Privacy Act of 1974: Systems of Records, 43152-43155 [2023-14274]
Download as PDF
43152
Federal Register / Vol. 88, No. 128 / Thursday, July 6, 2023 / Notices
previous four quarters available when
the Board approves the budget. The
NCUA combines operating fee and
capitalization deposit adjustments into a
single invoice normally due in April. As
required by the FCU Act, the NCUA will
deposit the collected fees in the United
States Treasury.25
lotter on DSK11XQN23PROD with NOTICES1
IV. Change to Operating Fee
Methodology and Request for Comment
The Board seeks comment on a
change to the exemption level below
which FCUs are not charged an
operating fee and invites comment on
other aspects of the operating fee
methodology, as described below.
1. Threshold for Exemption From
Paying an Operating Fee
Currently, FCUs reporting average
assets of $1,000,000 or less during the
preceding four calendar quarters are
exempt from paying an operating fee,
because the Board considered and
determined that such credit unions do
not have the ability to pay the fee. The
$1,000,000 average asset exemption
level has been in place since 2012 and
has not been adjusted since that time. In
the intervening 11 years, average assets
across FCUs have approximately
doubled. To account for this growth in
the size of the credit union system, the
Board is proposing to raise the average
asset exemption level for FCUs to
$2,000,000 and to adjust the exemption
threshold annually in future years by
the computed rate of asset growth in the
credit union system. This inflationary
adjustment would be included in the
operating fee calculation presented in
the annual draft NCUA budget
published by the Chief Financial Officer
pursuant to 12 U.S.C. 1789(b). The
NCUA would adjust the exemption
threshold by the percentage by which
average quarterly assets reported for the
credit union system for the most-current
four quarters have increased compared
to the previous four quarters, using the
Call report data available at the time the
NCUA budget is published. For
example, when the Board approved the
2023–2024 operating budget in
December 2022, the average credit
union system assets for the four mostcurrent quarters (i.e., the third and
fourth quarters of 2021 and the first two
quarters of 2022) were 8.5 percent
higher than the previous four quarters
(i.e., the third and fourth quarter of 2020
and the first two quarters of 2021). This
increase in assets can be expressed as an
inflation multiplier (1.085 in the
25 12 U.S.C. 1755(d); https://www.ncua.gov/files/
agenda-items/AG20191212Item1b.pdf, pages 57 to
64.
VerDate Sep<11>2014
17:07 Jul 05, 2023
Jkt 259001
example given) and applied to the
exemption threshold to determine the
adjusted level.
The Board believes that this change
would appropriately maintain its
current policy of exempting the smallest
natural person credit unions from
paying the operating fee based on those
institutions’ inability to pay such a fee.
2. Other Aspects of the Operating Fee
Methodology
The Board has not substantially
modified the current three-tier operating
fee schedule since 1993. The current
operating fee schedule is regressive; that
is, credit unions with a larger amount of
total assets pay a lower marginal rate on
those assets above the threshold levels
for the lower tiers. Given growth and
consolidation in the credit union
system, the Board is interested in
whether such an approach is an
equitable method for allocating the
operating fee. There is a potentially
wide range of approaches for assessing
the operating fee. For example, the
Board could adopt a single, flat-rate
operating fee for all credit unions with
total assets that exceed a standard
exemption threshold. Overall, a flat-rate
operating fee would shift fees away from
relatively smaller credit unions to
relatively larger ones, making the
operating fee schedule less regressive.
The Board could also make the
operating fee schedule less regressive by
increasing the rates for the second and
third tiers on the schedule.
Alternatively, adjusting the rates
upward for the first and second tiers of
the current operating fee would create a
more regressive schedule. The Board is
interested in receiving public comments
on whether or how it should consider
modifying the operating fee schedule
and what specific aspects and
conditions of the credit union system it
should evaluate when making such
decisions.
The Board is also interested in
specific suggestions that would increase
the equitable distribution of the
operating fee across FCUs. Because the
operating fee methodology allocates the
non-OTR portion of the NCUA budget to
all FCUs subject to it, changes to the
methodology do not lower total
operating fee collections but instead
shift the fees to those FCUs required to
pay it. The Board is interested in
understanding how any proposals to
change the methodology can be justified
as fair and equitable not only for those
FCUs whose operating fee would
decrease, but also for those FCUs whose
operating fees would increase and
therefore bear a greater fee burden
compared to the current methodology.
PO 00000
Frm 00074
Fmt 4703
Sfmt 4703
Authority: 12 U.S.C. 1755.
By the National Credit Union
Administration Board on June 29, 2023.
Melane Conyers-Ausbrooks,
Secretary of the Board.
[FR Doc. 2023–14201 Filed 7–5–23; 8:45 am]
BILLING CODE 7535–01–P
NATIONAL CREDIT UNION
ADMINISTRATION
Privacy Act of 1974: Systems of
Records
National Credit Union
Administration (NCUA).
ACTION: Notice of a modified system of
records.
AGENCY:
Pursuant to the Privacy Act of
1974, the National Credit Union
Administration (NCUA) gives notice of
a proposed modified Privacy Act system
of records titled NCUA–11, ‘‘Office of
Inspector General (OIG) Investigative
Records.’’ The OIG Investigative
Records system of records documents
the investigative work of the OIG,
including complaints received through
the OIG Hotline, OIG mail, and
otherwise, enabling the OIG to secure
and maintain necessary investigative
information and to coordinate with
other law enforcement agencies as
appropriate.
