Privacy Act of 1974; System of Records, 6892-6905 [2018-03100]

Agencies

• SECURITIES AND EXCHANGE COMMISSION

[Federal Register Volume 83, Number 32 (Thursday, February 15, 2018)]
[Notices]
[Pages 6892-6905]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-03100]


-----------------------------------------------------------------------

SECURITIES AND EXCHANGE COMMISSION

[Release No. PA-53; File No. S7-01-18]


Privacy Act of 1974; System of Records

AGENCY: Securities and Exchange Commission.

ACTION: Notice of new and modified system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974 and the Office of 
Management and Budget (OMB) Circular No. A-108, the Securities and 
Exchange Commission (Commission or SEC) proposes to establish three new 
systems of records titled, SEC-68: SEC's Division of Corporation 
Finance Records; SEC-69: SEC's Division of Investment Management 
Records; and SEC-70: SEC's Division of Trading and Markets Records; and 
to modify two existing systems of records titled, SEC-31: Office of 
General Counsel (Adjudication) Working Files; and SEC-39: Personnel 
Management Employment and Staffing Files. The new and modified systems 
of records are the result of a consolidation of records currently 
maintained by the SEC.

DATES: The changes will become applicable March 17, 2018 to permit 
public comment on the new and revised routine uses. The Commission will 
publish a new notice if the effective date is delayed to review 
comments or if changes are made based on comments received. To assure 
consideration, comments should be received on or before March 17, 2018.

ADDRESSES: Comments may be submitted by any of the following methods:

Electronic Comments

     Use the Commission's internet comment form (https://www.sec.gov/rules/other.shtml); or
     Send an email to [email protected]. Please include 
File Number S7-01-18 on the subject line.

Paper Comments

    Send paper comments in triplicate to Brent J. Fields, Secretary, 
U.S. Securities and Exchange Commission, 100 F Street NE, Washington, 
DC 20549-1090.

All submissions should refer to S7-01-18. This file number should be 
included on the subject line if email is used. To help process and 
review your comments more efficiently, please use only one method. The 
Commission will post all comments on the Commission's internet website 
(https://www.sec.gov/rules/other.shtml). Comments are also available for 
website viewing and printing in the Commission's Public Reference Room, 
100 F Street NE, Washington, DC 20549, on official business days 
between the hours of 10 a.m. and 3 p.m. All comments received will be 
posted without change; we do not edit personal identifying information 
from submissions. You should submit only information that you wish to 
make publicly available.

FOR FURTHER INFORMATION CONTACT: 
    For general and privacy related questions please contact: Ronnette 
McDaniel, Privacy and Information Assurance Branch Chief, 202-551-8378 
or [email protected].

SUPPLEMENTARY INFORMATION:

Establishment of Three New Systems of Records

    After a comprehensive, collaborative review with system managers, 
or their designees, in the Division of Corporation Finance, Division of 
Investment Management, and the Division of Trading and Markets, 
relevant records related to SEC filings were consolidated into three 
disparate systems of records. The consolidations provide greater 
transparency into the records of individuals maintained by these 
Divisions. The consolidations account for where the collections of 
information are similar, the purposes for the collections are 
compatible, and the records maintained within the systems are under 
common administrative, physical, and technical controls. Each of the 
new SORNs resulting from the consolidations are described in detail 
below:

1. SEC-68: SEC's Division of Corporation Finance Records

    New SEC-68 would consolidate SEC filing records that are collected, 
maintained and used to assist the Division of Corporation Finance in 
executing the Commission's responsibility to oversee corporate 
disclosure of company filings, reports, and other disclosure records 
filed pursuant to the Securities Act of 1933, the Securities Exchange 
Act of 1934, and other Federal securities laws. The records are used to 
monitor and enhance compliance with disclosure regulations that 
corporations are required to comply with when stock is initially sold 
and then on a continuing and periodic basis. These records will be 
consolidated into a new SORN titled, SEC-68: SEC's Division of 
Corporation Finance Records. The filings and forms collected are 
similar in purpose and are used to provide investors with material 
information about a company's financial condition and business 
practices so individuals can make informed investment decisions. This 
consolidation will form one comprehensive system of records that will 
cover individuals associated with filings and forms submitted to the 
SEC on behalf of corporations, including but not limited to: 
Registration statements for initial public offerings and other 
offerings; proposed sale of securities; prospectus, and proxy 
solicitation materials; financial statements; beneficial ownership 
documents; acquisition documents; tender offers; insider trading 
transaction records; quarterly and annual reports; correspondence; 
internal staff memoranda; and information relating to the business 
activities and transactions of public companies and their associated 
persons. These records are currently covered under one or more legacy 
SORNs that are outdated and do not accurately reflect changes in 
technology and agency procedures. These legacy SORNs are proposed for 
rescindment in a companion Federal Register Notice.

