[Federal Register Volume 85, Number 248 (Monday, December 28, 2020)]
[Notices]
[Pages 85440-85490]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-28601]



[[Page 85439]]

Vol. 85

Monday,

No. 248

December 28, 2020

Part IV





Securities and Exchange Commission





-----------------------------------------------------------------------





Privacy Act of 1974; System of Records; Notice

  Federal Register / Vol. 85 , No. 248 / Monday, December 28, 2020 / 
Notices  

[[Page 85440]]


-----------------------------------------------------------------------

SECURITIES AND EXCHANGE COMMISSION

[Release No. PA-55; File No. S7-20-20]


Privacy Act of 1974; System of Records

AGENCY: Securities and Exchange Commission.

ACTION: Notice of revised system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974 and the Office of 
Management and Budget (OMB) Circular No. A-108, the Securities and 
Exchange Commission (Commission or SEC) proposes to revise 28 Privacy 
Act systems of records. The revisions are the result of a comprehensive 
review of SEC SORNs and conform to new requirements prescribed in OMB 
Circular No. A-108. This notice also includes a Table of Contents of 
the agency's full inventory of Privacy Act Notices, which re-designates 
and renumbers the systems of records to provide a better guide to the 
system notices.

DATES: The changes will become effective January 27, 2021 to permit 
public comment on the new and revised routine uses. The Commission will 
publish a new notice if the effective date is delayed to review 
comments or if changes are made based on comments received. To assure 
consideration, comments should be received on or before January 27, 
2021.

ADDRESSES: Comments may be submitted by any of the following methods:

Electronic Comments

     Use the Commission's internet comment form (http://www.sec.gov/rules/other.shtml); or
     Send an email to rule-comments@sec.gov. Please include 
File Number S7-20-20 on the subject line.

Paper Comments

    Send paper comments in triplicate to Vanessa A. Countryman, 
Secretary, U.S. Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-1090. All submissions should refer to S7-20-20. 
This file number should be included on the subject line if email is 
used. To help process and review your comments more efficiently, please 
use only one method. The Commission will post all comments on the 
Commission's internet website (http://www.sec.gov/rules/other.shtml). 
Comments are also available for website viewing and printing in the 
Commission's Public Reference Room, 100 F Street NE, Washington, DC 
20549, on official business days between the hours of 10 a.m. and 3 
p.m. All comments received will be posted without change; we do not 
edit personal identifying information from submissions. You should 
submit only information that you wish to make publicly available.

FOR FURTHER INFORMATION CONTACT: For general and privacy related 
questions please contact: Ronnette McDaniel, Privacy and Information 
Assurance Branch Chief, 202-551-7200 or privacyhelp@sec.gov.

SUPPLEMENTARY INFORMATION: When an agency wishes to establish or 
significantly modify a system of records, it must notify in advance 
Congress and the Office of Management and Budget (``OMB'') in order to 
permit an evaluation of the probable or potential effects of the 
proposal on the privacy or other rights of individuals. Currently, the 
SEC has 37 Privacy Act SORNs in its inventory. As directed by OMB,\1\ 
and as part of the SEC's continuous privacy monitoring program, the SEC 
periodically reviews these SORNs to confirm the accuracy of the 
information. The Office of Information Technology (``OIT''), Privacy 
and Information Assurance Branch (``Privacy Office''), in collaboration 
with the system of records system managers or their designee(s), 
reviewed SORNs managed by each division or office for needed updates. 
As a result of the review, revisions were made to SEC systems of 
records, as necessitated by changes in information handling practices 
within the SEC and in compliance with OMB Circular No. A-108, Federal 
Agency Responsibilities for Review, Reporting, and Publication under 
the Privacy Act.\2\ Routine uses were also evaluated to ensure that 
they were necessary and compatible with the purposes for which the 
information is collected.
---------------------------------------------------------------------------

    \1\ See OMB Circular A-108, ``Federal Agency Responsibilities 
for Review, Reporting, and Publication under the Privacy Act,'' 
December 23, 2016 (81 FR 94424).
    \2\ 81 FR 94424 (December 23, 2016).
---------------------------------------------------------------------------

    Accordingly, the Commission is proposing the following Table of 
Contents to provide a better guide to its inventory of systems of 
records, and the modified systems of records to read as follows:

                            Table of Contents
                    [SEC Privacy Act Systems Notices]
------------------------------------------------------------------------
        Old No.                New No.                System name
------------------------------------------------------------------------
SEC-68................  SEC-01...............  SEC's Division of
                                                Corporation Finance
                                                Records.
SEC-69................  SEC-02...............  SEC's Division of
                                                Investment Management
                                                Records.
SEC-70................  SEC-03...............  SEC's Division of Trading
                                                and Markets Records.
SEC-31................  SEC-04...............  Office of General Counsel
                                                Working Files.
SEC-62................  SEC-05...............  Office of Municipal
                                                Advisor Records.
SEC-14................  SEC-06...............  Financial and Acquisition
                                                Management System.
SEC-15................  SEC-07...............  Payroll, Attendance,
                                                Retirement and Leave
                                                Records.
SEC-16................  SEC-08...............  Administrative Law Judge
                                                Case Tracking Records.
SEC-17................  SEC-09...............  Minutes Regarding Action
                                                Taken by the Commission.
SEC-39................  SEC-10...............  Personnel Management
                                                Employment and Staffing/
                                                Training Files.
SEC-24................  SEC-11...............  Freedom of Information
                                                and Privacy Act
                                                Requests.
SEC-28................  SEC-12...............  Office of the Chief
                                                Accountant Working
                                                Files.
SEC-33................  SEC-13...............  Administrative and
                                                Litigation Release
                                                System.
SEC-36................  SEC-14...............  Administrative Proceeding
                                                Files.
SEC-38................  SEC-15...............  Disciplinary and Adverse
                                                Actions, Employee
                                                Conduct, and Labor
                                                Relations Files.
SEC-41................  SEC-16...............  Child Care Subsidy
                                                Program.
SEC-42................  SEC-17...............  Enforcement Files.
SEC-43................  SEC-18...............  Office of Inspector
                                                General Working Files.
SEC-45................  SEC-19...............  Mass Transportation
                                                Subsidy Program.
SEC-46................  SEC-20...............  Facilities Access Badge
                                                System.

