-
Start Preamble
Start Printed Page 85440
AGENCY:
Securities and Exchange Commission.
ACTION:
Notice of revised system of records.
SUMMARY:
In accordance with the Privacy Act of 1974 and the Office of Management and Budget (OMB) Circular No. A-108, the Securities and Exchange Commission (Commission or SEC) proposes to revise 28 Privacy Act systems of records. The revisions are the result of a comprehensive review of SEC SORNs and conform to new requirements prescribed in OMB Circular No. A-108. This notice also includes a Table of Contents of the agency's full inventory of Privacy Act Notices, which re-designates and renumbers the systems of records to provide a better guide to the system notices.
DATES:
The changes will become effective January 27, 2021 to permit public comment on the new and revised routine uses. The Commission will publish a new notice if the effective date is delayed to review comments or if changes are made based on comments received. To assure consideration, comments should be received on or before January 27, 2021.
ADDRESSES:
Comments may be submitted by any of the following methods:
Electronic Comments
- Use the Commission's internet comment form (http://www.sec.gov/rules/other.shtml); or
- Send an email to rule-comments@sec.gov. Please include File Number S7-20-20 on the subject line.
Paper Comments
Send paper comments in triplicate to Vanessa A. Countryman, Secretary, U.S. Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-1090. All submissions should refer to S7-20-20. This file number should be included on the subject line if email is used. To help process and review your comments more efficiently, please use only one method. The Commission will post all comments on the Commission's internet website (http://www.sec.gov/rules/other.shtml). Comments are also available for website viewing and printing in the Commission's Public Reference Room, 100 F Street NE, Washington, DC 20549, on official business days between the hours of 10 a.m. and 3 p.m. All comments received will be posted without change; we do not edit personal identifying information from submissions. You should submit only information that you wish to make publicly available.
Start Further InfoFOR FURTHER INFORMATION CONTACT:
For general and privacy related questions please contact: Ronnette McDaniel, Privacy and Information Assurance Branch Chief, 202-551-7200 or privacyhelp@sec.gov.
End Further Info End Preamble Start Supplemental InformationSUPPLEMENTARY INFORMATION:
When an agency wishes to establish or significantly modify a system of records, it must notify in advance Congress and the Office of Management and Budget (“OMB”) in order to permit an evaluation of the probable or potential effects of the proposal on the privacy or other rights of individuals. Currently, the SEC has 37 Privacy Act SORNs in its inventory. As directed by OMB,[1] and as part of the SEC's continuous privacy monitoring program, the SEC periodically reviews these SORNs to confirm the accuracy of the information. The Office of Information Technology (“OIT”), Privacy and Information Assurance Branch (“Privacy Office”), in collaboration with the system of records system managers or their designee(s), reviewed SORNs managed by each division or office for needed updates. As a result of the review, revisions were made to SEC systems of records, as necessitated by changes in information handling practices within the SEC and in compliance with OMB Circular No. A-108, Federal Agency Responsibilities for Review, Reporting, and Publication under the Privacy Act.[2] Routine uses were also evaluated to ensure that they were necessary and compatible with the purposes for which the information is collected.
Accordingly, the Commission is proposing the following Table of Contents to provide a better guide to its inventory of systems of records, and the modified systems of records to read as follows:
Table of Contents
[SEC Privacy Act Systems Notices]
Old No. New No. System name SEC-68 SEC-01 SEC's Division of Corporation Finance Records. SEC-69 SEC-02 SEC's Division of Investment Management Records. SEC-70 SEC-03 SEC's Division of Trading and Markets Records. SEC-31 SEC-04 Office of General Counsel Working Files. SEC-62 SEC-05 Office of Municipal Advisor Records. SEC-14 SEC-06 Financial and Acquisition Management System. SEC-15 SEC-07 Payroll, Attendance, Retirement and Leave Records. SEC-16 SEC-08 Administrative Law Judge Case Tracking Records. SEC-17 SEC-09 Minutes Regarding Action Taken by the Commission. SEC-39 SEC-10 Personnel Management Employment and Staffing/Training Files. SEC-24 SEC-11 Freedom of Information and Privacy Act Requests. SEC-28 SEC-12 Office of the Chief Accountant Working Files. SEC-33 SEC-13 Administrative and Litigation Release System. SEC-36 SEC-14 Administrative Proceeding Files. SEC-38 SEC-15 Disciplinary and Adverse Actions, Employee Conduct, and Labor Relations Files. SEC-41 SEC-16 Child Care Subsidy Program. SEC-42 SEC-17 Enforcement Files. SEC-43 SEC-18 Office of Inspector General Working Files. SEC-45 SEC-19 Mass Transportation Subsidy Program. SEC-46 SEC-20 Facilities Access Badge System. Start Printed Page 85441 SEC-48 SEC-21 Fitness Center Membership Payment and Fitness Records; SEC Employees Health and Fitness Program Records. SEC-51 SEC-22 Continuity Support Center. SEC-52 SEC-23 Visitor Badge and Employee Day Pass System. SEC-54 SEC-24 Photographic Files. SEC-55 SEC-25 Information Pertaining or Relevant to SEC Regulated Entities and Their Activities. SEC-56 SEC-26 Mailing, Contact and Other Lists. SEC-57 SEC-27 Office of International Affairs Records. SEC-60 SEC-28 Ethics Conduct Rules Files. SEC-63 SEC-29 Tips, Complaints, and Referrals Records. SEC-64 SEC-30 SEC Security in the Workplace Incident Records. SEC-65 SEC-31 Correspondence Response Systems. SEC-66 SEC-32 Backup Care Employee and Family Records. SEC-67 SEC-33 General Information Technology Records. SYSTEM NAME AND NUMBER:
SEC-14:
SEC Financial and Acquisition Management System.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
1. Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549. Files may also be maintained in the Commission's Regional Offices.
2. Federal Aviation Administration, Mike Monroney Aeronautical Center, AMZ-740, 6500 S MacArthur Blvd., Headquarters Bldg. 1, Oklahoma City, OK 73169.
SYSTEM MANAGER(S):
Chief Financial Officer, Office of Financial Management, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-6041.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
31 U.S.C. 3501, et seq. and 31 U.S.C. 7701(c). Where the employee identification number is the social security number, collection of this information is authorized by Executive Order 9397.
PURPOSE(S) OF THE SYSTEM:
Serves as the core financial system and integrates program, financial and budgetary information. Records are collected to ensure that all obligations and expenditures other than those in the pay and leave system addressed in SEC-15 are in conformance with laws, existing rules and regulations, and good business practice, and to maintain subsidiary records at the proper account and/or organizational level where responsibility for control of costs exists.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
SEC employees, contractors, vendors, interns, customers and members of the public.
CATEGORIES OF RECORDS IN THE SYSTEM:
Employee personnel information: Limited to SEC employees, and includes name, address, Social Security number (SSN). Business-related information: Limited to contractors/vendors and customers, and includes name of the company/agency, point of contact, telephone number, mailing address, email address, contract number, CAGE code, vendor number (system unique identifier), DUNS number, and TIN, which could be a SSN in the case of individuals set up as sole proprietors. Financial information includes: Financial institution name, lockbox number, routing transit number, deposit account number, account type, debts (e.g., unpaid bills/invoices, overpayments, etc.), and remittance address.
RECORD SOURCE CATEGORIES:
The information maintained in Department of Transportation, (DOT)/Enterprise Service Center (ESC): Purchase orders, vouchers, invoices, contracts, and electronic records; Department of Interior (DOI)/Federal Personnel Payroll System (FPPS): Travel applications, disgorgement information, or other paper records submitted by employees, vendors, and other sources, including claims filed by witnesses in SEC actions; Delphi-Prism: Fed Traveler, Department of the Interior (DOI) Payroll System, Bureau of Public Debt, and EDGAR Momentum.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records; (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
4. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
5. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel Start Printed Page 85442management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
6. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
7. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
8. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
9. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
10. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.
11. To the OMB in connection with the review of private relief legislation as set forth in OMB Circular A-19 at any stage of the legislative coordination and clearance process as set forth in that circular.
12. To the Treasury, Government Accountability Office, or other appropriate agencies to provide appropriate audit documentation.
13. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by a name of employee, social security number (SSN) for employees, SSN/Tax Identification Number (TIN) for vendors doing business with the SEC, Name for both employees and vendors, Vendor Number (system unique) for both employees and vendors, DUNS/DUNS + 4.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41550 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—59 FR 27626 (May 27, 1994)
—62 FR 47884 and 47885 (September 11, 1997)
—63 FR 11938 (March 11, 1998)77 FR 16569 (March 21, 2012)
SYSTEM NAME AND NUMBER:
SEC-15:
Payroll, Attendance, Retirement and Leave Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
1. Payroll files, retirement case files, time and attendance reports, and service history files: SEC, 100 F Street NE, Washington, DC 20549.
2. Notices of personnel action and other pay-related records: Department of the Interior, National Business Center, Payroll Operations Division, Mail Stop D-2662, 7301 West Mansfield Avenue, Lakewood, CO 80235-2230; and
3. Retired personnel files: National Archives and Records Administration, Start Printed Page 85443National Personnel Records Center (Civilian Personnel Records Center), 111 Winnebago Street, St. Louis, MO 63118.
SYSTEM MANAGER(S):
Associate Executive Director, Office of Human Resources, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
PURPOSE(S) OF THE SYSTEM:
The primary uses of the records are for the Commission's fiscal operations for payroll, time and attendance, leave, insurance, tax, retirement, qualifications, and benefits; to prepare related reports to other Federal agencies including the Department of Treasury and the Office of Personnel Management; and to locate SEC employees and determine such matters as their period of service, type of leave, qualifications, benefits, and pay.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Past and present employees, interns, fellows, volunteers and persons who work at the SEC under the Intergovernmental Personnel Act (employees).
CATEGORIES OF RECORDS IN THE SYSTEM:
These records include, but are not limited to: Employee name, address, phone number, Social Security number, organization code, pay rate, salary, grade, length of service, pay and leave records, source documents for posting time and leave attendance, and deductions for Medicare, Old Age, Survivors, and Disability Insurance (OASDI, also known as Social Security), bonds, Federal Employee Group Life Insurance (FEGLI), union dues, taxes, allotments, quarters, retirement, charities, Federal and commercial health benefits, Flexible Spending Account, Long Term Care Insurance, Thrift Savings Plan contributions, award, shift schedules, and pay differential, tax lien data, wage garnishments.
The payroll, retirement and leave records described in this notice form a part of the information contained in the Department of the Interior's integrated Federal Personnel and Payroll System (FPPS). Personnel records contained in the FPPS are covered under the government-wide system of records notice published by the Office of Personnel Management (OPM/GOVT-1) and Commission's system of records notice, SEC-39, Personnel Management Employment and Staffing Files.
RECORD SOURCE CATEGORIES:
Records source is from individuals on whom the records are maintained, official personnel records of individuals on whom the records are maintained, time and attendance records, withholding certificates, third-party benefit providers, and other pay-related records prepared by the individual or the Office of Human Resources.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To the National Business Center of the U.S. Department of the Interior.
