AGENCY:

Federal Deposit Insurance Corporation (FDIC).

ACTION:

Notice of a modified system of records.

SUMMARY:

Pursuant to the provisions of the Privacy Act of 1974, as amended, the FDIC proposes to modify a current FDIC system of records notice titled FDIC–010, Investigative Files of the Office of Inspector General (OIG), by updating the categories of records in the system to include video and audio recordings; updating the categories of records in the system to include violations or potential violations of administrative or civil law within the FDIC OIG's jurisdiction; updating the system location to include secure sites and secure servers maintained by third-party service providers; and adding new routine uses to authorize sharing of information with complainants, witnesses, and subjects, and to the public and news media, in certain limited circumstances. Additionally, this notice includes non-substantive changes to simplify the formatting and text of the previously published notice. We hereby publish this notice for comment on the proposed actions.

DATES:

This action will become effective on April 28, 2023. The routine uses in this action will become effective on May 30, 2023, unless the FDIC makes changes based on comments received. Written comments should be submitted on or before May 30, 2023.

ADDRESSES:

Interested parties are invited to submit written comments identified by Privacy Act Systems of Records (FDIC–010) by any of the following methods:

• Agency Website: https://www.fdic.gov/​resources/​regulations/​federal-register-publications/​. Follow the instructions for submitting comments on the FDIC website.

• Email: comments@fdic.gov. Include “Comments-SORN (FDIC–010)” in the subject line of communication.

• Mail: James P. Sheesley, Assistant Executive Secretary, Attention: Comments: SORN (FDIC–010), Legal Division, Office of the Executive Secretary, Federal Deposit Insurance Corporation, 550 17th Street NW, Washington, DC 20429.

• Hand Delivery: Comments may be hand-delivered to the guard station at the rear of the 17th Street NW building (located on F Street NW), on business days between 7:00 a.m. and 5:00 p.m.

Public Inspection: Comments received, including any personal information provided, may be posted without change to https://www.fdic.gov/​resources/​regulations/​federal-register-publications/​. Commenters should submit only information that the commenter wishes to make available publicly. The FDIC may review, redact, or refrain from posting all or any portion of any comment that it may deem to be inappropriate for publication, such as irrelevant or obscene material. The FDIC may post only a single representative example of identical or substantially identical comments, and in such cases will generally identify the number of identical or substantially identical comments represented by the posted example. All comments that have been redacted, as well as those that have not been posted, that contain comments on the merits of this document will be retained in the public comment file and will be considered as required under all applicable laws. All comments may be accessible under the Freedom of Information Act (FOIA).

FOR FURTHER INFORMATION CONTACT:

Shannon Dahn, Chief, Privacy Program, 703–516–5500, privacy@fdic.gov;

SUPPLEMENTARY INFORMATION:

The Privacy Act, 5 U.S.C. 552a, at subsection (b)(3), requires each agency to publish, for public notice and comment, significant changes that the agency intends to make to a Privacy Act system of records. The “Investigative Files of the Office of Inspector General, FDIC–010” system of records is maintained for the purpose of documenting, tracking, reviewing and reporting on all phases of the FDIC Office of Inspector General's investigative and investigative-related litigation activities, and serves as a repository and source for information necessary to fulfill statutory reporting, access and disclosure requirements, Start Printed Page 26302 including those pertaining to the Inspector General (IG) Act.

The FDIC proposes to update the categories of records in the system to include video and audio recordings, which will facilitate the FDIC OIG's compliance with Executive Order (E.O.) 14074, Advancing Effective, Accountable Policing and Criminal Justice Practices to Enhance Public Trust and Public Safety, issued May 25, 2022. Video and audio recordings of individuals may be captured by FDIC OIG criminal investigators wearing body cameras during the execution of search and arrest warrants, including during interviews with individuals that take place during investigative operations. The recordings will be used for gathering and preserving evidence in accord with E.O. 14074.

The FDIC also proposes to update the categories of records in the system to include violations or potential violations of administrative or civil law within the FDIC OIG's jurisdiction. This modification is to clarify that the system of records may include information about individuals that may be obtained in the course of the FDIC OIG investigating administrative and civil cases.

Additionally, the FDIC proposes updating the system location of the system to include secure sites and secure servers maintained by third-party service providers. This modification is being made in conjunction with the implementation of a solution to support FDIC OIG's compliance with E.O. 14074, as well as to support other solutions or processes that may require the support of third-party service providers.

The FDIC also proposes to update a routine use (7) indicating that the FDIC OIG may share information during the course of an investigation with subjects and/or respondents of an investigation, their representatives, or other persons or entities to the extent necessary to provide such persons with information and explanations concerning the results of an investigation or other inquiry arising from matters about which they were a subject and/or respondent.

