The source is probably from
18 USC 1080 which in section a.1.2.a refers to financial institution records.
I have also seen it in the OCCs Comptroller Handbook for Internet Banking 1999, page 27, question 7. And this website actually has this question in their ebanking audit sample.
BurntSienna - our organization uses a Logon Disclaimer Policy that is built in as a GPO. Upon the initial login to our network, the disclaimer will appear. The user must acknowledge the disclaimer by clicking OK. Then it goes to the user login screen. It does not appear anytime thereafter (when CTRL/ALT/DEL is used).
Hope this helps.