3. To any Federal, state, or local government compiling tax withholding, retirement contributions, or allotments to charities, labor unions, wage garnishments, and other authorized recipients.
4. To any Federal governmental authority or its agents investigating (a) a violation or potential violation of a statute, rule, regulation, or order, or (b) an employee's grievance or complaint.
5. To any member of the public for employment verification at an employee's written request.
6. To any judgment creditor for the purpose of wage garnishment.
7. To any arbitrator under a negotiated labor agreement.
8. To the General Accountability Office, the Office of Management and Budget, and other Federal agencies to support payments of salaries and benefits to SEC employees.
9. To the Office of Child Support Enforcement, Administration for Children and Families, Department of Health and Human Services, the Federal Parent Locator System and the Federal Tax Offset System to (a) locate individuals, (b) identify income sources, (c) establish paternity, (d) verify social security numbers or employment, (e) issue, modify, or enforce orders of support, or (f) administer the Federal Earned Income Tax Credit Program.
10. To a Congressional office in response to an inquiry from that Congressional office made at the request of the individual to whom the record pertains.
11. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be utilized to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
12. To interns, grantees, experts, contractors and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical or stenographic functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C.552a.
13. When (a) it is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised; (b) the Commission has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Commission or another agency or entity) that rely upon the compromised information; and (c) the disclosure is made to such agencies, entities, and persons who are reasonably necessary to assist in connection with the Commission's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
14. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.
15. To another Federal agency or Federal entity, when the SEC Start Printed Page 85444determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape, and/or digital media. Paper records are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
These records may be retrieved by identifiers including, but not limited to, individual's name, an employee's name or social security number, birthday, and organizational code.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know;” using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records should contact the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual should be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41594 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—58 FR 64416 (December 7, 1993)
—62 FR 47884 and 47885 (September 11, 1997)
—63 FR 11936 (March 11, 1998)
—64 FR 69051 (December 9, 1999)
—75 FR 17978 (April 8, 2010)
SYSTEM NAME AND NUMBER:
SEC-16:
Administrative Law Judge Case Tracking Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Chief Administrative Law Judge, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 556; 15 U.S.C. 78d, 78d-1; Pub. L. No. 87-592, 76 Stat. 394 (1962); 17 CFR 200.30-9, .200.30-10, .201.111.
PURPOSE(S) OF THE SYSTEM:
1. To track the status of each administrative proceeding pending in the Office of Administrative Law Judges (OALJ).
2. To enable the Chief Administrative Law Judge in determining appropriate assignments.
3. To aid in projecting budget requirements for OALJ.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
SEC administrative law judges, individual respondents, and counsel of record.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records are maintained on every case pending in OALJ. The system also stores records on cases while they are pending appeal and even after they have been resolved by decision or settlement. The records identify each administrative proceeding, the respondent(s) against whom the case was brought, and the administrative law judge to whom the case was assigned. Record categories include case summary, Office of the Secretary's service list, contact sheet, hearings, dispositions, events and mailings, and respondent's answer. Records may include the names, addresses, email addresses, telephone numbers, and fax numbers of respondents and counsel. They also contain information on party filings and submissions, such as the date of the filing or submission and the subject matter (but not copies of the actual filings or submissions), statistical data relating to number of assignments, and the time involved in disposition of assignments.
RECORD SOURCE CATEGORIES:
Information is obtained from: Orders and decisions issued by the SEC, Chief Administrative Law Judge, or individual Administrative Law Judges; transcripts of prehearings, hearings, and oral arguments; party filings, submissions, and correspondence and communications received in connection with a proceeding.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Start Printed Page 85445Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records; (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.Start Printed Page 85446
22. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
23. To any governmental agency, governmental or private collection agent, consumer reporting agency or commercial reporting agency, governmental or private employer of a debtor, or any other person, for collection, including collection by administrative offset, Federal salary offset, tax refund offset, or administrative wage garnishment, of amounts owed as a result of Commission civil or administrative proceedings.
24. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Information in the ALJ Case Tracking Records is retrieved by case name, case number, Administrative Proceeding Tracking System (APTS) status, ALJ status, ALJ case status type, date filed with ALJ, date filed with the Office of the Secretary, respondent's name, assigned ALJ, hearing date, ALJ statutory authority, or whether a case was initiated by an order instituting proceedings.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41563 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—43 FR 36536 (August 17, 1978)
—46 FR 63439 (December 31, 1981)
—59 FR 27626 (May 27, 1994)
—62 FR 47884 (September 11, 1997)
By the Commission.
SYSTEM NAME AND NUMBER:
SEC-17:
Minutes Regarding Action Taken by the Commission.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Secretary, Office of the Secretary, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 78a et seq.
PURPOSE(S) OF THE SYSTEM:
To record actions taken by the Commission and to distribute to senior supervisory personnel on the Commission's staff for informational purposes.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals who are the subject of official action taken by the SEC, including individuals who are named defendants or respondents in civil actions or administrative proceedings brought by the Commission.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records contain defendants' or respondents' names, and addresses and names of other related entities or individuals; present and voting SEC Commissioners' and staff names; and dates. The records describe the matter presented, and any recommendations of the staff.
RECORD SOURCE CATEGORIES:
Records are compiled from meetings of the Commission and from seriatims circulated to the Commission.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:Start Printed Page 85447
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.
22. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Start Printed Page 85448Commission or conducting records management inspections.
23. To any governmental agency, governmental or private collection agent, consumer reporting agency or commercial reporting agency, governmental or private employer of a debtor, or any other person, for collection, including collection by administrative offset, Federal salary offset, tax refund offset, or administrative wage garnishment, of amounts owed as a result of Commission civil or administrative proceedings.
24. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in Word on an Office of the Secretary restricted drive, in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
These records are indexed by date and can be retrieved by name from the Word file or from the paper copy. Older records can be retrieved from Records Management or from the National Archives and Records Administration.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained in-house as space permits, at which time they will be archived by Records Management and then retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration. Minutes are accessioned to NARA after 15 years.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize secure, password-protected electronic system that will utilize commensurate safeguards t commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41564 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—59 FR 27626 (May 27, 1994)
—62 FR 47884 (September 11, 1997)
SYSTEM NAME AND NUMBER:
SEC-24:
Freedom of Information and Privacy Act Requests.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, Office of Freedom of Information Act (FOIA) Services, 100 F Street NE, Washington, DC 20549. Other offices involved in the processing of requests may also maintain copies of the requests and related internal administrative records.
SYSTEM MANAGER(S):
FOIA/PA Officer, Office of FOIA Services, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 552, and 552a; Executive Order 9397.
PURPOSE(S) OF THE SYSTEM:
The records are used by Commission staff to process FOIA and Privacy Act requests and appeals, and to prepare reports to the Department of Justice, the Office of Management and Budget, and other oversight entities on the Commission's FOIA and PA activities.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Records are maintained on persons requesting information from the Commission pursuant to provisions of the Freedom of Information Act; persons who are the subject of Freedom of Information Act requests; individuals who have submitted requests for information about themselves or on behalf of an individual under the provisions of the Privacy Act of 1974; and individuals filing an administrative appeal of a denial, in whole or part, of any such request.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records received, created or compiled in processing FOIA and PA requests or appeals, including internal memoranda, correspondence to or from other Federal agencies, correspondence and response letters, appeal of denials under the FOIA, request for amendment of records under the Privacy Act, appeal for denials under the Privacy Act, appeal determinations, and electronic tracking data.
These records may contain personal information retrieved in response to a request including requesters' and their Start Printed Page 85449attorneys' or representatives' names, addresses, email, telephone numbers, and FOIA and PA case numbers; office telephone numbers of SEC employees and contractors; Names, telephone numbers, and addresses of the submitter of the information requested; Unique case identifier; Social Security Number; or other identifier assigned to the request or appeal.
RECORD SOURCE CATEGORIES:
Persons requesting information from the Commission pursuant to the Freedom of Information Act and the Privacy Act; agency employees assigned to handle processing the requests; agency records searched and identified as responsive in the process of responding to such requests; other agencies or entities that have referred to SEC requests concerning SEC records, or that have consulted with SEC regarding handling of particular requests; and submitters or subjects of records or information that have provided assistance to SEC in making access or amendment determinations.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
5. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
6. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
7. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
8. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
9. To respond to subpoenas in any litigation or other proceeding.
10. To a third party authorized in writing to receive such information by the individual about whom the information pertains.
11. To another Federal agency to (a) permit a decision as to access, amendment or correction of records to be made in consultation with or by that agency, (b) verify the identity of an individual or the accuracy of information submitted by an individual who requested access to, amendment of, or correction of records, or (c) to process payment of fees associated with FOIA/PA requests.
12. To the Department of Justice (DOJ) in order to obtain that department's advice on FOIA matters or regarding the agency's FOIA disclosure obligations.
13. To the Office of Management and Budget for the purpose of obtaining its advice on Privacy Act matters.
14. To the public pursuant to the provisions of the FOIA, 5 U.S.C. 552.
15. To the National Archives and Records Administration, Office of Government Information Services (OGIS), to the extent necessary to fulfill its responsibilities in 5 U.S.C. 552(h), to review administrative agency policies, procedures and compliance with the Freedom of Information Act (FOIA), and to facilitate OGIS' offering of mediation services to resolve disputes between persons making FOIA requests and administrative agencies.
16. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
17. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
18. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
19. To a Congressional office from the record of an individual in response to Start Printed Page 85450an inquiry from the Congressional office made at the request of that individual.
20. In connection with any litigation challenging or seeking to enjoin actions by the Commission under the Freedom of Information Act, as amended.
21. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, and/or on computer disc. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Electronic files and paper format records are indexed and retrieved by a unique case number assigned to the request. Records may also be retrieved by the requestor name and/or the subject of the request.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records are maintained in accordance with general records schedules of the National Archives and Records Administration, General Records Schedule 4.2
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41550 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—62 FR 47884 (September 11, 1997)
—77 FR 65913 (October 31, 2012)
—78 FR 41962 (July 12, 2013)
SYSTEM NAME AND NUMBER:
SEC-28:
Office of the Chief Accountant Working Files.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Chief Accountant, Office of the Chief Accountant, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 77a et seq., 78a et seq., 7201 et seq., and 17 CFR 200.22.
PURPOSE(S) OF THE SYSTEM:
1. To assist the Office of the Chief Accountant in performing the functions assigned to it by the Commission including the formulation and application of accounting or auditing policies in the case of documents required to be filed with the Commission and the determination of appropriate recommendations to the Commission relating to the disqualification of accountants to appear and practice before the Commission.
2. To respond to inquiries from Members of Congress, the press, and the public concerning accounting and auditing matters.
3. To assist investigations of possible violations of the Federal securities laws.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Accountants and persons associated with accountants and accounting firms and persons associated with SEC registrants, including individuals that submit requests for consultation with the Office of the Chief Accountant and individuals involved with or subjects of SEC investigations; and SEC personnel assigned to work on relevant matters.
CATEGORIES OF RECORDS IN THE SYSTEM:
The records contain names, mailing addresses, telephone numbers, email addresses, and/or information pertaining to accounting and auditing practices, problems, issues, and opinions and information concerning the activities of individuals in connection with Commission enforcement actions or in proceedings pursuant to the Commission's rules of practice.
