Proposed Agency Information Collection Activities; Comment Request

AGENCY:

Board of Governors of the Federal Reserve System.

SUMMARY:

Background. On June 15, 1984, the Office of Management and Budget (OMB) delegated to the Board of Governors of the Federal Reserve System (Board) its approval authority under the Paperwork Reduction Act (PRA), as per 5 CFR 1320.16, to approve of and assign OMB control numbers to collection of information requests and requirements conducted or sponsored by the Board under conditions set forth in 5 CFR part 1320 Appendix A.1. Board-approved collections of information are incorporated into the official OMB inventory of currently approved collections of information. Copies of the Paperwork Reduction Act Submission, supporting statements and approved collection of information instruments are placed into OMB's public docket files. The Federal Reserve may not conduct or sponsor, and the respondent is not required to respond to, an information collection that has been extended, revised, or implemented on or after October 1, 1995, unless it displays a currently valid OMB control number.

Request for Comment on Information Collection Proposal

The following information collection, which is being handled under this delegated authority, has received initial Board approval and is hereby published for comment. At the end of the comment period, the proposed information collection, along with an analysis of comments and recommendations received, will be submitted to the Board for final approval under OMB delegated authority. Comments are invited on the following:

a. Whether the proposed collection of information is necessary for the proper performance of the Federal Reserve's functions; including whether the information has practical utility;

b. The accuracy of the Federal Reserve's estimate of the burden of the proposed information collection, including the validity of the methodology and assumptions used;

c. Ways to enhance the quality, utility, and clarity of the information to be collected; and

d. Ways to minimize the burden of information collection on respondents, including through the use of automated collection techniques or other forms of information technology.

DATES:

Comments must be submitted on or before May 17, 2011.

ADDRESSES:

You may submit comments, identified by FR 4100, by any of the following methods:

• Agency Web Site: http://www.federalreserve.gov. Follow the instructions for submitting comments at http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm.
• Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
• E-mail: regs.comments@federalreserve.gov. Include docket number in the subject line of the message.
• FAX: 202/452-3819 or 202/452-3102.
• Mail: Jennifer J. Johnson, Secretary, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551.

All public comments are available from the Board's Web site at http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm as submitted, unless modified for technical reasons. Accordingly, your comments will not be edited to remove any identifying or contact information. Public comments may also be viewed electronically or in paper form in Room MP-500 of the Board's Martin Building (20th and C Streets, NW.) between 9 a.m. and 5 p.m. on weekdays.

Additionally, commenters should send a copy of their comments to the OMB Desk Officer by mail to the Office of Information and Regulatory Affairs, U.S. Office of Management and Budget, New Executive Office Building, Room 10235, 725 17th Street, NW., Washington, DC 20503 or by fax to 202-395-6974.

FOR FURTHER INFORMATION CONTACT:

A copy of the PRA OMB submission, including the proposed reporting form and instructions, supporting statement, and other documentation will be placed into OMB's public docket files, once approved. These documents will also be made available on the Federal Reserve Board's public Web site at: http://www.federalreserve.gov/boarddocs/reportforms/review.cfm or may be requested from the agency clearance officer, whose name appears below.

Cynthia Ayouch, Acting Federal Reserve Board Clearance Officer (202-452-3829), Division of Research and Statistics, Board of Governors of the Federal Reserve System, Washington, DC 20551. Telecommunications Device for the Deaf (TDD) users may contact (202-263-4869), Board of Governors of the Federal Reserve System, Washington, DC 20551.

Proposal to approve under OMB delegated authority the extension for three years, without revision, of the following report:

Report title: The Recordkeeping and Disclosure Requirements Associated with the Guidance on Response Programs for Unauthorized Access to Customer Information.

Agency form number: FR 4100.

OMB control number: 7100-0309.

Frequency: Develop customer notice, one-time; Incident notification, event-generated.

Reporters: Financial institutions.

Estimated annual reporting hours: Develop response program, 2,544 hours; Incident notification, 2,952 hours.

Estimated average hours per response: Develop response program, 24 hours; Incident notification, 36 hours.

Number of respondents: Develop response program, 106; Incident notification, 82.

General description of report: This information collection is mandatory (15 U.S.C. 6801(b)). Since the Federal Reserve does not collect information associated with the FR 4100, confidentiality would not generally be an issue. However, confidentiality issues may arise if the Federal Reserve were to obtain a copy of a customer notice during the course of an examination or were to receive a copy of a Suspicious Activity Report (SAR; FR 2230; OMB No. 7100-0212). In such cases the information would be exempt from disclosure to the public under the Freedom of Information Act (5 U.S.C. 552(b)(3), (4), and (8)). Also, a federal employee is prohibited by law from disclosing an SAR or the existence of an SAR (31 U.S.C. 5318(g)).

Abstract: The FR 4100 is the information collection associated with the Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice (security guidelines), which was published in the Federal Register in March 2005 (70 FR 15736). Trends in customer information theft and the accompanying misuse of that information led to the issuance of these security guidelines applicable to financial institutions. The security guidelines are designed to facilitate timely and relevant notification to affected customers and the appropriate regulatory authority of the financial institutions. The security guidelines provide specific direction regarding the development of response programs and customer notifications.