[[Page 85441]]

 
SEC-48................  SEC-21...............  Fitness Center Membership
                                                Payment and Fitness
                                                Records; SEC Employees
                                                Health and Fitness
                                                Program Records.
SEC-51................  SEC-22...............  Continuity Support
                                                Center.
SEC-52................  SEC-23...............  Visitor Badge and
                                                Employee Day Pass
                                                System.
SEC-54................  SEC-24...............  Photographic Files.
SEC-55................  SEC-25...............  Information Pertaining or
                                                Relevant to SEC
                                                Regulated Entities and
                                                Their Activities.
SEC-56................  SEC-26...............  Mailing, Contact and
                                                Other Lists.
SEC-57................  SEC-27...............  Office of International
                                                Affairs Records.
SEC-60................  SEC-28...............  Ethics Conduct Rules
                                                Files.
SEC-63................  SEC-29...............  Tips, Complaints, and
                                                Referrals Records.
SEC-64................  SEC-30...............  SEC Security in the
                                                Workplace Incident
                                                Records.
SEC-65................  SEC-31...............  Correspondence Response
                                                Systems.
SEC-66................  SEC-32...............  Backup Care Employee and
                                                Family Records.
SEC-67................  SEC-33...............  General Information
                                                Technology Records.
------------------------------------------------------------------------

SYSTEM NAME AND NUMBER:
SEC-14:
    SEC Financial and Acquisition Management System.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    1. Securities and Exchange Commission, 100 F Street NE, Washington, 
DC 20549. Files may also be maintained in the Commission's Regional 
Offices.
    2. Federal Aviation Administration, Mike Monroney Aeronautical 
Center, AMZ-740, 6500 S MacArthur Blvd., Headquarters Bldg. 1, Oklahoma 
City, OK 73169.

SYSTEM MANAGER(S):
    Chief Financial Officer, Office of Financial Management, Securities 
and Exchange Commission, 100 F Street NE, Washington, DC 20549-6041.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    31 U.S.C. 3501, et seq. and 31 U.S.C. 7701(c). Where the employee 
identification number is the social security number, collection of this 
information is authorized by Executive Order 9397.

PURPOSE(S) OF THE SYSTEM:
    Serves as the core financial system and integrates program, 
financial and budgetary information. Records are collected to ensure 
that all obligations and expenditures other than those in the pay and 
leave system addressed in SEC-15 are in conformance with laws, existing 
rules and regulations, and good business practice, and to maintain 
subsidiary records at the proper account and/or organizational level 
where responsibility for control of costs exists.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    SEC employees, contractors, vendors, interns, customers and members 
of the public.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Employee personnel information: Limited to SEC employees, and 
includes name, address, Social Security number (SSN). Business-related 
information: Limited to contractors/vendors and customers, and includes 
name of the company/agency, point of contact, telephone number, mailing 
address, email address, contract number, CAGE code, vendor number 
(system unique identifier), DUNS number, and TIN, which could be a SSN 
in the case of individuals set up as sole proprietors. Financial 
information includes: Financial institution name, lockbox number, 
routing transit number, deposit account number, account type, debts 
(e.g., unpaid bills/invoices, overpayments, etc.), and remittance 
address.

RECORD SOURCE CATEGORIES:
    The information maintained in Department of Transportation, (DOT)/
Enterprise Service Center (ESC): Purchase orders, vouchers, invoices, 
contracts, and electronic records; Department of Interior (DOI)/Federal 
Personnel Payroll System (FPPS): Travel applications, disgorgement 
information, or other paper records submitted by employees, vendors, 
and other sources, including claims filed by witnesses in SEC actions; 
Delphi-Prism: Fed Traveler, Department of the Interior (DOI) Payroll 
System, Bureau of Public Debt, and EDGAR Momentum.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records; (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    4. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    5. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel

[[Page 85442]]

management functions or manpower studies; may also be used to respond 
to general requests for statistical information (without personal 
identification of individuals) under the Freedom of Information Act.
    6. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    7. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    8. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    9. To members of Congress, the Government Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    10. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    11. To the OMB in connection with the review of private relief 
legislation as set forth in OMB Circular A-19 at any stage of the 
legislative coordination and clearance process as set forth in that 
circular.
    12. To the Treasury, Government Accountability Office, or other 
appropriate agencies to provide appropriate audit documentation.
    13. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by a name of employee, social security 
number (SSN) for employees, SSN/Tax Identification Number (TIN) for 
vendors doing business with the SEC, Name for both employees and 
vendors, Vendor Number (system unique) for both employees and vendors, 
DUNS/DUNS + 4.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41550 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 and 47885 (September 11, 1997)
    --63 FR 11938 (March 11, 1998)77 FR 16569 (March 21, 2012)

SYSTEM NAME AND NUMBER:
SEC-15:
    Payroll, Attendance, Retirement and Leave Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    1. Payroll files, retirement case files, time and attendance 
reports, and service history files: SEC, 100 F Street NE, Washington, 
DC 20549.
    2. Notices of personnel action and other pay-related records: 
Department of the Interior, National Business Center, Payroll 
Operations Division, Mail Stop D-2662, 7301 West Mansfield Avenue, 
Lakewood, CO 80235-2230; and
    3. Retired personnel files: National Archives and Records 
Administration,

[[Page 85443]]

National Personnel Records Center (Civilian Personnel Records Center), 
111 Winnebago Street, St. Louis, MO 63118.

SYSTEM MANAGER(S):
    Associate Executive Director, Office of Human Resources, Securities 
and Exchange Commission, 100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 302; 31 U.S.C. 3512.

PURPOSE(S) OF THE SYSTEM:
    The primary uses of the records are for the Commission's fiscal 
operations for payroll, time and attendance, leave, insurance, tax, 
retirement, qualifications, and benefits; to prepare related reports to 
other Federal agencies including the Department of Treasury and the 
Office of Personnel Management; and to locate SEC employees and 
determine such matters as their period of service, type of leave, 
qualifications, benefits, and pay.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Past and present employees, interns, fellows, volunteers and 
persons who work at the SEC under the Intergovernmental Personnel Act 
(employees).

