AGENCY:

Federal Deposit Insurance Corporation (FDIC).

ACTION:

Notice of modified systems of records.

SUMMARY:

Pursuant to the provisions of the Privacy Act of 1974, as amended, the Federal Deposit Insurance Corporation (FDIC) proposes to modify a current FDIC system of records titled FDIC-013, Insured Financial Institution Liquidation Records, by updating the name to FDIC-013, Financial Institution Resolution and Receivership Records to more closely reflect the records processed by this system of records; adding a new routine use to allow members of the public to locate and understand the status of their accounts; and revising the policies and practices for retention and disposal of records to describe the records retention schedules Start Printed Page 66179 for the records included in this system of records. Additionally, this notice includes non-substantive changes to simplify the formatting and text of the previously published notice. We hereby publish this notice for comment on the proposed action.

DATES:

This action will become effective on November 2, 2022. The routine uses in this action will become effective on December 2, 2022, unless the FDIC makes changes based on comments received. Written comments should be submitted on or before December 2, 2022.

ADDRESSES:

Interested parties are invited to submit written comments identified by Privacy Act Systems of Records by any of the following methods:

• Agency Website: https://www.fdic.gov/​resources/​regulations/​federal-register-publications/​. Follow the instructions for submitting comments on the FDIC website.

• Email: comments@fdic.gov. Include “Comments-SORN” in the subject line of communication.

• Mail: James P. Sheesley, Assistant Executive Secretary, Attention: Comments-SORN, Legal Division, Office of the Executive Secretary, Federal Deposit Insurance Corporation, 550 17th Street NW, Washington, DC 20429.

• Hand Delivery: Comments may be hand-delivered to the guard station at the rear of the 17th Street NW building (located on F Street NW), on business days between 7:00 a.m. and 5:00 p.m.

• Public Inspection: Comments received, including any personal information provided, may be posted without change to https://www.fdic.gov/​resources/​regulations/​federal-register-publications/​. Commenters should submit only information that the commenter wishes to make available publicly. The FDIC may review, redact, or refrain from posting all or any portion of any comment that it may deem to be inappropriate for publication, such as irrelevant or obscene material. The FDIC may post only a single representative example of identical or substantially identical comments, and in such cases will generally identify the number of identical or substantially identical comments represented by the posted example. All comments that have been redacted, as well as those that have not been posted, that contain comments on the merits of this document will be retained in the public comment file and will be considered as required under all applicable laws. All comments may be accessible under the Freedom of Information Act.

FOR FURTHER INFORMATION CONTACT:

Shannon Dahn, Chief, Privacy Program, 703-516-5500, privacy@fdic.gov.

SUPPLEMENTARY INFORMATION:

The Privacy Act, 5 U.S.C. 552a, at subsection (b)(3), requires each agency to publish, for public notice and comment, significant changes that the agency intends to make to a Privacy Act system of records. The “FDIC-013, Financial Institution Resolution and Receivership Records,” system of records supports the receivership, conservatorship, and other regulatory or resolution functions of the FDIC. The records are maintained to: (a) identify and manage loan obligations, assets or liabilities acquired from failed FDIC-insured financial institutions for which the FDIC was appointed receiver or conservator, or from FDIC-insured financial institutions that were provided assistance by the FDIC, or identified as covered institutions; (b) identify, manage and discharge the obligations to creditors, obligees and other claimants of FDIC-insured financial institutions for which the FDIC was appointed receiver or conservator, or of FDIC-insured financial institutions that were provided assistance by the FDIC; and (c) support resolution planning, administration, and research in accordance with statutory mandates.

The FDIC proposes to update the name of the system of records from “FDIC-013, Insured Financial Institution Liquidation Records,” to “FDIC-013, Financial Institution Resolution and Receivership Records” to better align the name with the contents of the system of record.

The FDIC proposes to add a new routine use (18) to allow members of the public access to locate and understand the status of their accounts previously held by a financial institution.

Additionally, after a review of business requirements, the FDIC has updated its retention schedules for specific types of records covered by this system of records. Failed insured depository institution data are maintained for at least ten years after appointment of FDIC as receiver in accordance with approved records retention schedules. Records generated as part of the resolution of a failed insured depository institution are maintained in accordance with approved retention schedules, typically not exceeding fifteen years after the termination of the receivership or as established by state or federal law or court order, if longer. Disposal is by shredding or other appropriate disposal methods.

This notice includes non-substantive changes to simplify the formatting and text of the previously published notice. This modified system will be included in the FDIC's inventory of record systems.

System Name and Number:

Financial Institution Resolution and Receivership Records, FDIC-013.

Security Classification:

Unclassified.

