[Federal Register Volume 83, Number 158 (Wednesday, August 15, 2018)]
[Notices]
[Pages 40582-40583]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-17488]


-----------------------------------------------------------------------

SECURITIES AND EXCHANGE COMMISSION


Proposed Collection; Comment Request

Upon Written Request, Copies Available From: Securities and Exchange 
Commission, Office of FOIA Services, 100 F Street NE, Washington, DC 
20549-2736.

Extension:
    Regulation S-P. SEC File No. 270-480; OMB Control No. 3235-0537.

    Notice is hereby given that, pursuant to the Paperwork Reduction 
Act of 1995 (``PRA'') (44 U.S.C. 3501 et seq.), the Securities and 
Exchange Commission (``Commission'') is soliciting comments on the 
existing collection of information provided for in the privacy notice 
and opt out notice provisions of Regulation S-P--Privacy of Consumer 
Financial Information (17 CFR part 248, subpart A) under the Securities 
Exchange Act of 1934 (``Exchange Act'') (15 U.S.C. 78a et seq.). The 
Commission plans to submit this existing collection of information to 
the Office of Management and Budget (``OMB'') for extension and 
approval.
    The privacy notice and opt out notice provisions of Regulation S-P 
(the ``Rule'') implement the privacy notice and opt out notice 
requirements of Title V of the Gramm-Leach-Bliley Act (``GLBA''), which 
include the requirement that at the time of establishing a customer 
relationship with a consumer and not less than annually during the 
continuation of such relationship, a financial institution shall 
provide a clear and conspicuous disclosure to such consumer of such 
financial institution's policies and practices with respect to 
disclosing nonpublic personal information to affiliates and 
nonaffiliated third parties (``privacy notice''). Title V of the GLBA 
also provides that, unless an exception applies, a financial 
institution may not disclose nonpublic personal information of a 
consumer to a nonaffiliated third party unless the financial 
institution clearly and conspicuously discloses to the consumer that 
such information may be disclosed to such third party; the consumer is 
given the opportunity, before the time that such information is 
initially disclosed, to direct that such information not be disclosed 
to such third party; and the consumer is given an explanation of how 
the consumer can exercise that nondisclosure option (``opt out 
notice''). The Rule applies to broker-dealers, investment advisers 
registered with the Commission, and investment companies (``covered 
entities'').
    Commission staff estimates that, as of March 31, 2018, the Rule's 
information collection burden applies to approximately 20,465 covered 
entities (approximately 3,857 broker-dealers, 12,643 investment 
advisers registered with the Commission, and 3,965 investment 
companies). In view of (a) the minimal recordkeeping burden imposed by 
the Rule (since the Rule has no recordkeeping requirement and records 
relating to customer communications already must be made and retained 
pursuant to other SEC rules); (b) the summary fashion in which 
information must be provided to customers in the privacy and opt out 
notices required by the Rule (the model privacy form adopted by the SEC 
and the other agencies in 2009, designed to serve as both a privacy 
notice and an opt out notice, is only two pages); (c) the availability 
to covered entities of the model privacy form and online model privacy 
form builder; and (d) the experience of covered entities' staff with 
the notices, SEC staff estimates that covered entities will each spend 
an average of approximately 12 hours per year complying with the Rule, 
for a total of approximately 245,580 annual burden-hours (12 x 20,465 = 
245,580). SEC staff understands that the vast majority of covered 
entities deliver their privacy and opt out notices with other 
communications such as account opening documents and account 
statements. Because the other communications are already delivered to 
consumers, adding a brief privacy and opt out notice should not result 
in added costs for processing or for postage and materials. Also, 
privacy and opt out notices may be delivered electronically to 
consumers who have agreed to electronic communications, which further 
reduces the costs of delivery. Because SEC staff assumes that most 
paper copies of privacy and opt out notices are combined with other 
required mailings, the burden-hour estimates above are based on 
resources required to integrate the privacy and opt notices into 
another mailing, rather than on the resources required to create and 
send a separate mailing. SEC staff estimates that, of the estimated 12

[[Page 40583]]

annual burden-hours incurred, approximately 8 hours would be spent by 
administrative assistants at an hourly rate of $82, and approximately 4 
hours would be spent by internal counsel at an hourly rate of $422, for 
a total annualized internal cost of compliance of $2,344 for each of 
the covered entities (8 x $82 = $656; 4 x $422 = $1,688; $656 + $1,688 
= $2,344). Hourly cost of compliance estimates for administrative 
assistant time are derived from the Securities Industry and Financial 
Markets Association's Office Salaries in the Securities Industry 2013, 
modified by SEC staff to account for an 1,800-hour work-year and 
multiplied by 2.93 to account for bonuses, firm size, employee benefits 
and overhead. Hourly cost of compliance estimates for internal counsel 
time are derived from the Securities Industry and Financial Markets 
Association's Management & Professional Earnings in the Securities 
Industry 2013, modified by SEC staff to account for an 1,800-hour work-
year and multiplied by 5.35 to account for bonuses, firm size, employee 
benefits, and overhead. Accordingly, SEC staff estimates that the total 
annualized internal cost of compliance for the estimated total hour 
burden for the approximately 20,465 covered entities subject to the 
Rule is approximately $47,969,960 ($2,344 x 20,465 = $47,969,960).
    Written comments are invited on: (a) Whether the proposed 
collection of information is necessary for the proper performance of 
the functions of the Commission, including whether the information 
shall have practical utility; (b) the accuracy of the Commission's 
estimates of the burden of the proposed collection of information; (c) 
ways to enhance the quality, utility, and clarity of the information 
collected; and (d) ways to minimize the burden of the collection of 
information on respondents, including through the use of automated 
collection techniques or other forms of information technology. 
Consideration will be given to comments and suggestions submitted in 
writing within 60 days of this publication.
    An agency may not conduct or sponsor, and a person is not required 
to respond to, a collection of information under the PRA unless it 
displays a currently valid OMB control number.
    Please direct your written comments to: Pamela Dyson, Director/
Chief Information Officer, Securities and Exchange Commission, c/o 
Candace Kenner, 100 F Street NE, Washington, DC 20549, or send an email 
to: [email protected].

    Dated: August 9, 2018.
Eduardo A. Aleman,
Assistant Secretary.
[FR Doc. 2018-17488 Filed 8-14-18; 8:45 am]
 BILLING CODE 8011-01-P