CATEGORIES OF RECORDS IN THE SYSTEM:
    These records include, but are not limited to: Employee name, 
address, phone number, Social Security number, organization code, pay 
rate, salary, grade, length of service, pay and leave records, source 
documents for posting time and leave attendance, and deductions for 
Medicare, Old Age, Survivors, and Disability Insurance (OASDI, also 
known as Social Security), bonds, Federal Employee Group Life Insurance 
(FEGLI), union dues, taxes, allotments, quarters, retirement, 
charities, Federal and commercial health benefits, Flexible Spending 
Account, Long Term Care Insurance, Thrift Savings Plan contributions, 
award, shift schedules, and pay differential, tax lien data, wage 
garnishments.
    The payroll, retirement and leave records described in this notice 
form a part of the information contained in the Department of the 
Interior's integrated Federal Personnel and Payroll System (FPPS). 
Personnel records contained in the FPPS are covered under the 
government-wide system of records notice published by the Office of 
Personnel Management (OPM/GOVT-1) and Commission's system of records 
notice, SEC-39, Personnel Management Employment and Staffing Files.

RECORD SOURCE CATEGORIES:
    Records source is from individuals on whom the records are 
maintained, official personnel records of individuals on whom the 
records are maintained, time and attendance records, withholding 
certificates, third-party benefit providers, and other pay-related 
records prepared by the individual or the Office of Human Resources.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed as a routine use pursuant to 5 
U.S.C. 552a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To the National Business Center of the U.S. Department of the 
Interior.
    3. To any Federal, state, or local government compiling tax 
withholding, retirement contributions, or allotments to charities, 
labor unions, wage garnishments, and other authorized recipients.
    4. To any Federal governmental authority or its agents 
investigating (a) a violation or potential violation of a statute, 
rule, regulation, or order, or (b) an employee's grievance or 
complaint.
    5. To any member of the public for employment verification at an 
employee's written request.
    6. To any judgment creditor for the purpose of wage garnishment.
    7. To any arbitrator under a negotiated labor agreement.
    8. To the General Accountability Office, the Office of Management 
and Budget, and other Federal agencies to support payments of salaries 
and benefits to SEC employees.
    9. To the Office of Child Support Enforcement, Administration for 
Children and Families, Department of Health and Human Services, the 
Federal Parent Locator System and the Federal Tax Offset System to (a) 
locate individuals, (b) identify income sources, (c) establish 
paternity, (d) verify social security numbers or employment, (e) issue, 
modify, or enforce orders of support, or (f) administer the Federal 
Earned Income Tax Credit Program.
    10. To a Congressional office in response to an inquiry from that 
Congressional office made at the request of the individual to whom the 
record pertains.
    11. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
utilized to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    12. To interns, grantees, experts, contractors and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical or 
stenographic functions, or by reproduction of records by electronic or 
other means. Recipients of these records shall be required to comply 
with the requirements of the Privacy Act of 1974, as amended, 5 
U.S.C.552a.
    13. When (a) it is suspected or confirmed that the security or 
confidentiality of information in the system of records has been 
compromised; (b) the Commission has determined that as a result of the 
suspected or confirmed compromise there is a risk of harm to economic 
or property interests, identity theft or fraud, or harm to the security 
or integrity of this system or other systems or programs (whether 
maintained by the Commission or another agency or entity) that rely 
upon the compromised information; and (c) the disclosure is made to 
such agencies, entities, and persons who are reasonably necessary to 
assist in connection with the Commission's efforts to respond to the 
suspected or confirmed compromise and prevent, minimize, or remedy such 
harm.
    14. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    15. To another Federal agency or Federal entity, when the SEC

[[Page 85444]]

determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape, and/
or digital media. Paper records are stored in locked file rooms and/or 
file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    These records may be retrieved by identifiers including, but not 
limited to, individual's name, an employee's name or social security 
number, birthday, and organizational code.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know;'' using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records should contact 
the FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual should be directed to 
the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street 
NE, Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41594 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --58 FR 64416 (December 7, 1993)
    --62 FR 47884 and 47885 (September 11, 1997)
    --63 FR 11936 (March 11, 1998)
    --64 FR 69051 (December 9, 1999)
    --75 FR 17978 (April 8, 2010)

SYSTEM NAME AND NUMBER:
SEC-16:
    Administrative Law Judge Case Tracking Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    Chief Administrative Law Judge, Securities and Exchange Commission, 
100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 556; 15 U.S.C. 78d, 78d-1; Pub. L. No. 87-592, 76 Stat. 
394 (1962); 17 CFR 200.30-9, .200.30-10, .201.111.

PURPOSE(S) OF THE SYSTEM:
    1. To track the status of each administrative proceeding pending in 
the Office of Administrative Law Judges (OALJ).
    2. To enable the Chief Administrative Law Judge in determining 
appropriate assignments.
    3. To aid in projecting budget requirements for OALJ.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    SEC administrative law judges, individual respondents, and counsel 
of record.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records are maintained on every case pending in OALJ. The system 
also stores records on cases while they are pending appeal and even 
after they have been resolved by decision or settlement. The records 
identify each administrative proceeding, the respondent(s) against whom 
the case was brought, and the administrative law judge to whom the case 
was assigned. Record categories include case summary, Office of the 
Secretary's service list, contact sheet, hearings, dispositions, events 
and mailings, and respondent's answer. Records may include the names, 
addresses, email addresses, telephone numbers, and fax numbers of 
respondents and counsel. They also contain information on party filings 
and submissions, such as the date of the filing or submission and the 
subject matter (but not copies of the actual filings or submissions), 
statistical data relating to number of assignments, and the time 
involved in disposition of assignments.

RECORD SOURCE CATEGORIES:
    Information is obtained from: Orders and decisions issued by the 
SEC, Chief Administrative Law Judge, or individual Administrative Law 
Judges; transcripts of prehearings, hearings, and oral arguments; party 
filings, submissions, and correspondence and communications received in 
connection with a proceeding.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the

[[Page 85445]]

Commission as a routine use pursuant to 5 U.S.C. 552 a(b)(3) as 
follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records; (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.

