06-4144. Obtaining Information From Financial Institutions  

  • Start Preamble

    AGENCY:

    Department of Defense.

    ACTION:

    Final rule.

    SUMMARY:

    The Department of Defense is revising its current policies concerning obtaining information from financial institutions under the Right to Financial Privacy Act of 1978, as amended (12 U.S.C. chapter 35). This part prescribes practices and procedures for the Department of Defense to obtain from a financial institution the financial records of its customers.

    EFFECTIVE DATES:

    February 2, 2006.

    Start Further Info

    FOR FURTHER INFORMATION CONTACT:

    Mr. Vahan Moushegian, Jr., at (703) 607-2943.

    End Further Info End Preamble Start Supplemental Information

    SUPPLEMENTARY INFORMATION:

    The proposed rule was published in the Federal Register on February 2, 2006, at 71 FR 5631. No public comments were received. The only change made to this final rule was to move portions of the information into appendices.

    Executive Order 12866, “Regulatory Planning and Review”

    It has been determined that 32 CFR part 275 is not a significant regulatory action. The rule does not (1) Have an annual effect to the economy of $100 million or more or adversely affect in a material way the economy; a section of the economy; productivity; competition; jobs; the environment; public health or safety; or State, local, or tribal governments or communities; (2) Create a serious inconsistency or otherwise interfere with an action taken or planned by another Agency; (3) Materially alter the budgetary impact of entitlements, grants, user fees, or loan programs, or the rights and obligations of recipients thereof; or (4) Raise novel legal or policy issues arising out of legal mandates, the President's priorities, or the principles set forth in this Executive order.

    Public Law 96-354, “Regulatory Flexibility Act” (5 U.S.C. 601)

    It has been certified that this rule is not subject to the Regulatory Flexibility Act (5 U.S.C. 601) because it would not, if promulgated, have a significant economic impact on a substantial number of small entities because it is only concerned with accessing financial records as prescribed by Federal law.

    Public Law 96-511, “Paperwork Reduction Act” (44 U.S.C. Chapter 35)

    It has been certified that this rule does not impose reporting or recordkeeping requirements under the Paperwork Reduction Act of 1995.

    Unfunded Mandates Reform Act (Sec. 202, Pub. L. 104-4)

    It has been certified that this rule does not contain a Federal mandate that may result in the expenditure by State, local, and tribal governments, in the aggregate, or by the private sector, of $100 million or more in any one year.

    Executive Order 13132, “Federalism”

    It has been certified that this rule does not have federalism implications, as set forth in Executive Order 13132. This rule does not have substantial direct effects on the States, the relationship between the National Government and the States, or the distribution of power and responsibilities among the various levels of government.

    Start List of Subjects

    List of Subjects in 32 CFR Part 275

    • Banks, banking
    • Credit
    • Privacy
    End List of Subjects Start Printed Page 26221 Start Amendment Part

    Accordingly, 32 CFR part 275 is revised as follows:

    End Amendment Part Start Part

    PART 275—OBTAINING INFORMATION FROM FINANCIAL INSTITUTIONS; RIGHT TO FINANCIAL PRIVACY ACT OF 1978

    275.1
    Purpose.
    275.2
    Applicability and scope.
    275.3
    Definitions.
    275.4
    Policy.
    275.5
    Responsibilities.

    Appendix A to Part 275—Obtaining Basic Identifying Account Information

    Appendix B to Part 275—Obtaining Customer Authorization

    Appendix C to Part 275—Obtaining Access by Administrative or Judicial Subpoena or by Formal Written Request

    Appendix D to Part 275—Obtaining Access by Search Warrant

    Appendix E to Part 275—Obtaining Access for Foreign Intelligence, Foreign Counterintelligence, and International Terrorist Activities or Investigations

    Appendix F to Part 275—Obtaining Emergency Access

    Appendix G to Part 275—Releasing Information Obtained From Financial Institutions

    Appendix H to Part 275—Procedures for Delay of Notice

    Appendix I to Part4 275—Format for Obtaining Basic Identifying Account Information

    Appendix J to Part 275—Format for Customer Authorization

    Appendix K to Part 275—Format for Formal Written Request

    Appendix L to Part 275—Format for Customer Notice for Administrative or Judicial Subpoena or for a Formal Written Request

    Appendix M to Part 275—Format for Certificate of Compliance With the Right to Financial Privacy Act of 1978

    Appendix N to Part 275—Obtaining Access to Financial Records Overseas

    Start Authority

    Authority: 12 U.S.C. 3401, et seq.

