(full results follow article)
KPMG conducted a survey of the attending companies at last week's
ICI General Membership Meeting in Washington, DC, in order to determine the amount of attention investment companies are paying to the recently passed regulations on privacy.
According to the consulting giant, the survey had over 100 respondents from 60 companies. Of the companies responding, 34% indicated that their companies are providing
customer information to non-affiliated third parties.
"This gives us a good impression of what our clients are thinking about -- it's a high profile issue," said
Steven Roberts, principal partner with KPMG's Financial
Services practice.
The enforcement date for the new regulations is July 1, 2001 -- the original date had been November 12, but has been pushed back due to industry objections about getting their houses in order in such a short period of time.
Roberts said that for those who do not share information, the transition to a regulated environment will be a fairly easy one, but for those who share data with third- parties, the transition could be more difficult.
"The issue revolves around whether they're marketing or operations support firms," said Roberts, adding that for both, it would not be an easy process determining whether customers want their information shared or not.
That said, Roberts said he has not seen evidence one way or the other about whether customers would opt to share their information or opt not to.
"The response this has generated is good recognition that privacy is an issue that has to be dealt with," said Roberts, "It's not just a compliance issue, it's a customer service issue."
KPMG ICI Survey 2000 |
%YES |
%NO |
1. Does your company/organization currently have a privacy policy? |
74 |
26 |
2. If your company does not currently have a privacy policy does
your company plan on instituting a privacy policy with 6-12 months? |
41 | 33 |
3. If your company has a privacy policy: |
| |
a. Does it specify conditions for the collection, protection
and use of customer data? |
76 | 24 |
b. Is it consistent with federal regulations to implement the
requirements of the Gramm-Leach-Bliley Act? |
73 | 27 |
4. Do contracts with third parties (vendors or customers) ensure that issues related to consumer confidentiality and security of personal data are
maintained? |
85 | 15 |
5. Are your company's privacy policies disclosed to customers at the time customer relationships are established?? |
64 | 36 |
6. Is customer information provided to nonaffiliated third parties, either for joint marketing purposes or for operational support? |
34 | 66 |
7. If yes to question #6, |
| |
a. Are third parties required to execute a confidentiality agreement to limit the use of personal information? |
69 | 22 |
b. Are third-party agreements monitored for compliance? |
72 | 16 |
8. a. Can customers choose to have their personal information withheld from nonaffiliated third parties?
|
80 | 20 |
b. Do your vendors also share this responsibility with you? |
68 | 32 |
9. Does your company have a comprehensive security plan for the
protection of customer data?
|
83 | 17 |
2. If your company does not currently have a privacy policy does
your company plan on instituting a privacy policy with 6-12 months? |
41 | 33 |
10. How many of your company's business lines now collect customer financial information? |
| |
a. None |
14 | |
b. 1 to 5 |
30 | |
c. 6 to 10 |
10 | |
d. more than 10 |
16 | |
e. don't know |
30 | |
11. Which best describes your company's primary industry? |
| |
a. Asset Management |
44 | |
b. Banking |
9 | |
c. Insurance |
6 | |
d. Securities |
8 | |
e. Other |
21 | |
 
Stay ahead of the news ... Sign up for our email alerts now
CLICK HERE