17 CFR 248.5 - Annual privacy notice to customers required.

§ 248.5 Annual privacy notice to customers required.


(1)General rule. You must provide a clear and conspicuous notice to customers that accurately reflects your privacy policies and practices not less than annually during the continuation of the customer relationship. Annually means at least once in any period of 12 consecutive months during which that relationship exists. You may define the 12-consecutive-month period, but you must apply it to the customer on a consistent basis.

(2)Example. You provide a notice annually if you define the 12-consecutive-month period as a calendar year and provide the annual notice to the customer once in each calendar year following the calendar year in which you provided the initial notice. For example, if a customer opens an account on any day of year 1, you must provide an annual notice to that customer by December 31 of year 2.


(1)Termination of customer relationship. You are not required to provide an annual notice to a former customer.

(2)Examples. Your customer becomes a former customer when:

(i) The individual's brokerage account is closed;

(ii) The individual's investment advisory contract is terminated;

(iii) You are an investment company and the individual is no longer the record owner of securities you have issued; or

(iv) You are an investment company and your customer has been determined to be a lost securityholder as defined in 17 CFR 240.17a-24(b).

(c)Special rule for loans. If you do not have a customer relationship with a consumer under the special provision for loans in § 248.4(c)(2), then you need not provide an annual notice to that consumer under this section.

(d)Delivery. When you are required to deliver an annual privacy notice by this section, you must deliver it according to § 248.9.

This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.

This list is taken from the Parallel Table of Authorities and Rules provided by GPO [Government Printing Office].

It is not guaranteed to be accurate or up-to-date, though we do refresh the database weekly. More limitations on accuracy are described at the GPO site.

United States Code
Statutes at Large

Title 17 published on 16-May-2018 03:42

The following are ALL rules, proposed rules, and notices (chronologically) published in the Federal Register relating to 17 CFR Part 248 after this date.

  • 2013-04-19; vol. 78 # 76 - Friday, April 19, 2013
    1. 78 FR 23638 - Identity Theft Red Flags Rules
      GPO FDSys XML | Text
      Joint final rules and guidelines.
      Effective date: May 20, 2013; Compliance date: November 20, 2013.
      17 CFR Part 162
The section you are viewing is cited by the following CFR sections.