    End Authority
    Purpose.

    This part:

    (a) Updates policies and responsibilities, and prescribes procedures for obtaining access to financial records maintained by financial institutions.

    (b) Implements 12 U.S.C. Chapter 35 by providing guidance on the requirements and conditions for obtaining financial records.

    Applicability and scope.

    This part applies to:

    (a) The Office of the Secretary of Defense, the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the Inspector General of the Department of Defense, the Defense Agencies, the DoD Field Activities, and all other organizational entities in the Department of Defense (hereafter referred to collectively as the “DoD components”).

    (b) Only to financial records maintained by financial institutions.

    Definitions.

    (a) Administrative Summons or Subpoena. A statutory writ issued by a Government Authority.

    (b) Customer. Any person or authorized representative of that person who used or is using any service of a financial institution or for whom a financial institution is acting or has acted as fiduciary for an account maintained in the name of that person.

    (c) Financial Institution (for intelligence activity purposes only. (1) An insured bank (includes a foreign bank having an insured branch) whose deposits are insured under the Federal Deposit Insurance Act.

    (2) A commercial bank or trust company.

    (3) A private banker.

    (4) An agency or branch of a foreign bank in the United States.

    (5) Any credit union.

    (6) A thrift institution.

    (7) A broker or dealer registered with the Securities and Exchange Commission.

    (8) A broker or dealer in securities or commodities.

    (9) An investment banker or investment company.

    (10) A currency exchange.

    (11) An issuer, redeemer, or cashier of travelers' checks, checks, money orders, or similar instruments.

    (12) An operator of a credit card system.

    (13) An insurance company.

    (14) A dealer in precious metals, stones, or jewels.

    (15) A pawnbroker.

    (16) A loan or finance company.

    (17) A travel agency.

    (18) A licensed sender of money or any other person who engages as a business in the transmission of funds, including any person who engages as a business in an informal money transfer system or any network of people who engage as a business in facilitating the transfer of money domestically or internationally outside of the conventional financial institutions system.

    (19) A telegraph company.

    (20) A business engaged in vehicle sales, including automobile, airplane, and boat sales.

    (21) Persons involved in real estate closings and settlements.

    (22) The United States Postal Service.

    (23) An agency of the United States Government or of a State or local government performing a duty or power of a business described in this definition.

    (24) A casino, gambling casino, or gaming establishment with an annual gaming revenue of more than $1,000,000 which is licensed as a casino, gambling casino, or gaming establishment under the laws of a State or locality or is an Indian gaming operation conducted pursuant to, and as authorized by, the Indian Gaming Regulatory Act.

    (25) Any business or agency that engages in any activity which the Secretary of the Treasury, by regulation determines to be an activity in which any business described in this definition is authorized to engage; or any other business designated by the Secretary of the Treasury whose cash transactions have a high degree of usefulness in criminal, tax, or regulatory matters.

    (26) Any futures commission merchant, commodity trading advisor, or commodity pool operator registered, or required to register, under the Commodity Exchange Act that is located inside any State or territory of the United States, the District of Columbia, Puerto Rico, Guam, American Samoa, the Commonwealth of the Northern Mariana Islands, or the United States Virgin Islands.

    (d) Financial Institution (other than for intelligence activity purposes). Any office of a bank, savings bank, credit card issuer, industrial loan company, trust company, savings association, building and loan, or homestead association (including cooperative banks), credit union, or consumer finance institution that is located in any state or territory of the United States, or in the District of Columbia, Puerto Rico, Guam, American Samoa, or the Virgin Islands.

    (e) Financial Record. An original, its copy, or information known to have been derived from the original record held by a financial institution that pertains to a customer's relationship with the financial institution.

    (f) Government Authority. Any agency or Department of the United States, or any officer, employee, or agent thereof, to include DoD law enforcement offices, personnel security elements, and/or intelligence organizations.

    (g) Intelligence Activities. The collection, production, and dissemination of foreign intelligence and counterintelligence, to include investigation or analyses related to international terrorism, by DoD intelligence organizations.

