Chapter 20: Financial Records
Generally
Chapter structure
(1) Search Warrant
(2) Institution Is a Victim
(3) Crime Report Filed
(4) Financial Records Are Evidence
(5) Consent
“Financial records” defined: The term “financial records” means “any original or any copy of any record or document held by a financial institution pertaining to a customer of the financial institution.”[1]
Credit reports: The release of credit reports is governed by the Federal Fair Credit Reporting Act and the California Consumer Credit Reporting Agencies Act.[2] Both permit the release of credit information to officers by means of (1) consent by the credit holder, or (2) search warrant.[3]
Are financial records private?
California statute: The California Right to Financial Privacy Act (CRFPA) provides that financial records are private and may only be released as set forth in the CRFPA.[4]
Federal statute: The Federal Right to Financial Privacy Act restricts the release of customer records to law enforcement.[5]
Fourth Amendment: A customer’s financial records are not “private” under the Fourth Amendment if they belong to the financial institution and are in the institution’s possession.[6] Thus, these records cannot be suppressed on grounds they were obtained without legal process.[7] As a practical matter, however, financial institutions will usually require legal process unless the information is exempt (see “Exempt Information, below).
Exempt Information: The following information is exempt from the CRFPA, which means it may be released to officers upon request:
Information for family support: A California family support agency may request information that is necessary to enforce a family support order against a parent. Specifically, upon a written request, the institution may disclose the number of each account that has been opened by the parent, the current balances in the accounts, and the address of the branch where the account is located.[8]
Generic information: Information may be released if it is “not identified with, or identifiable as being derived from, the financial records of a particular customer.”[9]
Forms: The following forms may be viewed at www.le.alcoda.org. Click on “Forms.” To receive copies via email in Microsoft Word format (which can be edited), send a request from a departmental email address to CCI@acgov.org.
Search warrant: A warrant for the release of a customer’s financial records
Consent form: Customer release authorization.
Crime report filed: An officer’s certification and request for records
Search Warrant
: The most common method of obtaining financial records is by means of a search warrant.[10] Although the procedure for obtaining these warrants is similar to basic warrants, there are some differences.
Service on custodian of records: The warrant will usually be served on the institution’s custodian of records who will determine where the listed records are located, make copies, and mail or otherwise deliver them to the officers.[11] Officers can usually obtain the address of the custodian of records by phoning or emailing the institution.
To prevent disclosure: The CRFPA permits the institution to notify the customer that it has received a warrant for the release of his records.[12] The affiant may, however, apply for a “nondisclosure order” that prohibits the institution from making such a notification, at least until the conclusion of the investigation.[13] To obtain a nondisclosure order, the affiant must explain in the affidavit why the criminal investigation would be compromised by disclosure.[14] See this endnote for an example.[15]
Time restrictions
Ten days: Per the CRFPA, the financial institution must produce the records within ten days after the warrant was served.[16]
Formal extension: It is often impractical for the institution to furnish the records within ten days. In such cases, an extension may be obtained as follows:
Request by institution: The institution may make a written request to the court for an extension. If the court grants the request, it may authorize an extension “to whatever period of time is reasonably necessary.”[17]
Request by affiant: The affiant may include a request for an extension in the search warrant affidavit. See this endnote for an example of such a request.[18]
Informal extension: If officers do not need the records within ten days, they may informally agree to an extension. Although search warrants become void if they are not “served” within ten days after issuance, they are deemed “served” when they are delivered to the institution. Thus, it is immaterial that officers did not obtain the records within ten days after the warrant was issued. See Chapter 36 Executing Search Warrants (Time Restrictions).
Description of the records
Purpose of the description: A particular description of the records not only serves the customer’s privacy interests by preventing the disclosure of irrelevant records, it helps the financial institution determine what records it must produce. It also assists the investigators who, otherwise, might have to wade through boxes of unneeded records.
Exception: Businesses “permeated with fraud”: A warrant for all records may be issued if the company under investigation was “permeated with fraud.” Again, an “all records” warrant may result in considerable time and expense due to the volume of documents it may produce. See Chapter 33 Search Warrant Basics (Description of documents and computer files, “Permeated with fraud” rule).
How much particularity is required? Officers must furnish information in their possession that is reasonably necessary to i the needed records.[19]
Providing dates: Officers will usually want records pertaining to transactions that occurred during a certain period of time. If so, this should be specified in the request; e.g., “All deposit slips and account statements from July 4, 2022 through and including October 31, 2022.”