SUMMARY:
Submit comments on or before
August 7, 2023. This modification will
be effective immediately, and new
routine uses will be effective on August
7, 2023.
ADDRESSES: You may submit comments
by any of the following methods, but
please send comments by one method
only:
• Federal eRulemaking Portal: https://
www.regulations.gov. Follow the
instructions for submitting comments.
• NCUA website: https://
www.ncua.gov/
RegulationsOpinionsLaws/proposed_
regs/proposed_regs.html. Follow the
instructions for submitting comments.
• Fax: (703) 518–6319. Use the
subject line described above for email.
• Mail: Address to Melane ConyersAusbrooks, Secretary of the Board,
National Credit Union Administration,
1775 Duke Street, Alexandria, Virginia
22314–3428.
• Hand Delivery/Courier: Same as
mail address.
FOR FURTHER INFORMATION CONTACT:
Marta Erceg, Counsel to the Inspector
General/Assistant Inspector General,
Office of the Inspector General, (703)
518–6350, or Jennifer Harrison,
Attorney-Advisor, Office of General
DATES:
E:\FR\FM\06JYN1.SGM
06JYN1
lotter on DSK11XQN23PROD with NOTICES1
Federal Register / Vol. 88, No. 128 / Thursday, July 6, 2023 / Notices
Counsel, (703) 518–6540, 1775 Duke
Street, Alexandria, VA 22314.
SUPPLEMENTARY INFORMATION: The
NCUA has made the following
substantive changes to this System of
Records Notice:
1. NCUA has updated the Purpose(s)
of the System to provide additional
details of why records are being
collected.
2. NCUA has updated the Categories
of Records in the System to provide
additional details of what types of
records are being collected.
3. NCUA has updated its Routine
Uses. NCUA has added a routine use
relating to obtaining legal advice from
the Department of Justice and other
prosecutors. NCUA has added a routine
use to entities responsible for the
oversight of Federal funds. NCUA has
added a routine use for disclosure
records relating to suspension and
debarment actions. NCUA has added a
routine use for disclosure of records to
the Council of the Inspectors General for
Integrity and Efficiency. NCUA has
added a routine use to allow the OIG to
disclose records to a complainant’s
employer who at the time of the alleged
reprisal was an NCUA contractor,
subcontractor, grantee, or subgrantee,
without requiring the complainant’s
consent, to comply with the
requirements of 41 U.S.C. 4712(b)(1).
NCUA has also added text of the routine
uses that had been previously contained
in the agency’s ‘‘Standard Routine
Uses.’’ Finally, NCUA has added two
routine uses relating to the disclosure of
records in the event of a suspected or
actual privacy breach.
4. NCUA has updated Policies and
Practices for Storage of Records to
reflect that records are electronically
maintained.
5. NCUA has updated Policies and
Practices for Retention and Disposal of
Records to reflect that NCUA uses
National Archives and Records
Administration-approved records
schedules.
6. NCUA has updated Administrative,
Technical, and Physical Safeguards to
accurately reflect how these records are
protected.
7. NCUA has updated Record Access,
Contesting Record, and Notification
Procedures to accurately reflect the
NCUA procedures as detailed in 12 CFR
792.55.
8. NCUA has updated History to
accurately reflect the SORN’s
publication history. Non-substantive
modifications have also been made to
ensure that the format NCUA–11 aligns
with the guidance set forth in Office of
Management and Budget Circular A–
108.
VerDate Sep<11>2014
17:07 Jul 05, 2023
Jkt 259001
By the National Credit Union
Administration Board on June 30, 2023.
Melane Conyers-Ausbrooks,
Secretary of the Board.
SYSTEM NAME AND NUMBER:
NCUA–11, Office of Inspector General
(OIG) Investigative Records.
SECURITY CLASSIFICATION:
43153
reporting requirements of the Inspector
General Act, 5 U.S.C. 401–424;
8. Reporting on OIG activities to the
Council of Inspectors General for
Integrity and Efficiency (CIGIE); and
9. Participating in CIGIE’s
investigative qualitative assessment
review process.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
Unclassified.
Office of Inspector General, National
Credit Union Administration, 1775
Duke Street, Alexandria, VA 22314–
3428.
Subjects of investigation,
complainants, and witnesses referred to
in complaints or investigative cases,
reports, accompanying documents, and
correspondence prepared by, compiled
by, or referred to the OIG.
SYSTEM MANAGER(S):
CATEGORIES OF RECORDS IN THE SYSTEM:
Counsel to the Inspector General/
Assistant Inspector General for
Investigations, National Credit Union
Administration, 1775 Duke Street,
Alexandria, Virginia 22314–3428.
The system is comprised of OIG
investigation files and complaint files.
These files include reports of
investigations with related exhibits,
statements, affidavits, or other pertinent
documents. Files may contain
memoranda; computer-generated
background information; location
information; payroll, time sheets, and
travel records; correspondence,
including call, text, and email records;
and reports from or to other law
enforcement bodies pertaining to
violations or potential violations of
criminal laws, fraud, or abuse with
respect to administration of NCUA
programs and operations, and violations
of employee and contractor standards of
conduct. Records in this system may
contain personally identifiable
information such as names, Social
Security numbers, dates of birth, and
addresses. This system may also contain
such information as employment
history, bank account information,
driver’s licenses, vehicle registration,
educational records, criminal history,
photographs, voice recordings, and
other information of a personal nature
provided or obtained in connection with
an investigation.
