Return to Reference Architecture (RA) or Return to Appendices
The following Laws and Regulation governing Privacy, Money Laundering, Terrorism and Financials apply in the U.S. and need to be part of any DIDO solution concerned with currency, money, financials, or cryptocurrencies. Often these Laws and Regulations are considered as obstacles or barriers to innovation, but each law or regulation is developed in response to some situation that occurred in the past and to prevent a “modern” repeat of these situations, the laws and regulations should be upgraded, not ignored or overturned.
Some of these Laws, Regulations and Authorities have general applicability to DIDOs when the data stored within the DIDO refers to Personal Identifiable Information (PII) and therefore subject to the tenets of privacy. See Right to Privacy.
Some Laws, Regulations and Authorities are relevant to DIDO when the DIDO is considered a [dido:public:ra:xapend:xapend.a_glossary:f:financial_instrument]] or a Security. Certain Cryptocurrencies and Initial Coin Offerings (ICOs) may be found to meet the definition of an “investment contract” under the Howey Test which the U.S. Supreme Court ruling determined that an Investment Contract must:
Some Laws, Regulations and Authorities attempt to prevent:
| U.S. Federal Laws | ||
|---|---|---|
| Kind | Law / Regulation | Description |
| Privacy | Driver's Privacy Protection Act of 1994 (DPPA) | DPPA governs the privacy and disclosure of personal information gathered by state Departments of Motor Vehicles, including photographs, Social Security Number (SSN), Driver Identification Number (DID), name, address (but not the five-digit ZIP code), telephone number, medical information and disability information. |
| Privacy | California Consumer Privacy Act (CCPA) | CCPA gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law. |
| Privacy | Video Privacy Protection Act (VPPA) | VPPA restricts the disclosure of rental or sale records of videos or similar audio-visual materials, including online streaming. |
| Privacy | Cable Subscriber Protection | Cable Subscriber Protection provides access to all Personal Identifiable Information (PII) regarding the subscriber which is collected and maintained by a cable operator. |
| Money Laundering | Money Laundering Control Act of 1986 (MCLA) | The MCLA) makes money laundering, a federal crime by criminalized money laundering. It also prohibits individuals from engaging in a financial transaction with proceeds that were generated from certain specific crimes, known as Specified Unlawful Activities (SUAs). Additionally, the law requires that an individual specifically intend in making the transaction to conceal the source, ownership or control of the funds. |
| Money Laundering | Bank Secrecy Act of 1970 (BSA) | The BSA is U.S. law requiring financial institutions in the United States to assist U.S. government agencies in detecting and preventing money laundering. |
| Terrorism and Money Laundering | US Patriot Act, Title III: Anti-money-laundering to prevent terrorism | facilitate the prevention, detection, and prosecution of international money laundering and the financing of terrorism. It primarily amends portions of the Money Laundering Control Act of 1986 (MLCA) and the Bank Secrecy Act of 1970 (BSA). It was divided into three subtitles:
|
| Privacy | Right to Financial Privacy Act of 1978 (RFPA) | The RFPA was put in place to limit the government's ability to freely access nonpublic financial records. The RFPA defines financial institutions as any institution that engages in activities regarding banking, credit cards, and consumer finance. It also defines financial records as any documentation of a consumer's relationship with a financial institution. |
| Privacy | Gramm-Leach-Bliley Act (GLBA) | The GLBA promotes consumer privacy, the Gramm-Leach-Bliley Act included regulations to limit the ways in which companies handled and shared financial data. |
| Privacy | Fair Credit Reporting Act (FCRA) | The FCRA regulates credit agencies and promote fair and secure handling of consumer information. The FCRA attempts to limit the dissemination of information through five main rules:
|
| Privacy | Fair and Accurate Credit Transactions Act (FACTA) | FCRA amended the FCRA with stricter regulations that need to be enforced first. State laws regarding credit scores, credit reports, and insurance that were to remain in effect as a result of the amendments. FCRA gave consumers more rights to explanations of their credit scores and the right to a free credit report each year. It also includes two rules:
|
| Privacy | Credit and Debit Card Receipt Clarification Act | Credit and Debit Card Receipt Clarification Act requires account numbers printed on receipts have to be shortened to five digits in order to protect consumer privacy |
| Privacy | Fair Debt Collection Practices Act (FDCPA) | Under the FDCPA, collectors are not allowed to publish a consumer's name and address on a bad debt list or reveal any information regarding the debt to unaffiliated third parties except the consumers' partner or attorney. |
| Privacy | Electronic Funds Transfer Act | The act implemented requirements so that banks have to notify their customers of any policies regarding electronic transfer of funds. Banks are also held liable in the event that information is disclosed through telephone without consent. Also, banks would be held responsible for any damages that came as a result of unauthorized access to a consumer's information. |
| Financial | Dodd-Frank Act | The Dodd-Frank Act (Dodd-Frank Wall Street Reform and Consumer Protection Act) places regulation of the financial industry in the hands of the government. The legislation, which was enacted in July 2010, created financial regulatory processes to limit risk by enforcing transparency and accountability. |
| State Laws | ||
|---|---|---|
| Kind | Law / Regulation | Description |
| Privacy | California Privacy Act | California Privacy Act is a state level privacy act that provides protection of consumer information. The act is described as a stricter version of the Gramm-Leach-Bliley Act. |
