Bank Records and Financial Privacy Laws
Created by FindLaw's team of legal writers and editors | Last reviewed June 04, 2019
Your bank records say more about you than simply your account balance. For instance, certain transactions cross-referenced with other data may indicate fraud or hidden assets. Bank records can be a valuable tool for criminal prosecutors and elected officials conducting official investigations, although individuals rightly expect a certain level of privacy from the government's prying eyes.
Before 1978, bank customers had no legal right to privacy with regard to financial information held by those institutions. However, the Right to Financial Privacy Act of 1978 (RFPA) added some protections at the federal level. Some states also have financial privacy laws that regulate how, and under what circumstances, the government may access bank records without the consent of customers.
Below, we'll discuss the RFPA and how it works to protect some level of confidentiality when it comes to your bank records.
Financial Privacy Laws: Background
In 1976, the U.S. Supreme Court held that there was no reasonable expectation of privacy in bank records because such records are the property of the financial institution, not the customer. This also meant that no disclosure requirements applied to financial institutions whenever they were providing a consumer's records to government officials.
In other words, under the Supreme Court's holding, government entities could access your bank records without your knowledge or consent without violating the Fourth Amendment's protection against unlawful searches and seizures.
This ruling prompted Congress to pass the RFPA just two years later. Although not a constitutional protection, this federal law requires government officials to follow specific procedures when requesting bank records. It also imposes limits on banks before they can release such information and requires written notice to be given to bank customers about the government's request.
The Right to Financial Privacy Act: How it Works
Under the RFPA, the government agency or authority (applicable to the federal government only) must first send the customer written notice of its intent to obtain the records, an explanation of why it's seeking them, and an explanation of the procedures the customer may follow to challenge the request.
The RFPA applies to the following customers of financial institutions:
- Any person (or authorized representative of that person) who uses any service of a financial institution (such as a bank or credit union);
- Any person for whom the financial institution acts as a fiduciary; and
- Corporations or partnerships of five or fewer individuals.
In addition, before a government official may access information contained in a covered customer's bank records, they must first obtain one of the following:
- A grand jury subpoena;
- An administrative subpoena or summons;
- A search warrant;
- A judicial subpoena;
- A formal written request by a government agency (only in the absence of summons or subpoena authority); or
- A signed and dated authorization by the customer.
The financial institution may not release the requested bank records until the government authority seeking them has certified in writing that it has complied with the above rules and procedures. As the customer, you also have the right to inspect the requested documents under the RFPA. The financial institution also has the right to recover any costs associated with gathering and providing the requested information.
RFPA: Exceptions and Other Provisions
The RFPA allows financial institutions to release any records that aren't personally identifiable to a particular customer and to contact the proper authorities about any information they may have indicating a violation of the law. The law also has some specific exceptions to notice and certification requirements and also excepts certain types of financial records, including records:
- Provided to the court to prove a claim in bankruptcy;
- Requested in accordance with Internal Revenue Service (IRS) procedures;
- Subject to a subpoena in connection with proceeding before a grand jury;
- Related to a financial institution that is being investigated;
- Flagged by Suspicious Activity Reports (SARs), which allow banks to report any suspected criminal activity; and
- Related to the government's authorized foreign intelligence activities.
What if Your Rights Are Violated Under the RFPA?
If a financial institution and/or government authority fails to comply with the rules and procedures of the RFPA, you have the right to sue for both injunctive relief and damages. If an injunction is granted, then the offending party must fully comply with the law. Although there are safe harbors built into the law to protect institutions when they make mistakes, you can also seek damages for RFPA violations which can include:
- Actual damages;
- A set damage rate of $100 per violation (regardless of the volume of records involved);
- Court costs and reasonable attorney's fees; and
- Any punitive damages the court allows for intentional violations.
If your rights were violated under the RFPA, you have three years from the date of the violation (or the date it was discovered) to file a claim.
Have You Suffered a Breach of Financial Privacy Laws? An Attorney Can Help
Your privacy is important, and breaches of your financial privacy can drastically impact you and your loved ones. If you believe a financial institution or government agency has violated the Right to Financial Privacy Act, you may be able to get some relief through the legal system. Learn more about your next steps by contacting a qualified consumer protection attorney near you.
Was this helpful?
You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help
Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.