Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-migrate-db domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /srv/app/gotoiba-dev/htdocs/web/wp-includes/functions.php on line 6121
We are a federal savings bank owned by a mid-tier holding company that is owned by a mutual holding company. All three entities have the same board members and officers. Do we need to list our holding companies as affiliates on our privacy notice if we do not share information with them? – IBA Compliance Connection

We are a federal savings bank owned by a mid-tier holding company that is owned by a mutual holding company. All three entities have the same board members and officers. Do we need to list our holding companies as affiliates on our privacy notice if we do not share information with them?

by

No, we do not believe that you need to list your bank’s holding companies on your initial, annual, or revised privacy notices if you do not share information with them.

Under Regulation P, the holding companies that own your bank are considered your affiliates. However, if you “do not disclose, and do not wish to reserve the right to disclose, nonpublic personal information about customers or former customers to affiliates,” you may simply state that fact on the notice. If using the model privacy form, your bank make may insert “[name of financial institution] does not share with our affiliates” next to “Affiliates” in lieu of naming your affiliates.

For resources related to our guidance, please see:

  • Regulation P, 12 CFR 1016.6(c)(5) (“If you do not disclose, and do not wish to reserve the right to disclose, nonpublic personal information about customers or former customers to affiliates or nonaffiliated third parties except as authorized under §§ 1016.14 and 1016.15, you may simply state that fact, in addition to the information you must provide under paragraphs (a)(1), (a)(8), (a)(9), and (b) of this section.”)
  • Regulation P, Appendix — Model Privacy Form, Instructions (“As required by § 1016.6(a)(3) of this part, where [affiliate information] appears, the financial institution must: . . . (ii) If it has affiliates but does not share personal information, state: ‘[name of financial institution] does not share with our affiliates’; or . . .”)