The FDIC has issued guidelines for compliance by depository institutions with the privacy notice provisions of the Gramm-Leach-Bliley (GLB) Act. The Small Entity Compliance Guide for the Model Privacy Notice Form released on September 27 (FIL-60-2010) provides instructions to help smaller institutions take advantage of the safe harbor under Part 332 of the FDIC's rules. The FDIC issued amendments to Part 332, which implements the privacy provisions of the GLB Act, on December 1, 2009 and adopted a new model privacy notice form. Part 332 requires state nonmember banks to notify consumers of their information-sharing practices and inform consumers of the right to opt out of certain sharing practices. Use of the model privacy notice form is voluntary. However, a state nonmember bank that chooses to provide the model form to consumers in a manner consistent with the form’s instructions will be deemed to be in compliance with the disclosure requirements for privacy notices under the GLB Act and Part 332.
Nutter Notes: Currently, the Appendix to Part 332 of the FDIC's Rules contains language (sample clauses) that state nonmember banks may use in their privacy notices and be considered in compliance with the privacy provisions of the GLB Act. These sample clauses and the associated compliance safe harbor will be eliminated from Part 332 following a transition period. Use of the sample clauses will continue to provide a safe harbor only until December 31, 2010. As a result, financial institutions will not be able to rely on the safe harbor for the sample clauses incorporated into notices delivered to consumers on or after January 1, 2011. The sample clauses will be removed entirely from Part 332 on January 1, 2012. To rely on the compliance safe harbor after December 31, 2010, state nonmember banks should use the new model privacy notice form, which became effective on December 31, 2009. An online model privacy notice form builder is available at http://www.federalreserve.gov/bankinforeg/privacy_notice_instructions.pdf. State nonmember banks may download and complete the form builder to create a customized privacy notice.