The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.
FEDERAL RESERVE BANK OF NEW YORK [ C ircu lar N o. 10450 1 A p ril 1 8 , 1991 REVISION OF REGULATION P Minimum Security Devices and Procedures For Federal Reserve Banks and State Member Banks To All Depository Institutions in the Second Federal Reserve District, and Others Concerned: The following statement has been issued by the Board of Governors of the Federal Reserve System: The Federal Reserve Board has announced revisions to Regulation P (Minimum Security Devices and Procedures for Federal Reserve Banks and State Member Banks). The revisions become effective May 1, 1991. The revisions update provisions adopted in 1969, simplify and clarify existing areas of flexibility, eliminate many obsolete or technical requirements particularly those in Appendix A, and delete refer ences to required reports following elimination of reporting requirements in this area by the Financial Institutions Reform, Recovery, and Enforcement Act of 1989. The revisions do not otherwise substantively change the regulation, which is already relatively brief and flexible, and add no new regulatory burden. Enclosed — for depository institutions and others maintaining sets of Board regulations — is the text of the revised Regulation, which has been reprinted from the Federal Register of March 29; additional, single copies may be obtained at the Bank (33 Liberty Street) from the Issues Division on the first floor, or by calling the Circulars Division (Tel. No. 212-720-5215 or 5216). Questions on this matter may be directed to our Specialized Examinations Department (Tel. No. 212-720-7946). E. G erald C o rr ig a n , President. Friday March 29, 1991 Vol. 56, No. 61 Pp. 13069-13071 Regulation P; Docket No.R-0688 [E n c . Cir. N o. 1 0 4 5 0 ] FEDERAL RESERVE SYSTEM 12 CFR Part 216 [Regulation P; Docket No. R-0688] Security Devices and Procedures AGENCY: Board of Governors of the Federal Reserve System. ACTION: Final rule. SUMMARY: The Board of Governors of the Federal Reserve System (‘‘Board"), in coordination with the other federal bank supervisory agencies, has reviewed Regulation P—Security Devices and Procedures—and determined that it is appropriate to revise the regulation to reflect changes in the technology of security devices, and to implement changes made by the Financial Institutions Reform, Recovery and Enforcement Act of 1989 (“FIRREA"). The proposed revision was published for comment by the Board in April 1990. (55 FR 12850, April 6,1990). The revision incorporates amendments made to the Bank Protection Act of 1968 by FIRREA and provides banks with the flexibility to avoid the technical obsolescence that occurred with the existing regulation. DATES: This regulation is effective May 1,1991; however, renewal of the recordkeeping requirement FR 4004 and discontinuance of the FR 4003 and FR 4005 reports, is effective March 31,1991. FOR FURTHER INFORMATION CONTACT: Elaine M. Boutilier, Senior Attorney (202/452-2418). Legal Division, or Thomas A. Durkin, Regulatory Planning and Review Director (202/452-2326), Office of the Secretary, Board of Governors of the Federal Reserve System, Washington, DC 20551. For the hearing impaired only, Telecommunication Devic° for the Deaf (“TDD”), Dorothea Thompson (202/4523544). SUPPLEMENTARY INFORMATION: The Bank Protection Act of 1968 requires the Federal financial institution supervisory agencies to establish minimum standards for bank security devices and procedures to discourage bank crime and to assist in the identification of persons who commit such crimes. 12 U.S.C. 1882. To implement this statute a uniform regulation was adopted in 1969 by each of the supervisory agencies— Comptroller of the Currency, Federal Deposit Insurance Corporation, Federal Home Loan Bank Board (now known as the Office of Thrift Supervision), and the Board. With the exception of minor changes in 1973 and 1981, this regulation has not been modified since it was first features of security devices as adopted. The Board, along with the mandatory. Nevertheless, security other federal financial institution officers would be expected to identify supervisory agencies, requested the level of risk to their institution and comments on a proposed revision of this adopt an appropriate security program, regulation last year. (55 FR 12850, April taking into consideration applicable 6. 1990). ANSI and UL standards. Appendix B concerned proper The Board received a total of 43 employee conduct after a robbery. comments on the proposed changes to Although this appendix has been Regulation P. Twenty-nine of these eliminated, the Board believes that comments were received from banks: training of employees should be five were received from manufacturers of security equipment: six were received included in a bank’s security program from associations connected with banks and notes that several organizations (e.o.. trade associations): and three were offer training programs for bank employees and security officers. received from Reserve Banks. The Some letters that were generally overall response to the changes was supportive of the revision commented supportive: 32 of the comments that the regulation was too narrow and expressed support for the revisions, while only 11 comments were not should cover “white-collar crime” as well. Regulation P is promulgated in supportive. Four of the five equipment manufacturers opposed the changes, but response to the Bank Protection Act, which is specifically intended