FR4004_20160729_omb

Supporting Statement for the
Written Security Program for State Member Banks
(FR 4004; OMB No. 7100-0112)
Summary
The Board of Governors of the Federal Reserve System (Board), under delegated
authority from the Office of Management and Budget (OMB), proposes to extend for three years,
without revision, the mandatory Written Security Program for State Member Banks (FR 4004;
OMB No. 7100-0112). This information collection is a recordkeeping requirement contained in
section 208.61 of the Board’s Regulation H (12 CFR 208.61). The board of directors of each
state member bank must designate a security officer to assume the responsibility for the
development and administration of a written security program within 180 days of opening
for business. Each state member bank must develop and implement a written security program
for the bank’s main office and branches and maintain it in the bank’s records. The designated
security officer must report at least annually to the bank’s board of directors on the
implementation, administration, and effectiveness of the written security program. There is
no formal reporting form and the information is not submitted to the Federal Reserve. The
annual burden for the FR 4004 is estimated to be 23 hours (i.e., on average 0.5 hours per bank)
for 45 new state member banks1 and de minimis for all other state member banks.
Background and Justification
The Congress adopted the Bank Protection Act of 1968 (12 U.S.C. § 1882) to establish
minimum standards for banks as to the installation, maintenance, and operation of security
devices and procedures to discourage robberies, burglaries, and larcenies and to assist in the
identification and apprehension of persons who commit such acts.
In response to the passage of the Bank Protection Act (BPA), each of the federal financial
institution supervisory agencies established minimum standards for security devices and
procedures. The requirements established by the Board in 1969 for state member banks were
contained in Regulation P. In the regulation, the Federal Reserve required the board of directors
of each state member bank to designate a security officer to assume the responsibility for the
development and administration of a written security program within 180 days of opening for
business. The original BPA also contained provisions that required financial institutions to
submit periodic reports to their primary federal supervisory agency with respect to the
installation, maintenance, and operation of security devices and the development of security
procedures.
The Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (FIRREA)
included provisions that amended the BPA. The provisions eliminated the requirement that each
bank submit periodic reports to its regulator, but retained the requirement that each bank develop
and implement a written security program. The Federal Reserve amended Regulation P in 1991

1

Average number of state member bank applications approved annually during the past three calendar years.

to reflect this change.2
Effective October 1, 1998, Regulation P, Minimum Security Devices and Procedures for
Federal Reserve Banks and State Member Banks, was rescinded and its provisions were
incorporated into Regulation H (12 CFR § 208.61).3 The Federal Reserve’s action to incorporate
Regulation P into Regulation H was designed to simplify compliance by consolidating regulatory
requirements that apply to state member banks into one regulation.
The Board has determined that Regulation H, section 208.61 continues to require the
board of directors of each state member bank to designate a security officer to assume the
responsibility for the development and administration of a written security program within 180
days of opening for business. The designated security officer must report at least annually to the
bank’s board of directors on the implementation, administration, and effectiveness of the written
security program.
Description of Information Collection
Each state member bank must keep a written security program in its records. This
program should include a requirement to install security devices and should establish procedures
that satisfy minimum standards in the regulation, with the security officer determining the need
for additional security devices and procedures based on the location of the banking office.
Time Schedule for Information Collection
Because the written security program is a recordkeeping requirement, copies of the
program are not collected by the Federal Reserve System and are not published. Bank
examiners verify compliance with this recordkeeping requirement during examinations of state
member banks.
Legal Status
The Board’s Legal Division has determined that the requirements of Regulation H
relating to a written security program are authorized by section 3 of the BPA, which requires
Federal banking agencies to issue rules establishing minimum standards for banks with respect
to the installation, maintenance, and operation of security devices and procedures to discourage
robberies, burglaries, and larcenies (12 U.S.C. § 1882(a); 12 CFR § 208.61). The obligation that
state member banks must develop and implement a written security program and maintain it in
the bank’s records is mandatory.
Because there is no reporting requirement associated with this recordkeeping
requirement, the issue of confidentiality does not normally arise. If a bank’s written security
program is retained during the course of an examination, it would be exempt from disclosure
2

Two other reporting and recordkeeping requirements (FR 4003 and FR 4005; OMB No. 7100-0112) were
discontinued following the Regulation P amendments.
3
See Federal Register notice published July 13, 1998 (63 FR 37665).

2

under exemption 8 of the Freedom of Information Act (FOIA), which protects bank examination
material (5 U.S.C. § 552(b)(8)). In addition, the records may also be exempt from disclosure
under exemption 4 of the FOIA, which protects from disclosure “trade secrets and commercial or
financial information obtained from a person and privileged or confidential” (5 U.S.C. §
552(b)(4)).
Consultation Outside the Agency
On February 23, 2016, the Board published a notice in the Federal Register (81 FR 8958)
requesting public comment for 60 days on the extension, without revision, of the FR 4004. The
comment period for this notice expired on April 25, 2016. The Board did not receive any
comments. On May 26, 2016, the Board published a final notice in the Federal Register
(81 FR 33534).
Estimate of Respondent Burden
The annual recordkeeping burden for the FR 4004 is estimated to be 23 hours (rounded to
the nearest hour), as presented in the following table. The number of respondents is based on the
average number of state member bank applications approved annually during the calendar years
2012 through 2014. These recordkeeping requirements represent less than 1 percent of the total
Federal Reserve System paperwork burden.

FR 4004

Number of
respondents4

Annual
frequency

Estimated
average hours
per response

Estimated
annual burden
hours

45

1

0.5

23

The total annual cost to the public for this information collection is estimated to be $1,222.5
Sensitive Questions
This collection of information contains no questions of a sensitive nature, as defined by
OMB guidelines.

4

Of these respondents, an average of 35 (based on the past three calendar years) is considered to be small entities as
defined by the Small Business Administration (i.e., entities with less than $550 million in total assets)
www.sba.gov/contracting/getting-started-contractor/make-sure-you-meet-sba-size-standards/table-small-businesssize-standards.
5
Total cost to the public was estimated using the following formula: percent of staff time, multiplied by annual
burden hours, multiplied by hourly rates (30% Office & Administrative Support at $17, 45% Financial Managers at
$65, 15% Lawyers at $66, and 10% Chief Executives at $89). Hourly rates for each occupational group are the
(rounded) mean hourly wages from the Bureau of Labor and Statistics (BLS), Occupational Employment and Wages
May 2015, published March 30, 2016 www.bls.gov/news.release/ocwage.t01.htm. Occupations are defined using
the BLS Occupational Classification System, www.bls.gov/soc/.

3

Estimate of Cost to the Federal Reserve System
Annual costs to the Federal Reserve System associated with this recordkeeping
requirement are minimal because there are no reporting forms and the information is not
submitted to the Federal Reserve.

4