Skip to Content

Notice

Privacy Act of 1974: Systems of Records

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document including its time on Public Inspection. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

National Credit Union Administration (NCUA).

ACTION:

Notice of a modified system of records; notice of modified standard routine uses.

SUMMARY:

Pursuant to the Privacy Act of 1974, the National Credit Union Administration (NCUA) proposes the following changes to: Reflect changes in information access and retrieval, and change the name of the office system owner for an existing system of records, Consumer Complaints Against Federal Credit Unions, NCUA-12; revise the authorities to reflect specific programmatic authority for collecting, maintaining, using, and disseminating the information; and add a routine use to all NCUA Systems of Records as part of our Standard Routine Uses. These actions are necessary to meet the requirements of the Privacy Act that federal agencies publish in the Federal Register a notice of the existence and character of records it maintains that are retrieved by an individual identifier. This is a republication after full review by OMB.

DATES:

Submit comments on or before September 14, 2018. This action will be effective without further notice on September 14, 2018 unless comments are received that would result in a contrary determination.

ADDRESSES:

You may submit comments by any of the following methods, but please send comments by one method only:

  • Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
  • NCUA Website: http://www.ncua.gov/​RegulationsOpinionsLaws/​proposed_​regs/​proposed_​regs.html. Follow the instructions for submitting comments.
  • Email: Address to regcomments@ncua.gov. Include “[Your name]—Comments on NCUA Consumer Complaints Against Federal Credit Unions SORN” in the email subject line.
  • Fax: (703) 518-6319. Use the subject line described above for email.
  • Mail: Address to Gerard Poliquin, Secretary of the Board, National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428.
  • Hand Delivery/Courier: Same as mail address.
Start Further Info

FOR FURTHER INFORMATION CONTACT:

Morgan M. Rogers, Division of Consumer Affairs Director, or Matthew J. Biliouris, Director, Office of Consumer Financial Protection, Consumer Assistance, the National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314 (Regarding the NCUA-12, Consumer Complaints Against Federal Credit Unions System), or Rena Kim, Privacy Attorney, or Linda Dent, Senior Agency Official for Privacy, Office of General Counsel, the National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314, or telephone: (703) 518-6540.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

(1) NCUA is Proposing To Update NCUA-12, Consumer Complaints Against Federal Credit Unions. The NCUA-12 Consumer Complaints Against Federal Credit Unions System is being updated to reflect a change in the manner in which records are accessed and retrieved by examination personnel. The NCUA-12 system of records collects and maintains consumer complaints against federal credit unions received and processed by the NCUA Consumer Assistance Center. The change in access will improve the effectiveness and efficiency when examiners conduct the required pre-exam planning review of consumer complaints. Examiners may securely view consumer complaints, credit union responses, supporting documentation about complaints, and consumer protection violations concerning the credit unions in their assigned region. The update includes a change to the office system owner's name resulting Start Printed Page 40573from a reorganization. The Consumer Assistance Center is a component within NCUA's previous Office of Consumer Financial Protection and Access, now reorganized and renamed the Office of Consumer Financial Protection (OCFP).

(2) NCUA is Proposing To Revise the Authorities for Maintenance of the System To Reflect Specific Programmatic Authority for Collecting, Maintaining, Using, and Disseminating the Information. We are revising the authorities to reflect specific programmatic authority for collecting, maintaining, using, and disseminating the information.

(3) NCUA is Proposing To Add One Routine Use to Our Standard Routine Uses. This additional routine use will facilitate the sharing of NCUA's information with another agency in its efforts to respond to a breach. It will ensure that NCUA meets the requirements of OMB M-17-12 “Preparing for and Responding to a Breach of Personally Identifiable Information.”

In addition to the substantive updates described above, the NCUA has modified the format of NCUA-12 to align with the guidance set forth in OMB Circular A-108. NCUA-12 and all of NCUA's Standard Routine Uses are published in full below. For convenience, modified language is identified in italics. All of the NCUA's SORNs are available at www.ncua.gov.

Start Signature

By the National Credit Union Administration Board on August 9, 2018.

Gerard Poliquin,

Secretary of the Board.

End Signature

SYSTEM NAME AND NUMBER

Consumer Complaints Against Federal Credit Unions—NCUA-12.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

NCUA Consumer Assistance Center, Office of Consumer Financial Protection, National Credit Union Administration, 1775 Duke Street, Alexandria, VA 22314-3428. Third party service provider, Salesforce.com, Inc. The Landmark at One Market, Suite 300, San Francisco, CA 94105.

