Regulators’ new approach to financial services disclosures
June 17, 2010
By Ted Dreyer, senior attorney for Wolters Kluwer Financial Services
Many of the financial services regulatory changes that have recently been issued have instituted new and revised compliance disclosures that share common characteristics. They are in a tabular format, rather than paragraphs of text, divided into questions on the left-hand side of the page followed by answers on the right-hand side, and use consumer-friendly terminology.
These changes reflect a conscious decision on the part of the financial services regulatory agencies to adopt a disclosure style that is intended to “simplify” consumer disclosures.
Just one slight complication…
Unfortunately for financial institutions, this “simplification” means the disclosures are being made for the benefit of the consumer that receives them, not the institution that has to give them. Institutions will face significant operational challenges in implementing the new forms. These challenges include adapting to the new style of disclosures, customizing them to their needs, timing the switchover to the new forms, and maintaining their regulatory safe harbor.
This new style of disclosure appears to be a trend that the regulators are likely to continue with. So it is worthwhile to understand how they came about, and the theories that underlie these new and revised disclosures.
Simplification began with privacy notices
This evolution began with an effort by financial services regulators to improve the privacy notices that were first required in July of 2001 as a result of the Gramm-Leach-Bliley Act. Soon afterwards it became clear that the notices were not being read or understood by consumers. So the regulators began gathering comments on how they could be improved.
By the summer of 2004, six agencies started the Interagency Notice Project to identify problems and develop a notice that would be more easily understood. Soon after their research was completed, Congress required a model privacy form to be developed as part of the Financial Services Regulatory Relief Act of 2006. The model form was intended to replace existing privacy disclosures that came from the Gramm-Leach-Bliley Act.
Congress believed a standard model form would make it easier for consumers to compare privacy practices among institutions. So it mandated a form with the following characteristics:
• Comprehensible to consumers, with a clear format and design.
• Clear and conspicuous disclosures.
• Permissible of easy comparison of privacy practices among financial institutions.
• Succinct, in an easily read font.
Congress assigned the task of creating the new model form to a group of eight regulators. This group included the Federal Reserve Board, the Office of the Comptroller of the Currency, the Office of Thrift Supervision, FDIC, the National Credit Union Administration, the Federal Trade Commission, the Commodity Futures Trading Commission, and the Securities and Exchange Commission.
A proposed model Privacy form was released by the agencies in March 2007. Institutions and other industry representatives submitted comments and many significant changes were made as a result. The regulators then did consumer testing to determine if the new form was an improvement over the original privacy notice and they determined that it was. A final model Privacy form was released in December of 2009.
The result is a standardized form that does not even use the word “privacy.” Consumers were found to be more likely to read the notice with the title: “What Does [Name of Financial Institution] do with your Personal Information?” It uses a tabular format that is an attempt to make privacy disclosures look somewhat like the nutritional information charts on food products.
The terminology was also made more understandable to consumers. For example, instead of using the legalistic term “opt-out,” the form refers to rights to “limit sharing.” And instead of saying that exceptions exist “as permitted by law” as the old form did, it refers to use “for everyday business purposes.”
Since the new form is intended to be standardized across the industry, only very limited changes to the form are allowed. Although the use of this new Model Form is not technically mandatory, the regulators are withdrawing the safe harbor for compliance for the old forms after January 1, 2011. Because regulatory safe harbors are highly valued, the new form will probably become the privacy standard in the industry by next year.
Replicating the privacy technique
This new disclosure style has been used to revamp other existing disclosures as well, including the new Real Estate Settlement Procedure Act Good Faith Estimate and the Truth-in-Lending Act forms for credit cards. Both of these forms use tables; questions on the left that are answered on the right; and more understandable text to replace existing forms that were not as consumer-friendly.
Starting in 2011, there will be a new group of forms that will also make use of the new disclosure style. The risk-based pricing disclosure that comes from the Fair and Accurate Credit Transactions (FACT) Act and is effective Jan. 1, 2011, is one example. This disclosure must be given when lenders use consumer reports in connection with extensions of credit where the interest rate is materially less favorable.
The regulatory agencies did not separately test the new risk-based pricing model forms with consumers, but rather said that “the design of the model forms was informed by consumer testing” that was under the Federal Reserve’s review of its credit card disclosure rules under Truth in Lending. As a result, the appearance of the risk-based pricing forms is very similar to the model privacy form.
Use of the new tabular disclosure format appears to be very popular with regulators and according to the testing results, with consumers as well. Although there are some problems that institutions face in implementing the new format, the new style does seem to represent a clearer method of giving required information to consumers. It appears to represent the wave of the future in the area of financial disclosures.
For more compliance topics on www.ababj.com, see the following sections:
Lucy and Nancy’s Common Sense Compliance Blog
John Byrne’s AML, Fraud, and a Few Other Things
Compliance Inbox Online
For more compliance topics at aba.com, see the following links:
ABA's Center for Regulatory Compliance is member banks’ gateway to support for meeting the challenges of managing compliance risk. The Center provides direct access to regulatory expertise, up-to-date reports on agency initiatives, and the resources to assist you in keeping pace with the demands of supervisory oversight. http://www.aba.com/Compliance/default.htm
[This report was posted on June 17, 2010 on the website of ABA Banking Journal, www.ababj.com, and is copyright 2010 by the American Bankers Association.]