Understanding Recent FTC Changes to the Gramm-Leach-Bliley Act (GLBA) | TimTalks February 15, 2022 

Protecting customer information is a top priority for dealerships everywhere, but it can be a difficult and time-consuming process to stay on top of ever-changing policies and regulations. On the February 15, 2022 episode of TimTalks, CarNow’s Tim Cox, Vtech Dealer IT’s John Acosta, and Qvale Automotive Group’s Paul Jensen discussed this topic in detail by covering the recent FTC changes to the Gramm-Leach-Bliley Act (GLBA) and other strategies to ensure dealership operations are safe and secure. 

 The GLBA requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data. Most auto dealerships are defined as “financial institutions” under the GLBA, and on October 27, 2021, changes by the FTC to the Safeguards Rule under the GLBA were announced that included new reporting rules that are applicable to auto dealers. 

According to Acosta, these changes are not something to delay or ignore. “Auto dealers have until December of 2022 to be compliant by ensuring the necessary safeguards are in place to protect customer information. Embrace this, as it will cause fundamental changes in the ways business happens.” 

The penalties for failing to comply with the GLBA can be costly. Jensen revealed that GLBA fines start as high as $45,000 for a single incident and only go up. He went on to say that a class-action lawsuit resulting from an incident can cost you millions of dollars in legal expenses. 

In addition to helping dealerships run leaner, faster, and more efficiently, technology can be used to help streamline compliance and protect consumer information. Acosta encouraged auto dealers to invest the necessary time and resources required to research and utilize the technologies available to them, and how to best leverage these technologies to help them achieve their compliance goals.  

Jensen also discussed the importance of getting buy-in from all the necessary stakeholders to succeed with compliance, and that without buy-in from the top-down, you’re going to have a difficult time investing in the necessary infrastructure to keep yourself covered. 

Acosta, Jensen, and Cox encouraged dealerships to put a compliance plan in place and act now, as achieving full compliance takes a significant amount of time and resources.  

To help dealerships get started, Vtech Dealer IT has provided a downloadable GLBA Safeguards Checklist: Vtech Dealer IT GLBA Safeguards Checklist