RECORD SOURCE CATEGORIES:
The information contained in the system is derived from official SEC records, letters and inquiries from the public, SEC staff memoranda, which may include information derived from investigations, litigation, and other submissions, and professional auditing and accounting literature and information received from individuals including where practicable those to whom the records relate.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. Start Printed Page 85451552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records; (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47), as amended.
20. To respond to subpoenas in any litigation or other proceeding.Start Printed Page 85452
21. To a trustee in bankruptcy.
22. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections. 23. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Paper records are searchable by name, subject, firm, date, and/or internal file number. Electronic records are searchable through routine word searches to include searches by name, subject, firm and/or keyword.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange
Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Under 5 U.S.C. 552a(k)(2), this system of records is exempted from the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, and 200.306, insofar as it contains investigatory materials compiled for law enforcement purposes. This exemption is contained in 17 CFR 200.312(a)(3).
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41550 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—59 FR 27626 (May 27, 1994)
—62 FR 47884 (September 11, 1997)
—79 FR 30661 (May 28, 2014)
SYSTEM NAME AND NUMBER:
SEC-33:
Administrative and Litigation Release System.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549. Records in this system also may be maintained at the SEC Regional Offices.
SYSTEM MANAGER(S):
Secretary, Office of the Secretary, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 78a et seq.
PURPOSE(S) OF THE SYSTEM:
To allow SEC staff to maintain information regarding administrative, civil or criminal proceedings involving allegations of violations of the Federal securities laws or related statutes.
CATEGORIES OF INDIVIDUALS AND ENTITIES COVERED BY THE SYSTEM:
Records are maintained on persons who have been named as respondents or defendants in administrative, civil or criminal proceedings involving findings or allegations of violations of the Federal securities laws or related statutes.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records contain respondents' or defendants' names, and addresses. Releases pertaining to administrative proceedings are limited essentially to an identification of the respondents, a brief reference to the general nature of the underlying charges, and when appropriate, an identification of the particular securities involved. Litigation releases pertain to litigation matters and court enforcement actions brought under the Federal securities laws.
RECORD SOURCE CATEGORIES:
Records are obtained from administrative and court pleadings, transcripts, documents, and orders; SEC personnel; other SEC files; communications to the SEC; evidence gathered in connection with any matter within the jurisdiction of the SEC and from individuals, including where practicable, those to whom the records relate.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. Start Printed Page 85453552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, or who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.Start Printed Page 85454
21. To a trustee in bankruptcy.
22. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
23. To any governmental agency, governmental or private collection agent, consumer reporting agency or commercial reporting agency, governmental or private employer of a debtor, or any other person, for collection, including collection by administrative offset, Federal salary offset, tax refund offset, or administrative wage garnishment, of amounts owed as a result of Commission civil or administrative proceedings.
24. In giving public notice of the institution and disposition of an administrative, civil, or criminal proceeding brought under the Federal securities laws or related statutes.
25. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored on a restricted Office of the Secretary drive and in a computerized database. Paper records are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be accessed by relevant name and file number.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41550 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—59 FR 27626 (May 27, 1994)
—62 FR 47884 (September 11, 1997)
SYSTEM NAME AND NUMBER:
SEC—36:
Administrative Proceeding Files.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Secretary, Office of the Secretary, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 77h(e), 77u, 78v, 78o(b), 80a-40, and 80b-12; the Commission's Rules of Practice, 17 CFR 201.100 through 900 and the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106.
PURPOSE(S) OF THE SYSTEM:
The records in this system may be utilized in any proceeding where the Federal securities laws are in issue or in which the Commission or past or present members of its staff is a party or otherwise involved in an official capacity.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Records are maintained on all individuals that are involved in administrative proceedings before the SEC, including, participants, witnesses, attorneys, SEC employees, contractors, interns, affiliates, and others working on behalf of the SEC.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records may include the names and addresses of parties; participants; witnesses, attorneys, SEC employees and others working on behalf of the SEC. Additionally, records may include orders for proceedings, answers, motions, responses, orders, offers of settlement and other pleadings; transcripts of all hearings and documents introduced as evidence therein; other relevant documents and correspondence relating to proceedings.
RECORD SOURCE CATEGORIES:
These records are obtained from counsel involved in the administrative proceeding, internal Commission files, and from individuals including, where practicable, the individual as to whom the record pertains.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects Start Printed Page 85455or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction. In matters involving public proceedings, records maybe made publicly available. 19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.
22. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Start Printed Page 85456Commission or conducting records management inspections.
23. To any governmental agency, governmental or private collection agent, consumer reporting agency or commercial reporting agency, governmental or private employer of a debtor, or any other person, for collection, including collection by administrative offset, Federal salary offset, tax refund offset, or administrative wage garnishment, of amounts owed as a result of Commission civil or administrative proceedings.
24. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach; or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are indexed by names of both parties cross-indexing to individual's name is available through searchable databases. Additionally, records can be retrieved by matter number.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24 hour security guard service. Records are required to be safeguarded in accordance with applicable SEC rules and policies. Computerized records are safeguarded in secured, encrypted environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption, and Security Assessment & Authorization (SA&A). Records will be maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41550 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—43 FR 36536 (August 17, 1978)
—46 FR 63439 (December 31, 1981)
—54 FR 24454 (June 7, 1989)
—59 FR 27626 (May 27, 1994)
—62 FR 47884 (September 11, 1997)
—79 FR 69894 (November 24, 2014)
SYSTEM NAME AND NUMBER:
SEC-38:
Disciplinary and Adverse Actions, Employee Conduct, and Labor Relations Files.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, Office of Human Resources100 F Street NE, Washington, DC 20549-3990.
SYSTEM MANAGER(S):
Associate Executive Director, Office of Human Resources, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-3990.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 1302 and 2951 and 17 CFR 200.735-13
PURPOSE(S) OF THE SYSTEM:
Assigned staff uses records to verify employee and agency compliance with law, regulation, case decisions, agency policies, and the Collective Bargaining Agreement.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Present and former SEC employees.
CATEGORIES OF RECORDS IN THE SYSTEM:
The system of records includes information in the following categories of records: (a) Disciplinary and adverse action cases, regulatory appeal files, grievances and complaints relating to an employee, union issues (including collective bargaining documents and dues withholding forms), leave bank/transfer date, and third party complaints; (b) Investigatory materials gathered in connection with the individual's initial appointment to the agency as well as materials gathered in connection with investigations into allegations of employee misconduct.
RECORD SOURCE CATEGORIES:
Employees, managers, union officials.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of Start Printed Page 85457the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. In any proceeding where the human resources law or regulations are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
4. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
5. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
6. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
7. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
8. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
9. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
10. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.
11. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are indexed and retrieved by employee name or assigned ID.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41550 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—62 FR 47884 (September 11, 1997)
—76 FR 30213 (May 24, 2011)
SYSTEM NAME AND NUMBER:
SEC-41:
Child Care Subsidy ProgramStart Printed Page 85458
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Childcare Subsidy Program Applications: FEEA-SEC Child Care Subsidy, 8441- W. Bowles Ave, suite 200, Littleton, CO 80123-9501. Utilization reports and other related records: Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
General Counsel, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Title 15, United States Code, section 77s, 77sss, 78d (b), 78w, 80a-37, and 80b-11.
PURPOSE(S) OF THE SYSTEM:
To determine eligibility for, and the amount of, the child care tuition subsidy for lower income SEC employees.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Present and former SEC employees and their children and child care providers.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records contain (1) employee's name, social security number, telephone numbers, address, grade, gross annual salary, gross family income that was reported on the latest Federal income tax return, and number of dependent children; (2) employee's child's name, date of birth, social security number, weekly tuition cost, amount of child care tuition subsidy from state or local government; and (3) employee's child care provider's name, address, telephone number, tax identification number, and license number.
RECORD SOURCE CATEGORIES:
Applications for child care subsidy and supporting records, which are voluntarily submitted by employees.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
4. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
5. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
6. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
7. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
8. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
9. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
10. To any Federal, state, or local government authority implementing child care subsidy programs or investigating a violation or potential violation of a statute, rule, regulation, or order.
11. To the Office of Personnel Management to be used for evaluating the child care subsidy program.
12. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.
13. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
These records are retrievable by the employee's name or social security number.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.Start Printed Page 85459
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: fIrewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Under 5 U.S.C. 552a(k)(2), this system of records is exempted from the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, and 200.306, insofar as it contains investigatory materials compiled for law enforcement purposes. This exemption is contained in 17 CFR 200.312(a)(5).
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41550 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—57 FR 14592 (April 21, 1992)
—59 FR 27626 (May 27, 1994)
—62 FR 47884 (September 11, 1997)
—65 FR 49037 (August 10, 2000)
—77 FR 65913 (October 31, 2012)
SYSTEM NAME AND NUMBER:
SEC-42:
Enforcement Files.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549. Files may also be maintained in the Commission's Regional Offices that conducted an investigation or litigation, or at a records management company under contract with the Commission. Closed investigatory files are stored at a Federal records center.
SYSTEM MANAGER(S):
Director, Division of Enforcement, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-0801; Records Officer, Office of Records Management Services, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549; New York Regional Office, Regional Director, 3 World Financial Center, Suite 400, New York, NY 10281-1022; Boston Regional Office, Regional Director, 33 Arch Street, 23rd Floor, Boston, MA 02110-1424; Philadelphia Regional Office, Regional Director, The Mellon Independence Center, 701 Market Street, Philadelphia, PA 19106-1532; Miami Regional Office, Regional Director, 801 Brickell Ave., Suite 1800, Miami, FL 33131, Atlanta Regional Office, Regional Director, 3475 Lenox Road NE, Suite 1000, Atlanta, GA 30326-1232; Chicago Regional Office, Regional Director, 175 W. Jackson Boulevard, Suite 900, Chicago, IL 60604; Denver Regional Office, Regional Director, 1801 California Street, Suite 1500, Denver, CO 80202-2656; Fort Worth Regional Office, Regional Director, Burnett Plaza, Suite 1900, 801 Cherry Street, Unit 18, Fort Worth, TX 76102; Salt Lake Regional Office, Regional Director, 15 W. South Temple Street, Suite 1800, Salt Lake City, UT 84101; Los Angeles Regional Office, Regional Director, 5670 Wilshire Boulevard, 11th Floor, Los Angeles, CA 90036-3648; San Francisco Regional Office, Regional Director, 44 Montgomery Street, Suite 2600, San Francisco, CA 94104.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 77s, 77t, 78u, 77uuu, 80a-41, and 80b-9.17 CFR 202.5.