    (h) Intelligence Organizations. Any element of a DoD Component authorized by the Secretary of Defense to conduct intelligence activities.Start Printed Page 26222

    (i) Law Enforcement Inquiry. A lawful investigation or official proceeding that inquires into a violation of or failure to comply with a criminal or civil statute, or any rule, regulation, or order issued pursuant thereto.

    (j) Law Enforcement Office. Any element of a DoD Component authorized by the Head of the DoD Component conducting law enforcement inquiries.

    (k) Person. An individual or a partnership consisting of five or fewer individuals.

    (l) Personnel Security Element. Any element of a DoD Component authorized by the Secretary of Defense conducting personnel security investigations.

    (m) Personnel Security Investigation. An investigation required for determining a person's eligibility for access to classified information, acceptance or retention in the Armed Forces, assignment or retention in sensitive duties, or other designated duties requiring such investigation. Personnel security investigations include investigations conducted for the purpose of making personnel security determinations. They also include investigations of allegations that may arise subsequent to favorable adjudicative action and require resolution to determine a person's current eligibility for access to classified information or assignment or retention in a sensitive position.

    Policy.

    It is DoD policy that:

    (a) Authorization of the customer to whom the financial records pertain shall be sought unless doing so compromises or harmfully delays either a legitimate law enforcement inquiry or a lawful intelligence activity. If the person declines to consent to disclosure, the alternative means of obtaining the records authorized by subpart B shall be utilized.

    (b) The provisions of 12 U.S.C. Chapter 35 do not govern obtaining access to financial records maintained by military banking contractors located outside the United States, the District of Columbia, Guam, American Samoa, Puerto Rico, and the Virgin Islands. The guidance set forth in Appendix N of subpart B may be used to obtain financial information from these contractor operated facilities.

    Responsibilities.

    (a) The Director of Administration and Management, Office of the Secretary of Defense shall:

    (1) Exercise oversight to ensure compliance with this part.

    (2) Provide policy guidance to affected DoD Components to implement this part.

    (b) The Secretaries of the Military Departments and the Heads of the affected DoD Components shall:

    (1) Implement policies and procedures to ensure implementation of this part when seeking access to financial records.

    (2) Adhere to the guidance and procedures contained in this part.

    Appendix A to Part 275—Obtaining Basic Identifying Account Information

    A. A DoD law enforcement office may issue a formal written request for basic identifying account information to a financial institution relevant to a legitimate law enforcement inquiry. A request may be issued to a financial institution for any or all of the following identifying data:

    1. Name.

    2. Address.

    3. Account number.

    4. Type of account of any customer or ascertainable group of customers associated with a financial transaction or class of financial transactions.

    B. The notice (paragraph B of Appendix C to this part), challenge (paragraph D of Appendix C to this part), and transfer (paragraph B. of Appendix G to this part) requirements of this part shall not apply when a Government authority is seeking only the above specified basic identifying information concerning a customer's account.

    C. A format for obtaining basic identifying account information is set forth in Appendix I to this part.

    Appendix B to Part 275—Obtaining Customer Authorization

    A. A DoD law enforcement office or personal security element seeking access to a person's financial records shall, when feasible, obtain the customer's consent.

    B. Any authorization obtained under paragraph A. of this appendix, shall:

    1. Be in writing, signed, and dated.

    2. Identify the particular financial records that are being disclosed.

    3. State that the customer may revoke the authorization at any time before disclosure.

    4. Specify the purposes for disclosure and to which Governmental authority the records may be disclosed.

    5. Authorize the disclosure for a period not in excess of 3 months.

    6. Contain a “State of Customer Rights” as required by 12 U.S.C. Chapter 35 (see Appendix J to this part).

    7. Contain a Privacy Act Statement as required by 32 CFR part 310 for a personnel security investigation.

    C. Any customer's authorization not containing all of the elements listed in paragraph B. of this appendix, shall be void. A customer authorization form, in a format set forth in Appendix J to this part, shall be used for this purpose.

    D. A copy of the customer's authorization shall be made a part of the law enforcement or personnel security file where the financial records are maintained.

    E. A certificate of compliance stating that the applicable requirements of 12 U.S.C. Chapter 35 have been met (Appendix M to this part), along with the customer's authorization, shall be provided to the financial institution as a prerequisite to obtaining access to financial records.

