Privacy - Not To Be Assumed
Robert G. Rowe, III, Esq., Regulatory Counsel, Independent Community Bankers of America
Privacy is an issue that has recently taken center stage in the public's eye and by Congress. For us, privacy essentially means appropriate preservation of the confidentiality of customer account records. Modern-day banking is really information management. The hue and cry about privacy is a resentment over government snooping or telemarketing practices - not bank services.
Over the years, bankers have done a superb job protecting customer information - building the trust on which the banking relationship is founded. But privacy as a concept is being used in all sorts of ways, and could become a neat encapsulation that is a bitter pill for bankers - and their customers. For example, legislation being considered in some states could make it difficult if not impossible to transmit customer information to third parties. We often rely on joint ventures and outside service providers to provide services such as credit cards, brokerage activities, retail insurance sales - a whole host of products. When we offer services through an outside vendor, we communicate customer information to a third party: the service provider. If these or other new laws that consumer advocates are calling for are adopted, we may have to get a customer's permission before we can arrange with a service provider to furnish a credit card!
We also rely on third parties for other services. Outside auditors regularly review customer files to ensure procedures are being properly followed. Outside collection agents may be hired to pursue delinquent loans. Would you want to have to ask a customer permission to give their file to a collection agent? And outside counsel may be necessary if relations with a customer turn sour. If you're suing a customer, do you want to have to ask permission from the customer first?
While banks have traditionally respected and protected customer information, the explosion in technology has made it much easier to access that information. And that easy access is what has people concerned. Think long and hard about anyone who sees a customer file - whether inside or outside the bank. And then consider whether that person really needs to see it and plug any gaps in procedures.
Above all, be sure that your privacy statement mirrors what really happens. Don't promise anything you can't (or don't) deliver.
The key for us to remember is that the privacy debate was really about customer information. We must educate our customers about the occasional need to share information in order to provide the kinds of services they expect from a modern financial institution.
And we must reassure our customers - often - that we respect customer information and that we treat it with the confidentiality it deserves.
Copyright © 2000 Bankers' Hotline. Originally appeared in Bankers' Hotline, Vol. 10, No. 4, 4/00
First published on 04/01/2000