skip to Main Content

FTC Safeguards Compliance

In December 2021, the FTC revised the Safeguards Rule, which is a component of the Gramm-Leach-Bliley Act (GLBA). The Rule requires that financial institutions, including dealerships, develop, implement, and maintain a comprehensive written information security program. KPA provides the tools and services to help you stay compliant.

Sales F&I compliance software and services limit your
liability from the first contact to deal close.

KPA helps dealerships, develop, implement, and maintain a comprehensive information security program.

Qualified Individual

KPA provides a sample Designation of Qualified Individual Form.

Additionally, during an on-site Safeguards review, your KPA Consultant will confirm the qualified individual is in place.

Risk Assessment

Your KPA Consultant will validate you have completed a yearly risk assessment and verify there is a written assessment.

They will also provide a written report detailing the handling of physical customer data with recommendations for implementing new controls.

Information Safeguards

KPA provides a sample written Information Security Program template.

During an on-site Safeguards review, your KPA Consultant will inquire that you have put proper information safeguards in place that address and/or control the risks identified in the assessment.

Safeguards Testing

KPA partners with Helion Technologies, SDP Compliance, and Infosec Institute to provide IT monitoring, Phishing Simulation and other cyber security services to help you comply with the Safeguards Rule requirements.

KPA will also verify you have put in place a continuous monitoring solution or have conducted penetration and vulnerability tests.

Personnel Training

KPA provides online General Security Awareness training.

During an on-site Safeguards review, your KPA Consultant will validate you have provided regular training programs and that security personnel are keeping up to date with security trends and program risk needs.

Incident Response Plan

KPA provides templates for both an Incident Response Plan and a Breach Notification Form.

During on-site Safeguards review, your KPA Consultant will verify that an incident response plan is in place. They will also confirm a walkthrough of the plan is conducted annually.

Service Provider Oversight

KPA provides a Sample Service Provider Risk Assessment and a Sample Service Provider GLBA Addendum.

During your on-site Safeguards review, your KPA Consultant will inquire that the correct service provider addendum is in place and covers all providers.

Annual Reporting

Your KPA Consultant will verify regular reports are being produced by the qualified individual.

Your consultant will also ensure both Safeguard assessments and KPA’s on-site physical Safeguard security reports are incorporated into the dealer’s risk assessment remediation plans.

Take a Test Drive

See how everything works together to make your dealership’s safety and compliance program a success.

Check out the demo center

Customer Spotlight

Learn how KPA customers are saving time and money, while building a safer workforce.

Having a structured and reputable compliance partner like KPA takes away all the guesswork.

VP Finance Operations, LAcarGUY

Learn how LAcarGUY protects their reputation

Recommended Resources

Here are some resources to help you build a better safety program.

View the Full Resource Library

The F&I Forbidden 20

Crossing the line in F&I can do substantial damage to your dealership's reputation. Why take the chance?

Download the Guide

f&i minute cover resource library

The F&I Minute

Let’s take a minute to talk about the F&I issues and advice that’ll save your bottom line and protect your reputation.

Watch the Series

Back To Top