Bank of America shares your financial information — including account balances, transaction history, and credit data — with companies it owns or controls for standard banking operations, and you cannot opt out of this sharing.
This analysis describes what Bank of America's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes the scope of internal data sharing across the Bank of America corporate group for operational functions. The non-restrictable nature of this sharing means consumers cannot opt out of affiliate access for these specified business functions.
Your Social Security number, account balances, payment history, and credit information are shared across the Bank of America corporate family for business operations, and there is no opt-out right for this category of sharing under the notice's stated terms.
Cross-platform context
See how other platforms handle Sharing with Affiliates for Everyday Business Purposes and similar clauses.
Compare across platforms →Monitoring
Bank of America has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Reasons we can share your personal information: For our everyday business purposes — such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus. Does Bank of America share? Yes. Can you limit this sharing? No.— Excerpt from Bank of America's Bank of America Privacy Notice
REGULATORY LANDSCAPE: This provision reflects the GLBA Regulation P framework (12 CFR Part 1016), which permits sharing for everyday business purposes within a financial institution's corporate family without requiring an opt-out. The CFPB is the primary enforcement authority. GLBA preempts many state laws on this point, but California's CFIPA may impose additional restrictions on intra-affiliate sharing of certain information types, and compliance teams should evaluate whether CFIPA carve-outs apply. GOVERNANCE EXPOSURE: Medium. While this sharing is GLBA-compliant as stated, the breadth of data covered (SSNs, transaction history, credit history, account balances) creates operational risk if data minimization practices are not documented. Regulators have scrutinized overly broad intra-affiliate data flows under both GLBA and unfair/deceptive practice standards. JURISDICTION FLAGS: California residents face heightened exposure under CFIPA, which may impose opt-in or opt-out requirements for certain categories of financial information shared with affiliates beyond what GLBA requires. Legal teams should confirm whether the bank's California-specific notice addresses this distinction. CONTRACT AND VENDOR IMPLICATIONS: Intra-affiliate data sharing agreements should be reviewed to confirm they are limited to the purposes described in this notice. Any affiliate using shared data for purposes beyond everyday business operations would need separate legal basis and disclosure. COMPLIANCE CONSIDERATIONS: Compliance teams should maintain a current inventory of affiliated entities receiving this data, document the specific purposes for each data type shared, and confirm that data retention and access controls align with Regulation P and applicable state law requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes the scope of internal data sharing across the Bank of America corporate group for operational functions. The non-restrictable nature of this sharing means consumers cannot opt out of affiliate access for these specified business functions.
Your Social Security number, account balances, payment history, and credit information are shared across the Bank of America corporate family for business operations, and there is no opt-out right for this category of sharing under the notice's stated terms.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Bank of America.