FPA Government Relations Office
1615 L Street, N.W., Suite 650
Washington, D.C. 20036
Voice: 202.626.8770
Fax: 202.626.8577

E-mail: fpa@fpanet.org
Web site: www.fpanet.org

By Electronic Mail

March 31, 2000

Jonathan G. Katz
Securities and Exchange Commission
450 5th Street, N.W.
Washington, D.C. 20549-0609

Re:Release Nos. 34-42484, IC-24326, IA-1856; File No. S7-6-00; Privacy of Consumer Financial Information

Dear Mr. Katz:

The Financial Planning Association ("FPA")1 is pleased to provide comment on a proposal that will have significant long-term implications on the way business is conducted in the financial services industry. With respect to the proposed Rule, FPA appreciates the efforts of the SEC to coordinate its comments with other federal and state regulatory authorities. Many of FPA's 29,300 members are affiliated with investment advisers regulated under the Investment Advisers Act of 1940 (the " Advisers Act") and/or with broker-dealers under NASD Regulation, Inc. Many of these same members are also affiliated with state-registered investment advisers and therefore have an equal interest in a similar rule promulgated by the Federal Trade Commission ("FTC").2 FPA therefore greatly appreciates the consistency built into the coordinated rulemaking process and flexibility provided for complying with similar rules of different agencies.

General Comment

Given the rapid consolidation of services and products offered to consumers within the broader financial services industry, FPA is supportive of the privacy protections established within the Gramm-Leach-Bliley Act ("GLB Act"). Because of the highly sensitive nature of the personal information collected as part of the financial planning process, professional organizations like FPA have for many years voluntarily mandated strict confidentiality with respect to client information. Although a new organization, FPA has continued the strict ethical standards established by its predecessors in establishing a specific confidentiality requirement for its members.3 Further, the majority of FPA members are CFP licensees and subject to a nearly identical set of ethical and professional standards of conduct4 by the CFP Board of Standards, Inc.5

As registered investment advisers or affiliates, most FPA members have a longstanding fiduciary relationship with their clients. Much of what the Rule proposes has already been incorporated into the compliance and contractual agreements of our members. As stated earlier, most financial planners are regulated under the 1940 Act or comparable state securities laws as investment advisers. However, the comprehensive nature of advisory services that they provide to their clients frequently extends beyond their roles as investment advisers. Such non-securities activities have not been addressed by the Rule. In contrast to a basic assumption of the Release, that "most investment advisers do not share [confidential] information with any third parties," FPA members frequently provide services involving third-party consultations or transactions with insurance companies, mutual fund companies, attorneys, accountants, trustees, executors, and many others.

Further, while most financial planners are independent small firms, many offer the same comprehensive advisory services and products as the large financial `supermarkets.' As a part of their fiduciary and professional obligations to review the client's total financial situation, or to assist the client in implementing personal financial goals, financial planners frequently interact, and are required to share nonpublic personal information, with nonaffiliated third parties. So while we strongly agree with the investor protection concepts proposed in the Rule, our comments focus on the exceptions to disclosure requirements and opt out provisions in sections 248.10 and 248.11 to assist financial planners in clarifying their obligations under the GLB Act. We appreciate in particular the Commission's query in Section III of the Release with respect to whether additional examples are appropriate. Because of the broad scope of financial services provided by financial planners, we believe additional examples addressing their business activities are clearly needed.

Our comments follow in the order listed by the proposed Rule.

Section 248.3 Definitions.

(g)(1) Consumer. Most clients of financial planners easily fit within the Rule's definition of "consumer," which means "an individual who obtains or has obtained a financial product or service from you that is to be used primarily for personal, family, or household purposes, and that individual's legal representative." However, financial planners sometimes have corporate clients that provide outside personal financial services to their employees.

In one example, the financial planner may be retained by the corporate client to meet with individual employees, gather personal financial data, and provide financial advice to the client on his or her personal financial goals. In these situations the nonpublic personal information collected by the financial planner is not shared with the employer, e.g. the client information is treated confidentially in the same manner as if the person were an individual client of the planner, even though the services are paid by the employer. Clarification or an example is requested to confirm our impression that the employee, and not the employer, is the consumer.

