Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official. 
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure. 
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
Federal Register Publications

FDIC Federal Register Citations

From: Richard Wilkinson [mailto:rwilkinson@wcb.net] 
Sent: Thursday, June 17, 2004 6:52 PM
To: Comments
Subject: FDIC RIN: 3064-AC77 Joint Notice of Proposed Rulemaking - Proper Disposal of Consumer Information Under the FACT Act of 2003
Importance: High
Sensitivity: Confidential  

FDIC RIN: 3064-AC77

Dear Sir:

Thank you for this opportunity to comment on this proposed rule change.
With the continued onslaught of Identity Theft, safeguarding customer
information has become a high priority to banking.

It would seem that proper disposal of customer information would not require
lengthy, burdensome regulations, as it is almost a common sense procedure.
However, most of us understand that it is the simple day-to-day functions
that are most often neglected. I am of course referring to our trash.

Having said this I would like to comment on a few of the proposed regulation
changes.

First, the term "service provider" may be a bit vague. Does this include
janitorial services, building and office equipment maintenance contracts?
There are many different type of service providers in the banking
environment that come into contact with documents that are being disposed of
or otherwise in view.

Second, the provision in paragraph II.B., which mandate each financial
institution to contractually require its service providers to develop
appropriate measures for the proper disposal of consumer information and,
where warranted, to "monitor" its service providers to confirm that they
have satisfied their contractual obligations, may be impossible to comply
with. Can the Agencies give some guidance on how to monitor this function
an under what conditions warrant monitoring? Banks that contract with
document disposal services are taking a huge risk of allowing their
customers to become victim to identity theft. Once the document(s) leave
the bank, there is no control. The argument that the disposal company is
bonded misses the point. Being bonded does not provide sufficient
safeguards that the documents are not going to be misused. Once an identify
theft has occurred, the fact that a disposal service is bonded doesn't
mitigate the damage that has been caused to the customer and the reputation
of the bank. How does the bank monitor this?

A one-year period for modification of agreements with service providers
seems appropriate.

The use of the statutory phrase "proper disposal" would be sufficiently
clear as long as the phrase is tied to existing guidelines and give some
direction as to appropriate disposal methods.

Thank You
Richard Wilkinson, Internal Auditor
Bank Consultants Inc.
Carlsbad, NM 

Last Updated 06/22/2004regs@fdic.gov

 

Last Updated: August 20, 2024