Additionally, the FDIC proposes to add two new routine uses (8 and 9) indicating that information may be shared with complainants, witnesses, and subjects to the extent necessary to provide such persons with information and explanations concerning the results of the investigation or other inquiry arising from the matters about which they complained and/or with respect to which they were a victim or witness; and (9) indicating that information may be shared with an individual who has been interviewed or contacted pursuant to an investigation or other inquiry, to the extent that the FDIC OIG may provide copies of that individual's statements, testimony, or records produced by such individual.

Finally, the FDIC proposes to add two new routine uses (27 and 28) indicating that information about individuals may be shared with the news media and/or the public when such information has been disclosed publicly in court proceedings, and in rare instances when the community needs to be reassured that the appropriate law enforcement agency is investigating a matter, or where release of information is necessary to protect the public safety.

This notice includes non-substantive changes to simplify the formatting and text of the previously published notice. This modified system will be included in the FDIC's inventory of record systems.

SYSTEM NAME AND NUMBER:

Investigative Files of the Office of Inspector General, FDIC–010.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

FDIC Office of Inspector General (OIG), 3501 Fairfax Drive, Arlington, VA 22226. In addition, records are maintained in FDIC OIG field offices. FDIC OIG field office locations can be obtained by contacting the Assistant Inspector General for Investigations at said address. Original and duplicate systems may exist, in whole or in part, at secure sites and on secure servers maintained by third-party service providers for the FDIC OIG.

SYSTEM MANAGER(S):

Assistant Inspector General for Investigations, FDIC Office of Inspector General, 3501 Fairfax Drive, Arlington, VA 22226.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Section 9 of the Federal Deposit Insurance Act (12 U.S.C. 1819); the Inspector General Act of 1978, as amended (5 U.S.C. appendix).

PURPOSE(S) OF THE SYSTEM:

Pursuant to the Inspector General Act, the system is maintained for the purpose of documenting, tracking, reviewing and reporting on all phases of the FDIC Office of Inspector General's investigative and investigative-related litigation activities and serves as a repository and source for information necessary to fulfill statutory reporting, access and disclosure requirements, including those pertaining to the Inspector General Act.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Current and former FDIC employees and individuals involved in or associated with FDIC programs and operations, including contractors, subcontractors, vendors and other individuals, including members of the public, associated with investigative inquiries and investigative cases, including, but not limited to, witnesses, complainants, subjects and those contacting the FDIC OIG Hotline.

CATEGORIES OF RECORDS IN THE SYSTEM:

Investigative files, including memoranda, computer-generated background information, correspondence, including payroll records, call records, email records, electronic case management, forensic, and tracking files, FDIC OIG Hotline- related records, reports of investigations with related exhibits, statements, affidavits, records or other pertinent documents, reports from or to other law enforcement organizations, pertaining to violations or potential violations of criminal, civil, or administrative laws, fraud, waste, and abuse with respect to administration of FDIC programs and operations, and violations of employee and contractor Standards of Conduct as set forth in section 12(f) of the Federal Deposit Insurance Act (12 U.S.C. 1822(f)), 12 CFR parts 336, 366, and 5 CFR parts 2634, 2635, and 3201. Records in this system may contain personally identifiable information such as names, social security numbers, dates of birth and addresses. This system may also contain such information as employment history, bank account numbers and information, driver's licenses, educational records, criminal history, photographs, video and audio recordings, and other information of a personal nature provided or obtained in connection with an investigation.

RECORD SOURCE CATEGORIES:

Official records of the FDIC; current and former employees of the FDIC, other government employees, private individuals, vendors, contractors, subcontractors, witnesses and informants. Records in this system may have originated in other FDIC systems of records and subsequently been transferred to this system.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be Start Printed Page 26303 disclosed outside the FDIC as a routine use as follows:

(1) To the appropriate Federal, State, local, foreign or international agency or authority which has responsibility for investigating or prosecuting a violation of or for enforcing or implementing a statute, rule, regulation, or order to assist such agency or authority in fulfilling these responsibilities when the record, either by itself or in combination with other information, indicates a violation or potential violation of law, or contract, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto;

(2) To a court, magistrate, alternative dispute resolution mediator or administrative tribunal (collectively referred to as the adjudicative bodies) in the course of presenting evidence, including disclosures to counsel or witnesses in the course of civil discovery, litigation, or settlement negotiations or in connection with criminal proceedings (collectively, the litigated proceedings) when the FDIC or FDIC OIG is a party to the proceeding or has a significant interest in the proceeding and the information is determined to be relevant and necessary in order for the adjudicatory bodies, or any of them, to perform their official functions in connection with the presentation of evidence relative to the litigated proceedings;

(3) To the FDIC's or another Federal agency's legal representative, including the U.S. Department of Justice or other retained counsel, when the FDIC, FDIC OIG or any employee thereof is a party to litigation or administrative proceeding or has a significant interest in the litigation or proceeding to assist those representatives by providing them with information or evidence for use in connection with such litigation or proceedings;