PURPOSE(S) OF THE SYSTEM:
The records are maintained for purposes of the Commission's investigations and actions to enforce the Federal securities laws. Additionally, the information in the system is used in conjunction with the collection of amounts ordered to be paid in enforcement actions, a function that is a necessary component of litigation.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Records are maintained on persons who have been involved in Commission investigations or litigation, or in activities which violated or may have violated Federal, state or foreign laws relating to transactions in securities, the conduct of securities business or investment advisory activities, and banking or other financial activities.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records contain names and addresses of persons involved in Commission investigations or litigation. Also, correspondence relevant to the matter, internal staff memoranda, Commission minutes and Commission orders, copies of subpoenas issued in the course of the matter, affidavits, transcripts of testimony and exhibits thereto, copies of pleadings and exhibits in related private or governmental actions, documents and other evidence obtained in the course of the matter, computerized records, working papers of the staff and other documents and records relating to the matter, opening reports, progress reports and closing reports, and miscellaneous records relating to investigations or litigation.
RECORD SOURCE CATEGORIES:
Information in these records is supplied by: Individuals including, where practicable, those to whom the information relates; witnesses, banks, corporations, or other entities; self-regulatory organizations; the Postal Inspection Service, the Department of Justice, state securities commissions, other Federal, state, or local bodies and Start Printed Page 85460law enforcement agencies or foreign governmental authorities; public sources, i.e., libraries, newspapers, television, radio, court records, filings with Federal, state, and local bodies; filings made with the SEC pursuant to law; electronic information sources; other offices within the Commission; documents, litigation, transcripts of testimony, evidence introduced into court, orders entered by a court and correspondence relating to litigation; pleadings in administrative proceedings, transcripts of testimony, documents, including evidence entered in such proceedings, and miscellaneous other sources.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Start Printed Page 85461Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.
22. To any governmental agency, governmental or private collection agent, consumer reporting agency or commercial reporting agency, governmental or private employer of a debtor, or any other person, for collection, including collection by administrative offset, Federal salary offset, tax refund offset, or administrative wage garnishment, of amounts owed as a result of Commission civil or administrative proceedings.
23. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
DISCLOSURE TO CONSUMER REPORTING AGENCIES:
When the Commission seeks to collect a debt arising from a civil action or administrative proceeding, it may disclose the following information to a consumer reporting agency: (i) Information necessary to establish the identity of the debtor, including name, address and taxpayer identification number or social security number; (ii) the amount, status, and history of the debt; and (iii) the fact that the debt arose from a Commission action or proceeding to enforce the Federal securities laws.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS
The records are retrieved by the name under which the investigation is conducted or administrative or judicial litigation is filed. Access to information about an individual may be obtained through the Commission's Name-Relationship Search Index system by the name of the individual. Information concerning an individual may also be obtained by reference to computer-based indices maintained by the Division of Enforcement.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Under 5 U.S.C. 552a(k)(2), this system of records is exempted from the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, and 200.306, insofar as it contains investigatory materials compiled for law enforcement purposes. This exemption is contained in 17 CFR 200.312(a)(1).
HISTORY:
This SORN was last published in full in the Federal Register at 40 FR 39253 (August 27, 1975). Subsequent notices of revision can be found at the following citations:
—41 FR 5318 (February 5, 1976)
—41 FR 11631 (March 19, 1976)
—41 FR 41550 (September 22, 1976)
—42 FR 36333 (July 14, 1977)
—46 FR 63439 (December 31, 1981)
—59 FR 27626 (May 27, 1994)
—62 FR 47884 (September 11, 1997)
—67 FR 48497 (July 24, 2002)
—76 FR 30213 (May 24, 2011)
SYSTEM NAME AND NUMBER:
SEC-43: Office of Inspector General Working Files.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Office of the Inspector General, Securities and Exchange Commission (SEC), 100 F Street NE, Washington, DC 20549. Closed files may be stored at a Federal records center in accordance with the SEC's records retention schedule.Start Printed Page 85462
SYSTEM MANAGER(S):
Inspector General, Office of Inspector General, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Inspector General Act of 1978, as amended, Pub. L. 95-452, 5 U.S.C. App. 6; Dodd-Frank Wall Street Reform and Consumer Protection Act, Pub. L. 111-203, 15 U.S.C. 78d-4.
PURPOSE(S) OF THE SYSTEM:
The purpose of this system of records is to enable the OIG to effectively and efficiently conduct investigations, audits, and inquiries relating to the programs and operations of the SEC; to allow OIG staff to provide legal advice and assistance to the Inspector General with respect to OIG investigations, audits, inquiries, actions, and agency operations; to represent the OIG in judicial and administrative proceedings in which the OIG or its personnel are involved as a party or a witness; to manage, track and report on matters and caseloads handled by OIG staff; to respond to communications and correspondence, as authorized by the Inspector General Act of 1978, as amended and the Dodd-Frank Wall Street Reform and Consumer Protection Act.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
This system of records contains records on individuals, including subjects, complainants, and witnesses, in connection with the SEC Office of Inspector General's (OIG) investigations, audits, or inquiries relating to programs and operations of the SEC. This system of records also includes records on individuals who are involved in litigation or administrative proceedings with the OIG, OIG employees whose conduct or performance raises concern, and individuals who correspond with the OIG such as members of Congress and their staff, members of the public and SEC employees who make suggestions through the OIG Employee Suggestion Hotline.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records include: Case management systems that contain unique control numbers, descriptive information, and supporting documents for OIG matters; incoming complaints and complaint logs; preliminary inquiry files and indexes; correspondence; internal staff memoranda and legal analysis; copies of all subpoenas issued during investigations; subpoena logs; affidavits, declarations and statements from witnesses; transcripts of interviews conducted or testimony taken and accompanying exhibits; documents and records obtained during investigations, audits and administrative litigation; working papers of the staff; investigative plans, operation plans, status reports, reports of investigation, and closing memoranda; information and documents relating to grand jury proceedings; arrest and search warrant affidavits; information and documents relating to criminal, civil, and administrative actions; information and documents received from other law enforcement entities; personnel information for witnesses, subjects, and OIG staff; investigative peer review files; Congressional correspondence; SEC employee suggestions; and other internal and external communications.
RECORD SOURCE CATEGORIES:
Information in these records is supplied by: Individuals including, where practicable, those to whom the information relates; witnesses, corporations and other entities; records of individuals and of the SEC; records of other entities; Federal, foreign, state or local bodies and law enforcement agencies; documents and correspondence relating to litigation and administrative proceedings; public sources; and miscellaneous other sources.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (a) it is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised; (b) the OIG has determined that, as a result of the suspected or confirmed compromise, there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the SEC or OIG or another agency or entity) that rely upon the compromised information; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC or OIG's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
2. To another Federal agency or Federal entity, when the OIG determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach; or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal government, or national security resulting from a suspected or confirmed breach.
3. Where there is an indication of a violation or a potential violation of law, whether civil, criminal or regulatory in nature, to the appropriate agency, whether Federal, foreign, state, or local, or to a securities self-regulatory organization, charged with enforcing or implementing the statute, or rule, regulation or order.
4. To Federal, foreign, state, or local authorities in order to obtain information or records relevant to an OIG investigation or inquiry.
5. To non-governmental parties where those parties may have information the OIG seeks to obtain in connection with an investigation or inquiry.
6. To respond to subpoenas in any litigation or other proceeding.
7. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
8. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
9. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
10. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.Start Printed Page 85463
11. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
12. To inform complainants, victims, and witnesses of the results of an investigation or inquiry.
13. To any persons during the course of any inquiry, audit, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
14. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
15. To qualified individuals or organizations in connection with the performance of a peer review or other study of the OIG's audit or investigative functions.
16. To a Federal agency responsible for considering debarment or suspension action if the record would be relevant to such action.
17. To the Department of Justice for the purpose of obtaining its advice on Freedom of Information Act matters.
18. To a Congressional office in response to an inquiry from the Congressional office.
19. To the Office of Government Ethics (OGE) to comply with agency reporting requirements established by OGE in 5 CFR 2638, subpart F.
20. To a Federal, state, local, foreign or administrative body, or before an arbitrator, when the SEC is a party to or has an interest in litigation or other legal proceedings, including to legal counsel representing the SEC or SEC employees, or other actual or potential parties, in connection with litigation, discovery or settlement discussions.
21. To an authorized investigator, administrative judge, or complaints examiner appointed by the Equal Employment Opportunity Commission when requested in connection with the investigation of a complaint of discrimination filed against the SEC under 29 CFR part 1614.
22. To the Merit Systems Protection Board or Office of the Special Counsel for the purpose of litigation, including administrative proceedings, appeals, special studies, investigations of alleged or possible prohibited personnel practices, and such other functions as may be authorized by law.
23. To the news media and the public when there exists a legitimate public interest (e.g., to provide information on events in the criminal process, such as an indictment).
24. To the Council of the Inspectors General on Integrity and Efficiency, another Federal Office of Inspector General, or other Federal law enforcement office in connection with an allegation of wrongdoing by the Inspector General or OIG staff members.
25. To a contractor when there has been an SEC or OIG investigation or inquiry into the conduct or performance of the contractor's employees.
26. In reports published by the OIG pursuant to its authority granted in the Inspector General Act of 1978, as amended, Public Law 95-452, 5 U.S.C. App. 6, and Dodd-Frank Wall Street Reform and Consumer Protection Act, Public Law 111-203, 15 U.S.C § 78d-4.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets or are maintained in secure off-site storage.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
The records may be retrieved by the name of the SEC employee, complainant, subject, witness, victim or member of the public; the OIG staff name for the audit, investigation or inquiry; or other indexed information.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A). Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
CONTESTING RECORD PROCEDURES:
See record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
Pursuant to 5 U.S.C. 552a(j)(2) and 17 CFR 200.313(a), this system of records is exempt from the provisions of the Privacy Act of 1974, 5 U.S.C. 552a, except subsections (b), (c)(1) and (2), (e)(4)(A) through (F), (e)(6), (7), (9), (10), and (11), and (i), and 17 CFR 200.303, 200.403, 200.306, 200.307, 200.308, Start Printed Page 85464200.309, and 200.310, insofar as the system contains information pertaining to criminal law enforcement investigations.
Pursuant to 5 U.S.C. 552a(k)(2) and 17 CFR 200.313(b), this system of records is exempt from 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f), and 17 CFR 200.303, 200.304, and 200.306, insofar as the system contains investigatory materials compiled for law enforcement purposes.
HISTORY:
This SORN was last published in full in the Federal Register at 79 FR 30661 (May 28, 2014).
SYSTEM NAME AND NUMBER:
SEC-45:
Mass Transportation Subsidy Program.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission (SEC), Operations Center, Office of Human Resources, 100 F Street NE, Washington, DC 20549. Records are also maintained at SEC Regional Offices. U.S. Department of Transportation, 1200 New Jersey Avenue SE, Washington, DC 20590.
SYSTEM MANAGER(S):
Assistant Director, Office of Human Resources, 100 F Street NE, Washington, DC 20549-2465.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Executive Order: 12191; Pub. L. 101-509, Section 629; Pub. L. 103-172; 26 CFR 1.132-6; and 42 U.S.C. 13201 et seq.
PURPOSE(S) OF THE SYSTEM:
To encourage employees to use public transportation as a means to conserve petroleum, reduce traffic congestion, and improve air quality.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
SEC employees who participate in the Mass Transportation Subsidy Program.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records include the employee's name, address, office telephone number, mode of transportation, transportation costs, date of entry into transit program, last four digits of social security number, organization, SmartTrip number, and date of annual certification.
