President Bill Clinton signing the Gramm-Leach-Bliley Act into law
Source: Novo Credit Repair
What is the Gramm-Leach-Bliley Act?
The Gramm-Leach-Bliley Act (GLBA), or Financial Services Modernization Act, refers to bi-partisan legislation to update regulations on the financial industry. Congress passed the bill on November 12, 1999 during President Bill Clinton’s administration.
The GLBA has three main sections to ensure financial institutions maintain transparency with and security for clients:
- The Financial Privacy Rule—regulates the collection and disclosure of private financial information
- The Safeguards Rule—requires financial institutions to implement security measures to safeguard private financial information
- The Pretexting Rule—prevents access to private information using false pretenses
The passing of the Gramm-Leach-Bliley Act (in)famously neutered the Glass-Steagall Act of 1933, which prevented commercial banks from offering financial services (e.g., investment and insurance) to most clients. Some believe this specific part of the GLBA contributed to causing the 2008 financial crisis.
In this article, the Zero Theft Movement will cover the sections of the Gramm-Leach-Bliley Act and notable violations of the legislation in recent years. We will also take a look at the debate on whether the 2008 financial crisis should be attributed to the GLBA and its deregulation of the banking industry.
The Zero Theft Movement is a crowdfunded effort to fight against the rigged economy and crony capitalism with hard proof gathered through citizen-led investigation. As a distributed organization, we firmly adhere to our policy of one-citizen-one vote. Regardless of who you are, how much you donate, or what company you work for or represent, you get one vote per investigation.
History behind the GLBA
To properly cover the Gramm-Leach-Bliley Act, we must turn back time to the Great Depression. In late 1929, the stock market crashed. Banks had not only made risky investments with depositors’ savings but also had been promoting securities they underwrote to customers. Bank runs and a decade of hardship followed.
Regulators and lawmakers, in the aftermath of the crash, thought that commercial and investment banking had grown dangerously entangled. They enacted the Glass-Steagall Act, or Banking Act of 1933, to create a clear division between the two forms of banking (Section 20), eliminating the conflicts of interest that had arguably contributed to the extreme economic downturn.
Nevertheless, the financial industry found a major loophole in the legislation. The law outlawed banks to affiliate with firms that were “engaged principally” in underwriting and dealing securities. Commercial banks began to acquire firms and/or create subsidiaries involved only in some securities.
Consolidation started to become a trend in the 1970s and was commonplace by the 1990s. According to the Federal Reserve (Fed), “the number of commercial banks in the United States had fallen from more than 14,000 in 1984 to fewer than 9,000 in 1999, while the average size of those banks had grown…Beginning in the late 1980s, some commercial banking organizations had started moving into underwriting securities (stocks and corporate bonds) and a few had also begun selling insurance.”
Despite the long trend towards consolidation, Congress did not actually make a change until 1999, with the Gramm-Leach-Bliley Act. The massive proposed merger between Citicorp and Travelers Insurance in 1998, illegal under Glass-Stegall, indicated regulatory changes were on the horizon.
Understanding Gramm-Leach-Bliley Act
While the Gramm-Leach-Bliley Act did enable commercial and investment banks to once again reside under the same roof, the legislation also established transparency and privacy measures to protect clients.
The GLBA, as mentioned in the introduction, features three main sections: the financial privacy rule, the safeguard rule, and the pretexting rule
Financial Privacy Rule
The Financial Privacy Rule establishes requirements on how organizations can collect and disclose private financial information. Financial institutions must provide “clear and conspicuous notice” of their privacy policies to all new clients. Most banks must also send an annual notice of their privacy policy to current customers.
The rule also explicitly orders banks to notify clients about any of their information-sharing practices and explain the customer’s right to “opt out” if they don’t want their information shared with unaffiliated third parties.
Safeguard Rule
The Safeguard Rule ensures that banks establish protections against white-collar crimes (e.g., phishing scams and email spoofing). The Federal Trade Commission (FTC) instituted this rule in 2002, and it remains in effect today.
Financial institutions must also appoint at least one employee to manage all aspects of their information security system. Data encryption and key management, for example, are currently the industry standard, but they aren’t actually FTC requirements under the Safeguard Rule. The security lead (or team) needs to continue developing and test the bank’s protection measures regularly.