2. SEC-69: SEC's Division of Investment Management Records

    New SEC-69 would consolidate SEC filing records that are collected, 
maintained and used to assist the Division of Investment Management in 
executing the Commission's responsibility for investor protection

[[Page 6893]]

and for promoting capital formation through oversight and regulation of 
the investment management industry. These records will be consolidated 
into a new SORN titled SEC-69: SEC's Division of Investment Management 
Records. The filings and forms collected are similar in purpose and are 
used to oversee the regulation of investment companies, variable 
insurance products, and federally registered investment advisers. This 
consolidation will form one comprehensive system of records that will 
cover individuals associated with filings and forms submitted to the 
SEC on behalf of investment companies and investment advisers, 
including but not limited to: Application for registration exemptions, 
or related adviser records; records that describe or relate to 
lawsuits, shareholdings, business transactions, relationships to the 
issuer, and other relevant material business information about 
individuals; records that describe or relate to business relationships 
and transactions of directors, lawsuits, investigations, affiliations 
with other companies, and other relevant personal and business 
information about the individual that is material to the use of the 
proxy soliciting materials; records that describe or relate to an 
investment adviser, the adviser's business, the adviser's compliance 
with provisions of the Federal securities laws, and includes 
information on persons associated with investment advisers; records 
that describe or relate to an individual's relationships and 
transactions with a registered investment company. These records are 
currently covered under one or more legacy SORNs that are outdated and 
do not accurately reflect changes in technology and agency procedures. 
These legacy SORNs are proposed for rescindment in a companion Federal 
Register Notice.

3. SEC-70: SEC's Division of Trading and Markets Records

    New SEC-70 would consolidate SEC filing records that are collected, 
maintained and used to assist the Division of Trading and Markets in 
executing the Commission's responsibility to regulate the major 
securities market participants, including broker-dealers, self-
regulatory organizations (such as stock exchanges, FINRA, and clearing 
agencies), swap participants, funding portals, transfer agents, and 
other market participants. The identified records will be consolidated 
into a new SORN titled SEC-70: SEC's Division of Trading and Markets 
Records. This consolidation will form one comprehensive system of 
records that will cover individuals associated with filings and forms 
submitted to the SEC on behalf of applicants for registration or 
exemption from registration as broker-dealers, self-regulatory 
organizations (SROs), clearing agencies, transfer agents, security-
based swap dealers, security based swap data repositories, major 
security-based swap participants, security-based swap execution 
facilities, funding portals and other market participants. The records 
will support the Commission in regulating the major securities market 
participants identified above. These records are currently covered 
under one or more legacy SORNs that are outdated and do not accurately 
reflect changes in technology and agency procedures. These legacy SORNs 
are proposed for rescindment in a companion Federal Register Notice.

Modification of Two Existing Systems of Records

1. SEC-31: Office of General Counsel (Adjudication) Working Files

    Modified SEC-31 would consolidate records collected, maintained and 
used to assist the Office of General Counsel in providing legal advice 
and assistance concerning SEC investigations and actions, representing 
the Commission in judicial and administrative proceedings in which the 
SEC is involved, preparing Commission opinions, conducting 
investigations regarding misconduct by SEC employees, and representing 
SEC personnel who are being sued. These records are currently covered 
under one or more legacy SORNs that are outdated and do not accurately 
reflect changes in technology and agency procedures. These legacy SORNs 
are proposed for rescindment in a companion Federal Register Notice.
    To more accurately reflect the consolidated records, SEC-31: Office 
of General Counsel (Adjudication) Working Files will be renamed 
``Office of General Counsel Working Files.'' Additional changes to SEC-
31 will include: (1) Security Classification: Added as a new section; 
(2) System Manager: Updated with current position title and mailing 
address; (3) Authority for Maintenance: Updated the authority relied 
upon in maintaining the system; (4) Purpose: Added a purpose section 
which was omitted from the last publication; (5) Categories of 
Individuals: Expanded to include persons being investigated by the SEC, 
attorneys, persons involved in litigation with the SEC, persons 
involved in administrative proceedings, persons involved in appeals 
from actions by self-regulatory organizations or the Public Company 
Accounting Oversight Board, persons communicating with the SEC, FOIA/
Privacy Act requestors, individuals whose conduct or performance raises 
concerns, individuals who have filed EEO complaints, individuals named 
in or involved in litigation in which a third-party subpoena is served, 
Commission personnel seeking review of articles, speeches, or 
treatises, and SEC personnel against whom complaints have been lodged; 
(6) Categories of Records: Added a categories of record section which 
was omitted from the last publication; (7) Record Source Categories: 
Updated the sources from which records are received; (8) Routine Uses: 
Added new routine uses located at numbers 1, 4, 12, 13, and 20 through 
24; (9) Storage: Expanded to include storage of electronic formats and 
devices; (10) Retrieval: Updated to clarify paper and electronic 
retrieval practices; (11) Safeguards: Updated to clarify the 
administrative, technical and physical safeguards; (12) Access, 
Contesting Records and Notification Procedures sections: Updated each 
section to reflect SEC's current mailing address; (13) History: Added 
as a new section; and (14) Exemptions: Added exemption from several 
provisions of the Privacy Act regarding records that contain 
investigatory materials complied for law enforcement purposes. This 
exemption was originally adopted in 40 FR 44068, (September 24, 1975), 
but omitted from earlier publications.