    Appendix C to Part 275—Obtaining Access by Administrative or Judicial Subpoena or by Formal Written Request

    A. Access to information contained in financial records from a financial institution may be obtained by Government authority when the nature of the records is reasonably described and the records are acquired by:

    1. Administrative Summons or Subpoena. a. Within the Department of Defense, the Inspector General, DoD, has the authority under the Inspector General Act to issue administrative subpoenas for access to financial records. No other DoD Component official may issue summons or subpoenas for access to these records.

    b. The Inspector General, DoD shall issue administrative subpoenas for access to financial records in accordance with established procedures but subject to the procedural requirements of this appendix.

    2. Judicial Subpoena.

    3. Formal Written Request.

    a. Formal requests may only be used if an administrative summons or subpoena is not reasonably available to obtain the financial records.

    b. A formal written request shall be in a format set forth in Appendix K to this part and shall:

    1. State that the request is issued under 12 U.S.C. Chapter 35 and the DoD Component's implementation of this part.

    2. Describe the specific records to be examined.

    3. State that access is sought in connection with a legitimate law enforcement inquiry.

    4. Describe the nature of the inquiry.

    5. Be signed by the head of the law enforcement office or a designee.

    B. A copy of the administrative or judicial subpoena or formal request, along with a notice specifying the nature of the law enforcement inquiry, shall be served on the person or mailed to the person's last known mailing address on or before the subpoena is served on the financial institution unless a delay of notice has been obtained under Appendix H of this part.

    C. The notice to the customer shall be in a format similar to Appendix L to this part and shall be personally served at least 10 days or mailed at least 14 days prior to the date on which access is sought.

    D. The customer shall have 10 days to challenge a notice request when personal service is made and 14 days when service is by mail.

    E. No access to financial records shall be attempted before the expiration of the pertinent time period while awaiting receipt of a potential customer challenge, or prior to the adjudication of any challenge made.

    F. The official who signs the customer notice shall be designated to receive any challenge from the customer.Start Printed Page 26223

    G. When a customer fails to file a challenge to access to financial records within the above pertinent time periods, or after a challenge is adjudicated in favor of the law enforcement office, the head of the office, or a designee, shall certify in writing to the financial institution that such office has complied with the requirements of 12 U.S.C. Chapter 35. No access to any financial records shall be made before such certification (Appendix M to this part) is provided the financial institution.

    Appendix D to Part 275—Obtaining Access By Search Warrant

    A. A Government authority may obtain financial records by using a search warrant obtained under Rule 41 of the Federal Rules of Criminal Procedure.

    B. Unless a delay of notice has been obtained under provisions of Appendix H to this part, the law enforcement office shall, no later than 90 days after serving the search warrant, mail to the customer's last known address a copy of the search warrant together with the following notice:

    “Records or information concerning your transactions held by the financial institution named in the attached search warrant were obtained by this [DoD office or activity] on [date] for the following purpose: [state purpose]. You may have rights under the Right to Financial Privacy Act of 1978.”

    C. In any state or territory of the United States, or in the District of Columbia, Puerto Rico, Guam, American Samoa, or the Virgin Islands, search authorizations signed by installation commanders, military judges, or magistrates shall not be used to gain access to financial records.

    Appendix E to Part 275—Obtaining Access for Foreign Intelligence, Foreign Counterintelligence, and International Terrorist Activities or Investigations

    A. Financial records may be obtained from a financial institution (as identified at § 275.3) by an intelligence organization, as identified in DoD Directive 5240.1 [1] , authorized to conduct intelligence activities, to include investigation or analyses related to international terrorism, pursuant to DoD Directive 5240.1 and Executive Order 12333.

    B. The provisions of this part do not apply to the production and disclosure of financial records when requests are submitted by intelligence organizations except as may be required by this Appendix.

    C. When a request for financial records is made under paragraph A. of this appendix, a Component official designated by the Secretary of Defense, the Secretary of a Military Department, or the Head of the DoD Component authorized to conduct foreign intelligence or foreign counterintelligence activities shall certify to the financial institution that the requesting Component has complied with the provisions of U.S.C. chapter 35. Such certification in a format similar to Appendix M to this part shall be made before obtaining any records.