(4) To appropriate agencies, entities, and persons when (a) the FDIC suspects or has confirmed that there has been a breach of the system of records; (b) the FDIC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the FDIC (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the FDIC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm;

(5) To another Federal agency or Federal entity, when the FDIC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach;

(6) To a grand jury agent pursuant either to a Federal or State grand jury subpoena or to a prosecution request that such record be released for the purpose of its introduction to a grand jury;

(7) To the subjects and/or respondents of an investigation and their representatives during the course of an investigation and to any other person or entity that has or may have information relevant or pertinent to the investigation to the extent necessary to assist in the conduct of the investigation, or to the extent necessary to provide such persons with information and explanations concerning the results of an investigation or other inquiry arising from matters about which they were a subject and/or respondent;

(8) To complainants, victims, and/or witnesses to the extent necessary to provide such persons with information and explanations concerning the results of the investigation or other inquiry arising from the matters about which they complained and/or with respect to which they were a victim or witness;

(9) To an individual who has been interviewed or contacted pursuant to an investigation or other inquiry, to the extent that the FDIC OIG may provide copies of that individual's statements, testimony, or records produced by such individual;

(10) To third-party sources during the course of an investigation only such information as determined to be necessary and pertinent to the investigation in order to obtain information or assistance relating to an audit, trial, hearing, or any other authorized activity of the FDIC OIG;

(11) To a congressional office in response to a written inquiry made by the congressional office at the request of the individual to whom the records pertain;

(12) To a Federal, State, or local agency maintaining civil, criminal, or other relevant enforcement information or other pertinent information, such as current licenses, if necessary for the FDIC to obtain information concerning the hiring or retention of an employee, a security clearance determination or adjudication, the letting of a contract, or the issuance of a license, grant, or other benefit;

(13) To a Federal agency responsible for considering suspension or debarment action where such record is determined to be necessary and relevant to that agency's consideration of such action;

(14) To a consultant, person or entity who contracts or subcontracts with the FDIC or FDIC OIG, to the extent necessary for the performance of the contract or subcontract. The recipient of the records shall be required to comply with the requirements of the Privacy Act of 1974, as amended (5 U.S.C. 552a);

(15) To contractors, grantees, volunteers, and others performing or working on a contract, service, grant, cooperative agreement, or project for the FDIC OIG, the FDIC or the Federal Government in order to assist those entities or individuals in carrying out their obligation under the related contract, grant, agreement or project;

(16) To the U.S. Office of Personnel Management, Government Accountability Office, Office of Government Ethics, Merit Systems Protection Board, Office of Special Counsel, Equal Employment Opportunity Commission, Department of Justice, Office of Management and Budget or the Federal Labor Relations Authority of records or portions thereof determined to be relevant and necessary to carrying out their authorized functions, including but not limited to a request made in connection with hiring or retaining an employee, rendering advice requested by FDIC OIG, making a security clearance determination or adjudication, reporting an investigation of an employee, reporting an investigation of prohibited personnel practices, letting a contract or issuing a grant, license, or other benefit by the requesting agency, but only to the extent that the information disclosed is necessary and relevant to the requesting agency's decision on the matter;

(17) To appropriate Federal, State, and local authorities in connection with hiring or retaining an individual, conducting a background security or suitability investigation, adjudication of liability, or eligibility for a license, contract, grant, or other benefit;

(18) To appropriate Federal, State, and local authorities, agencies, arbitrators, and other parties responsible for processing any personnel actions or conducting administrative hearings or corrective actions or grievances or appeals, or if needed in the performance of other authorized duties;

(19) To officials of a labor organization when relevant and necessary to their duties of exclusive Start Printed Page 26304 representation concerning personnel policies, practices, and matters affecting working conditions;

(20) To a financial institution affected by enforcement activities or reported criminal activities authorities to ascertain the knowledge of or involvement in matters that have been developed during the course of the investigation;

(21) To the Internal Revenue Service and appropriate State and local taxing authorities for their use in enforcing the relevant revenue and taxation law and related official duties;

(22) To other Federal, State or foreign financial institutions, supervisory or regulatory authorities for their use in administering their official functions, to include examination, supervision, litigation, and resolution authorities with respect to financial institutions, receiverships, liquidations, conservatorships, bridge institutions, and similar functions;

(23) To appropriate Federal agencies and other public authorities for use in records management inspections;

(24) To a governmental, public or professional or self-regulatory licensing organization for use in licensing or related determinations when such record indicates, either by itself or in combination with other information, a violation or potential violation of professional standards, or reflects on the moral, educational, or professional qualifications of an individual who is licensed or who is seeking to become licensed;

