(2020) 3038-0055 Final Supporting Statement 2020 Renewal (2-10-20)

(2020) 3038-0055 Final Supporting Statement 2020 Renewal (2-10-20).docx

Privacy of Consumer Financial Information

OMB: 3038-0055

Document [docx]
Download: docx | pdf


SUPPORTING STATEMENT FOR NEW AND REVISED INFORMATION COLLECTIONS


OMB CONTROL NUMBER 3038-0055


Justification


1. Explain the circumstances that make the collection of information necessary. Identify any legal or administrative requirements that necessitate the collection. Attach a copy of the appropriate section of each statute and regulation mandating or authorizing the collection of information.

Section 124 of the Commodity Futures Modernization Act of 20001 (“CFMA”) amended the Commodity Exchange Act (the “Act”) and added a new Section 5g2 to the Act to (i) add that futures commission merchants, commodity trading advisors, commodity pool operators, and introducing brokers that are subject to CFTC jurisdiction with respect to any financial activity shall be treated as a financial institution for purposes of Title V, Subtitle A of the Gramm-Leach-Bliley Act (“GLB Act”), (ii) treat the Commission as a Federal functional regulator for purposes of applying the provisions of the GLB Act, and (iii) direct the Commission to prescribe regulations under Title V of the GLB Act. The Commission adopted regulations for these entities under part 160 and later extended them to retail foreign exchange dealers, swap dealers, and major swap participants.3 Part 160 requires those subject to the regulations, among other things, to provide privacy and opt out notices to customers and to adopt appropriate policies and procedures to safeguard customer records and information.


2. Indicate how, by whom, and for what purpose the data would be used. Except for a new collection, indicate the actual use the agency has made of the information received from the current collection.


The financial institutions covered by these regulations must prepare and provide the initial privacy notice to all current and all new customers at the time of establishing a customer relationship. Subsequently, subject to a limited exception, an annual notice must be provided to all customers at least once during a 12–month period during the continuation of the customer relationship. The initial notice and opt out notice must be provided to a consumer prior to disclosing nonpublic personal information to certain nonaffiliated third parties. The financial institutions must also have policies and procedures to safeguard customer records and information.


3. Describe whether, and to what extent, the collection of information involves the use of automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g. permitting electronic submission of responses, and the basis for the decision for adopting this means of collection. Also describe any consideration of using information technology to reduce burden.


The required privacy notices may be distributed to consumers electronically upon the consumer’s consent. Therefore, a financial institution may reasonably expect that a customer who uses the institution’s website to obtain financial products and services will receive actual notice of the annual privacy notice if the customer has agreed to accept notices at the institution’s website and the institution continuously posts a current notice of its privacy policies and practices in a clear and conspicuous manner on the website. In addition, the regulations provide that an institution may provide an electronic mail address as a reasonable means for the consumer to opt out of the institutions’ information sharing practices with non-affiliated third parties.


4. Describe efforts to identify duplication. Show specifically why any similar information already available cannot be used or modified for use for the purposes described in Item 2 above.


The type of information required to be collected under the regulation is not currently collected nor is the information available for public disclosure through any other source.


5. If the collection of information involves small business or other small entities (Item 5 of OMB From 83-I), describe the methods used to minimize burden.


The requirements of these regulations are mandated by the GLB Act and the CFMA and, therefore, the Commission does not grant any exceptions to small entities from the requirements at this time. The regulations provide substantial flexibility, however, that financial institutions may tailor their practices to their individual needs, such as financial institutions providing joint notices if the notice applies to all institutions covered by the notice.


6. Describe the consequence to the Federal Program or policy activities if the collection were conducted less frequently as well as any technical or legal obstacles to reducing burden.


The GLB Act mandates that initial and annual privacy notices must be provided by financial institutions to consumers with whom the financial institution has a customer relationship and that the CFTC, among other agencies, establish appropriate safeguards for the financial institutions subject to their jurisdiction relating to administrative, technical and physical safeguards—(1) to insure the security and confidentiality of customer records and information; (2) to protect against any anticipated threats or hazards to the security or integrity of such records; and (3) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.