RECORD SOURCE CATEGORIES:
Records include SEC Form 2445, Application to Transit Subsidy Program, SEC Form 2344, Return/Termination of Public Transportation Subsidy; Employee Certification for Public Transportation Subsidy; Receipt for Public Transportation Subsidy; SEC Form 2318, Disbursing Agents, Voucher; and SEC Form 2407, Authorization for Third-Party Receipt of Public Transportation Subsidy.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
4. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
5. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
6. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
7. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
8. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
9. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
10. To the appropriate personnel for periodic review of revalidation for subsidy.
11. To the Office of Inspector General for investigating allegations of abuse.
12. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.
13. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained and stored in an electronic format.Start Printed Page 85465
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are retrieved by name, last four digits of SSN or assigned division within the SEC.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 63 FR 37423 (July 10, 1998). Subsequent notices of revision can be found at the following citations:
SYSTEM NAME AND NUMBER:
SEC-46:
Facilities Access Badge System.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
SYSTEM MANAGER(S):
Securities and Exchange Commission, Office of Security Services, Office of Support Operations, 100 F Street NE, Washington, DC 20549-1627.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301 and Executive Order 13231 of October 16, 2001, on Critical Infrastructure Protection ; the Federal Property and Administrative Services Act of 1949, 40 U.S.C. 101 et seq.; Homeland Security Presidential Directive 12 (HSPD-12), Policy for a Common Identification Standard for Federal Employees and Contractors, August 27, 2004.
PURPOSE(S) OF THE SYSTEM:
Records are for physical and operational security to identify authorized personnel permitted unescorted access to Commission facilities. It is also used to issue Special Credentials used as a physical and operational security measure to identify SEC employees in the performance of their duties. Records are for physical and operational security and can only be used for purposes compatible with the purpose for which it was collected as cited in the Privacy Act of 1974, 5 U.S.C. 552(a)7.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Commission employees, members of the press, contractors, volunteers, tenants, interns, consultants, and employees of other Federal agencies who require access to Commission facilities for extended periods of time.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records include the Government Personal Identity Verification (PIV) Card. The SEC system of records may contain the following: Name, date of birth, sex, social security number, citizenship, weight, height, color of hair and eyes, photograph, employee record number, card chip number, authorized access rights, date of issuance, date of return, date background investigation completed, Headquarters and Field Office Access Card (name, date of birth, weight, height, color of hair and eyes, photograph, employee record number, card chip number, authorized access rights, date of issuance, and date of expiration); Special Credential (signature of authorizing official, photograph, control number, date of issuance and date of expiration).
RECORD SOURCE CATEGORIES:
The issuing official or person issued the badge.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or tribal law enforcement agencies; to assist in or coordinate law enforcement activities with the SEC.
3. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
4. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of Start Printed Page 85466assisting the Commission in the efficient administration of its programs, including by performing clerical, technical, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
5. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
6. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
7. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
8. To respond to subpoenas in any litigation or other proceeding.
9. To the Office of Inspector General or Office of Human Resources for investigative purposes.
10. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Electronic records may be retrieved by the employee's name and identification number.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 63 FR 37423 (July 10, 1998). Subsequent notices of revision can be found at the following citations:
—72 FR 2036 (January 17, 2007)
SYSTEM NAME AND NUMBER:
SEC-48:
Fitness Center Membership, Payment, and Fitness Records SEC Employee's Health and Fitness Program Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
Aquila Fitness Consulting Systems, Ltd, 429 Lenox Avenue, Suite 4W21, Miami Beach, FL 33139-6532.
SYSTEM MANAGER(S):
Associate Executive Director, Office of Human Resources, Securities and Exchange Commission, Operations Center, 6432 General Green Way, Mail Stop 0-1, Alexandria, VA 22312-2413.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 7901, et seq.
PURPOSE(S) OF THE SYSTEM:
The system enables SEC Fitness Center staff to track Fitness Center membership, fee payments, and the physical fitness of members. The primary use of these records is to allow the SEC to provide a variety of health and fitness resources to its employees.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
SEC employees who voluntarily sign up for membership benefits for SEC fitness programs.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records may contain employee name, division, office address, email address, home address, home and cell telephone numbers, date of birth, health pre-screening questions, membership number, fee and payment information (including electronic debit information), and fitness progress charts.Start Printed Page 85467
RECORD SOURCE CATEGORIES:
All information is provided by Fitness Center members.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
3. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
4. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
5. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
6. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.
7. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are retrieved by the individual's name or membership number.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 64 FR 19840 (April 22, 1999). Subsequent notices of revision can be found at the following citations:
—77 FR 16569 (March 21, 2012)
SYSTEM NAME AND NUMBER:
SEC-51:
Continuity Support Center (CSC).
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Executive Director, Office of the Executive Director, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.Start Printed Page 85468
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301, Executive Order 12656 (Nov. 18, 1988), Assignment of Emergency Preparedness Responsibilities; National Security Presidential Directive 51/Homeland Security Presidential Directive 20; National Continuity Policy, May 9, 2007.
PURPOSE(S) OF THE SYSTEM:
1. To maintain emergency contact information for current members and employees of the Commission for use in developing and maintaining emergency contingency operations plans, such as a formal continuity of operations (COOP) plan, for the Commission.
2. To provide alert and notification, determine team and task assignments, develop and maintain an emergency contact system for general emergency preparedness programs and specific situations (including threat alerts, weather related emergencies or other critical situations).
3. To activate COOP for Commission wide response to threat alerts issued by the Department of Homeland Security (DHS).
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Members and employees of the Commission and contractors.
CATEGORIES OF RECORDS IN THE SYSTEM:
Name, job title, organizational code number, work and home addresses, work and personal electronic mail addresses, work, home, and cellular telephone numbers; pager numbers and Blackberry PIN numbers.
RECORD SOURCE CATEGORIES:
Records are obtained from the position control system and from the individual.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
4. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
5. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
6. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
7. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
8. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
9. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
10. To any Federal government authority for the purpose of coordinating and reviewing agency continuity of operations plans or emergency contingency plans developed for responding to Department of Homeland Security threat alerts.
11. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.
12. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
These records are retrieved by individual's names, or by the categories listed above under “Categories of Records in the System.”
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security Start Printed Page 85469cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 68 FR 23168 (April 30, 2003).
SYSTEM NAME AND NUMBER:
SEC-52:
Visitor Badge and Employee Day Pass System.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, Security Branch, Office of Administrative Services, 100 F Street NE, Washington, DC 20549-1627.
SYSTEM MANAGER(S):
Chief of Security Branch, Office of Administrative Services, Security Branch, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-1627.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301 and Executive Order 13231 of October 16, 2001 on Critical Infrastructure Protection; Homeland Security Presidential Directive 12 (HSPD-12), Policy for a Common Identification Standard for Federal Employees and Contractors, August 27, 2004.
PURPOSE(S) OF THE SYSTEM:
This system is primarily designed as a physical and operational security system to control access to Commission facilities by visitors and representatives from other Federal agencies. It is also used to issue temporary badges for Commission staff or contractors who are not in possession of their badge and are authorized to enter SEC facilities. Records are for physical and operational security and can only be used for purposes compatible with the purpose for which it was collected as cited in the Privacy Act of 1974, 5 U.S.C. 552(a)7.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Authorized visitors and Commission employees who access Commission facilities are covered by this system.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records may include the name, photograph, country represented the number of the printed barcode issued for each badge, visitor category, the location, date, and time of entry to the secure Commission facility. Records may include the following information from scanned driver's licenses and passports: First and last name. Further information contained within the system will be the name of the person being visited and the reason for the visit. The system may maintain check in and check out times, current status of visitor, and a barcode assigned by the system software for each visitor record.
RECORD SOURCE CATEGORIES:
Information is provided by the visitor seeking access to Commission facilities to meet with Commission employees or contractors, by Commission employees who pre-register visitors, and by Commission employees or contractors with badges, who on that occasion do not have their access badge and seek access to SEC facilities.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or tribal law enforcement agencies; to assist in or coordinate law enforcement activities with the SEC.
3. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
4. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
5. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, technical, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
6. To members of advisory committees that are created by the Start Printed Page 85470Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
7. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
8. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
9. To respond to subpoenas in any litigation or other proceeding.
10. To the Office of Inspector General or the Office of Human Resources for investigative purposes.
11. Records may be used by staff of the Commission's Security Branch, the Office of Human Resources, and the Office of the Inspector General in routine reports or investigations to review access to SEC facilities and to assess compliance with established security procedures and policies.
12. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by the Individual's name, person visited, date of visit and/or barcode number (as printed in the form of a barcode on the badge).
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 71 FR 3907 (January 24, 2006).
SYSTEM NAME AND NUMBER:
SEC-54:
Photographic Files.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Branch Chief, Library Services, Securities and Exchange Commission, Library, 100 F Street NE, Room 1550, Washington, DC 20549-2465.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301, Departmental Regulations.
PURPOSE(S) OF THE SYSTEM:
1. To digitize SEC photographic files in support of the preservation of these materials.
2. To be used for reproduction by Commission staff organizing such events as awards ceremonies, farewell ceremonies and receptions, Commission anniversary ceremonies and receptions, and Commission training and educational programs.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Commission staff, visitors from other Federal agencies and members of the public.
CATEGORIES OF RECORDS IN THE SYSTEM:
The records in the system include photographic prints, negatives, and slides. Records may also include digital photographs, as well as digitized images of photographic prints, negatives, and slides. Indexing data, including such data elements as date, event, and personal name and title, will be created for these materials.
RECORD SOURCE CATEGORIES:
Photographic files are provided to the Library for inclusion in the Library's collection on an ongoing basis. Donors include Commission employees who have photographed an event or individuals donating their photographic collections to the Library for the purposes of preservation and access. Indexing information is derived from information recorded on photographs, or from Commission staff or other Start Printed Page 85471individuals who have knowledge of the event and individuals photographed.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
5. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
6. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
7. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
8. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
9. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
10. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
11. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
12. To respond to subpoenas in any litigation or other proceeding.
13. For distribution and presentation for news, public relations and community affairs purposes.
14. In support of research activities conducted by staff of the Commission and other Federal agencies, as well as members of the public.
15. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by such information as date of event, name of event, and/or name(s) of individual(s), where such information is available.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Start Printed Page 85472Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 71 FR 63810 (October 31, 2006).
SYSTEM NAME AND NUMBER:
SEC-55:
Information Pertaining or Relevant to SEC Registrants and Their Activities
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549. Records also are maintained in the SEC Regional Offices.
SYSTEM MANAGER(S):
Chief Information Officer, Office of Information Technology, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 78a et seq., 80a-1 et seq., and 80b-1 et seq.
PURPOSE(S) OF THE SYSTEM:
1. For use by authorized SEC personnel in connection with their official functions including, but not limited to, conducting examinations for compliance with Federal securities laws, investigations into possible violations of the Federal securities laws, and other matters relating to the SEC's regulatory and law enforcement functions.
2. To maintain continuity within the SEC as to each Regulated Entity and to provide SEC staff with the background and results of earlier examinations of Regulated Entities, as well as an insight into current industry practices or possible regulatory compliance issues.
