Gramm-Leach-Bliley Act
From Wikipedia, the free encyclopedia
The Gramm-Leach-Bliley Act, also known as the Gramm-Leach-Bliley Financial Services Modernization Act, (Pub.L. 106-102, 113 Stat. 1338, enacted November 12, 1999) is an Act of the 106th United States Congress (1999-2001) which repealed part of the Glass-Steagall Act of 1933, opening up competition among banks, securities companies and insurance companies. The Glass-Steagall Act prohibited any one institution from acting as both an investment bank and a commercial bank, or as both a bank and an insurer.
The Gramm-Leach-Bliley Act (GLBA) allowed commercial and investment banks to consolidate. For example, Citibank merged with Travelers Group, an insurance company, and in 1998 formed the conglomerate Citigroup, a corporation combining banking and insurance underwriting services under brands including Smith-Barney, Shearson, Primerica and Travelers Insurance Corporation. This combination, announced in 1993 and finalized in 1994, would have violated the Glass-Steagall Act and the Bank Holding Company Act by combining insurance and securities companies, if not for a temporary waiver process.[1] The law was passed to legalize these mergers on a permanent basis. Historically, the combined industry has been known as the financial services industry.
[edit] Legislative history
The banking industry had been seeking the repeal of the 1933 Glass-Steagall Act since the 1980s, if not earlier. In 1987 the Congressional Research Service prepared a report which explored the case for preserving Glass-Steagall and the case against preserving the act.[2]
Respective versions of the legislation were introduced in the U.S. Senate by Phil Gramm (Republican of Texas) and in the U.S. House of Representatives by Jim Leach (R-Iowa). The third lawmaker associated with the bill was Rep. Thomas J. Bliley, Jr. (R-Virginia), Chairman of the House Commerce Committee from 1995 to 2001.
The House passed its version of the Financial Services Act of 1999 on July 1st by a bipartisan vote of 343-86 (Republicans 205–16; Democrats 138–69; Independent/Socialist 0–1),[3] [4] [5] two months after the Senate had already passed its version of the bill on May 6th by a much-narrower 54–44 vote along basically-partisan lines (53 Republicans and one Democrat in favor; 44 Democrats opposed).[6] [7] [8] [9]
When the two chambers could not agree on a joint version of the bill, the House voted on July 30th by a vote of 241-132 (R 58-131; D 182-1; Ind. 1–0) to instruct its negotiators to work for a law which ensured that consumers enjoyed medical and financial privacy as well as "robust competition and equal and non-discriminatory access to financial services and economic opportunities in their communities" (i.e., protection against exclusionary redlining).[10]
The bill then moved to a joint conference committee to work out the differences between the Senate and House versions. Democrats agreed to support the bill after Republicans agreed to strengthen provisions of the anti-redlining Community Reinvestment Act and address certain privacy concerns; the conference committee then finished its work by the beginning of November.[8] [11] On November 4th, the final bill resolving the differences was passed by the Senate 90-8,[12] [13] and by the House 362-57.[14] [15] This legislation (whose voting margins, if repeated, would easily have overcome any Presidential veto) was signed into law by Democratic President Bill Clinton on November 12, 1999.[16]
[edit] Changes caused by the Act
Many of the largest banks, brokerages, and insurance companies desired the Act at the time. The justification was that individuals usually put more money into investments when the economy is doing well, but they put most of their money into savings accounts when the economy turns bad. With the new Act, they would be able to do both 'savings' and 'investment' at the same financial institution, which would be able to do well in both good and bad economic times.
Prior to the Act, most financial services companies were already offering both saving and investment opportunities to their customers. On the retail/consumer side, a bank called Norwest which would later merge with Wells Fargo Bank led the charge in offering all types of financial services products in 1986. American Express attempted to own almost every field of financial business (although there was little synergy among them). Things culminated in 1998 when Travelers, a financial services company with everything but a retail/commercial bank, bought out Citibank, creating the largest and the most profitable company in the world. The move was technically illegal and provided impetus for the passage of the Gramm-Leach-Bliley Act.
Also prior to the passage of the Act, there were many relaxations to the Glass-Steagall Act. For example, a few years earlier, commercial Banks were allowed to get into investment banking, and before that banks were also allowed to get into stock and insurance brokerage. Insurance underwriting was the only main operation they weren't allowed to do, something rarely done by banks even after the passage of the Act.
