Right to Financial Privacy Act Outline

advertisement
Right to Financial Privacy Act
Overview

Right to Financial Privacy Act (RTFPA) is codified at 12 USC 3401

No implementing regulation
General Requirements
Prohibits a credit union from disclosing its members’ financial records to any federal
agency except in limited circumstances. With some exceptions, a credit union can only
provide federal agencies access to the financial records of a member when the federal
agency has met the following conditions
1. Reasonably described the records sought
2. Provided one of the following:
a. A written authorization from the member allowing the credit union to
disclose the information
b. An administrative subpoena
c. A validly issued search warrant
d. A judicial subpoena
e. A formal written request
3. Certifies in writing that it has complied with the requirements of the RTFPA
(Certificate of Compliance).
Exceptions
General Guidelines for Exceptions

If an exception applies, the federal agency requesting the information should
provide the specific statutory authority for the exception

Always have an attorney review exceptions to ensure the release of information is
allowed
Suspicious Activity Reports
Credit Unions must comply with SAR reporting instructions for this exception to apply.
1
Right to Financial Privacy Act
Certain Lending Activities

Filing federal liens

Proving claims in bankruptcy proceedings

Collecting on a debt owing to the credit union

Processing of a government loan
Examinations
An exception applies to any disclosure of member information made during the course of
an exam by a federal or state regulator.
IRS Reporting
Exceptions apply to all disclosures of member information required under the IRS Code, for
example, information returns.
Federal Reporting
For example, HMDA reporting would be exempt.
Federal Civil or Criminal Lawsuits
If a member and a federal agency are legal parties to a civil or criminal lawsuit and the
federal agency requests information from the credit union about one of its members under
appropriate court rules, the credit union may turn the information over without violating
the RTFPA.
Special Procedures

Federal agencies engaging in certain foreign intelligence activities and the Secret
Service do not need to produce one of the five documents discussed above in order
to request information about a member

The agency must still provide the Certificate of Compliance

The credit union is absolutely prohibited from disclosing to its member that the
information was sought or obtained.
Authorizing Documents
Member’s Written Authorization
The authorization must be in the form of a signed and dated statement which:
1. Authorizes the credit union to disclose the information for a period which does not
exceed three months.
2. States that the member may revoke the authorization at any time prior to the credit
union’s disclosure of the information.
2
Right to Financial Privacy Act
3. Identifies the records authorized to be disclosed.
4. Specifies the purpose for which the records may be disclosed along with the agency
to which they may be disclosed.
5. States the member’s rights under the RTFPA.
If a member provides this written authorization, he generally has the right to receive a copy
of whatever records are disclosed pursuant to his authorization.
Administrative Subpoena
An administrative subpoena is a formal request for information issued by an executive
branch agency of the federal government. The credit union may release member
information pursuant to an administrative subpoena only if:
 The credit union has reason to believe that the records sought are related to a
legitimate law enforcement inquiry.

The member has been served with a copy of the subpoena on or before the credit
union is served with it, and the credit union receives a copy of a notice sent to the
member specifically describing the nature of the inquiry.

The credit union waits 10 days from the date the member was served the subpoena
(or 14 days if the member was served by mail) to see if notice is received that the
member has filed a motion to stop the subpoena.
Search Warrant

A valid search warrant will be signed by a judge (or in some cases a magistrate).

A credit union presented with a validly executed search warrant can surrender only
the information described in the warrant.
Judicial Subpoena

A judicial subpoena is issued by a court.

The procedures in terms of compliance with the RTFPA are identical whether a
subpoena is administrative or judicial in nature.
Grand Jury Subpoena

The credit union is prohibited from notifying the member that the records have
been requested and disclosed.

The requested records must be presented in person to the grand jury.
3
Right to Financial Privacy Act
Formal Written Requests

Formal written requests are used only in very specific circumstances. The credit
union should ensure all the following requirements have been met prior the release
of information:
1. There is no administrative subpoena authority to suit the agency’s purpose
2. The request is authorized by regulations of the particular agency making the
request
3. There is reason to believe that the records sought are relevant to a legitimate
law enforcement inquiry

The credit union must also receive proof that a copy of the formal written request
was served on the member in question, along with a notice of their rights.

Information should not be divulged until 10 days have expired from the date the member
was served or 14 days from the date the notice was mailed to the member.
Notice to the member

Affected members are typically entitled to know what exactly was turned over to
federal agencies.

The agency obtaining the information generally has a duty to let the member know
that it has obtained information from the credit union.

The member can learn from the credit union exactly what was divulged.

The credit union should not voluntarily advise the member that records have been
turned over.
4
Right to Financial Privacy Act
Cost Reimbursement

In some instances credit unions may charge the requesting agency a fee as
reimbursement for the reasonable costs incurred in terms of time spent in
assembling the requested records.

The Federal Reserve Board’s Regulation S contains procedures for determining
what costs are recoverable.

Expenses in connection with requests for records under the following situations
cannot be reimbursed:
o Security interest, bankruptcy claims, and debt collection — costs for records
provided to perfect a security interest, prove a claim in bankruptcy, or collect
a debt.
o Government loan programs — costs for records requested in order to
process loans under government loan, loan guaranty, or loan insurance
programs.
o Nonidentifiable information — records not identifiable as specific to a
particular member.
o Financial supervisory agencies — records released to supervisory agencies
as part of their supervisory duties (NCUA, state regulators).
o Internal Revenue summons — records requested by the IRS as authorized by
the Internal Revenue Code.
o Federally required reports — records required to be reported by federal
statute or rule.
o Government civil or criminal litigation — requests for information
authorized by law for cases where the government authority and the
member are parties to the case.
o Administrative agency subpoenas — records requested by administrative
subpoena issued by an administrative law judge as part of a legal proceeding
where the agency and the member are parties to the case.
o Investigation of the financial institution or its non-member.
o General Accounting Office requests.
o Federal Housing Finance Board requests.
5
Right to Financial Privacy Act
Civil Penalties
A credit union that discloses financial records or information to a federal agency in
violation of the requirements of the RTFPA can be civilly liable to the affected member for
the sum of:
 $100 regardless of the volume of records involved

Any actual damages sustained by the member as a result of the disclosure

Any punitive damages allowed by a court if the violation was willful or intentional

All costs incurred by the member — including reasonable attorney’s fees.
Record Retention
Because the statute of limitations for asserting RTFPA violations is rather open-ended,
credit unions should retain all records of requests for information, including copies of all
information provided to federal agencies, all notes taken by staff, and all evidence of
compliance with the RTFPA, indefinitely.
6
Download