Interagency Guidelines Establishing Information Security Standards, 37166-37167 [2014-15292]
Download as PDF
<![CDATA[
37166
Federal Register / Vol. 79, No. 126 / Tuesday, July 1, 2014 / Rules and Regulations
Signed in Washington, DC, on June 23,
2014.
Brandon C. Willis,
Manager, Federal Crop Insurance
Corporation.
[FR Doc. 2014–15074 Filed 6–30–14; 8:45 am]
BILLING CODE 3410–08–P
FEDERAL RESERVE SYSTEM
12 CFR Parts 208 and 225
[Docket No. R–1493 RIN 7100 AE–21]
Interagency Guidelines Establishing
Information Security Standards
Board of Governors of the
Federal Reserve System.
ACTION: Final rule; technical
amendment.
AGENCY:
The Board of Governors of the
Federal Reserve System (Board) is
amending Appendix D–2 of Regulation
H and Appendix F of Regulation Y to
correct citations to rules on privacy of
consumer financial information.
DATES: Effective Date: This rule is
effective July 31, 2014.
FOR FURTHER INFORMATION CONTACT:
Clinton Chen, Attorney, (202) 452–3952,
Legal Division. For the hearing impaired
only, Telecommunication Device for the
Deaf (TDD), (202) 263–4869.
SUPPLEMENTARY INFORMATION: Section
501(b) of the Gramm-Leach-Bliley Act
(GLB Act) 1 requires the Office of the
Comptroller of the Currency, Board of
Governors of the Federal Reserve
System, Federal Deposit Insurance
Corporation, and Office of Thrift
Supervision (the Agencies), as well as
the National Credit Union, the
Securities and Exchange Commission,
and the Federal Trade Commission, to
establish appropriate standards for the
financial institutions subject to their
respective jurisdictions relating to the
administrative, technical, and physical
safeguards for customer records and
information.
In February 2001, the Agencies issued
a joint final rule implementing
guidelines for establishing standards for
safeguarding customer information
under section 501(b) of the GLB Act.2
The Board’s versions of the guidelines
(now entitled Interagency Guidelines
Establishing Information Security
Standards (Security Guidelines)) are
codified in Appendix D–2 of Regulation
H (12 CFR part 208) and Appendix F of
Regulation Y (12 CFR part 225). In
December 2004, the Agencies amended
pmangrum on DSK3VPTVN1PROD with RULES
SUMMARY:
1 15
2 66
U.S.C. 6801.
FR 8616 (Feb. 1, 2001).
VerDate Mar<15>2010
15:01 Jun 30, 2014
Jkt 232001
the Security Guidelines pursuant to
section 628 of the Fair Credit Reporting
Act,3 which requires proper disposal of
consumer information.4 The Security
Guidelines establish standards relating
to administrative, technical, and
physical safeguards to ensure the
security, confidentiality, integrity and
the proper disposal of consumer
information. The Security Guidelines in
the Board’s Regulation H and Y
currently cross-reference the definitions
of ‘‘customer’’ and ‘‘customer
information’’ in the Board’s Regulation
P (Privacy of Consumer Financial
Information).
In May 2014, the Board approved the
repeal of Regulation P, effective June 30,
2014.5 The Dodd-Frank Wall Street
Reform and Consumer Protection Act
(Dodd-Frank Act) transferred
rulemaking authority for a number of
consumer financial protection laws from
the Board and other agencies to the
Consumer Financial Protection Bureau
(CFPB), except with respect to certain
motor vehicle dealers.6 The transfer
includes rulemaking authority for
Regulation P under the financial privacy
provisions of the GLB Act.7 (The DoddFrank Act did not transfer responsibility
for the Security Guidelines.) The CFPB
has issued interim final rules that are
substantially identical to the Board’s
Regulation P.
The Board is amending the crossreferences in the Security Guidelines to
refer to the CFPB’s version of Regulation
P. These amendments do not have any
effect on the substantive requirements
imposed by the Security Guidelines.
Administrative Procedure Act
In accordance with section 553(b) the
Administrative Procedures Act (APA) (5
U.S.C. 553(b)), the Board finds, for good
cause, that providing an opportunity for
public comment is unnecessary. The
amendments are solely technical
amendments that change citations in
two definitions from references to the
Board’s Regulation P to the CFPB’s
Regulation P, which contain identical
definitions. The revisions result in no
substantive change to the rule.
Paperwork Reduction Act
In accordance with the Paperwork
Reduction Act of 1995 (44 U.S.C. 3506;
5 CFR part 1320 Appendix A.1), the
3 15 U.S.C. 1681w. This section was added by
section 216 of the Fair and Accurate Credit
Transactions Act of 2003.
