Skip to Content


Agency Information Collection Activities: Submission to OMB for Reinstatement, With Change, of a Previously Approved Collection; Comment Request

Document Details

Information about this document as published in the Federal Register.

Enhanced Content

Relevant information about this document from provides additional context. This information is not part of the official Federal Register document.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


National Credit Union Administration (NCUA).


Request for comment.


The NCUA intends to submit the following information collection to the Office of Management and Budget (OMB) for review and clearance under the Paperwork Reduction Act of 1995. This information collection is published to obtain comments from the public. The collection is related to the requirement that each federal credit union (FCU) must establish reasonable policies and procedures for implementing the red flag guidelines to identify possible risks to FCU members or to an FCU's safety and soundness. Each FCU also must develop an Identity Theft Prevention Program, provide staff training, and report to its board of directors, a board committee, or senior management, at least annually. Due to the transferring of agency responsibilities under the Dodd-Frank Wall Street Reform and Consumer Protection Act, (Dodd-Frank Act), this notice and collection have been modified since the 60-day notice to reflect the current regulatory landscape.


Comments will be accepted until September 27, 2013.


Interested parties are invited to submit written comments to the NCUA Contact and the OMB Reviewer listed below:

NCUA Contact: Tracy Crews, National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428, Fax No. 703-837-2861, Email:

OMB Contact: Office of Management and Budget, ATTN: Desk Officer for the National Credit Union Administration, Office of Information and Regulatory Affairs, Washington, DC 20503.

Start Further Info


Requests for additional information, a copy of the information collection request, or a copy of submitted comments should be directed to Tracy Crews at the National Credit Union Administration, 1775 Duke Street, Alexandria, VA 22314-3428, or at (703) 518-6444.

E&I Contact: Program Officer Judy Graham, 703-518-6360.

End Further Info End Preamble Start Supplemental Information


I. Abstract and Request for Comments

NCUA is reinstating and amending the collection for 3133-0175. This collection of information is required by Sections 114 of the Fair and Accurate Credit Transactions Act (FACT Act), Public Law 108-159, amending the Fair Credit Reporting Act, 15 U.S.C. 1681-1681x. NCUA is renewing its collection, and also updating the collection to reflect that a portion of the FACT Act authority has been transferred to the Bureau of Consumer Financial Protection (CFPB) pursuant to Title X of the Dodd-Frank Act, Public Law 111-203, 124 Stat. 1955, and republished as CFPB regulations at 76 FR 79308, Dec. 21, 2011. The burden estimates for this portion of the collection have been revised to remove the burden attributable to the four federally insured credit unions with over $10 billion in total assets, now carried by CFPB pursuant to section 1025 of the Dodd-Frank Act. As required by Section 114 of the FACT Act, Appendix J to 12 CFR part 717 contains red flag guidelines for FCUs to use in identifying patterns, practices, and specific forms of activity that indicate the possible existence of identity theft. In addition, 12 CFR 717.90 requires each FCU to establish reasonable policies and procedures to address the risk of identity theft that incorporate the guidelines. Pursuant to Section 717.91, credit card and debit card issuers must implement reasonable policies and procedures to assess the validity of a request for a change of address under certain circumstances.

Section 717.90 requires each NCUA regulated FCUs that offers or maintains one or more covered accounts to develop and implement a written Identity Theft Prevention Program (Program). In developing the Program, financial institutions and creditors are required to consider the guidelines in Appendix J to part 717 and include those that are appropriate. The initial Program must be approved by the board of directors or an appropriate committee thereof. The board, an appropriate committee thereof, or a designated employee at the level of senior management must be involved in the oversight of the Program. In addition, staff members must be trained to carry out the Program. Pursuant to Section 717.91, each credit and debit card issuer is required to establish and implement policies and procedures to assess the validity of a change of address request under certain circumstances. Before issuing an additional or replacement card, the card issuer must notify the cardholder or use another means to assess the validity of the change of address.

Burden estimate: The hourly burden increased despite a decline in respondents due to an increase in the estimated processing times. NCUA estimates 4,206 respondents (FCUs with assets of $10 million or less). Each FCU requires 111 hours annually for a total of 466,866 hours annually.

Included in the NCUA estimates of the 4,206 annual respondents annually, two are new FCUs requiring a one-time additional 250 hours for program development. Therefore, the new FCUs incur an additional 500 hours annually.

Hence, NCUA's estimated total annual burden is 467,366 hours, based upon the 111 hours for the annual program and additional 250 hours for new FCU program development.

The NCUA requests that you send your comments on this collection to the location listed in the addresses section. Your comments should address: (a) The necessity of the information collection for the proper performance of NCUA, including whether the information will have practical utility; (b) the accuracy of our estimate of the burden hours of the collection of information, including the validity of the methodology and assumptions used; (c) ways we could enhance the quality, utility, and clarity of the information to be collected; and (d) ways we could minimize the burden of the collection of the information on the respondents such as through the use of automated collection techniques or other forms of information technology. It is NCUA's policy to make all comments available to the public for review.Start Printed Page 53172

II. Data

Title: Identity Theft Red Flags under the FACT Act of 2003, 12 CFR Part 717.

OMB Number: 3133-0175.

Form Number: None.

Type of Review: Reinstatement, with change, of a previously approved collection.

Description: This collection of information is pursuant to regulations implementing Sections 114 of the FACT Act related to guidelines for identifying patterns, practices and activity indicative of possible identity theft. The FACT Act regulations require FCUs to establish policies and procedures to implement the red flag guidelines.

Respondents: Federal Credit Unions.

Estimated No. of Respondents/Record keepers: 4,206.

Estimated Burden Hours per Response: 111 hours.

Frequency of Response: Initial and Annual.

Estimated Total Annual Burden Hours: 467,366

Estimated Total Annual Cost: N/A.

Start Signature

By the National Credit Union Administration Board on August 22, 2013.

Gerard Poliquin,

Secretary of the Board.

End Signature End Supplemental Information

[FR Doc. 2013-20939 Filed 8-27-13; 8:45 am]