Banking & Financial Institutions Law Banking and financial institutions law covers the rules and regulations applicable to lending institutions. Lending institutions are regulated under both federal and Illinois law.
Legislative history. The national banking system was created by the National Banking Act of 1864, which allowed for the chartering of national banks. The Federal Reserve Act of 1913 established the Federal Reserve System as the central U.S. bank.
The McFadden Act of 1927 prohibited interstate banking. The Glass Steagall Act established in 1933 a wall between commercial banking and investment banking. It also created the Federal Deposit Insurance Corporation. The Bank Holding Company Act of 1953 prohibited a bank holding company headquartered in one state from buying a bank in another state.
More recent banking legislation has focused on removing limits placed on banks by the earlier laws. The Riegle-Neal Interstate Banking and Branching Efficiency Act of 1994 allowed certain banks to purchase out-of-state banks. The Gramm-Leach Bliley Act of 1999 repealed Glass Steagall and broke down the boundaries between banks and insurance companies. Specially created holding companies are now permitted to combine insurance, securities, banking, and real estate services under the same roof.
Federal Reserve. The U.S. central bank, called the Federal Reserve, was created to provide a more stable banking system than had existed up to that point. The Federal Reserve's responsibilities are: (1) conducting the nation's monetary policy; (2) supervising and regulating banking institutions and protecting the credit rights of consumers; (3) maintaining the stability of the financial system; and (4) providing certain financial services to the U.S. government, the public, financial institutions, and foreign official institutions.
FDIC. Congress created the Federal Deposit Insurance Corporation in 1933 to restore faith in the banking system following the runs on banks during the Depression. The FDIC protects depositors' funds lost when a bank or savings institution fails. It does not protect against losses other than financial failure, such as a swindle or a fire, nor does it protect funds other than deposits, such as money invested in a bank annuity or mutual fund.
Deposited funds are protected up to $100,000 per depositor and payment is usually made on the next business day following the bank or lending institution's failure. Funds in excess of the limit can be recovered in some circumstances, but not from the FDIC.
Financial privacy. Bank customers have always wanted to keep their financial records private, but the issue has become particularly important now that lines are dissolving between industries and that the possibility that insurance companies, securities firms, and realtors could obtain the information is greater.
The Gramm-Leach Bliley Act, recognizing those concerns, imposes financial privacy requirements on banks and other lending institutions. It requires them to provide consumers privacy notices that explain their information-sharing practices. Consumers, on the other hand, have the right to limit some sharing of their information, but not all of it. The privacy protection rules apply only to information collected about individuals, not to information collected in business or commercial activities.
Under the rules, financial institutions must automatically give the privacy notice to their customers. In addition, financial institutions must give customers a notice every year that their relationship with that customer continues. Financial institutions, on the other hand, must give the privacy notice to consumers only if the institution shares the information with companies not affiliated with it, with some exceptions.
The difference between a customer and a consumer is that a customer is one who has a long-term relationship with the financial institution. A consumer is someone who purchases a product from or uses a service provided by the institution, but otherwise doesn't have an ongoing relationship.
Notice requirements. The privacy notice must be provided in a reasonable manner. Reasonableness depends upon the circumstances. Traditional brick-and-mortar businesses should mail the notice or deliver it in person. Online businesses should send email or provide some other reasonable electronic delivery mechanism.
The notice must contain a clear and accurate statement of the institution's privacy practices. It should explain what information the institution collects, with whom it shares the information, and how it protects the information.
The term that the law uses for determining what information is entitled to protection is "nonpublic personal information." Public information, such as a phone number or the fact that the customer has a mortgage with the institution (assuming that the mortgage information is publicly recorded), is not entitled to privacy protection. The protection does extend to information supplied to the institution from a third part, such as a credit report obtained as part of a loan approval process, as long as the information is nonpublic.
Information sharing. Consumers and customers have the right to prevent their information from being shared with companies unaffiliated with the institution. The institution is required by law to provide a reasonable means for consumers and customers to tell their institution not to share the information, and it must explain the process in the notice it provides.
Neither customers nor consumers have the right under Gramm-Leach Bliley to prevent the institution from sharing private information with "sister" companies under the same ownership. They do, however, have certain protections under a different federal law, the Fair Credit Reporting Act. Although Gramm-Leach Bliley doesn't protect the information in this situation, it does require that the privacy notice inform customers and consumers of their rights under the Fair Credit Reporting Act.
In three other situations, Gramm-Leach Bliley provides that customers and consumers cannot prevent information sharing: (1) a financial institution shares information with outside companies that provide essential services, such as data processing; (2) information disclosure is legally required; and (3) a financial institution shares customer data with outside service providers that market the financial company's products or services.
The law also applies to what those who receive the information from a financial institution can do with it. For example, a company providing essential services, under (1) above, can use the information only to provide the essential services. It cannot resell the information or use it for any other purpose.
If, however, the situation involves the right of a customer or consumer to prevent information disclosure, and the customer or consumer does not, the recipient of the information from the institution is free to use the information as it sees fit, as long as the original privacy notice is not violated. If the privacy notice provided the right to resell the information, the recipient can resell the information.
State regulation. The Illinois regulator of financial institutions is the Office of Banks and Real Estate, which resulted from a June 1, 1996, merger of the Commissioner of Banks and Trust Companies and the Office of the Commissioner of Savings and Residential Finance. Its mission is to protect and educate the public and promote confidence in the regulated industries. It consists of four bureaus.
Bureau of Banks and Trust Companies. The relevant bureau for banking purposes is the Bureau of Banks and Trust Companies, which regulates state-charted commercial banks, foreign banking offices, foreign bank representative offices, corporate fiduciaries, foreign corporate fiduciaries, electronic funds transfer systems, check printers, ATMs not owned by financial institutions, and pawnbrokers.