THE LAW : BY BRAD R. BERGMOOSER, FREEBORN & PETERS LLP
Do those annual privacy notices drive your credit union crazy? A new Consumer Financial Protection Bureau rule may offer you an alternative workaround to sending them every year. Learn when you must and may not have to mail out such notices to your members.
When most news coming from the Consumer Financial Protection Bureau (CFPB) negatively impacts credit union operations, it is only fair to highlight the positive actions the bureau takes. Thanks to a final rule issued by the CFPB, as of October 28th of last year, it is possible that your credit union may not need to mail out annual privacy notices.
So the Requirement to Send Annual Privacy Notices Is Gone?
No. The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to send out annual privacy notices describing their treatment of customers’ personal information. Until 2011, a number of federal regulators, including the National Credit Union Administration (NCUA), had regulations implementing
this requirement. Following enactment of the Dodd-Frank Act, the authority to implement GLBA was moved to the CFPB, which combined the rules into Regulation P. Recognizing that the annual notice could be an “overload for consumers and [an] unnecessary expense,” the CFPB finalized amendments to Reg. P to limit the notice mandate.
Regulation still requires credit unions to send members an annual privacy notice – BUT the recent final rule allows a credit union to meet that requirement by posting the notice online if certain conditions are met.