(25) To the Department of the Treasury, federal debt collection centers, other appropriate federal agencies, and private collection contractors or other third parties authorized by law, for the purpose of collecting or assisting in the collection of delinquent debts owed to the FDIC or to obtain information in the course of an investigation (to the extent permitted by law). Disclosure of information contained in these records will be limited to the individual's name, Social Security number, and other information necessary to establish the identity of the individual, and the existence, validity, amount, status and history of the debt;

(26) To other Federal Offices of Inspector General or other entities for the purpose of conducting quality assessments or peer reviews of the FDIC OIG, or its investigative components, or for statistical purposes;

(27) To the news media and/or the public when such information has been publicly disclosed in court proceedings, subject to limitations imposed by law or court rule or order; and,

(28) To the news media and/or the public when the Inspector General determines that the community needs to be reassured that the appropriate law enforcement agency is investigating a matter, or where release of information is necessary to protect the public safety, and that disclosure would not constitute an unwarranted invasion of personal privacy.

Disclosure to Consumer Reporting Agencies: Pursuant to 5 U.S.C. 552a (b)(12), disclosures may be made from this system to consumer reporting agencies as defined in the Fair Credit Reporting Act (15 U.S.C. 1681a(f)) or the Federal Claims Collection Act of 1966 (31 U.S.C. 3701(a)(3)).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records are stored in electronic media and in paper format within individual file folders.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records are indexed and may be retrieved by a variety of fields, including but not limited to, name of individual, unique investigation number assigned, referral number, social security number, or investigative subject matter.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Records are maintained as follows and then dispositioned in accordance with approved records retention schedules. Records regarding “significant” investigations ( i.e., those receiving national media attention, involving a Congressional investigation, or otherwise having been deemed to have historic value) are retained permanently. For records that are investigative in nature but not related to a specific investigation, the retention period is five years. For records related to a specific investigation, except significant investigations (national media attention, Congressional investigation, or substantive changes in agency policies and procedures), the retention period is ten years after the Office of Investigations' closure of the file.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

FDIC and FDIC OIG have imposed strict controls to minimize the risk of compromising the information that is being stored. Access to the records in this system is limited to those individuals who have completed mandatory privacy and security training and have a need to know the information for the performance of their official duties. FDIC and FDIC OIG have also implemented policies and procedures to safeguard the records. This includes maintaining files in secured facilities and restricting access to records to individuals who have appropriate role based permissions.

RECORD ACCESS PROCEDURES:

Individuals wishing to request access to records about them in this system of records must submit their request in writing to the FDIC FOIA & Privacy Act Group, 550 17th Street NW, Washington, DC 20429, or email efoia@fdic.gov. Requests must include full name, address, and verification of identity in accordance with FDIC regulations at 12 CFR part 310.

CONTESTING RECORD PROCEDURES:

Individuals wishing to contest or request an amendment to their records in this system of records must submit their request in writing to the FDIC FOIA & Privacy Act Group, 550 17th Street NW, Washington, DC 20429, or email efoia@fdic.gov. Requests must specify the information being contested, the reasons for contesting it, and the proposed amendment to such information in accordance with FDIC regulations at 12 CFR part 310.

NOTIFICATION PROCEDURES:

Individuals wishing to know whether this system contains information about them must submit their request in writing to the FDIC FOIA & Privacy Act Group, 550 17th Street NW, Washington, DC 20429, or email efoia@fdic.gov. Requests must include full name, address, and verification of identity in accordance with FDIC regulations at 12 CFR part 310.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

This system of records, to the extent that it consists of information compiled for the purpose of criminal investigations, has been exempted from the requirements of subsections (c)(3) and (4); (d); (e)(1), (2) and (3); (e)(4)(G) and (H); (e)(5); (e)(8); (e)(12); (f); (g); and (h) of the Privacy Act pursuant to 5 U.S.C. 552a(j)(2). In addition, this system of records, to the extent that it consists of investigatory material compiled: (A) for other law enforcement purposes (except where an individual has been denied any right, privilege, or benefit for which he or she would otherwise be entitled to or eligible for under Federal law, so long as the disclosure of such information would not reveal the identity of a source who furnished information to the FDIC under an express promise that his or her identity would be kept confidential); or Start Printed Page 26305 (B) solely for purposes of determining suitability, eligibility, or qualifications for Federal civilian employment or Federal contracts, the release of which would reveal the identity of a source who furnished information to the FDIC on a confidential basis, has been exempted from the requirements of subsections (c)(3); (d); (e)(1); (e)(4)(G) and (H); and (f) of the Privacy Act pursuant to 5 U.S.C. 552a(k)(2) and (k)(5), respectively. Note, records in this system that originated in another system of records shall be governed by the exemptions claimed for this system as well as any additional exemptions claimed for the other system.

HISTORY:

84 FR 35184 (July 22, 2019).