What is Regulation P
Regulation P is one of the regulations set forth by the Federal Reserve. It governs the treatment of consumers’ private personal information by banks and other financial institutions with which they do business. Regulation P was first enacted in 1999. In 2015, changes to Regulation P via amendments to the consumer privacy protections afforded under the Gramm-Leach-Bliley Act.
BREAKING DOWN Regulation P
Under Regulation P, financial institutions are required to give their customers notice of privacy practices and policies affecting them, so that consumers understand how their financial institutions are using their private information. Regulation P also provides consumers the right to opt out of disclosure of private information, preventing the financial institutions with which they do business from disclosing their financial information. Regulation P applies only to the U.S. offices of financial institutions and banks under its supervisory authority.
Under Regulation P, if a financial institution discloses its customers’ private information in a manner inconsistent with the policies and practices described in its annual privacy notice, it must issue a revised notice.
What a Privacy Notice Must Include
In order to be compliant with Regulation P, a privacy notice must include:
- Information on whether the financial institution shares its customers’ private information, and if it does, how it does;
- A description of how the institution protects its customers’ private information; and
- Information on the customer’s right to opt out of some types of sharing of private information.
Exemption from Regulation P Privacy Requirements
Under the new Regulation P rules, a financial institution may be exempt from the requirement to provide its customers with an annual notice of privacy policies if it meets two conditions. First, it must only disclose the private information of its customers in ways that do not require the customers’ consent under Regulation P. And second, it cannot have changed its privacy policies and practices from those disclosed in the most recent annual notice. If the institution changes its privacy policies or practices, it must issue a revised notice under Regulation P.
:max_bytes(150000):strip_icc()/bank-5bfc3d2d46e0fb0051494d90.jpg)
:max_bytes(150000):strip_icc()/sec_shutterstock-5bfc310846e0fb00260c27df.jpg)
:max_bytes(150000):strip_icc()/200393273-001-5bfc2b8bc9e77c0026b4f8ce.jpg)
:max_bytes(150000):strip_icc()/fiduciary_rule_financial_advice-5bfc47b1c9e77c00587d6771.jpg)
:max_bytes(150000):strip_icc()/adobestock_153315030_editorial_use_only-5bfc2ee6c9e77c002630fb6d.jpeg)
:max_bytes(150000):strip_icc()/139399954-5bfc394f46e0fb00260ee9fa.jpg)