Much consolidation occurred in the financial services industry since, but not at the scale some had expected. Retail banks, for example, do not tend to buy insurance underwriters, as they seek to engage in a more profitable business of insurance brokerage by selling products of other insurance companies. Other retail banks were slow to market investments and insurance products and package those products in a convincing way. Brokerage companies had a hard time getting into banking, because they do not have a large branch and backshop footprint. Banks have recently tended to buy other banks, such as the 2004 Bank of America and Fleet Boston merger, yet they have had less success integrating with investment and insurance companies. Many banks have expanded into investment banking, but have found it hard to package it with their banking services, without resorting to questionable tie-ins which caused scandals at Smith Barney.
[edit] Remaining restrictions
Crucial to the passing of this Act was an amendment made to the GLBA, stating that no merger may go ahead if any of the financial holding institutions, or affiliates thereof, received a "less than satisfactory [sic] rating at its most recent CRA exam", essentially meaning that any merger may only go ahead with the strict approval of the regulatory bodies responsible for the Community Reinvestment Act (CRA).[17] This was an issue of hot contention, and the Clinton Administration stressed that it "would veto any legislation that would scale back minority-lending requirements." [18]
The GLBA also did not remove the restrictions on banks placed by the Bank Holding Company Act of 1956 which prevented financial institutions from owning non-financial corporations. It conversely prohibits corporations outside of the banking or finance industry from entering retail and/or commercial banking. Many assume Wal-Mart's desire to convert its industrial bank to a commercial/retail bank ultimately drove the banking industry to back the GLBA restrictions.
Some restrictions remain to provide some amount of separation between the investment and commercial banking operations of a company. For example, licensed bankers must have separate business cards, e.g., "Personal Banker, Wells Fargo Bank" and "Investment Consultant, Wells Fargo Private Client Services". Much of the debate about financial privacy is specifically centered around allowing or preventing the banking, brokerage, and insurances divisions of a company from working together.
In terms of compliance, the key rules under the Act include The Financial Privacy Rule which governs the collection and disclosure of customers’ personal financial information by financial institutions. It also applies to companies, regardless of whether they are financial institutions, who receive such information. The Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information. The Safeguards Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions – such as credit reporting agencies – that receive customer information from other financial institutions.
[edit] Privacy
- GLBA compliance is mandatory; whether a financial institution discloses nonpublic information or not, there must be a policy in place to protect the information from foreseeable threats in security and data integrity.
- Major components put into place to govern the collection, disclosure, and protection of consumers’ nonpublic personal information; or personally identifiable information include:
[edit] Financial Privacy Rule
(Subtitle A: Disclosure of Nonpublic Personal Information, codified at 15 U.S.C. § 6801–6809)
The Financial Privacy Rule requires financial institutions to provide each consumer with a privacy notice at the time the consumer relationship is established and annually thereafter. The privacy notice must explain the information collected about the consumer, where that information is shared, how that information is used, and how that information is protected. The notice must also identify the consumer’s right to opt-out of the information being shared with unaffiliated parties per the Fair Credit Reporting Act. Should the privacy policy change at any point in time, the consumer must be notified again for acceptance. Each time the privacy notice is reestablished, the consumer has the right to opt-out again. The unaffiliated parties receiving the nonpublic information are held to the acceptance terms of the consumer under the original relationship agreement. In summary, the financial privacy rule provides for a privacy policy agreement between the company and the consumer pertaining to the protection of the consumer’s personal nonpublic information.
[edit] Safeguards Rule
(Subtitle A: Disclosure of Nonpublic Personal Information, codified at 15 U.S.C. § 6801–6809)
The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company is prepared for, and plans to continue to protect clients’ nonpublic personal information. (The Safeguards Rule also applies to information of those no longer consumers of the financial institution.) This plan must include:
- Denoting at least one employee to manage the safeguards,
- Constructing a thorough [risk management] on each department handling the nonpublic information,
- Develop, monitor, and test a program to secure the information, and
- Change the safeguards as needed with the changes in how information is collected, stored, and used.
