Privacy Law Changes

Last week, President Obama signed into law a bundle of legislation referred to as the FAST Act. While the FAST Act was primarily a transportation bill, it did contain a number of provisions regarding the financial services industry. One amendment of particular note interest relates to Section 503 of the Gramm-Leach-Bliley Act (GLBA). It states:

(f) EXCEPTION TO ANNUAL NOTICE REQUIREMENT.—A financial institution that—

(1) provides nonpublic personal information only in accordance with the provisions of subsection (b)(2) or (e) of section 502 or regulations prescribed under section 504(b), and (2) has not changed its policies and practices with regard to disclosing nonpublic personal information from the policies and practices that were disclosed in the most recent disclosure sent to consumers in accordance with this section, shall not be required to provide an annual disclosure under this section until such time as the financial institution fails to comply with any criteria described in paragraph (1) or (2).

In other words, this amendment eliminates the annual privacy notice requirement if you don’t share in a manner that requires an opt-out under GLBA AND requires banks to send out privacy disclosures only when their privacy policies and practices have changed.

While there is obviously no regulation as of yet, this law was effective on December 4, 2015. We are in the camp that the law is the law and you can take advantage of this immediately. If you do, keep in mind you may need to educate you examiners as we are hearing many haven’t even heard of this change in the law yet.

We plan to address this further in our January 2016 newsletter in a couple weeks.

Amy Kudlacek

Share This