Gramm-Leach-Bliley Act
Security Program
--A designated company representative to coordinate the program --Identification of internal and external risks which affect the security of customer information --Regular testing, monitoring and adjustment of the security program --Oversight of service providers who have access to customer information
Exceptions to the Opt-Out Notice Requirements
--Disclosures to a third party in order to complete a transaction requested by a consumer or customer (This exception would include disclosures made by mortgage brokers to settlement service providers in order to close a mortgage loan.) --Disclosures to financial institutions that share joint-marketing agreements
Practices Prohibited by the GLB Act
--Prohibition on the Sharing of Account Numbers --Limitations on the Re-disclosure and Reuse of Information
Prohibitions of the Telemarketing Sales Rule
--Threats, intimidation or profane language --calls to consumers before 8:00 a.m. or after 9:00 p.m --aking false or misleading statements --Requiring payment of a fee in advance of obtaining a loan or other extension of credit --Charging a consumer for goods or services without consent --Failing to transmit a telephone number so that it can be read by a call recipient's Caller ID -- Initiating a call to a consumer listed on the Do Not Call Registry
Must access the Do-Not-Call Registry every
31 Days (TSR)
Title V, Subtitle A of the Gramm-Leach-Bliley Act
A Federal law to protect the personal information of consumers. In an effort to balance the needs that consumers have for privacy protection and the interests of the marketplace in sharing information, the GLB Act does not absolutely prohibit the sharing of personal financial information but provides limitations and restrictions on the types of information that can be exchanged and the parties that can receive it.
Annual Privacy Notices
Financial institutions are required to send annual privacy notices to customers, and these notices must contain the same information that is included in the initial privacy notice, including notice of the right to opt-out and information on exercising the right to opt-out.
GLB
Gramm-Leach-Bliley Act ensure that financial institutions, including mortgage brokers and lenders, protect nonpublic personal information of consumers.
How long do number stay on DNCL
Idefinetly
Exceptions to the Do-Not-Call Provisions
In the case of an established relationship, a mortgage professional is permitted to place calls to customers, even if their phone numbers are on the DNCL. Established business relationship between a seller and a consumer based on financial transaction that they have shared within the 18-month period. Additionally, mortgage professionals are permitted to contact consumers for a period of three months following a relationship that is based on an inquiry by the consumer.
Non public info protected by GLB
Information derived from a creidt report or provided with respect to loan application. (loan balances, unlisted phone numbers, non public personal info)
GLB Does not protect
Public Info
The Do-Not-Call Implementation Act
Signed into law in 2003 as part of earlier legislation - the Telemarketing Consumer Fraud and Abuse Prevention Act and the Telemarketing Sales Rule. DNCIA authorized the FTC to implement and enforce the Do-Not-Call Registry. The FTC's authority covers interstate calls, while the FCC covers calls made to and from points within the same state.
Penalties for Violations of the GLB Act
The GLB Act does not include specific penalty provisions for violations of the law's privacy provisions. However, each of the regulatory agencies that are authorized to enforce the law has the authority to bring enforcement actions and to impose penalties. The Federal Trade Commission Act allows for penalties up to $10,000.
Regulatoy Agency
the CFPB shares enforcement authority for the Telemarketing Sales Rule w/ the FTC &FCC
Violations of the Telemarketing Sales Rule
$16k for each violation
Customer relationship starts
As soon as application is filled out
Regulatory Agency
CFPB is responsible for implementation and enforcement of the law and the GLB Act regulations, which are known as Regulation P FTC retains rulemaking authority one rule under the Gramm-Leach-Bliley Act Gramm-Leach-Bliley Act Privacy Rule
Opt-Out (Mortgage Loan Originators)
Loan originators must provide consumers with an initial privacy notice as soon as they obtain personal financial information from them. Instead of the detailed notice required of financial institutions that share information, state-licensed mortgage loan originators may file an abbreviated notice
Opt-Out notice is Due
No specific timeframe is given under the law other than consumers must be provided with a reasonable opportunity to opt-out. The notice must include a description of the type of info that the financial institution may disclose, and "reasonable means" to opt-out, such as opt-out forms or toll-free telephone numbers to representatives who will accept the opt-out information. Note: The initial privacy document and opt-out notice can be included in one document.
Safeguards Rule
The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company is prepared for, and plans to continue to protect clients' nonpublic personal information
Initial privacy notice is due
The initial privacy notice to customers is due "...not later than when you establish a customer relationship...." The notice must specify the types of information shared and the types of affiliated and nonaffiliated parties that will receive the information.
Opt-Out (Financial Institutions)
The law also requires financial institutions to give consumers the opportunity to "opt out" of the sharing of personal information. Compliance with the law involves the filing of initial privacy notices, opt-out notices, annual privacy notices, adherence to the Act's prohibition on the sharing of account numbers, and the maintenance of an effective security system with the designation of one employee to oversee security. Loan servicers must send annual disclosures to customers and provide security safeguards for the privacy of their personal information for the entire term of a consumer's loan.