4 69 FR 77610 (Dec. 28, 2004).
5 79 FR 30708 (May 29, 2014).
6 Pub. L. 111–203, 124 Stat. 1376 (Jul. 21, 2010).
7 The GLB Act’s privacy provisions are contained
in sections 502 and 503 of that Act. 15 U.S.C. 6802–
6803.
PO 00000
Frm 00012
Fmt 4700
Sfmt 4700
Board has reviewed the final rule under
authority delegated to the Board by the
Office of Management and Budget. The
technical amendments to the Security
Guidelines will revise the crossreferences in the Security Guidelines to
refer to the CFPB’s version of Regulation
P. The amendments do not change any
substantive requirements of the
regulation or currently approved
information collections. Therefore, no
additional paperwork burden will be
imposed as a result of this rulemaking.
List of Subjects
12 CFR Part 208
Banks, banking, Consumer protection,
Federal Reserve System, Foreign
banking, Holding companies,
Information, Privacy, Reporting and
recordkeeping requirements.
12 CFR Part 225
Administrative practice and
procedure, Banks, banking, Federal
Reserve System, Holding companies,
Privacy, Reporting and recordkeeping
requirements, Securities.
Authority and Issuance
For the reasons set forth in the
preamble, the Board amends
Regulations H and Y, 12 CFR parts 208
and 225 as follows:
PART 208—MEMBERSHIP OF STATE
BANKING INSTITUTIONS IN THE
FEDERAL RESERVE SYSTEM
(REGULATION H)
1. The authority citation for part 208
continues to read as follows:
■
Authority: 12 U.S.C. 24, 36, 92a, 93a,
248(a), 248(c), 321–338a, 371d, 461, 481–486,
601, 611, 1814, 1816, 1818, 1820(d)(9),
1823(j), 1828(o), 1831, 1831o, 1831p–1,
1831r–1, 1831w, 1831x, 1835a, 1882, 2901–
2907, 3105, 3310, 3331–3351, 3905–3909,
and 5371; 15 U.S.C. 78b, 78I(b), 78l(i), 780–
4(c)(5), 78q, 78q–1, and 78w, 1681s, 1681w,
6801, and 6805; 31 U.S.C. 5318; 42 U.S.C.
4012a, 4104a, 4104b, 4106 and 4128.
2. Amend Appendix D–2 to part 208,
as follows:
■ a. In section I.C.2.d., remove
‘‘§ 216.3(h)’’ and add in its place
‘‘§ 1016.3(i)’’; and
■ b. In section I.C.2.e., remove
‘‘§ 216.3(n)’’ and add in its place
‘‘§ 1016.3(p).’’
■
PART 225—BANK HOLDING
COMPANIES AND CHANGE IN BANK
CONTROL (REGULATION Y)
3. The authority citation for part 225
continues to read as follows:
■
Authority: 12 U.S.C. 1817(j)(13), 1818,
1828(o), 1831i, 1831p–1, 1843(c)(8), 1844(b),
E:\FR\FM\01JYR1.SGM
01JYR1
Federal Register / Vol. 79, No. 126 / Tuesday, July 1, 2014 / Rules and Regulations
1972(1), 3106, 3108, 3310, 3331–3351, 3907,
and 3909; 15 U.S.C. 1681s, 1681w, 6801 and
6805.
4. Amend Appendix F to part 225, as
follows:
■ a. In section I.C.2.b., remove
‘‘§ 216.3(h)’’ and add in its place
‘‘§ 1016.3(i)’’; and
■ b. In section I.C.2.c., remove
‘‘§ 216.3(n)’’ and add in its place
‘‘§ 1016.3(p).’’
■
By order of the Board of Governors of the
Federal Reserve System, acting through the
Secretary of the Board under delegated
authority, June 25, 2014.
Robert deV. Frierson,
Secretary of the Board.
[FR Doc. 2014–15292 Filed 6–30–14; 8:45 am]
BILLING CODE 6210–01–P
FEDERAL HOUSING FINANCE
AGENCY
12 CFR Part 1238
[No. 2014–N–8]
Order: Supplemental Order on
Reporting by Regulated Entities of
Stress Testing Results as of
September 30, 2013
Federal Housing Finance
Agency.
ACTION: Orders.
AGENCY:
In this document, the Federal
Housing Finance Agency (FHFA)
provides notice that it issued an Order
to supplement its Orders dated
November 26, 2013 and December 13,
2013, with respect to the reporting of
each Federal Home Loan Banks’ results
under section 165(i)(2) of the DoddFrank Wall Street Reform and Consumer
Protection Act (Dodd-Frank Act).
