Pubdate: Mon, 3 May 1999 Source: Roll Call (DC) Copyright: 1999 Roll Call Inc. Contact: http://www.rollcall.com/ Authors: Rep. Ron Paul (R-Texas) and Rep. Jay Inslee (D-Wash), members of the Banking and Financial Services Committee HOW CAN CONGRESS PROTECT THE PRIVACY OF FINANCIAL INFORMATION? LET'S END 'KNOW YOUR CUSTOMER' When government regulators recently announced they were pulling the plug - for now, at least - on plans to strip away the final facade of financial privacy for all Americans, one can imagine they did so with a knowing smirk on their face. A smirk because they know what the average American does not: Most big banks already have "Know Your Customer" programs in place. The regulations by that name, proposed last December, would require banks to keep records on the spending and savings habits of every client, with any deviation being reported as "suspicious" to the Internal Revenue Service, FBI, Drug Enforcement Administration and other government agencies. Those agencies, in turn, would be able to freeze accounts and seize assets - essentially destroying a person's life with no probable cause and no warrant - - without there ever being a court order or proof of criminal wrongdoing. The reality, though, is that many banks succumbed a long time ago and adopted these rules very quietly and "voluntarily." That is to say, they started doing these things before it was required because they assumed the agencies would get the regulations. Imagine the surprise when these banks (not to mention the regulators) found that a quarter-million people sent protests demanding the rules be pulled. I led a groundswell movement in Congress to stop them, and the "Know Your Customer" program was "pulled from the shelf." Officially, anyway. The financial regulatory agencies have for some time "recommended" that banks have "Know Your Customer" procedures in place. In fact, the Bank Secrecy Act Compliance Manual actually states that banks should have "Know Your Customer" style policies in place. Such "recommendations," while not required, are often perceived as unspoken threats of the federal regulators. Banks rely on the regulators to give them a clean bill of health or face shutdown. One person I know in the industry said it is well understood that if a bank doesn't follow the "recommendations," the agencies will make sure they find some mistake, somewhere, no matter how small, and earn them heavy fines. In other words: Do what we want and bank examiners will go easy. Many banks have given in; some have not. The problem for both the big banks and the regulators, though, is the free market. Not every bank is participating in this privacy grab. But you can bet you won't see anyone advertise that they share every detail of your life with any federal agent who walks in the door. As a consumer, though, you do have a right to know what records your bank keeps, what its privacy policy is, if it has a "Know Your Customer" program in place and how many times it reports its customers as being "suspicious" to federal agencies. I would suggest that anyone concerned about financial privacy send a letter to his or her bank asking those questions and requesting a response in writing. If the bank does have these programs which are not required, the customer should demand that such files not be kept. If the bank gets enough pressure from its customers, it will change its policies - after all, what good is volunteering to assist the government in invading privacy if customers leave in favor of other institutions that will not? While it is impossible for a customer to know exactly what kind of financial records are now maintained about him or her, it is possible to find out what records the bank is keeping, what is being done with them and how they use or share that information. The anti-privacy movement and bureaucracy were not created out of thin air. Blame for the existing mechanisms for violating privacy falls squarely in the lap of Congress. It is Congress that created the ill-advised laws and agencies that have effectively eliminated Americans' constitutional right to freedom from government search and seizure. It is for this reason that I have introduced two important pieces of legislation on this topic. The first is H.R. 518, the Bank Secrecy Sunset Act. Nearly every regulation, rule and agency "recommendation" dealing with financial privacy has its roots in the 1970 Bank Secrecy Act, a loosely written measure from which regulators can claim almost any power. My legislation requires that Congress either rewrite the 1970 law or devolve those regulatory powers back to the states. The second piece of legislation I have introduced is H.R. 517, the FinCEN Public Accountability Act. Under current law, Americans are allowed to see the FBI and other government files created on them, except files created by the Financial Crimes Enforcement Network. My legislation simply allows Americans to see what financial records (which could include everything from credit reports to simple check transactions) the government has gathered, so as to challenge erroneous information - an important safeguard against civil asset forfeiture abuses. While public support is developing around both pieces of legislation, it is going to take Members hearing from their constituents before