Privacy Act of 1974; System of Records, 49836-49838 [2022-17379]

Agencies

• FEDERAL RESERVE SYSTEM

[Federal Register Volume 87, Number 155 (Friday, August 12, 2022)]
[Notices]
[Pages 49836-49838]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-17379]



[[Page 49836]]

=======================================================================
-----------------------------------------------------------------------

FEDERAL RESERVE SYSTEM


Privacy Act of 1974; System of Records

AGENCY: Board of Governors of the Federal Reserve System.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, notice 
is given that the Board of Governors of the Federal Reserve System 
(Board) proposes to modify an existing system of records, entitled 
BGFRS-37, ``FRB--Electronic Applications.'' This system enables bank 
holding companies (BHCs), savings and loan holding companies (SLHCs), 
state member banks, and foreign banks with operations in the United 
States, or other companies, and persons to submit an application or 
notice to the Federal Reserve System for approval or non-objection, as 
appropriate, to conduct certain transactions or engage in certain 
activities.

DATES: Comments must be received on or before September 12, 2022. This 
modified system of records will become effective September 12, 2022, 
without further notice, unless comments dictate otherwise.
    The Office of Management and Budget (OMB), which has oversight 
responsibility under the Privacy Act, requires a 30-day period prior to 
publication in the Federal Register in which to review the system and 
to provide any comments to the agency. The public is then given a 30-
day period in which to comment, in accordance with 5 U.S.C. 552aI(4) 
and (11).

ADDRESSES: You may submit comments, identified by BGFRS-37, ``FRB--
Electronic Applications'' by any of the following methods:
     Agency website: https://www.federalreserve.gov. Follow the 
instructions for submitting comments at https://www.federalreserve.gov/apps/foia/proposedregs.aspx.
     Email: [email protected]. Include SORN name 
and number in the subject line of the message.
     Fax: (202) 452-3819 or (202) 452-3102.
     Mail: Ann E. Misback, Secretary, Board of Governors of the 
Federal Reserve System, 20th Street and Constitution Avenue NW, 
Washington, DC 20551.
    All public comments will be made available on the Board's website 
at https://www.federalreserve.gov/apps/foia/proposedregs.aspx as 
submitted, unless modified for technical reasons or to remove sensitive 
personally identifiable information. Public comments may also be viewed 
electronically and in-person in Room M-4365A, 2001 C St. NW, 
Washington, DC 20551, between 9:00 a.m. and 5:00 p.m. during federal 
business weekdays.

FOR FURTHER INFORMATION CONTACT: David B. Husband, Senior Counsel, 
(202) 530-6270, [email protected]; Legal Division, Board of 
Governors of the Federal Reserve System, 20th Street and Constitution 
Avenue NW, Washington, DC 20551. If you are deaf, hard of hearing, or 
have a speech disability, please dial 7-1-1 to access telecommunication 
relay services.