2. SEC-39 Personnel Management Employment and Staffing Files

    Modified SEC-39 would consolidate records collected, maintained and 
used to assist the Office of Human Resources in maintaining an official 
repository of personnel actions on current and former SEC employees 
including internal and external training, labor management activities, 
promotions, and verification of employment and qualifications.
    To more accurately reflect the consolidated records, SEC-39: 
Personnel Management Employment and Staffing Files will be renamed 
Personnel Management Employment and Staffing/Training Files. Additional 
changes to SEC-39 will include: (1) Categories of records: Updated the 
type of records maintained in the system to include official position 
description, training files, employee name, social security number, 
organization, assigned training form number, vendor name, instructor 
name, category of training, dates of training, course title and 
location; (2) Authority for maintenance: Deleted authority no longer 
relied upon and added new authority, 5 U.S.C. 3101

[[Page 6894]]

and Executive Order 9397, as amended by 13478; (3) Purpose: Added the 
purpose for the system which was omitted from previous publications; 
(4) Routine uses: Added new routine uses located at numbers 1, 2, 9, 13 
and 14; and (5) Record source: Updated the sources from which records 
are received.
    Accordingly, the Commission is proposing the new and modified 
systems of records to read as follows:
SYSTEM NAME AND NUMBER
    SEC-68: SEC's Division of Corporation Finance Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Records are also maintained in SEC Regional Offices.

SYSTEM MANAGER(S):
    Chief Information Officer, Office of Information Technology, 
Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Securities Act of 1933, 15 U.S.C. 77a et seq.; Securities Exchange 
Act of 1934, 15 U.S.C. 78a et seq.; and rules and regulations adopted 
by the Commission under the Securities Act of 1933 and the Securities 
Exchange Act of 1934.

PURPOSE(S) OF THE SYSTEM:
    To ensure that investors are provided with material information in 
order to make informed investment decisions, both when a company 
initially offers its securities to the public and on an ongoing basis 
as it continues to give information to the market place.
    1. To monitor and enhance compliance with disclosure and accounting 
requirements.
    2. To issue comments to companies to elicit better compliance with 
applicable discourse requirements.
    3. To improve investor protection and to facilitate capital 
formation.
    4. To provide interpretive assistance to companies with respect to 
SEC rules and forms and to make recommendations to the Commission 
regarding new rules and revisions to existing rules.
    5. To investigate possible violations of Federal securities laws.
    6. To prepare, on a periodic basis or pursuant to specific requests 
tabulations of beneficial ownership for public inspection, classified 
variously by issuer, reporting persons, and in any other matter deemed 
necessary and appropriate.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system of records covers individuals having a relationship 
with public companies, investment companies, and small businesses who 
trade securities on the public market, are required to disclose to the 
public certain business and financial information, and have public 
reporting obligations. Additional related individuals covered include: 
Officers, directors, principal shareholders, controlling persons, 
controlling affiliates, employees, owners, persons who own beneficially 
more than 5 percent of any equity security of a class, persons making a 
tender offer to acquire more than 5 percent of equity securities, 
individuals who are required by statute or rule to file reports 
concerning their beneficial ownership of certain securities, persons 
for whose account securities are proposed to be sold pursuant to rules 
adopted by the Commission, and persons other than management who are 
required to file proxy soliciting material with the Commission in 
advance of its use. Records may also concern persons, directly or 
indirectly, with whom public companies or their affiliates have client 
relations or business arrangements.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Information related to the categories of individuals listed above 
may include: Name, mailing address, telephone number, email address, 
central index key (CIK) number, IRS tax identification number, IP 
address, transaction history, and financial information. Additionally, 
records include registration statements for IPOs and other offerings, 
proposed sale of securities, prospectus, and proxy solicitation 
materials, financial statements, beneficial ownership documents, 
acquisition documents, tender offers, ownership reports, insider 
trading transaction records, quarterly and annual reports, 
correspondence, internal staff memoranda, and information relating to 
the business activities and transactions of public companies and their 
associated persons.

RECORD SOURCE CATEGORIES:
    Record sources are primarily filers required to file registration 
statements, reports, and other disclosure and accounting documents 
under the Securities Act of 1933 and Securities Exchange Act of 1934. 
Additional record sources are derived from SEC correspondence and any 
other forms of communication related to the filings.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) The SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connections with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or

