The Financial Services Modernization Act of 1999 is commonly known as the ‘Gramm Leach Bliley Act (GLBA)’ for the members of Congress instrumental in its creation. GLBA included requirements for privacy of consumer financial information, including disclosures about collecting, maintaining, sharing, and using the information, and security of the information. ‘The Privacy Act,’ as it is commonly called, is codified in Regulation P – Privacy of Consumer Financial Information.
Regulation P requires financial institutions to provide notice to customers about its privacy policies and practices; describe the conditions under which a financial institution may disclose nonpublic personal information about consumers to nonaffiliated third parties; and, provide a method for consumers to prevent a financial institution from disclosing the information to most non-affiliated third parties by exercising the right to “opt out” of the disclosure.
For the purposes of Regulation P, definition of key terms is very important. Financial institution means any institution the business of which is engaging in financial activities, including, but not limited to: a retailer that extends credit by issuing its own credit card; a personal property or real estate appraiser; an automobile dealership; a check cashing, wire transfer, or money order sales business; an entity that provides real estate settlement services or mortgage broker services; or an investment advisor.
Nonpublic personal information means personally identifiable financial information and any list, description, or other grouping of consumers (and publicly available information pertaining to them) that is derived using any personally identifiable financial information that is not publicly available.
Privacy of consumer financial information was a major component of the GLBA; however, a number of other significant changes to the financial services industry were ushered in under GLBA, including, but not limited to:
- Repealing Glass-Steagall Act limitations on banks to affiliate with securities and insurance companies;
- Creating the ‘financial holding company,’ a type of company that allows nonbanking subsidiaries (and banking subsidiaries) that can engage in insurance and securities underwriting;
- Allowing federally-chartered banks to have financial subsidiaries that engage in many of the activities allowed financial holding companies;
- Guiding the frequency of Community Reinvestment Act (CRA) examinations and creating some new disclosures for CRA;
- Facilitating the Federal Home Loan Bank System’s process to lend to small banks; and,
- Requiring certain automated teller machine (ATM) disclosures.