Maintaining client confidentiality is of the utmost importance
to the Bank and is the foundation of establishing trust with our
clients. All records and documents concerning the business and
affairs of First Republic represent confidential or proprietary
In addition to complying with all applicable privacy-related
laws and regulations, our policy is to disclose client
sell client information and have implemented significant,
layered physical and electronic security controls to prevent
unauthorized access to client information. We also limit
employee access to client information to those with a need to
As a company headquartered in California, we are fully compliant
with the California Consumer Privacy Act (CCPA).
On a regular basis, we work with third-party firms to perform
security testing of our systems and audit our security controls.
We also conduct vendor security due diligence to determine the
adequacy of our service providers' security programs through a
review of audits, summaries of test results and other
evaluations. Our vendors must also comply with our Code of
Ethics and Corporate Conduct, which requires keeping client
information confidential. We also monitor financial
transactions, social media and the dark web to identify and
prevent fraud and to protect the Bank, clients and key vendors
from compromise. Regular disaster recovery and crisis management
exercises help ensure continued banking operations.