| Privacy | California Consumer Credit Reporting Agencies Act (CCCRA) | The CCCRA regulates consumer credit reporting agencies as well as any users of credit reports. The act also provides a narrower definition of “consumer credit report” as any information that falls within credit reports is protected by the act. |
| Privacy | California Right to Financial Privacy Act | California Right to Financial Privacy Act regulates the state's government agencies' abilities to access nonpublic consumer information. As a result of the act, California's government agencies are not authorized to access financial records unless the consumer gives consent or if a subpoena or a search warrant is issued for the information. |
| Privacy | California Song-Beverly Credit Card Act | Under the California Song-Beverly Credit Card Act, companies may not collect personally identifiable information from consumers who purchase goods or services using credit cards. Companies cannot set conditions in which consumers must consent to sharing their information in order to use their credit cards for a transaction. However, consumer information can be requested in order to complete a credit card transactions as long as the information is never recorded. The act also set a redundant state level requirement that companies must shorten a consumer's credit and debit card information on receipts. |
| Privacy | Vermont Privacy of Consumer Financial and Health Information | The law defines the purpose, scope, application, compliance and exceptions to the law. The purpose of the Vermont Privacy of Consumer Financial and Health Information is to govern the treatment of nonpublic personal information about consumers by the financial institutions. |
Table 3 provides a list of authorities within the U.S. having oversight over financial services. Some authorities listed are Agencies of the U.S. such as SEC, or CFPB. Others are independent non-governmental organizations such as FINRA.
| Authority | Description |
|---|---|
| U.S. Treasury | The U.S. Treasury is the government department responsible for issuing all Treasury bonds, notes, and bills.1 Among the government departments operating under the U.S. Treasury umbrella are the:
|
| U.S. Securities and Exchange Commission (SEC) | The SEC is the U.S. government agency in charge of the nation's securities industry. It monitors transactions, as well as the activities of financial professionals. Its mission is to promote fairness, integrity and transparency; prevent fraud and other deceptive acts; and ensure orderly and efficient markets. |
| Financial Industry Regulatory Authority (FINRA) | FINRA is an independent, nongovernmental organization that writes and enforces the rules governing registered brokers and broker-dealer firms in the United States. Its stated mission is “to safeguard the investing public against fraud and bad practices.” It is considered a self-regulatory organization. |
| Consumer Financial Protection Bureau (CFPB) | The CFPB is a regulatory agency charged with overseeing financial products and services that are offered to consumers. |
| Commodity Futures Trading Commission (CFTC) | The CFTC regulates the derivatives markets, including futures contracts, options, and swaps. Its goals include the promotion of competitive and efficient markets and the protection of investors against manipulation, abusive trade practices, and fraud. |
| Federal Reserve System (The Fed) | The Fed is the central banking system of the United States and oversees the 12 regional Federal Reserve Banks. Its primary goals are to regulate the nation's private banks and manage the overall money supply. The Fed ensures lenders and borrowers have access to credit and loans. |
| Federal Deposit Insurance Corporation (FDIC) | The FDIC maintains stability and public confidence in the nation’s financial system by insuring deposits; examining and supervising financial institutions for safety, soundness, and consumer protection; makes large and complex financial institutions resolvable; and manages receivership |
| Office of the Comptroller of the Currency (OCC) | The OCC is an organization that acts as both the issuer and guarantor for options and futures contracts and is the largest equity derivatives clearing organization in the world. |
| National Association of Insurance Commissioners (NAIC) | NAIC is a nonprofit, nonpartisan organization and sets standards and establishes best practices for the U.S. insurance industry and provides support to insurance regulators. It also provides information and resources to consumers. Note: Insurance products sold in the U.S. are largely regulated by the states, rather than the federal government. |
| National Credit Union Administration (NCUA) | The NCUA monitors federal credit unions across the country and provides the National Credit Union Share Insurance Fund (NCUSIF) which is uses tax dollars to insure the deposits at all federal credit unions. |
| Country | Authority | Description |
|---|---|---|
| United Kingdom | Bank of England (BoE) | The BoE is the central bank for the United Kingdom. It acts as the government's bank and the lender of last resort. The BoE issues currency and, most importantly, oversees monetary policy. |
| Prudential Regulation Authority (PRA) | The PRA is a part of the Bank of England and responsible for the prudential regulation and supervision of banks, building societies, credit unions, insurers and major investment firms. It sets standards and supervises financial institutions at the level of the individual firm. |
|
| Financial Conduct Authority (FCA) | The FCA works alongside the Prudential Regulation Authority (PRA) in regulating the financial services industry in the UK and is responsible for the prudential regulation of those financial services firms not supervised by the PRA such as asset managers and independent financial advisers. The FCA has “rule-making, investigative and enforcement powers” to regulate the financial services industry. |
|
