The CFPB has published a proposed rule that would amend Regulation P to allow financial institutions that satisfy certain conditions to deliver annual privacy notices to their customers using an alternative online delivery method. 

Under the Gramm-Leach-Bliley Act, financial institutions must provide initial and annual privacy notices that inform customers about the sharing of their nonpublic personal information with third parties.  Financial institutions have typically provided the annual privacy notice through direct mailings, but the proposed rule could potentially save some financial institutions the costs of mailing by posting the annual privacy notice in a clear and conspicuous manner on the institutions’ websites and directing customers to the notice via a statement message or other communication at least once annually. 

For a detailed summary of the proposal, see our legal alert.