System Location:

Records are maintained at FDIC facilities in Washington, DC; Arlington, VA; and regional offices. Original and duplicate systems may exist, in whole or in part, at secure sites and on secure servers maintained by third-party service providers for the FDIC.

System Manager(s):

Deputy Director, Division of Resolutions and Receiverships, FDIC, 550 17th Street NW, Washington, DC 20429; 600 North Pearl Street, Suite 700, Dallas, Texas 75201.

Authority for Maintenance of the System:

Sections 9, 11, and 13 of the Federal Deposit Insurance Act (12 U.S.C. 1819, 1821, 1822, and 1823) and applicable state laws governing the liquidation of assets and winding-up of the affairs of financial institutions.

Purpose(S) Of The System:

The records support the receivership and resolution functions of the FDIC. The records are maintained to: (a) identify and manage loan obligations, assets and liabilities acquired from failed FDIC-insured financial institutions for which the FDIC was appointed receiver or conservator, or from FDIC-insured financial institutions that were provided assistance by the FDIC; (b) identify, manage and discharge the obligations to creditors, obligees and other claimants of FDIC-insured financial institutions for which the FDIC was appointed receiver or conservator, or of FDIC-insured financial institutions that were provided assistance by the FDIC; and (c) support resolution planning, administration, and research in accordance with statutory mandates.

Categories of Individuals Covered by the System:

Individuals who are or were obligors, obligees, or subject to claims of FDIC-insured or covered financial institutions for which the FDIC performs resolution or receivership functions.

Categories of Records in the System:

This system contains the individual's files held by the FDIC insured, failing, Start Printed Page 66180 failed, or covered financial institution, including deposit, loan, or contractual agreements, related documents, and correspondence. The system also contains FDIC asset files, including judgments obtained, restitution orders, and loan deficiencies arising from the liquidation of the obligor's loan asset(s) and associated collateral, if any; information relating to the obligor's financial condition such as financial statements and income tax returns; asset or collateral verifications or searches; appraisals; and potential sources of repayment. FDIC asset files also include intra- or inter-agency memoranda, as well as notes, correspondence, and other documents relating to the liquidation of the loan obligation or asset. FDIC receivership claim files may include all information related to claims filed with the receivership estate by a failed financial institution's landlords, creditors, service providers or other obligees or claimants.

Record Source Categories:

Information is obtained from the individual on whom the record is maintained; appraisers retained by the originating financial institution or the FDIC; investigative and/or research companies; credit bureaus and/or services; loan servicers; deposit servicers, court records; references named by the individual; attorneys or accountants retained by the originating financial institution or the FDIC; participants in the obligation(s) of the individual; officers and employees of the financial institution;; and other parties providing services to the FDIC in support of the resolution and receivership functions of the FDIC.

Routine Uses of Records Maintained in the System, Including Categories of Users and Purposes of Such Uses:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside the FDIC as a routine use as follows:

(1) To appropriate Federal, State, local and foreign authorities responsible for investigating or prosecuting a violation of, or for enforcing or implementing a statute, rule, regulation, or order issued, when the information indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto;

(2) To a court, magistrate, or other administrative body in the course of presenting evidence, including disclosures to counsel or witnesses in the course of civil discovery, litigation, or settlement negotiations or in connection with criminal proceedings, when the FDIC is a party to the proceeding or has a significant interest in the proceeding, to the extent that the information is determined to be relevant and necessary;

(3) To a congressional office in response to an inquiry made by the congressional office at the request of the individual who is the subject of the record;

(4) To appropriate agencies, entities, and persons when (a) the FDIC suspects or has confirmed that there has been a breach of the system of records; (b) the FDIC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the FDIC (including its information systems, programs, and operations), the Federal Government, or national security; the FDIC and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the FDIC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm;

(5) To another Federal agency or Federal entity, when the FDIC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

(6) To appropriate Federal, State, and local authorities in connection with hiring or retaining an individual, conducting a background security or suitability investigation, adjudication of liability, or eligibility for a license, contract, grant, or other benefit;

(7) To appropriate Federal, State, and local authorities, agencies, arbitrators, and other parties responsible for processing any personnel actions or conducting administrative hearings or corrective actions or grievances or appeals, or if needed in the performance of other authorized duties;

(8) To appropriate Federal agencies and other public authorities for use in records management inspections;

(9) To contractors or entities performing services for the FDIC in connection with the liquidation of an individual's obligation(s), including judgments and loan deficiencies or in connection with the fulfillment of a claim filed with the FDIC. Third party contractors include, but are not limited to, asset marketing contractors; loan servicers; appraisers; environmental contractors; attorneys retained by the FDIC; collection agencies; auditing or accounting firms retained to assist in an audit or investigation of the FDIC's resolution activities; grantees, volunteers, and others performing or working on a contract, service, grant, cooperative agreement, or project for the FDIC;

