FDIC proposes expanded sharing of confidential information without prior approval
On June 25, the FDIC Board approved a proposed rule to amend Part 309 of its regulations governing the disclosure of confidential information by the FDIC and other entities. The proposal would reorganize Part 309, replace most of the current provisions governing disclosure of “exempt records” with a new subpart addressing discretionary disclosure of confidential information, and define “confidential information” as FDIC records or other FDIC information in any form exempt from disclosure under the Freedom of Information Act (FOIA), including related or derived information.
The current rule generally requires insured depository institutions (IDIs) to obtain prior FDIC approval before disclosing confidential FDIC information to certain third parties. The FDIC stated that the current requirement is not consistent with other federal bank regulators’ disclosure rules, which allow disclosure without prior approval in some instances. The proposed rule would allow IDIs to disclose confidential information without prior FDIC approval to specified recipients, such as affiliates, outside counsel, accountants and auditors, majority shareholders, and qualifying service providers, among others, when necessary or appropriate for business purposes, subject to conditions, including confidentiality agreements for certain recipients.
The proposal would also allow IDIs to disclose confidential information created more than 25 years ago, permit parent holding companies to disclose confidential information to the same extent and subject to the same conditions as an IDI, and permit FDIC-examined service providers to share confidential information with the IDIs they serve if certain conditions are met. The proposal also would update and simplify the FDIC’s FOIA rules, legal-proceeding disclosure rules, and service-of-process rules. Comments are due August 31.