[[Page 85446]]

    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information in the ALJ Case Tracking Records is retrieved by case 
name, case number, Administrative Proceeding Tracking System (APTS) 
status, ALJ status, ALJ case status type, date filed with ALJ, date 
filed with the Office of the Secretary, respondent's name, assigned 
ALJ, hearing date, ALJ statutory authority, or whether a case was 
initiated by an order instituting proceedings.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41563 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --43 FR 36536 (August 17, 1978)
    --46 FR 63439 (December 31, 1981)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 (September 11, 1997)
    By the Commission.

SYSTEM NAME AND NUMBER:
SEC-17:
    Minutes Regarding Action Taken by the Commission.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    Secretary, Office of the Secretary, Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 78a et seq.

PURPOSE(S) OF THE SYSTEM:
    To record actions taken by the Commission and to distribute to 
senior supervisory personnel on the Commission's staff for 
informational purposes.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who are the subject of official action taken by the 
SEC, including individuals who are named defendants or respondents in 
civil actions or administrative proceedings brought by the Commission.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records contain defendants' or respondents' names, and addresses 
and names of other related entities or individuals; present and voting 
SEC Commissioners' and staff names; and dates. The records describe the 
matter presented, and any recommendations of the staff.

RECORD SOURCE CATEGORIES:
    Records are compiled from meetings of the Commission and from 
seriatims circulated to the Commission.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:

[[Page 85447]]

    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the

[[Page 85448]]

Commission or conducting records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in Word on an Office of the Secretary restricted 
drive, in computerized databases, magnetic disc, tape and/or digital 
media. Paper records and records on computer disc are stored in locked 
file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    These records are indexed by date and can be retrieved by name from 
the Word file or from the paper copy. Older records can be retrieved 
from Records Management or from the National Archives and Records 
Administration.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained in-house as space permits, at 
which time they will be archived by Records Management and then retired 
or destroyed in accordance with the SEC's records retention schedule, 
as approved by the National Archives and Records Administration. 
Minutes are accessioned to NARA after 15 years.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize secure, password-protected electronic system 
that will utilize commensurate safeguards t commensurate safeguards 
that may include: Firewalls, intrusion detection and prevention 
systems, and role-based access controls. Additional safeguards will 
vary by program. All records are protected from unauthorized access 
through appropriate administrative, operational, and technical 
safeguards. These safeguards include: Restricting access to authorized 
personnel who have a ``need to know''; using locks; and password 
protection identification features. Contractors and other recipients 
providing services to the Commission shall be required to maintain 
equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41564 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 (September 11, 1997)

SYSTEM NAME AND NUMBER:
SEC-24:
    Freedom of Information and Privacy Act Requests.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, Office of Freedom of 
Information Act (FOIA) Services, 100 F Street NE, Washington, DC 20549. 
Other offices involved in the processing of requests may also maintain 
copies of the requests and related internal administrative records.

SYSTEM MANAGER(S):
    FOIA/PA Officer, Office of FOIA Services, Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549-2465.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 552, and 552a; Executive Order 9397.

PURPOSE(S) OF THE SYSTEM:
    The records are used by Commission staff to process FOIA and 
Privacy Act requests and appeals, and to prepare reports to the 
Department of Justice, the Office of Management and Budget, and other 
oversight entities on the Commission's FOIA and PA activities.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Records are maintained on persons requesting information from the 
Commission pursuant to provisions of the Freedom of Information Act; 
persons who are the subject of Freedom of Information Act requests; 
individuals who have submitted requests for information about 
themselves or on behalf of an individual under the provisions of the 
Privacy Act of 1974; and individuals filing an administrative appeal of 
a denial, in whole or part, of any such request.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records received, created or compiled in processing FOIA and PA 
requests or appeals, including internal memoranda, correspondence to or 
from other Federal agencies, correspondence and response letters, 
appeal of denials under the FOIA, request for amendment of records 
under the Privacy Act, appeal for denials under the Privacy Act, appeal 
determinations, and electronic tracking data.
    These records may contain personal information retrieved in 
response to a request including requesters' and their

[[Page 85449]]

attorneys' or representatives' names, addresses, email, telephone 
numbers, and FOIA and PA case numbers; office telephone numbers of SEC 
employees and contractors; Names, telephone numbers, and addresses of 
the submitter of the information requested; Unique case identifier; 
Social Security Number; or other identifier assigned to the request or 
appeal.

RECORD SOURCE CATEGORIES:
    Persons requesting information from the Commission pursuant to the 
Freedom of Information Act and the Privacy Act; agency employees 
assigned to handle processing the requests; agency records searched and 
identified as responsive in the process of responding to such requests; 
other agencies or entities that have referred to SEC requests 
concerning SEC records, or that have consulted with SEC regarding 
handling of particular requests; and submitters or subjects of records 
or information that have provided assistance to SEC in making access or 
amendment determinations.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    5. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    6. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    7. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    8. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    9. To respond to subpoenas in any litigation or other proceeding.
    10. To a third party authorized in writing to receive such 
information by the individual about whom the information pertains.
    11. To another Federal agency to (a) permit a decision as to 
access, amendment or correction of records to be made in consultation 
with or by that agency, (b) verify the identity of an individual or the 
accuracy of information submitted by an individual who requested access 
to, amendment of, or correction of records, or (c) to process payment 
of fees associated with FOIA/PA requests.
    12. To the Department of Justice (DOJ) in order to obtain that 
department's advice on FOIA matters or regarding the agency's FOIA 
disclosure obligations.
    13. To the Office of Management and Budget for the purpose of 
obtaining its advice on Privacy Act matters.
    14. To the public pursuant to the provisions of the FOIA, 5 U.S.C. 
552.
    15. To the National Archives and Records Administration, Office of 
Government Information Services (OGIS), to the extent necessary to 
fulfill its responsibilities in 5 U.S.C. 552(h), to review 
administrative agency policies, procedures and compliance with the 
Freedom of Information Act (FOIA), and to facilitate OGIS' offering of 
mediation services to resolve disputes between persons making FOIA 
requests and administrative agencies.
    16. To members of Congress, the Government Accountability Office, 
or others charged with monitoring the work of the Commission or 
conducting records management inspections.
    17. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    18. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    19. To a Congressional office from the record of an individual in 
response to

[[Page 85450]]

an inquiry from the Congressional office made at the request of that 
individual.
    20. In connection with any litigation challenging or seeking to 
enjoin actions by the Commission under the Freedom of Information Act, 
as amended.
    21. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, and/or on computer disc. 
Paper records and records on computer disc are stored in locked file 
rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Electronic files and paper format records are indexed and retrieved 
by a unique case number assigned to the request. Records may also be 
retrieved by the requestor name and/or the subject of the request.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records are maintained in accordance with general records 
schedules of the National Archives and Records Administration, General 
Records Schedule 4.2

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41550 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --62 FR 47884 (September 11, 1997)
    --77 FR 65913 (October 31, 2012)
    --78 FR 41962 (July 12, 2013)

SYSTEM NAME AND NUMBER:
SEC-28:
    Office of the Chief Accountant Working Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    Chief Accountant, Office of the Chief Accountant, Securities and 
Exchange Commission, 100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 77a et seq., 78a et seq., 7201 et seq., and 17 CFR 
200.22.

