We don’t need no stinkin’ warrant: RFPA exceptions
In my last blog, I described how the Right to Financial Privacy Act (RFPA) prohibits a credit union from providing a member’s account information to a federal law enforcement agent if there is no written document – such as a warrant, subpoena, or formal written request – instructing the credit union to hand it over. However, like any good financial regulation, the RFPA contains a number of exceptions and caveats. A credit union may want to become acquainted with those exceptions before refusing to hand over information or telling a federal agent to “come back with a warrant.”
The SAR Exception
One important exception is how the RFPA interacts with the requirements for Suspicious Activity Reports (SARs). Section 748.1 of the NCUA regulations and FinCEN guidance require credit unions to provide SAR-related information and documents without a written request or legal process. Section 748.1(c)(3), which discusses record retention for SARs, states that “[a] credit union must make all supporting documentation available to appropriate law enforcement authoritiesand its regulatory supervisory authority upon request” (emphasis added).
FinCEN guidance states:
continue reading »