[[Page 6895]]

oversight authority; or professional association or self-regulatory 
authority to the extent that it performs similar functions (including 
the Public Company Accounting Oversight Board) for investigations or 
possible disciplinary action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100-900 or the Commission's Rules of Fair Fund and Disgorgement 
Plans, 17 CFR 201.1100-1106, or otherwise, where such trustee, 
receiver, master, special counsel, or other individual or entity is 
specifically designated to perform particular functions with respect 
to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 to 200.735-18, and who 
assists in the investigation by the Commission of possible violations 
of the Federal securities laws (as such term is defined in section 
3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), 
in the preparation or conduct of enforcement actions brought by the 
Commission for such violations, or otherwise in connection with the 
Commission's enforcement or regulatory functions under the Federal 
securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are accessed by the file number assigned to the company. No 
individual name access is provided, although the Commission's Name-
Relationship Index system cross-indexes names with company officers. 
Records are also searched through CIK. Hard copy records are accessed 
by name and/or file number assigned to the reporting individual. 
Computer tabulations derived from data contained in the hard copy 
records are accessed by company or by name of the reporting individual.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records are retained for various lengths of time in 
accordance with the National Archives and Records Administration 
records schedules. The

[[Page 6896]]

records will be maintained until they become inactive, at which time 
they will be retired or destroyed in accordance with the SEC's records 
retention schedule, as approved by the National Archives and Records 
Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A). Records are maintained in a secure, password-protected 
electronic system that will utilize commensurate safeguards that may 
include: Firewalls, intrusion detection and prevention systems, and 
role-based access controls. Additional safeguards will vary by program. 
All records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know;'' using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    New SORN.
SYSTEM NAME AND NUMBER
    SEC-69: SEC's Division of Investment Management Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Records are also maintained in SEC Regional Offices.

SYSTEM MANAGER(S):
    Chief Information Officer, Office of Information Technology, 
Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Securities Exchange Act of 1934,15 U.S.C. 78a et seq., Investment 
Company Act of 1940, 15 U.S.C. 80a-3 et seq., and Investment Advisers 
Act of 1940, 15 U.S.C. 80b-1 et seq.

PURPOSE(S) OF THE SYSTEM:
    1. To assist the Commission in executing its responsibility for 
investor protection and for promoting capital formation through 
oversight and regulation of the investment management industry.
    2. To assist the Commission in interpreting laws and regulations 
for the public.
    3. To review investment company and investment adviser filings.
    4. To assist the Commission in enforcement matters involving 
investment companies and advisors.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Records include information on officers, directors, principal 
shareholders, and certain other persons having relationship with or a 
transaction with a registrant; an individual or their affiliates 
related to a reporting entity, or an entity seeking exemption from 
Federal securities laws and/or seeking ``no-action'' or interpretive 
advice; institutional investment managers or their affiliates; 
individuals related to investment advisers; officers, directors, and 
certain shareholders of issuers required to file periodic reports with 
the Commission; officers, directors, and certain stockholders of an 
issuer and persons other than management who are required to file proxy 
soliciting material with the Commission in advance of its use; 
investment advisers registered with the Commission and persons 
associated with registered investment advisers; individuals associated 
with registered investment companies; officers, directors, principal 
shareholders, or other individuals related to advisers; individuals or 
their affiliates related to business development companies; individual 
or their affiliates related to variable insurance products; federally 
registered or unregistered investment advisers; professional fund 
managers or their affiliates that have client relations or business 
arrangements.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The categories of records covered by this SORN may include, but not 
limited to: Records that describe or relate to the individual's 
relationship to a registrant, reporting entity and/or other relevant 
material business information about the individual; records describe or 
related to an application for registration exemption, or relate to 
adviser records such as name, date of birth, mailing address, email 
address, telephone numbers, social security number, education, 
employment history, disciplinary history, business relationships and 
other similar related information; records that describe or relate to 
initial information and changes regarding beneficial ownership of the 
securities of certain issuers such as name of the reporting person, the 
inside control number assigned to the individual, the relationship of 
the reporting person, the nature of the ownership, and financial 
transaction data with regard to the securities holdings of the 
reporting person; records that describe or relate to lawsuits, 
shareholdings, business transactions, relationships to the issuer and 
other relevant material business information about the individual; 
records that describe or relate to business relationships and 
transactions of director, lawsuits, investigations, affiliations with 
other companies, and other relevant personal and business information 
about the individual that is material to the use of the proxy 
soliciting materials; records that describe or relate to an investment 
adviser, the adviser's business, the adviser's compliance with 
provisions of the Federal securities laws and include information on 
persons associated with investment advisers; records that describe or 
relate to an individual's relationships and transactions with a 
registered investment company.

RECORD SOURCE CATEGORIES:
    Records sources are primarily maintained by the Division of

[[Page 6897]]

Investment Management that relate to primary filers that are required 
to file registration statements, applications, reports, correspondence, 
and other related disclosure and accounting documents under the 
Securities Act of 1933, the Securities Exchange Act of 1934, the 
Investment Company Act of 1940 and the Investment Advisers Act of 1940.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) The SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connections with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100-900 or the Commission's Rules of Fair Fund and Disgorgement 
Plans, 17 CFR 201.1100-1106, or otherwise, where such trustee, 
receiver, master, special counsel, or other individual or entity is 
specifically designated to perform particular functions with respect 
to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 to 200.735-18, and who 
assists in the investigation by the Commission of possible violations 
of the Federal securities laws (as such term is defined in section 
3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), 
in the preparation or conduct of enforcement actions brought by the 
Commission for such violations, or otherwise in connection with the 
Commission's enforcement or regulatory functions under the Federal 
securities laws.