This rule is intended to do what most businesses should already be doing: protecting their clients. The Safeguards Rule forces financial institutions to take a closer look at how they manage private data and to do a risk analysis on their current processes. No process is perfect, so this has meant that every financial institution has had to make some effort to comply with the GLBA.
[edit] Pretexting protection
(Subtitle B: Fraudulent Access to Financial Information, codified at 15 U.S.C. § 6821–6827)
Pretexting (sometimes referred to as "social engineering") occurs when someone tries to gain access to personal nonpublic information without proper authority to do so. This may entail requesting private information while impersonating the account holder, by phone, by mail, by email, or even by "phishing" (i.e., using a "phony" website or email to collect data). The GLBA encourages the organizations covered by the GLBA to implement safeguards against pretexting. For example, a well-written plan designed to meet GLBA's Safeguards Rule ("develop, monitor, and test a program to secure the information") would likely include a section on training employees to recognize and deflect inquiries made under pretext. In fact, the evaluation of the effectiveness of such employee training probably should include a follow-up program of random spot-checks, "outside the classroom", after completion of the [initial] employee training, in order to check on the resistance of a given (randomly chosen) student to various types of "social engineering" -- perhaps even designed to focus attention on any new wrinkle that might have arisen after the [initial] effort to "develop" the curriculum for such employee training. Under United States law, pretexting by individuals is punishable as a common law crime of False Pretenses.
[edit] Financial institutions defined
The GLBA defines “financial institutions” as: …”companies that offer financial products or services to individuals, like loans, financial or investment advice, or insurance. The Federal Trade Commission (FTC) has jurisdiction over financial institutions similar to, and including, these:
- non-bank mortgage lenders,
- loan brokers,
- some financial or investment advisers,
- debt collectors,
- tax return preparers,
- banks, and
- real estate settlement service providers.
These companies must also be considered significantly engaged in the financial service or production that defines them as a “financial institution”.
Insurance has jurisdiction first by the state, provided the state law at minimum complies with the GLBA. State law can require greater compliance, but not less than what is otherwise required by the GLBA.
[edit] Consumer vs. customer defined
The Gramm-Leach-Bliley Act defines a ‘consumer’ as
- "an individual who obtains, from a financial institution, financial products or services which are to be used primarily for personal, family, or household purposes, and also means the legal representative of such an individual." (See 15 U.S.C. § 6809(9).}
A ‘customer’ is a consumer that has developed a relationship with privacy rights protected under the GLBA. A ‘customer’ is not someone using an automated teller machine (ATM) or having a check cashed at a cash advance business. These are not ongoing relationships like a ‘customer’ might have; i.e. a mortgage loan, tax advising, or credit financing. A business is not an individual with personal nonpublic information, so a business cannot be a customer under the GLBA. A business, however, may be liable for compliance to the GLBA depending upon the type of business and the activities utilizing individual’s personal nonpublic information.
[edit] Consumer/client privacy rights
Under the GLBA, financial institutions must provide their clients a privacy notice that explains what information the company gathers about the client, where this information is shared, and how the company safeguards that information. This privacy notice must be given to the client prior to entering into an agreement to do business. There are exceptions to this when the client accepts a delayed receipt of the notice in order to complete a transaction on a timely basis. This has been somewhat mitigated due to online acknowledgement agreements requiring the client to read or scroll through the notice and check a box to accept terms.
The privacy notice must also explain to the customer the opportunity to ‘opt-out’. Opting out means that the client can say "no" to allowing their information to be shared with affiliated parties. The Fair Credit Reporting Act is responsible for the ‘opt-out’ opportunity, but the privacy notice must inform the customer of this right under the GLBA. The client cannot opt-out of:
- information shared with those providing priority service to the financial institution
- marketing of products or services for the financial institution
- when the information is deemed legally required.
[edit] Effect on usury law in Arkansas & other states
Section 731 of the GLBA, codified as subsection (f) of 12 U.S.C. § 1831u, contains a unique provision aimed at Arkansas, whose usury limit was set at five percent above the Federal Reserve discount rate by the Arkansas Constitution and could not be changed by the Arkansas General Assembly. When the Office of the Comptroller of the Currency ruled that interstate banks established under the Riegle-Neal Interstate Banking and Branching Efficiency Act of 1994 could use their home state's usury law for all branches nationwide with minimal restrictions[19], Arkansas-based banks were placed at a severe competitive disadvantage to Arkansas branches of interstate banks; this led to out-of-state takeovers of several Arkansas banks, including the sale of First Commercial Bank (then Arkansas' largest bank) to Regions Financial Corporation in 1998.
