[Code of Federal Regulations] [Title 32, Volume 2, Parts 191 to 399] [Revised as of July 1, 1998] From the U.S. Government Printing Office via GPO Access [CITE: 32CFR275.8] [Page 604] TITLE 32--NATIONAL DEFENSE (CONTINUED) PART 275--OBTAINING INFORMATION FROM FINANCIAL INSTITUTIONS: RIGHTS TO FINANCIAL PRIVACY ACT OF 1978--Table of Contents Sec. 275.8 Procedures for obtaining customer's consent. (a) A DoD law enforcement office or personnel security element seeking access to a person's financial records shall, when feasible, obtain the customer's consent. (b) Any consent obtained under Sec. 275.8(a) shall: (1) Be in writing, signed, and dated. (2) Identify the particular financial records that are being disclosed. (3) State that the customer may revoke the consent at any time before disclosure. (4) Specify the purpose for disclosure and to which agency the records may be disclosed. (5) Authorize the disclosure for a period not in excess of 3 months. (6) Contain a Privacy Act advisory statement required by part 286a of this title for a personnel security investigation. (7) Contain a ``Statement of Customer Rights Under the Right to Financial Privacy Act of 1978'' (enclosure 2). (c) Any customer's consent not containing all of the elements listed in Sec. 275.8(b), shall be void. A customer consent form, in a format set forth in enclosure 2, shall be used for this purpose. (d) A copy of the customer's consent shall be made a part of the law enforcement inquiry or personnel security investigation file. (e) A certification of compliance with 12 U.S.C. 3401 et seq., in writing (enclosure 4), along with the customer's consent, shall be provided to the financial institution as a prerequisite to obtaining access to financial records. (f) The annual reporting requirements of Sec. 275.14 shall apply to any request for access under Sec. 275.8(a). [45 FR 17576, Mar. 19, 1980. Redesignated and amended at 56 FR 57984, Nov. 15, 1991]