A regulator urged the banking industry Monday to deflect congressional action by voluntarily adopting best-practices guidelines for customer privacy.
"You don't want regulation, and we don't want regulation," said Ronald F. Bieker, acting director of the division of compliance and consumer affairs at the Federal Deposit Insurance Corp. "But if something is not done quickly, Capitol Hill will dictate what we do."
Speaking at the Independent Bankers Association of America convention, Mr. Bieker said banks should develop and disclose to all customers detailed policies describing how they use and disseminate confidential data.
Banks also should impose internal controls to ensure the policies are followed, test the policies to guarantee they work, and train all bank employees on the importance of safeguarding confidential data, he said.
The Senate already is considering legislation that would require the banking agencies to draft privacy regulations, he warned. "You must act now," he said. "A legislative solution will gain momentum unless the industry puts forth a market solution."
Industry officials said they got the message. "We are very supportive of the self-regulatory approach," said Karen M. Thomas, the IBAA's director of regulatory affairs. "You can be more flexible and more responsive to your customers than if you have a statutory solution."
Randy Miles, president of State Bank of the Lakes, Antioch, Ill., said it would be difficult for regulators to draft privacy rules that work for agricultural, suburban, and big-city banks. "Every bank in every community is so different that you cannot put a regulation out there and have it be germane," he said.
Mr. Miles also questioned whether most consumers are truly worried about privacy. The customers who complain typically have run up large, unpaid overdrafts at other banks and are upset that State Bank of the Lakes will not let them open an account, he said.
The problem is that "consumers want to go from bank to bank to bank without us knowing what is going on," he said.
Also at the workshop, Dolores S. Smith, director of consumer and community affairs at the Federal Reserve Board, said her agency has nearly completed a Regulation E commentary describing the types of disclosures that must be made when a consumer uses debit and credit cards on the Internet. To the retailer, these cards appear identical, which makes it tough to know which set of disclosures should be made, she said.
The Fed has not dropped its stored-value card proposal, which has been on hold for more than two years. "This is something we will be going back to the board with," Ms. Smith said.
Scheduled for release in the "not too distant future" are proposals to revamp regulations B and C, parts of which deal with the collection of data on borrowers. The Fed last year issued advance notices of proposed rulemaking asking the industry whether it should permit the voluntary collection of race and gender data on small-business borrowers. Ms. Smith declined to offer details on any of these initiatives.