[Federal Register Volume 79, Number 126 (Tuesday, July 1, 2014)]
[Rules and Regulations]
[Pages 37166-37167]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2014-15292]
=======================================================================
-----------------------------------------------------------------------
FEDERAL RESERVE SYSTEM
12 CFR Parts 208 and 225
[Docket No. R-1493 RIN 7100 AE-21]
Interagency Guidelines Establishing Information Security
Standards
AGENCY: Board of Governors of the Federal Reserve System.
ACTION: Final rule; technical amendment.
-----------------------------------------------------------------------
SUMMARY: The Board of Governors of the Federal Reserve System (Board)
is amending Appendix D-2 of Regulation H and Appendix F of Regulation Y
to correct citations to rules on privacy of consumer financial
information.
DATES: Effective Date: This rule is effective July 31, 2014.
FOR FURTHER INFORMATION CONTACT: Clinton Chen, Attorney, (202) 452-
3952, Legal Division. For the hearing impaired only, Telecommunication
Device for the Deaf (TDD), (202) 263-4869.
SUPPLEMENTARY INFORMATION: Section 501(b) of the Gramm-Leach-Bliley Act
(GLB Act) \1\ requires the Office of the Comptroller of the Currency,
Board of Governors of the Federal Reserve System, Federal Deposit
Insurance Corporation, and Office of Thrift Supervision (the Agencies),
as well as the National Credit Union, the Securities and Exchange
Commission, and the Federal Trade Commission, to establish appropriate
standards for the financial institutions subject to their respective
jurisdictions relating to the administrative, technical, and physical
safeguards for customer records and information.
---------------------------------------------------------------------------
\1\ 15 U.S.C. 6801.
---------------------------------------------------------------------------
In February 2001, the Agencies issued a joint final rule
implementing guidelines for establishing standards for safeguarding
customer information under section 501(b) of the GLB Act.\2\ The
Board's versions of the guidelines (now entitled Interagency Guidelines
Establishing Information Security Standards (Security Guidelines)) are
codified in Appendix D-2 of Regulation H (12 CFR part 208) and Appendix
F of Regulation Y (12 CFR part 225). In December 2004, the Agencies
amended the Security Guidelines pursuant to section 628 of the Fair
Credit Reporting Act,\3\ which requires proper disposal of consumer
information.\4\ The Security Guidelines establish standards relating to
administrative, technical, and physical safeguards to ensure the
security, confidentiality, integrity and the proper disposal of
consumer information. The Security Guidelines in the Board's Regulation
H and Y currently cross-reference the definitions of ``customer'' and
``customer information'' in the Board's Regulation P (Privacy of
Consumer Financial Information).
---------------------------------------------------------------------------
\2\ 66 FR 8616 (Feb. 1, 2001).
\3\ 15 U.S.C. 1681w. This section was added by section 216 of
the Fair and Accurate Credit Transactions Act of 2003.
\4\ 69 FR 77610 (Dec. 28, 2004).
---------------------------------------------------------------------------
In May 2014, the Board approved the repeal of Regulation P,
effective June 30, 2014.\5\ The Dodd-Frank Wall Street Reform and
Consumer Protection Act (Dodd-Frank Act) transferred rulemaking
authority for a number of consumer financial protection laws from the
Board and other agencies to the Consumer Financial Protection Bureau
(CFPB), except with respect to certain motor vehicle dealers.\6\ The
transfer includes rulemaking authority for Regulation P under the
financial privacy provisions of the GLB Act.\7\ (The Dodd-Frank Act did
not transfer responsibility for the Security Guidelines.) The CFPB has
issued interim final rules that are substantially identical to the
Board's Regulation P.
---------------------------------------------------------------------------
\5\ 79 FR 30708 (May 29, 2014).
\6\ Pub. L. 111-203, 124 Stat. 1376 (Jul. 21, 2010).
\7\ The GLB Act's privacy provisions are contained in sections
502 and 503 of that Act. 15 U.S.C. 6802-6803.
