Ezel / AG Opinions / NC
NC NC AG Advisory Opinion (1989-03-06) 1989-03-06

When someone opens a bank account in a fake name and uses it to write worthless checks against the bank, does the bank become enough of a 'victim' that police can bypass the Financial Privacy Act's notice and subpoena rules to get at the records?

Short answer: No. The 1989 AG concluded that the person who actually opened the account and transacted business with the bank is a 'customer' under N.C.G.S. § 53B-2(1) even if the name on the account was fictitious; the notice rules of the Financial Privacy Act still apply, and the bank-as-victim status does not waive the Act. Law enforcement must follow Chapter 53B's notice and subpoena procedures. Substantial civil penalties apply under § 53B-10 to government authorities and to financial institutions that disclose records outside the Act. The only relief is that a person whose name was used without consent or knowledge, and who never transacted business through the account, is not a 'customer' and not entitled to the notice; the impersonator-customer who did transact business retains the notice right.
Currency note: this opinion is from 1989
Subsequent statutory amendments, court decisions, or later AG opinions may have changed the analysis. Treat this page as historical context, not current legal advice. Verify current law before relying on any specific rule, deadline, or remedy mentioned here.
Disclaimer: This is an official North Carolina Attorney General advisory opinion. AG opinions are persuasive authority but not binding precedent like a court ruling. This summary is for informational purposes only and is not legal advice. Consult a licensed North Carolina attorney for advice on your specific situation.
About this page: The plain-English summary, reader guidance, and Q&A below were written by Ezel based on the official AG opinion. The original opinion (linked at the bottom of this page) is the authoritative source for any reliance.

Plain-English summary

The Public Safety Attorney for the City of Winston-Salem asked the AG a recurring fraud-investigation problem. Banks were getting hit with worthless checks drawn on accounts opened in someone else's name or in a flat-out fictitious name. The bank then wanted law enforcement to move fast on the records, sometimes faster than the Financial Privacy Act (Chapter 53B) procedures allowed. The bank's pitch was that because the bank was itself the victim, the Act's customer-notice and subpoena rules should not apply.

The 1989 AG rejected that pitch.

The Act says what it says. G.S. § 53B-3 declares "that financial records should be treated as confidential and that no financial institution may provide to any government authority and no government authority may have access to any financial records except in accordance with provisions of this Chapter." There are no exceptions. Any agency or institution that gets or gives access otherwise is subject to substantial penalties under § 53B-10. The Act provides the exclusive route.

Who counts as a "customer." G.S. § 53B-2(1) defines a customer as "a person who has transacted business with a financial institution or has used the services offered by a financial institution." The AG split the analysis based on who was actually transacting:

  • A person whose name was used without his knowledge or consent, who never transacted business through the account, and who never used the institution's services in connection with that account: NOT a customer. No notice owed to him.
  • A person who actually opened the account (even in a fictitious name or someone else's name) and wrote checks on it that the bank processed: IS a customer. He transacted business and used the institution's services, just with a phony label on the account. He gets the notice protection.

This is consistent with the Uniform Commercial Code's customer definitions at G.S. § 25-4-104(a) and (e), which the AG cited.

The notice procedure applies to the impersonator-customer. G.S. § 53B-5(3) and § 53B-6 require notice to every customer whose records are being sought through a court order or administrative or judicial subpoena authorized by § 53B-4(11). The Act includes no exception for fictitious-name customers. So even when the criminal investigation is targeting the very person who opened the fake-name account, that person must be given Chapter 53B notice before the records can be accessed.

Victim status does not unlock the records. The fact that the financial institution is a victim or has suffered a loss does not waive the Act. G.S. § 53B-4 lists the access methods (search warrant, subpoena, the standard tools), and there is no express exception for cases where the institution is the victim, nor anything from which such an exception can be inferred. The Act is the exclusive route.

Limited exception for the bank's own initiative. G.S. § 53B-8 permits institutions to give notices and make disclosures within its terms. The AG noted that institutions can use § 53B-8 in the appropriate cases. But § 53B-8 is the only safety valve, and it does not let law enforcement bypass the customer-notice rules.

