Regulation LL, also known as the “Customer Account Information Preservation (CAIP) Rule,” is a regulation issued by the Federal Reserve Board in the United States. It requires financial institutions to preserve records of customer account information, including all electronic communications, for a period of three years. The regulation was put in place to help law enforcement agencies investigate and prosecute financial crimes, such as money laundering and terrorist financing. The regulation applies to all financial institutions that are supervised by the Federal Reserve, including banks, thrifts, and credit unions.
Regulation LL applies to all financial institutions that are supervised by the Federal Reserve, including banks, thrifts, and credit unions. It applies to all records, including both physical and electronic records, that relate to the opening or maintaining of customer accounts. The regulation applies to all forms of customer accounts, including deposit accounts, loan accounts, and trust accounts, as well as all types of electronic communications, including emails, instant messages, and text messages.
The regulation applies to all records that financial institutions create, receive, or maintain in the normal course of business, regardless of the medium in which they are stored, including paper records, electronic records, and records stored with third-party service providers.
The regulation applies to the customer account information preservation of all the financial institutions covered by the regulation, regardless of the size of the institution or the type of business it conducts.
It’s important to note that the regulation does not require financial institutions to retain any additional information beyond what they already maintain in the normal course of business, it only requires them to preserve certain types of information for a specific period of time.
Regulation LL includes several provisions that financial institutions must follow in order to comply with the rule. Some of the main provisions include:
- Preservation of customer account information: Financial institutions must preserve all records of customer account information, including electronic communications, for a period of three years.
- Preservation of electronic communications: Financial institutions must preserve all electronic communications, such as emails and instant messages, that relate to the opening or maintaining of customer accounts.
- Preservation of all versions of records: Financial institutions must preserve all versions of records, including drafts and deleted versions, in order to ensure that all relevant information is preserved.
- Preservation of information from third-party service providers: Financial institutions must ensure that any third-party service providers, such as cloud storage providers, that are used to store customer account information are in compliance with the regulation’s provisions.
- Access to preserved records: Financial institutions must provide law enforcement agencies with access to preserved records upon request, in order to assist in investigations into financial crimes.
- Implementation of preservation policies and procedures: Financial institutions must implement policies and procedures to ensure compliance with the regulation, including regular testing and monitoring of the institution’s preservation system.
- Training employees: Financial institutions must train their employees on the requirements of the regulation and their responsibilities in ensuring compliance.