[[Page 6898]]

    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases and/or electronic storage 
devices. Paper records and records on electronic storage devices may be 
stored in locked file rooms and/or file cabinets and/or secured 
buildings.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information is indexed by name of the Regulated Entity or by 
certain SEC identification numbers. Information regarding individuals 
may be obtained through the use of cross-reference methodology or some 
form of personal identifier. Access for inquiry purposes is via a 
computer terminal.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records are retained for various lengths of time in 
accordance with the National Archives and Records Administration 
records schedules. The records will be maintained until they become 
inactive, at which time they will be retired or destroyed in accordance 
with the SEC's records retention schedule, as approved by the National 
Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. Covered records are kept in 
limited access areas during duty hours and secured areas at all other 
times. Computerized records are safeguarded in secured, encrypted 
environment. Security protocols meet the promulgating guidance as 
established by the National Institute of Standards and Technology 
(NIST) Security Standards from Access Control to Data Encryption, and 
Security Assessment & Authorization (SA&A). Records will be maintained 
in a secure, password-protected electronic system that will utilize 
commensurate safeguards that may include: Firewalls, intrusion 
detection and prevention systems, and role-based access controls. 
Additional safeguards will vary by program. All records are protected 
from unauthorized access through appropriate administrative, 
operational, and technical safeguards. These safeguards include: 
Restricting access to authorized personnel who have a ``need to know''; 
using locks; and password protection identification features. 
Contractors and other recipients providing services to the Commission 
shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    New SORN.
SYSTEM NAME AND NUMBER
    SEC-70: SEC's Division of Trading and Markets Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Records are also maintained in SEC Regional Offices.

SYSTEM MANAGER(S):
    Chief Information Officer, Office of Information Technology, 
Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Securities Act of 1933, 15 U.S.C. 77a et seq.; Securities Exchange 
Act of 1934, 15 U.S.C. 78a et seq.; Investment Company Act of 1940, 15 
U.S.C. 80a-1 et seq., Investment Advisers Act of 1940, 15 U.S.C. 80b-1 
et seq., and rules and regulations adopted by the Commission under the 
Securities Act of 1933 and the Securities Exchange Act of 1934.

PURPOSE(S) OF THE SYSTEM:
    1. To maintain standards for fair, orderly, and efficient markets.
    2. To regulate the major securities market participants, including 
broker-dealers, self-regulatory organizations, clearing agencies, 
transfer agents, securities information processors, and other 
registered intermediaries.
    3. To carry out the Commission's financial integrity program for 
broker-dealers.
    4. To review and in some cases approve proposed new rules and 
proposed changes to existing rules filed by self-regulatory 
organizations.
    5. To assist in establishing rules and issuing interpretations on 
matters affecting the operation of the securities markets.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system of records covers applicants for registration or 
exemption

[[Page 6899]]

from registration as broker-dealers, self-regulatory organizations 
(SROs), clearing agencies, transfer agents, security-based swap 
dealers, security based swap data repositories, major security-based 
swap participants, security-based swap execution facilities, funding 
portals, and persons associated with the entities above. Records may 
also concern persons, directly or indirectly, with whom market 
participants or their affiliates have client relations or business 
arrangements.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Information related to the categories of individuals listed above 
may include: Name, business address, residential address (for sole 
proprietor only), telephone/cellular/facsimile number, email address, 
website or IP address, IRS employer identification number, IA SEC File 
Number, Broker Dealer SEC File Number, CRD Number, areas of business, 
other SEC registrations, SRO memberships, and related information; past 
and present employment; disciplinary history; business relationships; 
and similar information relating to the categories of individuals 
covered by the system. Paper records may include, but are not limited 
to, application and other forms, notices, records, or documents 
relating to registration; letters, facsimiles, imaged documents, and 
other forms of written communication; and related documentation.

RECORD SOURCE CATEGORIES:
    Record Sources are primarily market participants required to 
register with the SEC and file applications for registration, reports, 
and other disclosure and accounting documents filed Pursuant to the 
Securities Exchange Act of 1934, and other Federal securities laws.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) The SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connections with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100-900 or the Commission's Rules of Fair Fund and Disgorgement 
Plans, 17 CFR 201.1100-1106, or otherwise, where such trustee, 
receiver, master, special counsel, or other individual or entity is 
specifically designated to perform particular functions with respect 
to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions,

