AICPA's WebTrust Helps Financial Institutions Comply With New Financial Services Modernization Act to Protect Private Customer Information

Business Wire, Nov 13, 2000

Business Editors

NEW YORK--(BUSINESS WIRE)--November 13, 2000

Law Takes Effect Today for Entire Financial Services Industry

Establishes Information Privacy and Security Best Practices

The American Institute of Certified Public Accountants (AICPA) announced today that the WebTrust Program for On-Line Privacy, a comprehensive e-business tool, will help financial services companies comply with the privacy provisions of the new Financial Services Modernization Act, also known as the Gramm-Leach-Bliley Act, that is designed to protect their customers' privacy. Although the privacy rules are effective beginning November 13, 2000, full compliance with the law is not required until July 1, 2001, allowing financial institutions to bring their procedures and disclosure forms into compliance. The law mandates compliance by approximately 250,000 financial institutions, including all banks, thrifts and credit unions, as well as consumer finance companies, mortgage lenders, mortgage brokers, insurance agents, real estate agents, stock brokers and financial planners. These institutions have until July 1, 2001 to fully comply with the Financial Services Modernization Act.

The WebTrust Program provides a comprehensive series of e-business best practices that helps financial institutions integrate effective security and information privacy controls and procedures into their operations. A licensed CPA independently verifies that the institution protects its private customer information in accordance with the provisions of the law and provides customers the right to opt out of the information sharing process. In addition to security and privacy, the WebTrust Program covers other key e-business areas such as business practices, transaction integrity, confidentiality, availability and non-repudiation.

"Private financial information can't be protected merely by technology, software or promises," said Anthony Pugliese, Director of Assurance Services for the AICPA. "WebTrust blends the best technology tools with a comprehensive privacy audit to provide a complete e-business solution, particularly for financial institutions that handle personally identifiable information about their customers."

If a financial institution shares non-public, personal information with non-affiliated, third parties, it must give customers the ability to opt out of such sharing. Although the law does not regulate the sharing of information between a financial institution and its affiliates, WebTrust's security and privacy best practices help ensure that the institution has sound procedures and controls in place to reduce the risk that a customer's privacy will be violated by an affiliate.

Added Pugliese, "For over a century, the public accounting profession has protected individual investors, helped companies mitigate risk and significantly enhanced stakeholder value. Similarly, CPAs apply these strengths and abilities to help financial institutions gain public trust and credibility under the new Financial Services Modernization Act."

The American Institute of Certified Public Accountants (AICPA) is the ISO 9001 certified national professional organization of CPAs in the United States with more than 335,000 members in public practice, business and industry, government, and education. For more information about WebTrust, please visit www.webtrust.org.