IBA Compliance Connection

Your go to source for compliance!

Under the FAST Act’s changes to the annual privacy notice requirements, our understanding is that we are not required to send customers the Privacy Notice OR give them notice (for example, on periodic statements) as long as we meet the two conditions. Is that correct? Our privacy notice has not changed, and we share information only for joint marketing purposes with another financial institution (and we don’t share information with affiliates under the FCRA).

by

admin

Yes, your bank is exempt from the annual privacy notice requirement and Regulation P’s alternative delivery method requirements under the FAST Act’s amendment of the Gramm-Leach-Bliley Act (GLBA).

Regulation P permits financial institutions meeting several preconditions to comply with the annual privacy notice delivery requirement by using an “alternative method” — posting the notice on a website (and mailing it on demand). However, if your bank qualifies for an exemption from the annual privacy notice requirement altogether, you are not required to use the alternative method or any method for delivering the notice.

For resources related to our guidance, please see:

  • Public Law 114-94, Title LXXV — Eliminate Privacy Notice Confusion (A financial institution that “(1) provides nonpublic personal information only in accordance with the provisions of subsection (b)(2) or (e) of section 502 or regulations prescribed under section 504(b), and (2) has not changed its policies and practices with regard to disclosing nonpublic personal information from the policies and practices that were disclosed in the most recent disclosure sent to consumers in accordance with this section . . . shall not be required to provide an annual disclosure under this section.”)