    D. An intelligence organization requesting financial records under paragraph A. of this appendix, may notify the financial institution from which records are sought 12 U.S.C. 3414(3) prohibits disclosure to any person by the institution, its agents, or employees that financial records have been sought or obtained. An intelligence organization requesting financial records under paragraph A. of this appendix, shall maintain an annual tabulation of the occasions in

    E. An intelligence organization requesting financial records under paragraph A. of this appendix, shall maintain an annual tabulation of the occasions in which this access procedure was used.

    Appendix F to Part 275—Obtaining Emergency Access

    A. Except as provided in paragraphs B. and C. of this appendix, nothing in this part shall apply to a request for financial records from a financial institution when a determination is made that a delay in obtaining access to such records would create an imminent danger of:

    1. Physical injury to any person.

    2. Serious property damage.

    3. Flight to avoid prosecution.

    B. When access is made to financial records under paragraph A of this appendix, a Component official designated by the Secretary of Defense or the Secretary of a Military Department shall:

    1. Certify in writing, in a format set forth in Appendix M to this part, to the financial institution that the Component has complied with the provisions of 12 U.S.C. chapter 35, as a prerequisite to obtaining access.

    2. Submit for filing with the appropriate court a signed sworn statement setting forth the grounds for the emergency access within 5 days of obtaining access to financial records.

    C. When access to financial records are obtained under paragraph A. of this appendix, a copy of the request, along with the following notice, shall be served on the person or mailed to the person's last known mailing address as soon as practicable after the records have been obtained unless a delay of notice has been obtained under appendix H of this part.

    “Records concerning your transactions held by the financial institution named in the attached request were obtained by [Agency or Department] under the Right to Financial Privacy Act of 1978 on [date] for the following purpose: [state with reasonable specificity the nature of the law enforcement inquiry]. Emergency access to such records was obtained on the grounds that [state grounds].”

    Mailings under this paragraph shall be by certified or registered mail.

    Appendix G to Part 275—Releasing Information Obtained From Financial Institutions

    A. Financial records obtained under 12 U.S.C. chapter 35 shall be marked: “This record was obtained pursuant to the Right to Financial Privacy Act of 1978, 12 U.S.C. 3401 et seq., and may not be transferred to another Federal Agency or Department without prior compliance with the transferring requirements of 12 U.S.C. 3412.”

    B. Financial records obtained under this part shall not be transferred to another Agency or Department outside the Department of Defense unless the head of the transferring law enforcement office, personnel security element, or intelligence organization, or designee, certifies in writing that there is reason to believe that the records are relevant to a legitimate law enforcement inquiry, or intelligence or counterintelligence activity (to include investigation or analyses related to international terrorism) within the jurisdiction of the receiving Agency or Department. Such certificates shall be maintained with the DoD Component along with a copy of the released records.

    C. Subject to paragraph D. of this appendix, unless a delay of customer notice has been obtained under Appendix H of this part, the law enforcement office or personnel security element shall, within 14 days, personally serve or mail to the customer, at his or her last known address, a copy of the certificate required by paragraph B., along with the following notice:

    “Copies of or information contained in your financial records lawfully in possession of [name of Component] have been furnished to [name of Agency or Department] pursuant to the Right to Financial Privacy Act of 1978 for the following purposes: [state the nature of the law enforcement inquiry with reasonable specificity]. If you believe that this transfer has not been made to further a legitimate law enforcement inquiry, you may have legal rights under the Financial Privacy Act of 1978 or the Privacy Act of 1974.”

    D. If a request for release of information is from a Federal Agency, as identified in E.O. 12333, authorized to conduct foreign intelligence or foreign counterintelligence activities, the transferring DoD Component shall release the information without notifying the customer, unless permission to provide notification is given in writing by the requesting Agency.

    E. Whenever financial data obtained under this part is incorporated into a report of investigation or other correspondence; precautions must be taken to ensure that:

    1. The reports or correspondence are not distributed outside the Department of Defense except in compliance with paragraph B.; and

    2. The report or other correspondence contains an appropriate warning restriction on the first page or cover. Such a warning could read as follows:

    “Some of the information contained herein (cite specific paragraph) is financial record information which was obtained pursuant to the Right to Privacy Act of 1978, 12 U.S.C. 3401 et seq. This information may not be released to another Federal Agency or Department outside the Department of Defense except for those purposes expressly authorized by Act.”