SYSTEM LOCATION:
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Federal Credit Union Act, 12 U.S.C.
1751, et seq., and the Inspector General
Act of 1978, 5 U.S.C. 401, et seq.
PURPOSE(S) OF THE SYSTEM:
This system is maintained for the
purposes of:
1. Conducting and documenting
investigations by the OIG or other
investigative agencies regarding NCUA
programs, operations, personnel, and
contractors, and reporting the results of
investigations to NCUA management,
other Federal agencies, and other public
authorities or professional organizations
that have the authority to bring criminal
prosecutions or civil or administrative
actions, or to impose disciplinary
sanctions;
2. Documenting the outcome of OIG
investigations;
3. Maintaining a record of the
activities that were the subject of
investigations;
4. Reporting investigative findings for
use in operating and evaluating NCUA
programs or operations and in the
imposition of sanctions;
5. Maintaining a record of complaints
and allegations received regarding
NCUA programs, operations, and
personnel, and documenting the
outcome of OIG reviews and disposition
of those complaints and allegations;
6. Coordinating relationships with
other Federal agencies, State and local
governmental agencies, and
nongovernmental entities in matters
relating to the statutory responsibilities
of the OIG and reporting to such entities
on government-wide efforts pursuant to
the oversight of Federal funds;
7. Acting as a repository and source
for information necessary to fulfill the
PO 00000
Frm 00075
Fmt 4703
Sfmt 4703
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES:
In addition to those disclosures
generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, these records
or information contained therein may
specifically be disclosed outside the
NCUA as a routine use pursuant to 5
U.S.C. 552a(b)(3) as follows:
1. If a record in a system of records
indicates a violation or potential
violation of civil or criminal law or a
regulation, and whether arising by
general statute or particular program
statute, or by regulation, rule, or order,
the relevant records in the system of
records may be disclosed as a routine
use to the appropriate agency, whether
E:\FR\FM\06JYN1.SGM
06JYN1
lotter on DSK11XQN23PROD with NOTICES1
43154
Federal Register / Vol. 88, No. 128 / Thursday, July 6, 2023 / Notices
Federal, State, local, or foreign, charged
with the responsibility of investigating
or prosecuting such violation or charged
with enforcing or implementing the
statute, rule, regulation, or order issued
pursuant thereto;
2. A record in a system of records may
be disclosed as a routine use to a
member of Congress or to a
congressional staff member in response
to an inquiry from the congressional
office made at the request of the
individual about whom the record is
maintained;
3. A record in a system of records may
be disclosed as a routine use to the
Department of Justice, when: (a) NCUA,
or any of its components or employees
acting in their official capacities, is a
party to litigation; or (b) Any employee
of NCUA in his or her individual
capacity is a party to litigation and
where the Department of Justice has
agreed to represent the employee; or (c)
The United States is a party in litigation,
where NCUA determines that litigation
is likely to affect the agency or any of
its components, is a party to litigation
or has an interest in such litigation, and
NCUA determines that use of such
records is relevant and necessary to the
litigation;
4. A record in a system of records may
be disclosed as a routine use in a
proceeding before a court or
adjudicative body before which NCUA
is authorized to appear (a) when NCUA
or any of its components or employees
are acting in their official capacities; (b)
where NCUA or any employee of NCUA
in his or her individual capacity has
agreed to represent the employee; or (c)
where NCUA determines that litigation
is likely to affect the agency or any of
its components, is a party to litigation
or has an interest in such litigation, and
NCUA determines that use of such
records is relevant and necessary to the
litigation;
5. A record from a system of records
may be disclosed as a routine use to
contractors, experts, consultants, and
the agents thereof, and others
performing or working on a contract,
service, cooperative agreement, or other
assignment for NCUA when necessary
to accomplish an agency function or
administer an employee benefit
program. Individuals provided
information under this routine use are
subject to the same Privacy Act
requirements and limitations on
disclosure as are applicable to NCUA
employees;
6. A record from a system of records
may be disclosed as a routine use to the
Department of Justice, including its U.S.
Attorney’s Offices, and State and local
prosecutors, to the extent necessary to
VerDate Sep<11>2014
17:07 Jul 05, 2023
Jkt 259001
obtain legal advice on any matter
relevant to an OIG investigation, audit,
inspection, or other inquiry related to
the responsibilities of the OIG;
7. A record from a system of records
may be disclosed as a routine use to any
Federal agency, entity, or board
responsible for coordinating and
conducting oversight of Federal funds,
in order to prevent fraud, waste, and
abuse related to Federal funds, or for
assisting in the enforcement,
investigation, prosecution, or oversight
of violations of administrative, civil, or
criminal law or regulation, if that
information is relevant to any
enforcement, regulatory, investigative,
prosecutorial, or oversight responsibility
of the NCUA or of the receiving entity;
8. A record from a system of records
may be disclosed as a routine use to
another Federal agency considering
suspension or debarment action if the
information is relevant to the
suspension or debarment action. The
OIG also may disclose information to
another agency to gain information in
support of the NCUA’s own debarment
and suspension actions;
9. A record from a system of records
may be disclosed as a routine use to the
Council of the Inspectors General on
Integrity and Efficiency (CIGIE) to assist
in its preparation of reports, analysis,
surveys, coordination of investigations,
and other CIGIE activities;
10. A record from a system of records
may be disclosed as a routine use to
other Federal entities, such as other
Offices of Inspector General, to the
Government Accountability Office, or to
a private party with which the OIG or
the NCUA has contracted or with which
it contemplates contracting, for the
purpose of auditing or reviewing the
performance or internal management of
the OIG’s audit or investigative
programs.
