Which regulation outlines rules on how financial institutions may share information?

The correct regulation that outlines rules on how financial institutions may share information is the Gramm-Leach-Bliley Act (GLBA). This act specifically applies to financial institutions and mandates that they protect consumers' personal financial information and outlines the conditions under which financial institutions can share this information with third parties.

The GLBA has important provisions such as the Financial Privacy Rule, which requires financial institutions to disclose their privacy policies regarding information sharing to consumers, and allows consumers to opt-out of certain types of information sharing. Understanding these rules is crucial for ensuring compliance within financial institutions and protecting consumer privacy.

While the Fair Credit Reporting Act (FCRA) does relate to consumer information, it primarily governs the collection and dissemination of consumer credit information by credit reporting agencies rather than the broader practices of financial institutions regarding personal information. The Privacy Act pertains to federal agencies rather than financial institutions, and the General Data Protection Regulation (GDPR) is a European regulation focused on data protection and privacy across the European Union, which differs significantly from the context of U.S. financial regulations.