72-31-415. Custodian compliance and immunity. (1) Not later than 60 days after receipt of the information required under 72-31-406 through 72-31-414, a custodian shall comply with a request under this part from a fiduciary or designated recipient to disclose digital assets or terminate an account. If the custodian fails to comply, the fiduciary or designated recipient may apply to the court for an order directing compliance.
(2) An order under subsection (1) directing compliance must contain a finding that compliance is not in violation of 18 U.S.C. 2702, as amended.
(3) A custodian may notify the user that a request for disclosure or to terminate an account was made under this part.
(4) A custodian may deny a request under this part from a fiduciary or designated recipient for disclosure of digital assets or to terminate an account if the custodian is aware of any lawful access to the account following the receipt of the fiduciary's request.
(5) This part does not limit a custodian's ability to obtain or require a fiduciary or designated recipient requesting disclosure or termination under this part to obtain a court order which:
(a) specifies that an account belongs to the protected person or principal;
(b) specifies that there is sufficient consent from the protected person or principal to support the requested disclosure; and
(c) contains a finding required by law other than this part.
(6) (a) Except as provided in subsection (6)(b), a custodian and its officers, employees, and agents are immune from liability for an act or omission done in good faith in compliance with this part.
(b) The immunity in subsection (6)(a) does not apply to actions against the state or a political subdivision of the state.