[[Page 6900]]

or by reproduction of records by electronic or other means. Recipients 
of these records shall be required to comply with the requirements of 
the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 to 200.735-18, and who 
assists in the investigation by the Commission of possible violations 
of the Federal securities laws (as such term is defined in section 
3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), 
in the preparation or conduct of enforcement actions brought by the 
Commission for such violations, or otherwise in connection with the 
Commission's enforcement or regulatory functions under the Federal 
securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information is indexed by name of the Regulated Entity or by 
certain SEC identification numbers. Information regarding individuals 
may be obtained through the use of cross-reference methodology or some 
form of personal identifier. Access for inquiry purposes is via a 
computer terminal.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records are retained for various lengths of time in 
accordance with the National Archives and Records Administration 
records schedules. The records will be maintained until they become 
inactive, at which time they will be retired or destroyed in accordance 
with the SEC's records retention schedule, as approved by the National 
Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A). Records are maintained in a secure, password-protected 
electronic system that will utilize commensurate safeguards that may 
include: Firewalls, intrusion detection and prevention systems, and 
role-based access controls. Additional safeguards will vary by program. 
All records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    New SORN.
SYSTEM NAME AND NUMBER
    SEC-31: Office of the General Counsel Working Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    General Counsel, Securities and Exchange Commission, 100 F Street 
NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Section 13(b) of the Securities Act of 1933, 15 U.S.C. 77s; rules, 
regulations,

[[Page 6901]]

and orders, 15 U.S.C. 77sss; Appointment and Compensation of Staff and 
Leasing Authority, 15 U.S.C. 78d (b); rules, regulations, and orders; 
annual reports, 15 U.S.C. 78w; Investment Company Act, rules, 
regulations, and orders, 15 U.S.C. 80a-37; and Investment Advisers, 
rules, regulations, and orders of Commission, 15 U.S.C. 80b-11.

PURPOSE(S) OF THE SYSTEM:
    1. To allow staff to render legal advice and provide legal 
assistance with respect to SEC investigations, actions, and agency 
operations.
    2. To represent the SEC in judicial and administrative proceedings 
in which the SEC or its personnel are involved as a party, non-party 
witness, or as amicus curiae.
    3. To manage, track, and report on matters and caseloads handled by 
staff, and keep the staff informed as to litigation and legal matters 
which may be of interest to the SEC.
    4. To respond to communications made to the SEC and to investigate 
and make recommendations regarding complaints of misconduct by SEC 
employees.
    5. To conduct investigations, bring proceedings, and render legal 
advice regarding the suspension or reinstatement of an attorney, 
accountant or other professional with respect to appearing or 
practicing before the SEC.
    6. To prepare comments on pending legislation or rulemaking and to 
draft proposed legislation or rules.
    7. To review articles, treatises, and speeches by Commission 
personnel relating to the Commission or to statutes and rules 
administered by the Commission.
    8. To interpret, provide legal guidance, and address legal issues 
arising under the various Federal statutes and other authorities 
relevant to the SEC's mission.
    9. To draft orders and opinions and render legal advice regarding 
appeals in administrative proceedings or appeals from actions by self-
regulatory organizations or the PCAOB.
    10. To provide legal advice, assistance, and/or representation in 
any other SEC matter where such effort is needed.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals covered by the system include persons involved with or 
related to cases or matters worked on by the Office of the General 
Counsel (OGC). Records are maintained on persons being investigated by 
the SEC, including investigations of attorneys for possible suspension 
or disbarment from appearing and practicing before the SEC and 
attorneys applying to be reinstated to appear and practice before the 
SEC. Records are also maintained on persons involved in litigation with 
the SEC or litigation of interest to the SEC; persons involved in 
acquisitions and leases with the SEC; persons involved in 
administrative proceedings; persons involved in appeals from actions by 
self-regulatory organizations or the Public Company Accounting 
Oversight Board (PCAOB); persons communicating with the SEC; FOIA/
Privacy Act requestors; individuals whose conduct or performance raises 
concerns; individuals who have filed EEO complaints; individuals named 
in or involved in litigation in which a third-party subpoena is served; 
Commission personnel seeking review of articles, speeches, or 
treatises; and SEC personnel against whom complaints have been lodged. 
Records are also maintained on SEC users of electronic databases 
maintained by OGC.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The categories of records found in this system include: Court 
pleadings, documents and orders filed in civil, administrative, or 
criminal proceedings, or appeals from actions by self-regulatory 
organizations or the PCAOB; correspondence detailing requests, 
complaints, and other topics of interest to the author; investigative 
material regarding allegations of possible staff misconduct; 
information relevant to SEC investigations; and other memoranda and 
materials gathered and prepared by staff in performance of their 
duties. The specific data elements found in these records may include 
names, social security numbers, mailing addresses, email addresses, 
employment histories, employee evaluations, disciplinary actions, case-
related communications and notes, and audit logs of user access and 
activities within electronic databases maintained by OGC.

RECORD SOURCE CATEGORIES:
    Records sources include documents related to court pleadings, 
proceedings and appeals; information obtained through correspondence, 
via letters, telephone calls, emails or any other form of 
communication; data obtained from investigative material and any 
relevant information to SEC investigations; materials and information 
gathered by staff in the performance of their duties; records gathered 
during the acquisition process; electronic databases maintained by OGC; 
other SEC files; and from individuals, including where practicable, 
those to whom the records relate.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) The SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    4. To national securities exchanges and national securities 
associations that are registered with the SEC; the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    5. In connection with any proceeding where the Federal securities 
laws are in issue or in which the Commission or past or present members 
of its staff is a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).

