Privacy Act of 1974; System of Records, 19735-19738 [2025-08214]

Agencies

• Postal Service

[Federal Register Volume 90, Number 89 (Friday, May 9, 2025)]
[Notices]
[Pages 19735-19738]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2025-08214]


=======================================================================
-----------------------------------------------------------------------

POSTAL SERVICE


Privacy Act of 1974; System of Records

AGENCY: Postal Service.

[[Page 19736]]


ACTION: Notice of modified system of records.

-----------------------------------------------------------------------

SUMMARY: The United States Postal Service (USPS) is proposing to revise 
a Customer Privacy Act System of Records (SOR), in order to enhance the 
flexibility needed to support ongoing administrative and compliance 
activities for the Bank Secrecy Act (BSA), Anti-Money Laundering (AML) 
and Office of Foreign Assets Control (OFAC) requirements and standards, 
as determined by the Financial Crimes Enforcement Network (FinCEN).

DATES: These revisions will become effective without further notice on 
June 9, 2025, unless responses to comments received on or before that 
date result in a contrary determination.

ADDRESSES: Comments may be submitted via email to the Privacy and 
Records Management Office, United States Postal Service Headquarters 
([email protected]). To facilitate public inspection, 
arrangements to view copies of any written comments received will be 
made upon request.

FOR FURTHER INFORMATION CONTACT: Janine Castorina, Chief Privacy and 
Records Management Officer, Privacy and Records Management Office, via 
[email protected] and by phone at 202-268-2000.

SUPPLEMENTARY INFORMATION: This notice is in accordance with the 
Privacy Act requirement that agencies publish their systems of records 
in the Federal Register when there is a revision, change, or addition, 
or when the agency establishes a new system of records. The Postal 
Service has determined that Customer Privacy Act System of Records, 
USPS SOR 860.000, Financial Transactions, should be revised to promote 
transparency and support ongoing administrative and compliance 
activities to meet BSA, AML and OFAC requirements and standards.

I. Background

    The Postal Service is defined as a money services business (MSB) 
under the BSA as it is a provider of money orders, gift cards, and 
limited check cashing services to customers throughout the United 
States. Moreover, the Postal Service is the only entity specifically 
mentioned in the BSA as being covered by the BSA and therefore, has a 
legal mandate to detect and deter suspicious activities. In addition, 
the Postal Service must train those who sell postal financial 
instruments, products, or services and those who supervise them, along 
with meeting federal recordkeeping and reporting requirements and 
standards.

II. Rationale for Changes to USPS Privacy Act Systems of Records

    Transactional limits and thresholds that trigger compliance and 
reporting activities are determined by FinCEN, a bureau of the U.S. 
Department of the Treasury. USPS SOR 860.000, Financial Transactions is 
being modified to increase flexibility to meet changing requirements 
and standards.

III. Description of the Modified System of Records

    The Postal Service is proposing modifications to USPS SOR 860.000, 
Financial Transactions, as summarized below:
    Updated PURPOSES #1 and #2 to include financial instruments.
     Updated PURPOSE #3 to include the BSA, AML and OFAC 
compliance and reporting standards.
     Updated PURPOSE #4 to include the reporting of potential 
fraud, crime, or violation of law or regulation.
     Updated PURPOSE #5 to include crime, and violations of law 
or regulation.
     Updated CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM #2 
to include financial instruments, products, and services.
     Updated CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM #4 
to be more comprehensive and consistent with other sections of the SOR.
     Updated CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM 
#1, #2, #3 and #5 to delete fund transfers, international wire 
transfers, and fixed dollar amounts.
     Updated CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM #5 
to further define beneficiaries.
     Updated CATEGORIES OF RECORDS IN THE SYSTEM #8 d. and g. 
and #9 to delete fixed dollar amounts and Sure Money\TM\/Dinero Seguro.
     Added CATEGORIES OF RECORDS IN THE SYSTEM #10.
     Updated RECORD SOURCE CATEGORIES add beneficiaries.
     Updated Special Routine Use a. for consistency.
     Updated POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL 
OF RECORDS to delete for funds transfers, transaction records are 
retained 3 years.
     Deleted funds transfers from NOTIFICATION PROCEDURES.
     Updated NOTIFICATION PROCEDURES to include and claims 
related to other financial instruments, products, or services.
    Pursuant to 5 U.S.C. 552a(e)(11), interested persons are invited to 
submit written data, views, or arguments on this proposal. A report of 
the proposed revisions has been sent to Congress and to the Office of 
Management and Budget (OMB) for their evaluations. The Postal Service 
does not expect this amended system of records to have any adverse 
effect on individual privacy rights. USPS SOR 860.000, Financial 
Transactions is displayed below in its entirety:

