The Consumer Financial Protection Bureau has issued revised Gramm-Leach-Bliley Act examination procedures that reflect a new exception to the GLBA’s annual privacy notice requirement providing that a financial institution is no longer required to provide its customers annual privacy notices if it meets certain criteria. The Fixing America’s Surface Transportation Act amended the GLBA and became effective on Dec. 4, 2015.
Specifically, a financial institution is no longer required to provide annual privacy notices if it: provides nonpublic personal information to a nonaffiliated third party only in a manner consistent with the exceptions in specified sections of the GLBA and Reg. P; and has not changed its practices and procedures with regard to disclosing nonpublic personal information from those that were most recently disclosed.
The privacy notice must describe a financial institution’s policies and practices with respect to collecting and disclosing nonpublic personal information about a consumer to both affiliated and nonaffiliated third parties. Also, the notice must provide a consumer a reasonable opportunity to direct the institution generally not to share nonpublic personal information about the consumer with nonaffiliated third parties other than as permitted by exceptions under the regulation. The privacy notice must also provide, where applicable under the Fair Credit Reporting Act, a notice and an opportunity for a consumer to opt out of certain information sharing among affiliates.
MainStory: TopStory CFPB Privacy
Interested in submitting an article?
Submit your information to us today!Learn More