“Including, but not limited to …” To make sure they get everything they need, officers will sometimes preface their description with something like, “including, but not limited to.” In the abstract, this phrase is ambiguous because it does not provide any criteria for determining what other documents must be produced. Still, most judges permit it by interpreting the phrase to mean that the listed records are illustrative of the records that are seizable under the warrant. See Chapter 33 Search Warrant Basics (Description of the Evidence, “Wild cards”).
Using boilerplate: In the context of search warrants, “boilerplate” is consists of a list (usually lengthy) of records copied verbatim from other warrants or court orders. Although boilerplate will sometimes accurately describe the records for which probable cause exists, in most cases the list is overbroad. Consequently, officers who utilize boilerplate must carefully review the list to make sure that it includes only those records that are supported by probable cause. See Chapter 33 Search Warrant Basics (Description of the Evidence, Boilerplate).
Institution Is a Victim
: A financial institution may voluntarily furnish a customer’s records to officers if the institution reasonably believes that (1) it is the victim of the a crime, and (2) the information contained in the records will assist in the investigation of that crime.[20]
“Victim”: The following are examples of situations in which an institution is a victim:
Bad checks: In bad check cases, the institution is a victim, even if it suffered no loss.[21]
Account holder has motive to disclaim: The suspect would have had a motive to deny knowledge of the transaction in question.[22]
Disclosure not required: If the institution is the victim, it need not notify the customer that it has disclosed the records to officers.[23]
Crime Report Filed
: An institution must release certain account information if an officer certifies in writing that a crime report has been filed in which it was alleged that the institution’s drafts, checks, or other orders are being used fraudulently.[24]
Purpose: Judging from the type of information that may be released (see below), it appears the purpose of this exception is to provide officers with a mechanism for obtaining information in bad check cases although, as noted, officers can obtain the same information via the “bank as victim” and “records are evidence” provisions.[25] Still, this exception may be helpful in routine bad check cases because it creates a streamlined procedure for obtaining the needed records.[26]
Notification to customer: When a crime report has been filed, the bank is not required to notify the customer it has disclosed the information to officers.[27]
Limitation: Information may be released if it pertained to transactions that occurred 30 days before and after the date of the “alleged illegal act involving the account.”[28]
Information that must be released: The institution must furnish the following information:
> The number of items dishonored
> The number of items paid which created overdrafts
> The amount of dishonored items and items paid which created overdrafts and a statement explaining any credit arrangement between the bank and customer to pay overdrafts
> The dates and amounts of deposits and debits, and account balances on these dates
> A copy of the signature and any addresses on a customer’s signature card
> The date the account opened and, if applicable, the date it was closed
> Surveillance photographs and video recordings of persons accessing the crime victim’s financial account via an ATM or from within the financial institution on the dates on which illegal acts involving the account were alleged to have occurred[29]
Financial Records Are Evidence
: The CRFPA permits financial institutions to voluntarily provide investigators with a customer’s records if it reasonably believes the records are evidence of a crime, regardless of whether the institution is a potential victim.[30]
Consent
: An account holder may authorize the institution to release information to officers.
Requirements: Such authorization must be in the following form:[31]
(1) Writing: The authorization must be in writing.
(2) Signed and dated: The authorization must be signed and dated.
(3) Law enforcement agency identified: The authorization must specify the law enforcement agency whose officers are to receive the records.
(4) Records described: The records must be particularly described. See “Search warrant” (Describing the records), above.
(5) Time window: The authorization must specify whether the records are limited to transactions that occurred over a certain time period.
(6) Right to revoke: The authorization must give the account holder notice that he has the right to revoke the authorization at any time.
Notice to customer: Within 30 days of obtaining records from the institution, officers must notify the customer in writing of what records they received. If, however, officers believe that such notice would impede their investigation, they may seek an extension.[32]
Notes
[1] QUOTE FROM: Gov. Code§
7465(a). NOTE re credit card records: Re the
confidentiality of credit card company account records, see
P v. Blair (1979) 25 C3 640, 652; P v.
Nosler (1984) 151 CA3 125, 131.
[2] CAL: Civ. Code§ 1785.1
et seq. OTHER: 15 USC§ 1681 et seq.
[3] CAL: Civ. Code§§
1785.11(a)(1)-(2). OTHER: 15 USC§§ 1681b(1)-(2).
[4] CAL: Gov. Code§ 7460
et seq.
[5] OTHER: 12 USC 3401 et seq.
