Associate Member BY BILL SHOWALTER, SENIOR CONSULTANT, YOUNG & ASSOCIATES, INC. TISA. Q: We have recently made a change that our online banking logins will expire after 18 months if a customer has not logged in. This may trigger them to begin being assessed paper statement fees, if they sign up for e-statements (there is no cost), as the paper statement fee is determined by an online account being established and maintained. The $3.00 paper statement fee is listed as one of our fees on our fee chart; however, customers don't know that they have to log in every 18 months to keep their online account from expiring and therefore start incurring the paper statement fee. I feel that this should be disclosed in some way, but I'm not sure how best to do it. We can push a message to all online account holders. Would that be acceptable? A: Yes, the bank should have been disclosing this all along on its TISA account disclosures for the account affected because Regulation DD requires the financial institution to disclose both the amount of any fee that may be imposed in connection with the account (or an explanation of how the fee will be determined) and the conditions under which the fee may be imposed. Failing to log in at least every 18 months, in this case, is the condition under which the fee may be imposed. So, the conservative approach would be to send a corrective disclosure to your existing customers disclosing both the fee and the condition (logging on, etc.). Also, you need to make sure the TISA account disclosures for affected accounts include this information for future customers. ECOA. Q: My understanding of when providing an appraisal to an applicant is that if there is an application that has multiple first-lien dwellings, then the appraisal disclosure and appraisals would not need to be given to the customer. This is because Regulation B provides that this requirement applies to an “Application for credit that is to be secured by a first lien on a dwelling.” Am I correct on this issue? A: No, you are not. I find no exception to this requirement for transactions secured by more than one dwelling. As long as there is at least one dwelling with a first lien (mortgage or deed of trust), the requirement to provide a copy of any appraisal/valuation would apply. FCRA/Privacy Q: We recently made several minor changes to our Privacy Notice, but one more significant change under the section "Reasons we can share your personal information." In that section, we changed from stating that “we do NOT share information with our affiliates for their everyday business purposes" to "Yes, we do share." The bank owns 50% of a title agency that we share information with. My question is, do we need to mail the revised privacy notice out to our customers or could we include a statement message letting our customers know where to locate the most recent privacy notice on our website? A: Your question hits on an intersection of two regulations — Regulation V (Fair Credit Reporting) and Regulation P (Privacy). Regulation V lays out the requirements for sharing consumer information among affiliated entities, while Regulation P does the same for sharing consumer information with nonaffiliated entities. They are joined to an extent because Regulation V (and the FCRA itself) allow its opt-out notice to be “coordinated and consolidated” with another similar notice — such as the Regulation P privacy notice. Regulation P explicitly provides for including the Regulation V/FCRA notice as an integral part of its model privacy notice. With that said, Regulation V requires that a bank give a consumer appropriate notice — either in writing or, if the consumer has agreed, electronically — before sharing the consumer’s information with an affiliate so that the affiliate may market to the consumer and give the consumer a reasonable opportunity to opt out of this sharing before the sharing occurs. All of this argues against merely using something like a statement message. There would not be room for the required language — and there is nothing in the rules that explicitly allow merely providing a web address (where the full notice may be accessed) as a substitute for the required notice. The best route would be to send revised privacy notices to affected consumers and provide them with the required opportunity to opt out of the sharing before the sharing with any affiliate commences. Follow-up Q: If there is no option to optout, could we just post the revised privacy notice on our website? Follow-up A: No, the rules require providing it in a manner that ensures that the consumer/customer actually receives it. Generally, it is not considered reasonable to presume that all customers regularly access the bank’s website. TISA. Q: We are going to migrate customers from their current accounts to our new accounts. In the change letter, do we need to state all the negatives such as maintenance fees increasing, a new paper statement fee, no free checks, and no free cashier’s checks? We will be sending the TISA account disclosure with the letter. A: The bank cannot simply rely on customers reading the account disclosures. Regulation DD provides that if a financial institution provides notice Q&A COMPLIANCE 16 In Touch
RkJQdWJsaXNoZXIy MTg3NDExNQ==