Privacy
Annual Privacy of Consumer Financial Information Compliance Reviews would satisfy the federal requirements of Regulation P to ensure compliance with the Regulation’s policy and procedure requirements. Specific components of the Privacy compliance review would include, as applicable:
CSI offers the following services:
- A review of the institution’s compliance with the privacy regulation, specifically in meeting the following requirements:
- Providing privacy notices that are timely, accurate, clear and conspicuous, and are delivered so that each customer can reasonably be expected to receive the notice;
- Lawfully using or disclosing nonpublic personal information received from a non-affilieated finacial institution;
- Determining if the institution is required to provide an opt out notice to it’s customers, and, if applicable, all requirements of the opt out provision have been met.
- Disclosinig account numbers according to the limits in the regulation.
- A review of the Bank’s or Credit Union’s written policy and procedures, including:
- Privacy Policy
- Initial and Annual Privacy Policy delivery procedures
- Customer Inquiry Policy
- Conflict of Interest Policy
- Employee Training
- A review of the institution’s internal controls and procedures for monitoring compliance with the privacy regulation.
- Random testing of information shared with non-affiliated third parties within the exceptions stated in Section 14 and 15 of the regulation.
- Random pretext calls performed to determine employee adherence to the customer inquiry policy.
- A review of third party contracts with non-affiliated third parties that perform services for the institution.