7. Explain any special circumstances that require the collection to be conducted in a manner:


- requiring respondents to report information to the agency more often than quarterly;


The collections required by these proposed regulations are not required to be reported to the Commission.


- requiring respondents to prepare a written response to a collection of information in fewer than 30 days after receipt of it:


This does not apply.


- requiring respondents to submit more that an original and two copies of any document;


This does not apply.


- requiring respondents to retain records other than health, medical, government contract, grant-in-aid, or tax records, for more than three years;


Commission regulation 1.31(b) expressly requires that books and records required to be kept by the Commodity Exchange Act (“CEA”) or Commission regulations be retained for certain specified periods. Other than with respect to oral communications, the shortest of these periods is five years from the date of creation.


- in connection with a statistical survey, that is not designed to produce valid and reliable results that can be generalized to the universe of study;


The proposed regulations do not involve a statistical survey.


- requiring the use of a statistical data classification that has not been reviewed and approved by OMB;


The proposed regulations do not involve the use of statistical data.


- that includes a pledge of confidentiality that is not supported by authority established in statue or regulation, that is not supported by disclosure and data security policies that are consistent with the pledge, or which unnecessarily impedes sharing of data with other agencies for compatible confidential use; or


This does not apply.


- requiring respondents to submit proprietary trade secrets, or other confidential information unless the agency can demonstrate that it has instituted procedures to protect the information's confidentiality to the extent permitted by law.


This does not apply.


8. If applicable, provide a copy and identify the date and page number of publication in the Federal Register of the agency's notice required by 5 C.F.R. 1320.8(d), soliciting comments on the information collection prior to submission to OMB. Summarize public comments received in response to that notice and describe actions taken by the agency in response to these comments. Specifically address comments received on cost and hour burden.


A copy of the Federal Register notice soliciting comments on this information collection was published on December 11, 2019 (84 FR 67724). No relevant comments were received.


Describe efforts to consult with persons outside the agency to obtain their views on the availability of data, frequency of collection, the clarity of instructions and recordkeeping disclosure, or reporting format (if any, and on the data elements to be recorded, disclosed, or reported.


The Commission consulted the National Futures Association when the Part 160 regulations were initially published to determine the availability of data, frequency of collection and the clarity of instructions and recordkeeping disclosure and on the data elements to be recorded, disclosed, or reported. In addition, the Commission has taken into account public comments on its proposed PRA calculations relating to Part 160.


Consultation with representatives of those from whom information is to be obtained or those who must compile records should occur at least once every three years—even if the collection of information activity is the same as in prior periods. There may be circumstances that may preclude consultation in a specific situation. These circumstances should be explained.


This question does not apply.


9. Explain any decision to provide any payment or gift to respondents, other than remuneration of contractors or grantees.

This question does not apply.

10. Describe any assurance of confidentiality provided to respondents and the basis for the assurance in statute, regulations, or agency policy.

The Commission does not provide respondents with an assurance of confidentiality, only to the extent provided by law. The Commission fully complies with section 8(a)(1) of the CEA, which strictly prohibits the Commission, unless specifically authorized by the CEA, from making public “data and information that would separately disclose the business transactions or market positions of any person and trade secrets or names of customers.”


11. Provide additional justification for any questions of a sensitive nature, such as sexual behavior and attitudes, religious beliefs, and other matters that are commonly considered private. This justification should include the reasons why the agency considers the questions necessary, the specific uses to be made of the information, the explanation to be given to persons from whom the information is requested, and any steps to be taken to obtain their consent.


The proposed regulations do not require the giving of sensitive information, as that term is used in Question 11.


12. Provide estimates of the hour burden of the collection of information. The Statement should:


- Indicate the number of respondents, frequency of response, annual hour burden and an explanation of how the burden was estimated. Unless directed to do so, agencies should not conduct special surveys to obtain information on which to base hour burden estimates. Consultation with a sample (fewer than ten) of potential respondents is desirable. If the hour burden on respondents is expected to vary widely because of differences in activity, size or complexity, show the range of estimated hour burden, and explain the reasons for the variance. Generally, estimates should not include burden hours for customary and usual business practices.


