60-Day FR Notice

1557-0350 60-Day FR Notice for Computer Security Incident Notification (Part 53) (89 FR 93827).pdf

Computer-Security Incident Notification

60-Day FR Notice

OMB: 1557-0350

Document [pdf]
Download: pdf | pdf
ddrumheller on DSK120RN23PROD with NOTICES1

Federal Register / Vol. 89, No. 229 / Wednesday, November 27, 2024 / Notices
Contracts, Excessive Bonding, Brand
Name Only, and Geographic
Restrictions (formerly In-State or Local
Geographic Restrictions). Regarding
geographic restrictions, changes since
the last circular update include
authority in IIJA to apply local hiring
targets to construction projects, and the
removal of a former prohibition against
geographic restrictions from 2 CFR part
200. A reference to Self-Dealing and Bid
Rigging would be added to the list of
prohibited restrictions on competition.
The section on Organizational
Conflicts of Interest would be revised to
include new guidance on the
Recipient’s Conflicts in accordance with
current regulation. Updates to
Contractor’s Conflicts would include
expanded guidance on Biased Ground
Rules in accordance with existing
The Prohibited or Restricted Contract
Types section would be simplified, with
clarifications on Cost Plus a Percentage
of Cost—Prohibited, Percentage of
Construction Cost—Prohibited, and
Time and Materials—Restricted.
Subsections on When to Use and Firm
Ceiling Price would be removed as
Methods of Procurement would be
revised to reflect updated Federal
regulations, including a new section on
Self-Certified Micro-Purchase
Thresholds, which were introduced by
a new provision in 2 CFR part 200 that
took effect in 2024. Under the new
provision, a recipient may set for itself
a micro-purchase threshold that is
higher than the Federal micro-purchase
threshold. Procedures, including
Distribution (formerly Competition) and
Documentation, would be clarified, and
the Small Purchases subsection would
be renamed Simplified Acquisitions for
accuracy, regulatory alignment, and to
avoid confusion with FTA’s unrelated
‘‘small purchases’’ Buy America waiver.
The Simplified Acquisitions section
would be updated to align with the
current regulations, including updates
to Competition and Documentation.
Sealed Bids (Formal Advertising)
would undergo updates to align with
current Federal regulations and simplify
guidance, with specific clarifications in
When Appropriate, Fixed Price
Contract, Discussions Unnecessary, and
Procurement Procedures.
Competitive Proposals (Request for
Proposals) would be updated for
regulatory consistency, with
clarification in When Appropriate and
Discussion Expected. Procurement
Procedures would see updates in Notice
(formerly Publicity), Written Procedures
(formerly Evaluation Method), Price and

VerDate Sep<11>2014

18:47 Nov 26, 2024

Jkt 265001

Other Factors, and the absorption of
Best Value into Price and Other Factors.
The section on Two-Step Procurement
Procedures would receive additional
guidance and clarifications.
Guidance on Architectural and
Engineering (A&E) Services and Other
Services would be updated for clarity,
and a new statement would be added to
make clear that Multiple Award
Indefinite-Delivery A&E Contracts are
Information on Design-Bid-Build
(DBB) would be incorporated into a new
section on Mixed A&E-Construction
Contracts, covering both DBB and
Progressive Design-Build (PDB). The
Procurement Method section would be
updated, with Construction
Predominant, Design Services
Predominant, and Selection Processes
sections absorbed into Procurement
Method for streamlined guidance.
The Other Than Full and Open
Competition section would be revised to
more closely follow Federal regulations.
Guidance on Micro-Purchases, Sole
Source, Unsolicited Proposals, and
Restricted Data Rights would be
updated for clarity. The Exigency or
Emergency section would be clarified,
with Unusual and Compelling Urgency
absorbed under Exigency or Emergency.
The significantly outdated paragraph
about Associated Capital Maintenance
Item Exception would be removed.
Updates would clarify guidance on
Cardinal Changes, including revised
guidance on when cardinal changes
impair competition and how to
recognize cardinal changes that impair
Eligible Costs would be updated to
align with the current Federal regulation
and FTA policy in its Master
Agreement. The section on Adjustments
to Project Costs would be removed as
Cost Analysis and Price Analysis
would receive minor revisions for
clarity and organization, and the
sentence on Federal cost principles
would be removed as redundant with
the following subsection, Guidance on
Cost and Price Analysis.
Guidance on Evaluations and Contract
Award would be updated with minor
changes for clarity, and a new
information on disqualifying offerors
with recent Tax Liability or Felony
Chapter VII
Chapter VII in Circular 4220.1F deals
with protests, changes, disputes, and
appeals of the recipient’s procurement
decisions to FTA. The proposed circular
would eliminate Chapter VII and
replace it with a new paragraph in

