[Federal Register Volume 87, Number 211 (Wednesday, November 2, 2022)]
[Notices]
[Pages 66181-66183]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-23804]


-----------------------------------------------------------------------

FEDERAL DEPOSIT INSURANCE CORPORATION


Privacy Act of 1974; System of Records

AGENCY: Federal Deposit Insurance Corporation (FDIC).

ACTION: Notice of modified system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as 
amended, the FDIC proposes to modify a current FDIC system of records 
titled, ``Unclaimed Deposit Account Records, FDIC-024.'' FDIC is 
updating this system of records by adding a new routine use to allow 
members of the public to locate and understand the status of their 
accounts. Additionally, this notice includes non-substantive changes to 
simplify the formatting and text of the previously published notice. We 
hereby publish this notice for comment on the proposed actions.

DATES: This action will become effective on November 2, 2022. The 
routine uses in this action will become effective on December 2, 2022, 
unless the FDIC makes changes based on comments received. Written 
comments should be submitted on or before the routine uses effective 
date of December 2, 2022.

ADDRESSES: Interested parties are invited to submit written comments 
identified by Privacy Act Systems of Records by any of the following 
methods:
     Agency Website: https://www.fdic.gov/resources/regulations/federal-register-publications/. Follow the instructions for 
submitting comments on the FDIC website.
     Email: [email protected]. Include ``Comments-SORN'' in the 
subject line of communication.
     Mail: James P. Sheesley, Assistant Executive Secretary, 
Attention: Comments-SORN, Legal Division, Office of the Executive 
Secretary, Federal Deposit Insurance Corporation, 550 17th Street NW, 
Washington, DC 20429.
     Hand Delivery: Comments may be hand-delivered to the guard 
station at the rear of the 17th Street NW building (located on F Street 
NW), on business days between 7:00 a.m. and 5:00 p.m.
     Public Inspection: Comments received, including any 
personal information provided, may be posted without change to https://www.fdic.gov/resources/regulations/federal-register-publications/. 
Commenters should submit only information that the commenter wishes to 
make available publicly. The FDIC may review, redact, or refrain from 
posting all or any portion of any comment that it may deem to be

[[Page 66182]]

inappropriate for publication, such as irrelevant or obscene material. 
The FDIC may post only a single representative example of identical or 
substantially identical comments, and in such cases will generally 
identify the number of identical or substantially identical comments 
represented by the posted example. All comments that have been 
redacted, as well as those that have not been posted, that contain 
comments on the merits of this document will be retained in the public 
comment file and will be considered as required under all applicable 
laws. All comments may be accessible under the Freedom of Information 
Act.

FOR FURTHER INFORMATION CONTACT: Shannon Dahn, Chief, Privacy Program, 
703-516-5500, [email protected].

SUPPLEMENTARY INFORMATION: The Privacy Act, 5 U.S.C. 552a, at 
subsection (b)(3), requires each agency to publish, for public notice 
and comment, significant changes that the agency intends to make to a 
Privacy Act system of records. The ``Unclaimed Deposit Account Records, 
FDIC-024'' system of records contains deposit account records, 
including signature cards, last known home address, social security 
number, name of insured depository institution, relating to unclaimed 
insured deposits or insured transferred deposits from closed insured 
depository institutions for which the FDIC was appointed receiver after 
January 1, 1989. FDIC is updating this system of records to add a new 
routine use (12) to allow members of the public access to a limited 
portion of the data sufficient to help individuals locate and 
understand the status of their accounts previously held by a financial 
institution. This notice includes non-substantive changes to simplify 
the formatting and text of the previously published notice. This 
modified system will be included in the FDIC's inventory of record 
systems.

SYSTEM NAME AND NUMBER:
    Unclaimed Deposit Account Records, FDIC-024.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Records are maintained at FDIC facilities in Arlington, Virginia 
and regional offices. Original and duplicate systems may exist, in 
whole or in part, at secure sites and on secure servers maintained by 
third-party service providers for the FDIC.

SYSTEM MANAGER(S):
    Financial Managers, Division of Resolutions and Receiverships, 
FDIC, 550 17th Street NW, Washington, DC 20429, and 600 North Pearl 
Street, Suite 700, Dallas, Texas 75201.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Sections 9, 11, and 12 of the Federal Deposit Insurance Act (12 
U.S.C. 1819, 1821, and 1822).

PURPOSE(S) OF THE SYSTEM:
    The information in this system is used to process inquiries and 
claims of individuals with respect to unclaimed insured deposit 
accounts of closed insured depository institutions for which the FDIC 
was appointed receiver after January 1, 1989, and to assist in 
complying with the requirements of the Unclaimed Deposits Amendments 
Act.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals identified as deposit account owners and individuals 
claiming to be deposit account holders of unclaimed insured deposits of 
a closed insured depository institution for which the FDIC was 
appointed receiver after January 1, 1989.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Deposit account records, including signature cards; last known home 
address; social security number; name of insured depository 
institution.