SUPPLEMENTARY INFORMATION: The Board is modernizing the electronic 
applications system and its filing process by permitting external 
filers to file applications, notices, requests for determinations, and 
other applications-related inquiries submitted by filers electronically 
through a paperless application process. The Board is moving to a 
cloud-based system (Fed EZ File) for use by the Board and the Federal 
Reserve Banks, acting pursuant to authority delegated by the Board 
(collectively, ``FRS''). FRS staff will use Fed EZ File to create, 
review, store, and retrieve information, including information obtained 
from individuals, financial institutions, and other business 
organizations, or their authorized representatives (collectively, 
``filers''), in connection with applications, notices, requests for 
determinations, and other applications-related inquiries submitted by 
filers to the FRS (collectively, ``filings''). These transactions and 
activities include, for example, acquisitions by a BHC or SLHC, bank 
mergers, non-bank acquisitions or new activities, BHC or SLHC 
formations, financial holding company elections, branch establishments, 
changes in bank control, community development and public welfare 
investments, and the appointment of directors or senior executive 
officers by a BHC, SLHC, or bank. This system will also enable FRS 
staff to request additional information, view business and supervisory 
information from various entities as needed, act on the filing, and 
deliver official and related correspondence. FRS staff will also 
manually input paper-based filings received by the FRS into the EZ File 
system for the above purposes.
    Accordingly, the Board is revising the SORN in order to incorporate 
the move to a new cloud-based system and generally update the SORN 
since its last revision. In particular, the Board is making changes to 
the purpose, authority, category of individuals, category of records, 
and the routine uses sections. The Board has clarified the intended 
purpose of the system and expanded the category of individuals to also 
include public commenters on filings more accurately. The Board has 
provided greater specificity to the category of records section by 
identifying in greater detail some of the information types included in 
typical filings.
    The Board is also amending the system-specific routine use to 
permit the sharing of the information covered by this system of records 
with other financial institution regulatory agencies as necessary on a 
confidential basis consistent with explicit information sharing 
agreements, rather than for regulatory comment purposes only, because 
the Board works with those agencies on supervisory and regulatory 
matters beyond those focused on regulatory comments. The Board is also 
eliminating the reference to ``thrift regulatory agencies'' in the 
phrase ``other bank and thrift regulatory agencies'' as outdated 
because the Dodd-Frank Wall Street Reform and Consumer Protection Act 
(Dodd-Frank Act, Pub. L. 111-203, 124 Stat. 1376 (2010)) dissolved the 
Office of Thrift Supervision and replacing ``bank'' with ``financial 
institution.'' Thus, the Board proposes to revise the system-specific 
routine use to read: ``to disclose certain information to other 
financial institution regulatory agencies pursuant to explicit 
information sharing agreements.''
    In the authority section, the Board is revising the list of 
authorities to include additional statutes and regulations that 
authorize the Board to receive filings from external parties and to 
reflect statutory changes since the SORN's last issuance in 2008. In 
particular, the Dodd-Frank Act was passed in 2010 and made substantial 
changes to banking laws and regulations, which affected the authorities 
for this system of records. For example, section 311 of Dodd-Frank 
transferred authority to supervise and regulate SLHCs from the Office 
of Thrift Supervision to the Board. Accordingly, the Board is adding 
the Home Owners' Loan Act, as well as the Board's implementing 
Regulations LL and MM, which authorize the Board to receive filings 
from SLHCs as authorities. Similarly, the Board is adding to the 
authorities section 167 of the Dodd-Frank Act and the Board's 
implementing Regulation YY, which required certain foreign banking 
organizations to create a U.S.

[[Page 49837]]

intermediate holding company for which foreign banking organizations 
may request relief pursuant to section 252.153(c) of Regulation YY. 
Lastly, the Board is also adding section 163(b) of the Dodd-Frank Act, 
which required certain large BHCs and nonbank financial companies 
supervised by the Board to provide written notice before making certain 
acquisitions of large nonbanking entities.
    The Board is also revising the list of legal authorities to include 
those which were inadvertently omitted from or incorrectly cited in the 
previous SORN. This includes adding corrected references to the U.S. 
Code provisions corresponding to sections 9, 19, and 25 of the Federal 
Reserve Act, concerning state banks as members of the Federal Reserve 
System; bank reserves; and foreign branches of domestic banks, 
respectively. In addition, the Board is revising the legal authority 
section to include other statutory provisions under which the Board 
receives filings, including sections 23A and 23B of the Federal Reserve 
Act and the Board's implementing Regulation W, concerning depository 
institutions' relations and transactions with affiliates, and section 
24A, concerning investments in bank premises. Further, the Board is 
revising the legal authorities to include sections 8, 18(c), 19, 32, 
and 44 of the Federal Deposit Insurance Act, concerning termination of 
insured depository institution status; bank merger transactions; 
participation in banking by individuals convicted of, or who have 
entered into a pretrial diversion or similar program for, certain 
crimes; changes in directors and senior executive officers of insured 
depository institution holding companies; and interstate bank mergers, 
respectively. The Board has also added references to other relevant 
authorizing banking statutes, such as the Foreign Bank Supervision 
Enhancement Act and the Depository Institution Management Interlocks 
Act.
    The Board is also updating the contact information for the system 
manager, the record source categories, the system location information, 
and the policies and practices for storage, retrieval, and retention of 
records.
    The Board is also making technical changes to BGFRS-37 consistent 
with the template laid out in OMB Circular No. A-108. Accordingly, the 
Board has made technical corrections and non-substantive language 
revisions to the following sections: ``Policies and Practices for 
Storage of Records,'' ``Policies and Practices for Retrieval of 
Records,'' ``Policies and Practices for Retention and Disposal of 
Records,'' ``Administrative, Technical and Physical Safeguards,'' 
``Record Access Procedures,'' ``Contesting Record Procedures,'' and 
``Notification Procedures.'' The Board has also created the following 
new sections: ``Security Classification'' and ``History.''