[[Page 6902]]

    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or a 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, or international agency, if 
necessary to obtain information relevant to the SEC's decision 
concerning the hiring or retention of an employee; the issuance of a 
securities clearance; the letting of a contract; or the issuance of a 
license, grant, or other benefit.
    9. To a Federal, state, local tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100-900, or the Commission's Rules of Fair Fund and Disgorgement 
Plans, 17 CFR 201.1100-1106, or otherwise, where such trustee, 
receiver, master, special counsel, or other individual or entity is 
specifically designated to perform particular functions with respect 
to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities law or the Commission's Rules of Practice or the 
Rules of Fair Fund and Disgorgement Plans.
    12. To a trustee in bankruptcy.
    13. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation or administrative proceedings, if the staff has reason 
to believe that the person to whom the record is disclosed may have 
further information about the matters related therein, and those 
matters appear to be relevant to the subject matter of the inquiry.
    14. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    15. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a).
    16. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    17. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct regarding non-disclosure, particularly 17 
CFR 200.735-3(b)(2), or has otherwise agreed to comply with provisions 
restricting the disclosure of SEC nonpublic information.
    18. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    19. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    20. To prepare and publish information related to violations of the 
Federal securities laws as provided in 15 U.S.C. 78c(a)(47), as 
amended.
    21. To respond to subpoenas in any litigation or other proceeding.
    22. To members of Congress, the Government Accountability Office, 
or others charged with monitoring the work of the Commission or 
conducting records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases and/or electronic storage 
devices. Paper records and records on electronic storage devices may be 
stored in locked file rooms and/or file cabinets and/or secured 
buildings.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Some hard copy records may be accessed by relevant name, subject, 
date, and/or internal file numbers, although there is not necessarily a 
method by which the name of a particular individual can be accessed. 
For electrically stored information, it is often, but not always, 
possible to search by relevant name, subject, date, mailing address, 
email address, internal file number, external case number, security 
number, record type, matter type, or other relevant case attribute.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records are retained for various lengths of time in 
accordance with the National Archives and Records Administration 
records schedules. The records will be maintained until they become 
inactive, at which time they

[[Page 6903]]

will be retired or destroyed in accordance with the SEC's records 
retention schedule, as approved by the National Archives and Records 
Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The physical records may be 
kept in limited access areas during duty hours and in locked file 
cabinets and/or locked offices or file rooms at all other times. 
Computerized records are safeguarded in a secured environment. Security 
protocols meet the promulgated guidance as established by the National 
Institute of Standards and Technology (NIST) Security Standards, 
including Access Control, Data Encryption, and Security Assessment & 
Authorization (SA&A). Computerized records are maintained in a secure, 
password-protected electronic system that will utilize commensurate 
safeguards that may include: Firewalls, intrusion detection and 
prevention systems, audit logs, and role-based access controls. 
Additional safeguards will vary by program. All computerized records 
are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street, NE, 
Mail Stop 5100, Washington, DC 20549-2736.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Under 5 U.S.C. 552a(k)(2), this system of records is exempted from 
the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), 
(e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, 
and 200.306, insofar as it contains investigatory materials compiled 
for law enforcement purposes. This exemption is contained in 17 CFR 
200.312(a)(5).

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --56 FR 24103 (May 29, 1991)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 (September 11, 1997)
SYSTEM NAME AND NUMBER
    SEC-39: Personnel Management Employment and Staffing/Training 
Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    Assistant Director, Office of Human Resources, Securities and 
Exchange Commission, 100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S. Code Sec.  3101, General authority to employ; 5 U.S. Code 
Sec.  3109, Employment of experts and consultants; temporary or 
intermittent; Executive Orders 9397, as amended by 13478, 9830, and 
12107; and Civil Service Regulations promulgated thereunder.

