BPI Welcomes Thoughtful Approach to Modernizing Financial Privacy Legislation

Washington, D.C. – In the decades since the Gramm-Leach-Bliley Act established federal privacy standards for financial institutions, many banking services evolved from dial-up and strictly brick-and-mortar to handheld, digital and instantaneous. It makes sense to consider modernizing the framework to fit the expectations and practices of modern finance. New legislation from House Financial Services Committee Chairman Patrick McHenry (R-NC), the Financial Data Privacy Act, takes a thoughtful approach to this process, BPI said in a recent letter submitted for the record.

Context: Congress enacted the Gramm-Leach Bliley Act in 1999. While the technology of banking has transformed since then, the stringent safeguards have been consistent through the decades – banks have consistently faced the strongest privacy requirements in the country. The bill, which the House Financial Services Committee is marking up today, would modernize that landmark law by imposing new federal protections for customers regardless of where they live in the U.S.

What BPI is saying:

“This legislation would promote seamless access to financial services by ensuring that customers have the same privacy protections consistently across the country. The process of revamping privacy law for banks deserves careful consideration, and this bill is a step in the right direction for bank customers.” – Greg Baer, BPI President and CEO

Recommendations: The legislation could be further refined by making adjustments that would promote strong data privacy standards and allow banks flexibility to serve their customers.

  • Extend the preemption provision to include state data breach notifications.
  • Clarify the notice requirement around inactive accounts.
  • Clarify the status of anonymized or aggregated data that could not be linked to a particular consumer or customer.

Recommended refinements would promote strong data privacy standards while allowing banks and other financial institutions to best serve their customers. 

Bottom line: The privacy bill is a welcome addition to the discussion around updating the federal privacy framework for financial institutions. Although banks have been held to robust privacy standards for decades, many nonbank firms that handle customers’ sensitive financial data have not. Any revamp of financial privacy law should ensure all financial services providers are required to keep customers’ data safe.


About Bank Policy Institute.

The Bank Policy Institute (BPI) is a nonpartisan public policy, research and advocacy group, representing the nation’s leading banks and their customers. Our members include universal banks, regional banks and the major foreign banks doing business in the United States. Collectively, they employ almost 2 million Americans, make nearly half of the nation’s small business loans, and are an engine for financial innovation and economic growth.

Media Contact

Tara Payne


Media Inquiry

  • This field is for validation purposes and should be left unchanged.