United States of America: Implemented FTC Amendment to Standards for Safeguarding Customer Information

On 13 May 2024, the Federal Trade Commission (FTC) implemented the final rule amending the Standards for Safeguarding Customer Information requiring financial institutions to report any unauthorised access to unencrypted customer information affecting 500 or more individuals. Under the rule, financial institutions are required to report such security breaches through an electronic form on the FTC's website. The report must include detailed information about the breach, including the type of information involved, the number of consumers affected, and any law enforcement engagement.