47 its provisions related to the treatment of confidential information . We regularly update companywide training, policies, and information- handling standards to help Wells Fargo employees understand their role in protecting customer information . We perform employee background checks, which we also require for nonemployees and third-party service providers who handle Wells Fargo’s customer information . Educating customers on digital security The world continues to become increasingly digitally interconnected, which allows greater access to information and services in the financial services industry . In this environment, we encourage digitally active customers to protect their accounts by offering security options like two-factor authentication, biometrics, and the ability to turn debit cards on and off . Our online security center provides customers with resources to explore security options, spot scams, report fraud, and more . We also provide educational materials that encourage customers to create strong passwords, avoid suspicious links, keep their software updated, limit the personal information they share online, and use a screen lock on mobile devices . Protecting data in open banking environments With the growing number of apps designed to help customers lead healthier financial lives, Wells Fargo believes it’s important to support our customers’ desire to use these apps and to enable sharing of their Wells Fargo account information with them in a seamless and more secure way . We’ve reached data exchange agreements based on application programming interfaces (APIs) with numerous third-party personal financial management apps and financial data aggregators . This API-based data exchange moves away from credential-based access and ultimately gives our customers greater transparency into, and control over, the bank account information they share with supported apps, including the ability to turn data sharing on or off through our Control T ower® digital experience . Protecting cust omer and employee privacy Managing privacy risk is the responsibility of every Wells Fargo employee . Wells Fargo mandates companywide privacy training in addition to requiring comprehensive business line procedures to minimize data privacy risk . The privacy regulatory landscape continues to rapidly expand . The California Privacy Rights Act (CPRA) expands upon the California Consumer Privacy Act of 2018 (CCPA) and will be effective in 2023 . In addition to federal initiatives currently under consideration, other states continue to introduce legislation to further expand privacy rights and protections to state residents . Numerous regions and jurisdictions around the world have enacted or are proposing privacy and data protection laws, including the General Data Protection Regulation or GDPR in the EU . We actively track these developments and enhance our privacy practices accordingly .