Under Section 731, all banks headquartered in a state covered by that law may charge up to the highest usury limit of any state that is headquarters to an interstate bank which has branches in the covered state. Therefore, since Arkansas has branches of banks based in Alabama, Georgia, Mississippi, Missouri, North Carolina, Ohio and Texas[20], any loan that is legal under the usury laws of any of those states may be made by an Arkansas-based bank under Section 731. The section does not apply to interstate banks with branches in the covered state, but headquartered elsewhere; however, Arkansas-based interstate banks like Arvest Bank may export their Section 731 limits to other states.
Due to Section 731, it is generally regarded that Arkansas-based banks now have no usury limit for credit cards or for any loan of greater than $2,000 (since Alabama, Regions' home state, has no limits on those loans), with a limit of 18% (the minimum usury limit in Texas) or more on all other loans.[21] However, once Wells Fargo fully completes its proposed purchase of Century Bank (a Texas bank with Arkansas branches), Section 731 will do away with all usury limits for Arkansas-based banks since Wells Fargo's main bank charter is based in South Dakota, which repealed its usury laws many years ago.
Though designed for Arkansas, Section 731 may also apply to Alaska and California whose constitutions provide for the same basic usury limit, though unlike Arkansas their legislatures can (and generally do) set different limits. If Section 731 applies to those states, then all their usury limits are inapplicable to banks based in those states, since Wells Fargo has branches in both states.
[edit] Controversy
[edit] Criticism
President Barack Obama believes that the Act directly helped cause the 2007 subprime mortgage financial crisis.[22] Economists Robert Ekelund and Mark Thornton have also criticized the Act as contributing to the crisis. They state that while "in a world regulated by a gold standard, 100% reserve banking, and no FDIC deposit insurance" the Financial Services Modernization Act would have made "perfect sense" as a legitimate act of deregulation, under the present fiat monetary system it "amounts to corporate welfare for financial institutions and a moral hazard that will make taxpayers pay dearly".[23]
Nobel Prize-winning economist Paul Krugman has called Senator Phil Gramm "the father of the financial crisis" due to his sponsorship of the Act.[24] Nobel Prize-winning economist Joseph Stiglitz has also argued that the Act helped to create the crisis.[25] An article in The Nation has made the same argument.[26]
Contrary to Phil Gramm's claim that "GLB didn't deregulate anything" (see Defense), the GLB Act that he co-authored explicitly exempted security-based swap agreements (a derivative financial product based on another security's value or performance) from regulation by the SEC Commission by amending the Securities Act of 1933, Section 2A, and similarly the Securities Exchange Act of 1934, Section 3A, to read, in part:[27] [28]
1. The definition of "security" in section 2(a)(1) does not include any security-based swap agreement (as defined in section 206B of the Gramm-Leach-Bliley Act [15 USCS § 78c note]).
2. The Commission is prohibited from registering, or requiring, recommending, or suggesting, the registration under this title of any security-based swap agreement[.] ...
3. The Commission is prohibited from ... promulgating, interpreting, or enforcing rules; or ... issuing orders of general applicability; ... as prophylactic measures against fraud, manipulation, or insider trading with respect to any security-based swap agreement[.]
[edit] Defense
In response to criticism of his signing the bill when President, Bill Clinton said in 2008:
"I don't see that signing that bill had anything to do with the current crisis. Indeed, one of the things that has helped stabilize the current situation as much as it has is the purchase of Merrill Lynch by Bank of America, which was much smoother than it would have been if I hadn't signed that bill ... On the Glass-Steagall thing, like I said, if you could demonstrate to me that it was a mistake, I'd be glad to look at the evidence." [29]
In February 2009, one of the act's co-authors, former Senator Phil Gramm, wrote in its defense that:
"...if GLB was the problem, the crisis would have been expected to have originated in Europe where they never had Glass-Steagall requirements to begin with. Also, the financial firms that failed in this crisis, like Lehman, were the least diversified and the ones that survived, like J.P. Morgan, were the most diversified.