[6] USSC: Carpenter v. US (2018)
__ US __ [138 S.Ct. 2206, 2220] [“We do not call into
question… conventional surveillance techniques and tools,
such as security cameras. Nor do we address other business records
that might incidentally reveal location information.”]. OTHER:
US v. Gratkowski (5C 2020) 964 F3 307, 312 [Carpenter
did not create a reasonable privacy interest in a customer’s bank
records because this information “does not provide agents with an
intimate window into a person’s life,” but merely provides
“information about a person’s virtual currency transactions”].
ALSO SEE: Guest v. Leis (6C 2001) 255 F3 325, 336
[“A bank customer does not have a legitimate expectation of
privacy in the information that he or she has conveyed to the
bank; by placing the information under the control of a third
party, the customer assumes the risk that the bank will convey the
information to the government.”].
[7] CAL: P v.
Huston (1989) 210 CA3 192, 222; P v.
Meyer (1986) 183 CA3 1150, 1163.
[8] CAL: Gov. Code§ 7480(j).
[9] QUOTE FROM: Gov. Code§
7480(a).
[10] CAL: Gov. Code§ 7475.
[11] NOTE: Although the Penal Code
contains no express authority by which a warrant may be served on
the custodian of records, there is comparable authority permitting
service of a subpoena duces tecum on the custodian. See Ev. Code
§ 1560(b).
[12] CAL: Gov. Code§ 7475.
[13] CAL: Gov. Code§ 7475.
[14] CAL: Gov. Code§ 7475
[nondisclosure order financial institutions is permitted “upon a
finding that such notice would impede the investigation”].
OTHER: 12 USC§ 3409 [financial records].
[15] NOTE: The following is an example
of language that may be used to seek and obtain a nondisclosure
order:
Request for Nondisclosure Order: The evidence to be seized
pursuant to this warrant includes financial records in the
possession of [name of financial institution] pertaining to [name
of suspect] who, as explained earlier, is a customer of said
financial institution. Also as explained earlier, said records
constitute evidence in an ongoing criminal investigation. Affiant
is aware that under California law the customer may be notified by
the institution that this warrant has been executed. Based on my
training and experience, I believe there is probable cause that
such notification would impede this criminal investigation by
alerting [name of suspect] of the progress and focus of this
investigation. Therefore, I request an order directing the
institution not to disclose to any person any information
regarding the existence or execution of this warrant.
Nondisclosure Order: Having determined there is probable
cause to believe that disclosure of the existence or execution of
this warrant would impede a criminal investigation, it is ordered
that, pending further order of this court, the [name of
institution] on whom this warrant is served, and its officers,
employees, and agents shall not disclose to any person any
information regarding the existence or execution of this warrant.
[16] CAL: Gov. Code§ 7475.
[17] CAL: Gov. Code§ 7475.
[18] NOTE: The affidavit and the search
warrant should contain the following:
Affidavit: The affidavit should contain a brief explanation
of why an extension is necessary; e.g., I have been informed by
[name of institution official] of [name of institution] that
because of the number and nature of the records to be seized the
listed records cannot reasonably be produced within the ten days
required pursuant to Government Code§ 7475. I therefore
request an order extending the compliance date of this search
warrant to [date records are to be produced].
Warrant: The warrant should contain the court’s order
granting the extension; e.g., Good cause appearing in the
affidavit in support of this warrant that the listed records
cannot reasonably be made available within ten days after the
warrant is served, the records may be produced on or before
[insert compliance date].
[19] CAL: Gov. Code§ 7470;
P v. Rogers (1986) 187 CA3 1001, 1007 [“it is more
accurate to say that the warrant must be sufficiently definite so
that the officer executing it can identify the property sought
with reasonable certainty”]. OTHER: US v.
Leary (10C 1988) 846 F2 592, 600, fn.12 [“The common theme
of all descriptions of the particularity standard is that the
warrant must allow the executing officer to distinguish between
items that may and may not be seized.”].
[20] CAL: Gov. Code§
7470(d); P v. Nece (1984) 160 CA3 285, 290 [“The
criterion for the institution’s decision, should it be inclined to
make same, is that it believe itself to be a victim of a crime.”];
P v. Blair (1979) 25 C3 640, 652 [“We recognized [in
Burrows v. Superior Court (1974) 13 C3 238,
245] that if the bank is not neutral in the matter as for example,
where it is itself a victim of the depositor’s alleged
wrongdoing—the accused’s right of privacy will not prevail.”];
P v. Nosler (1984) 151 CA3 125, 132 [“the bank had a
vested interest in the court of the criminal investigation”];
P v. Hole (1983) 139 CA3 431, 438 [“The so-called
‘bank as victim’ exception was recognized by the Supreme Court in
Burrows“]. OTHER: State v.
