2013-17345. Agency Information Collection Activities: Submission to OMB for Reinstatement, With Change, of a Previously Approved Collection; Comment Request  

  • Start Preamble

    AGENCY:

    National Credit Union Administration (NCUA).

    ACTION:

    Request for comment.

    SUMMARY:

    The NCUA intends to submit the following information collection to the Office of Management and Budget (OMB) for review and clearance under the Paperwork Reduction Act of 1995 (Pub. L. 104-13, 44 U.S.C. Chapter 35). This information collection is published to obtain comments from the public. The collection requires each Federal Credit Union (FCU) to establish reasonable policies and procedures for implementing the guidelines to identify possible risks to account holders or customers or to the safety and soundness of the institution or creditor (Red Flag Regulations). Each FCU is also required to develop an Identity Theft Prevention Program, provide staff training, and report to the board of directors, a committee thereof, or senior Start Printed Page 43240management at least annually. In addition, credit and debit card issuers are generally required to assess the validity of change of address requests.

    DATES:

    Comments will be accepted until September 17, 2013.

    ADDRESSES:

    Interested parties are invited to submit written comments to the NCUA Contact and the OMB Reviewer listed below:

    NCUA Contact: Tracy Crews, National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428, Fax No. 703-837-2861, Email: OCIOPRA@ncua.gov.

    OMB Contact: Office of Management and Budget, ATTN: Desk Officer for the National Credit Union Administration, Office of Information and Regulatory Affairs, Washington, DC 20503.

    Start Further Info

    FOR FURTHER INFORMATION CONTACT:

    Requests for additional information, a copy of the information collection request, or a copy of submitted comments should be directed to Tracy Crews at the National Credit Union Administration, 1775 Duke Street, Alexandria, VA 22314-3428, or at (703) 518-6444. E&I Contact: Program Officer Judy Graham eimail@ncua.gov, 703-518-6360.

    End Further Info End Preamble Start Supplemental Information

    SUPPLEMENTARY INFORMATION:

    I. Abstract and Request for Comments

    NCUA is reinstating and amending/the collection for 3133-0175. This collection of information is required by sections 114 and 315 of the FACT Act. The NCUA is renewing its collection and removing the burden attributable to the portion of the regulations transferred to the Bureau of Consumer Financial Protection (CFPB) pursuant to title X of the Dodd-Frank Wall Street Reform and Consumer Protection Act, Public Law 111-203, 124 Stat. 1955, July 21, 2010 (Dodd-Frank Act), and republished as CFPB regulations (76 FR 79308 (December 21, 2011)). The transferred regulations, which relate to address discrepancies, were found at 12 CFR part 717, and are now contained in 12 CFR 1022.82. The burden estimates for this portion of the collection have been revised to remove the burden attributable to NCUA-regulated credit unions with over $10 billion in total assets, now carried by CFPB pursuant to section 1025 of the Dodd-Frank Act. The NCUA retains enforcement authority under 12 CFR 1022.82 for its institutions with total assets of $10 billion or less.

    As required by section 114 of the FACT Act, appendix J to 12 CFR part 717 contains guidelines for financial institutions and creditors to use in identifying patterns, practices, and specific forms of activity that indicate the possible existence of identity theft. In addition, 12 CFR 717.90 requires each financial institution or creditor to establish reasonable policies and procedures to address the risk of identity theft that incorporate the guidelines. Pursuant to section 717.91, credit card and debit card issuers must implement reasonable policies and procedures to assess the validity of a request for a change of address under certain circumstances.

    Section 717.90 requires each NCUA regulated FCUs that offers or maintains one or more covered accounts to develop and implement a written Identity Theft Prevention Program (Program). In developing the Program, financial institutions and creditors are required to consider the guidelines in appendix J and include those that are appropriate. The initial Program must be approved by the board of directors or an appropriate committee thereof. The board, an appropriate committee thereof, or a designated employee at the level of senior management must be involved in the oversight of the Program. In addition, staff members must be trained to carry out the Program. Pursuant to section 717.91, each credit and debit card issuer is required to establish and implement policies and procedures to assess the validity of a change of address request under certain circumstances. Before issuing an additional or replacement card, the card issuer must notify the cardholder or use another means to assess the validity of the change of address.