" Moreover, GLB didn't deregulate anything. It established the Federal Reserve as a superregulator, overseeing all Financial Services Holding Companies. All activities of financial institutions continued to be regulated on a functional basis by the regulators that had regulated those activities prior to GLB." [30]
The economists Brad DeLong (of the University of California, Berkeley) and Tyler Cowen (of George Mason University in Virginia) have both argued that the Gramm-Leach-Bliley Act softened the impact of the crisis.[31] Atlantic Monthly columnist Megan McArdle has argued that if the act was "part of the problem, it would be the commercial banks, not the investment banks, that were in trouble" and repeal would not have helped the situation.[32] An article in National Review has made the same argument, calling liberal allegations about the Act “folk economics”.[33]
[edit] References
- ^ [1]
- ^ IB87061: Glass-Steagall Act: Commercial vs. Investment Banking, Congressional Research Service (CRS)
- ^ H.R.10: Financial Services Act of 1999, EH, July 1, 1999, Engrossed as Agreed to or Passed by House, Library of Congress
- ^ Consideration of H.R.10: Financial Services Act of 1999, All Congressional Actions & Reports of H.R.10, Congressional Record
- ^ Two Republicans and four Democrats did not vote. Congressional roll-call: H.R.10 as amended: Financial Services Act of 1999, Record Vote No: 276, July 1, 1999, Clerk of the United States House of Representatives
- ^ Sen. Fritz Hollings (D-S. Carolina) voted in favor, Sen. Peter Fitzgerald (R-Illinois) voted "present" and Sen. James Inhofe (R-Oklahoma) did not vote.
- ^ S.900: Financial Services Modernization Act of 1999, ES, May 6, 1999, Engrossed as Agreed to or Passed by Senate, Library of Congress
- ^ a b Consideration of S.900: Financial Services Modernization Act of 1999, All Congressional Actions & Reports of S.900, Congressional Record
- ^ Congressional roll-call at S.900 as amended: Financial Services Modernization Act of 1999, Record Vote No: 105, May 6, 1999, U.S. Senate Roll Call Votes. A table with members' full names, sortable by vote, state, region and party, may be found at S.900 as amended: Gramm-Leach-Bliley Act, roll call 105, 106th Congress, 1st session, Votes Database at The Washington Post, retrieved on October 9, 2008.
- ^ Independent-Socialist Rep. Bernard Sanders of Vermont voted yes; 33 Republicans and 28 Democrats did not vote. Congressional roll-call: On Motion to Instruct Conferees - S.900: Financial Services Modernization Act of 1999, Record Vote No: 355, July 30, 1999, Clerk of the U.S. House. Sortable unofficial table: On Motion to Instruct Conferees, Financial Services Modernization Act, roll call 355, 106th Congress, 1st session, Votes Database at The Washington Post, retrieved on October 12, 2008.
- ^ The War on CRA: Opportunity in Next Wave of Mergers, Cincotta, National Housing Institute, 1999
- ^ 52 Republicans and 38 Democrats voted for the bill. Sen. Richard Shelby of Alabama (Republican, formerly a Democrat) voted against it, as did 7 Democratic Senators: Barbara Boxer (Calif.), Richard Bryan (Nevada), Byron Dorgan (N. Dakota), Russell Feingold (Wisc.), Tom Harkin (Iowa), Barbara Mikulski (Maryland) and Paul Wellstone (Minn.) Sen. Peter Fitzgerald (R-Illinois) again voted "present", while Sen. John McCain (R-Arizona) did not vote.
- ^ Congressional roll-call: S.900 as reported by conferees: Financial Services Act of 1999, Record Vote No: 354, November 4, 1999, Clerk of the Senate. Sortable unofficial table: On Agreeing to the Conference Report, S.900 Gramm-Bliley-Leach Act, roll call 354, 106th Congress, 1st session Votes Database at The Washington Post, retrieved on October 9, 2008
- ^ Republicans voted 207-5 in favor with 10 not voting. Democrats voted 155-51 in favor, with 5 not voting. Independent-Socialist Rep. Bernard Sanders of Vermont voted no.
