[Code of Federal Regulations]
[Title 16, Volume 1]
[Revised as of January 1, 2003]
From the U.S. Government Printing Office via GPO Access
[CITE: 16CFR314.5]

[Page 408]
 
                     TITLE 16--COMMERCIAL PRACTICES
 
                   CHAPTER I--FEDERAL TRADE COMMISSION
 
PART 314--STANDARDS FOR SAFEGUARDING CUSTOMER INFORMATION (EFF. 5-23-03)--Table of Contents
 
Sec. 314.5  Effective date.

    (a) Each financial institution subject to the Commission's 
jurisdiction must implement an information security program pursuant to 
this part no later than May 23, 2003.
    (b) Two-year grandfathering of service contracts. Until May 24, 
2004, a contract you have entered into with a nonaffiliated third party 
to perform services for you or functions on your behalf satisfies the 
provisions of Sec. 314.4(d), even if the contract does not include a 
requirement that the service provider maintain appropriate safeguards, 
as long as you entered into the contract not later than June 24, 2002.

[[Page 409]]