to twenty-five of the twenty-nine “discourage robberies, burglaries, and commenting banks were generally larcenies.” While the Board agrees that supportive. The primary objection of those opposing the changes was that the white-collar crimes such as fraud and embezzlement are problems, these revised standards were too vague; in crimes are covered by other laws particular, some commenters opposed deletion of appendix A and appendix B. outside the scope of Regulation P. One of the trade associations opposed The revised regulation establishes a the deletion of these appendices minimum standard by requiring four because, in its view, small institutions specified security devices: A secure have security officers that depend on space for cash; a lighting system for these appendices for guidance. illuminating the vault; an alarm system; Appendix A set forth specifications and tamper resistant locks on exterior for security devices to be used in banks. doors and windows. In addition, the The Board is deleting this appendix proposed regulation establishes the because it is too specific and has contents of a security program, e.q., become obsolete. The Board believes procedures for opening and closing for that any standards that continue to business, for safekeeping of valuables, reference specific security devices are and for identifying persons committing also likely to become obsolete because crimes. These are the minimum technology is continuing to advance at a procedures that should comprise a rapid pace. To avoid the necessity of bank’s security program. To assist banks constantly updating required security in establishing their program, the devices, the revised regulation requires regulation suggests certain factors to be each bank to designate a security officer considered when selecting additional to administer a written security security devices. In making these program, which would require, at a suggestions, the Board notes that in the minimum, that four specific security 22 years since passage of the Bank devices be installed, but leaves it to the Protection Act, trade associations and discretion of the security officer to other vendors have produced security determine which additional security manuals and information designed for devices will best meet the needs of the banks of various sizes. program. In this way the security officer To ensure that a bank’s security can choose the most up-to-date program is reviewed on a regular basis equipment that meets the requirements for effectiveness, the regulation requires of his particular bank. Some a report to be made by the security commenters recommended referring to officer to the bank’s board of directors Underwriters Laboratory (“UL”) at least annually. This changes the previous requirement, which was approval or ANSI specifications as a eliminated by FIRREA, that reports must substitute for appendix A. Because the be filed periodically with a bank’s level of risk varies from institution to institution, the Board does not believe it primary supervisory agency. is appropriate to specify particular Nevertheless, the annual reports to the 2 board of directors should still contain information such as the status of employee training, the number of offenses against the bank, and the success of prosecution for such offenses. When requesting Comments on the proposed amendments to Regulation P, the Board also proposed elimination of three reports relating to recordkeeping and reporting requirements of the regulation: FR 4003 (Statement Regarding Security Devices That Do Not Meet the Minimum Requirements of Regulation P), FR 4004 (Written Security Program for State Member Banks as Required by Regulation P), and FR 4005 (Annual Statement of Compliance with the Bank Protection Act of 1968). Only two comments were received on this issue, and both supported the elimination of the reports. Because the revised regulation still requires a written security program, however, the Board has decided to discontinue only two of these reports—the FR 4003 and FR 4005 reports—effective on March 31,1991. The FR 4004 report, a recordkeeping requirement, has not been discontinued, because banks are still required to maintain a written security program. 1 In accordance with section 3507 of the Paperwork Reduction Act of 1980, (44 U.S.C. 3507, and 5 CFR 1320.13), the discontinuance of the FR 4003 and FR 4005 reports has been reviewed and approved by the Board under Office of Management and Budget delegated authority after consideration of the comments received during the public comment period. Renewal of FR 4004 is approved by the Board under delegated authority (5 CFR 1320.9) to be effective on March 31, 1991, which is less than 30 days from publication of this ruling. The Board finds good cause for an effective date less than 30 days from publication because the authority for the recordkeeping requirement expires on March 31,1991, and a period of time without it would be disruptive to the institutions required to maintain such records. Furthermore, this is a continuation of an existing recordkeeping requirement, so an 1 For purposes ofthe Paperwork Reduction Act, the recordkeeping requirement of this regulation for establishment of written security programs is described as follows: (1) Report title: Written Security Program for State Mepiber Banks; (2) Agency report number FR 4004; (3) OMB Docket num ber 7100-0112; (4) Frequency: recordkeeping; (5) Reporters: State member banks; (6) Annual reporting hours: 