PURPOSE(S) OF THE SYSTEM:
    1. To assist the Office of the Chief Accountant in performing the 
functions assigned to it by the Commission including the formulation 
and application of accounting or auditing policies in the case of 
documents required to be filed with the Commission and the 
determination of appropriate recommendations to the Commission relating 
to the disqualification of accountants to appear and practice before 
the Commission.
    2. To respond to inquiries from Members of Congress, the press, and 
the public concerning accounting and auditing matters.
    3. To assist investigations of possible violations of the Federal 
securities laws.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Accountants and persons associated with accountants and accounting 
firms and persons associated with SEC registrants, including 
individuals that submit requests for consultation with the Office of 
the Chief Accountant and individuals involved with or subjects of SEC 
investigations; and SEC personnel assigned to work on relevant matters.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The records contain names, mailing addresses, telephone numbers, 
email addresses, and/or information pertaining to accounting and 
auditing practices, problems, issues, and opinions and information 
concerning the activities of individuals in connection with Commission 
enforcement actions or in proceedings pursuant to the Commission's 
rules of practice.

RECORD SOURCE CATEGORIES:
    The information contained in the system is derived from official 
SEC records, letters and inquiries from the public, SEC staff 
memoranda, which may include information derived from investigations, 
litigation, and other submissions, and professional auditing and 
accounting literature and information received from individuals 
including where practicable those to whom the records relate.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C.

[[Page 85451]]

552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records; (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 78u(a).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.

[[Page 85452]]

    21. To a trustee in bankruptcy.
    22. To members of Congress, the Government Accountability Office, 
or others charged with monitoring the work of the Commission or 
conducting records management inspections. 23. To another Federal 
agency or Federal entity, when the SEC determines that information from 
this system of records is reasonably necessary to assist the recipient 
agency or entity in (1) responding to a suspected or confirmed breach 
or (2) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Paper records are searchable by name, subject, firm, date, and/or 
internal file number. Electronic records are searchable through routine 
word searches to include searches by name, subject, firm and/or 
keyword.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange
    Commission, 100 F Street NE, Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Under 5 U.S.C. 552a(k)(2), this system of records is exempted from 
the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), 
(e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, 
and 200.306, insofar as it contains investigatory materials compiled 
for law enforcement purposes. This exemption is contained in 17 CFR 
200.312(a)(3).

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41550 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 (September 11, 1997)
    --79 FR 30661 (May 28, 2014)

SYSTEM NAME AND NUMBER:
SEC-33:
    Administrative and Litigation Release System.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Records in this system also may be maintained at the SEC 
Regional Offices.

SYSTEM MANAGER(S):
    Secretary, Office of the Secretary, Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 78a et seq.

PURPOSE(S) OF THE SYSTEM:
    To allow SEC staff to maintain information regarding 
administrative, civil or criminal proceedings involving allegations of 
violations of the Federal securities laws or related statutes.

CATEGORIES OF INDIVIDUALS AND ENTITIES COVERED BY THE SYSTEM:
    Records are maintained on persons who have been named as 
respondents or defendants in administrative, civil or criminal 
proceedings involving findings or allegations of violations of the 
Federal securities laws or related statutes.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records contain respondents' or defendants' names, and addresses. 
Releases pertaining to administrative proceedings are limited 
essentially to an identification of the respondents, a brief reference 
to the general nature of the underlying charges, and when appropriate, 
an identification of the particular securities involved. Litigation 
releases pertain to litigation matters and court enforcement actions 
brought under the Federal securities laws.

RECORD SOURCE CATEGORIES:
    Records are obtained from administrative and court pleadings, 
transcripts, documents, and orders; SEC personnel; other SEC files; 
communications to the SEC; evidence gathered in connection with any 
matter within the jurisdiction of the SEC and from individuals, 
including where practicable, those to whom the records relate.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C.

[[Page 85453]]

552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, or 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.

[[Page 85454]]

    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. In giving public notice of the institution and disposition of 
an administrative, civil, or criminal proceeding brought under the 
Federal securities laws or related statutes.
    25. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored on a restricted Office of the Secretary drive and in 
a computerized database. Paper records are stored in locked file rooms 
and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be accessed by relevant name and file number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41550 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 (September 11, 1997)

SYSTEM NAME AND NUMBER:
SEC--36:
    Administrative Proceeding Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    Secretary, Office of the Secretary, Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 77h(e), 77u, 78v, 78o(b), 80a-40, and 80b-12; the 
Commission's Rules of Practice, 17 CFR 201.100 through 900 and the 
Commission's Rules of Fair Fund and Disgorgement Plans, 17 CFR 201.1100 
through 1106.

PURPOSE(S) OF THE SYSTEM:
    The records in this system may be utilized in any proceeding where 
the Federal securities laws are in issue or in which the Commission or 
past or present members of its staff is a party or otherwise involved 
in an official capacity.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Records are maintained on all individuals that are involved in 
administrative proceedings before the SEC, including, participants, 
witnesses, attorneys, SEC employees, contractors, interns, affiliates, 
and others working on behalf of the SEC.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records may include the names and addresses of parties; 
participants; witnesses, attorneys, SEC employees and others working on 
behalf of the SEC. Additionally, records may include orders for 
proceedings, answers, motions, responses, orders, offers of settlement 
and other pleadings; transcripts of all hearings and documents 
introduced as evidence therein; other relevant documents and 
correspondence relating to proceedings.