Penalties are real. G.S. § 53B-10 imposes substantial penalties on both government authorities and financial institutions that obtain or disclose records in violation of the Act. The AG strongly recommended that government authorities seeking records in a bank-as-victim case follow the same Chapter 53B procedures they would in any other investigation, regardless of how cooperative the bank may be.

Currency note

This opinion was issued in 1989. Subsequent statutory amendments, court decisions, or later AG opinions may have changed the analysis. Treat this page as historical context, not current legal advice. Verify current law before relying on any specific rule, deadline, or remedy mentioned here. Chapter 53B has been amended since 1989, including additions for emergency disclosure, alignment with the federal Gramm-Leach-Bliley Act's privacy notice regime, and updates to the procedures for law enforcement requests. Anyone handling a current bank-records investigation should consult current Chapter 53B and current bank-compliance guidance.

Historical context: what the AG concluded

The opinion belongs to a 1980s wave of state financial-privacy statutes that were modeled in part on the federal Right to Financial Privacy Act of 1978. North Carolina's Chapter 53B set up an exclusive route for government access to bank records, with customer notice as the central protection. Banks and police, having dealt for years with informal "tell me what you've got" record-sharing, sometimes pushed back when the Act got in the way of fast fraud response. The bank-as-victim argument was the most common workaround attempt.

The AG's response is structural. The Act is exclusive. The Legislature considered when to permit access and wrote the answer into § 53B-4. The Legislature considered when notice is owed and wrote that into § 53B-5 and § 53B-6. The Legislature considered when institutions can make voluntary disclosures and wrote that into § 53B-8. The absence of a victim exception is not an oversight; it is a design choice. Privacy of bank records is too easy to erode if "the bank is the victim" becomes a workaround.

The customer-definition analysis is precise and avoids over-broadening the protection. The Act protects people who actually transacted business with the institution; it does not protect names. If someone steals a name to open an account, that name's true owner has no Chapter 53B claim on records that have nothing to do with him. The protection runs with the conduct of being a customer, not with the label on the account.

The result for law enforcement was disciplined investigative practice: even in a clear bank-as-victim case, do the subpoena, do the notice, document compliance. The penalties for cutting corners (under § 53B-10) were not theoretical.

Common questions

Who is a "customer" under Chapter 53B?

A person who has transacted business with or used the services of a financial institution. The AG read this functionally: if you opened the account, wrote the checks, and the bank processed them, you transacted business, even if the name on the account was not yours.

Does the person whose name was stolen become a customer?

Not unless that person actually transacted business with the bank through the account. If the impersonator did all the activity and the name's true owner never did anything with that account, the true owner is not a customer and is not entitled to Chapter 53B notice on those records.

Can law enforcement get the records faster because the bank is the victim?

No. The Act provides no victim exception. The standard subpoena and notice procedures still apply. The bank may itself volunteer notice under § 53B-8 in appropriate cases, but that route is narrow.

What happens if law enforcement gets the records outside the Act?

G.S. § 53B-10 imposes substantial penalties on both the government authority and the institution that disclosed. The AG specifically warned against shortcutting in bank-as-victim cases.

Does this apply only to checks?

The opinion arose from worthless-check cases, but the Act applies to any "financial records" within Chapter 53B's scope. Anyone seeking bank account records of any kind should check current Chapter 53B for current scope.

Can the bank tell law enforcement that an account was opened in a fake name?

Section 53B-8 controls voluntary disclosure by institutions. The opinion did not parse § 53B-8 in detail. Banks weighing whether to make a § 53B-8 disclosure should consult current Chapter 53B and bank-compliance counsel.

Background and statutory framework

The Financial Privacy Act. G.S. Chapter 53B. G.S. § 53B-3 (exclusive access route, no exceptions). G.S. § 53B-4 (permitted access methods, including § 53B-4(11) subpoena authority). G.S. § 53B-5(3) and G.S. § 53B-6 (customer notice procedure). G.S. § 53B-8 (institution's voluntary disclosure authority). G.S. § 53B-10 (penalties for unauthorized access or disclosure).

Customer definition. G.S. § 53B-2(1). Read in pari materia with the UCC customer definitions at G.S. § 25-4-104(a) and (e).