11. A record from a system of records
may be disclosed as a routine use to a
complainant alleging whistleblower
reprisal and the complainant’s employer
(current or former) that at the time of the
alleged reprisal was a grantee,
subgrantee, contractor, or subcontractor
of the NCUA, to fulfill the
whistleblower reprisal investigation
reporting requirements of 41 U.S.C.
4712(b)(1) or any other whistleblower
reprisal law requiring a disclosure to a
complainant or an entity that employs
or employed the complainant;
12. A record from a system of records
may be disclosed to appropriate
agencies, entities, and persons when (1)
NCUA suspects or has confirmed that
the security or confidentiality of
information in the system of records has
been compromised; (2) NCUA has
PO 00000
Frm 00076
Fmt 4703
Sfmt 4703
determined that as a result of the
suspected or confirmed compromise
there is a risk of harm to economic or
property interests, identity theft or
fraud, or harm to the security or
integrity of this system or other systems
or programs (whether maintained by
NCUA or another agency or entity) that
rely upon the compromised
information; and (3) the disclosure
made to such agencies, entities, and
persons is reasonably necessary to assist
in connection with NCUA’s efforts to
respond to the suspected or confirmed
compromise and prevent, minimize, or
remedy such harm; and
13. A record from a system of records
may be disclosed to another Federal
agency or Federal entity, when the
NCUA determines that information from
this system of records is reasonably
necessary to assist the recipient agency
or entity in (1) responding to a
suspected or confirmed breach or (2)
preventing, minimizing, or remedying
the risk of harm to individuals, the
recipient agency or entity (including its
information systems, programs, and
operations), the Federal Government, or
national security, resulting from a
suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF
RECORDS:
Electronic records and backups are
stored on secure servers, approved by
NCUA’s Office of the Chief Information
Officer (OCIO), within a FedRAMPauthorized commercial Cloud Service
Provider’s (CSP) Software-as-a-Service
solution hosting environment and
accessed only by authorized personnel.
POLICIES AND PRACTICES FOR RETRIEVAL OF
RECORDS:
Information is retrieved by case
number, general subject matter, or name
of the subject of investigation.
POLICIES AND PRACTICES FOR RETENTION AND
DISPOSAL OF RECORDS:
Records are maintained and disposed
in accordance with the General Records
Retention Schedules issued by the
National Archives and Records
Administration (NARA) or an NCUA
records disposition schedule approved
by NARA.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL
SAFEGUARDS:
NCUA and the Cloud Service Provider
have implemented the appropriate
administrative, technical, and physical
controls in accordance with the Federal
Information Security Modernization Act
of 2014, Public Law 113–283, S. 2521,
and NCUA’s information security
policies to protect the confidentiality,
integrity, and availability of the
E:\FR\FM\06JYN1.SGM
06JYN1
Federal Register / Vol. 88, No. 128 / Thursday, July 6, 2023 / Notices
information system and the information
contained therein. Access is limited
only to individuals authorized through
NIST-compliant Identity, Credential,
and Access Management policies and
procedures. The records are maintained
behind a layered defensive posture
consistent with all applicable Federal
laws and regulations, including OMB
Circular A–130 and NIST Special
Publication 800–37.
RECORD ACCESS PROCEDURES:
Individuals wishing access to their
records should submit a written request
to the Senior Agency Official for
Privacy, NCUA, 1775 Duke Street,
Alexandria, VA 22314, and provide the
following information:
1. Full name.
2. Any available information
regarding the type of record involved.
3. The address to which the record
information should be sent.
4. You must sign your request.
Attorneys or other persons acting on
behalf of an individual must provide
written authorization from that
individual for the representative to act
on their behalf. Individuals requesting
access must also comply with NCUA’s
Privacy Act regulations regarding
verification of identity and access to
records (12 CFR 792.55).
CONTESTING RECORD PROCEDURES:
Individuals wishing to request an
amendment to their records should
submit a written request to the Senior
Agency Official for Privacy, NCUA,
1775 Duke Street, Alexandria, VA
22314, and provide the following
information:
1. Full name.
2. Any available information
regarding the type of record involved.
3. A statement specifying the changes
to be made in the records and the
justification therefore.
4. The address to which the response
should be sent.
5. You must sign your request.
Attorneys or other persons acting on
behalf of an individual must provide
written authorization from that
individual for the representative to act
on their behalf.
lotter on DSK11XQN23PROD with NOTICES1
NOTIFICATION PROCEDURES:
Individuals wishing to learn whether
this system of records contains
information about them should submit a
written request to the Senior Agency
Official for Privacy, NCUA, 1775 Duke
Street, Alexandria, VA 22314, and
provide the following information:
1. Full name.
2. Any available information
regarding the type of record involved.
