Banks and other financial institutions may be able to avoid costly manual mailings of annual privacy notices to customers and instead publish annual privacy notices on their websites under a new rule issued by the federal Consumer Financial Protection Bureau (CFPB).
Banks are required to give annual privacy notices to customers under the GrammLeach-Bliley Act (GLBA) and the CFPB’s Regulation P (12 CFR Part 1016). The new rule and Regulation P apply to certain non-bank financial institutions, as well.
The CFPB rule will take effect upon its pending publication date in the Federal Register.
The new rule allows banks and other financial institutions to use the website posting method only if certain conditions are met, including:
Also, for any financial institution that discloses customer information in a way that triggers “affiliate marketing” opt-out rights under FCRA, the financial institution must also do one of the following before it can use the new website method to disclose the annual privacy notice:
To use the website disclosure method for annual privacy notices, a financial institution must insert a clear and conspicuous statement at least once per year on an account statement, coupon book or any notice or disclosure required or expressly permitted under law, announcing that:
Also, in this statement, the customer must be provided with a specific web address that takes the customer directly to the page where the privacy notice is available, rather than requiring the customer to find that page via links on the website.
The financial institution must continuously post the annual privacy notice in a clear and conspicuous manner on a page of its website, without requiring a login, password or similar steps to access the notice. Also, the notice must be posted on a page of the website that contains only the notice.
In addition, to assist customers with limited or no access to the Internet, the financial institution must mail annual notices to customers who request them within 10 days of any such request.
Although we would like to hear from you, we cannot represent you until we know that doing so will not create a conflict of interest. Also, we cannot treat unsolicited information as confidential. Accordingly, please do not send us any information about any matter that may involve you until you receive a written statement from us that we represent you (an ‘engagement letter’).
By clicking the ‘ACCEPT’ button, you agree that we may review any information you transmit to us. You recognize that our review of your information, even if you submitted it in a good faith effort to retain us, and, further, even if you consider it confidential, does not preclude us from representing another client directly adverse to you, even in a matter where that information could and will be used against you. Please click the ‘ACCEPT’ button if you understand and accept the foregoing statement and wish to proceed.