Skip to main content
OCC Flag

An official website of the United States government


We routinely give our personal information to companies that provide us with goods and services. However, we want to have some control over how they store and use our private information—especially our private financial information. We also want to limit the amount of unwanted mail, email, and telephone calls we receive. Concern about these issues has led to the enactment of several laws and regulations.

Children's Online Privacy Protection

The Children's Online Privacy Protection Act (COPPA) covers online collection of personal information from children under age 13. COPPA spells out the responsibilities of website operators regarding children's online safety and privacy. Financial institutions that operate a website or online service directed to children fall under this regulation. Learn more. Read Facts for Consumers: Protecting Kids' Privacy on the Federal Trade Commission website.

Non-solicited Pornography and Marketing

Congress enacted the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) to protect the public from unwanted marketing email and from email containing sexually explicit text and images. CAN-SPAM attempts to reduce this type of communication by

  • Prohibiting senders of this material from disguising the source and content of their messages, and
  • Requiring senders to give consumers the choice to opt out of their mailing list.

Financial institutions fall under the marketing provisions of the CAN-SPAM act. Learn more. Read Stop Unwanted Robocalls and Texts on the Federal Communications Commission website and OCC's Answers about Bank Solicitations.

Credit Reporting and Credit Transactions

The Fair Credit Reporting Act (FCRA) (PDF) gives you the right to see your credit records and correct any mistakes. The Fair and Accurate Credit Transactions Act (FACTA) helps you protect your credit identity by allowing you to receive a free credit report once a year from each of the three nationwide consumer credit reporting companies. A rule based on these laws also helps you limit the number of solicitations you get from companies that want to sell you credit-related services. This rule requires companies to

  • Tell you how they will use information they have collected about you,
  • Provide information about how they will share that information with other companies, and
  • Give you the chance to opt out of their mailing list.

Learn more. Read about identity theft, credit reporting, fair credit reporting on the Federal Trade Commission website.

Privacy of Consumer Financial Information

You have probably received privacy notices in the mail from banks, other financial institutions, or insurance companies. Those notices explain what personal financial information the company collects about you, how the company protects your information, whether the company intends to share your information with other companies, and what you can do to limit that sharing. Two federal laws cover your personal financial privacy: The Fair Credit Reporting Act (PDF) and the Gramm-Leach-Bliley Act. Learn more. Read Privacy Choices for Your Personal Financial Information on the Federal Trade Commission website.

Right to Financial Privacy

The Right to Financial Privacy Act (RFPA) (PDF) protects the privacy of your financial accounts from government scrutiny. Before the enactment of RFPA, you could not challenge government access to your financial records. In fact, you had no way of knowing that your bank had provided your records to a government authority. In general, and with some exceptions, the RFPA requires that you must receive

  • A written notice of the government agency's intent to obtain your financial records,
  • An explanation of why the agency wants your records, and
  • A statement describing what you should do if you don't want your financial records reviewed by that agency.

Telephone Consumer Protection

The Telephone Consumer Protection Act (TCPA) (PDF) protects you from, among other things, unwanted telephone marketing calls from companies that want to sell you goods or services. Congress passed TCPA in response to consumer complaints regarding increased and intrusive telemarketing. This act led to the establishment of the National Do Not Call Registry. You can add your telephone number(s) to this registry to reduce the number of unsolicited telephone calls you receive. Learn more. Read Stop Unwanted Robocalls and Texts on the Federal Communications Commission website.

Related News and Issuances

03/19/2024 NR 2024-27 OCC Reports Mortgage Performance for Fourth Quarter of 2023
02/13/2024 NR 2024-11 Acting Comptroller Discusses Appraisal Bias
01/09/2024 NR 2024-2 OCC Hosts Public Appraisal Subcommittee Hearing on Appraisal Bias