VerDate Sep<11>2014
17:07 Jul 05, 2023
Jkt 259001
3. The address to which the record
information should be sent.
4. You must sign your request.
Attorneys or other persons acting on
behalf of an individual must provide
written authorization from that
individual for the representative to act
on their behalf. Individuals requesting
access must also comply with NCUA’s
Privacy Act regulations regarding
verification of identity and access to
records (12 CFR 792.55).
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Pursuant to 5 U.S.C. 552a(j)(2), this
system of records is exempt from
subsections (c)(3) and (4), (d), (e)(1),
(e)(2), (e)(3), (e)(4)(G), (e)(4)(H), (e)(4)(I),
(e)(5), (e)(8), (f) and (g) of the Act. This
exemption applies to information in the
system that relates to criminal law
enforcement and meets the criteria of
the (j)(2) exemption. Pursuant to 5
U.S.C. 552a(k)(2), to the extent that the
system contains investigative material
compiled for law enforcement purposes,
other than material within the scope of
subsection (j)(2), this system of records
is exempt from 5 U.S.C. 552a(c)(3), (d),
(e)(1), (e)(4)(G), (H), and (I), and (f). The
exemption rule is contained in 12 CFR
792.66 of the NCUA regulations.
HISTORY:
This SORN was published originally
as NCUA–20, ‘‘Investigation Files,’’ at
53 FR 37372 (Sept. 26, 1988); renamed
to ‘‘Office of Inspector General
Investigative Records’’ at 60 FR 18149
(April 10, 1995); and renumbered as
NCUA–11 at 65 FR 3486 (Feb. 20, 2000).
Subsequent modifications were
published at 71 FR 77807 (Dec. 27,
2006) and 75 FR 41539 (July 16, 2010).
[FR Doc. 2023–14274 Filed 7–5–23; 8:45 am]
BILLING CODE 7535–01–P
NUCLEAR REGULATORY
COMMISSION
[NRC–2022–0217]
Information Collection: NRC Form 974
Privacy Act Complaint Form
Nuclear Regulatory
Commission.
ACTION: Notice of submission to the
Office of Management and Budget;
request for comment.
AGENCY:
The U.S. Nuclear Regulatory
Commission (NRC) has recently
submitted a proposed collection of
information to the Office of
Management and Budget (OMB) for
review. The information collection is
entitled, NRC Form 974 ‘‘Privacy Act
Complaint Form.’’
SUMMARY:
PO 00000
Frm 00077
Fmt 4703
Sfmt 4703
43155
Submit comments by August 7,
2023. Comments received after this date
will be considered if it is practical to do
so, but the Commission is able to ensure
consideration only for comments
received on or before this date.
ADDRESSES: Written comments and
recommendations for the proposed
information collection should be sent
within 30 days of publication of this
notice to https://www.reginfo.gov/
public/do/PRAMain. Find this
particular information collection by
selecting ‘‘Currently under Review—
Open for Public Comments’’ or by using
the search function.
FOR FURTHER INFORMATION CONTACT:
David Cullison, NRC Clearance Officer,
U.S. Nuclear Regulatory Commission,
Washington, DC 20555–0001; telephone:
301–415–2084; email:
Infocollects.Resource@nrc.gov.
SUPPLEMENTARY INFORMATION:
DATES:
I. Obtaining Information and
Submitting Comments
A. Obtaining Information
Please refer to Docket ID NRC–2022–
0217 when contacting the NRC about
the availability of information for this
action. You may obtain publicly
available information related to this
action by any of the following methods:
• Federal Rulemaking website: Go to
https://www.regulations.gov and search
for Docket ID NRC–2022–0217.
• NRC’s Agencywide Documents
Access and Management System
(ADAMS): You may obtain publicly
available documents online in the
ADAMS Public Documents collection at
https://www.nrc.gov/reading-rm/
adams.html. To begin the search, select
‘‘Begin Web-based ADAMS Search.’’ For
problems with ADAMS, please contact
the NRC’s Public Document Room (PDR)
reference staff at 1–800–397–4209, 301–
415–4737, or by email to
PDR.Resource@nrc.gov. A copy of the
collection of information and related
instructions may be obtained without
charge by accessing ADAMS Accession
No. ML23089A290. The supporting
statement is available in ADAMS under
Accession No. ML23081A464.
• NRC’s PDR: The PDR, where you
may examine and order copies of
publicly available documents, is open
by appointment. To make an
appointment to visit the PDR, please
send an email to PDR.Resource@nrc.gov
or call 1–800–397–4209 or 301–415–
4737, between 8 a.m. and 4 p.m. eastern
time (ET), Monday through Friday,
except Federal holidays.
• NRC’s Clearance Officer: A copy of
the collection of information and related
instructions may be obtained without
E:\FR\FM\06JYN1.SGM
06JYN1
Agencies
[Federal Register Volume 88, Number 128 (Thursday, July 6, 2023)]
[Notices]
[Pages 43152-43155]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-14274]
-----------------------------------------------------------------------
NATIONAL CREDIT UNION ADMINISTRATION
Privacy Act of 1974: Systems of Records
AGENCY: National Credit Union Administration (NCUA).
ACTION: Notice of a modified system of records.
