A regulatory change that will save credit unions money?

Indeed. As credit unions work to implement their TILA/RESPA mortgage disclosure game plans and convince NCUA to dramatically change – and then repropose – their Risk-Based Capital rule, there is a change brewing that could reduce credit unions mailing and printing costs each and every year.

I’m referring to the Consumer Financial Protection Bureau’s proposed rule to provide an “alternative delivery method” for Annual Privacy Notices required under the Gramm-Leach-Bliley Act (which is implemented by Regulation P). The comment period recently closed and the CFPB is expected to move quickly to finalize this rule. Why? Trade groups, Congress and credit unions have consistently pointed out the wasted costs and unnecessary regulatory burden imposed by the annual mailing requirement. At last, it seems the CFPB is going to ease this burden.

However – as is always the case – there are a few conditions. In order to qualify for the “alternative delivery method,” a credit union must meet certain criteria:

  • The credit union does not share member’s information with nonaffiliated third parties other than through the existing exceptions in Regulation P (i.e., the CU is not required to provide an “opt-out”);
  • The credit union does not include on its annual notice an opt out under Section 603(d)(2)(A)(iii) of the Fair Credit Reporting Act (this relates to sharing information with affiliates regarding a member’s creditworthiness);
  • If the credit union shares information with its affiliates for marketing purposes, the annual privacy notice is not the only notice provided to satisfy Section 624 of the Fair Credit Reporting Act (in other words – if applicable – you must provide the Affiliate Marketing Opt-Out notice separately);
  • The credit union’s privacy policy has not changed since the previous notice was delivered; and
  • The credit union uses the model privacy form for its annual privacy notice.

Whew! Those aren’t too bad – but keep in mind that we’ll need to verify the final rule does not include additional criteria. For now, credit unions should review their current sharing practices and work toward migrating to the model privacy form if they are not already utilizing it to obtain a safe harbor.

Credit unions that qualify for the “alternative delivery method” would still need to take certain steps to notify members of their privacy policy. This is why it is called the “alternative delivery method” rather than an exemption. According to the proposal, those steps are:

  • Provide a notice – annually – to members stating its privacy policy has not changed, its privacy policy is available on its website and, if requested, a hard copy of the notice will be mailed to members;
  • Post its current privacy policy – using the model form – continuously and in a clear and conspicuous manner on the credit union’s website; and
  • Promptly mail its current privacy policy to any member who requests it by telephone.

For credit unions that qualify, this “alternative delivery method” could save on printing and mailing costs each and every year. For additional details on the steps your credit union should be taking now to prepare, check out our detailed Regulatory Alert.

While credit unions are certainly busy with mandatory compliance requirements – they should be sure not to let this rare opportunity to save money slip through the cracks.

Steven Van Beek

Steven Van Beek

Mr. Van Beek concentrates his practice in the area of financial regulations. He has extensive knowledge of regulations and guidance issued by the Consumer Financial Protection Bureau, the National Credit ... Web: www.howardandhoward.com Details