    Appendix H to Part 275—Procedures for Delay of Notice

    A. The customer notice required when seeking an administrative subpoena or summons (paragraph B. of appendix C to this part), obtaining a search warrant (paragraph B. of appendix D to this part), seeking a judicial subpoena (paragraph B. to appendix Start Printed Page 26224C to this part), making a formal written request (paragraph B. to appendix C to this part), obtaining emergency access (paragraph C. of appendix F to this part), or transferring information (paragraph C. of appendix G to this part), may be delayed for an initial period of 90 days and successive periods of 90 days. The notice required when obtaining a search warrant (paragraph B. of appendix D to this part) may be delayed for a period of 180 days and successive periods of 90 days. A delay of notice may only be made by an order of an appropriate court if the presiding judge or magistrate finds that:

    1. The investigation is within the lawful jurisdiction of the Government authority seeking the records.

    2. There is reason to believe the records being sought are relevant to a law enforcement inquiry.

    3. There is reason to believe that serving the notice will result in:

    a. Endangering the life or physical safety of any person.

    b. Flight from prosecution.

    c. Destruction of or tampering with evidence.

    d. Intimidation of potential witnesses.

    e. Otherwise seriously jeopardizing an investigation or official proceeding or unduly delaying a trial or ongoing official proceeding to the same degree as the circumstances in paragraphs A.2.a. through A.2.d. of this appendix.

    B. When a delay of notice is appropriate, legal counsel shall be consulted to obtain such a delay. Application for delays of notice shall be made with reasonable specificity.

    C. Upon the expiration of a delay of notification obtained under paragraph A. of this appendix for a search warrant, the law enforcement office obtaining such records shall mail to the customer a copy of the search warrant, along with the following notice:

    “Records or information concerning your transactions held by the financial institution named in the attached search warrant were obtained by this [agency or department] on [date].

    Notification was delayed beyond the statutory 180-day delay period pursuant to a determination by the court that such notice would seriously jeopardize an investigation concerning [state with reasonable specificity]. You may have rights under the Right to Financial Privacy Act of 1978.”

    D. Upon the expiration of all other delays of notification obtained under paragraph A. of this appendix, the customer shall be served with or mailed a copy of the legal process or formal request, together with the following notice which shall state with reasonable specificity the nature of the law enforcement inquiry.

    “Records or information concerning your transactions which are held by the financial institution named in the attached process or request were supplied to or requested by the Government authority named in the process or request on (date). Notification was withheld pursuant to a determination by the (title of the court ordering the delay) under the Right to Financial Privacy Act of 1978 that such notice might (state the reason). The purpose of the investigation or official proceeding was (state the purpose).”

    Appendix I to Part 275—Format for Obtaining Basic Identifying Account Information

    [Official Letterhead]

    [Date]

    Mr./Mrs. XXXXXXXXXX

    Chief Teller [as appropriate]

    First National Bank

    Anywhere, VA 00000-0000

    Dear Mr./Mrs. XXXXXXXXXX

    In connection with a legitimate law enforcement inquiry and pursuant to section 3413(g) of the Right to Financial Privacy Act of 1978, 12 U.S.C. 3401 et. seq., you are requested to provide the following account information:

    [Name, address, account number, and type of account of any customer or ascertainable group of customers associated with a financial transaction or class of financial transactions.

    I hereby certify, pursuant to section 3403(b) of the Right of Financial Privacy Act of 1978, that the provisions of the Act have been complied with as to this request for account information.

    Under section 3417(c) of the Act, good faith reliance upon this certification relieves your institution and its employees and agents of any possible liability to the customer in connection with the disclosure of the requested financial records.

    [Official Signature Block]

    Appendix J to Part 275—Format for Customer Authorization

    Pursuant to section 3404(a) of the Right to Financial Privacy Act of 1978, I, [Name of customer], having read the explanation of my rights on the reverse side, hereby authorize the [Name and address of financial institution] to disclose these financial records: [List the particular financial records] to [DoD Component] for the following purpose(s): [Specify the purpose(s)].

    I understand that the authorization may be revoked by me in writing at any time before my records, as described above, are disclosed, and that this authorization is valid for no more than three months from the date of my signature.

