Topic: Right to Financial Privacy Act
-
We received a message through the Social Security Administration (SSA)’s online system asking us to verify whether an individual has a deposit account with us. The individual is a customer of ours, but we are not sure whether we should disclose this information. The SSA’s message says that our customer has consented to the release of this information in accordance with the Right to Financial Privacy Act, but the customer’s signature is not included. Instead, the SSA’s message states that our customer’s signature is on file.
—
by
We do not recommend disclosing the fact that your customer has a deposit account with your bank without receiving a signed and dated statement from your customer authorizing the disclosure that complies with the Right to Financial Privacy Act’s requirements. The Right to Financial Privacy Act prohibits federal government authorities from accessing information contained in…
-
When we receive a subpoena seeking information about one of our customers, are we supposed to notify the customer and wait for them to respond before responding to the subpoena?
—
by
Yes, you generally must notify a customer of a subpoena by sending them a copy, subject to the caveats discussed below, but you do not need to wait for the customer to respond after notifying them of the subpoena. The Illinois Banking Act requires banks to send a copy of a subpoena to a customer…
-
How must subpoenas be served on financial institutions? Should we accept a subpoena only if it is served via certified mail, and how should we respond if a subpoena is sent via fax or email? Also, for civil matters such as a divorce proceeding, are we required to wait a certain number of days before sending documents to the requesting party? Must we give our customer time to quash the subpoena, if necessary?
—
by
In Illinois, a subpoena may be served by personal service or by certified or registered mail. Consequently, we do not believe you are required to respond to a subpoena served via fax or email. The Illinois Banking Act requires banks to mail a copy of a subpoena to a customer before responding, “unless the bank…
-
We receive many citations to discover assets for individuals who have no accounts with us. Can we charge a fee for searching for and reviewing accounts to comply with the citation?
—
by
No, we do not believe that it would be prudent to charge a fee for searching for and reviewing financial records of non-customers, although this practice is not expressly prohibited in Illinois or federal law. The Illinois Banking Act’s privacy provisions allow a bank to be reimbursed for any costs incurred in producing a customer’s…
-
We know that we must notify a customer before responding to a subpoena, and we have a formal process in place for sending those notifications. Can a loan officer notify an applicant about a subpoena before we send our formal notice? It may be several days before the notice is generated through our typical process, and we want to notify the applicant as soon as possible. The subpoena involves civil matter in the county court and does not contain any language delaying or restricting notice to the customer.
—
by
Yes, we believe a loan officer may inform an applicant that the bank has received a subpoena regarding the applicant. As you note, the Illinois Banking Act requires the bank to notify a customer before responding to a subpoena, but the law does not specify which bank employee or department must provide the notice. We…
-
When we send out periodic statements, we include a notice that our privacy policy has not changed in the past year, that it is available on our website, and that it is available to be mailed on request. But what about customers who do not receive periodic statements (such as loan customers, cd holders, etc.)? Do we need to mail our annual privacy notice to those customers?
—
by
No, under the FAST Act’s amendment of the Gramm-Leach-Bliley Act (GLBA), your bank is exempt from the annual privacy notice requirement for all customers, even those who do not receive periodic statements. The GLBA requires financial institutions to re-disclose their privacy policy annually, either by mailing a full annual privacy notice or through certain alternative…
-
We recently responded to a subpoena by providing financial records about a customer. Now, this customer is contesting the subpoena and claims that we violated the Right to Financial Privacy Act. Is this a data breach incident that we need to report?
—
by
Privacy Laws First, we disagree with your customer that responding to a subpoena with financial information violated your customer’s privacy rights. Both Illinois and federal privacy laws include exceptions for responding to subpoenas with customers’ financial information. Under Regulation P, a financial institution may disclose a customer’s information “to comply with a properly authorized .…
-
We get several different kinds of subpoenas. Some are grand jury subpoenas, some are for divorces. For which types of subpoenas must we contact the person first? Do we have to respond to out-of-state subpoenas?
—
by
When responding to a subpoena in Illinois, both federal and Illinois laws could apply. Below is a summary of the major provisions that might apply to a subpoena. However, please note that we cannot provide legal advice, and any questions about a specific subpoena will likely have to be answered by bank counsel. Illinois law:…
-
What is the Illinois law on responding to subpoenas? Is it always mandatory to respond to a subpoena?
—
by
Generally, a subpoena from the federal government must be honored once the bank receives a written certificate of compliance from the governmental authority. Customer privacy is generally not an issue, as federal and Illinois privacy laws allow banks to disclose customer financial records in response to a subpoena, subject to the limitations discussed below. 205…