PO 00000

Frm 00281

Fmt 4703

Sfmt 4703


proposed Chapter III on Recipient
Responsibilities and FTA’s Role in
Procurement Disputes. That paragraph
would restate the current regulation,
which commits procurement decisions
to the discretion of the recipient and
states that FTA will not substitute its
judgment for that of the recipient unless
the matter is primarily a Federal
concern. It also would state FTA’s
interest in settlements of procurement
disputes that would commit Federal
funds or the proceeds of procurement
disputes arising from federally funded
FTA proposes to revise the
appendices of the circular to improve
accuracy, accessibility, and ensure
alignment with current best practices.
Specifically, Appendix A, References,
would be revised to reflect sources
incorporated in this version. Appendix
B, FTA Regional and Metropolitan
Office Contact Information, and
Appendix C, Third Party Contracting
Checklist, would be removed to
streamline the document and focus on
core guidance. Additionally, Appendix
D, Provisions, Certifications, Reports,
Forms, and Other—Matrices, would be
removed to enable more timely updates
to this information on the FTA website.
After a review and consideration of
the comments provided on the updates
proposed, FTA will publish the updated
Third Party Contracting Guidance
Circular (C 4220.1G) on its website and
will announce the availability of the
updated circular and the response to
comments in the Federal Register.
Veronica Vanterpool,
Deputy Administrator.
[FR Doc. 2024–27645 Filed 11–26–24; 8:45 am]

Office of the Comptroller of the
Agency Information Collection
Activities: Information Collection
Renewal; Comment Request;
Computer-Security Incident
Office of the Comptroller of the
Currency (OCC), Treasury.
ACTION: Notice and request for

The OCC, as part of its
continuing effort to reduce paperwork
and respondent burden, invites





Federal Register / Vol. 89, No. 229 / Wednesday, November 27, 2024 / Notices

comment on a continuing information
collection, as required by the Paperwork
Reduction Act of 1995 (PRA). In
accordance with the requirements of the
PRA, the OCC may not conduct or
sponsor, and the respondent is not
required to respond to, an information
collection unless it displays a currently
valid Office of Management and Budget
(OMB) control number. The OCC is
soliciting comment concerning the
renewal of its information collection
titled, ‘‘Computer-Security Incident
Comments must be received by
January 27, 2025.
ADDRESSES: Commenters are encouraged
to submit comments by email, if
possible. You may submit comments by
any of the following methods:
• Email: prainfo@occ.treas.gov.
• Mail: Chief Counsel’s Office,
Attention: Comment Processing, Office
of the Comptroller of the Currency,
Attention: 1557–0350, 400 7th Street
SW, Suite 3E–218, Washington, DC
• Hand Delivery/Courier: 400 7th
Street SW, Suite 3E–218, Washington,
DC 20219.
• Fax: (571) 293–4835.
Instructions: You must include
‘‘OCC’’ as the agency name and ‘‘1557–
0350’’ in your comment. In general, the
OCC will publish comments on
www.reginfo.gov without change,
including any business or personal
information provided, such as name and
address information, email addresses, or
phone numbers. Comments received,
including attachments and other
supporting materials, are part of the
public record and subject to public
disclosure. Do not include any
information in your comment or
supporting materials that you consider
confidential or inappropriate for public
Following the close of this notice’s
60-day comment period, the OCC will
publish a second notice with a 30-day
comment period. You may review
comments and other related materials
that pertain to this information
collection beginning on the date of
publication of the second notice for this
collection by the method set forth in the
next bullet.
• Viewing Comments Electronically:
Go to www.reginfo.gov. Hover over the
‘‘Information Collection Review’’ tab
and click on ‘‘Information Collection
Review’’ from the drop-down menu.
From the ‘‘Currently under Review’’
drop-down menu, select ‘‘Department of
Treasury’’ and then click ‘‘submit.’’ This
information collection can be located by
searching OMB control number ‘‘1557–

ddrumheller on DSK120RN23PROD with NOTICES1


VerDate Sep<11>2014

18:47 Nov 26, 2024

Jkt 265001

0350’’ or ‘‘Computer-Security Incident
Notification.’’ Upon finding the
appropriate information collection, click
on the related ‘‘ICR Reference Number.’’
On the next screen, select ‘‘View
Supporting Statement and Other
Documents’’ and then click on the link
to any comment listed at the bottom of
the screen.
• For assistance in navigating
www.reginfo.gov, please contact the
Regulatory Information Service Center
at (202) 482–7340.
Shaquita Merritt, Clearance Officer,
(202) 649–5490, Chief Counsel’s Office,
Office of the Comptroller of the
Currency, 400 7th Street SW,
Washington, DC 20219. If you are deaf,
hard of hearing, or have a speech
disability, please dial 7–1–1 to access
telecommunications relay services.
PRA (44 U.S.C. 3501 et seq.), Federal
agencies must obtain approval from the
OMB for each collection of information
that they conduct or sponsor.
‘‘Collection of information’’ is defined
in 44 U.S.C. 3502(3) and 5 CFR
1320.3(c) to include agency requests or
requirements that members of the public
submit reports, keep records, or provide
information to a third party. Section
3506(c)(2)(A) of title 44 generally
requires Federal agencies to provide a
60-day notice in the Federal Register
concerning each proposed collection of
information, including each proposed
extension of an existing collection of
information, before submitting the
collection to OMB for approval. To
comply with this requirement, the OCC
is publishing notice of the renewal of
this collection.
Title: Computer-Security Incident
OMB Control No.: 1557–0350.
Type of Review: Regular.
Affected Public: Businesses or other
Description: Pursuant to 12 CFR part
53, the OCC has established certain
computer-security incident notification
requirements applicable to banking
organizations 1 and bank service
providers.2 Specifically, 12 CFR 53.3
requires a banking organization to notify
the OCC about a ‘‘notification incident’’
1 A banking organization as ‘‘a national bank,
Federal savings association, or Federal branch or
agency of a foreign bank; provided, however, that
no designated financial market utility shall be
considered a banking organization.’’ 12 CFR
2 A bank service provider is ‘‘a bank service
company or other person that performs covered
services; provided, however, that no designated
financial market utility shall be considered a bank
service provider.’’ 12 CFR 53.2(b)(2).