    Signature:

    Date:

    [Typed name]

    [Mailing address of customer]

    Statement of Customer Rights Under the Right to Financial Privacy Act of 1978

    Federal law protects the privacy of your financial records. Before banks, savings and loan associations, credit unions, credit card issuers, or other financial institutions may give financial information about you to a Federal Agency, certain procedures must be followed.

    Authorization To Access Financial Records

    You may be asked to authorize the financial institution to make your financial records available to the Government. You may withhold your authorization, and your authorization is not required as a condition of doing business with any financial institution. If you provide authorization, it can be revoked in writing at any time before your records are disclosed. Furthermore, any authorization you provide is effective for only three months, and your financial institution must keep a record of the instances in which it discloses your financial information.

    Without Your Authorization

    Without your authorization, a Federal Agency that wants to see your financial records may do so ordinarily only by means of a lawful administrative subpoena or summons, search warrant, judicial subpoena, or formal written request for that purpose. Generally, the Federal Agency must give you advance notice of its request for your records explaining why the information is being sought and telling you how to object in court.

    The Federal Agency must also send you copies of court documents to be prepared by you with instructions for filling them out. While these procedures will be kept as simple as possible, you may want to consult an attorney before making a challenge to a Federal Agency's request.

    Exceptions

    In some circumstances, a Federal Agency may obtain financial information about you without advance notice or your authorization. In most of these cases, the Federal Agency will be required to go to court for permission to obtain your records without giving you notice beforehand. In these instances, the court will make the Government show that its investigation and request for your records are proper. When the reason for the delay of notice no longer exists, you will be notified that your records were obtained.

    Transfer of Information

    Generally, a Federal Agency that obtains your financial records is prohibited from transferring them to another Federal Agency unless it certifies in writing that the transfer is proper and sends a notice to you that your records have been sent to another Agency.

    Penalties

    If the Federal Agency or financial institution violates the Right to Financial Privacy Act, you may sue for damages or seek compliance with the law. If you win, you may be repaid your attorney's fee and costs.

    Additional Information

    If you have any questions about your rights under this law, or about how to consent to release your financial records, please call the official whose name and telephone number appears below:

    (Last Name, First name, Middle Initial) Title

    (Area Code) (Telephone number)

    (Component activity, Local Mailing Address)

    Appendix K to Part 275—Format for Formal Written Request

    [Official Letterhead]

    Mr./Mrs. XXXXXXXXXX

    President (as appropriate)Start Printed Page 26225

    City National Bank and Trust Company

    Anytown, VA 00000-0000

    Dear Mr./Mrs. XXXXXXXXX

    In connection with a legitimate law enforcement inquiry and pursuant to section 3402(5) and section 3408 of the Right to Financial Privacy Act of 1978, 12 U.S.C. 3401 et. seq., and [cite Component's implementation of this Part], you are requested to provide the following account information pertaining to the subject:

    [Describe the specific records to be examined]

    The [DoD Component] is without authority to issue an administrative summons or subpoena for access to these financial records which are required for [Describe the nature or purpose of the inquiry].

    A copy of this request was [personally served upon or mailed to the subject on [date] who has [10 or 14] days in which to challenge this request by filing an application in an appropriate United States District Court if the subject desires to do so.

    Upon the expiration of the above mentioned time period and absent any filing or challenge by the subject, you will be furnished a certification certifying in writing that the applicable provisions of the Act have been complied with prior to obtaining the requested records. Upon your receipt of a Certificate of Compliance with the Right to Financial Privacy Act of 1978, you will be relieved of any possible liability to the subject in connection with the disclosure of the requested financial records.

    [Official Signature Block]

    Appendix L to Part 275—Format for Customer Notice for Administrative or Judicial Subpoena or for a Formal Written Request

    [Official Letterhead]

    [Date]

    Mr./Ms. XXXXX X. XXXX

    1500 N. Main Street

    Anytown, VA 00000-0000

    Dear Mr./Ms. XXXX:

    Information or records concerning your transactions held by the financial institution named in the attached [administrative subpoena or summons] [judicial subpoena] [request] are being sought by the [Agency/Department] in accordance with the Right to Financial Privacy Act of 1978, Title 12, United States Code, Section 3401 et seq., and [Component's implementing document], for the following purpose(s):

    [List the purpose(s)]

    If you desire that such records or information not be made available, you must:

    1. Fill out the accompanying motion paper and sworn statement or write one of your own, stating that you are the customer whose records are being requested by the Government and either giving the reasons you believe that the records are not relevant to the legitimate law enforcement inquiry stated in this notice or any other legal basis for objecting to the release of the records.