SYSTEM NAME AND NUMBER:
    BGFRS-37, ``FRB--Electronic Applications.''

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Board of Governors of the Federal Reserve System, 20th Street and 
Constitution Avenue NW Washington, DC 20551. Some data will be hosted 
by third-party vendors, in government clouds managed by BOX in Nevada 
and California, Appian in Ohio, and OneSpan in Virginia and Ohio.

SYSTEM MANAGER(S):
    Vaishali Sack, Designated Agency Applications Official, Supervision 
and Regulation Division, Board of Governors of the Federal Reserve 
System, 20th Street and Constitution Avenue NW, Washington, DC 20551, 
202-452-5221, [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Sections 9, 19, 23A, 23B, 24A, 25, and 25A of the Federal Reserve 
Act (12 U.S.C. 321-338a, 461-506, 371c, 371c-1, 371(d), 601-605, and 
611-631); the Change in Bank Control Act (12 U.S.C. 1817(j)); Sections 
8, 18(c), 19, 32, and 44 of the Federal Deposit Insurance Act (12 
U.S.C. 1818, 1828(c), 1829, 1831i, and 1831(u)); the Bank Holding 
Company Act of 1956 (12 U.S.C. 1841 et seq.); Section 5 of the Bank 
Service Company Act (12 U.S.C. 1865); the International Banking Act of 
1978, as amended (12 U.S.C. 3101 et seq.) and the Foreign Bank 
Supervision Enhancement Act (12 U.S.C. 3101 note); the Depository 
Institution Management Interlocks Act (12 U.S.C. 3201 et seq.); the 
Home Owners' Loan Act (12 U.S.C. 1465-1468); Sections 163(b) and 167 of 
the Dodd-Frank Wall Street Reform and Consumer Protection Act (12 
U.S.C. 5363(b) and 5367); the Board's Regulation H (12 CFR part 208); 
Regulation K (12 CFR part 211); Regulation L (12 CFR part 212); 
Regulation W (12 CFR part 223); Regulation Y (12 CFR part 225); 
Regulation LL (12 CFR part 238); Regulation MM (12 CFR part 239); 
Regulation YY (12 CFR part 252); and Executive Order 9397.

PURPOSE(S) OF THE SYSTEM:
    These records are collected and maintained to assist the Board and 
the Federal Reserve Banks (collectively, ``FRS'') in evaluating whether 
individuals, financial institutions, and other business organizations 
meet the applicable statutory and regulatory factors that are required 
to be considered in a particular filing.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Persons who are parties to regulatory filings submitted to the FRS, 
and public commenters to such submissions.

CATEGORIES OF RECORDS IN THE SYSTEM:
    In connection with their role in filings, individuals provide 
information, which may include, but is not limited to the following: 
name (including former names and/or nicknames); contact information 
such as telephone number, email address, etc.; address (home, business, 
and/or mailing); citizenship information, including place and date of 
birth; and/or citizenship status; government-issued identification, 
such as driver's license number, Social Security number, passport 
number and/or alien registration number, and/or taxpayer identification 
number; occupation and employment history; financial and credit 
information (including credit history); education and professional 
credentials; information about compliance with applicable laws and 
regulations, criminal history, and involvement with court proceedings; 
and related organizations. In addition, submissions from members of the 
public may contain unsolicited personally identifiable information 
(``PII'') (such as bank account information or social security numbers) 
even though such PII is not required for the individual to provide 
comments or feedback.

RECORD SOURCE CATEGORIES:
    The information is submitted by individual filers, certain 
employees, officers, directors, or shareholders of financial 
institutions or other business organizations, representatives of 
individual or institutional filers, Federal and state banking 
regulators, state insurance regulators, and members of the public. FRS 
staff may also provide information to obtain access to the system. FRS 
staff may also independently obtain information regarding filers from 
publicly available sources.

