We are making several changes to Cx13, as follows:
Tenn. Code Ann. § 45-10-104 generally prohibits a financial institution from disclosing any financial records relating to a customer unless such customer authorizes such disclosure. Ibid.§ 45-10-105(a) states that a customer may authorize such disclosure through a written, signed, and dated authorization, which authorization may (but is not required to) specify “the period of time during which the authorization is effective.”
In 2016, we added a Clause 7 to the “Authorization to Release Information” which specified that the authorization would remain in effect for three calendar months (see http://blog.docutechcorp.com/document-updates-various-tennessee-documents-cx13-cx14675-cx15810). To provide flexibility for clients who would prefer to specify their own timeframe – or who may wish to omit any reference to a timeframe – we will be changing this Clause 7 to state the following for Tennessee conventional loans when new Field Index “Authorization to Release Information Term in Months” (FI 119129) has a value:
“Subject to applicable law, this authorization is effective for [Authorization to Release Information Term in Months; FI 119129] calendar months from [Date that Prints on Disclosures; FI 43040].”
Basically, clients who wish to omit this language need only leave FI 119129 empty; those who wish for this language to print must enter or import a value into this field.
Right to Financial Privacy Act of 1978 (“RFPA”)
Under the RFPA (codified at 12 USCA §§ 3401 through 3422), government agencies are generally prohibited from obtaining the financial records of any customers of a financial institution, unless the customer authorizes the sharing of such information through a specific disclosure outlined in 12 USCA § 3404(a).
However, this disclosure does not need to be provided in connection with a government authority’s “consideration or administration of assistance to the customer in the form of a Government loan, loan guaranty, or loan insurance program.” (Ibid. § 3413[h][B]) Rather, separate protocols are followed – including the requirement that such Government authority must “give the customer written notice of the authority’s access rights under this subsection [h].” (Ibid. § 3413[h]) Such notice is provided by HUD/FHA and VA on page 2 of form HUD-92900-A (Cx20336 is our generic copy of this form) and by RD on page 7 of form RD 3555-21 (Cx18893 is our generic copy of this form).
Because the Certification and Authorization has traditionally contained RFPA verbiage and, thus, may be expected on this form by investors, we will be replacing our current RFPA-language on Cx13 (which was written for Ibid. § 3404[a]) with slight modifications of the relevant RFPA-language which appears on forms HUD-92900-A and RD 3555-21 (which is written for Ibid. § 3413[h]), as follows:
When Base Type = FHA:
“This is notice to you as required by the Right to Financial Privacy Act of 1978 that HUD/FHA has a right of access to financial records held by financial institutions in connection with the consideration or administration of assistance to you. Financial records involving your transaction will be available to HUD/FHA without further notice or authorization but will not be disclosed or released by this institution to another Government Agency or Department without your consent except as required or permitted by law.”
When Base Type = VA
“This is notice to you as required by the Right to Financial Privacy Act of 1978 that VA has a right of access to financial records held by financial institutions in connection with the consideration or administration of assistance to you. Financial records involving your transaction will be available to VA without further notice or authorization but will not be disclosed or released by this institution to another Government Agency or Department without your consent except as required or permitted by law.”
When Base Type = RD
“Pursuant to 12 U.S.C.A. § 3413(h), your application for a government loan or loan guaranty authorizes the Rural Housing Service (RHS), Rural Business Cooperative Services (RBS), and/or Rural Utilities Service (RUS) (individually and collectively the “Agency”), in connection with the assistance you seek, to obtain financial information about you contained in financial institutions. No further notice of subsequent access to this information shall be provided during the term of the loan or loan guaranty.
As a general rule, financial records obtained pursuant to this authority may be used only for the purpose for which they were originally obtained. However, they may be transferred to another Agency or department if the transfer is to facilitate a lawful proceeding, investigation, examination, or inspection directed at the financial institution in possession of the records (or another legal entity not a customer). The records may also be transferred and used (1) by counsel representing a government authority in a civil action arising from a government loan, loan guaranty, or loan insurance agreement; and (2) by the Federal Government to process, service or foreclose a loan or to collect on an indebtedness to the Government resulting from a customer’s default.
The Agency reserves the right to give notice of a potential civil, criminal, or regulatory violation indicated by the financial records to any other agency or department of the Federal Government with jurisdiction over that violation. Such agency or department may then seek access to the records in any lawful manner.”
Gramm-Leach-Bliley Act and Other Privacy Laws
To enhance privacy security, we will begin masking all but the last three digits of each borrower’s Social Security number (SSN) which appears on Cx13. Doing so will help to fulfill the policy of the Gramm-Leach-Bliley Act (15 USCA §§ 6801 et seq.), which is that “each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers’ nonpublic personal information.” (Ibid. § 6801[a]) It will also help to ensure compliance with any future privacy laws or regulations which may require such masking. We have decided to mask to three digits, rather than the customary four, since it is more secure and it appears that three is a common standard for documents submitted to state courts (see Diaz v. Midland Funding, LLC, No. CV 17-1925 [KM/JBC], 2017 WL 4236060, at *5 [D.N.J. Sept. 22, 2017]).
These changes will take effect on February 9, 2018. If you have any questions or concerns about these changes, please contact Client Support at 1.800.497.3584.
DR 254102 & 254295