Compare with different regulatory event:
The amended Rule would expand the entities subject to the new requirements, defining the "financial institution" as entities that engage in any activity considered to be financial. Under the amended Rule, entities such as mortgage brokers, payday lenders and motor vehicle dealers would be required to implement security systems to ensure the protection of the customer data. In particular, the amended Rule would require financial institutions to develop a comprehensive preventive and detective security system and appoint a responsible employee to implement the required security measures. Furthermore, financial institutions would be required to submit regular reports, encrypt information, create a data clearance hierarchy within the institution and conduct a regular review of its security response plan.
Original source