[Federal Register Volume 85, Number 13 (Tuesday, January 21, 2020)]
[Notices]
[Pages 3372-3374]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-00820]


=======================================================================
-----------------------------------------------------------------------

EXPORT-IMPORT BANK


Privacy Act of 1974; Establishment of a New System of Records

AGENCY: Export-Import Bank of the United States.

ACTION: Notice of new electronic System of Records--Financial 
Management System--Next Generation (FMS-NG).

-----------------------------------------------------------------------

SUMMARY: EXIM Bank (EXIM) proposes to add a new electronic System of 
Records, Financial Management System--Next Generation (FMS-NG), subject 
to the Privacy Act of 1974 (5 U.S.C. 522a), as amended. This notice is 
necessary to meet the requirements of the Privacy Act which is to 
publish in the Federal Register a notice of the existence and character 
of records maintained by the agency (5 U.S.C. 522s(e)(4)). Included in 
this notice is the System of Records Notice (SORN) for FMS-NG. The 
system is currently operational.

DATES: This action is effective without further notice on February 
17th, 2020 unless comments are received that would result in a contrary 
determination.

ADDRESSES: Comments may be submitted electronically on 
www.regulations.gov or by mail to Gabriela Smith-Sherman, Chief 
Information Security Officer, Export-Import Bank of the United States, 
811 Vermont Ave. NW, Washington, DC 20571.

FOR FURTHER INFORMATION CONTACT: For privacy questions, please contact: 
Gabriela Smith-Sherman, Chief Information Security Officer, Export-
Import Bank of the United States, 811 Vermont Ave. NW, Washington, DC 
20571.

SUPPLEMENTARY INFORMATION: The Financial Management System--Next 
Generation (FMS-NG) supports flexible financial accounting, control and 
disbursement of funds, management accounting, and financial report 
processes.

SYSTEM OF RECORDS NOTICE
    Financial Management System--Next Generation (FMS-NG).

System Identifier:
    EXIM/FMS-NG.

System Name:
    Financial Management System--Next Generation (FMS-NG).

Security Classification:
    Moderate.

System Location:
    This electronic system is used via a web interface by EXIM staff 
from the Headquarters of the Export-Import Bank of the United States, 
811 Vermont Avenue NW, Washington, DC 20571. The physical location and 
technical operation of the system is at the Amazon Web Services (AWS) 
facility in Northern Virginia.

Categories of Individuals covered by this system:
    The FMS-NG system holds information on EXIM customers, employees, 
contractors, vendors, and invitational travelers who have been asked to 
speak at or attend a function at the request of EXIM and who are 
seeking reimbursements for expenses incurred.

Categories of records in the system:
    FMS-NG contains information related to the financial obligations of 
EXIM to and from individuals and corporate entities from the point of 
obligation through the point of final disbursement. EXIM provides 
complete loan and guarantee servicing over the entire life of a credit. 
The FMS-NG system contains Personally Identifiable Information (PII) on 
EXIM employees and public individuals that incurred

[[Page 3373]]

expenses pre-authorized for reimbursement, EXIM product applicants, 
contracted suppliers, and other business partners.
    The following Table 1, Categories of Records lists significant data 
categories contained in the FMS-NG system. Only the Administrative 
categories may contain PII data. The Category of Bank Products is 
normally used by larger corporate entities and is unlikely to contain 
PII for sole proprietors of businesses or other individuals.

           Table 1--Categories of Records in the FMS-NG System
------------------------------------------------------------------------
 
-------------------------------------------------------------------------
Bank products.
Rescheduled Loan.
Project Finance Loan.
Aircraft Financing Loan.
Tied Aid Loan.
Renewable Express Loan.
Global Credit Express.
Letter of Credit for a Direct Loan.
Working Capital Guarantee.
Standard Guarantee.
Credit Guarantee Facility.
Finance Lease Guarantee.
Project Finance Guarantee.
Aircraft Finance Guarantee.
Co-Financing Guarantee.
Renewable Express Guarantee.
Supply Chain Guarantee.
Administrative records.
Budget based on object class and fund segment.
Procurement purchase order.
Inter-Agency Agreements.
Payments to Administrative Suppliers.
Procurement Card.
Travel purchase order.
Payment Vouchers.
Refunds.
Sponsored Travel.
Petty Cash.
Employee Debt.
Conference fee collections.
General Ledger.
------------------------------------------------------------------------


 Table 2--Representative PII Data Elements Within Administrative Records
------------------------------------------------------------------------
                            PII Data elements
-------------------------------------------------------------------------
Bank products:
    ACCOUNT_HOLDER_NAME.
    ACCTTYPEID.
    ADDRESSID.
    BANK_ACCOUNT_NAME.
    BANKACCOUNTID.
    BANKSWIFTCODE.
    BRANCHID.
    BRANCHNAME.
    CHECK_DIGITS.
    PARENT_VENDOR_ID.
    PARENT_VENDOR_NAME.
    TAX_ID.
    VENDOR_ID.
    VENDOR_NAME.
    VENDOR_NAME_ALT.
    VENDOR_NUMBER.
------------------------------------------------------------------------

Authority for maintenance of the system:
    EXIM requests the information in this application under the 
following authorizations:
    Authority of the Export-Import Bank Act of 1945, as amended (12 
U.S.C. 635 et seq.), Executive Order 9397 as amended by Executive Order 
13478 signed by President George W. Bush on November 18, 2008, relating 
to Federal agency use of Social Security Numbers.