(10) To officials of a labor organization when relevant and necessary to their duties of exclusive representation concerning personnel policies, practices, and matters affecting working conditions;

(11) To prospective purchaser(s) of the individual's obligation(s), including judgments and loan deficiencies, for the purpose of informing the prospective purchaser(s) about the nature and quality of the loan obligation(s) to be purchased;

(12) To Federal or State agencies, such as the Internal Revenue Service or State taxation authorities, in the performance of their governmental duties, such as obtaining information regarding income, including the reporting of income resulting from a compromise or write-off of a loan obligation;

(13) To participants in the loan obligation in order to fulfill any contractual or incidental responsibilities in connection with the loan participation agreement;

(14) To the Department of the Treasury, federal debt collection centers, other appropriate federal agencies, and private collection contractors or other third parties authorized by law, for the purpose of collecting or assisting in the collection of delinquent debts owed to the FDIC. Disclosure of information contained in these records will be limited to the individual's name, Social Security number, and other information necessary to establish the identity of the individual, and the existence, validity, amount, status and history of the debt.

(15) To Federal or State agencies or to financial institutions where information is relevant to an application or request by the individual for a loan, grant, financial benefit, or other entitlement;

(16) To Federal or State examiners for the purposes of examining borrowing relationships in operating financial institutions that may be related to an obligation of an individual covered by this system;

(17) To the individual, the individual's counsel or other representatives, insurance carrier(s) or Start Printed Page 66181 underwriters of bankers' blanket bonds or other financial institution bonds in conjunction with claims made by the FDIC or litigation instituted by the FDIC or others on behalf of the FDIC against former officers, directors, accountants, lawyers, consultants, appraisers, or underwriters of bankers' blanket bonds or other financial institution bonds; and

(18) To allow members of the public access to a limited portion of the data sufficient to help individuals locate and understand the status of their accounts previously held by a financial institution.

Policies and Practices for Storage of Records:

Records are stored in electronic media and in paper format within individual file folders.

Policies and Practices for Retrieval of Records:

Records are indexed by financial institution number, name of failed or assisted insured or covered institution, name of individual, social security number, and loan number, if applicable.

Policies and Practices for Retention and Disposal of Records:

Failed insured depository institution data are maintained for at least ten years after appointment of FDIC as receiver in accordance with approved records retention schedules. Records generated as part of the resolution of a failed insured depository institution are maintained in accordance with approved retention schedules typically not exceeding fifteen years after the termination of the receivership or as established by state or federal law or court order, if longer. Disposal is by shredding or other appropriate disposal methods.

Administrative, Technical, and Physical Safeguards:

Records are protected from unauthorized access and improper use through administrative, technical, and physical security measures. Administrative safeguards include written guidelines on handling personal information including agency-wide procedures for safeguarding personally identifiable information. In addition, all FDIC staff are required to take annual privacy and security training. Technical security measures within FDIC include restrictions on computer access to authorized individuals who have a legitimate need to know the information; required use of strong passwords that are frequently changed; multi-factor authentication for remote access and access to many FDIC network components; use of encryption for certain data types and transfers; firewalls and intrusion detection applications; and regular review of security procedures and best practices to enhance security. Physical safeguards include restrictions on building access to authorized individuals, security guard service, and maintenance of records in lockable offices and filing cabinets.

Record Access Procedures:

Individuals wishing to request access to records about them in this system of records must submit their request in writing to the FDIC FOIA & Privacy Act Group, 550 17th Street NW, Washington, DC 20429, or email efoia@fdic.gov. Requests must include full name, address, and verification of identity in accordance with FDIC regulations at 12 CFR part 310.

Contesting Record Procedures:

Individuals wishing to contest or request an amendment to their records in this system of records must submit their request in writing to the FDIC FOIA & Privacy Act Group, 550 17th Street NW, Washington, DC 20429, or email efoia@fdic.gov. Requests must specify the information being contested, the reasons for contesting it, and the proposed amendment to such information in accordance with FDIC regulations at 12 CFR part 310.

Notification Procedures:

Individuals wishing to know whether this system contains information about them must submit their request in writing to the FDIC FOIA & Privacy Act Group, 550 17th Street NW, Washington, DC 20429, or email efoia@fdic.gov. Requests must include full name, address, and verification of identity in accordance with FDIC regulations at 12 CFR part 310.

Exemptions Promulgated for the System:

None.

History:

84 FR 35184 (July 22, 2019).