PURPOSE(S) OF THE SYSTEM:
    1. Records in category (a) below are used by SEC staff to make 
referrals to supervisors or administrative assistants in offices with 
vacancies for which applicants may be considered. Offices may retain 
copies of applications/resumes and evaluations of candidates they 
interview whom they feel may be contenders for employment offers later 
in the year.
    2. SEC staff uses records in category (b) below for (i) retention 
of official personnel documents; (ii) verification of employment; (iii) 
determination of qualifications for jobs and eligibility for training; 
and (iv) processing of personnel actions.
    3. SEC staff uses records in category (c) below for (i) computation 
of personnel strength of divisions/offices; (ii) verification of 
employment for credit checks or job applications; and (iii) recording 
of personnel actions processed.
    4. SEC staff uses records in category (d) below to maintain records 
required by the Office of Human Resources of competitive promotion 
actions, including (i) records to determine how an announcement for a 
particular job reads; (ii) records for statistical reports; and (iii) 
records for program effectiveness studies (to send questionnaires to 
supervisors who made selections under the program, for example). 
Supervisory appraisals are scored and used in determining employee's 
overall standing among all applicants for the job; they are sent to 
selecting supervisors for review if the employee is certified for 
consideration (interview).
    5. SEC staff uses records in category (e) below to identify Office 
of Human Resources control numbers for Schedule C positions and to aid 
in preparing new submissions.
    6. SEC staff uses records in category (f) below for statistical 
reports.
    7. SEC staff forwards records in category (g) below to the Office 
of Human Resources at the end of each month if the applicant is not 
hired; if applicant is hired, records are retained for one year and 
then destroyed.
    8. SEC staff uses records in category (h) below to monitor 
personnel actions concerning their staffs (i.e., date of employee's 
last promotion, employee's position description number, etc.) and to 
record date personnel action requests and reports were forwarded to the 
Office of Personnel.
    9. SEC Regional Offices use records in category (i) below as a 
reference in preparing personnel actions requests on employees, 
determining employee eligibility for training or career development 
counseling and for back-up data in preparing award nominations, etc.
    10. The records may also be used in connection with organizational 
directories or similar records for internal management purposes.
    11. The information allows employees to track their training 
history, register for classes, access a catalog of courses, and review 
their training schedule. Also, the system is used by the Office of 
Human Resources (OHR) for statistical reporting and employee career 
Counseling, for determining whether mandatory training has been 
received, and for assessing whether the cost, quality, and 
appropriateness of courses and sources merit consideration for 
fulfilling future agency training needs.

[[Page 6904]]

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Records are maintained on applicants for SEC employment and present 
and past employees.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system of records includes the following category of records:
    a. Applicant files (Resumes, attorney supplements to applications, 
applicant correspondence and evaluations, official position 
description, and summer employment files);
    b. Official personnel folders (Office of Administrative and 
Personnel Management Files);
    c. Training files (Employee name, social security number, 
organization, and the assigned training form number; vendor name; 
instructor name; category of training; date(s) of training; and course 
title and location.);
    d. Merit promotion posting files, including supervisory appraisals 
for jobs advertised under SEC Merit Promotion Program;
    e. Request to Office of Human Resources for Schedule C personnel 
actions;
    f. Chronological copies of personnel actions (Standard Forms 50); 
and
    g. Regional Office employee files, including copies of applications 
and notifications of personnel action (Standard Forms 50) on the 
employee concerned.

RECORD SOURCE CATEGORIES:
    Records in category (a) are obtained from applicant concerned and 
interviewer evaluating the applicant. Records in category (b) are 
obtained from employee and supervisors concerned. Records in category 
(c) are obtained from official personnel folder of the employee 
concerned. Records in category (d) are obtained from employees applying 
for job and their supervisors. Records in category (e) are obtained 
from employees and supervisors concerned. Records in category (f) are 
obtained from employees and supervisors concerned. Records in category 
(g) are obtained from applicant. Records in category (h) are obtained 
from official personnel actions, employees and supervisors concerned. 
Records in category (i) are obtained from official personnel actions, 
employees and supervisors concerned.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. In any proceeding where the Federal securities law are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    3. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    4. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    5. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    6. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    7. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    8. In connection with any court litigation or administrative action 
to review personnel action taken by the Commission or the failure by 
the Commission to take action.
    9. To aid in responding to inquiries from an employee, Member of 
Congress, the press or others concerning personnel action taken with 
respect to a specified employee or employees.
    10. To the Office of Management and Budget in connection with the 
review of private relief legislation as set forth in OMB Circular A-19 
at any stage of the legislative coordination and clearance process as 
set forth in that circular.
    11. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    12. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are indexed by name.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records are retained for various lengths of time in 
accordance with the National Archives and Records Administration 
records schedules. The records will be maintained until they become 
inactive, at which time they will be retired or destroyed in accordance 
with the SEC's records retention schedule, as approved by the National 
Archives and Records Administration.

[[Page 6905]]

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24 hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured, encrypted environment. Security 
protocols meet the promulgating guidance as established by the National 
Institute of Standards and Technology (NIST) Security Standards from 
Access Control to Data Encryption and Security Assessment & 
Authorization (SA&A). Records will be maintained in a secure, password-
protected electronic system that will utilize commensurate safeguards 
that may include: Firewalls, intrusion detection and prevention 
systems, and role-based access controls. Additional safeguards will 
vary by program. All records are protected from unauthorized access 
through appropriate administrative, operational, and technical 
safeguards. These safeguards include: Restricting access to authorized 
personnel who have a ``need to know''; using locks; and password 
protection identification features. Contractors and other recipients 
providing services to the Commission shall be required to maintain 
equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Mail Stop 5100, Washington, DC 20549-2736.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:

    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41591 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --50 FR 37750 (September 17, 1985)
    --62 FR 47884 (September 11, 1997)
    --72 FR 2036 (January 17, 2007)

    By the Commission.

    Dated: February 9, 2018.
Brent J. Fields,
Secretary.
[FR Doc. 2018-03100 Filed 2-14-18; 8:45 am]
BILLING CODE 8011-01-P