On September 8, the OCC issued two bulletins addressing banks' obligations under the Right to Financial Privacy Act and clarifying how the agency will evaluate "politicized or unlawful debanking" in licensing and Community Reinvestment Act (CRA) reviews. The guidance was issued consistent with the recently issued Executive Order 14331 (previously discussed here).
In the first bulletin, Protecting Customer Financial Records, the OCC cited congressional reports describing financial institutions' coordination in federal agencies after January 6, 2021, to flag transactions linked to political activity. The bulletin reiterates that banks may only release customer financial records to government authorities in compliance with the Right to Financial Privacy Act, such as through customer authorization, subpoena, or warrant. It also reminds banks that voluntary Suspicious Activity Reports (SARs) should not be misused as a means of bypassing statutory privacy protections.
In the second bulletin, Licensing and Community Reinvestment Act: Consideration of Politicized or Unlawful Debanking, the OCC explained how allegations of politicized or unlawful debanking will factor into licensing and supervisory processes. The agency noted that discriminatory account restrictions or service denials could affect evaluations of licensing applications, including charters, mergers, and branching requests. They could also influence CRA performance ratings. These considerations will be tailored to the size, complexity, and risk profile of the institution.
Key aspects of the bulletins include:
- Customer financial record protections. The OCC reminded banks that disclosures to government agencies must comply with the Right to Financial Privacy Act and that requests outside the Act's procedures should be rejected.
- Suspicious Activity Reports. The guidance underscores that voluntary SAR filings must be based on concrete suspicious activity, not used as a pretext for improper disclosures of customer data.
- Licensing applications. Politicized or unlawful debanking practices may be considered in OCC licensing reviews, including new charters, conversions, business combinations, and fiduciary powers.
- CRA Evaluations. A bank's record of avoiding politicized or unlawful debanking may be taken into account in CRA examinations and ratings.
Putting It Into Practice: The OCC's guidance signals that privacy rights and fair access concerns remain at the forefront of federal banking supervision (previously discussed here). By linking these issues to licensing and CRA reviews, the agency shows how regulators are approaching bank oversight beyond traditional safety and soundness measures. Banks and fintechs should monitor these developments closely and update governance frameworks to prepare for heightened oversight in these areas.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