-----------------------------------------------------------------------
SUMMARY: Pursuant to the Privacy Act of 1974, the National Credit Union
Administration (NCUA) gives notice of a proposed modified Privacy Act
system of records titled NCUA-11, ``Office of Inspector General (OIG)
Investigative Records.'' The OIG Investigative Records system of
records documents the investigative work of the OIG, including
complaints received through the OIG Hotline, OIG mail, and otherwise,
enabling the OIG to secure and maintain necessary investigative
information and to coordinate with other law enforcement agencies as
appropriate.
DATES: Submit comments on or before August 7, 2023. This modification
will be effective immediately, and new routine uses will be effective
on August 7, 2023.
ADDRESSES: You may submit comments by any of the following methods, but
please send comments by one method only:
Federal eRulemaking Portal: https://www.regulations.gov.
Follow the instructions for submitting comments.
NCUA website: https://www.ncua.gov/RegulationsOpinionsLaws/proposed_regs/proposed_regs.html. Follow the instructions for
submitting comments.
Fax: (703) 518-6319. Use the subject line described above
for email.
Mail: Address to Melane Conyers-Ausbrooks, Secretary of
the Board, National Credit Union Administration, 1775 Duke Street,
Alexandria, Virginia 22314-3428.
Hand Delivery/Courier: Same as mail address.
FOR FURTHER INFORMATION CONTACT: Marta Erceg, Counsel to the Inspector
General/Assistant Inspector General, Office of the Inspector General,
(703) 518-6350, or Jennifer Harrison, Attorney-Advisor, Office of
General
[[Page 43153]]
Counsel, (703) 518-6540, 1775 Duke Street, Alexandria, VA 22314.
SUPPLEMENTARY INFORMATION: The NCUA has made the following substantive
changes to this System of Records Notice:
1. NCUA has updated the Purpose(s) of the System to provide
additional details of why records are being collected.
2. NCUA has updated the Categories of Records in the System to
provide additional details of what types of records are being
collected.
3. NCUA has updated its Routine Uses. NCUA has added a routine use
relating to obtaining legal advice from the Department of Justice and
other prosecutors. NCUA has added a routine use to entities responsible
for the oversight of Federal funds. NCUA has added a routine use for
disclosure records relating to suspension and debarment actions. NCUA
has added a routine use for disclosure of records to the Council of the
Inspectors General for Integrity and Efficiency. NCUA has added a
routine use to allow the OIG to disclose records to a complainant's
employer who at the time of the alleged reprisal was an NCUA
contractor, subcontractor, grantee, or subgrantee, without requiring
the complainant's consent, to comply with the requirements of 41 U.S.C.
4712(b)(1). NCUA has also added text of the routine uses that had been
previously contained in the agency's ``Standard Routine Uses.''
Finally, NCUA has added two routine uses relating to the disclosure of
records in the event of a suspected or actual privacy breach.
4. NCUA has updated Policies and Practices for Storage of Records
to reflect that records are electronically maintained.
5. NCUA has updated Policies and Practices for Retention and
Disposal of Records to reflect that NCUA uses National Archives and
Records Administration-approved records schedules.
6. NCUA has updated Administrative, Technical, and Physical
Safeguards to accurately reflect how these records are protected.
7. NCUA has updated Record Access, Contesting Record, and
Notification Procedures to accurately reflect the NCUA procedures as
detailed in 12 CFR 792.55.
8. NCUA has updated History to accurately reflect the SORN's
publication history. Non-substantive modifications have also been made
to ensure that the format NCUA-11 aligns with the guidance set forth in
Office of Management and Budget Circular A-108.
By the National Credit Union Administration Board on June 30,
2023.
Melane Conyers-Ausbrooks,
Secretary of the Board.
SYSTEM NAME AND NUMBER:
NCUA-11, Office of Inspector General (OIG) Investigative Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Office of Inspector General, National Credit Union Administration,
1775 Duke Street, Alexandria, VA 22314-3428.
SYSTEM MANAGER(S):
Counsel to the Inspector General/Assistant Inspector General for
Investigations, National Credit Union Administration, 1775 Duke Street,
Alexandria, Virginia 22314-3428.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Federal Credit Union Act, 12 U.S.C. 1751, et seq., and the
Inspector General Act of 1978, 5 U.S.C. 401, et seq.
PURPOSE(S) OF THE SYSTEM:
This system is maintained for the purposes of:
1. Conducting and documenting investigations by the OIG or other
investigative agencies regarding NCUA programs, operations, personnel,
and contractors, and reporting the results of investigations to NCUA
management, other Federal agencies, and other public authorities or
professional organizations that have the authority to bring criminal
prosecutions or civil or administrative actions, or to impose
disciplinary sanctions;
2. Documenting the outcome of OIG investigations;
3. Maintaining a record of the activities that were the subject of
investigations;
4. Reporting investigative findings for use in operating and
evaluating NCUA programs or operations and in the imposition of
sanctions;
5. Maintaining a record of complaints and allegations received
regarding NCUA programs, operations, and personnel, and documenting the
outcome of OIG reviews and disposition of those complaints and
allegations;
6. Coordinating relationships with other Federal agencies, State
and local governmental agencies, and nongovernmental entities in
matters relating to the statutory responsibilities of the OIG and
reporting to such entities on government-wide efforts pursuant to the
oversight of Federal funds;
7. Acting as a repository and source for information necessary to
fulfill the reporting requirements of the Inspector General Act, 5
U.S.C. 401-424;
8. Reporting on OIG activities to the Council of Inspectors General
for Integrity and Efficiency (CIGIE); and
9. Participating in CIGIE's investigative qualitative assessment
review process.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Subjects of investigation, complainants, and witnesses referred to
in complaints or investigative cases, reports, accompanying documents,
and correspondence prepared by, compiled by, or referred to the OIG.