RECORD SOURCE CATEGORIES:
    These records are obtained from counsel involved in the 
administrative proceeding, internal Commission files, and from 
individuals including, where practicable, the individual as to whom the 
record pertains.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects

[[Page 85455]]

or has confirmed that there has been a breach of the system of records, 
(2) the SEC has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction. In matters 
involving public proceedings, records maybe made publicly available. 
19. To prepare and publish information relating to violations of the 
Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the

[[Page 85456]]

Commission or conducting records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach; or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are indexed by names of both parties cross-indexing to 
individual's name is available through searchable databases. 
Additionally, records can be retrieved by matter number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24 hour security guard service. Records are required to be 
safeguarded in accordance with applicable SEC rules and policies. 
Computerized records are safeguarded in secured, encrypted environment. 
Security protocols meet the promulgating guidance as established by the 
National Institute of Standards and Technology (NIST) Security 
Standards from Access Control to Data Encryption, and Security 
Assessment & Authorization (SA&A). Records will be maintained in a 
secure, password-protected electronic system that will utilize 
commensurate safeguards that may include: Firewalls, intrusion 
detection and prevention systems, and role-based access controls. 
Additional safeguards will vary by program. All records are protected 
from unauthorized access through appropriate administrative, 
operational, and technical safeguards. These safeguards include: 
Restricting access to authorized personnel who have a ``need to know''; 
using locks; and password protection identification features. 
Contractors and other recipients providing services to the Commission 
shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41550 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --43 FR 36536 (August 17, 1978)
    --46 FR 63439 (December 31, 1981)
    --54 FR 24454 (June 7, 1989)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 (September 11, 1997)
    --79 FR 69894 (November 24, 2014)

SYSTEM NAME AND NUMBER:
SEC-38:
    Disciplinary and Adverse Actions, Employee Conduct, and Labor 
Relations Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, Office of Human Resources100 F 
Street NE, Washington, DC 20549-3990.

SYSTEM MANAGER(S):
    Associate Executive Director, Office of Human Resources, Securities 
and Exchange Commission, 100 F Street NE, Washington, DC 20549-3990.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 1302 and 2951 and 17 CFR 200.735-13

PURPOSE(S) OF THE SYSTEM:
    Assigned staff uses records to verify employee and agency 
compliance with law, regulation, case decisions, agency policies, and 
the Collective Bargaining Agreement.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Present and former SEC employees.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system of records includes information in the following 
categories of records: (a) Disciplinary and adverse action cases, 
regulatory appeal files, grievances and complaints relating to an 
employee, union issues (including collective bargaining documents and 
dues withholding forms), leave bank/transfer date, and third party 
complaints; (b) Investigatory materials gathered in connection with the 
individual's initial appointment to the agency as well as materials 
gathered in connection with investigations into allegations of employee 
misconduct.

RECORD SOURCE CATEGORIES:
    Employees, managers, union officials.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of

[[Page 85457]]

the suspected or confirmed breach there is a risk of harm to 
individuals, the SEC (including its information systems, programs, and 
operations), the Federal Government, or national security; and (3) the 
disclosure made to such agencies, entities, and persons is reasonably 
necessary to assist in connection with the SEC's efforts to respond to 
the suspected or confirmed breach or to prevent, minimize, or remedy 
such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. In any proceeding where the human resources law or regulations 
are in issue or in which the Commission, or past or present members of 
its staff, is a party or otherwise involved in an official capacity.
    4. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    5. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    6. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    7. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    8. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    9. To members of Congress, the Government Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    10. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    11. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are indexed and retrieved by employee name or assigned ID.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41550 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --62 FR 47884 (September 11, 1997)
    --76 FR 30213 (May 24, 2011)

SYSTEM NAME AND NUMBER:
SEC-41:
    Child Care Subsidy Program

[[Page 85458]]

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Childcare Subsidy Program Applications: FEEA-SEC Child Care 
Subsidy, 8441- W. Bowles Ave, suite 200, Littleton, CO 80123-9501. 
Utilization reports and other related records: Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549.

SYSTEM MANAGER(S):
    General Counsel, Securities and Exchange Commission, 100 F Street 
NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Title 15, United States Code, section 77s, 77sss, 78d (b), 78w, 
80a-37, and 80b-11.

PURPOSE(S) OF THE SYSTEM:
    To determine eligibility for, and the amount of, the child care 
tuition subsidy for lower income SEC employees.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Present and former SEC employees and their children and child care 
providers.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records contain (1) employee's name, social security number, 
telephone numbers, address, grade, gross annual salary, gross family 
income that was reported on the latest Federal income tax return, and 
number of dependent children; (2) employee's child's name, date of 
birth, social security number, weekly tuition cost, amount of child 
care tuition subsidy from state or local government; and (3) employee's 
child care provider's name, address, telephone number, tax 
identification number, and license number.

RECORD SOURCE CATEGORIES:
    Applications for child care subsidy and supporting records, which 
are voluntarily submitted by employees.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    4. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    5. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    6. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    7. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    8. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    9. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    10. To any Federal, state, or local government authority 
implementing child care subsidy programs or investigating a violation 
or potential violation of a statute, rule, regulation, or order.
    11. To the Office of Personnel Management to be used for evaluating 
the child care subsidy program.
    12. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    13. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    These records are retrievable by the employee's name or social 
security number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

[[Page 85459]]

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
fIrewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Under 5 U.S.C. 552a(k)(2), this system of records is exempted from 
the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), 
(e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, 
and 200.306, insofar as it contains investigatory materials compiled 
for law enforcement purposes. This exemption is contained in 17 CFR 
200.312(a)(5).

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41550 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --57 FR 14592 (April 21, 1992)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 (September 11, 1997)
    --65 FR 49037 (August 10, 2000)
    --77 FR 65913 (October 31, 2012)

SYSTEM NAME AND NUMBER:
SEC-42:
    Enforcement Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Files may also be maintained in the Commission's Regional 
Offices that conducted an investigation or litigation, or at a records 
management company under contract with the Commission. Closed 
investigatory files are stored at a Federal records center.