    2. File the motion and statement by mailing or delivering them to the clerk of any one of the following United States District Courts:

    [List applicable courts]

    3. Serve the Government authority requesting the records by mailing or delivering a copy of your motion and statement to: [Give title and address].

    4. Be prepared to come to court and present your position in further detail.

    5. You do not need to have a lawyer, although you may wish to employ one to represent you and protect your rights.

    If you do not follow the above procedures, upon the expiration of 10 days from the date of personal service or 14 days from the date of mailing of this notice, the records or information requested therein may be made available. These records may be transferred to other Government authorities for legitimate law enforcement inquiries, in which event you will be notified after the transfer.

    [Signature]

    [Name and title of official]

    [DoD Component]

    [Telephone]

    Attachments—3

    1. Copy of request

    2. Motion papers

    3. Sworn statement

    Appendix M to Part 275—Format for Certificate of Compliance With the Right to Financial Privacy Act of 1978

    [Official Letterhead]

    [Date]

    Mr./Mrs. XXXXXXXXX

    Manager

    Army Federal Credit Union

    Fort Anywhere, VA 00000-0000

    Dear Mr./Mrs. XXXXXXXXX

    I certify, pursuant to section 3403(b) of the Right to Financial Privacy Act of 1978, 12 U.S.C. 3401 et. seq., that the applicable provisions of that statute have been complied with as to the [Customer's authorization, administrative subpoena or summons, search warrant, judicial subpoena, formal written request, emergency access, as applicable] presented on [date], for the following financial records of [customer's name]:

    [Describe the specific records]

    Pursuant to section 3417(c) of the Right to Financial Privacy Act of 1978, good faith reliance upon this certificate relieves your institution and its employees and agents of any possible liability to the customer in connection with the disclosure of these financial records.

    [Official Signature Block]

    Appendix N to Part 275—Obtaining Access to Financial Records Overseas

    A. The provisions of 12 U.S.C. Chapter 35 do not govern obtaining access to financial records maintained by military banking contractors overseas or other financial institutions in offices located on DoD installations outside the United States, the District of Columbia, Guam, American Samoa, Puerto Rico, or the Virgin Islands.

    B. Access to financial records held by such contractors or institutions is preferably obtained by customer authorization. However, in those cases where it would not be appropriate to obtain this authorization or where such authorization is refused and the financial institution is not otherwise willing to provide access to its records:

    1. A law enforcement activity may seek access by the use of a search authorization issued pursuant to established Component procedures; Rule 315, Military Rules of Evidence (Part III, Manual for Courts-Martial); and Article 46 of the Uniform Code of Military Justice.

    2. An intelligence organization may seek access pursuant to Procedure 7 of DoD 5240.1-R.

    3. Information obtained under this appendix shall be properly identified as financial information and transferred only where an official need-to-know exists. Failure to identify or limit access in accordance with this paragraph does not render the information inadmissible in courts-martial or other proceedings.

    4. Access to financial records maintained by all other financial institutions overseas by law enforcement activities shall be in accordance with the local foreign statutes or procedures governing such access.

    End Part Start Signature

    Dated: April 27, 2006.

    L.M. Bynum,

    OSD Federal Register Liaison Officer, DoD.

    End Signature End Supplemental Information

    Footnotes

    [FR Doc. 06-4144 Filed 5-3-06; 8:45 am]

    BILLING CODE 5001-06-M

Document Information

Effective Date:
2/2/2006
Published:
05/04/2006
Department:
Defense Department
Entry Type:
Rule
Action:
Final rule.
Document Number:
06-4144
Dates:
February 2, 2006.
Pages:
26220-26225 (6 pages)
Docket Numbers:
DOD-2006-OS-0072
RINs:
0790-AH84
Topics:
Banks, banking, Banks, banking, Banks, banking, Banks, banking, Credit, Privacy
PDF File:
06-4144.pdf
CFR: (5)
32 CFR 275.1
32 CFR 275.2
32 CFR 275.3
32 CFR 275.4
32 CFR 275.5