SYSTEM NAME AND NUMBER:
    USPS 860.000 Financial Transactions.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    USPS Headquarters; Integrated Business Solutions Services Centers; 
Accounting Service Centers; Bank Secrecy Act (BSA) Anti-Money 
Laundering (AML) Compliance group; and contractor sites.

SYSTEM MANAGER(S):
    Chief Financial Officer and Executive Vice President, United States 
Postal Service, 475 L'Enfant Plaza SW, Washington, DC 20260.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    39 U.S.C. 401, 403, and 404; 31 U.S.C. 5311 et seq., and 7701.

PURPOSE(S) OF THE SYSTEM:
    1. To provide financial instruments, products, and services.
    2. To respond to inquiries and claims related to financial 
instruments, products, and services.
    3. To fulfill compliance and reporting standards found in statutes, 
regulations and guidance under the BSA, AML and Office of Foreign 
Assets Control (OFAC).
    4. To report potential fraud, crime, or violation of law or 
regulation and to support investigations related to law enforcement for 
financial transactions.
    5. To provide additional verification procedures to combat fraud, 
crime, and violations of law or regulation in financial transactions.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    1. Customers who use online payment services.
    2. Customers who file claims or make inquiries related to online 
payment services, money orders, stored-value cards, and financial 
instruments, products, and services.
    3. Customers who purchase financial instruments, products, or 
services including money orders and gift cards.

[[Page 19737]]

    4. Customers who purchase or redeem money orders, stored value 
cards, financial instruments, products, or services in a manner raising 
the possibility of a violation of law or regulation or deemed 
suspicious expressly including under BSA, AML, or OFAC statutes, 
regulations, or guidance.
    5. Beneficiaries who cash or redeem financial instruments, 
products, or services.
    6. Specially Designated Nationals and Blocked Persons List (SDNs) 
as defined and mandated by the OFAC.