---------------------------------------------------------------------------
The Board is amending the cross-references in the Security
Guidelines to refer to the CFPB's version of Regulation P. These
amendments do not have any effect on the substantive requirements
imposed by the Security Guidelines.
Administrative Procedure Act
In accordance with section 553(b) the Administrative Procedures Act
(APA) (5 U.S.C. 553(b)), the Board finds, for good cause, that
providing an opportunity for public comment is unnecessary. The
amendments are solely technical amendments that change citations in two
definitions from references to the Board's Regulation P to the CFPB's
Regulation P, which contain identical definitions. The revisions result
in no substantive change to the rule.
Paperwork Reduction Act
In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C.
3506; 5 CFR part 1320 Appendix A.1), the Board has reviewed the final
rule under authority delegated to the Board by the Office of Management
and Budget. The technical amendments to the Security Guidelines will
revise the cross-references in the Security Guidelines to refer to the
CFPB's version of Regulation P. The amendments do not change any
substantive requirements of the regulation or currently approved
information collections. Therefore, no additional paperwork burden will
be imposed as a result of this rulemaking.
List of Subjects
12 CFR Part 208
Banks, banking, Consumer protection, Federal Reserve System,
Foreign banking, Holding companies, Information, Privacy, Reporting and
recordkeeping requirements.
12 CFR Part 225
Administrative practice and procedure, Banks, banking, Federal
Reserve System, Holding companies, Privacy, Reporting and recordkeeping
requirements, Securities.
Authority and Issuance
For the reasons set forth in the preamble, the Board amends
Regulations H and Y, 12 CFR parts 208 and 225 as follows:
PART 208--MEMBERSHIP OF STATE BANKING INSTITUTIONS IN THE FEDERAL
RESERVE SYSTEM (REGULATION H)
0
1. The authority citation for part 208 continues to read as follows:
Authority: 12 U.S.C. 24, 36, 92a, 93a, 248(a), 248(c), 321-338a,
371d, 461, 481-486, 601, 611, 1814, 1816, 1818, 1820(d)(9), 1823(j),
1828(o), 1831, 1831o, 1831p-1, 1831r-1, 1831w, 1831x, 1835a, 1882,
2901-2907, 3105, 3310, 3331-3351, 3905-3909, and 5371; 15 U.S.C.
78b, 78I(b), 78l(i), 780-4(c)(5), 78q, 78q-1, and 78w, 1681s, 1681w,
6801, and 6805; 31 U.S.C. 5318; 42 U.S.C. 4012a, 4104a, 4104b, 4106
and 4128.
0
2. Amend Appendix D-2 to part 208, as follows:
0
a. In section I.C.2.d., remove ``Sec. 216.3(h)'' and add in its place
``Sec. 1016.3(i)''; and
0
b. In section I.C.2.e., remove ``Sec. 216.3(n)'' and add in its place
``Sec. 1016.3(p).''
PART 225--BANK HOLDING COMPANIES AND CHANGE IN BANK CONTROL
(REGULATION Y)
0
3. The authority citation for part 225 continues to read as follows:
Authority: 12 U.S.C. 1817(j)(13), 1818, 1828(o), 1831i, 1831p-1,
1843(c)(8), 1844(b),
[[Page 37167]]
1972(1), 3106, 3108, 3310, 3331-3351, 3907, and 3909; 15 U.S.C.
1681s, 1681w, 6801 and 6805.
0
4. Amend Appendix F to part 225, as follows:
0
a. In section I.C.2.b., remove ``Sec. 216.3(h)'' and add in its place
``Sec. 1016.3(i)''; and
0
b. In section I.C.2.c., remove ``Sec. 216.3(n)'' and add in its place
``Sec. 1016.3(p).''
By order of the Board of Governors of the Federal Reserve
System, acting through the Secretary of the Board under delegated
authority, June 25, 2014.
Robert deV. Frierson,
Secretary of the Board.
[FR Doc. 2014-15292 Filed 6-30-14; 8:45 am]
BILLING CODE 6210-01-P