Skip to main content
  1. Home
  2. Consumer and Community Affairs
  3. Consumer-Related Statutory Provisions
  4. Background and Summary of the Right to Financial Privacy Act

Background and Summary of the Right to Financial Privacy Act

6-1787
The Right to Financial Privacy Act of 1978 became effective on March 10, 1979. It was enacted because customers of financial institutions have a right to expect that their financial activities have a reasonable amount of privacy from federal government scrutiny. The act establishes specific procedures for government authorities that seek information about a customer’s financial records from a financial institution. It also imposes limitations and duties on financial institutions prior to the release of information sought by government agencies. Finally, it generally requires that the customer receive the following:
  • a written notice of the agency’s intent to obtain financial records
  • an explanation of the purpose for which the records are sought
  • a statement describing procedures to use if the customer does not wish such records or information to be made available
There are certain exceptions that allow for delayed notice or no notice to the customer.
Prior to the act, customers of financial institutions could not challenge government access to their financial records, nor did they have any way of knowing that personal records were being turned over to a government authority. In United States v. Miller, 425 U.S. 435 (1976), the Supreme Court held that financial records, because they are kept by the institution, are the property of the institution rather than the customer. As such, customers had no protectable legal interest in records kept by the financial institution, nor could they limit government access to those accounts. It was principally in response to this decision that the Right to Financial Privacy Act was adopted.
6-1788

DEFINITIONS (§ 1101)

As defined by the act, a customer is any person or representative of that person who utilized or is utilizing any service of a financial institution. It also includes any person for whom the financial institution is acting or has acted as a fiduciary. However, a customer does not include a corporation or partnership of six or more individuals.
6-1789

REQUIREMENTS (§§ 1102–1108)

To obtain access to the financial records of the customer, the act requires, with certain exceptions, that the government authority first obtain one of the following:
  • an authorization, signed and dated by the customer, that identifies the records being sought, the reasons the records are being requested, and the customer’s rights under the act
  • an administrative subpoena or summons
  • a search warrant
  • a judicial subpoena
  • a formal written request by a government agency (to be used only if no administrative summons or subpoena authority is available)
If a financial institution receives a request for information, it may not release the financial records of a customer until the government authority seeking such records certifies in writing that it has complied with the applicable provision of the act. The financial institution is required to maintain a record of all instances in which a customer’s record is disclosed to a government authority pursuant to customer authorization. The record should include the date, the name of the government authority, and an identification of the records disclosed. Generally, the customer has a right to inspect that record.
Although there are no specific record-retention requirements in the act, financial institutions should retain copies of all administrative and judicial subpoenas, search warrants, and formal written requests received from federal agencies or departments along with the written certification required.
Under the act, a financial institution must begin assembling the required information upon receipt of the agency’s summons or subpoena or a judicial subpoena and must be prepared to deliver the records upon receipt of the written certificate of compliance.
6-1790

COST REIMBURSEMENTS (§ 1115)

One section of the act, effective October 1, 1979, allows the financial institution, with certain exceptions, to receive payment from a government authority requesting information pursuant to the act. This may include costs for assembling or providing records, reproduction and transportation costs, or any other costs reasonably necessary or incurred in gathering and delivering requested information. The Federal Reserve Board’s Regulation S establishes the rates and conditions under which these payments may be made.
6-1791

EXCEPTIONS TO NOTICE AND CERTIFICATION REQUIREMENTS (§ 1113)

  • The act specifically allows a financial institution to notify law enforcement officials if it has information relevant to a violation of the law.
  • A financial institution may submit copies of financial records to any court or agency when perfecting a security interest, proving a claim in bankruptcy, or collecting a debt for itself or a fiduciary.
  • A financial institution may also release records that are not individually identifiable with a particular customer.
  • The act does not apply to records that are sought by a supervisory agency in connection with its supervisory, regulatory, or monetary functions. This includes regular examinations and any investigations relating to consumer complaints.
  • The act does not apply when records are sought in accordance with procedures authorized by the Internal Revenue Code (for example, records that are intended to be accessed by procedures authorized by the Tax Reform Act of 1976).
  • A financial institution may provide records that are required to be reported in accordance with any federal statute (for example, the Bank Secrecy Act) or rule promulgated thereunder.
  • If the agency and the customer are parties to a suit, records are obtainable under the Federal Rules of Civil and Criminal Procedure.
  • With the exception of cost reimbursement and the restricted use of grand jury information, the act does not apply to a subpoena issued in conjunction with proceedings before a grand jury.
  • The act does not apply to records sought by the General Accounting Office for an authorized proceeding or audit directed at a federal agency.
6-1792

EXCEPTION TO NOTICE REQUIREMENTS BUT WHERE CERTIFICATION IS REQUIRED ( §§ 1114 and 1122)

The act does not apply when a financial institution, rather than a customer, is being investigated. However, the federal agency seeking access to customer records must provide the financial institution with the certification of compliance required.
Records may also be provided incidental to processing a government loan, loan guaranty, loan insurance agreement, or default upon a government-guaranteed or -insured loan. Again, the federal agency seeking access must provide the financial institution with the written certification of compliance. The federal agency must also give to the loan applicant a notice of its access rights when the customer initially applies for the loan. The financial institution is then required to keep a record of all disclosures made to government authorities, and the customer is entitled to inspect this record.
No notice is required and the customer does not have the right to challenge any access when the government is engaging in authorized foreign intelligence activities or when the Secret Service is conducting its protective functions. A certificate of compliance must be furnished to the institution.
Although the Securities and Exchange Commission is covered by the act, it can obtain a customer’s records from an institution, without prior notice to the customer, by obtaining an order from a United States district court. It must provide the institution with a certificate of compliance, along with the court order prohibiting disclosure of the fact that the documents have been obtained. The court order will set a delay-of-notification date after which the institution will notify the customer that the SEC has obtained his or her records.
6-1793

DELAYED-NOTICE REQUIREMENTS (§ 1109)

Under certain circumstances, a court may give customers delayed notice that government authorities have obtained their financial records. Customer notice can be delayed for periods up to 90 days if the government can convince the court that notice would result in endangering the life or physical safety of any person, flight from prosecution, destruction of or tampering with evidence, or intimidation of potential witnesses, or would otherwise seriously jeopardize or unduly delay an investigation, trial or official proceeding. Delayed notice of no later than 90 days is also allowed for search warrants.
6-1794

CIVIL LIABILITY (§ 1117)

Any government agency that obtains, or any financial institution or employee of the institution who discloses, information in violation of the act is liable for (1) actual damages; (2) $100, regardless of the volume of records involved; (3) court costs and reasonable attorney’s fees; and (4) such punitive damages as the court may allow for willful or intentional violations. A financial institution that relies in good faith upon a federal agency’s certification cannot be held liable to a customer for the disclosure of financial records. An action can be brought up to three years after the date of violation or the date of its discovery.
Back to top