Last week a number of federal regulatory agencies rolled out an online privacy notice builder for financial institutions subject to one or more of the Gramm Leach Bliley Act (GLBA) regulations. The agencies involved include the Federal Trade Commission (FTC), Securities and Exchange Commission (SEC), Office of Comptroller of Currency (OCC), Federal Deposit Insurance Corporation (FDIC ), Board of Governors of the Federal Reserve System (FRB), Office of Thrift Supervision (OTS), the National Credit Union Administration (NCUA) and the Commodity Futures Trading Commission (CFTC).
The GLBA regulations issued by these agencies require financial institutions to provide initial and annual privacy notices to customers. On December 1, 2009, the agencies adopted a Model Form (.pdf) based on length quantitative testing and research to provide financial institutions with a safe harbor for compliance with the privacy notice requirement. Financial institutions are still free to draft their own privacy notices, but are responsible for making sure that their own notices contain all the required elements.
The online form builder consists of a linked set of instruction (.pdf) that leads financial institutions to one of four forms that are filled out depending on whether the company is providing customers with a right to opt-out or elects to allow affiliate marketing.
GLBA Privacy Notice Forms:
- Privacy Notice Form 1 (.pdf): if you provide an opt out and you want to include affiliate marketing
- Privacy Notice Form 2 (.pdf): if you provide an opt out and you do not want to include affiliate marketing
- Privacy Notice Form 3 (.pdf): if you do not provide an opt out and you want to include affiliate marketing
- Privacy Notice Form 4 (.pdf): if you do not provide an opt out and you want to include affiliate marketing