|
 |
 |
 |
 |
|
The federal financial regulatory agencies issued final rules today that provide consumers with an opportunity to "opt out" before a financial institution uses information provided by an affiliated company to market its products and services to the consumer. The final rules on affiliate marketing implement section 214 of the Fair and Accurate Credit Transactions Act of 2003, which amends the Fair Credit Reporting Act (FCRA).
Summary: The FDIC, the other federal financial institution regulatory agencies, the Securities and Exchange Commission, the Federal Trade Commission, and the Commodity Futures Trading Commission (the agencies) have jointly published the attached Notice of Proposed Rulemaking (NPR) seeking comment on a model privacy form that financial institutions could use to satisfy the privacy notice requirements of the Gramm-Leach-Bliley Act (GLBA). The proposed privacy form would also provide consumers with the opportunity to limit certain information-sharing practices, as permitted by the GLBA and the Fair Credit Reporting Act. Comments on the proposed rule are due by May 29, 2007.
Eight federal regulators on Wednesday released a notice of proposed rulemaking (NPR) requesting comment on a model privacy form that financial institutions can use for their privacy notices to consumers required by the Gramm-Leach-Bliley Act (GLB Act). The privacy notices must describe an institution's information sharing practices, and, for certain types of sharing, consumers have the right to opt out. The notices must be provided when a consumer first becomes a customer of a financial institution and then annually for as long as the customer relationship lasts. Last October, President Bush signed into law the Financial Services Regulatory Relief Act of 2006, amending the GLB Act to require the agencies to propose a model form that is succinct and comprehensible to consumers, allows consumers easily to compare privacy practices of financial institutions, and uses easily readable type font.
The OCC, Board, FDIC, OTS, NCUA, FTC, CFTC, and SEC (the Agencies) are proposing amendments to their rules that implement the privacy provisions of the Gramm-Leach-Bliley Act (GLB Act), Title V, Subtitle A. These rules require financial institutions to provide initial and annual privacy notices to their customers. As required under Section 728 of the Financial Services Regulatory Relief Act of 2006 (Regulatory Relief Act or Act), the Agencies are proposing a safe harbor model privacy form that financial institutions may use to provide disclosures under the privacy rules.
The FDIC is notifying FDIC-supervised banks of the attached joint proposed rulemaking by the Securities and Exchange Commission (SEC) and the Board of Governors of the Federal Reserve System that would implement the statutory exceptions from the definition of "broker" contained in the Gramm-Leach-Bliley Act (GLBA). The proposed regulation was drafted in consultation with the FDIC, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision, and is designed to protect investors in a manner that does not unduly disrupt current bank business practices. Comments are due to the SEC or the Federal Reserve by March 26, 2007.
PURPOSE AND BACKGROUND This issuance is intended to notify all national banks and national bank examiners that recently the Securities and Exchange Commission (SEC) and the Board of Governors of the Federal Reserve System (Board) jointly issued proposed rules that define the extent to which securities brokerage activities of banks are subject to SEC regulation. The proposed rules, known as "Regulation R," would implement provisions of the Gramm–Leach–Bliley Act of 1999 (GLBA) that set forth certain exemptions for banks from the broker-dealer registration requirements of the Securities Exchange Act of 1934 (Exchange Act). In developing this proposal, the SEC and the Board consulted with the Office of the Comptroller of the Currency (OCC), the Federal Deposit Insurance Corporation (FDIC) and the Office of Thrift Supervision (OTS).
The National Credit Union Administration and the Financial Crimes Enforcement Network today announced that they will jointly host a seminar over the web "BSA: A Year in Review and Setting the Table for 2007." The seminar, known as a webinar, will take place on Tuesday, February 6, 2007 and will be co-hosted by JoAnn Johnson, Chairman of the National Credit Union Administration (NCUA), and Jamal El-Hindi, Associate Director of the Regulatory Policy and Programs Division at the Financial Crimes Enforcement Network (FinCEN).
How a financial institution can create an effective incident response program to mitigate a data security breach is reported in the FDIC's winter 2006 edition of Supervisory Insights, released today. Other topics covered in today's edition are: an update on CRE lending nationwide, with a look at best practices in CRE concentrations, particularly for identifying, monitoring and controlling risk in this lending area; the increasing number of unfair or deceptive acts or practices, and how examiners identify and address those violations; and highlights of recent USA PATRIOT Act changes and the types of Bank Secrecy Act (BSA)-related violations that examiners are citing.
On March 29, 2005, the Office of the Comptroller of the Currency (OCC), Board of Governors of the Federal Reserve System (Board), Federal Deposit Insurance Corporation (FDIC), and Office of Thrift Supervision (OTS) (collectively, the Agencies) published the Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice (70 FR 15736) (Guidance). The Guidance interprets the requirements of section 501(b) of the Gramm-Leach-Bliley Act (GLBA), 15 U.S.C. 6801, and the Interagency Guidelines Establishing Information Security Standards (Security Guidelines) 1 to include the development and implementation of a response program to address unauthorized access to or use of customer information that could result in substantial harm or inconvenience to a customer.
This document is a tool for financial institutions’ use in assessing and mitigating risks associated with implementation of Remote Deposit Image Capture (RDIC). This paper provides successful strategies that financial institutions (FIs) have employed for managing the risks with RDIC. It does not imply that all of these strategies are necessary for a successful program. This paper also does not address the specific technologies used to implement the RDIC process and/or mitigate the risk, as technology used will often be determined by other factors such as the compatibility of the clients’ and FIs’ equipment. This paper identifies potential risks as they pertain to product distribution, equipment and software, information system security, images and image quality, and processes.
Unauthorized access to sensitive customer information threatens to undermine customer confidence and the reputations of both individual financial institutions and the financial services industry. This threat is aggravated by the patchwork of state laws and federal regulations that govern unauthorized access or breach response incidents. Despite these challenges, financial institutions are strengthening data security programs and developing or improving customer notification programs. The “BITS/ABA Key Considerations for Responding to Unauthorized Access to Sensitive Customer Information” is a tool that may assist some financial institutions in developing and executing response programs when sensitive information is accessed and misused by unauthorized individuals.
The mandatory dissemination of certain information by financial institutions is a key aspect of consumer protection law. It offers two significant advantages for consumer protection in the financial area over the alternative of direct government intervention into product pricing and content. First, information disclosure is compatible with competition, a significant market force already at work to protect consumers by keeping price rises in check. Because of competition, institutions already have incentives to make their products known, to reveal favorable pricing and product features, and to treat consumers fairly by keeping them generally informed about what they want and need to know. When a financial institution employs these strategies, it generates a good business reputation that will produce referrals and repeat customers. Actions that firms use to accomplish these goals include advertising their prices and supplying clients and potential customers with useful information about product prices and features. The requirements for disclosures assist in the dissemination of financial information by standardizing concepts and terminology, such as the finance charge and annual percentage rate under the Truth in Lending Act and the annual percentage yield under the Truth in Savings Act. Such standardization advances consumers; knowledge about pricing and features of the financial products and institutions and lowers consumers; transactions costs by making shopping easier. The standard format of required disclosures helps highlight the performance of the best institutions and exposes the inadequacies of the poorer ones. Well-informed shoppers help keep markets competitive, which benefits buyers of products and services by minimizing the spread between
producers’ production costs and market price.
Why GAO Did This Study
GAO was asked to examine (1) financial institutions' use of resellers; (2) federal privacy and security laws applicable to resellers; (3) federal regulators' oversight of resellers; and (4) regulators' oversight of financial institution compliance with privacy and data security laws. To address these objectives, GAO analyzed documents and interviewed representatives from 10 information resellers, 14 financial institutions, 11 regulators, industry and consumer groups, and others.
Why GAO Did This Study
GAO was asked to testify on VA's information security program, ways that agencies can prevent improper disclosures of personal information, and issues concerning notifications of privacy breaches. In preparing this testimony, GAO drew on its previous reports and testimonies, as well as on expert opinion provided in congressional testimony and other sources.
Interagency Advance Notice of Proposed Rulemaking: Procedures to Enhance the Accuracy and Integrity of Information Furnished to Consumer Reporting Agencies Under Section 312 of the Fair and Accurate Credit Transactions Act. Summary
The OCC, Board, FDIC, OTS, NCUA, and FTC (the Agencies) request comment to gather information useful for developing the guidelines and regulations required by section 312 of the Fair and Accurate Credit Transactions Act (FACT Act). Pursuant to section 312, the Agencies, acting in consultation and coordination, must: Establish guidelines for use by persons that furnish information to consumer reporting agencies (furnishers) regarding the accuracy and integrity of the consumer information that they furnish to those agencies; and prescribe regulations that require furnishers to establish resonable policies and procedures for implementing the guidelines. Section 312 also requires the Agencies jointly to prescribe regulations that identify the circumstances under which a furnisher shall be required to reinvestigate a dispute concerning the accuracy of information contained in a consumer report on a consumer based on a direct request of the consumer.
This report presents the results of our audit of the FDIC’s implementation of the Gramm-Leach-Bliley Act of 1999 (GLBA) Title V and the Fair and Accurate Credit Transactions Act of 2003 (FACT Act). The audit objective was to determine whether the FDIC’s Division of Supervision and Consumer Protection (DSC): - provided adequate guidance to FDIC-supervised institutions and examiners for implementing the data privacy and security provisions of the GLBA Title V and the FACT Act, and - implemented the recommendations in Office of Inspector General (OIG) Audit Report No. 03-044, The Federal Deposit Insurance Corporation’s Progress in Implementing the Gramm-Leach-Bliley Act, Title V - Privacy Provisions, dated September 26, 2003.
The purpose of the Suspicious Activity Report (SAR) is to report known or suspected violations of law or suspicious activity observed by financial institutions subject to the regulations of the Bank Secrecy Act (BSA). In many instances, SARs have been instrumental in enabling law enforcement to initiate or supplement major money laundering or terrorist financing investigations and other criminal cases. Information provided in SAR forms also presents the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) with a method of identifying emerging trends and patterns associated with financial crimes. The information about those trends and patterns is vital to law enforcement agencies and provides valuable feedback to financial institutions. Financial institutions are required to submit SAR forms that are complete, sufficient and timely filed. Unfortunately, some financial institutions file SAR forms that contain incomplete, incorrect, and/or disorganized narratives, making further analysis difficult, if not impossible. Some SAR forms are submitted with blank narratives. The failure to adequately describe the factors making the transaction or activity suspicious undermines the very purpose of the SAR and lessens its usefulness to law enforcement. Because the SAR narrative serves as the only free text area for summarizing suspicious activity, it is essential that financial institutions’ staff write narratives that are clear, concise, and thorough.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
RSS Syndication