All of the information below is to provide all you need for internal education, external client communications, and overall compliance with the California Consumer Privacy Rights Act (CPRA), its implementing regulations, and other pending privacy legislation.

For support questions, please email

Compliance Resources

Regulatory and Industry Updates

To receive regulatory and industry updates, visit our community lounge. We have a forum dedicated to regulations and other industry updates. You are able to subscribe to this forum to receive email notifications once a topic is posted.

Compliance Systems' Solution

We offer a flexible solution for financial institutions to comply with the CCPA and its implementing regulations. Financial institutions that are subject to the CCPA can now complete the required disclosures via Simplicity Configuration. We will be making any necessary changes to our solution to comply with the CPRA.

CCPA Information and Resources

We have addressed commonly asked questions regarding the CCPA as it relates to financial institutions.

Updated 2020

Updated 2022

Click the Map to See the Pending Federal and State Privacy Legislation
Updated 4/11/2022

CPRA and Privacy Legislation Information

On November 3, 2020, California voters approved the statute initiative, California Privacy Rights Act of 2020 (CPRA). The CPRA amends and expands the California Consumer Privacy Rights Act of 2020 (CCPA).


Proposed Regulations

Proposed Regulations – Oct. 17

The California Privacy Protection Agency (CPPA) announced that they have begun the formal rulemaking process to adopt the proposed regulations that implement the Consumer Privacy Rights Act of 2020 (CPRA).

The timeframe to finalize the regulations will be based on a 45-day public comment period, which will close on August 23, 2022. Based on the submitted comments, the CPPA may make changes to the proposed regulations. If major changes are made, the CPPA is required to have another 45-day comment period; however, if only substantive or sufficiently related changes are made, then the comment period is shortened to 15 days. A comment period is not required if no changes are made or changes are insubstantial.

Rulemaking Documents

Additional Training and Resources

Compliance Systems is committed to providing the most up-to-date compliance information. Email blasts are sent out to inform our users of compliance help including regulatory updates.

Other state legislatures, as well as the federal government, have pending privacy legislation that Compliance Systems will continue to closely monitor.