NCUA Amends Policy on Annual Privacy Notices
The National Credit Union Administration (NCUA) has released Letter No. 16-CU-03 regarding potential regulatory relief for credit unions providing annual privacy notices to members.
The letter explains that if a credit union has not changed its privacy policy since it issued the last annual privacy notice, it may not need to issue a privacy notice this year, provided it meets certain conditions. This change is a result of an amendment to theGramm-Leach-Bliley Act (GLBA).
According to the letter, a credit union does not need to provide an annual privacy policy if:
- Your policies and practices have not changed since your credit union provided its most recent privacy notice to consumers; and
- You share nonpublic personal information with nonaffiliated third parties only in accordance with requirements for certain existing GLBA exceptions, including those related to:
- Performing services for, or functions on behalf of, the credit union, pursuant to a joint marketing agreement;
- Administering, servicing, or processing a transaction a consumer requests or authorizes; maintaining or servicing certain consumer accounts; or performing securitizations, secondary market sales, or similar transactions; or
- Other specified operational and legal purposes, including disclosure with the consumer’s consent or at the consumer’s direction and disclosure to protect the confidentiality and security of records related to the consumer, service, product, or transaction.
CLA’s financial institution regulatory compliance team assists banks and credit unions nationwide in establishing regulatory compliance programs, conducting compliance testing, and training staff on regulations. Justin Robinson is a member of CLA’s regulatory compliance team and can be reached at justin.robinson@CLAconnect.com.
Comments are closed.