Parker (La. App. 1996) 661 S2 603,609 [no violation of
California’s RFPA because “defendant had filed numerous fraudulent
credit card applications and had defrauded American Express of
more than $34,000.”]. NOTE: The purpose of this statute is
“to allow the disclosure of normally private information to the
police, by a financial institution, when the latter has a genuine
reason to suspect that a crime has or is being committed, and/or
that it may suffer as a victim thereof.” P v.
Nece (1984) 160 CA3 285, 291-92; P v.
Nosler (1984) 151 CA3 125, 132 [bank may disclose only
“relevant financial records.”].
[21] CAL: Pen. Code§§ 476a, 484e;
Com. Code§§ 4301, 4302; P v. Nosler (1984) 151
CA3 125, 131 [“Typically, in the criminal cases that have
concluded the bank is a victim, the defendant is charged with
passing bad checks.”]; P v. Johnson (1975) 53 CA3
394, 396-97 [“In utilizing a check drawn on a closed account in
that bank, defendant attempted to defraud the bank and placed it
in a position of potential liability for the amount of the check.
[Thus] the bank was at liberty to disclose that information in
response to the informal request of law enforcement officers.”];
P v. Hole (1983) 139 CA3 431, 438 [“Where a
defendant attempts to pass a check in violation of Pen. Code§
476a, the drawee bank is a ‘victim of the crime’ regardless of
whether or not it has suffered financial loss.”]. ALSO SEE: P v. Nosler (1984) 151 CA3 125, 131 [Bank
of America was a “victim” of a crime because the defendant, who
used his bank credit card to buy an instrumentality of the crime,
would be able to maintain his innocence only if he denied making
the charge, thereby making the bank a potential victim].
NOTE: In two cases decided before the RFPA was enacted,
P v. Johnson (1975) 53 CA3 394, 396-97 and
P v. Superior Court (Abrahms) (1976) 55 CA3 759, 772
the courts ruled that when a customer writes bad checks on his
account, his bank is not “neutral” and, therefore, does not
violate Burrows when it furnishes officers with information
about his account. This is mainly because the bank is potentially
liable if it honors the check].
[22] CAL: P v.
Nosler (1984) 151 CA3 125, 131 [“the disputed credit card
charge directly implicates Owens in the theft and his innocence
can only be maintained if he disaffirms making the charge”].
[23] CAL: P v.
Muchmore (1979) 92 CA3 32, 36 [“There is no need under such
circumstances to notify the customer in advance; any objections he
might have to disclosure are secondary to the interests of
society.”].
[24] CAL: Gov. Code§
7480(b).
[25] NOTE: It appears the purpose of
this section was to create an exception to language in Gov.
Code§ 7471(c) that seemed to make it unlawful for officers to
initiate contact with a suspect’s financial institution; i.e., the
institution must have initiated contact. In 1984, however, the
court in P v. Nece (1984) 160 CA3 285, 292 ruled
that the language in Gov. Code§ 7471(c) “deserves an
interpretation much less strict than advanced by appellant,” and
ruled that this requirement is satisfied so long as the
police-initiated contact was, as here, not “random” or
“unwarranted.”
[26] CAL: P v.
Muchmore (1979) 92 CA3 32, 35 [“Here the police sent a form
letter to Bank which says the signatory certifies “a crime report
has been filed alleging the fraudulent use of checks drawn upon
your back against the account of [defendant].”].
[27] CAL: P v.
Muchmore (1979) 92 CA3 32, 36.
[28] CAL: Gov. Code§
7480(b).
[29] CAL: Gov. Code§
7480(b).
[30] CAL: Gov. Code§
7471(b); P v. Nece (1984) 160 CA3 285, 291 [the
relevant RFPA provisions “are intended to allow the disclosure of
normally private information to the police, by a financial
institution, when the latter has a genuine reason to suspect that
a crime has or is being committed, and/or that it may suffer as a
victim thereof.”]. NOTE: Although this section contains
language that could be construed as requiring that the institution
initiate contact with officers, “a contextual reading of same
belies said construction.” Furthermore, such a construction “would
have the effect of honoring form over substance.” P v.
Nece (1985) 160 CA3 285, 292.
[31] CAL: Gov. Code§ 7470,
7473.
[32] CAL: Gov. Code§
7473(d); P v. Meyer (1986) 183 CA3 1150, 1163.