SYSTEM MANAGER(S):
    Director, Division of Enforcement, Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549-0801; Records 
Officer, Office of Records Management Services, Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549; New York Regional 
Office, Regional Director, 3 World Financial Center, Suite 400, New 
York, NY 10281-1022; Boston Regional Office, Regional Director, 33 Arch 
Street, 23rd Floor, Boston, MA 02110-1424; Philadelphia Regional 
Office, Regional Director, The Mellon Independence Center, 701 Market 
Street, Philadelphia, PA 19106-1532; Miami Regional Office, Regional 
Director, 801 Brickell Ave., Suite 1800, Miami, FL 33131, Atlanta 
Regional Office, Regional Director, 3475 Lenox Road NE, Suite 1000, 
Atlanta, GA 30326-1232; Chicago Regional Office, Regional Director, 175 
W. Jackson Boulevard, Suite 900, Chicago, IL 60604; Denver Regional 
Office, Regional Director, 1801 California Street, Suite 1500, Denver, 
CO 80202-2656; Fort Worth Regional Office, Regional Director, Burnett 
Plaza, Suite 1900, 801 Cherry Street, Unit 18, Fort Worth, TX 76102; 
Salt Lake Regional Office, Regional Director, 15 W. South Temple 
Street, Suite 1800, Salt Lake City, UT 84101; Los Angeles Regional 
Office, Regional Director, 5670 Wilshire Boulevard, 11th Floor, Los 
Angeles, CA 90036-3648; San Francisco Regional Office, Regional 
Director, 44 Montgomery Street, Suite 2600, San Francisco, CA 94104.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 77s, 77t, 78u, 77uuu, 80a-41, and 80b-9.17 CFR 202.5.

PURPOSE(S) OF THE SYSTEM:
    The records are maintained for purposes of the Commission's 
investigations and actions to enforce the Federal securities laws. 
Additionally, the information in the system is used in conjunction with 
the collection of amounts ordered to be paid in enforcement actions, a 
function that is a necessary component of litigation.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Records are maintained on persons who have been involved in 
Commission investigations or litigation, or in activities which 
violated or may have violated Federal, state or foreign laws relating 
to transactions in securities, the conduct of securities business or 
investment advisory activities, and banking or other financial 
activities.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records contain names and addresses of persons involved in 
Commission investigations or litigation. Also, correspondence relevant 
to the matter, internal staff memoranda, Commission minutes and 
Commission orders, copies of subpoenas issued in the course of the 
matter, affidavits, transcripts of testimony and exhibits thereto, 
copies of pleadings and exhibits in related private or governmental 
actions, documents and other evidence obtained in the course of the 
matter, computerized records, working papers of the staff and other 
documents and records relating to the matter, opening reports, progress 
reports and closing reports, and miscellaneous records relating to 
investigations or litigation.

RECORD SOURCE CATEGORIES:
    Information in these records is supplied by: Individuals including, 
where practicable, those to whom the information relates; witnesses, 
banks, corporations, or other entities; self-regulatory organizations; 
the Postal Inspection Service, the Department of Justice, state 
securities commissions, other Federal, state, or local bodies and

[[Page 85460]]

law enforcement agencies or foreign governmental authorities; public 
sources, i.e., libraries, newspapers, television, radio, court records, 
filings with Federal, state, and local bodies; filings made with the 
SEC pursuant to law; electronic information sources; other offices 
within the Commission; documents, litigation, transcripts of testimony, 
evidence introduced into court, orders entered by a court and 
correspondence relating to litigation; pleadings in administrative 
proceedings, transcripts of testimony, documents, including evidence 
entered in such proceedings, and miscellaneous other sources.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities

[[Page 85461]]

Exchange Act of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or 
conduct of enforcement actions brought by the Commission for such 
violations, or otherwise in connection with the Commission's 
enforcement or regulatory functions under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    23. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    When the Commission seeks to collect a debt arising from a civil 
action or administrative proceeding, it may disclose the following 
information to a consumer reporting agency: (i) Information necessary 
to establish the identity of the debtor, including name, address and 
taxpayer identification number or social security number; (ii) the 
amount, status, and history of the debt; and (iii) the fact that the 
debt arose from a Commission action or proceeding to enforce the 
Federal securities laws.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS
    The records are retrieved by the name under which the investigation 
is conducted or administrative or judicial litigation is filed. Access 
to information about an individual may be obtained through the 
Commission's Name-Relationship Search Index system by the name of the 
individual. Information concerning an individual may also be obtained 
by reference to computer-based indices maintained by the Division of 
Enforcement.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Under 5 U.S.C. 552a(k)(2), this system of records is exempted from 
the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), 
(e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, 
and 200.306, insofar as it contains investigatory materials compiled 
for law enforcement purposes. This exemption is contained in 17 CFR 
200.312(a)(1).

HISTORY:
    This SORN was last published in full in the Federal Register at 40 
FR 39253 (August 27, 1975). Subsequent notices of revision can be found 
at the following citations:
    --41 FR 5318 (February 5, 1976)
    --41 FR 11631 (March 19, 1976)
    --41 FR 41550 (September 22, 1976)
    --42 FR 36333 (July 14, 1977)
    --46 FR 63439 (December 31, 1981)
    --59 FR 27626 (May 27, 1994)
    --62 FR 47884 (September 11, 1997)
    --67 FR 48497 (July 24, 2002)
    --76 FR 30213 (May 24, 2011)

SYSTEM NAME AND NUMBER:
SEC-43: Office of Inspector General Working Files.
SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Office of the Inspector General, Securities and Exchange Commission 
(SEC), 100 F Street NE, Washington, DC 20549. Closed files may be 
stored at a Federal records center in accordance with the SEC's records 
retention schedule.

[[Page 85462]]

SYSTEM MANAGER(S):
    Inspector General, Office of Inspector General, Securities and 
Exchange Commission, 100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Inspector General Act of 1978, as amended, Pub. L. 95-452, 5 U.S.C. 
App. 6; Dodd-Frank Wall Street Reform and Consumer Protection Act, Pub. 
L. 111-203, 15 U.S.C. 78d-4.