    As required by section 315 of the FACT Act, section 1022.82 requires users of consumer reports to have reasonable policies and procedures that must be followed when a user receives a notice of address discrepancy from a credit reporting agency (CRA).

    Section 1022.82 requires each user of consumer reports to develop and implement reasonable policies and procedures designed to enable the user to form a reasonable belief that a consumer report relates to the consumer about whom it requested the report when it receives a notice of address discrepancy from a CRA. A user of consumer reports also must develop and implement reasonable policies and procedures for furnishing an address for the consumer that the user has reasonably confirmed to be accurate to the CRA from which it receives a notice of address discrepancy when the user can: (1) Form a reasonable belief that the consumer report relates to the consumer about whom the user has requested the report; (2) establish a continuing relationship with the consumer and; (3) establish that it regularly and in the ordinary course of business furnishes information to the CRA from which it received the notice of address discrepancy.

    Burden estimate: The hourly burden increased despite a decline in respondents due to an increase in the estimated processing times. NCUA estimates 4,206 respondents with assets of $10 million or less. Each FCU requires 111 hours annually for a total of 466,866 hours annually.

    NCUA estimates of the 4,206 annual respondents annually, 2 are new FCUs requiring a one-time additional 250 hours for program development. New FCUs incur an additional 500 hours annually.

    NCUA's estimated total annual burden is 467,366 hours. Based upon the 111 hours for the annual program and additional 250 hours for new FCU program development.

    The NCUA requests that you send your comments on this collection to the location listed in the addresses section. Your comments should address: (a) The necessity of the information collection for the proper performance of NCUA, including whether the information will have practical utility; (b) the accuracy of our estimate of the burden hours of the collection of information, including the validity of the methodology and assumptions used; (c) ways we could enhance the quality, utility, and clarity of the information to be collected; and (d) ways we could minimize the burden of the collection of the information on the respondents such as through the use of automated collection techniques or other forms of information technology. It is NCUA's policy to make all comments available to the public for review.

    II. Data

    Title: Identity Theft Red Flags and Address Discrepancies under the FACT Act of 2003 (FACTA), 12 CFR Part 717.

    OMB Number: 3133-0175.

    Form Number: None.

    Type of Review: Reinstatement, with change, of a previously approved collection.

    Description: The NCUA and other agencies published a rule to implement sections 114 and 315 of the FACTA by proposing guidelines for identifying patterns, practices and specific forms of activity indicative of possible identity theft. 71 FR 63718 (Nov. 9, 2007). The Agencies also issued regulations that would require financial institutions and creditors to establish policies and procedures to implement the guidelines, including assessing the validity of Start Printed Page 43241address change requests. Pursuant to title X of the Dodd-Frank Wall Street Reform and Consumer Protection Act, Public Law 111-203, 124 Stat. 1955, July 21, 2010 (Dodd-Frank Act), the Bureau of Consumer Financial Protection (CFPB) reissued its portion of the regulation as CFPB regulations (76 FR 79308 (December 21, 2011)).

    Respondents: Federal Credit Unions.

    Estimated No. of Respondents/Record keepers: 4,206.

    Estimated Burden Hours per Response: 111 hours.

    Frequency of Response: Initial and Annual.

    Estimated Total Annual Burden Hours: 467,366

    Estimated Total Annual Cost: N/A.

    Start Signature

    By the National Credit Union Administration Board on July 15, 2013.

    Mary Rupp,

    Secretary of the Board.

    End Signature End Supplemental Information

    [FR Doc. 2013-17345 Filed 7-18-13; 8:45 am]

    BILLING CODE 7535-01-P

Document Information

Published:
07/19/2013
Department:
National Credit Union Administration
Entry Type:
Notice
Action:
Request for comment.
Document Number:
2013-17345
Dates:
Comments will be accepted until September 17, 2013.
Pages:
43239-43241 (3 pages)
PDF File:
2013-17345.pdf