Kansas Governor Laura Kelly has approved enactment of Senate Bill 44 which requires certain financial institutions to establish information security standards consistent with the federal Gramm-Leach-Bliley Act's Safeguards Rule, 16 C.F.R. § 314.1, et seq.
The Kansas Financial Institutions Information Security Act becomes effective July 1, 2023.
A copy of the legislation is available at: Click Here
The new law applies to the following covered entities, as defined by Kansas law:
- Credit services organizations;
- Mortgage companies;
- Supervised lenders;
- Financial institutions engaging in money transmission;
- Trust companies; and
- Technology-enabled fiduciary financial institutions.
Covered entities must:
1- Adopt standards for developing, implementing, and maintaining reasonable safeguards to protect the security, confidentiality, and integrity of customer information pursuant to 16 C.F.R. § 314, as in effect on July 1, 2023;
2- Develop and organize its information security program into one or more readily accessible parts; and
3- Maintain its information security program as part of the covered entity's books and records in accordance with the record retention requirements of such covered entity.
The State Bank Commissioner has exclusive authority to implement, administer and enforce the Act, which includes the ability to examine, investigate, and subpoena covered entities. The Commissioner may seek injunctive relief and assess civil penalties not to exceed $5,000 per violation. All enforcement actions are pursuant to the Kansas Administrative Procedure Act.
This legislation is a model of simplicity. Instead of reinventing the wheel with lengthy and potentially controversial legislation, Kansas has taken a commonsense approach by simply requiring that certain regulated entities comply with the Safeguards Rule and providing its state regulator with enforcement authority.
Ralph T. Wutscher
Maurice Wutscher LLP
The Loop Center Building
105 W. Madison Street, 6th Floor
Chicago, Illinois 60602
Direct: (312) 551-9320
Fax: (312) 284-4751
Mobile: (312) 493-0874
Admitted to practice law in Illinois
Alabama | California | Florida | Illinois | Massachusetts | New Jersey | New York | Ohio | Pennsylvania | Tennessee | Texas | Washington, DC
NOTICE: We do not send unsolicited emails. If you received this email in error, or if you wish to be removed from our update distribution list, please simply reply to this email and state your intention. Thank you.
Our updates and webinar presentations are available on the internet, in searchable format, at:
Financial Services Law Updates
The Consumer Financial Services Blog™