3. To conduct lawful relational searches or analysis or filtering of data in matters relating to the SEC's examination, regulatory or law enforcement functions.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Records concern individuals associated with entities or persons that are regulated by the SEC to include broker-dealers, investment advisers, investment companies, self-regulatory organizations, clearing agencies, nationally recognized statistical rating organizations, transfer agents, municipal securities dealers, municipal advisors, security-based swap dealers, security-based swap data repositories, major security-based swap participants, security-based swap execution facilities, and funding portals (individually, a “Regulated Entity;” collectively, “Regulated Entities”). Records may also concern persons, directly or indirectly, with whom Regulated Entities or their affiliates have client relations or business arrangements.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records may contain Regulated Entities' and their associated persons' names, addresses, telephone numbers and email addresses. Additionally, there may be information relating to the business activities and transactions of Regulated Entities and their associated persons, as well as their compliance with provisions of the Federal securities laws and with other applicable rules.
RECORD SOURCE CATEGORIES:
Record sources include filings made by Regulated Entities; information obtained through examinations or investigations of Regulated Entities and their activities; information contained in SEC correspondence with Regulated Entities; information received from other Federal, state, local, foreign or other regulatory organizations or law enforcement agencies; complaint information received by the SEC via letters, telephone calls, emails or any other form of communication; and data obtained from third-party sources.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records; (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct.
5. In any proceeding where the Federal securities laws are in issue or in Start Printed Page 85473which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.
22. To any governmental agency, governmental or private collection agent, consumer reporting agency or commercial reporting agency, governmental or private employer of a debtor, or any other person, for collection, including collection by administrative offset, Federal salary offset, tax refund offset, or administrative wage garnishment, of amounts owed as a result of Commission civil or administrative proceedings.
23. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
24. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape, and/or digital media. Paper records and records on digital media are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Information is indexed by name of the Regulated Entity or by certain SEC identification numbers. Information regarding individuals may be obtained through the use of cross-reference methodology or some form of personal identifier. Access for inquiry purposes is via a computer terminal.Start Printed Page 85474
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. Records are required to be safeguarded in accordance with applicable SEC rules and policies. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A). Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
Notification Procedures
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 74 FR 36281 (July 22, 2009). Subsequent notices of revision can be found at the following citations:
—75 FR 35853 (June 23, 2010)
—79 FR 69894 (November 24, 2014)
SYSTEM NAME AND NUMBER:
SEC-56:
Mailing, Contact and Other Lists.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549. Records are also maintained in the SEC Regional Offices.
SYSTEM MANAGER(S):
U.S. Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549. Components: Office of the Chairman and Commissioners, Division of Corporation Finance, Division of Trading and Markets, Division of Investment Management, Division of Enforcement, Office of the General Counsel, Office of the Chief Accountant, Office of Economic Analysis, Office of Compliance Inspections and Examinations, Office of International Affairs, Office of Investor Education and Advocacy, Office of Information Technology, Office of the Executive Director, Office of Human Resources, Office of Financial Management, Office of Administrative Services, Office of Risk Assessment, Office of the Inspector General, Office of Legislative and Intergovernmental Affairs, Office of Public Affairs, Office of the Secretary, Office of Equal Employment Opportunity, and Office of Administrative Law Judges.
For Regional Offices
New York Regional Office, Regional Director, 3 World Financial Center, Suite 400, New York, NY 10281-1022; Boston Regional Office, Regional Director, 33 Arch Street, 23rd Floor, Boston, MA 02110-1424; Philadelphia Regional Office, Regional Director, The Mellon Independence Center, 701 Market Street, Suite 2000, Philadelphia, PA 19106-1532; Miami Regional Office, Regional Director, 801 Brickell Avenue, Suite 1800, Miami, FL 33131-4901, Atlanta Regional Office, Regional Director, 3475 Lenox Road NE, Suite 1000, Atlanta, GA 30326-1232; Chicago Regional Office, Regional Director, 175 West Jackson Boulevard, Suite 900, Chicago, IL 60604-2908; Denver Regional Office, Regional Director, 1801 California Street, Suite 1500, Denver, CO 80202-2656; Fort Worth Regional Office, Regional Director, Burnett Plaza, Suite 1900, 801 Cherry Street, Unit #18, Fort Worth, TX 76102-6882; Salt Lake Regional Office, Regional Director, 15 West South Temple Street, Suite 1800, Salt Lake City, UT 84101-1573; Los Angeles Regional Office, Regional Director, 5670 Wilshire Boulevard, 11th Floor, Los Angeles, CA 90036-3648; San Francisco Regional Office, Regional Director, 44 Montgomery Street, Suite 2600, San Francisco, CA 94104-4716.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 77a et seq., 78a et seq., 80a-1 et seq., and 80b-1 et seq.
PURPOSE(S) OF THE SYSTEM:
1. To track and process complaints/inquiries/requests/comments and communications from members of the public, including industry representatives, counsel, and others.
2. To handle subscription requests for informational literature, reports, and other SEC materials, via individual, mass, and targeted mailing in the furtherance of SEC activities.
3. To process registration, conduct surveys, and issue supplemental information for SEC-related activities and events.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Records contain information related to individuals and employees who submit requests for information, subscriptions, inquiries, guidance, informal advice and other assistance to the SEC in any format, including but not limited to paper, telephone, and electronic submissions; SEC personnel assigned to handle such correspondence; individuals who have registered for SEC events and responded to questionnaires, request forms and feedback forms; and individuals who elect to participate in SEC surveys and studies.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records may contain information relating to but not limited to name, title, affiliation, mailing address, telephone number, cell phone number, fax number, email address, business affiliation, other contact and related supporting information provided to the Commission by individuals or derived from other sources covered by this system of records and not currently covered under an existing SORN.Start Printed Page 85475
RECORD SOURCE CATEGORIES:
The information is supplied by the individual and/or company making the request. Data may also be added pertaining to the fulfillment of the request. Information may also be obtained from other SEC records systems.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
5. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
6. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
7. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
8. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
9. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
10. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
11. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
12. To respond to subpoenas in any litigation or other proceeding.
13. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by any of the following: Email address, name, or an assigned file number for the purpose of responding to the requestor. Information may additionally be retrieved by other personal identifiers.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.Start Printed Page 85476
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 74 FR 36281 (July 22, 2009). Subsequent notices of revision can be found at the following citations:
—75 FR 9968 (April 13, 2010)
SYSTEM NAME AND NUMBER:
SEC-57: Office of International Affairs Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Office of International Affairs, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Deputy Director, Office of International Affairs, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-1004.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 77s, 77t, 78u, 77uuu, 80a-41, 80b-9, and 17 CFR 202.5.
PURPOSE(S) OF THE SYSTEM:
Tracks data gathered by the Office of International Affairs with respect to processing (1) requests for enforcement cooperation with foreign regulators and law enforcement agencies; (2) international regulatory policy matters designed to protect investors, improve market efficiency, and eliminate opportunities for “regulatory arbitrage”; (3) technical assistance and international training programs for emerging securities markets; (4) directory of contacts for foreign regulators and stock exchanges; (5) SEC staff foreign travel; and (6) USAID Reimbursement.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Foreign and domestic contacts for Enforcement workload/Commission and foreign requests; foreign and domestic contacts for policy requests; Foreign officials trained in SEC Headquarters; Chairmen, CEOs, and Presidents of foreign regulators and stock exchanges; SEC staff traveling overseas; and information on vendors providing support for SEC's technical assistance program and individuals entitled to USAID reimbursements.
CATEGORIES OF RECORDS IN THE SYSTEM:
Contact information of individuals related to Enforcement cases and policy requests. Contact information of international institute foreign officials trained in SEC Headquarters; Contact information for Chairmen, CEOs, and Presidents of foreign regulators and stock exchanges; SEC staff traveling overseas; and information on vendors providing support for SEC's technical assistance program and individuals entitled to USAID reimbursements. Correspondence relevant to the matter, internal staff memoranda, Commission Minutes and Commission Orders, working papers of the staff and other documents and records relating to the matter, opening reports, progress reports and closing reports, miscellaneous records relating to cross-border investigations or litigation and other international enforcement and regulatory matters.
RECORD SOURCE CATEGORIES:
Information contained in this system is obtained from enforcement requests related to an SEC investigation; international institute training programs; foreign regulators and stock exchanges; SEC travel records; and USAID reimbursable programs.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or Start Printed Page 85477regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.
22. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
23. To any governmental agency, governmental or private collection agent, consumer reporting agency or commercial reporting agency, governmental or private employer of a debtor, or any other person, for collection, including collection by administrative offset, Federal salary offset, tax refund offset, or administrative wage garnishment, of amounts owed as a result of Commission civil or administrative proceedings.
24. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.Start Printed Page 85478
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Data are retrievable by the individual's name or other identifier, such as case number, name, as well as non-identifying information.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 74 FR 36281 (July 22, 2009).
SYSTEM NAME AND NUMBER:
SEC-60:
Ethics Conduct Rules Files.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
The Ethics Counsel and the Designated Agency Ethics Official, Office of the General Counsel, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-1050.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
The Federal securities laws (15 U.S.C. 77s, 78w, 77sss, 80a-37 and 80b-11) and the regulations promulgated thereunder, including the Ethics Conduct Rules currently located at 17 CFR part 200 Subpart M.
PURPOSE(S) OF THE SYSTEM:
For use by authorized SEC Ethics Office personnel, designated by the Ethics Counsel, and from time to time certain other SEC personnel, designated by the Ethics Counsel in his or her discretion, in connection with their official functions related to administering and supervising compliance with the Commission's Ethics Conduct Rules.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
SEC Members and employees, past and present.
CATEGORIES OF RECORDS IN THE SYSTEM:
Information relating to the SEC's “Regulation Concerning Conduct of Members and Employees and Former Members and Employees of the Commission” (“Ethics Conduct Rules”), currently located at 17 CFR part 200 Subpart M, including outside employment and activities, and covered securities transactions, securities holdings and securities accounts.
RECORD SOURCE CATEGORIES:
Information is provided by current Members and employees of the Commission or their designees in accordance with the requirements of the SEC Ethics Conduct Rules.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records, (2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To a Federal, State, or local law enforcement agency if the disclosing agency becomes aware of a violation or potential violation of law or regulation.
3. To a court or party in a court or Federal administrative proceeding if the Government is a party or in order to comply with a judge-issued subpoena.
4. To a source when necessary to obtain information relevant to a conflict of interest or securities law investigation or decision.
5. To the National Archives and Records Administration or the General Services Administration in records management inspections.
6. To the Office of Management and Budget during legislative coordination on private relief legislation.
7. To the Department of Justice or in certain legal proceedings when the disclosing agency, and employee of the disclosing agency, or the United States is a party to litigation or has an interest in the litigation and the use of such records is deemed relevant and necessary to the litigation.
8. To reviewing officials in a new office, department or agency when an employee transfers from one position to another subject to the Ethics Conduct Rules.
