Home > News & Events > Inactive Financial Institution Letters
Inactive Financial Institution Letters
The Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision have jointly adopted the attached final rule on the privacy of consumers' financial information. The rule takes effect on November 13, 2000, but financial institutions have until July 1, 2001, to be in mandatory compliance with the regulation.
The banking agencies' rule:
Under the rule, restrictions on sharing information with nonaffiliated third parties apply to "nonpublic personal information" about a consumer. Nonpublic personal information is "personally identifiable financial information" that is provided by a consumer to a financial institution, results from any transaction with or service performed for the consumer, or is otherwise obtained by the financial institution.
The rule excludes "publicly available information" from the definition of nonpublic personal information. Publicly available information is any information that an institution has a reasonable basis to believe is lawfully made available to the general public from government records, widely distributed media or disclosures to the public required to be made by federal, state or local law. To have a reasonable basis, the institution must determine three things:
Under the rule, financial institutions must provide a clear and conspicuous notice that accurately reflects their privacy policies and practices. The notice must be given to any individual who becomes a customer of the financial institution by the time the customer relationship is established, and annually as long as the relationship continues. Also, the notice must be given to any consumer who does not become a customer before nonpublic personal information about the consumer may be shared with nonaffiliated third parties.
Opt Out Requirement
Before an institution can share nonpublic personal information with nonaffiliated third parties, consumers must be given a reasonable opportunity to "opt out" from having that information shared. The opt out notice must be given to:
The rule does provide certain exceptions that permit a financial institution to share nonpublic information with third parties without providing privacy or opt out notices. These exceptions include disclosures of nonpublic personal information made in connection with certain processing and servicing transactions; with the consent of or at the direction of the consumer; to protect against potential fraud or unauthorized transactions; and to respond to judicial process.
The rule provides sample model clauses (Appendix A in the attachment) that a financial institution may use to develop its own initial and annual privacy notices.
For more information contact James K. Baebel, (202-736-0229) or Deanna Caldwell, (202-736-0141) in the FDIC's Division of Compliance and Consumer Affairs; or Robert A. Patrick, (202-898-3757); Marc J. Goldstrom, (202-898-8807); Nancy Shucker Recchia, (202-898-8885); or Marilyn E. Anderson, (202-898-3522) in the FDIC's Legal Division.
Distribution: FDIC-Supervised Banks (Commercial and Savings)
NOTE: Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 801 17th Street, NW, Room 100, Washington, DC 20434 (800-276-6003 or (703) 562-2200).
|Last Updated firstname.lastname@example.org|