DATES: Effective July 1, 2014. The Order
is applicable June 24, 2014.
FOR FURTHER INFORMATION CONTACT: Naa
Awaa Tagoe, Senior Associate Director,
Office of Financial Analysis, Modeling
and Simulations, (202) 649–3140,
naaawaa.tagoe@fhfa.gov; Stefan
Szilagyi, Examination Manager,
FHLBank Modeling, FHLBank Risk
Modeling Branch, (202) 649–3515,
stefan.szilagy@fhfa.gov; or Mark D.
Laponsky, Deputy General Counsel,
Office of General Counsel, (202) 649–
3054 (these are not toll-free numbers),
mark.laponsky@fhfa.gov. The telephone
number for the Telecommunications
Device for the Hearing Impaired is (800)
877–8339.
SUPPLEMENTARY INFORMATION:
pmangrum on DSK3VPTVN1PROD with RULES
SUMMARY:
I. Background
FHFA is responsible for ensuring that
the regulated entities operate in a safe
VerDate Mar<15>2010
15:01 Jun 30, 2014
Jkt 232001
and sound manner, including the
maintenance of adequate capital and
internal controls, that their operations
and activities foster liquid, efficient,
competitive, and resilient national
housing finance markets, and that they
carry out their public policy missions
through authorized activities. See 12
U.S.C. 4513. The Supplemental Order is
being issued under 12 U.S.C. 4514(a),
which authorizes the Director of FHFA
to require by Order that the regulated
entities submit regular or special reports
to FHFA and establishes remedies and
procedures for failing to make reports
required by Order. The Supplemental
Order provides to the Federal Home
Loan Banks a revised template to use in
reporting to the public the severely
adverse results of their respective stress
tests.
II. Order
For the convenience of the affected
parties, the text of the Order, without
appendices, follows below in its
entirety. You may access this Order
with its attachment from FHFA’s Web
site at https://www.fhfa.gov/
SupervisionRegulation/
LegalDocuments/Pages/Orders.aspx.
The Order will be available for public
inspection and copying at the Federal
Housing Finance Agency, Eighth Floor,
400 Seventh St. SW., Washington, DC
20024. To make an appointment, call
(202) 649–3804.
The text of the Supplemental Order is
as follows:
Federal Housing Finance Agency
Order No. 2014–OR–B–1
SUPPLEMENTAL ORDER ON REPORTING
BY REGULATED ENTITIES OF STRESS
TESTING RESULTS AS OF SEPTEMBER 30,
2013
Whereas, section 165(i)(2) of the DoddFrank Wall Street Reform and Consumer
Protection Act (‘‘Dodd-Frank Act’’) requires
certain financial companies with total
consolidated assets of more than $10 billion,
and which are regulated by a primary Federal
financial regulatory agency, to conduct
annual stress tests to determine whether the
companies have the capital necessary to
absorb losses as a result of adverse economic
conditions;
Whereas, FHFA’s rule implementing
section 165(i)(2) of the Dodd-Frank Act is
codified as 12 CFR part 1238 and requires
that ‘‘[e]ach regulated entity must file a
report in the manner and form established by
FHFA.’’ 12 CFR § 1238.5(b);
Whereas, on November 26, 2013, FHFA
issued an Order to each regulated entity
accompanied by appendices numbered 1
through 10 and amended Summary
Instructions and Guidance relating to the
performance of stress tests as of September
30, 2013, and the reporting of the results of
such tests;
PO 00000
Frm 00013
Fmt 4700
Sfmt 4700
37167
Whereas, on December 13, 2013, FHFA
issued a Supplemental Order to each
regulated entity providing two additional
appendices for use in reporting stress testing
results as of September 30, 2013;
Whereas, each of the Federal Home Loan
Banks timely submitted its stress test results
pursuant to 12 CFR part 1238 and the
implementing Orders, instructions, and
guidance;
Whereas, after analyzing the results of each
of the Federal Home Loan Banks’ stress
testing and the methodologies and practices
used in testing, FHFA has determined that
the original template designed for public
disclosure of the severely adverse test results
should be revised; and
Whereas, section 1314 of the Safety and
Soundness Act, 12 U.S.C. § 4514(a)
authorizes the Director of FHFA to require
regulated entities, by general or specific
order, to submit such reports on their
management, activities, and operations as the
Director considers appropriate.
Now Therefore, it is hereby ordered as
follows:
Each of the Federal Home Loan Banks
shall publicly report as required by 12
CFR part 1238 the severely adverse
results of the required stress testing
using the template provided herewith as
Attachment 1.
