policy Patrol can help financial institutions comply with GLBA, SEC and NASD rules in the following ways:

• Archive all messages to provide a central record of email communications.
• Block any unauthorized confidential data leaving the organization by making use of keyword filtering and attachment checking.
• Use Bayesian filtering techniques to identify confidential content as opposed to non-confidential content.
• Add a disclaimer to messages reminding the recipient of the confidential nature of the email and warning against unauthorized disclosure.
• Stop viruses from entering (or leaving) the organization via email and compromising security.
• Provide reports on policy breaches and attachment usage.
• Limit the domains users can send emails to by creating email filters.
• Advanced user permissions ensure that confidential messages are not viewed by the wrong employees.
• Notification emails and network messages inform managers in case of policy breaches.

Apart from helping financial institutions comply with GLBA, SEC and NASD rules, Policy Patrol also offers benefits such as improved employee productivity and decreased legal liability. In addition, Policy Patrol offers an instant return on investment by saving bandwidth, avoiding network congestion and reducing storage space requirements.

Policy Patrol financial customers
Policy Patrol is used by many financial service institutions including Irwin Home Equity, Home Credit and Finance Bank, Island Savings Credit Union, American Financial Realty Trust, Boeing Wichita Credit Union, Federal Home Loan Bank of New York and many more.

Why not try it out now? Download a free 30-day evaluation version and see how valuable Policy Patrol can be to your organization.