Privacy of Consumer Financial Information
Effective July 1, 2001, The Gramm-Leach-Bliley Act
mandates that financial institutions establish appropriate safeguards to insure
the confidentiality of customer records and nonpublic personal information. The
law defines a "financial institution" for privacy purposes as "any institution
the business of which is engaging in financial activities or activities that are
incidental to financial activities as described Section 4(k) of the Bank Holding
Company Act of 1956". This would include banks, thrifts, credit unions,
broker-dealers, mutual funds, insurance companies and agents, finance companies,
mortgage brokers and lenders, notification filers, check cashers, pawnshops,
collection agencies, sale of checks, credit repair, and any other non-bank
entities offering financial products.
Under the law, each financial institution must have a
privacy policy and disclose it to its customers at the time the customer
relationship is established, and at least once a year thereafter. Institutions
must provide, at least on an annual basis, "clear and conspicuous" notice of
their policies and procedures for protecting consumer’s nonpublic personal
information. Institutions also must give customers an opportunity to "opt-out"
before disclosing nonpublic information to an unaffiliated third party.
The Gramm-Leach-Bliley Act provided that the Federal
Trade Commission (FTC) enforce the privacy provisions of the Act on non-bank
affiliated mortgage brokers, and lenders. In response, the FTC promulgated
two rules, Financial Privacy Rule and Safeguards Rule. Mortgage brokers
and lenders should review these rule and ensure that they have proper policies
and procedures in place to provide required disclosures to consumers and to
ensure that the personal information of consumers remains secure and
confidential. Links to these rules can be found below: