SUPPORTING STATEMENT
Minimum Security Devices and Procedures
OMB Control No. 1550-0062
Page
SUPPORTING STATEMENT
Minimum Security Devices and Procedures
OMB Control No. 1550-0062
A. JUSTIFICATION
1. Circumstances and Need
The requirement that savings associations establish a written security program is necessitated by the Bank Protection Act (12 U.S.C. 1881-1884), which requires the Federal supervisory agencies to promulgate rules establishing minimum standards with which each financial institution must comply with respect to the installation, maintenance, and operation of security devices and procedures to discourage robberies, burglaries, and larcenies, and to assist in the identification and apprehension of persons who commit such acts.
Pursuant to the statutory mandate, the Office of Thrift Supervision (OTS) adopted its regulations in 1969 (12 C.F.R. Part 568). These regulations were last revised effective February 1, 2001. In accordance with Part 568, a savings association must adopt a written security program, the association’s board of directors must approve the program, and each association’s security officer must report annually to the board on the effectiveness of the program. Section 568.5 was added when the regulations were revised in 2001, and requires that savings associations and their subsidiaries comply with the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, set forth in Appendix B to part 570. The other Federal supervisory agencies, Office of the Comptroller of the Currency (OCC), Board of the Governors of the Federal Reserve System (FRB), and Federal Deposit Insurance Corporation (FDIC), adopted virtually identical regulations in 1969, and likewise revised them in 1991 and 2001.
2. Use of Information Collected
The written security program is reviewed by OTS examiners during compliance examinations to ensure that it adequately provides for an effective system of compliance with statutory and regulatory procedures. Similarly, the report made by the security office to the association’s board of directors ensures that an association’s security program is reviewed at least annually for effectiveness by its board.
3. Use of Technology to Reduce Burden
The requirement is for associations to develop a written security program to comply with the Act. Consequently, the use of automated, electronic, or other technological collection techniques or other forms of information technology is not applicable.
4. Efforts to Identify Duplication
No duplication with any other recordkeeping or reporting requirements by OTS has been identified. Each association’s written security program will of necessity have to address the matters set forth in the regulation. However, the specifics of each program will be unique to that particular association.
5. Minimizing the Burden on Small Firms
The information collection does not differentiate information requirements on the basis of an association’s size because the Act is applicable to all financial institutions. Nonetheless, the information collection does not have a significant impact on a substantial number of small businesses.
6. Consequences of Less Frequent Collection
The requirement for a written program need be met only once. The program will be updated as necessary, depending on whether or not there are any changes in circumstances. The report to the board of directors is required at least annually. The requirements are the minimal that can be mandated and still ensure that the requirements of the Act are satisfied.
7. Special Circumstances
The information collection is conducted in accordance with OMB’s guidelines in 5 C.F.R. Part 1320.
8. Consultation with Persons Outside the OTS
Notice of intent to renew this information collection was published in the Federal Register on January 31, 2008 (FR 73 Number 21, page 5913). OTS has not received any comments.
9. Payment of Respondents
OTS provides no payment or gift to respondents.
10. Confidentiality
The assurance of confidentiality is not applicable because the written security program is developed and maintained at the particular institution.
11. Information of a Sensitive Nature
There are no questions of a sensitive nature.
12. Estimated Annual Hour Burden
Estimates for the hour burden of the information collection are as follows. The burden estimate for the written security program and report to the board of directors is 1,664 hours. This is based on an average of two hours per year for each of the 832 savings associations. The estimate is based on the time needed, if any, for the association to amend its security program and submit an annual report to the board of directors. The hour burden on respondents is not expected to vary widely because this has been a long-standing regulatory requirement.
The annualized cost to each respondent is estimated to be a maximum of $100. This is based on an estimate of one hour per year for each respondent to update the security program and one hour per year to prepare a report for the board of directors, times a per hour average of $50. The per hour average cost represents a mixture of management and clerical personnel. The requirement for a written security program has been in effect since 1969; therefore, it is presumed that most, if not all, savings associations should currently have such a program. In addition, there may not be any changes to an institution’s security program in a given year. In those instances, the total annualized cost to respondents would be minimal.
13. Estimate of Annual Cost
There are no start-up costs related to this information collection. The operational or maintenance costs are minimal and are dependent on whether the savings association modifies their policies and procedures.
14. Estimate of Annualized Cost to Government
The total annualized cost to the Federal government is minimal. The information is reviewed by OTS examiners during the course of regularly-scheduled compliance examinations, and review of the security program constitutes only a minimal part of those overall examinations.
15. Reason for Change in Burden
The decrease in burden (from 1,786 to 1,664) is due to a reduction in the number of respondents..
16. Publication
The information collection is not published.
17. Expiration Date
The record keeping involves no form on which an approval number would be displayed.
18. Exceptions
There are no exceptions to the certifications on OMB 83-1.
B. COLLECTION OF INFORMATION EMPLOYING STATISTICAL METHODS
Not applicable.
File Type | application/msword |
File Title | Supporting Statement |
Author | Robin Olebara |
Last Modified By | Ira Mills |
File Modified | 2008-03-31 |
File Created | 2008-01-17 |