Regulation P | 01/20/2024
The Board of Directors of Gala Bank acknowledges that protecting our customers’ privacy is of the upmost importance. The Board also acknowledges that under the Graham-Leach Bliley Act (Regulation P), as well as the FACT Act & Identity Theft Protection Program, Gala Bank has a legal obligation to safeguard our customers’ information and may only share that information under certain circumstances. The following policy serves as a benchmark for all Gala Bank employees and related policies and procedures to ensure our customers’ privacy and compliance with the Act.
Information Disclosure
It is the policy of Gala Bank not to disclose any nonpublic personal information except as permitted by law. Under the law, the Bank is permitted to disclose information to third parties for the purpose of:
1) Servicing our loans and accounts,
2) Responding to subpoenas (in accordance with Bank Policy pertaining to RFPA, if applicable),
3) Reporting to Credit Bureaus,
4) Responding to a request initiated by our customer.
1) Servicing our loans and accounts,
2) Responding to subpoenas (in accordance with Bank Policy pertaining to RFPA, if applicable),
3) Reporting to Credit Bureaus,
4) Responding to a request initiated by our customer.
Customer Notification
Customers with relationships established for personal, family, and household use are to receive an initial written disclosure describing this policy prior to establishing that relationship and annually thereafter.
Authority
The Compliance Officer is responsible for assuring that appropriate procedures are provided for each area to assure customer financial privacy. Responsibility for implementing and complying with the procedures rests with the respective Bank officer assigned to that area.
Internal Controls
Gala Bank realizes that the information it has about our customers is highly confidential and therefore, access to personal and account information is restricted to those employees who need to know that information, in an effort to provide services to our customers. The Bank’s automated systems have a set of passwords, user identifications, and terminal identifications that limit each employee’s access to information that they need to perform their job responsibilities.
Training
All employees are alerted to the level of confidentiality required in banking relationships during their probationary period. A copy of this policy is included in the New Hire Packet. The Compliance Officer will keep employees informed of any and all changes to privacy regulations and will conduct training as necessary. Maintenance of the confidentiality of customer information is a primary responsibility of all Bank personnel. Violations of this policy are addressed in the employee handbook and can serve as a basis for dismissal.