Financial Privacy Flashcards

1
Q

Fair credit reporting act USERS

A

lenders, insurers, employers etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Fair Credit reporting act furnishers

A

lenders, retailers, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Consumer Reporting Agencies (CRAs)

A

CRAs compile or evaluate personal information to furnish consumer reports to third parties for a fee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A consumer report is:

A

any communication by a CRA related to an individual that is used to establish
eligibility for credit, insurance, employment, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Fair credit reporting act provides the following privacy rights in consumer reports

A
Accurate and relevant data collection
• Consumer access and correction
• Limits use to “permissible purposes”
• Maintain records
• Provide consumer assistance defined by FTC
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How is the fair credit reporting act enforced?

A

FTC, CFPB, state attorneys general

Dispute resolution; private right of action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Fair and accurate credit transactions act requires:

A

Truncation of credit and debit card numbers

Consumer right to an explanation of their credit scores

Consumer right to a free annual credit report from each of the three national credit agencies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

True/False Fair and accurate transactions act preempts most stricter state laws

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Two rules to Fair and accurate credit transaction act

A

Disposal Rule and Red Flag Rule

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

FACTA Disposal Rule

A

any individual or entity that uses a consumer report, or information derived from a consumer report, for a business purpose to dispose of that consumer information in a way that prevents unauthorized access and misuse of the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Violations to Fair and accurate credit transaction act

A

Civil liability as well as state and federal actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Fair and accurate credit transaction act red flag rule

A

Requires certain financial entities to develop and implement written identity theft detection programs that can
identify and respond to “red flags” that signal identity theft

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Fair and accurate credit transaction act red flag rule only applies to:

A

Financial institutions and creditors. Does not apply to credits who extend credit only expenses incidental to a service”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

true/false: FCRA preempts stricter state laws for employment credit history checks

A

False. FCRA does not preempt stricter state laws for employment
credit history checks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

State credit employment laws that have stricter laws than FCRA

A

California, Connecticut, Delaware, Hawaii, Illinois, Maryland, Nevada, Oregon, Vermont and Washington

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

GLBA requires financial institutions to:

A

Securely store personal financial information (*Safeguards Rule)

Give notice of data sharing policies (*Privacy Rule)

Give consumers the right to opt-out of some sharing (*Privacy Rule)

17
Q

Personal information in scope of GLBA

A

Financial institution management of “non public personal information”

PII, provided to a financial institution by a consumer, resulting from a transaction or service, otherwise obtained from the financial institution

18
Q

PII excluded from GLBA

A

Publicly available information and any consumer list that is derived without using personally identifiable financial information

19
Q

Enforcement agencies of GLBA

A

Financial institutional reform, recovery and enforcement act (FIRREA) and Consumer Financial Protection Bureau (CFPB)

20
Q

What bureau enforces the privacy and safeguards rule of GLBA?

A

Consumer Financial Protection Bureau (CFPB)

21
Q

GLBA Privacy Rule

A

Financial institutions must provide initial and annual privacy notices AND process opt-outs within 30 days

22
Q

FAST act

A

Establishes an exception to the annual privacy notice requirements: A financial institution that meets certain criteria is not required to provide an annual privacy notice to customers

23
Q

Under GLBA consumers cannot opt-out of :

A
  • Information is shared with outside companies that provide essential services (e.g., data processing)
  • The disclosure is legally required
  • Information is shared with outside service providers that market the financial company’s products or services
24
Q

Under GLBA before sharing personal information to third parties, companies must:

A

disclose information-sharing practices to customers and providing them with the FCRA standard opportunity to opt out

25
Q

GLBA privacy notice requirements:

A

Provide customers with clear and conspicuous notice of information sharing policies and practices

Provide customers with the right to opt-out

Refrain from disclosing account number or access codes to nonaffiliated third-party marketers

Comply with regulatory standards designed to protect consumer information

What is collected
With whom information is shared
How information will be safeguarded
How consumer can opt out

26
Q

GLBA Safeguards rule

A

It requires financial institutions to develop and implement a comprehensive “information security program.”

27
Q

Under GLBA Safeguards Rule there must be these 3 security features

A

Administrative security, technical security, physical security

28
Q

GLBA Safeguards rule requirements

A
  • Designate an employee to coordinate the safeguards
  • Design and implement a safeguard program, and monitor and test it regularly
  • Identify and assess the risks and evaluate the effectiveness of the safeguards
  • Select and provide oversight of appropriate service providers
  • Evaluate and adjust the program as needed
29
Q

California Financial Information Privacy Act (SB-1)

A

Increases the disclosure requirements of financial institutions and grants consumers increased rights with regard to information sharing

30
Q

California Financial Information Privacy Act (SB-1) Opt-In requirements

A

opt-in consent is required for a financial institution to share personal information with nonaffiliated third parties

Opt-in provisions must be presented on a form titled “Important Privacy Choices for Consumers” and be written in simple English

31
Q

California Financial information privacy act (SB-1) opt-out requirements

A

grants consumers the ability to opt out of information sharing between their financial institutions and affiliates not in the same line of business

32
Q

Which bureau did the dodd-frank act create?

A

Consumer Financial Protection Bureau (CFPB)

33
Q

CFPB has the authority to do what with which laws

A

Consumer financial protection bureau has rule-making authority for financial privacy and other issues with GLBA and FCRA

34
Q

Agencies that can enforce unfair and deceptive practices for financial privacy laws?

A

FTC, consumer financial protection bureau and state AGs

35
Q

What is a SAR?

A

Suspicious activity report - Must be filed with Department of Treasury’s Financial Crimes Enforcement Network when an entity suspects an insider involved in a crime, regardless of amount and other large transaction amounts

36
Q

International money laundering abatement and anti-terrorist financing act of 2001

A

Expanded reach of BSA and part of the US patriot act.