PO 00000

Frm 00282

Fmt 4703

Sfmt 4703

as soon as possible but no later than 36
hours after the banking organization
determines that a notification incident
has occurred. The regulation defines a
‘‘notification incident’’ as ‘‘a computersecurity incident that has materially
disrupted or degraded, or is reasonably
likely to materially disrupt or degrade,
a banking organization’s—(i) [a]bility to
carry out banking operations, activities,
or processes, or deliver banking
products and services to a material
portion of its customer base, in the
ordinary course of business; (ii)
[b]usiness line(s), including associated
operations, services, functions, and
support, that upon failure would result
in a material loss of revenue, profit, or
franchise value; or (iii) [o]perations,
including associated services, functions
and support, as applicable, the failure or
discontinuance of which would pose a
threat to the financial stability of the
United States.’’ 3
Additionally, a bank service provider
must notify at least one bank-designated
point of contact at each affected banking
organization customer as soon as
possible when the bank service provider
determines that it has experienced a
computer-security incident that has
materially disrupted or degraded, or is
reasonably likely to materially disrupt
or degrade, covered services provided to
such banking organization for four or
more hours.
Estimated Burden:
Estimated Frequency of Response: On
occasion; event generated.
Estimated Number of Respondents:
Reporting: 100 Respondents.
Disclosure: 832 Respondents.
Estimated Total Annual Burden:
2,795 hours.
Comments submitted in response to
this notice will be summarized and
included in the request for OMB
approval. All comments will become a
matter of public record. Comments are
invited on:
(a) Whether the collection of
information is necessary for the proper
performance of the functions of the
OCC, including whether the information
has practical utility;
(b) The accuracy of the OCC’s
estimate of the burden of the collection
of information;
(c) Ways to enhance the quality,
utility, and clarity of the information to
be collected;
(d) Ways to minimize the burden of
the collection on respondents, including
3 12 CFR 53.2(b)(7). A ‘‘computer-security
incident’’ is ‘‘an occurrence that results in actual
harm to the confidentiality, integrity, or availability
of an information system or the information that the
system processes, stores, or transmits.’’ 12 CFR



Federal Register / Vol. 89, No. 229 / Wednesday, November 27, 2024 / Notices
through the use of automated collection
techniques or other forms of information
technology; and
(e) Estimates of capital or start-up
costs and costs of operation,
maintenance, and purchase of services
to provide information.
Patrick T. Tierney,
Assistant Director, Office of the Comptroller
of the Currency.
[FR Doc. 2024–27876 Filed 11–26–24; 8:45 am]

Office of Foreign Assets Control
Notice of OFAC Sanctions Action
Office of Foreign Assets
Control, Treasury.

ddrumheller on DSK120RN23PROD with NOTICES1


VerDate Sep<11>2014

18:47 Nov 26, 2024

Jkt 265001



The U.S. Department of the
Treasury’s Office of Foreign Assets
Control (OFAC) is publishing the names
of one or more persons that have been
placed on OFAC’s Specially Designated
Nationals and Blocked Persons List
(SDN List) based on OFAC’s
determination that one or more
applicable legal criteria were satisfied.
All property and interests in property
subject to U.S. jurisdiction of these
persons are blocked, and U.S. persons
are generally prohibited from engaging
in transactions with them.
DATES: This action was issued on
October 30, 2024. See SUPPLEMENTARY
INFORMATION for relevant dates.
OFAC: Associate Director for Global

PO 00000

Frm 00283

Fmt 4703

Sfmt 4703


Targeting, 202–622–2420; or https://

Electronic Availability
The SDN List and additional
information concerning OFAC sanctions
programs are available on OFAC’s
website: https://ofac.treasury.gov.
Notice of OFAC Action(s)
On October 30, 2024, OFAC
determined that the property and
interests in property subject to U.S.
jurisdiction of the following persons are
blocked under the relevant sanctions
authorities listed below.



File Typeapplication/pdf
File Modified0000-00-00
File Created2024-11-27

© 2025 OMB.report | Privacy Policy