-
Supporting Statement
Privacy of Consumer Financial information
OMB Control No. 1550-0103
A. Justification
1. Circumstances and Need
These information collections are required under section 504 of the Gramm-Leach-Bliley Act (Act), Public Law No. 106-102. Section 502 of the Act prohibits a financial institution from disclosing nonpublic personal information about a consumer to nonaffiliated third parties unless the institution satisfies various disclosure requirements (i.e., provides a privacy notice and opt out notice) and the consumer has not elected to opt out of the disclosure. Section 504 requires the Office of Thrift Supervision, as well as the Office of the Comptroller of the Currency, Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, Federal Trade Commission, and Securities and Exchange Commission to issue regulations as necessary to implement the notice requirements and restrictions.
2. Use of Information Collected
Consumers use the privacy notice information to determine whether they want personal information disclosed to third parties that are not affiliated with the institution. Further, consumers use the opt-out notice mechanism to advise the institution of their wishes regarding disclosure of their personal information. Institutions use the opt-out information to determine the wishes of their consumers and to act appropriately.
3. Use of Technology to Reduce Burden
The information collections consist of disclosures, filings from consumers, and internal institution records. Institutions are not prohibited from using any technology that facilitates consumer understanding and response and that permits review, as appropriate, by examiners. In order to reduce burden, a model privacy form has been designed and codified for voluntary use. This standardized form is the result of extensive consumer testing and is designed to make the annual privacy notice easier to read and comprehend by consumers. The recently revised regulations permit institutions to offer choices to their customers for responding to their annual privacy notices in order to provide opt out information. If institutions use the model privacy form, customers may be offered the option to reply by telephone, by mail or on the institution’s website. Additionally, the annual privacy notice itself may be posted electronically by institutions on their websites. The impact of using such technology is unknown because it is not possible to estimate the number of institutions that may elect to offer a telephone or web-based option, or the number of customers who may utilize it.
4. Efforts to Identify Duplication
These information collections are not duplicative within the meaning of the PRA and OMB regulations. Each collection is unique and covers the institution’s particular circumstances.
5. Minimizing the Burden on Small Banks
The information collections do not impose any significant burden beyond that required by the statute. Because of the statutory requirements, there are no significant alternatives that minimize burden on small institutions.
6. Consequences of Less Frequent Collections
The collections in the regulation closely follows the Act, which requires institutions to provide an updated and annually restated notice to their customers of their privacy policies and practices, and to permit consumers to opt-out of disclosure of their personal information.
7. Special Circumstances
These information collections are conducted in a manner consistent with the requirements of 5 CFR Part 1320.
8. Consultation with Persons Outside the Agency
Notice of the intent to renew these information collections was published in the Federal Register on September 15, 2009 (FR 74 page 47311). OTS has not received any comments.
9. Payment or Gift to Respondents
Not applicable.
10. Confidentiality
Not applicable.
11. Questions of a Sensitive Nature
No questions of a sensitive nature are involved.
12. Estimates of Annualized Hour Burden and Associated Cost
The burden estimate for this information collection is as follows: 44,543 total burden hours
Financial Institutions’ Disclosure Requirements
Initial notice (573.4(a)):
Institution prepares and provides initial notice of privacy policies and practices to consumers. The number of respondents is a three-year average of the number of de novo and acquired institutions for 2006, 2007, and 2008. The estimated response time is 80 hours (2 business weeks). The response time of this item may range from one hour to 100 or more hours, with an average of 80 hours.
40 de novos and acquisitions @ 80 hours = 3,200 burden hours
Annual notice (573.5(a)) and Notice of change in terms (573.8(c)):
Institution prepares and provides annual notice to customers. The number of respondents is based on the number of institutions that are supervised by OTS as of August 24, 2009. The average number of de novo and acquired institutions are not included in this respondent count. The estimated response time is 8 hours (1 business day).
788 institutions @ 8 hours = 6,304 burden hours
Opt out and partial opt out (573.7(a)(1)(iii)):
Institution prepares and provides opt out notice to consumers.
674 small institutions (<=$1 billion in assets) x 15% = 101 institutions
114 large institutions (>$1 billion in assets) x 50% = 57
101 small institutions + 57 large institutions = 158 institutions
158 institutions @ 8 hours = 1,264 hours
Consumers’ Reporting Requirements
Opt out and partial opt out notice (573.7(a)(2), (a)(3)(i), and (c)) and Continuing
right to opt out (573.7(f) and (g)):
Consumer makes opt out and partial opt out response to institution.
101 small institutions x 5,000 approx. customers x 3.5% = 17,675 customers
57 large institutions x 25,000 approx. customers x 3.5% = 49,875 customers
17,675 customers (small) + 49,875 customers (large) = 67,550 customers
67,550 customers @ .5 hours = 33,775 hours
Total burden hours: 44,543 burden hours
Cost burden:
The estimated hour burden of this collection is 33,775 burden hours. The following is an estimate of the annualized dollar cost to OTS-regulated institutions of the hour burden for this collection of information broken down by wage rate categories:
Clerical: 25% of 33,775 hours = 8,443.75 hours @ $20 = $168,875
Managerial/Technical: 40 % of 33,775 hours = 13,510 hours @ $40 = $540,400
Senior Management/Professional: 25 % of 33,775 hours = 8,444 hours @ $ 80 = $675,520
Legal: 10 % of 33,775 hours = 3,377.5 hours @ $100 = $337,750
Total estimated dollar cost: $1,722,545
13. Capital/Start-up and Operation/Maintenance Costs
Institutions should be able to use readily available equipment to comply with the information collections. However, some software costs likely will be incurred to add the privacy notice and opt-out notice disclosures, probably to existing institution documents. Most institution documents of this nature are revised on a continuing basis. Therefore, whether the revisions are made in-institution or through a servicer, the cost would be a part of usual and customary business practice.
14. Annualized cost to the Federal Government
Not applicable.
15. Reason for Change in Burden
This submission reflects an increase in burden of 2,196 hours due to the following: Decrease in institution burden from 863 to 788 (from 8,232 hours to 7,568 hours -664 hours). An increase in de novos and acquisitions from 13 to 40 (from 1,040 hours to 3,200 hours an increase of 2,160 hours). A consumer increase from 66,150 to 67,550 (from 33,075 hours to 33,775 an increase of 700 hours).
The Agencies‘ have designed a model privacy form that is voluntary for institutions to use to meet their annual notice requirements. The model privacy notice form does not add to the burden estimates contained herein.
16. Publication
These are disclosures from institutions to consumers and filings from consumers to institutions. OTS is not collecting data; therefore, it has no information to publish and no plans to publish any data for statistical or other purposes.
17. Display of Expiration Dates
Not applicable.
18. Exceptions to Certification
Not applicable.
B. STATISTICAL METHODS
Not applicable.
| File Type | application/msword |
| File Title | Supporting Statement |
| Author | FDIC |
| Last Modified By | Ira Mills |
| File Modified | 2010-01-21 |
| File Created | 2009-08-27 |