Pretexting Rule
The Pretexting Rule prevents employees or business partners from using customer information under false pretenses. The Gramm-Leach-Bliley Act does not have any defined requirements to prevent pretexting, but financial institutions usually abide by this rule through employee training.
Have you wondered why U.S. drug prices are so much higher than in other countries? The RAND Corporation, a nonprofit, used 2018 data to conduct a study finding that prescription drug prices in the U.S. are 256% higher vs other countries. See whether the Zero Theft community has voted that the pharmaceutical industry is ripping off the U.S. public.
Penalties & Alleged Violations of the GLBA
Financial institutions, their executives, and employees that fail to abide by the rules of the Gramm-Leach-Bliley Act could be subject to strict financial and/or personal penalties. Banks have to pay a fine of up to $100,000 for each violation. Directors and executives might have to face fines of up to $10,000 for each infraction and/or imprisonment for five years.
Following GLBA regulations, for the most, benefits banks and their many clients. The public expects banks to have strong security measures in place. That’s a given. But if a bank can develop a particularly effective security plan and track record of safety, its efforts to go above and beyond the industry standard can become a huge selling point for the financial institution.
Unfortunately, just because rules and laws exist, that does not mean all relevant parties will follow them. Let’s take a look at a number of notable alleged violations of the Gramm-Leach-Bliley Act.
Mortgage Solutions FCS, Inc.
In 2020, the FTC filed a complaint against the California-based mortgage broker Mortgage Solutions FCS, Inc. According to the Agency’s press release, the company agreed to pay $120,000 to settle the allegations that it had posted personal information about consumers in response to negative Yelp reviews.
The press release details the violation of the GLBA as follows:
“The FTC alleges that Mortgage Solutions FCS, Inc. (doing business as Mount Diablo Lending) and its sole owner, Ramon Walker, responded to consumers who posted negative reviews on Yelp by revealing their credit histories, debt-to-income ratios, taxes, health, sources of income, family relationships, and other personal information. Several responses also revealed reviewers’ first and last names, according to the complaint.
“For example, in response to one negative Yelp review, Walker wrote on behalf of the company: ‘Your credit report shows 4 late payments from the Capital One account, 1 late from Comenity Bank which is Pier 1, another late from Credit First Bank, 3 late payments from an account named SanMateo. Not to mention the mortgage lates. All of these late payments are having an enormous negative impact on your credit score.’”
Venmo/PayPal
In 2018, the FTC filed a complaint against major financial technology company PayPal, specifically for issues with its product Venmo. The Agency alleged that Venmo violated the Gramm-Leach-Bliley Act by failing to disclose information to consumers about the ability to transfer funds and privacy settings. The press release announcing a settlement agreement of an undisclosed amount claims the following:
“According to the complaint, Venmo sent its users notifications that money had been credited to their Venmo balances and was available for transfer to an external bank account. However, the FTC says that Venmo failed to disclose that these funds could be frozen or removed based on the results of Venmo’s review of the underlying transaction. As a result, consumers complained that at times, Venmo delayed the withdrawal of funds or reversed the underlying transactions after initially notifying them that the funds were available.
“The FTC alleges that many consumers said they experienced financial hardships, such as being unable to pay their rent or other bills, because they could not transfer the money as promised by Venmo. Other consumers who used Venmo to receive payment for event tickets or other valuable items relied on the notifications that money had been credited to their Venmo account, delivered the item to the purchaser, and consequently incurred a financial loss when Venmo removed the funds.
“In addition, the Commission alleges that Venmo violated the Gramm-Leach-Bliley Act’s Safeguards Rule, which requires financial institutions to implement safeguards to protect the security, confidentiality, and integrity of customer information, and Privacy Rule, which requires financial institutions to deliver privacy notices to customers.”
Equifax
One of the largest U.S. consumer credit reporting agencies, Equifax experienced a data breach in September 2017. The personal information (e.g., home addresses, dates of births, social security numbers, etc.) of around 147 million Americans had potentially been leaked. Just to put things into perspective, that’s about 44% of the U.S.’s total population (~337 million).