9. To a Member of Congress or a congressional office in response to an inquiry made on behalf of an individual who is the subject of the record.Start Printed Page 85479
10. To interns, grantees, experts and contractors who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a; and
11. As a data source for management information for production of summary descriptive statistics and analytical studies in support of the function for which the records are collected and maintained; may also be utilized to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
12. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by the individual's name or other personal identifiers, as well as non-identifying information. Information regarding individuals may be obtained through the use of cross-reference methodology.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained for six years or otherwise in accordance with records schedules of the Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 74 FR 46254 (September 8, 2009).
SYSTEM NAME AND NUMBER:
SEC-62:
Office of Municipal Advisor Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission (“Commission” or “SEC”) 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Assistant Director, Division of Trading and Markets, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-7561.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Dodd-Frank Wall Street Reform and Consumer Protection Act, Section 975(a), Pub. L. 111-203 (2010); 15 U.S.C. 78a et seq.; 80b-1 et. seq.; and 17 CFR 202.1 through 202.10.
PURPOSE(S) OF THE SYSTEM:
The records are used by SEC staff to track, process, respond to, and maintain documentation of correspondence, inquiries/requests/comments, communications, and related information from or regarding members of the public, including industry representatives, counsel, and others, relating to Municipal Advisors; to document Commission or SEC staff responses on a formal or informal basis.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Persons applying for registration or exemption from registration as a Municipal Advisor, persons currently or formerly registered with the Commission as a Municipal Advisor, and their partners, officers, directors, associated persons, control persons, control affiliates, employees, owners, principal shareholders, other related persons, and their representatives or counsel; and representatives of regulated entities and their counsel, members of the public, representatives of other governmental agencies or Congress, and others who submit correspondence, inquiries, information, comments, or other forms of communication to the Commission or SEC staff relating to Municipal Advisors.
CATEGORIES OF RECORDS IN THE SYSTEM:
Both electronic and paper records in this system may include information concerning an individual's activities and transactions as or pertaining to, or relationships with, a Municipal Advisor; the name of the correspondent or inquirer/requester/commenter/communicant or their representative; the name of the entity; the subject of the correspondence, inquiry/request/comment or communication; the date of the correspondence, inquiry/request/comment or communication; and the Commission or SEC staff response provided, or other disposition, on a Start Printed Page 85480formal or informal basis. Paper records may include, but are not limited to, letters, facsimiles, imaged documents, other written forms of communication, and related documentation.
RECORD SOURCE CATEGORIES:
Information collected is received from individuals primarily through correspondence or other written or verbal forms of communication, including without limitation telephone calls, emails and other forms of electronic communication, letters, or facsimiles to the Commission and SEC staff.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or Start Printed Page 85481conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.
22. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
23. To any governmental agency, governmental or private collection agent, consumer reporting agency or commercial reporting agency, governmental or private employer of a debtor, or any other person, for collection, including collection by administrative offset, Federal salary offset, tax refund offset, or administrative wage garnishment, of amounts owed as a result of Commission civil or administrative proceedings.
24. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by any of the following: Name, receipt date, entity name, registration number, telephone/cellular/facsimile number, email or internet address, subject matter, or other indexed information.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 75 FR 51854 (August 23, 2010).
SYSTEM NAME AND NUMBER:
SEC-63:
Tips, Complaints, and Referrals (TCR) Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549. Files may also be maintained in the Commission's Regional Offices that conducted an investigation or litigation.
SYSTEM MANAGER(S):
Deputy Director, Division of Risk, Strategy, and Financial Innovation, U.S. Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 77a et seq., 78a et seq., 80a-1 et seq., 80b-1 et seq., and 5 U.S.C. 302.
PURPOSE(S) OF THE SYSTEM:
For use by authorized SEC personnel in receiving, recording, assigning, tracking, and taking action on tips, complaints, and referrals received from individuals and entities related to actual or potential violations of the Federal securities laws; investor harm; or conduct of public companies, securities professionals, regulated entities and associated persons.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
(1) Individuals that submit tips, complaints, or related information about actual or potential violations of the Federal securities laws; investor harm; conduct of public companies, securities professionals, regulated entities, and associated persons; and internal and external referrals of misconduct; (2) Individuals that are the subjects of a tip or complaint related to an actual or potential securities law violation; (3) Attorneys or other related individuals; and (4) SEC personnel or contractors Start Printed Page 85482assigned to handle such tips, complaints, and referrals.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records may include individual names, dates of birth, social security numbers, addresses, telephone numbers, tip, complaint, and referral information including allegation descriptions, dates, and supporting details; supporting documentation; web forms; emails; criminal history; working papers of the staff; and other documents and records relating to the matter.
RECORD SOURCE CATEGORIES:
Information in these records may be supplied by investors and the general public, Commission-regulated entities including broker-dealers, investment advisers, self-regulatory organizations, other government agencies, and foreign regulators.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 Start Printed Page 85483through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.
22. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
23. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by an individual's or entity's name, receipt date, subject matter, keywords that may include personal information, and/or other personal identifier. The system will also enable authorized SEC personnel to search for and retrieve records using conventional methods including but not limited to the use of unique record identifiers, keyword searches, geographic data (e.g. ZIP code), date and time searches, and sorts and filters.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Under 5 U.S.C. 552a(k)(2), this system of records is exempted from the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, and 200.306, insofar as it contains investigatory materials compiled for law enforcement purposes. This exemption is contained in 17 CFR 200.312(a)(1).
HISTORY:
This SORN was last published in full in the Federal Register at 76 FR 30213 (May 24, 2011). Subsequent notices of revision can be found at the following citations:
—76 FR 57636 (September 16, 2011)
SYSTEM NAME AND NUMBER:
SEC-64:
SEC Security in the Workplace Incident Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Chief, SEC Security Branch, 100 F Street NE, Washington, DC 20549-2465.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 7902(d) and (e).
PURPOSE(S) OF THE SYSTEM:
The records are used by SEC personnel to take action on, or to respond to a complaint about a threat, harassment, intimidation, violence, or other inappropriate behavior involving one or more SEC employees, contractors, interns, or other individuals against an SEC employee; and to make assessments of violent or potentially violent situations and then make recommendations regarding interventions for those persons involved with the situations.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Past and present employees, interns, and volunteers of the Securities and Exchange Commission (employees), contractors, visitors, and others who have access to SEC facilities who report Start Printed Page 85484potential or actual workplace violence; persons accused of threatening to commit, or committing workplace violence, and persons interviewed or investigated in connection with reports or allegations of potential or actual workplace violence.
CATEGORIES OF RECORDS IN THE SYSTEM:
These records include, but are not limited to: Case number, victim's name, office telephone number, room number, office/division, duty station, position, supervisor, supervisor's telephone number, location of incident, activity at time of incident, circumstances surrounding the incident, perpetrator, name(s) and telephone number(s) of witness(es), injured party(s), medical treatment(s), medical report, property damages, report(s) to police, and related information needed to investigate violence, threats, harassment, intimidation, or other inappropriate behavior causing SEC employees, contractors, or other individuals to fear for their personal safety in the SEC workplace.
RECORD SOURCE CATEGORIES:
Records source is from individuals who report potential or actual workplace security incidents, and reports made on individuals interviewed or investigated in connection with allegations of potential or actual workplace security incidents.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. When a person or property is harmed, or when threats of harm to a person or property are reported, disclosure will be made, as appropriate, to law enforcement authorities, medical treatment authorities, and those persons being threatened or harmed.
3. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign securities authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
4. To a bar association, a state accountancy board, the Public Company Accounting Oversight Board, or any similar Federal, state, or local licensing authority for possible disciplinary action.
5. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
6. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
7. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
8. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
9. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
10. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
11. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
12. To a Congressional office in response to an inquiry from that Congressional office made at the request of the individual to whom the record pertains.
13. To respond to subpoenas in any litigation or other proceeding.
14. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
15. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach; or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are retrieved by name or case designation (those who reported a violent or potentially violent event and those who were reported), event date, and event locationStart Printed Page 85485
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Under 5 U.S.C. 552a(k)(2), this system of records is exempted from the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, and 200.306, insofar as it contains investigatory materials compiled for law enforcement purposes. This exemption is contained in 17 CFR 200.312(a)(1).
HISTORY:
This SORN was last published in full in the Federal Register at 76 FR 30213 (May 24, 2011). Subsequent notices of revision can be found at the following citations:
—76 FR 57636 (September 17, 2011)
SYSTEM NAME AND NUMBER:
SEC-65:
Correspondence Response Systems.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549. Also, records covered by Subsystem A are received by and maintained in the Commission's Regional Offices, whose addresses are listed below under System Manager(s) and Address.
SYSTEM MANAGER(S):
Subsystem A: Chief Counsel, Office of Investor Education and Advocacy, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549; New York Regional Office, Regional Director, 3 World Financial Center, Suite 400, New York, NY 10281-1022; Boston Regional Office, Regional Director, 33 Arch Street, 23rd Floor, Boston, MA 02110-1424; Philadelphia Regional Office, Regional Director, The Mellon Independence Center, 701 Market Street, Suite 2000, Philadelphia, PA 19106-1532; Miami Regional Office, Regional Director, 801 Brickell Avenue, Suite 1800, Miami, FL 33131-4901, Atlanta Regional Office, Regional Director, 3475 Lenox Road, NE, Suite 1000, Atlanta, GA 30326-1232; Chicago Regional Office, Regional Director, 175 West Jackson Boulevard, Suite 900, Chicago, IL 60604-2908; Denver Regional Office, Regional Director, 1801 California Street, Suite 1500, Denver, CO 80202-2656; Fort Worth Regional Office, Regional Director, Burnett Plaza, Suite 1900, 801 Cherry Street, Unit #18, Fort Worth, TX 76102-6882; Salt Lake Regional Office, Regional Director, 15 West South Temple Street, Suite 1800, Salt Lake City, UT 84101-1573; Los Angeles Regional Office, Regional Director, 5670 Wilshire Boulevard, 11th Floor, Los Angeles, CA 90036-3648; San Francisco Regional Office, Regional Director, 44 Montgomery Street, Suite 2600, San Francisco, CA 94104-4716.
Subsystem B: Office of the Chairman, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
15 U.S.C. 77s, 77sss, 78d, 78d-1, 78d-2, 78w, 78 ll (d), 79t, 80a-37, and 80b-11.
PURPOSE OF THE SYSTEM:
The records will be used by the staff to track and process complaints/inquiries/requests from members of the public and others.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Subsystem A:
Records are maintained in the Investor Response Information System (IRIS) on members of the public and others who submit questions or complaints to the Commission generally, or to Divisions and Offices of the Commission, or who contact the Office of Investor Education and Advocacy or the Commission's Regional Offices.
Subsystem B:
Records are maintained in the Chairman's Correspondence System (CCS) on members of the public, members of Congress or their staff, and others who address their inquiries or complaints to the Commission's Chairman's Office or to the Office of Legislative and Intergovernmental Affairs.
CATEGORIES OF RECORDS IN THE SYSTEM:
Both electronic and paper records in this system/subsystems may contain the name of the complainant/inquirer/requester or their representative, the name of the entity and/or subject of the complaint/inquiry/request, the date relating to the receipt and disposition of the complaint/inquiry/request, Personally Identifiable Information (PII) and other sensitive information such as investment account information, and, where applicable, the type of complaint/inquiry/request and other information derived from or relating to the complaint/inquiry/request. Paper records may include, but are not limited to, letters of complaint/inquiry/request, responses, and related documentation.
