N.Y. Uniform Commercial Code 9-104 – Control of Deposit Account
Section 9–104. Control of Deposit Account.
(a) Requirements for control. A secured party has control of a deposit account if:
(1) the secured party is the bank with which the deposit account
is maintained;
(2) the debtor, secured party, and bank have agreed in an
authenticated record that the bank will comply with
instructions originated by the secured party directing
disposition of the funds in the deposit account without
further consent by the debtor;
(3) the secured party becomes the bank's customer with respect to
the deposit account;
(4) the name on the deposit account is the name of the secured
party or indicates that the secured party has a security
interest in the deposit account; or
(5) another person has control of the deposit account on behalf
of the secured party or, having previously acquired control
of the deposit account, acknowledges that it has control on
behalf of the secured party.
(b) Debtor's right to direct disposition. A secured party that has satisfied subsection (a) has control, even if the debtor retains the right to direct the disposition of funds from the deposit account.
(c) No implied duties of bank. The authentication of a record by the bank under subsection (a)(2) does not impose upon the bank any duty not expressly agreed to by the bank in the record. The naming of the deposit account in the name of the secured party or with an indication that the secured party has a security interest in the deposit account under subsection (a)(4) does not impose upon the bank any duty not expressly agreed to by the bank.
(d) Conditions not relevant. A secured party has control under subsection (a)(2) even if any duty of the bank to comply with instructions originated by the secured party directing disposition of the funds in the deposit account is subject to any condition or conditions (other than further consent by the debtor).
(e) No inferences. The procedures and requirements of subsection (a)(4) available to obtain control shall not be used in interpreting the sufficiency of a secured party's compliance with the procedures and requirements of subsection (a)(1), (a)(2) or (a)(3) to obtain control. The provisions of subsection (a)(4) shall create no inference regarding the requirements for compliance with subsection (a)(1), (a)(2) or (a)(3).