In response to the breach, the FTC filed a complaint alleging that Equifax had failed to properly safeguard the private information of millions stored on its network. Widespread identity theft and fraud had become a very real possibility due to the leak.
The Agency’s settlement announcement details the terms of the agreement:
“Equifax will pay $300 million to a fund that will provide affected consumers with credit monitoring services. The fund will also compensate consumers who bought credit or identity monitoring services from Equifax and paid other out-of-pocket expenses as a result of the 2017 data breach. Equifax will add up to $125 million to the fund if the initial payment is not enough to compensate consumers for their losses. In addition, beginning in January 2020, Equifax will provide all U.S. consumers with six free credit reports each year for seven years—in addition to the one free annual credit report that Equifax and the two other nationwide credit reporting agencies currently provide…The company also has agreed to pay $175 million to 48 states, the District of Columbia and Puerto Rico, as well as $100 million to the CFPB in civil penalties.”
Dark pool trading accounts for ~30% of all trading. Do you think billions of concealed trades could be happening without us even knowing it? Find out what your fellow citizens have uncovered…
Deregulation and the 2008 Subprime Mortgage Crisis
Much political and academic debate around the Gramm-Leach-Bliley Act ensued in the aftermath of the 2008 subprime mortgage crisis.
One camp identified the GLBA as a major contributor to the economic disaster. Consolidation in the banking industry had created financial behemoths, or superbanks, which were ‘too big to fail.’ Law professor Joseph Grant discusses the combustible mix of commercial banks getting involved in securitization (i.e., risk) and the concentration of capital through mergers and acquisitions. The bigger they are, the harder they fall, and the greater damage it does to anything near it. Many politicians (at least, publicly) supported the first camp. In 2016, both Democrats and Republicans called for the reinstatement of the Glass-Steagall Act.
The opposing camp countered that the GLBA had a nominal effect on creating the crisis. Essentially, this view contends that commercial banks and their holding companies failed because they ignored underwriting standards. These banks invested in large amounts of mortgage‐backed securities (MBSs), which included subprime and other risky loans. Nevertheless, this camp claims that banks were allowed to trade MBSs under the Glass-Steagall Act as regulators treated these financial instruments as loans in a securitized form. The problem lay in risky investments, high financial leverage, the unregulated shadow banking system, mortgage securitization, and a whole host of questionable practices that were all allowed long before the Gramm-Leach-Bliley Act went into effect.
The Gramm-Leach-Bliley Act & the U.S. Economy
While the Gramm-Leach-Bliley Act did open the door for superbanks, whether the legislation actually served as the main reason for the 2008 financial crisis remains up for debate. The act has also ensured that financial institutions maintain a much more transparent relationship with their customers than before. Especially in the digital age, no one would put their money in the bank without the standard protections we have all come to expect.
In regards to protecting your money and investments from economic foul play, we at the Zero Theft Movement have decided to formalize and structure the discussion around the rigged economy. Many have made claims in the past that the U.S. economy is rigged, but the conversation seems to always fizzle out. The Zero Theft Movement is dedicated to providing the only platform where you and your fellow citizens can systematically and democratically determine the rigged areas of the U.S. economy. Many of us could be losing money every year because of broken legislation, corrupt lawmakers, and predatory corporations. It’s up to us to protect ourselves.
Through our software, you decide whether (1) theft is or isn’t occurring in a specific area of the economy, and (2) how much is being stolen or possibly saved. Through direct democracy, we can collectively decide where the problem areas are and start working on addressing them systematically.
Standard Disclaimer
The Zero Theft Movement does not have any interest in partisan politics/competition or attacking/defending one side. We seek to eradicate theft from the U.S economy. In other words, how the wealthy and powerful rig the system to steal money from us, the everyday citizen. We need to collectively fight against crony capitalism in order for us to all profit from an ethical economy.
Terms like ‘steal,’ ‘theft,’ and ‘crime’ will frequently appear throughout the article. Zero Theft will NOT adhere strictly to the legal definitions of these terms (since congress sells out). We have broadly and openly defined terms like ‘steal’ and ‘theft’ to refer to the rigged economy and other debated unethical acts that can cause citizens to lose out on money they deserve to keep.