RECORD SOURCE CATEGORIES:
Information collected in all subsystems is received from individuals primarily through web forms, email, Start Printed Page 85486letters, telephone calls, or personal visits to the Commission's offices.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (a) it is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised; (b) the SEC has determined that, as a result of the suspected or confirmed compromise, there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the SEC or another agency or entity) that rely upon the compromised information; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. To national securities exchanges and national securities associations that are registered with the SEC, the Municipal Securities Rulemaking Board; the Securities Investor Protection Corporation; the Public Company Accounting Oversight Board; the Federal banking authorities, including, but not limited to, the Board of Governors of the Federal Reserve System, the Comptroller of the Currency, and the Federal Deposit Insurance Corporation; state securities regulatory agencies or organizations; or regulatory authorities of a foreign government in connection with their regulatory or enforcement responsibilities.
4. By SEC personnel for purposes of investigating possible violations of, or to conduct investigations authorized by, the Federal securities laws.
5. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
6. In connection with proceedings by the Commission pursuant to Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
7. To a bar association, state accountancy board, or other Federal, state, local, or foreign licensing or oversight authority; or professional association or self-regulatory authority to the extent that it performs similar functions (including the Public Company Accounting Oversight Board) for investigations or possible disciplinary action.
8. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
9. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
10. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
11. To any trustee, receiver, master, special counsel, or other individual or entity that is appointed by a court of competent jurisdiction, or as a result of an agreement between the parties in connection with litigation or administrative proceedings involving allegations of violations of the Federal securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 201.100 through 900 or the Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where such trustee, receiver, master, special counsel, or other individual or entity is specifically designated to perform particular functions with respect to, or as a result of, the pending action or proceeding or in connection with the administration and enforcement by the Commission of the Federal securities laws or the Commission's Rules of Practice or the Rules of Fair Fund and Disgorgement Plans.
12. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
13. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
14. In reports published by the Commission pursuant to authority granted in the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), which authority shall include, but not be limited to, section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a)).
15. To members of advisory committees that are created by the Commission or by Congress to render advice and recommendations to the Commission or to Congress, to be used solely in connection with their official designated functions.
16. To any person who is or has agreed to be subject to the Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and who assists in the investigation by the Commission of possible violations of the Federal securities laws (as such term is defined in section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of enforcement actions brought by the Commission for such violations, or otherwise in connection with the Commission's enforcement or regulatory functions under the Federal securities laws.
17. To a Congressional office from the record of an individual in response to Start Printed Page 85487an inquiry from the Congressional office made at the request of that individual.
18. To members of Congress, the press, and the public in response to inquiries relating to particular Registrants and their activities, and other matters under the Commission's jurisdiction.
19. To prepare and publish information relating to violations of the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as amended.
20. To respond to subpoenas in any litigation or other proceeding.
21. To a trustee in bankruptcy.
22. To members of Congress, the General Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
23. To respond to inquiries from individuals who have submitted complaints/inquiries/request, or from their representatives.
24. To entities against which complaints/inquiries/requests are directed when Commission staff requests them to research the issues raised and report back to the staff.
POLICIES AND PRACTICES STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases and/or on computer disc. Paper records and records on computer disc are stored in file rooms and/or file cabinets, as well as off-site locations including the Federal Records Center, pursuant to applicable record retention guidelines.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
The files (both paper and electronic) in Subsystems A and B are retrievable by the name, receipt date, name of the registered representative or associated person named in the complaint/inquiry/request, or the name of the entity/issuer that is the subject of the complaint/inquiry/request.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Records are safeguarded in a secured environment. Buildings where records are stored have security cameras and 24 hour security guard service. The records are kept in limited access areas during duty hours and in file cabinets and/or offices or file rooms at all other times. Computerized records are safeguarded through use of access codes and information technology security. Contractors and other recipients providing services to the Commission are contractually obligated to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Under 5 U.S.C. 552a(k)(2), this system of records is exempted from the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), (I), and (f) and 17 CFR 200.303, 200.304, and 200.306, insofar as it contains investigatory materials compiled for law enforcement purposes. This exemption is contained in 17 CFR 200.312(a)(1).
HISTORY:
This SORN was last published in full in the Federal Register at 76 FR 30213 (May 24, 2011). Subsequent notices of revision can be found at the following citations:
—76 FR 57636 (September 18, 2011)
SYSTEM NAME AND NUMBER:
SEC-66:
Backup Care Employee and Family Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Bright Horizons Family Solutions, 200 Talcott Avenue, Watertown, MA 02472. Records may also be maintained at subcontracted childcare center locations. Electronic Reports of SEC Employees' registrations and uses are maintained at the Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549.
SYSTEM MANAGER(S):
Associate Executive Director, Office of Human Resources, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-3901.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
PURPOSE(S) OF THE SYSTEM:
The records are used to determine an employee's eligibility to request backup care benefits for family members.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Current SEC employees who voluntarily sign up for backup care benefits and their family members for whom care is needed.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records may contain employee name, email address, home address, home and cell telephone numbers, and date of birth; family member's name, address, date of birth, physician medical form, and medical identification number; photos of child, and individuals authorized to pick up child; and provider's name.
RECORD SOURCE CATEGORIES:
All information is provided by SEC employees registering for the services.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower Start Printed Page 85488studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
3. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
4. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
5. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
6. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
7. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach; or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic format. Electronic records are stored in computerized databases, magnetic disc, tape and/or on digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are retrieved by the individual's name.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 77 FR 65913 (October 31, 2012). Subsequent notices of revision can be found at the following citations:
—78 FR 41962 (July 12, 2013)
SYSTEM NAME AND NUMBER:
SEC-67:
General Information Technology Records.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Securities and Exchange Commission, Headquarters, 100 F Street NE, Washington, DC 20549 and the SEC's Regional Offices.
SYSTEM MANAGER(S):
Chief Information Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 302, Delegation of Authority; 44 U.S.C. 3534; Federal Information Security Act (Pub. L. 104-106, section 5113); Electronic Government Act (Pub. L. 104-347, section 203); and E.O. 9397 (SSN), as amended by E.O. 13487.
PURPOSE(S) OF THE SYSTEM:
The purpose of this system is to (1) provide authentication and authorization to individuals with access to SEC-controlled information and information system networks; (2) collect, review, and maintain any logs, audit trails, or other such security data regarding the use of SEC information or information systems; and (3) to enable the Commission to detect, report, and take appropriate action against improper or unauthorized access to SEC-controlled information and information systems networks. The records will also enable the SEC to provide individuals access to certain programs and meeting attendance and, where appropriate, allow for sharing of information between individuals in the same operational program to facilitate collaboration. SEC management personnel may use statistical data, with all personal identifiers removed or masked, for system efficiency, workload calculation, or reporting purposes.Start Printed Page 85489
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Records are maintained on all individuals who are authorized to access SEC information or information systems; including: employees, contractors, students, interns, volunteers, affiliates, others working on behalf of the SEC, and individuals formerly in any of these positions. Records may also include individuals who voluntarily join an SEC-owned and operated web portal for collaboration purposes; individuals who request access but are denied, and/or who have had access revoked.
CATEGORIES OF RECORDS IN THE SYSTEM:
The system of records may include: Users' names; social security numbers; business telephone numbers; cellular phone numbers; pager numbers; levels of access; physical and email addresses; titles; departments; division; contractor/employee status; computer logon addresses; password hashes; user identification codes; dates and times of access; IP addresses; logs of internet activity; types of access/permissions required; failed access data; archived transaction data; historical data; and justifications for access to SEC computers, networks, or systems. For individuals who telecommute from home or a telework center, the records may contain the internet Protocol (IP) address and telephone number at that location. For contractors, the system may contain the company name, contract number, and contract expiration date. The system may also contain details regarding: Programs; databases; functions; and sites accessed and/or used, dates and times of use, information products created, received, or altered during use, and access or functionality problems reported for technical support and resolution.
RECORD SOURCE CATEGORIES:
Information is supplied by the record subject, their supervisors, and the personnel security staff. Logs and details about access times and functions used are provided by the system.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
1. To appropriate agencies, entities, and persons when (1) the SEC suspects or has confirmed that there has been a breach of the system of records,·(2) the SEC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the SEC (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
2. To other Federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.
3. In any proceeding where the Federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.
4. To a Federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.
5. To a Federal, state, local, tribal, foreign, or international agency in response to its request for information concerning the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
6. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.
7. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.
8. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
9. To respond to subpoenas in any litigation or other proceeding.
10. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.
11. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.
12. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.
13. To another Federal agency or Federal entity, when the SEC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach; or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained in electronic and paper format. Electronic records are stored in computerized databases, magnetic disc, tape and/or digital media. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Information may be retrieved, sorted, and/or searched by an identification number assigned by the computer, the last two digits of a social security number, email address, or by the name of the individual, or other employee Start Printed Page 85490data fields previously identified in this SORN.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with the SEC's records retention schedule, as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or information systems is limited to authorized personnel with official duties requiring access. SEC facilities are equipped with security cameras and 24-hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Computerized records are safeguarded in a secured environment. Security protocols meet the promulgating guidance as established by the National Institute of Standards and Technology 4 (NIST) Security Standards from Access Control to Data Encryption and Security Assessment & Authorization (SA&A).
Records are maintained in a secure, password-protected electronic system that will utilize commensurate safeguards that may include: Firewalls, intrusion detection and prevention systems, and role-based access controls. Additional safeguards will vary by program. All records are protected from unauthorized access through appropriate administrative, operational, and technical safeguards. These safeguards include: Restricting access to authorized personnel who have a “need to know”; using locks; and password protection identification features. Contractors and other recipients providing services to the Commission shall be required to maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
CONTESTING RECORD PROCEDURES:
See Record access procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-2465.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This SORN was last published in full in the Federal Register at 79 FR 30661 (May 28, 2014).
Start SignatureBy the Commission.
Dated: December 21, 2020.
Vanessa A. Countryman,
Secretary.
Footnotes
1. See OMB Circular A-108, “Federal Agency Responsibilities for Review, Reporting, and Publication under the Privacy Act,” December 23, 2016 (81 FR 94424).
Back to Citation2. 81 FR 94424 (December 23, 2016).
Back to Citation[FR Doc. 2020-28601 Filed 12-23-20; 8:45 am]
BILLING CODE 8011-01-P
Document Information
- Effective Date:
- 1/27/2021
- Published:
- 12/28/2020
- Department:
- Securities and Exchange Commission
- Entry Type:
- Notice
- Action:
- Notice of revised system of records.
- Document Number:
- 2020-28601
- Dates:
- The changes will become effective January 27, 2021 to permit public comment on the new and revised routine uses. The Commission will publish a new notice if the effective date is delayed to review comments or if changes are made based on comments received. To assure consideration, comments should be received on or before January 27, 2021.
- Pages:
- 85440-85490 (51 pages)
- Docket Numbers:
- Release No. PA-55, File No. S7-20-20
- PDF File:
- 2020-28601.pdf