CATEGORIES OF RECORDS IN THE SYSTEM:
    1. Customer information: Name, customer ID(s), mail and email 
address, telephone number, occupation, type of business, Employer 
Identification Number (EIN), and customer history.
    2. Identity verification information: Date of birth, username and/
or ID, password, Social Security Number (SSN) or tax ID number, and 
driver's license number (or other type of ID if driver's license is not 
available, such as Alien Registration Number, Passport Number, Military 
ID, Tax ID Number). (Note: For online payment services, SSNs are 
collected, but not retained, in order to verify ID.)
    3. Billers registered for online payment services: Biller name and 
contact information, bill detail, and bill summaries.
    4. Transaction information: Name, address, and phone number of 
purchaser, payee, and biller; amount, date, and location; credit and/or 
debit card number, type, and expiration; sales, refunds, and fees; type 
of service selected and status; sender and recipient bank account and 
routing number; bill detail and summaries; transaction number, serial 
number, and/or reference number or other identifying number, pay out 
agent name and address; type of payment, currency, and exchange rate; 
Post Office information such as location, phone number, and terminal; 
employee ID numbers, license number and state, and employee comments.
    5. Information to determine credit-worthiness: Period at current 
residence, previous address, and period of time with same phone number.
    6. Information related to claims and inquiries: Name, address, 
phone number, signature, SSN, location where product was purchased, 
date of issue, amount, serial number, and claim number.
    7. Online user information: Internet Protocol (IP) address, domain 
name, operating system version, browser version, date and time of 
connection, and geographic location.
    8. Funds Transaction Report (FTR) Postal Service (PS) Form 8105-A:
    a. Type of Transaction (completed by customer): on behalf of self, 
on behalf of another individual, on behalf of a business/organization, 
law enforcement agent or government representative on behalf of an 
agency, private courier on behalf of individual, private courier on 
behalf of a business/organization, armored car service on behalf of a 
business/individual.
    b. Customer Information (completed by customer): last name/first 
name, address (number, street, box, suite/apt no.), city, state, ZIP 
Code, country, date of birth (MM/DD/YYYY), SSN, telephone number 
(include area code); Photo ID: driver's license no. (U.S. only--must 
indicate state), resident alien/permanent resident ID no., other ID 
(U.S./state government-issued IDs, including tribal, and Mexican 
matricular consular), state ID no. (U.S. only--must indicate state), 
military ID no. (U.S. only), passport no. (must indicate country); 
Describe other ID: ID number, issuing state, issuing country 
(passport), occupation (be as specific as possible); (Completed by 
Postal Service employee): round date stamp.
    c. Other Person/Business/Organization on Whose Behalf Transaction 
Is Being Conducted (completed by customer): last name/first name or 
business name or organization name (no acronyms), SSN or employer ID 
number (EIN), North American Industry Classification System (NAICS) (if 
business), type of business/organization/occupation, address (number, 
street, box, suite/apt no.), city, state, ZIP Code, country, date of 
birth (MM/DD/YYYY), telephone number (include area code), ID type, ID 
number, issuing state;
    d. Completed by Postal Service Employee: type of transaction (check 
one)--amount purchased or amount redeemed/cashed, total face value 
(excluding fee), transaction date (MM/DD/YYYY), beginning serial no. 
thru ending serial no. money order ranges 1-2, number of money orders 
sold, number of money orders redeemed/cashed, number of gift cards sold 
(provide numbers in section on back of form), signature of USPS 
employee, Post Office, ZIP Code;
    e. Law Enforcement Agent of Government Representative on Behalf of 
an Agency (completed by customer): last name/first name, date of birth 
(MM/DD/YYYY), work telephone number (include area code), law 
enforcement agent/government representative photo ID number (if photo 
ID does not have a number please use agent/representative driver's 
license number), type of ID: law enforcement ID, government 
representative ID, driver's license number (must note state if using 
driver's license), state, agency name (no acronyms), address (number, 
street, box, suite/apt. no.), city, state, ZIP Code, occupation, agency 
Employer Identification Number (EIN), NAICS;
    f. Armored Car Service Information (completed by customer): armored 
car business name (no acronyms), EIN, telephone number (include area 
code), address (number, street, box, suite/apt no.), city, state, ZIP 
Code; and
    g. Completed by Postal Service Employee (Continued): type of 
transaction (check one)--amount purchased or amount redeemed/cashed 
additional transaction numbers for money orders and gift cards--
beginning serial no. thru ending serial no. money order ranges 3-6, and 
gift card numbers 1-4.
    9. Suspicious Transaction Report (STR) PS Form 8105-B (completed by 
Postal Service employee): activity type--purchased, redeemed/cashed, 
other (describe in comments section), begin serial no. thru end serial 
no. money order ranges 1-3, transaction amount, transaction date, 
transaction time, recorded by camera, check box if a debit/credit card 
was used in the transaction (do not include any information from the 
debit/credit card on this form), description of customer(s) 1-4--sex 
(M/F), approximate age, height, weight, ethnicity, round date stamp, 
Post Office, ZIP Code, comments (check all that apply), vehicle 
description (if available)--make, type, color, license number, license 
state, comments, money order ranges 4-5, gift cards 1-2, business name/
customer last name, first name, address (number, street, box, suite/
apt. no.), city, state, ZIP Code, country, type of business, date of 
birth (MM/DD/YYYY), SSN, driver's license no., state, other ID no., 
type of other ID, mailpiece information (if available)--mailpiece 
number, mailpiece type, additional comments.
    10. Completed Suspicious Activity Reports, Currency Transaction 
Reports, and currency transaction records under the BSA and supporting 
documentation and records.