Citations

  • G.S. Chapter 53B
  • G.S. § 53B-2, G.S. § 53B-2(1)
  • G.S. § 53B-3
  • G.S. § 53B-4, G.S. § 53B-4(11)
  • G.S. § 53B-5(3), G.S. § 53B-6
  • G.S. § 53B-8
  • G.S. § 53B-10
  • G.S. § 25-4-104(a), G.S. § 25-4-104(e)

Source

Original opinion text

Requested By: Mary Claire McNaught, Public Safety Attorney, City of Winston-Salem

Questions:

(1) Is a person who has opened an account at a financial institution in a fictitious name or the name of another person a "customer" within the meaning of the Financial Privacy Act?

(2) Must the notice procedures of the Act be followed when there is strong reason to believe that the account in question has been opened in a false or fictitious name?

(3) Do the provisions of the Act apply when worthless checks are issued on an account opened in a false or fictitious name and result in a loss to the financial institution in which the account was opened?

Conclusions:

(1) Yes. The customer is the person who opened the account.

(2) Yes.

(3) Yes.

Financial institutions have incurred losses when worthless checks were written on accounts opened in a fictitious name or in the name of someone other than the person who actually opened the account. Institutions desiring expeditious law enforcement action in such situations have sometimes seen the Financial Privacy Act (the Act) as an obstruction to such action. Questions have arisen between the financial institutions and a law enforcement agency as to the status under the Act of the person who opened the account and whether his account transactions waived the provisions of the Act as to him.

The Act is codified as General Statutes Chapter 53B. The public policy statement appearing in G.S. § 53B-3 declares "that financial records should be treated as confidential and that no financial institution may provide to any government authority and no government authority may have access to any financial records except in accordance with provisions of this Chapter." There are no exceptions to this policy. Any agency or institution which gains or provides access to records except in conformity with the Act is subject to the substantial penalties provided for in G.S. § 53B-10.

The term "customer" is defined in G.S. § 53B-2(1) as "a person who has transacted business with a financial institution or has used the services offered by a financial institution." It is our opinion that a person whose name has been used without his knowledge or consent in opening an account for unlawful purposes, who has transacted no business through the account, and who has not used the services of the financial institution in connection with the account is not a customer of the institution within the meaning of the Act. On the other hand, a person who has opened an account at a financial institution, albeit in a fictitious name or the name of another person, and has written checks on the account which have been processed by the institution is a customer within the meaning of the Act because he has transacted business with the institution and has used its services. This interpretation is consistent with the definitions appearing in the Uniform Commercial Code at G.S. § 25-4-104(a) and (e).

The notice specified in G.S. § 53B-5(3) must be served pursuant to the provisions of that statute or of G.S. § 53B-6 on every customer to whose financial records access is sought by an agency or department of the State or any of its political subdivisions through a court order or administrative or judicial subpoena authorized under G.S. § 53B-4(11). The Act creates no exception for a customer who has opened an account in a false or fictitious name. We conclude, therefore, that such a customer must be given notice in the form and manner and under the circumstances required by the Act before a government authority can obtain access to his financial records.

The fact that a financial institution is the victim of a crime or sustains a loss through an account held in a false or fictitious name by one of its customers does not waive the provisions of the Act. As has been noted previously, the Act provides the exclusive means by which a financial institution may give a government authority access to a customer's financial records or by which a government authority may obtain access to such records. G.S. § 53B-3. The means provided in G.S. § 53B-4 include time-honored methods, such as the search warrant and subpoena, for obtaining evidence in an investigation. There is no express exception in the Act permitting use of other methods when the victim of an illegal act is a financial institution, and we have found nothing in the Act from which such an exception can be inferred. An institution, of course, may give the notice and make the disclosures permitted by G.S. § 53B-8.

Government authorities and financial institutions are subject to substantial penalties under G.S. § 53B-10 for obtaining or disclosing records or information in violation of the Act. Since we have found no exception, express or implied, in the Act and no appellate court decisions sanctioning such an exception, we strongly recommend that a government authority seeking financial records or information in an investigation involving a financial institution as a victim of the illegal acts of one of its customers follow the same procedures under the Act as it would in any other investigation.

Lacy H. Thornburg, Attorney General

Henry T. Rosser, Special Deputy Attorney General