It is so ordered, this 24th day of June
2014
This Order is effective immediately.
Signed at Washington, DC, this 24th day of
June, 2014.
Melvin L. Watt,
Director, Federal Housing Finance Agency.
Dated: June 24, 2014.
Melvin L. Watt,
Director, Federal Housing Finance Agency.
[FR Doc. 2014–15396 Filed 6–30–14; 8:45 am]
BILLING CODE 8070–01–P
DEPARTMENT OF TRANSPORTATION
Federal Aviation Administration
14 CFR Part 39
[Docket No. FAA–2013–0953; Directorate
Identifier 2013–NE–32–AD; Amendment 39–
17877; AD 2014–13–02]
RIN 2120–AA64
Airworthiness Directives; Rolls-Royce
plc Turbofan Engines
Federal Aviation
Administration (FAA), DOT.
ACTION: Final rule.
AGENCY:
We are adopting a new
airworthiness directive (AD) for certain
Rolls-Royce plc (RR) RB211-Trent 875–
17, 877–17, 884–17, 884B–17, 892–17,
892B–17, and 895–17 turbofan engines.
This AD requires inspection of the
SUMMARY:
E:\FR\FM\01JYR1.SGM
01JYR1
]]>Agencies
[Federal Register Volume 79, Number 126 (Tuesday, July 1, 2014)]
[Rules and Regulations]
[Pages 37166-37167]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2014-15292]
=======================================================================
-----------------------------------------------------------------------
FEDERAL RESERVE SYSTEM
12 CFR Parts 208 and 225
[Docket No. R-1493 RIN 7100 AE-21]
Interagency Guidelines Establishing Information Security
Standards
AGENCY: Board of Governors of the Federal Reserve System.
ACTION: Final rule; technical amendment.
-----------------------------------------------------------------------
SUMMARY: The Board of Governors of the Federal Reserve System (Board)
is amending Appendix D-2 of Regulation H and Appendix F of Regulation Y
to correct citations to rules on privacy of consumer financial
information.
DATES: Effective Date: This rule is effective July 31, 2014.
FOR FURTHER INFORMATION CONTACT: Clinton Chen, Attorney, (202) 452-
3952, Legal Division. For the hearing impaired only, Telecommunication
Device for the Deaf (TDD), (202) 263-4869.
SUPPLEMENTARY INFORMATION: Section 501(b) of the Gramm-Leach-Bliley Act
(GLB Act) \1\ requires the Office of the Comptroller of the Currency,
Board of Governors of the Federal Reserve System, Federal Deposit
Insurance Corporation, and Office of Thrift Supervision (the Agencies),
as well as the National Credit Union, the Securities and Exchange
Commission, and the Federal Trade Commission, to establish appropriate
standards for the financial institutions subject to their respective
jurisdictions relating to the administrative, technical, and physical
safeguards for customer records and information.
---------------------------------------------------------------------------
\1\ 15 U.S.C. 6801.
---------------------------------------------------------------------------
In February 2001, the Agencies issued a joint final rule
implementing guidelines for establishing standards for safeguarding
customer information under section 501(b) of the GLB Act.\2\ The
Board's versions of the guidelines (now entitled Interagency Guidelines
Establishing Information Security Standards (Security Guidelines)) are
codified in Appendix D-2 of Regulation H (12 CFR part 208) and Appendix
F of Regulation Y (12 CFR part 225). In December 2004, the Agencies
amended the Security Guidelines pursuant to section 628 of the Fair
Credit Reporting Act,\3\ which requires proper disposal of consumer
information.\4\ The Security Guidelines establish standards relating to
administrative, technical, and physical safeguards to ensure the
security, confidentiality, integrity and the proper disposal of
consumer information. The Security Guidelines in the Board's Regulation
H and Y currently cross-reference the definitions of ``customer'' and
``customer information'' in the Board's Regulation P (Privacy of
Consumer Financial Information).
---------------------------------------------------------------------------
\2\ 66 FR 8616 (Feb. 1, 2001).
\3\ 15 U.S.C. 1681w. This section was added by section 216 of
the Fair and Accurate Credit Transactions Act of 2003.
\4\ 69 FR 77610 (Dec. 28, 2004).
---------------------------------------------------------------------------
In May 2014, the Board approved the repeal of Regulation P,
effective June 30, 2014.\5\ The Dodd-Frank Wall Street Reform and
Consumer Protection Act (Dodd-Frank Act) transferred rulemaking
authority for a number of consumer financial protection laws from the
Board and other agencies to the Consumer Financial Protection Bureau
(CFPB), except with respect to certain motor vehicle dealers.\6\ The
transfer includes rulemaking authority for Regulation P under the
financial privacy provisions of the GLB Act.\7\ (The Dodd-Frank Act did
not transfer responsibility for the Security Guidelines.) The CFPB has
issued interim final rules that are substantially identical to the
Board's Regulation P.