513; (7) Estimated average hours per response: 0.5 per year; (8) Number of respondents: 1025.H ie information collection is mandatory (12 U.S.C. 1882(bj). effective date with less than 30 days prior notice has no harmful effect on the institutions involved. Regulatory Flexibility Act Analysis Pursuant to section 605(b) of the Regulatory Flexibility Act (Pub. L. No. 96-354, 5 U.S.C. 601 et seg.), the Board certifies that this final rule will not have a significant economic impact on a substantial number of small entities. Small entities already were complying with the security standards established in the prior regulation, and this revision provides for more flexibility in devising security programs, which should help minimize the existing costs to the institutions. The amendment also deletes two of the three reports required by the government, which should ease the regulatory burden on small institutions. List of Subjects in 12 CFR Part 216 Banks, Banking, Federal Reserve System, Reporting and recordkeeping requirements, Security measures, State member banks. For the reasons set out in the preamble, title 12, part 216 of the Code of Federal Regulations is revised as follows: security officer who shall have the authority, subject to the approval of the board of directors to develop, within a reasonable time, but no later than 180 days, and to administer a written security program for each banking office. § 216.3 Security program. (a) Contents of security program. The security program shall: (1) Establish procedures for opening and closing for business and for the safekeeping of all currency, negotiable securities, and similar valuables at all times: (2) Establish procedures that will assist in identifying persons committing crimes against the institution and that will preserve evidence that may aid in their identification and prosecution. Such procedures may include, but are not limited to: (i) Maintaining a camera that records activity in the banking office: (ii) Using identification devices, such as prerecorded serial-numbered bills, or chemical and electronic devices: and (iii) Retaining a record of any robbery, burglary, or larceny committeed against the bank: (3) Provide for initial and periodic training of officers and employees in PART 216—SECURITY PROCEDURES their responsibilities under the security program and in proper employee Sec. conduct during and after a burglary, 216.1 Authority, purpose, and scope. robbery, or larceny; and 216.2 Designation of security officer. (4) Provide for selecting, testing, 216.3 Security program. operating, and maintaining appropriate 216.4 Report. 216.5 Federal Reserve Banks. security devices, as specified in paragraph (b) of this section. A u t h o r it y : 12 U.S.C. 1881-1884. (b) Security devices. Each member § 2 16 .1 A u th o rity , p u rp o s e , a n d s c o p e . bank shall have, at a minimum, the (a) This regulation is issued by the following security devices: Board of Governors of the Federal (1) A means of protecting cash and Reserve System (the "Board”) pursuant other liquid assets, such as a vault, safe, to section 3 of the Bank Protection Act or other secure space: of 1968 (12 U.S.C. 1882). It applies to (2) A lighting system for illuminating, Federal Reserve Banks and state banks during the hours of darkness, the area that are members of the Federal Reserve around the vault, if the vault is visible System. It requires each bank to adopt from outside the banking office: appropriate security procedures to (3) Tamper-resistent locks on exterior discourage robberies, burglaries, and doors and exterior windows that may be larcenies, and to assist in the opened: identification and prosecution of (4) An alarm system or other persons who commit such acts. appropriate device for promptly (b) It is the responsibility of the notifying the nearest responsible law member bank’s board of directors to enforcement officers of an attempted or comply with this regulation and ensure perpetrated robbery or burglary: and that a written security program for the (5) Such other devices as the security bank’s main office and branches is officer determines to be appropriate, developed and implemented. taking into consideration: (i) The incidence of crimes against i) 2 1 6 .2 D e s ig n a tio n o f s e c u rity o f f ic e r . financial institutions in the area; Upon becoming a member of the (ii) The amount of currency and other Federal Reserve System, a state bank’s valuables exposed to robbery, burglary, board of directors shall designate a or larcency; 3 (iii) The distance of the banking office from the nearest responsible law enforcement officers;’ (iv) The cost of the security devices; (v) Other security measures in effect at the banking office; and (vi) The physical characteristics of the structure of the banking office and its surroundings. maintain a written security program for its main office and branches subject to The security officer for each member bank shall report at least annually to the review and approval of the Board. bank’s board of directors on the B y o r d e r o f th e B o a rd o f G o v e r n o r s o f th e F e d e ra l R e s e rv e S y s te m , M a r c h 2 2 ,1 9 9 1 . implementation, administration, and effectiveness of the security program. J e n n ife r J. J o h n s o n , § 216.4 Report. A s s o c ia te S e c re ta r y o f th e Board. § 216.5 Federal Reserve Banks. Each Reserve Bank shall develop and 4 [F R D o c . 9 1 -7 3 2 0 F ile d 3 -2 & -9 1 ; 8:45 a m ] BILLING CODE 6210-01-M