Way back in June 2012 on the Strongmail blog, Deliverablity Strategist Sean Wirt shared a tale wherein he was email appended in to mailings from a credit union somewhere in the US.
What we seem to have here is a financial institution guessing at somebody's email address and adding them to a mailing list or notification process without his explicit consent. What if they started sending him overdraft notifications? They'd be providing the consumer's personal information and data to the wrong person, an unrelated third party.
That's pretty scary.
Sean says the moral of the story is, "Don't append!" I couldn't agree more.