In a second example, the financial planner may have a client engagement in which the owner of a small business seeks advice on financial issues related to managing his or her small business. The business also happens to be the principal asset of the individual. If the client does not request advice with respect to his or her personal, family or household finances, but only in connection with the business itself, would the small business owner be considered a consumer? Using the same example, if the business owner were a sole proprietor, would he or she be a consumer because the personal assets may be intertwined with the business?

Section 248.5 Annual notice to customers required.

(a) General rule. Paragraph (a) requires notice to customers that reflect an adviser's privacy policy and practices not less than annually during the customer relationship. FPA requests clarification as to whether an investment adviser may incorporate the privacy policy in Part II of Form ADV, and then provide notice annually to the client as currently required under Rule 204-3(c)6 of the Advisers Act.

(c)(1) and (2) Termination of customer relationship. The Release invites comment on whether additional examples would be helpful in determining when a customer relationship is terminated and annual notice is no longer required. FPA has reviewed the four examples under paragraph (c)(2) and believe at least one additional example is warranted. For instance, a financial planner may develop a financial plan and implement its recommendations for a client. If the planner does not provide ongoing portfolio management services as part of the client engagement or is on a retainer, the planner may alternatively recommend an annual review to determine if the client's financial plan is being implemented consistent with the recommendations. If the client agreement does not specify any future activity to monitor the financial plan, should the financial planner consider the customer relationship terminated? Alternatively, does the rule anticipate the planner being required to restructure financial planning agreements to clarify the termination date?

Additional costs to financial planners. The Release estimates that the investment advisers' cost to comply with the Rule will be approximately 5 hours of drafting work, or about $615 per adviser. Because the Release assumes that there is little or no sharing of personal information with third parties by investment advisers, it does not break out or estimate any specific distributions costs for disclosure. We therefore assume that the Commission does not take into account potential costs associated with compliance with Section 248.5. These additional costs include drafting amendments to existing or prospective client agreements to specify termination dates; communications with clients to discuss changes to client agreements addressing the termination dates; and the cost of delivering written copies of the adviser's privacy policy to the client if the adviser cannot rely upon an annual offer of the privacy policy in Form ADV or if the customer refuses to accept electronic transmission of the document. Mature financial planning practices typically maintain several hundred customer relationships, and these requirements will significantly increase the cost of complying with the Rule far beyond the $615 anticipated in the Release.

Section 248.7 Limitation on disclosure of nonpublic personal information about consumers to nonaffiliated third parties.

(a)(1) Conditions for disclosure. Comment was requested in the Release with respect to opt outs by multiple beneficiaries of a trust in which the account is managed by an investment adviser. Financial planners often serve as trustees or advisers to trusts with multiple beneficiaries. Providing individual opt outs would be cumbersome and costly for an investment adviser who, for example, acts as an investment management consultant to the trust and needs to discuss investments in the account with the portfolio manager. We urge the Commission to treat the trust as the customer, and not the individuals within the trust. We would note that in other situations, the Commission has defined a trust to be a single account, or client, for purposes of defining the term "client."7

Section 248.10 Exceptions to notice and opt out requirements for processing and servicing transactions.

FPA believes that the exceptions provided in this section will be heavily relied upon by investment advisers and broker-dealers to conduct routine business on behalf of the client. Such activities require the regular sharing of nonpublic personal information with nonaffiliated third parties. In many instances these third parties, for example, may be the same person. Financial planners often maintain an investment adviser registration to conduct their financial planning business but also separately are registered representatives of an independent broker-dealer. These exceptions are critical for the financial adviser to perform different services efficiently and in a cost-effective manner on behalf of the client.

We have several additional comments listed below.

(a) Exceptions for processing transactions at consumer's request. Paragraph (a) makes an exception for "initial notice" and "opt out." This section is silent on annual disclosure. Should it be assumed that whenever initial notice is not required that annual disclosures are not obligatory, either?

(a)(1) Effecting a transaction by the consumer. . Paragraph (a) specifies that a transaction must be authorized or requested by the consumer to qualify for an exception from the notice and opt out requirements. Many financial planners maintain discretionary authority on behalf of clients to rebalance portfolios, execute related transactions, etc. FPA believes that a power of attorney permitting the investment adviser to execute multiple transactions on behalf of the client should satisfy that requirement. We believe that an example illustrating such a scenario would provide considerable clarification.