RECORD SOURCE CATEGORIES:
    Customers, recipients, beneficiaries, financial institutions, and 
USPS employees.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Standard routine uses 1. through 7., 10., and 11. apply. In 
addition; a. Legally required or permitted

[[Page 19738]]

disclosures to agencies for law enforcement purposes include 
disclosures of information relating to money orders, stored-value 
cards, financial instruments, products, and services as required or 
permitted by BSA, OFAC and anti-money laundering statutes, regulations 
and requirements.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Automated database, computer storage media, microfiche, and paper.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    For online payment, information is retrieved by customer name, 
customer ID(s), transaction number, or address.
    Claim information is retrieved by name of purchaser or payee, claim 
number, serial number, transaction number, check number, customer 
ID(s), or ZIP Code.
    Information related to BSA, OFAC and AML is retrieved by customer 
name; SSN; alien registration, passport, or driver's license number; 
serial number; transaction number; ZIP Code; transaction date; data 
entry operator number; and employee comments, and individuals that 
appear on the Specially Designated Nationals and Blocked Persons List 
(SDNs) as defined and mandated by the OFAC.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    1. Summary records, including bill due date, bill amount, biller 
information, biller representation of account number, and the various 
status indicators, are retained 2 years from the date of processing.
    2. Records related to claims are retained up to 3 years from date 
of final action on the claim.
    3. Forms related to fulfillment of BSA, anti-money laundering 
requirements are retained for a 5-year and one-month period.
    4. Related automated records are retained the same 5-year and one-
month period and purged from the system quarterly after the date of 
creation.
    5. Enrollment records related to online payment services are 
retained 7 years after the subscriber's account ceases to be active or 
the service is cancelled.
    6. Account banking records, including payment history, Demand 
Deposit Account (DDA) number, and routing number, are retained 7 years 
from the date of processing.
    7. Online user information may be retained for 6 months.
    Records existing on paper are destroyed by burning, pulping, or 
shredding. Records existing on computer storage media are destroyed 
according to the applicable USPS media sanitization practice.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Paper records, computers, and computer storage media are located in 
controlled-access areas under supervision of program personnel. Access 
to these areas is limited to authorized personnel, who must be 
identified with a badge.
    Access to records is limited to individuals whose official duties 
require such access. Contractors and licensees are subject to contract 
controls and unannounced on-site audits and inspections. Computers are 
protected by mechanical locks, card key systems, or other physical 
access control methods. The use of computer systems is regulated with 
installed security software, computer logon identifications, and 
operating system controls including access controls, terminal and 
transaction logging, and file management software. Online data 
transmissions are protected by encryption.

RECORD ACCESS PROCEDURES:
    Requests for access must be made in accordance with the 
Notification Procedure above and USPS Privacy Act regulations regarding 
access to records and verification of identity under 39 CFR 266.5.

CONTESTING RECORD PROCEDURES:
    See Notification Procedure below and Record Access Procedures 
above.

NOTIFICATION PROCEDURES:
    For online payment services, and stored-value cards, individuals 
wanting to know if information about them is maintained in this system 
must address inquiries in writing to the Chief Marketing Officer and 
Executive Vice President. Inquiries must contain name, address, and 
other identifying information.
    For money order claims and claims related to other financial 
instruments, products, or services, or BSA, OFAC and anti-money 
laundering documentation, inquiries should be addressed to the Chief 
Financial Officer and Executive Vice President. Inquiries must include 
name, address, or other identifying information of the purchaser (such 
as driver's license, Alien Registration Number, Passport Number, etc.), 
and serial or transaction number. Information collected for anti-money 
laundering purposes will only be provided in accordance with Federal 
BSA, OFAC, anti-money laundering laws, regulations and requirements.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Systems Exempted From Certain Provisions of the Act: USPS has 
established regulations at 39 CFR 266.9 that exempt information 
contained in this system of records from various provisions of the 
Privacy Act in order to conform to the prohibition in the Bank Secrecy 
Act, 31 U.S.C. 5318(g)(2), against notification of the individual that 
a suspicious transaction has been reported.

HISTORY:
    July 26, 2024, 89 FR 60666, January 4, 2023, 88 FR 374, December 
15, 2021, 86 FR 71294; May 8, 2008, 73 FR 26155; April 29, 2005, 70 FR 
22516.

Helen E. Vecchione,
Attorney, Ethics & Legal Compliance.
[FR Doc. 2025-08214 Filed 5-8-25; 8:45 am]
BILLING CODE 7710-12-P