RECORD SOURCE CATEGORIES:
    Information originates from deposit records of closed insured 
depository institutions and claimants. After 18 months following 
institution failure, unclaimed deposit records are transferred to the 
FDIC from assuming depository institutions. Custody of these records 
are transferred to State's unclaimed property for a period of 10 years. 
After 10 years, unclaimed records are returned to FDIC.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside the FDIC 
as a routine use as follows:
    (1) To appropriate Federal, State, local and foreign authorities 
responsible for investigating or prosecuting a violation of, or for 
enforcing or implementing a statute, rule, regulation, or order issued, 
when the information indicates a violation or potential violation of 
law, whether civil, criminal, or regulatory in nature, and whether 
arising by general statute or particular program statute, or by 
regulation, rule, or order issued pursuant thereto;
    (2) To a court, magistrate, or other administrative body in the 
course of presenting evidence, including disclosures to counsel or 
witnesses in the course of civil discovery, litigation, or settlement 
negotiations or in connection with criminal proceedings, when the FDIC 
is a party to the proceeding or has a significant interest in the 
proceeding, to the extent that the information is determined to be 
relevant and necessary;
    (3) To a congressional office in response to an inquiry made by the 
congressional office at the request of the individual who is the 
subject of the record;
    (4) To appropriate agencies, entities, and persons when (a) the 
FDIC suspects or has confirmed that there has been a breach of the 
system of records; (b) the FDIC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the FDIC (including its information systems, programs, and operations), 
the Federal Government, or national security; the FDIC and (c) the 
disclosure made to such agencies, entities, and persons is reasonably 
necessary to assist in connection with the FDIC's efforts to respond to 
the suspected or confirmed breach or to prevent, minimize, or remedy 
such harm;
    (5) To another Federal agency or Federal entity, when the FDIC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (a) responding to 
a suspected or confirmed breach or (b) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    (6) To appropriate Federal, State, and local authorities in 
connection with hiring or retaining an individual, conducting a 
background security or suitability investigation, adjudication of 
liability, or eligibility for a license, contract, grant, or other 
benefit;
    (7) To appropriate Federal, State, and local authorities, agencies, 
arbitrators, and other parties responsible for processing any personnel 
actions or conducting administrative hearings or corrective actions or 
grievances or appeals, or if needed in the performance of other 
authorized duties;
    (8) To appropriate Federal agencies and other public authorities 
for use in records management inspections;
    (9) To officials of a labor organization when relevant and 
necessary to their duties of exclusive representation

[[Page 66183]]

concerning personnel policies, practices, and matters affecting working 
conditions;
    (10) To contractors, grantees, volunteers, and others performing or 
working on a contract, service, grant, cooperative agreement, or 
project for the FDIC, the Office of Inspector General, or the Federal 
Government for use in carrying out their obligations under such 
contract, grant, agreement or project;
    (11) To the appropriate State agency accepting custody of unclaimed 
insured deposits; and
    (12) To allow members of the public access to a limited portion of 
the data sufficient to help individuals locate and understand the 
status of their accounts previously held by a financial institution.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are stored in electronic media and in paper format within 
individual file folders.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Electronic media and paper format are indexed and retrieved by 
depository institution name, depositor name, depositor social security 
number, or deposit account number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records of unclaimed deposits are maintained ten years after the 
termination date of the receivership or as established by the state or 
Federal law or court order, if longer. Disposal is by shredding or 
other appropriate disposal methods.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Records are protected from unauthorized access and improper use 
through administrative, technical, and physical security measures. 
Administrative safeguards include written guidelines on handling 
personal information including agency-wide procedures for safeguarding 
personally identifiable information. In addition, all FDIC staff are 
required to take annual privacy and security training. Technical 
security measures within FDIC include restrictions on computer access 
to authorized individuals who have a legitimate need to know the 
information; required use of strong passwords that are frequently 
changed; multi-factor authentication for remote access and access to 
many FDIC network components; use of encryption for certain data types 
and transfers; firewalls and intrusion detection applications; and 
regular review of security procedures and best practices to enhance 
security. Physical safeguards include restrictions on building access 
to authorized individuals, security guard service, and maintenance of 
records in lockable offices and filing cabinets.

RECORD ACCESS PROCEDURES:
    Individuals wishing to request access to records about them in this 
system of records must submit their request in writing to the FDIC FOIA 
& Privacy Act Group, 550 17th Street NW, Washington, DC 20429, or email 
[email protected]. Requests must include full name, address, and 
verification of identity in accordance with FDIC regulations at 12 CFR 
part 310.

CONTESTING RECORD PROCEDURES:
    Individuals wishing to contest or request an amendment to their 
records in this system of records must submit their request in writing 
to the FDIC FOIA & Privacy Act Group, 550 17th Street NW, Washington, 
DC 20429, or email [email protected]. Requests must specify the 
information being contested, the reasons for contesting it, and the 
proposed amendment to such information in accordance with FDIC 
regulations at 12 CFR part 310.

NOTIFICATION PROCEDURES:
    Individuals wishing to know whether this system contains 
information about them must submit their request in writing to the FDIC 
FOIA & Privacy Act Group, 550 17th Street NW, Washington, DC 20429, or 
email [email protected]. Requests must include full name, address, and 
verification of identity in accordance with FDIC regulations at 12 CFR 
part 310.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    84 FR 35184 (July 22, 2019).

Federal Deposit Insurance Corporation.

    Dated at Washington, DC, on October 27, 2022.
James P. Sheesley,
Assistant Executive Secretary.
[FR Doc. 2022-23804 Filed 11-1-22; 8:45 am]
BILLING CODE 6714-01-P