- ^ Congressional roll-call: On the passage of S.900: Financial Services Act of 1999, Record Vote No: 570, November 4, 1999, Clerk of the U.S. House. Sortable unofficial table: On Agreeing to the Conference Report, S. 900 Financial Services Modernization Act, roll call 570, 106th Congress, 1st session Votes Database at The Washington Post, retrieved on October 9, 2008
- ^ "S. 900: Gramm-Leach-Bliley Act", 106th Congress - 1st Session, GovTrack.us.
- ^ Community Reinvestment Act Amendments in the Gramm-Leach Act, additional text.
- ^ Compromise over Community Reinvestment Act crucial to repeal of Glass-Steagall
- ^ http://www.occ.gov/interp/mar98/int822.pdf
- ^ http://www.arkansas.gov/bank/authority.html
- ^ http://www.arkbar.com/Ark_Lawyer_Mag/Articles/UsuryWinter04.html
- ^ Ten Questions for Those Fixing the Financial Mess. Wall Street Journal. March 10, 2009.
- ^ Ekelund, Robert; Thornton, Mark (2008-09-04). "More Awful Truths About Republicans". Ludwig von Mises Institute. http://mises.org/story/3098. Retrieved on 2008-09-07.
- ^ The Gramm connection. Paul Krugman. The New York Times. Published March 29, 2008.
- ^ Who's Whining Now? Gramm Slammed By Economists. ABC News. Sept. 19, 2008.
- ^ John McCain: Crisis Enabler. The Nation. September 21, 2008.
- ^ "Securities Act of 1933, Section 2A -- Swap Agreements". http://www.law.uc.edu/CCL/33Act/sec2A.html.
- ^ "Securities Exchange Act of 1934, Section 3A -- Swap Agreements". http://www.law.uc.edu/CCL/34Act/sec3A.html.
- ^ BARTIROMO, MARIA (2008-09-24). "Bill Clinton on the Banking Crisis, McCain, and Hillary". BusinessWeek. http://www.businessweek.com/magazine/content/08_40/b4102000409948.htm. Retrieved on 2008-10-05.
- ^ Phil Gramm, "Deregulation and the Financial Panic", opinion pages of The Wall Street Journal, published and retrieved on February 20, 2009
- ^ Who Caused the Economic Crisis?. FactCheck.org October 1, 2008.
- ^ Hindsight regulation. Megan McArdle. Atlantic Monthly. September 16, 2008
- ^ Villain Phil. National Review. September 22, 2008.
[edit] Sources
- Financial Privacy: The Gramm-Leach Bliley Act, Federal Trade Commission, 1999
- Gramm-Leach-Bliley Act,15 USC, Subchapter I, Sec. 6801-6809, Disclosure of Nonpublic Personal Information, FTC, 1999
- Mike Chapple, Gramm-Leach-Bliley and You, November 18, 2003
- Robert H. Ledig, Gramm-Leach-Bliley Act Financial Privacy Provisions:The Federal Government Imposes Broad Requirements to Address Consumer Privacy Concerns
- The Gramm-Leach-Bliley Act: The Financial Privacy Rule, Federal Trade Commission
- In Brief: The Financial Privacy Requirements of the Gramm-Leach-Bliley Act, Federal Trade Commission
- The Gramm-Leach-Bliley Act — “History of the GLBA”, Electronic Privacy Information Center
- Financial Institution Privacy Protection Act of 2003 — 108th CONGRESS, 1st Session, S. 1458, “To amend the Gramm-Leach-Bliley Act to provide for enhanced protection of nonpublic personal information, including health information, and for other purposes.”, In the Senate of the United States; July 25 (legislative day, JULY 21), 2003, Library of Congress
- Testimony of (Federal Reserve) Governor Laurence H. Meyer: Merchant banking, Federal Reserve Bank
- Martin McLaughlin, Clinton, Republicans agree to deregulation of US financial system, World Socialist Web Site, November 1, 1999, retrieved on October 9, 2008
[edit] External links
[edit] Websites for compliance information
- Disclosure of Nonpublic Personal Information
- Financial Institutions and Customer Data: Complying with the Safeguards Rule
[edit] Websites for consumer/client rights information
- Disclosure of Nonpublic Personal Information
- What Can You Do To Protect Your Privacy
- Privacy Choices for Your Personal Financial Information
- Pretexting: Your Personal Information Revealed