they will be willing to tackle the entrenched anti-privacy bureaucracies. But tackle them Congress must, before our constituents - American taxpayers - wake up to find our most basic rights mere relics of the past. But until Congress acts to revoke the power of regulators to create invasive rules and regulations, Americans should use the free market to get to know their bankers and protect their own privacy. Rep. Ron Paul (R-Texas) is a member of the Banking and Financial Services Committee. BANKING PRIVACY ACT PROTECTS CONSUMERS Do you believe your banking transaction experiences are currently private matters? You may be surprised to learn that with certain exceptions, financial institutions may legally share all of the information available about you and your bank account activity with affiliated businesses or anyone else. This shared information includes the amount of each check that you write, to whom each check is written, the date of each check, the amount and date of any deposits into your account and any outside information available, such as information submitted on your initial application for an account. Under existing law, financial institutions are not obligated to honor your request to restrict the dissemination of this personal information. I became interested in banking privacy laws after reading a letter on the subject from a constituent upset about his bank's plans to share his private financial records. I was shocked to learn of the stunning absence of statuary protections of consumer privacy. Suppose banks, insurance companies and securities firms become affiliated, something that will occur more frequently in the future. Will a bank tip off affiliated stock brokers every time their consumers have a sudden increase in their bank account balance, causing the consumer to be subjected to even more telemarketing calls? Will banks "profile" their customers after reviewing their financial information, then have affiliates telemarket products to those customers? Will life insurance companies affiliated with banks review personal checking records for indications of risky behavior, then increase rates based on that information? Under current law, there is nothing to prevent these types of situations. As Congress moves to modernize the financial services industry and allow the lines between banks, securities firms and insurance companies to blur, financial institutions gain a new incentive to profit by sharing customers' personal financial information. Customers who prefer to keep their financial information private have no recourse. As a member of the Banking and Financial Services Committee, I offered a banking privacy amendment to H.R. 10, the Financial Modernization Act. Our banking privacy amendment required financial institutions to disclose their privacy policies and allowed customers the right to opt out of any plan to share personal financial information. The Inslee-Weygand banking privacy amendment was watered down in committee, and language requiring only that financial institutions disclose their privacy policies prevailed. The right of a customer to keep financial records private was not addressed. Though I support more stringent measures, such as putting the burden of obtaining permission to share customers' financial information on financial institutions, I feel a moderate proposal, such as my "opt-out" Banking Privacy Act, is a reasonable step that is likely to garner wide support. For these reasons I will shortly be introducing the Banking Privacy Act, in order to give consumers the right to opt out of any information-sharing plan conducted by their banks and financial institutions. I have been working with consumer groups, the administration, banks, banking associations and my colleagues to solicit their ideas and to obtain their feedback on this issue. It is important to note that my legislation will not impact routine transactions necessary to complete consumer initiated transactions, such as processing a credit card transaction or applying for a home loan, nor will it prevent banks from disclosing information when required to prevent fraud or other abuses. It will give consumers control over their financial activity and information. Since I began speaking publicly about financial privacy matters, I have been contacted by citizens of every political persuasion from all across the United States. Regardless of their political stripe, they all agree that customers should be able to tell their banks to keep private financial information exactly what it should be - private. The issue is simple: Who should control the information in your checking account? Financial privacy should not be sacrificed at the altar of financial industry modernization. Americans have the right to freedom of speech and freedom of religion, and we ought to have the right to freedom from prying eyes into our personal financial business. Financial institutions should not be allowed to share private financial information without customer consent. The Banking Privacy Act is a necessary and practical response to the erosion of financial privacy and the potential explosion in cross-marketing among affiliated financial institutions. Rep. Jay Inslee (D-Wash.) is a member of the Banking and Financial Services Committee. - --- MAP posted-by: Jo-D