CATEGORIES OF RECORDS IN THE SYSTEM:
The system is comprised of OIG investigation files and complaint
files. These files include reports of investigations with related
exhibits, statements, affidavits, or other pertinent documents. Files
may contain memoranda; computer-generated background information;
location information; payroll, time sheets, and travel records;
correspondence, including call, text, and email records; and reports
from or to other law enforcement bodies pertaining to violations or
potential violations of criminal laws, fraud, or abuse with respect to
administration of NCUA programs and operations, and violations of
employee and contractor standards of conduct. Records in this system
may contain personally identifiable information such as names, Social
Security numbers, dates of birth, and addresses. This system may also
contain such information as employment history, bank account
information, driver's licenses, vehicle registration, educational
records, criminal history, photographs, voice recordings, and other
information of a personal nature provided or obtained in connection
with an investigation.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, these records or information contained
therein may specifically be disclosed outside the NCUA as a routine use
pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. If a record in a system of records indicates a violation or
potential violation of civil or criminal law or a regulation, and
whether arising by general statute or particular program statute, or by
regulation, rule, or order, the relevant records in the system of
records may be disclosed as a routine use to the appropriate agency,
whether
[[Page 43154]]
Federal, State, local, or foreign, charged with the responsibility of
investigating or prosecuting such violation or charged with enforcing
or implementing the statute, rule, regulation, or order issued pursuant
thereto;
2. A record in a system of records may be disclosed as a routine
use to a member of Congress or to a congressional staff member in
response to an inquiry from the congressional office made at the
request of the individual about whom the record is maintained;
3. A record in a system of records may be disclosed as a routine
use to the Department of Justice, when: (a) NCUA, or any of its
components or employees acting in their official capacities, is a party
to litigation; or (b) Any employee of NCUA in his or her individual
capacity is a party to litigation and where the Department of Justice
has agreed to represent the employee; or (c) The United States is a
party in litigation, where NCUA determines that litigation is likely to
affect the agency or any of its components, is a party to litigation or
has an interest in such litigation, and NCUA determines that use of
such records is relevant and necessary to the litigation;
4. A record in a system of records may be disclosed as a routine
use in a proceeding before a court or adjudicative body before which
NCUA is authorized to appear (a) when NCUA or any of its components or
employees are acting in their official capacities; (b) where NCUA or
any employee of NCUA in his or her individual capacity has agreed to
represent the employee; or (c) where NCUA determines that litigation is
likely to affect the agency or any of its components, is a party to
litigation or has an interest in such litigation, and NCUA determines
that use of such records is relevant and necessary to the litigation;
5. A record from a system of records may be disclosed as a routine
use to contractors, experts, consultants, and the agents thereof, and
others performing or working on a contract, service, cooperative
agreement, or other assignment for NCUA when necessary to accomplish an
agency function or administer an employee benefit program. Individuals
provided information under this routine use are subject to the same
Privacy Act requirements and limitations on disclosure as are
applicable to NCUA employees;
6. A record from a system of records may be disclosed as a routine
use to the Department of Justice, including its U.S. Attorney's
Offices, and State and local prosecutors, to the extent necessary to
obtain legal advice on any matter relevant to an OIG investigation,
audit, inspection, or other inquiry related to the responsibilities of
the OIG;
7. A record from a system of records may be disclosed as a routine
use to any Federal agency, entity, or board responsible for
coordinating and conducting oversight of Federal funds, in order to
prevent fraud, waste, and abuse related to Federal funds, or for
assisting in the enforcement, investigation, prosecution, or oversight
of violations of administrative, civil, or criminal law or regulation,
if that information is relevant to any enforcement, regulatory,
investigative, prosecutorial, or oversight responsibility of the NCUA
or of the receiving entity;
8. A record from a system of records may be disclosed as a routine
use to another Federal agency considering suspension or debarment
action if the information is relevant to the suspension or debarment
action. The OIG also may disclose information to another agency to gain
information in support of the NCUA's own debarment and suspension
actions;
9. A record from a system of records may be disclosed as a routine
use to the Council of the Inspectors General on Integrity and
Efficiency (CIGIE) to assist in its preparation of reports, analysis,
surveys, coordination of investigations, and other CIGIE activities;
10. A record from a system of records may be disclosed as a routine
use to other Federal entities, such as other Offices of Inspector
General, to the Government Accountability Office, or to a private party
with which the OIG or the NCUA has contracted or with which it
contemplates contracting, for the purpose of auditing or reviewing the
performance or internal management of the OIG's audit or investigative
programs.