| Japan | Financial Services Agency (FSA) | The FSA is the chief regulator of Japan’s financial services industry, responsible for maintaining its stability and integrity, and is mandated to oversee the banking, insurance and securities and exchange industries. It’s also charged with protecting market participants from fraud and money laundering. |
| Germany | Federal Financial Supervisory Authority (BaFin) | BaFin integrates the regulatory functions of those agencies with authority over Germany’s banks, financial services companies, insurance companies, stock exchanges, and other obligated institutions. An important part of BaFin’s role as regulator is to identify and eliminate financial crime – a function which includes promoting anti-money laundering in Germany, and counterterrorist financing. |
| France | Autorité des marchés financiers (AMF) | AMF is an independent body that supervises financial companies operating in France with three core responsibilities:
It is also charged with keeping the nation’s markets and financial services industry free of fraud and money laundering. Additionally, France’s AMF a rules-setter and is responsible for implementing the EU’s 2018 Markets in Financial Instruments Directive II (MiFID II) directive as well as its own General Regulation. |
| Singapore | Monetary Authority of Singapore (MAS) | The MAS is empowered by the Monetary Authority of Singapore Act to set regulations and supervise the city’s banking, capital markets, insurance and payments sectors. The organization enforces its regulations and government laws through legally binding instructions called Directions. They may take the form of Directives, which are issued to specific entities or individuals, and Notices, which cover a class of asset, institution or person, such as loans or loan issuers. |
| Switzerland | Financial Market Supervisory Authority (FINMA) | FINMA is Switzerland’s independent financial-markets regulator. Its mandate is to supervise banks, insurance companies, financial institutions, collective investment schemes, and their asset managers and fund management companies. It also regulates insurance intermediaries. It is charged with protecting creditors, investors and policyholders. FINMA is responsible for ensuring that Switzerland’s financial markets function effectively. |
| People's Republic of China | China Banking Regulatory Commission (CBRC) | The CBRC is authorized by the State Council to regulate the banking sector of the PRC except the territories of Hong Kong and Macau, both of which are special administrative regions. |
| China Insurance Regulatory Commission (CIRC) | CIRC used to regulate the Chinese insurance products and services market and maintain legal and stable operations of insurance industry. In 2018, it was merged with the banking regulator China Banking Regulatory Commission (CBRC) to create the China Banking and Insurance Regulatory Commission (CBIRC). |
|
| China Securities Regulatory Commission (CSRC) | The CSRC is the national regulatory body that oversees the securities and futures industry of the country. The CSRC is the functional equivalent of the Securities and Exchange Commission (SEC) of the U.S., charged with maintaining orderly and fair markets. |
|
| India | Reserve Bank of India (RBI) | The RBI is the central bank of India, whose primary function is to manage and govern the financial system of the country, and it regulates the issue and supply of the Indian rupee. Additionally, it looks after the central government’s money and is the of the bankers’ bank and regulates the banking sector. The RBI is an important in India’s development by supporting the government in its developmental projects and policies. |
| Securities and Exchange Board of India (SEBI) | The SEBI is the most important regulator of securities markets in India and is the counterpart of the Securities and Exchange Commission (SEC) in the U.S. The stated objective of the SEBI is “to protect the interests of investors in securities and to promote the development of, and to regulate the securities market and for matters connected therewith or incidental thereto.” |
|
| Insolvency and Bankruptcy Board of India (IBBI) | IBBI is a key pillar of the ecosystem responsible for implementation of the Code that consolidates and amends the laws relating to reorganization and insolvency resolution of corporate persons, partnership firms and individuals in a time bound manner for maximization of the value of assets of such persons, to promote entrepreneurship, availability of credit and balance the interests of all the stakeholders. |
|
| Insurance Regulatory and Development Authority of India (IRDAI) | The IRDAI having overall supervision and development of the Insurance sector in India. The key objectives of the IRDAI includes the promotion of competition to enhance customer satisfaction through increased consumer choice and fair premiums, and ensuring the financial security of the Insurance market. Additionally, the IRDAI to frames regulations laying down the regulatory framework for supervision of the entities operating in the sector. |
|
| Pension Fund Regulatory and Development Authority (PFRDA) | PFRDA regulates National Pension System (NPS), subscribed by employees of Government of India, Indian State Governments and by employees of private institutions, organizations, and unorganized sectors. PFRDA ensures the orderly growth and development of pension market. |
|
| International | Financial Action Task Force (FATF) | The FATF is an intergovernmental organization develops standards around Anti Money Laundering (AML) to promotes policies and standards to combat financial crime of money laundering and terrorism funding. Additionally, FATF produces two lists of uncooperative jurisdictions in efforts against money laundering (and terrorism financing). |
| International | Markets in Financial Instruments Directive II (MiFID II) | The EU's MiFID II is a 2018 update to the original Markets in Financial Instruments Directive (MiFID) and is a legislative framework instituted by the European Union (EU) to regulate financial markets in the bloc and improve protections for investors. Its aim is to standardize practices across the EU and restore confidence in the industry |