Help me with something please. Section 1103(b) - Confidentiality of Records Financial Institution: says a financial institution shall not release the financial records of a customer unless the government authority certifies in writing that it has complied with the provisions of the act.

However, section 1111 - Duty of Financial Institutions; says upon receipt of a request for records under 1105 (administrative supoena and summons) and 1107 (judicial supoena), the records can be delivered upon receipt of the certification.

The questions I have are:

1. Don't these two sections conflict in terms of the certification requirement?
2. How are search warrants from the local police department to be treated given the apparent conflict in the above?

Thanks in advance for any input.

[This message has been edited by De Vonne (edited 09-28-2001).]

[This message has been edited by De Vonne (edited 09-28-2001).]

In terms of your second question, the Right to Financial Privacy Act would not apply to a search warrant received from a local police department because the RFPA applies only to requests for customer information from FEDERAL government authorities. You would instead look to your state statutory law and cases for guidance on what you can disclose and how.

In terms of your first question, there really isn't a discrepancy between those provisions. The first, in 3403(b), is the general rule that the certificate of compliance must be provided. The second, in 3411, is a specific requirement that directs financial institutions not to delay in gathering requested customer information pursuant to an administrative or judicial subpoena or summons. These are the types of records requests where the federal authority must (unless an exception applies) give notice to the customer and an opportunity to challenge. Once the notice and challenge time period has passed, and assuming any challenge is unsuccessful, the federal authority should provide a certificate of compliance and the institution should immediately turn over the records. The main point of the 3411 procedure is that the institution should not wait until the challenge period expires to begin the compilation and research.

The timing is different on federal search warrants, for example, because the government is only obligated to give after-the-fact notice to the customer and there is no right to challenge, so there is no preliminary notice and challenge period.

Always look at the particular type of records requests (subpoena, summons, search warrant, formal written request, or other), then review the exceptions, then pigeonhole the request even more narrowly (if, for example, it is something exotic like a request from the Secret Service in the exercise of their protective function, or something else that has special provisions relating to it.) Once you have narrowed down specifically where it falls within the RFPA, you can determine whether or not you have a right to require a COC and when you should get it.

Thanks Mary Beth.

Just to make sure I understand in light of the recent events, if the FBI requests records from banks that may have had records in the names of those on its list, does the FBI still have to provide a certificate of compliance or is that covered by one of the exemptions under the Act? Thank you.

The FBI asked for SARs if I am thinking correctly. The SAR will allow them to access records.

------------------
Andy Zavoina
Opinions stated are not necessarily that of my employer.

Designees of the Secretary of the Treasury can request, and obtain, supporting documentation for SARs. If the FBI is requesting the documentation, or additional information, and they are not doing so in the role of a designee of the Treasury Department but are instead proceeding under their own foreign counter-intelligence investigative powers, you can supply them the information, but should obtain a certificate of compliance from them under the RFPA. It provides an important protection from liability for your institution because it states that if records are provided to a federal government authority in good faith reliance upon a certificate of compliance, the institution shall not be liable to any party. (This is separate and apart from the safe harbor provision that protects you from liability for completing and filing an SAR.)