SYSTEM MANAGER(S):

Division of Consumer Affairs Director, Office of Consumer Financial Protection, National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

12 U.S.C. 1752a, 12 U.S.C. 1766, 12 U.S.C. 1784(a), and 12 U.S.C. 1789.

PURPOSE(S) OF THE SYSTEM:

The system supports the NCUA's supervisory oversight and enforcement responsibilities to intake and respond to consumer inquiries, complaints and other communications from the general public, credit unions and other state and federal government banking and law enforcement agencies regarding federal consumer financial protection laws, regulations and credit union activity.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals who are members of the public that contact the NCUA's Consumer Assistance Center by telephone, written correspondence and web search, including both general inquiries and complaints concerning federal financial consumer protection matters within credit unions.

CATEGORIES OF RECORDS IN THE SYSTEM:

This system contains correspondence and records of other communications between the NCUA and the individual submitting a complaint or making an inquiry, including copies of supporting documents and contact information supplied by the individual. This system may also contain regulatory and supervisory communications between the NCUA and the NCUA-insured credit union in question and/or intra-agency or inter-agency memoranda or correspondence relevant to the complaint or inquiry.

RECORD SOURCE CATEGORIES:

Information is provided by the individual complainant, and his or her representative such as, a member of Congress or an attorney. Information is also provided by federal credit union officials and employees. Information is provided by the individual to whom the record pertains, internal agency records, and investigative and other record material compiled in the course of an investigation, or furnished by other state and federal financial regulatory and law enforcement government agencies.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

The NCUA's Consumer Assistance Center uses these records to document the submission of and responses to consumer inquiries, complaints and other communications from the general public regarding federal consumer financial protection laws, regulations and credit union activity.

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside the NCUA as a routine use as follows:

(1) Information may be disclosed to officials of federal credit unions and other persons mentioned in a complaint or identified during an investigation.

(2) Disclosures may be made to the Federal Reserve Board, other federal financial regulatory agencies, the Federal Financial Institutions Examination Council, the White House Office of Consumer Affairs, and the Congress, or any of its authorized committees in fulfilling reporting requirements or assessing implementation of applicable laws and regulations. (Such disclosures will be made in a non-identifiable manner when feasible and appropriate.)

(3) Referrals may also be made to other federal and nonfederal supervisory or regulatory authorities when the subject matter is a complaint or inquiry which is more properly within such agency's jurisdiction.

(4) NCUA's Standard Routine Uses apply to this system of records.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records are stored electronically and physically.

POLICIES AND PRACTICES FOR RETRIEVABILITY OF RECORDS:

Records are retrieved by individual identifiers such as individual complainant's name.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

All records, including audio records, are retained in a secure and encrypted cloud-based storage system for a period of seven years consistent with the National Archives and Records Administration records retention schedule.

ADMINISTRATIVE, TECHNICAL AND PHYSICAL SAFEGUARDS:

Information in the system is safeguarded in accordance with the applicable laws, rules and policies governing the operation of federal information systems.

RECORD ACCESS PROCEDURES:

Individuals wishing access to their records should submit a written request to the Senior Agency Official for Privacy, NCUA, 1775 Duke Street, Alexandria, VA 22314, and provide the following information:

1. Full name.

2. Any available information regarding the type of record involved.

3. The address to which the record information should be sent.

4. You must sign your request.Start Printed Page 40574

Attorneys or other persons acting on behalf of an individual must provide written authorization from that individual for the representative to act on their behalf. Individuals requesting access must also comply with NCUA's Privacy Act regulations regarding verification of identity and access to records (12 CFR 792.55).

CONTESTING RECORD PROCEDURES:

Individuals wishing to request an amendment to their records should submit a written request to the Senior Agency Official for Privacy, NCUA, 1775 Duke Street, Alexandria, VA 22314, and provide the following information:

1. Full name.

2. Any available information regarding the type of record involved.

3. A statement specifying the changes to be made in the records and the justification therefore.

4. The address to which the response should be sent.

5. You must sign your request.

Attorneys or other persons acting on behalf of an individual must provide written authorization from that individual for the representative to act on their behalf.

