WeVote

Bill

Bill

HB 381

CRIMINAL LAW-TECH

104th Regular Session Introduced by Chris Welch

HB 381 mandates Florida's financial institutions to implement robust security programs and incident response plans, enhancing consumer data protection against cyber threats.

Rule 19(a) / Re-referred to Rules Committee
0
WeVote Research Nonpartisan
Bill Summary · HB 381

Summary of HB 381 - Office of Financial Regulation

Bill Information:
- Bill Number: HB 381
- Title: Office of Financial Regulation
- Status: Filed
- Introduced: November 06, 2025
- Classification: Bill
- Subject: Banks and Banking

Purpose and Intent

HB 381 aims to enhance the security and regulatory framework surrounding financial institutions in Florida. The bill mandates that loan originators, mortgage brokers, mortgage lenders, and money services businesses develop comprehensive information security programs to protect customer data and respond effectively to cybersecurity incidents.

Key Provisions

The bill introduces several significant provisions, including:

Information Security Programs

  • Requirement for Security Programs: Loan originators, mortgage brokers, mortgage lenders, and money services businesses must create, implement, and maintain written information security programs.
  • Incident Response Plans: These entities are required to establish written plans for responding to cybersecurity incidents, detailing procedures for managing such events.

Compliance and Documentation

  • Record Maintenance: Entities must keep copies of their information security programs for a specified timeframe and make them available to the Office of Financial Regulation upon request.
  • Cybersecurity Investigations: The bill mandates that these businesses conduct investigations into cybersecurity events and maintain records of such investigations.

Notifications and Breach Responses

  • Security Breach Notifications: The bill outlines requirements for notifying affected individuals, the Office of Financial Regulation, and credit reporting agencies in the event of a security breach.

Amendments to Existing Laws

  • Disciplinary Actions: The bill amends existing statutes to include additional grounds for disciplinary actions against loan originators and mortgage brokers.
  • Financial Technology Sandbox: It revises the criteria for approving applications for the Financial Technology Sandbox, allowing for a broader range of financial products and services.

Additional Changes

  • Credit Union Regulations: The bill allows virtual meetings for credit union members and removes limitations on investments in real estate and equipment.
  • Bank and Trust Company Regulations: It revises requirements for organizing banks and trust companies, including factors for application approval and director qualifications.

Who Would Be Affected

  • Financial Institutions: Loan originators, mortgage brokers, mortgage lenders, money services businesses, and credit unions will be directly impacted by the new requirements.
  • Consumers: Customers of these financial entities will benefit from enhanced data protection measures and improved responses to cybersecurity threats.

Procedural Aspects

  • Timeline: The bill was filed on November 06, 2025, and is currently in the legislative process.
  • Rulemaking Authority: The bill grants the Office of Financial Regulation the authority to establish rules necessary for implementing the provisions of the bill.

Conclusion

HB 381 represents a proactive approach to safeguarding consumer information within Florida's financial sector. By requiring comprehensive security measures and clear incident response protocols, the bill aims to mitigate risks associated with cybersecurity threats and enhance overall regulatory oversight.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.