skip to Main Content
KPA Logo

FTC Extends Deadline to Comply with Safeguards Rule

Robert Ebin /

The FTC has just announced that it is extending the deadline to comply with many of the Safeguards Rule’s updated requirements by six months.  Accordingly, the new compliance deadline has moved from December 9, 2022, to June 9, 2023. You can read the FTC’s announcement here.

Some of you may recall that the FTC approved significant additions to the Safeguards Rule back in October 2021.  At a high level, these amendments provided more specific criteria for what safeguards financial institutions (yes, including dealers) must implement.  Although some of the new provisions went into effect back in January 2022, many of the more onerous ones, at least from a dealership’s perspective, were scheduled to go into effect on December 9, 2022.  These included:

  • Appointment of a qualified individual to oversee your information security program.
  • Written risk assessments
  • Continuous monitoring or annual penetration testing
  • Continuous monitoring or biannual vulnerability assessment
  • Security awareness training for staff
  • Limiting and monitoring who can assess sensitive customer information (i.e., access controls)
  • Encryption of customer information at rest and in transit
  • Creation of an incident response plan
  • Periodic assessment of service providers
  • Multi-factor authentication
  • Data mapping

Per the FTC’s announcement, these provisions will now go into effect on June 9, 2023.  This announcement comes on the heels of advocacy on behalf of small businesses to delay the effective date. Reports also show that there is a shortage of qualified personnel to implement information security programs and supply chain issues affecting businesses’ ability to acquire necessary equipment to upgrade their security systems as required under the Rule.


If you have any questions regarding this, or any other situation that may arise in your sales or service departments, hotline clients are invited to contact us at (800) 785-2880 (then press “4” for hotline) or

Back To Top
Services: Compliance Services Services: Workplace Health and Safety Services Services: Environmental Risk Management Services About: Leadership Software: Online Training About: Who We Are Resources: Library Resources: Events and Webinars Resources: Blog YouTube Twitter LinkedIn