October 21, 2014

Some banks and other financial institutions will now be able to post their privacy disclosure notices online rather than sending them out in an annual mailing.

The Consumer Financial Protection Bureau (CFPB) finalized a rule that would allow financial institutions do to this only if they limit the personal information they share with third parties and meet certain criteria.

Each year financial institutions are required by law to mail privacy disclosure notices to their customers. These notices outline how the company is using their personal information and what information is being shared with third parties. If the company does share personal information with an unaffiliated third party, it must notify the customer's right to opt-out.

Companies can qualify to use the online option so long as the way they use personal information does not trigger a customer's opt-out rights. Companies that continue to share customer information would be required to follow the existing rules. The CFPB anticipates that more companies will cut back on sharing customer data in order to save money in mailing fees. The Bureau estimates the industry could save $17 million a year.

Companies would still be required to notify customers each year that the agreement is available online, but this can be done in conjunction with an existing mailing, like a credit card statement. Mailed disclosure notices must be sent separately. Customers who want a paper copy of the agreement can call a number that will be provided. Companies have 10 days to mail the notice once it is requested.

The final rule is available here.