By using Bank of America's online banking services, you consent to the bank monitoring, recording, and reviewing electronic communications transmitted through or related to the platform for security, compliance, and fraud prevention purposes.
This analysis describes what Bank of America's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Communications you send through online banking — including secure messages and transaction notes — may be reviewed by the bank, and this consent is a condition of using the service.
Interpretive note: The precise scope of monitoring disclosed in the agreement could not be verified from the encrypted PDF source; the general nature of this provision is inferred from standard Bank of America agreement terms and publicly available versions.
Consumers' electronic interactions with the bank's platform, including messages sent through the secure messaging system, are subject to monitoring and review, which consumers consent to as a condition of accessing the service.
How other platforms handle this
We and our service providers and other vendors may record, monitor, and retain emails, chats, calls, and texts. By communicating with us, you consent to this recording, monitoring, and retention. We may use chatbot technology and other automated methods of communication.
Mistral AI is authorized to process the Personal Data as Controller for the purposes of: Automated moderation, including abuse monitoring on our APIs (except, in this last case, when zero data retention has been activated), to enforce the Agreement.
You acknowledge and agree that Scale reserves the right to, and may from time to time, monitor any and all information transmitted or received through the Site for operational or other purposes. If at any time Scale chooses to monitor the content, Scale still assumes no responsibility or liability f...
Monitoring
Bank of America has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
REGULATORY LANDSCAPE: Electronic communications monitoring in banking contexts engages the Electronic Communications Privacy Act (ECPA) and the stored communications provisions of 18 U.S.C. Chapter 121. Consumer consent, as asserted in this agreement, is the primary exception under ECPA that permits a service provider to access communications transmitted through its own system. The GLBA also governs how financial institutions may use and share customer information collected through electronic interactions, including communications content. The FTC's Section 5 authority applies to deceptive practices regarding the scope of monitoring disclosed to consumers. GOVERNANCE EXPOSURE: Medium. Monitoring of electronic communications for security and compliance purposes is standard practice in banking and is generally legally permissible under the service provider exception to ECPA and through consumer consent. The governance exposure relates primarily to ensuring the scope of monitoring is accurately disclosed and that data collected through monitoring is handled consistently with GLBA privacy requirements. JURISDICTION FLAGS: California's Invasion of Privacy Act imposes additional requirements for electronic monitoring consent that may be more stringent than federal baseline requirements. Compliance teams serving California customers should confirm that the consent mechanism satisfies California-specific standards. Illinois and other states with electronic privacy statutes may create additional compliance considerations. CONTRACT AND VENDOR IMPLICATIONS: Third-party vendors or partners who access Bank of America's platform on behalf of business customers should be made aware that communications through the platform may be monitored, and vendor contracts should address how monitoring-derived data may be used or shared. COMPLIANCE CONSIDERATIONS: The bank's privacy notice under GLBA should be reviewed to confirm it accurately describes the categories of information collected through electronic communications monitoring and how that information is used or shared. Data retention policies for monitored communications should be audited to ensure consistency with applicable record retention requirements and privacy commitments.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
We read the privacy policies and terms of service of 38 AI platforms. Here is what they say about training, retention, arbitration, and liability.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Communications you send through online banking — including secure messages and transaction notes — may be reviewed by the bank, and this consent is a condition of using the service.
Consumers' electronic interactions with the bank's platform, including messages sent through the secure messaging system, are subject to monitoring and review, which consumers consent to as a condition of accessing the service.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Bank of America.