Supporting Statement for the
Written Security Program for State Member Banks
(FR 4004; OMB No. 7100-0112)
The Board of Governors of the Federal Reserve System (Board), under authority
delegated by the Office of Management and Budget (OMB), has extended for three years,
without revision, the Written Security Program for State Member Banks (FR 4004; OMB No.
7100-0112). This information collection arises from a recordkeeping requirement contained in
section 208.61 of the Board’s Regulation H - Membership of State Banking Institutions in the
Federal Reserve System (12 CFR Part 208), which requires each state member bank to develop
and maintain a written security program for the bank’s main office and branches within 180 days
of becoming a member of the Federal Reserve System.
The estimated total annual burden for the FR 4004 is 14 hours.
Background and Justification
Section 3 of the Bank Protection Act of 1968, as amended,1 requires the Board to
promulgate rules establishing minimum standards for state member banks regarding the
installation, maintenance, and operation of security devices and the maintenance of procedures to
discourage robberies, burglaries, and larcenies and to assist in the identification and
apprehension of persons who commit such acts. Section 208.61 of the Board’s Regulation H
implements this statutory provision and requires state member banks to adopt a written security
program, designate a security officer who administers the security program, and maintain certain
security devices. The requirements of section 208.61 of Regulation H, including the required
contents of the written security program discussed below, were developed following extensive
consultation with the banking community, law enforcement officials, insurance representatives,
security equipment specialists, and the other federal banking regulatory agencies regarding the
minimum standards needed to deter crimes against financial institutions and assist in the
apprehension of perpetrators of such crimes. In the absence of this recordkeeping requirement,
this information would not be available from other sources.
Description of Information Collection
Each state member bank must keep a written security program. The program must be
developed by a security officer designated by the bank’s board of directors. This program must
establish procedures for opening and closing for business and for the safekeeping of all currency,
negotiable securities, and similar valuables; establish procedures that will assist in identifying
persons committing crimes against the institution and that will preserve evidence that may aid in
their identification and prosecution; provide for initial and periodic security training of officers
and employees in their responsibilities under the security program and in proper employee
conduct during and after a burglary, robbery, or larceny; and provide for selecting, testing,
operating, and maintaining appropriate security devices.
12 U.S.C. § 1882.
The FR 4004 panel comprises state member banks. The FR 4004 impacts all member
banks, regardless of size. Development of a written security program will typically be less
burdensome for smaller institutions with a fewer bank branches.
Time Schedule for Information Collection
A state member bank must implement a written security program within 180 days of
becoming a member of the Federal Reserve System. The state member bank must keep a copy of
its current written security program. Continued recordkeeping of the written security program is
necessary to ensure the proper implementation, administration, and effectiveness of the security
program. The written security program is a recordkeeping requirement, and copies of the
program are not collected by the Federal Reserve System or published. Bank examiners verify
compliance with this recordkeeping requirement during examinations of state member ba nks.
Public Availability of Data
No data is collected by the Board pursuant to this information collection or made
available by the Board to the public.
Section 3 of the Bank Protection Act of 1968 authorizes the FR 4004 recordkeeping
requirement (12 U.S.C. § 1882(a)).2 The FR 4004 is mandatory.
Entities subject to the FR 4004 recordkeeping requirement generally are not required to
provide such information to the Board. If the Board obtained information retained pursuant to the
FR 4004 as part of an examination or supervision of a financial institution, it may be considered
confidential under exemption 8 of the Freedom of Information Act (FOIA) (5 U.S.C. §
552(b)(8)). Information provided under the FR 4004 may also be kept confidential under FOIA
exemption 4 as confidential commercial or financial information that is both customarily and
actually treated as private (5 U.S.C. § 552(b)(4)).
Consultation Outside the Agency
The Board consulted with the Office of the Comptroller of the Currency (OCC), which
has a similar regulation requiring a written security program for OCC-supervised entities, with
respect to this proposal.
Requiring federal banking agencies, including the Board, to issue rules establishing minimum standards for banks
with respect to the installation, maintenance, and operation of security devices and procedures to discourage
robberies, burglaries, and larcenies and to assist in the identification and apprehension of persons who commit such
On November 23, 2021, the Board published an initial notice in the Federal Register (86
FR 66559) requesting public comment for 60 days on the extension, without revision, of the
FR 4004. The comment period for this notice expired on January 24, 2022. The Board did not
receive any comments. The Board adopted the extension, without revision, of the FR 4004 as
originally proposed. On March 2, 2022, the Board published a final notice in the Federal
Register (87 FR 11707).
Estimate of Respondent Burden
As shown in the table below, the estimated total annual burden for the FR 4004 is 14
hours. The estimated number of respondents is based on the average number of state member
bank applications approved annually during the calendar years 2018 through 2020. The Board
believes that it is usual and customary for a state member bank to maintain a written security
program. Therefore, it has excluded the time and financial resources necessary to create such a
program from its estimated average burden for the FR 4004. The Board estimates that, because
of the specific requirements of section 208.61 of Regulation H, a new state member bank will, on
average, require one additional hour to create a written security program that is compliant with
that section than would be usual and customary in the creation of a written security program. The
Board does not estimate that an existing state member bank would incur any additional ongoing
recordkeeping burden to keep the records required by section 208.61 of Regulation H beyond
what is usual and customary to maintain a written security program. These recordkeeping
requirements represent less than 1 percent of the Board’s total paperwork burden.
average hours annual burden
The estimated total annual cost to the public for the FR 4004 is $846.4
This collection of information contains no questions of a sensitive nature, as defined by
Of these respondents, 9 are considered small entities as defined by the Small Business Administration (i.e., entities
with less than $600 million in total assets), https://www.sba.gov/document/support--table-size-standards. There are
no special accommodations given to mitigate the burden on small institutions.
Total cost to the public was estimated using the following formula: percent of staff time, multiplied by annual
burden hours, multiplied by hourly rates (30% Office & Administrative Support at $21, 45% Financial Managers at
$74, 15% Lawyers at $71, and 10% Chief Executives at $102). Hourly rates for each occupational group are the
(rounded) mean hourly wages from the Bureau of Labor Statistics (BLS), Occupational Employment and Wages,
May 2021, published March 31, 2022, https://www.bls.gov/news.release/ocwage.t01.htm. Occupations are defined
using the BLS Standard Occupational Classification System, https://www.bls.gov/soc/.
Estimate of Cost to the Federal Reserve System
The estimated cost to the Federal Reserve System is negligible because there are no
reporting forms and the information is not submitted to the Federal Reserve.