11. A record from a system of records may be disclosed as a routine
use to a complainant alleging whistleblower reprisal and the
complainant's employer (current or former) that at the time of the
alleged reprisal was a grantee, subgrantee, contractor, or
subcontractor of the NCUA, to fulfill the whistleblower reprisal
investigation reporting requirements of 41 U.S.C. 4712(b)(1) or any
other whistleblower reprisal law requiring a disclosure to a
complainant or an entity that employs or employed the complainant;
12. A record from a system of records may be disclosed to
appropriate agencies, entities, and persons when (1) NCUA suspects or
has confirmed that the security or confidentiality of information in
the system of records has been compromised; (2) NCUA has determined
that as a result of the suspected or confirmed compromise there is a
risk of harm to economic or property interests, identity theft or
fraud, or harm to the security or integrity of this system or other
systems or programs (whether maintained by NCUA or another agency or
entity) that rely upon the compromised information; and (3) the
disclosure made to such agencies, entities, and persons is reasonably
necessary to assist in connection with NCUA's efforts to respond to the
suspected or confirmed compromise and prevent, minimize, or remedy such
harm; and
13. A record from a system of records may be disclosed to another
Federal agency or Federal entity, when the NCUA determines that
information from this system of records is reasonably necessary to
assist the recipient agency or entity in (1) responding to a suspected
or confirmed breach or (2) preventing, minimizing, or remedying the
risk of harm to individuals, the recipient agency or entity (including
its information systems, programs, and operations), the Federal
Government, or national security, resulting from a suspected or
confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Electronic records and backups are stored on secure servers,
approved by NCUA's Office of the Chief Information Officer (OCIO),
within a FedRAMP-authorized commercial Cloud Service Provider's (CSP)
Software-as-a-Service solution hosting environment and accessed only by
authorized personnel.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Information is retrieved by case number, general subject matter, or
name of the subject of investigation.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Records are maintained and disposed in accordance with the General
Records Retention Schedules issued by the National Archives and Records
Administration (NARA) or an NCUA records disposition schedule approved
by NARA.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
NCUA and the Cloud Service Provider have implemented the
appropriate administrative, technical, and physical controls in
accordance with the Federal Information Security Modernization Act of
2014, Public Law 113-283, S. 2521, and NCUA's information security
policies to protect the confidentiality, integrity, and availability of
the
[[Page 43155]]
information system and the information contained therein. Access is
limited only to individuals authorized through NIST-compliant Identity,
Credential, and Access Management policies and procedures. The records
are maintained behind a layered defensive posture consistent with all
applicable Federal laws and regulations, including OMB Circular A-130
and NIST Special Publication 800-37.
RECORD ACCESS PROCEDURES:
Individuals wishing access to their records should submit a written
request to the Senior Agency Official for Privacy, NCUA, 1775 Duke
Street, Alexandria, VA 22314, and provide the following information:
1. Full name.
2. Any available information regarding the type of record involved.
3. The address to which the record information should be sent.
4. You must sign your request.
Attorneys or other persons acting on behalf of an individual must
provide written authorization from that individual for the
representative to act on their behalf. Individuals requesting access
must also comply with NCUA's Privacy Act regulations regarding
verification of identity and access to records (12 CFR 792.55).
CONTESTING RECORD PROCEDURES:
Individuals wishing to request an amendment to their records should
submit a written request to the Senior Agency Official for Privacy,
NCUA, 1775 Duke Street, Alexandria, VA 22314, and provide the following
information:
1. Full name.
2. Any available information regarding the type of record involved.
3. A statement specifying the changes to be made in the records and
the justification therefore.
4. The address to which the response should be sent.
5. You must sign your request.
Attorneys or other persons acting on behalf of an individual must
provide written authorization from that individual for the
representative to act on their behalf.
NOTIFICATION PROCEDURES:
Individuals wishing to learn whether this system of records
contains information about them should submit a written request to the
Senior Agency Official for Privacy, NCUA, 1775 Duke Street, Alexandria,
VA 22314, and provide the following information:
1. Full name.
2. Any available information regarding the type of record involved.
3. The address to which the record information should be sent.
4. You must sign your request.
Attorneys or other persons acting on behalf of an individual must
provide written authorization from that individual for the
representative to act on their behalf. Individuals requesting access
must also comply with NCUA's Privacy Act regulations regarding
verification of identity and access to records (12 CFR 792.55).
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Pursuant to 5 U.S.C. 552a(j)(2), this system of records is exempt
from subsections (c)(3) and (4), (d), (e)(1), (e)(2), (e)(3),
(e)(4)(G), (e)(4)(H), (e)(4)(I), (e)(5), (e)(8), (f) and (g) of the
Act. This exemption applies to information in the system that relates
to criminal law enforcement and meets the criteria of the (j)(2)
exemption. Pursuant to 5 U.S.C. 552a(k)(2), to the extent that the
system contains investigative material compiled for law enforcement
purposes, other than material within the scope of subsection (j)(2),
this system of records is exempt from 5 U.S.C. 552a(c)(3), (d), (e)(1),
(e)(4)(G), (H), and (I), and (f). The exemption rule is contained in 12
CFR 792.66 of the NCUA regulations.
HISTORY:
This SORN was published originally as NCUA-20, ``Investigation
Files,'' at 53 FR 37372 (Sept. 26, 1988); renamed to ``Office of
Inspector General Investigative Records'' at 60 FR 18149 (April 10,
1995); and renumbered as NCUA-11 at 65 FR 3486 (Feb. 20, 2000).
Subsequent modifications were published at 71 FR 77807 (Dec. 27, 2006)
and 75 FR 41539 (July 16, 2010).
[FR Doc. 2023-14274 Filed 7-5-23; 8:45 am]
BILLING CODE 7535-01-P