Deposit Compliance: Privacy

Be sure to JOIN US for our webinar, “Deposit Operations Overview.”

The Privacy rules require you to inform your customers how you share (or don’t share) their non-public personal information. It’s really geared towards whether you share with non-affiliated third parties, but the Fair Credit Reporting Act can also drag affiliates into the mix. So, you have to tell customers when you’re going to share their information, if they can limit the information you share, etc.

Jerod explains more in the video.

Transcript:

Our next topic is going to be the Privacy of Consumer Financial Information. So the privacy rules work like this. You have to provide a notice that says, "Here's how you are going to handle privacy with consumer financial information." You have to state B, how and when you're going to share, and then whether or not the consumer can limit the information that you share. There are some things that you cannot share unless you provide an opt-out, a reasonable opportunity for the customer to opt-out of you being able to share that information. Now, the privacy rules deal with sharing non-public personally identifiable information with non-affiliated third parties. Okay? That's what privacy is about. Now, the privacy rule and the privacy notice got a little bit complicated when they decided to use the privacy rule notice also to address the Fair Credit Reporting Act information sharing and the Fair Credit Reporting Act affiliate marketing. But the privacy notice itself was only ever meant to deal with privacy initially. And that's what we're going to address today.

Understand that your privacy notice may also have opt-outs for affiliate marketing and consumer... I'm sorry, consumer credit-worthiness sharing provisions. Today we're going to focus just on the privacy aspect, which is sharing non-public personally identifiable information with non-affiliated third parties.

So there's some key terminology there at the bottom of page 73. We're going to skip over that. You can use it as a resource. Page 74. Privacy limits some things. There's no question. And if you are ever unsure whether you can share something, you can either just choose not to share it or get the customer to approve the release of the information, get them to sign off on it, and authorize it. But there are a lot of things that privacy doesn't restrict.

So things like check verification. You can contact a third party or another financial institution to verify a check. You can contact another financial institution for a loan payoff. Here's what it comes down to. They can contact you as well, these other third parties. Can you release the information? You need to be certain that the person on the other end of the line is who they say they are, and they need to know. So verify that Amy is Amy, calling on behalf of ABC Bank to get a loan payoff. If I'm reasonably satisfied that Amy is with ABC Bank and needs to know the loan payoff, I will give it to her. And there are FAQs out there, frequently asked questions, that say that you can do that.

Same thing with check verifications. Now be careful how far you go, okay? I would stick to, "That will or will not be clear at this time." I wouldn't give too much information, but you can give information, okay? And I think it's expected that you do. Some organizations out there just say, "Oh, we won't share anything; it's a privacy thing." That doesn't help the industry out. There are certain things you can and should share, and I recommend that you do so. if there's any question, sometimes you just got to go with your gut. "I'm not going to release this," or "I'm going to go get compliance involved and see if there's an out," or "I'm just going to get the customer to authorize it before I release it." Customer authorization will always trump.

Published
2022/08/15