NOTIFICATION PROCEDURES:

Individuals wishing to learn whether this system of records contains information about them should submit a written request to the Senior Agency Official for Privacy, NCUA, 1775 Duke Street, Alexandria, VA 22314, and provide the following information:

1. Full name.

2. Any available information regarding the type of record involved.

3. The address to which the record information should be sent.

4. You must sign your request.

Attorneys or other persons acting on behalf of an individual must provide written authorization from that individual for the representative to act on their behalf. Individuals requesting access must also comply with NCUA's Privacy Act regulations regarding verification of identity and access to records (12 CFR 792.55).

HISTORY:

This system of records notice was originally published in 65 FR 3486 (January 21, 2000). It was republished (but not substantively changed in 75 FR 41539 (July 16, 2010), and 71 FR 77807 (December 27, 2006).

NCUA'S STANDARD ROUTINE USES:

1. If a record in a system of records indicates a violation or potential violation of civil or criminal law or a regulation, and whether arising by general statute or particular program statute, or by regulation, rule, or order, the relevant records in the system or records may be disclosed as a routine use to the appropriate agency, whether federal, state, local, or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, rule, regulation, or order issued pursuant thereto.

2. A record from a system of records may be disclosed as a routine use to a federal, state, or local agency which maintains civil, criminal, or other relevant enforcement information or other pertinent information, such as current licenses, if necessary, to obtain information relevant to an agency decision concerning the hiring or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant, or other benefit.

3. A record from a system of records may be disclosed as a routine use to a federal agency, in response to its request, for a matter concerning the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision in the matter.

4. A record from a system of records may be disclosed as a routine use to an authorized appeal grievance examiner, formal complaints examiner, equal employment opportunity investigator, arbitrator or other duly authorized official engaged in investigation or settlement of a grievance, complaint, or appeal filed by an employee. Further, a record from any system of records may be disclosed as a routine use to the Office of Personnel Management in accordance with the agency's responsibility for evaluation and oversight of federal personnel management.

5. A record from a system of records may be disclosed as a routine use to officers and employees of a federal agency for purposes of audit.

6. A record from a system of records may be disclosed as a routine use to a member of Congress or to a congressional staff member in response to an inquiry from the congressional office made at the request of the individual about whom the record is maintained.

7. A record from a system of records may be disclosed as a routine use to the officers and employees of the General Services Administration (GSA) in connection with administrative services provided to this Agency under agreement with GSA.

8. Records in a system of records may be disclosed as a routine use to the Department of Justice, when: (a) NCUA, or any of its components or employees acting in their official capacities, is a party to litigation; or (b) Any employee of NCUA in his or her individual capacity is a party to litigation and where the Department of Justice has agreed to represent the employee; or (c) The United States is a party in litigation, where NCUA determines that litigation is likely to affect the agency or any of its components, is a party to litigation or has an interest in such litigation, and NCUA determines that use of such records is relevant and necessary to the litigation, provided, however, that in each case, NCUA determines that disclosure of the records to the Department of Justice is a use of the information contained in the records that is compatible with the purpose for which the records were collected.

9. Records in a system of records may be disclosed as a routine use in a proceeding before a court or adjudicative body before which NCUA is authorized to appear (a) when NCUA or any of its components or employees are acting in their official capacities; (b) where NCUA or any employee of NCUA in his or her individual capacity has agreed to represent the employee; or (c) where NCUA determines that litigation is likely to affect the agency or any of its components, is a party to litigation or has an interest in such litigation, and NCUA determines that use of such records is relevant and necessary to the litigation, provided, however, NCUA determines that disclosure of the records to the Department of Justice is a use of the information contained in the records that is compatible with the purpose for which the records were collected.

10. A record from a system of records may be disclosed to contractors, experts, consultants, and the agents thereof, and others performing or working on a contract, service, cooperative agreement, or other assignment for NCUA when necessary to accomplish an agency function or administer an employee benefit program. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to NCUA employees.

11. A record from a system of records may be disclosed to appropriate agencies, entities, and persons when (1) NCUA suspects or has confirmed that Start Printed Page 40575the security or confidentiality of information in the system of records has been compromised; (2) NCUA has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by NCUA or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with NCUA's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

12. A record from a system of records may be shared with the Office of Management and Budget (OMB) in connection with the review of private relief legislation as set forth in OMB Circular A-19 at any stage of the legislative coordination and clearance process as set forth in that circular.

13. To another Federal agency or Federal entity, when the NCUA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

End Supplemental Information

[FR Doc. 2018-17517 Filed 8-14-18; 8:45 am]

BILLING CODE 7535-01-P