WASHINGTON —Federal bank and thrift regulators released guidelines Thursday on how examiners should evaluate a financial institution’s compliance with the privacy provisions of the Gramm-Leach-Bliley Act of 1999.

That law required institutions to disclose their privacy policies annually and to give consumers a chance to opt out of information-sharing with third parties. Regulators released rules last year detailing what the disclosure forms should say and how often they should be sent. The rules take effect July 1.

The guidelines, which were sent to banks and thrifts along with an advisory letter, tell examiners to inspect an institution’s policy and opt-out notices to ensure they are “timely, accurate, clear and conspicuous, and delivered so that each customer can reasonably be expected to receive” them.

The guidelines say that examiners should watch how nonpublic personal information is disclosed to third parties, whether the bank or thrift is honoring consumers’ opt-out requests, and that its internal controls are sufficient to monitor compliance. They also say supervisors should ascertain areas of risk associated with a financial institution’s privacy policies.

In addition the guidelines instruct examiners to review complaint logs, telemarketing scripts, and other information obtained from third parties and to look at the nonpublic information an institution collects from or about consumers when providing a financial product or service.

Supervisors should also address how an institution collects complaints and fixes problems concerning its privacy policies.

Subscribe Now

Access to authoritative analysis and perspective and our data-driven report series.

14-Day Free Trial

No credit card required. Complete access to articles, breaking news and industry data.