[[Page 49838]]

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    General routine uses A, B, C, D, G, I, and J apply to this system. 
These general routine uses are located at https://www.federalreserve.gov/files/SORN-page-general-routine-uses-of-board-systems-of-records.pdf and are published in the Federal Register at 83 
FR 43872 at 43873-74 (August 28, 2018). These records may also be used 
to disclose certain information to other financial institution 
regulatory agencies pursuant to explicit information sharing 
agreements.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Paper records are stored in locked file cabinets with access 
limited to staff with a need to know until the paper records have been 
scanned and stored electronically. Electronic records will be stored at 
the Board and by third-party vendors in FedRAMP approved government 
cloud storage solutions.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records can be searched for and retrieved by authorized staff only, 
by every data field on a record, and by the contents of each record. 
Access to records is limited to those persons whose official duties 
require it.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained for 60 days within the system and then 
transferred to the Board's electronic recordkeeping system. Records are 
retained in the Board's electronic recordkeeping system for 15 years, 
then destroyed when no longer needed for reference.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The system has the ability to track individual user actions within 
the system. The audit and accountability controls are based on NIST and 
Board standards, which are based on applicable laws and regulations. 
The controls assist in detecting security violations and performance or 
other issues in the system. Access to the system is restricted to 
authorized users within the FRS who require access for official 
business purposes. Users are classified into different roles and common 
access and usage rights are established for each role. User roles are 
used to delineate between the different types of access requirements 
such that users are restricted to information that is required in the 
performance of their duties. Periodic assessments and reviews are 
conducted to determine whether users still require access, have the 
appropriate role, and whether there have been any unauthorized changes. 
Records are encrypted at rest and in transmission.

RECORD ACCESS PROCEDURES:
    The Privacy Act allows individuals the right to access records 
maintained about them in a Board system of records. Your request for 
access must: (1) contain a statement that the request is made pursuant 
to the Privacy Act of 1974; (2) provide either the name of the Board 
system of records expected to contain the record requested or a concise 
description of the system of records; (3) provide the information 
necessary to verify your identity; and (4) provide any other 
information that may assist in the rapid identification of the record 
you seek.
    The Board handles all Privacy Act requests as both a Privacy Act 
request and as a Freedom of Information Act request. The Board does not 
charge fees to a requestor seeking to access or amend his/her Privacy 
Act records.
    You may submit your Privacy Act request to the: Secretary of the 
Board, Board of Governors of the Federal Reserve System, 20th Street 
and Constitution Avenue NW, Washington, DC 20551.
    You may also submit your Privacy Act request electronically by 
filling out the required information at: https://foia.federalreserve.gov/.

CONTESTING RECORD PROCEDURES:
    The Privacy Act allows individuals to seek amendment of information 
that is erroneous, irrelevant, untimely, or incomplete and is 
maintained in a system of records that pertains to them. To request an 
amendment to your record, you should clearly mark the request as a 
``Privacy Act Amendment Request.'' You have the burden of proof for 
demonstrating the appropriateness of the requested amendment and you 
must provide relevant and convincing evidence in support of your 
request.
    Your request for amendment must: (1) provide the name of the 
specific Board system of records containing the record you seek to 
amend; (2) identify the specific portion of the record you seek to 
amend; (3) describe the nature of and reasons for each requested 
amendment; (4) explain why you believe the record is not accurate, 
relevant, timely, or complete; and (5) unless you have already done so 
in a related Privacy Act request for access or amendment, provide the 
necessary information to verify your identity.

NOTIFICATION PROCEDURES:
    Same as ``Access procedures'' above. You may also follow this 
procedure in order to request an accounting of previous disclosures of 
records pertaining to you as provided for by 5 U.S.C. 5I(c).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Certain portions of this system of records may be exempt from 5 
U.S.C. 552a(c)(3),I),I)(1), (e)(4)(G), (H), and (I), and (f) of the 
Privacy Act pursuant to 5 U.S.C. 552a(k)(2).

HISTORY:
    This SORN was previously published in the Federal Register at 73 FR 
54595 (September 22, 2008). The SORN was also amended to incorporate 
two new routine uses required by OMB at 83 FR 43872 (August 28, 2018).

    Board of Governors of the Federal Reserve System.
Ann E. Misback,
Secretary of the Board.
[FR Doc. 2022-17379 Filed 8-11-22; 8:45 am]
BILLING CODE 6210-01-P