---------------------------------------------------------------------------
\5\ 79 FR 30708 (May 29, 2014).
\6\ Pub. L. 111-203, 124 Stat. 1376 (Jul. 21, 2010).
\7\ The GLB Act's privacy provisions are contained in sections
502 and 503 of that Act. 15 U.S.C. 6802-6803.
---------------------------------------------------------------------------
The Board is amending the cross-references in the Security
Guidelines to refer to the CFPB's version of Regulation P. These
amendments do not have any effect on the substantive requirements
imposed by the Security Guidelines.
Administrative Procedure Act
In accordance with section 553(b) the Administrative Procedures Act
(APA) (5 U.S.C. 553(b)), the Board finds, for good cause, that
providing an opportunity for public comment is unnecessary. The
amendments are solely technical amendments that change citations in two
definitions from references to the Board's Regulation P to the CFPB's
Regulation P, which contain identical definitions. The revisions result
in no substantive change to the rule.
Paperwork Reduction Act
In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C.
3506; 5 CFR part 1320 Appendix A.1), the Board has reviewed the final
rule under authority delegated to the Board by the Office of Management
and Budget. The technical amendments to the Security Guidelines will
revise the cross-references in the Security Guidelines to refer to the
CFPB's version of Regulation P. The amendments do not change any
substantive requirements of the regulation or currently approved
information collections. Therefore, no additional paperwork burden will
be imposed as a result of this rulemaking.
List of Subjects
12 CFR Part 208
Banks, banking, Consumer protection, Federal Reserve System,
Foreign banking, Holding companies, Information, Privacy, Reporting and
recordkeeping requirements.
12 CFR Part 225
Administrative practice and procedure, Banks, banking, Federal
Reserve System, Holding companies, Privacy, Reporting and recordkeeping
requirements, Securities.
Authority and Issuance
For the reasons set forth in the preamble, the Board amends
Regulations H and Y, 12 CFR parts 208 and 225 as follows:
PART 208--MEMBERSHIP OF STATE BANKING INSTITUTIONS IN THE FEDERAL
RESERVE SYSTEM (REGULATION H)
0
1. The authority citation for part 208 continues to read as follows:
Authority: 12 U.S.C. 24, 36, 92a, 93a, 248(a), 248(c), 321-338a,
371d, 461, 481-486, 601, 611, 1814, 1816, 1818, 1820(d)(9), 1823(j),
1828(o), 1831, 1831o, 1831p-1, 1831r-1, 1831w, 1831x, 1835a, 1882,
2901-2907, 3105, 3310, 3331-3351, 3905-3909, and 5371; 15 U.S.C.
78b, 78I(b), 78l(i), 780-4(c)(5), 78q, 78q-1, and 78w, 1681s, 1681w,
6801, and 6805; 31 U.S.C. 5318; 42 U.S.C. 4012a, 4104a, 4104b, 4106
and 4128.
0
2. Amend Appendix D-2 to part 208, as follows:
0
a. In section I.C.2.d., remove ``Sec. 216.3(h)'' and add in its place
``Sec. 1016.3(i)''; and
0
b. In section I.C.2.e., remove ``Sec. 216.3(n)'' and add in its place
``Sec. 1016.3(p).''
PART 225--BANK HOLDING COMPANIES AND CHANGE IN BANK CONTROL
(REGULATION Y)
0
3. The authority citation for part 225 continues to read as follows:
Authority: 12 U.S.C. 1817(j)(13), 1818, 1828(o), 1831i, 1831p-1,
1843(c)(8), 1844(b),
[[Page 37167]]
1972(1), 3106, 3108, 3310, 3331-3351, 3907, and 3909; 15 U.S.C.
1681s, 1681w, 6801 and 6805.
0
4. Amend Appendix F to part 225, as follows:
0
a. In section I.C.2.b., remove ``Sec. 216.3(h)'' and add in its place
``Sec. 1016.3(i)''; and
0
b. In section I.C.2.c., remove ``Sec. 216.3(n)'' and add in its place
``Sec. 1016.3(p).''
By order of the Board of Governors of the Federal Reserve
System, acting through the Secretary of the Board under delegated
authority, June 25, 2014.
Robert deV. Frierson,
Secretary of the Board.
[FR Doc. 2014-15292 Filed 6-30-14; 8:45 am]
BILLING CODE 6210-01-P