(b) Necessary to effect, administer, or enforce a transaction. Similar to (a)(1), FPA believes that (b), and in particular (b)(2)(iii), have the same effect of allowing an investment adviser to execute transactions and provide necessary disclosure to a nonaffiliated third party through discretionary authority or custody of a customer's account. Because this is a very common situation, we believe that it would be helpful to provide an example of an investment adviser or broker-dealer using discretionary authority under this exception.

Section 248.11 Other exceptions to notice and opt out requirements.

(a)(1) Consumer consent to exception from notice and opt out requirements. FPA believes that the Commission needs to determine whether discretionary authority is considered to be a part of Section 248.10, where the Release characterizes such activity as "the administration, processing, servicing, or sale of a consumer's account," or whether it is a part of Section 248.11. If discretionary activity is considered to be a part of the latter section, then the investment adviser or broker-dealer would be required to secure consent of the specific release of information in lieu of providing initial disclosure or an opt out notice.

Other Exceptions to notice and opt out requirements.

There are numerous other financial planner activities with respect to the sharing of nonpublic personal information with third parties that are not addressed in the Release. Many of these activities are very routine for financial planners and involve the clear, but often informal, consent of the customer to occur. Many of these activities do not involve the sale of or advice on securities products. A typical example is when a financial planner reviews a client's estate and tax planning needs and determines consultation is needed with the client's attorney and/or accountant. In most cases, financial planners do not work in full-service firms that provide in-house legal, accounting or risk management services. As the `team quarterback' in advising the client during the development of the financial plan, the financial planner may be required to consult with any number of outside specialists.

FPA believes that there are at least two alternative solutions to this problem. One would be for the Commission to clarify in Section 248.11(a)(1), through examples or otherwise, that "consent" or "at the direction of the consumer" means oral consent or direction.

The other, more preferable alternative, is to exercise the Commission's authority under Section 504(b) of the GLB Act to add an exception to the notice and opt out requirements for the disclosure of nonpublic personal information to a bona fide agent of a client, including an accountant and a financial planner, acting on behalf of a client.

We believe that this sharing of personal information with other financial professionals, like an attorney, trustee, guardian, executor of a consumer's estate, all of whom have a fiduciary obligation to the client, has always been part of a very traditional way of providing financial services to a client. Such activities should be specifically excepted under Section 248.11(a)(2)(v) where the phrase "acting in a representative capacity" could be broadly interpreted to include such agents listed above. The sharing of such information is quite apparent to the client and probably was not an issue considered by Congress in its review of the privacy issue during passage of the GLB Act, which focused primarily on large institutional sharing of confidential information.

We would be pleased to respond to any questions in connection with these comments. Please do not hesitate to contact the undersigned at 202.626.8770.


Duane R. Thompson
Director of Government Relations

Atlanta * Denver * Washington, D.C.

1 The Financial Planning Association is the largest organization in the United States representing financial planners and affiliated firms. FPA was formed on January 1, 2000, as a result of the combination of two existing non-profit financial planning associations, the Institute of Certified Financial Planners and the International Association for Financial Planning. FPA maintains administrative offices in Atlanta and Denver, and a government relations office in Washington, D.C.
2 "Privacy of Consumer Financial Information," 16 CFR 313, proposed rule by the Federal Trade Commission.
3 Principle 5 of the FPA Code of Ethics, which is derived from the CFP Code of Ethics and Professional Responsibility, states: "An FPA member shall not disclose any confidential client information without the specific consent of the client unless in response to proper legal process, to defend against charges of wrongdoing by the FPA member or in conneciton with a civil dispute between the FPA member and client. A client, by seeking the services of an FPA member, may be interested in creating a relationship of personal trust and confidence with the FPA member. This type of relationship can only be built upon the understanding that the information supplied to the FPA member or other information will be confidential. In order to provide the contemplated services effectively and to protect the client's privacy, the FPA member shall safeguard the confidentiality of such information."
4 Rule 501 of the CFP Code of Ethics and Professional Responsibility generally requires a CFP designee to maintain the confidentiality of "any personally identifiable information relating to the client relationship or the affairs of the client" except with the client's consent or to comply with any legal or regulatory requirements.
5 The CFP Board of Standards, Inc., is an independent, non-profit standards-setting organization based in Denver that governs the use of the CFP certification and other related service marks.
6 Rules 204-3 of the Advisers Act requires an investment adviser to annually offer in writing to deliver upon written request to each of its advisory clients the information contained in Part II of form ADV.
7 See Rule 275.203(b)(3)-1 of the Advisers Act.