By: David L. Beam, *Anjali Garg
*Ms. Garg is a law clerk and not admitted to the practice of law.
Federal privacy laws do not prohibit a financial institution from reporting suspected elder abuse to the authorities. That’s the key takeaway from a new interagency guidance issued by seven federal regulatory agencies on September 23.
The guidance is timely, because many states are enacting laws that require or encourage financial institutions and others to report suspected elder abuse. For example, a new law in California requires money transmitter licensees to train their agents on how to recognize and report financial elder abuse (Cal. Fin. Code § 2043). This law supplements existing California law that requires certain types of caregivers and custodians of dependents to report financial elder abuse (Welf. & Inst. Code §§ 15600 et seq.). In addition, organizations and local governments are releasing advertising campaigns to help the public recognize financial elder abuse.
Financial institutions should review their policies and procedures on elder abuse to ensure that they are in compliance with applicable reporting laws.
The guidance highlights some of the signs of financial abuse of older adults, including:
• Uncharacteristic financial transactions such as nonpayment of bills, non-sufficient fund activity, or frequent large bank withdrawals; or
• Suspicious interactions with caregivers such as fear or submissiveness, an increase in new caregivers, or sudden involvement of a caregiver in the elder’s financial affairs.
Absent an exception, the guidance says that reporting financial elder abuse could run afoul of the Gramm-Leach-Bliley Act’s restrictions on the disclosure of nonpublic personal information about customers (15 U.S.C. § 6801). The GLBA generally prohibits such disclosure by financial institutions to third parties unless a consumer receives proper notice and opportunity to opt out of the disclosure (15 U.S.C. § 6802). The interagency guidance highlights a number of potential exceptions to those notice and opt-out requirements for reporting suspected elder financial exploitation:
• Compliance with federal, state, or local laws, rules, or legal requirements: Certain state laws may require financial institutions to report suspected financial elder abuse. In these instances, the GLBA allows disclosure of nonpublic personal information to comply with the laws (15 U.S.C. § 6802(e)(8)).
• Compliance with federal, state, or local investigations or subpoenas: Financial institutions may disclose certain nonpublic personal information to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by federal, state, or local authorities, or to respond to judicial process or government regulatory authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law (15 U.S.C. § 6802(e)(8)).
• Protection against or prevention of potential harm: Nonpublic personal information may be disclosed to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability (15 U.S.C. § 6802(e)(3)(B)). Examples include elders not consenting to certain financial transactions or being scammed into consenting.
• Permitted or required disclosures to law enforcement agencies under the Right to Financial Privacy Act: Financial institutions may disclose nonpublic personal information to certain law enforcement agencies (including the CFPB, FTC, Treasury, and federal functional regulators) and self-regulatory agencies in accordance with the Right to Financial Privacy Act of 1978 (12 U.S.C. § 3401).
The guidance also notes that financial institutions may still disclose nonpublic personal information under GLBA if they have the consent of the consumer or the consumer’s legal representative (15 U.S.C. § 6802(e)).
The new guidance supplements prior guidance encouraging institutions to file a Suspicious Activity Report (SAR) if they suspect financial elder abuse. The Department of the Treasury Financial Crimes Enforcement Network (FinCEN) issued an advisory in February 2011 encouraging financial institutions to file a SAR with the marking “elder financial exploitation” in the narrative in order to better track abuse. Institutions should continue to use this avenue to report suspected abuse.
The seven federal agencies that issued the guidance are the Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, Federal Trade Commission, National Credit Union Administration, Office of the Comptroller of the Currency, and Securities and Exchange Commission. The Commodity Futures Trading Commission issued the document as staff guidance.