Purpose:
    The Financial Management System--Next Generation (FMS-NG) is a 
custom configured Commercial-off-the-Shelf (COTS) solution, which 
supports flexible financial accounting, control and disbursement of 
funds, management accounting, loan and guarantee servicing, and 
financial report processes. More specifically, FMS-NG maintains EXIM's 
spending budget, supports purchase of goods and services, vendor 
payments, records general ledger entries, reports to Department of 
Treasury and the Office of Management and Budget (OMB), verifies data 
accuracy, properly clears and closes ledgers and journals, and provides 
complete loan and guarantee servicing over the entire life of a credit.
    FMS-NG is comprised of the following functional modules:
     Budget Execution,
     Accounts Payable,
     Accounts Receivable,
     General Ledger,
     Purchasing, and
     Processing of loans and guarantees related financial data.

 Routine Uses of Records Maintained in the System; Including Categories 
of Users and the Purposes of Such Uses:
    In addition to those disclosures that are generally permitted under 
5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed to authorized 
entities, as is determined to be relevant and necessary, outside EXIM 
as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    a. For the Bank employees to support purchase of goods and 
services;
    b. For the Bank employees to support vendor payments;
    c. To disclose information for audits and oversight purposes 
performed by EXIM employees, report to the Department of Treasury and 
the Office of Management and Budget in Monthly, Quarterly, Semi-annual, 
and Annual reporting;
    d. To provide information to a Congressional Office from the record 
of an individual in response to an inquiry from that Office;
    e. To share data with contractors, grantees, and experts to perform 
Office of Personnel Management (OPM) authorized activities, including 
performing and monitoring of select business transactions;
    f. For investigations of potential violations of law;
    g. For EXIM employees to collect information from third parties 
including credit reporting agencies and to collect credit scores to 
establish credit worthiness of applicants;
    h. To disclose information to EXIM contractors in support of EXIM 
authorized activities;
    i. For litigation;
    j. By National Archives and Records Administration for record 
management inspections in its role as Archivist;
    k. For data breach and mitigation response.
    l. To disclose pertinent information to the appropriate Federal, 
State, or local agency responsible for investigating, prosecuting, 
enforcing, or implementing a statute, rule, regulation or another 
purpose, when the disclosing agency becomes aware of an indication of a 
violation or potential violation of civil or criminal law or 
regulations.

 Disclosure to consumer reporting agencies:
    EXIM may report its credit experience to the applicable commercial 
consumer reporting agencies (credit bureaus), such as: Dun & 
Bradstreet, FICO, and TransUnion.

Storage:
    The records reside in the data tables of the FMS-NG System 
implemented in the Oracle[supreg] U.S. Federal Financials Release 12, a 
COTS Financial Management System from Oracle Corporation.

Retrievability:
    Information may be retrieved by transaction number, business entity 
name or individual name and EIN.

 Safeguards:
    Information will be stored in electronic format within the FMS-NG. 
FMS-NG has configurable responsibilities-based (processes and data) 
user access rules. User access is granted only to the authorized 
internal users. The authorized FMS-NG users will have restricted access 
only to the data subset necessary to perform their job function. This 
access is managed via Oracle Application System Administration, User 
and Responsibility security functions. FMS-NG underlying application--
Oracle Federal Financials, is compliant with the Federal Risk and 
Authorization Management Program (FedRAMP). The PII information in FMS-
NG is stored encrypted in place.

[[Page 3374]]

HTTPS protocol is employed in accessing FMS-NG.

Retention and Disposal:
    Retention and disposal of the records contained in FMS-NG complies 
with EXIM's Record Schedule for FMS-NG Electronic Records System DAA-
0275-2014-0002. The schedule was proposed for approval by EXIM in the 
Electronic Records Archives (ERA) system of the National Archives and 
Records Administration (NARA).

 System Manager and Address:
    Vice President--Controller Office of the CFO, Export-Import Bank of 
the United States, 811 Vermont Ave. NW, Washington, DC 20571.

 Notification Procedure:
    Individuals wishing to determine whether this system of records 
contains information about them may do so by writing to:
    Vice President--Controller Office of the CFO, Export-Import Bank of 
the United States, 811 Vermont Ave. NW, Washington, DC 20571.
    And provide the following information:
    1. Name.
    2. Tax ID, as applicable.
    3. Type of information requested.
    4. Address to which the information should be sent.
    5. Signature.

 Record access procedure:
    Individuals wishing to make an amendment of records about them 
should write to:
    Vice President--Controller Office of the CFO, Export-Import Bank of 
the United States, 811 Vermont Ave. NW, Washington, DC 20571.
    And provide the following information:
    1. Name.
    2. Tax ID, as applicable.
    3. Type of information to be amended.
    4. Signature.

 Contesting record procedures:
    Individuals wishing to contest records about them should write to:
    Vice President--Controller Office of the CFO, Export-Import Bank of 
the United States, 811 Vermont Ave. NW, Washington, DC 20571.
    And provide the following information:
    1. Name.
    2. Tax ID, as applicable.
    3. Signature.
    4. Precise identification of the information to be contested.

 Record Source Categories:
    The record information contained in the FMS-NG is obtained using 
one of two methods: Manual entry, and through data consumption from 
source flat files imported after validating data with business rules 
using PLSQL procedural upload to the FMS-NG database.

 Exemptions claimed for the system:
    None.

Bassam Doughman,
IT Specialist.
[FR Doc. 2020-00820 Filed 1-17-20; 8:45 am]
 BILLING CODE 6690-01-P