- If the request for approval covers more than one form, provide separate hour burden estimates for each form and aggregate the hour burdens in Item 13 of OMB Form 83-I.


- Provide estimates of annualized cost to respondents for the hours burdens for collections of information, identifying and using appropriate wage rate categories. The cost of contracting out or paying outside parties for information collection activities should not be included here. Instead, this cost should be included in Item 13.


See Attachment A.


13. Provide an estimate of the total annual cost burden to respondents or recordkeepers resulting from the collection of information. (Do not include the cost of any hour burden shown in Items 12 and 14).


- The cost estimate should be split into two components; (a) a total capital and start-up cost component (annualized over its expected useful life) and (b) a total operation and maintenance and purchase of services component. The estimates should take into account costs associated with generating, maintaining, and disclosing or providing the information. Include descriptions of methods used to estimate major costs factors including system and technology acquisition, expected useful life of capital equipment, the discount rate(s), and the time period over which costs will be incurred. Capital and start-up costs include, among other items, preparations for collecting information such as purchasing computers and software, monitoring, sampling, drilling and testing equipment, and record storage facilities.


- If cost estimates are expected to vary widely, agencies should present ranges of cost burdens and explain the reasons for the variance. The cost of purchasing or contracting out information collection services should be a part of this cost burden estimate, agencies may consult with a sample of respondents (fewer than ten), utilize the 60-day pre-OMB submission public comment process and use existing economic or regulatory impact analysis associated with the rulemaking containing the information collection, as appropriate.


- Generally, estimates should not include purchases of equipment or services, or portions thereof, made: (1) prior to October 1, 1995, (2) to achieve regulatory compliance with requirements not associated with the information collection, (3) for reasons other than to provide information or keep records for the government or (4) as part of customary and usual business or private practices.


The proposed regulations covered by this collection require no new start-up or operations and maintenance costs.


14. Provide estimates of the annualized costs to the Federal Government. Also provide a description of the method used to estimate cost, which should include quantification of hours, operational expenses (such as equipment, overhead, printing and support staff), and any other expense that would not have been incurred without this collection of information. Agencies may also aggregate cost estimates from Items 12, 13, and 14 in a single table.


Financial institutions are not required to provide copies of the related notices to the Commission, and the Commission is not required to review each institution’s privacy policies. Consequently, the annualized cost to the Commission should be minimal, except in cases where the Commission initiates an enforcement proceeding against an institution for non-compliance with the rule.


15. Explain the reasons for any program changes or adjustments reported in Items 13 or 14 of the OMB Form 83-I.


This question does not apply.


16. For collection of information whose results are planned to be published for statistical use, outline plans for tabulation, statistical analysis, and publication. Provide the time schedule for the entire project, including beginning and ending dates of the collection of information, completion of report, publication dates, and other actions.


This question does not apply.


17. If seeking approval to not display the expiration date for OMB approval of the information collection, explain the reasons that display would be inappropriate.

This question does not apply.


18. Explain each exception to the certification statement identified in Item 19, "Certification for Paperwork Reduction Act Submissions," of OMB Form 83-I.


This question does not apply.


Attachment A




Part 160

Privacy of Consumer Financial Information



Estimated # of Respondents

Total Annual Responses

Estimated Total Number of Hours of Annual Burden in a Fiscal Year


2,7894

264,955

8,458









1 Section 124, Appendix E of Pub. L. 106-554, 114 Stat. 2763 (2000).

2 7 U.S.C. 7b-2.

3 17 CFR Part 160. See Privacy of Customer Information, 66 FR 21235 (April 27, 2001); Regulation of Off-Exchange Retail Foreign Exchange Transactions and Intermediaries, 75 FR 55409 (Sept. 10, 2010); and Privacy of Consumer Financial Information; Conforming Amendments Under Dodd-Frank Act, 76 FR 43874 (July 22, 2011).

4 2,789 Respondents x 3.0326 (the average burden hours per Respondent) = 8,458.

File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
File Modified0000-00-00
File Created0000-00-00

© 2024 OMB.report | Privacy Policy