Daily Rules, Proposed Rules, and Notices of the Federal Government


Agency Information Collection Activities: Proposed Collection Renewal; Comment Request

AGENCY: Federal Deposit Insurance Corporation (FDIC).
ACTION: Notice and request for comment.
SUMMARY: The FDIC, as part of its continuing effort to reduce paperwork and respondent burden, invites the general public and other Federal agencies to take this opportunity to comment on the renewal of existing information collections, as required by the Paperwork Reduction Act of 1995 (44 U.S.C. chapter 35). Currently, the FDIC is soliciting comment on renewal of the information collections described below.
DATES: Comments must be submitted on or before October 23, 2012.
ADDRESSES: Email: the name of the collection in the subject line of the message.

Mail:Gary A. Kuiper (202.898.3877), Counsel, Room NYA-5046, Federal Deposit Insurance Corporation, 550 17th Street NW., Washington, DC 20429.

Hand Delivery:Comments may be hand-delivered to the guard station at the rear of the 17th Street Building (located on F Street), on business days between 7:00 a.m. and 5:00 p.m.

All comments should refer to the relevant OMB control number. A copy of the comments may also be submitted to the OMB desk officer for the FDIC: Office of Information and Regulatory Affairs, Office of Management and Budget, New Executive Office Building, Washington, DC 20503.

FOR FURTHER INFORMATION CONTACT: Gary A. Kuiper, at the FDIC address above.

Proposal to renew the following currently-approved collection of information:

1.Title:Notice Regarding Unauthorized Access to Customer Information.

OMB Number:3064-0145.

Frequency of Response:On occasion.

Affected Public:Insured state nonmember banks.

Number of FDIC regulated banks that will notify customers:93.

Estimated Time per Response:29 hours.

Annual Burden:2,697 hours.

General Description of Collection:This collection reflects the FDIC's expectations regarding a response program that financial institutions should develop to address unauthorized access to or use of customer information that could result in substantial harm or inconvenience to a customer. The information collections require financial institutions to: (1) Develop notices to customers; and (2) in certain circumstances, determine which customers should receive the notices and send the notices to customers.

2.Title:Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003 (FACT Act).

OMB No.:3064-0152.

Affected Public:Individuals; businesses or other for-profit.

Estimated Number of Respondents:4,546.

Estimated Time per Response:16 hours.

Estimated Total Annual Burden:72,736 hours.

General Description of the Collection:12 CFR 334.82, 334.90, 334.91 andAppendix J to Part 334 implement sections 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003 (FACT Act), Public Law 108-159 (2003). Section 114 amended section 615 of the Fair Credit Reporting Act (FCRA) to require the OCC, FRB, FDIC, OTS, NCUA, and FTC (Agencies) to issue jointly (i) Guidelines for financial institutions and creditors regarding identity theft with respect to their account holders and customers; (ii) regulations requiring each financial institution and creditor to establish reasonable policies and procedures for implementing the guidelines to identify possible risks to account holders or customers or to the safety and soundness of the institution or creditor; and (iii) regulations generally requiring credit and debit card issuers to assess the validity of change of address requests under certain circumstances. Section 315 amended section 605 of the FCRA to require the Agencies to issue regulations providing guidance regarding reasonable policies and procedures that a user of consumer reports must employ when a user receives a notice of address discrepancy from a consumer reporting agency (CRA). The information collections in Sec. 334.90 require each financial institution and creditor that offers or maintains one or more covered accounts to develop and implement a written Identity Theft Prevention Program (Program). In developing the Program, financial institutions and creditors are required to consider the guidelines in Appendix J to Part 334 and include those that are appropriate. The initial Program must be approved by the board of directors or an appropriate committee thereof and the board, an appropriate committee thereof or a designated employee at the level of senior management must be involved in the oversight of the Program. In addition, staff must be trained to carry out the Program. Pursuant to Sec. 334.91, each credit and debit card issuer is required to establish and implement policies and procedures to assess the validity of a change of address request under certain circumstances. Before issuing an additional or replacement card, the card issuer must notify the cardholder or use another means to assess the validity of the change of address. The information collections in Sec. 41.82 require each user of consumer reports to develop and implement reasonable policies and procedures designed to enable the user to form a reasonable belief that a consumer report relates to the consumer about whom it requested the report when the user receives a notice of address discrepancy from a CRA. A user of consumer reports must also develop and implement reasonable policies and procedures for furnishing an address for the consumer that the user has reasonably confirmed to be accurate to the CRA from which it receives a notice of address discrepancy when: (1) The user can form a reasonable belief that the consumer report relates to the consumer about whom the user has requested the report; (2) the user establishes a continuing relationship with the consumer; and (3) the user regularly and in the ordinary course of business furnishes information to the CRA from which it received the notice of address discrepancy.

Request for Comment

Comments are invited on: (a) Whether the collection of information is necessary for the proper performance of the FDIC's functions, including whether the information has practical utility; (b) the accuracy of the estimates of the burden of the information collection, including the validity of the methodology and assumptions used; (c) ways to enhance the quality, utility, and clarity of the information to be collected; and (d) ways to minimize the burden of the information collection on respondents, including through the use of automated collection techniques or other forms of information technology. All comments will become a matter of public record.

Dated at Washington, DC, this 20th day of August 2012. Federal Deposit Insurance Corporation. Robert E. Feldman, Executive Secretary.