Sr 07-19 Confidentiality Provisions In Third-Party Agreements

Like the GFPB, the FRB has issued guidelines clarifying its expectations regarding NMS between banking organizations and their counterparties or other third parties. [34] The FRB`s relevant supervisory and regulatory letter emphasizes that the fact that the agreements contain confidentiality provisions containing one of the following provisions: Confidentiality Agreements: an entity subject to prudential oversight cannot enter into third-party ANDs seeking to prevent the company from sharing certain information with the PFB; or (2) require the entity to consult with a third party when it shares the CFPB information that is subject to an NDA. The PCPB cautions that these agreements do not alter or limit the GFPB`s supervisory authority or a company`s obligations with respect to CSI experts. The CSI bulletin articulates standards that are familiar with insured deposit-taking institutions, which are subject to similar restrictions by their primary Supervisory Authorities of the Federal Bank with respect to the allocation of ISCs. It is important that the CSI bulletin highlights an important problem for regulated companies that possess (1) the possession, retention or control of information considered to be GFPB EXPERTS, or (2) have entered into an NDA that contains confidentiality provisions contrary to the regulation and policy of the CFPB. Although the PCPB approach is similar to that of bank supervisors, companies that are not subject to comprehensive regulation may not be aware of regulators` expectations for data sharing. Non-bank banks supervised by the GFPB, including non-bank mortgage companies, debt collection companies, credit companies, term lenders and private training lenders, must be particularly vigilant when transmitting CSI to individuals other than their directors, senior executives, employees, legal advisors, other authorized external service providers or the CFPB. Companies already familiar with the CSI requirements of the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (FRB) or the Federal Deposit Insurance Corporation (FDIC) should also review the CSI bulletin, as CSI`s coverage level and specific disclosure procedures vary according to regulators. The purpose of this letter is to clarify the Federal Reserve`s expectations regarding confidentiality provisions in agreements between a banking organization and its counterparties (para. For example, investment funds, hedge funds and other trading partners) or other third parties.

It is contrary to the Federal Reserve`s policy and regulation that the agreements contain confidentiality provisions that (1) prevent the banking organization from providing information to Federal Reserve supervisors; 1 (2) require, without the prior approval of the Federal Reserve, or allow the banking organization of a counterparty to disclose or obtain information to Federal Reserve supervisory staff; or (3) without the prior approval of the Federal Reserve, obliging or approving the banking organization to inform a counterparty of an ongoing or imminent federal reserve review or a non-public oversight initiative or action by the Federal Reserve. Banking organizations that have agreements containing such confidentiality provisions are subject to legal risk. While the above guidelines and rules regarding the management of ISCs for banks and other traditionally regulated financial entities under federal supervision are not new, the GFPB`s definition of EXPERTS and the Agency`s specific restrictions on the dissemination of CSI to third parties may not be familiar to non-banks regulated by the CFPB. Although banks are familiar with the management of the ITUC, the new area for banks, created by the CFPB`s CSI bulletin, has potential problems related to the overlapping requirements of ISCs and the prudential competence of the Prudential Supervisory Authorities of the Bundesbank and the CFPB p