PURPOSE(S) OF THE SYSTEM:
    The purpose of this system of records is to enable the OIG to 
effectively and efficiently conduct investigations, audits, and 
inquiries relating to the programs and operations of the SEC; to allow 
OIG staff to provide legal advice and assistance to the Inspector 
General with respect to OIG investigations, audits, inquiries, actions, 
and agency operations; to represent the OIG in judicial and 
administrative proceedings in which the OIG or its personnel are 
involved as a party or a witness; to manage, track and report on 
matters and caseloads handled by OIG staff; to respond to 
communications and correspondence, as authorized by the Inspector 
General Act of 1978, as amended and the Dodd-Frank Wall Street Reform 
and Consumer Protection Act.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system of records contains records on individuals, including 
subjects, complainants, and witnesses, in connection with the SEC 
Office of Inspector General's (OIG) investigations, audits, or 
inquiries relating to programs and operations of the SEC. This system 
of records also includes records on individuals who are involved in 
litigation or administrative proceedings with the OIG, OIG employees 
whose conduct or performance raises concern, and individuals who 
correspond with the OIG such as members of Congress and their staff, 
members of the public and SEC employees who make suggestions through 
the OIG Employee Suggestion Hotline.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records include: Case management systems that contain unique 
control numbers, descriptive information, and supporting documents for 
OIG matters; incoming complaints and complaint logs; preliminary 
inquiry files and indexes; correspondence; internal staff memoranda and 
legal analysis; copies of all subpoenas issued during investigations; 
subpoena logs; affidavits, declarations and statements from witnesses; 
transcripts of interviews conducted or testimony taken and accompanying 
exhibits; documents and records obtained during investigations, audits 
and administrative litigation; working papers of the staff; 
investigative plans, operation plans, status reports, reports of 
investigation, and closing memoranda; information and documents 
relating to grand jury proceedings; arrest and search warrant 
affidavits; information and documents relating to criminal, civil, and 
administrative actions; information and documents received from other 
law enforcement entities; personnel information for witnesses, 
subjects, and OIG staff; investigative peer review files; Congressional 
correspondence; SEC employee suggestions; and other internal and 
external communications.

RECORD SOURCE CATEGORIES:
    Information in these records is supplied by: Individuals including, 
where practicable, those to whom the information relates; witnesses, 
corporations and other entities; records of individuals and of the SEC; 
records of other entities; Federal, foreign, state or local bodies and 
law enforcement agencies; documents and correspondence relating to 
litigation and administrative proceedings; public sources; and 
miscellaneous other sources.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (a) it is 
suspected or confirmed that the security or confidentiality of 
information in the system of records has been compromised; (b) the OIG 
has determined that, as a result of the suspected or confirmed 
compromise, there is a risk of harm to economic or property interests, 
identity theft or fraud, or harm to the security or integrity of this 
system or other systems or programs (whether maintained by the SEC or 
OIG or another agency or entity) that rely upon the compromised 
information; and (c) the disclosure made to such agencies, entities, 
and persons is reasonably necessary to assist in connection with the 
SEC or OIG's efforts to respond to the suspected or confirmed 
compromise and prevent, minimize, or remedy such harm.
    2. To another Federal agency or Federal entity, when the OIG 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach; or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal government, or national security resulting from a suspected 
or confirmed breach.
    3. Where there is an indication of a violation or a potential 
violation of law, whether civil, criminal or regulatory in nature, to 
the appropriate agency, whether Federal, foreign, state, or local, or 
to a securities self-regulatory organization, charged with enforcing or 
implementing the statute, or rule, regulation or order.
    4. To Federal, foreign, state, or local authorities in order to 
obtain information or records relevant to an OIG investigation or 
inquiry.
    5. To non-governmental parties where those parties may have 
information the OIG seeks to obtain in connection with an investigation 
or inquiry.
    6. To respond to subpoenas in any litigation or other proceeding.
    7. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    8. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    9. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    10. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.

[[Page 85463]]

    11. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    12. To inform complainants, victims, and witnesses of the results 
of an investigation or inquiry.
    13. To any persons during the course of any inquiry, audit, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    14. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    15. To qualified individuals or organizations in connection with 
the performance of a peer review or other study of the OIG's audit or 
investigative functions.
    16. To a Federal agency responsible for considering debarment or 
suspension action if the record would be relevant to such action.
    17. To the Department of Justice for the purpose of obtaining its 
advice on Freedom of Information Act matters.
    18. To a Congressional office in response to an inquiry from the 
Congressional office.
    19. To the Office of Government Ethics (OGE) to comply with agency 
reporting requirements established by OGE in 5 CFR 2638, subpart F.
    20. To a Federal, state, local, foreign or administrative body, or 
before an arbitrator, when the SEC is a party to or has an interest in 
litigation or other legal proceedings, including to legal counsel 
representing the SEC or SEC employees, or other actual or potential 
parties, in connection with litigation, discovery or settlement 
discussions.
    21. To an authorized investigator, administrative judge, or 
complaints examiner appointed by the Equal Employment Opportunity 
Commission when requested in connection with the investigation of a 
complaint of discrimination filed against the SEC under 29 CFR part 
1614.
    22. To the Merit Systems Protection Board or Office of the Special 
Counsel for the purpose of litigation, including administrative 
proceedings, appeals, special studies, investigations of alleged or 
possible prohibited personnel practices, and such other functions as 
may be authorized by law.
    23. To the news media and the public when there exists a legitimate 
public interest (e.g., to provide information on events in the criminal 
process, such as an indictment).
    24. To the Council of the Inspectors General on Integrity and 
Efficiency, another Federal Office of Inspector General, or other 
Federal law enforcement office in connection with an allegation of 
wrongdoing by the Inspector General or OIG staff members.
    25. To a contractor when there has been an SEC or OIG investigation 
or inquiry into the conduct or performance of the contractor's 
employees.
    26. In reports published by the OIG pursuant to its authority 
granted in the Inspector General Act of 1978, as amended, Public Law 
95-452, 5 U.S.C. App. 6, and Dodd-Frank Wall Street Reform and Consumer 
Protection Act, Public Law 111-203, 15 U.S.C Sec.  78d-4.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets or are maintained in secure 
off-site storage.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    The records may be retrieved by the name of the SEC employee, 
complainant, subject, witness, victim or member of the public; the OIG 
staff name for the audit, investigation or inquiry; or other indexed 
information.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A). Records are maintained in a secure, password-protected 
electronic system that will utilize commensurate safeguards that may 
include: Firewalls, intrusion detection and prevention systems, and 
role-based access controls. Additional safeguards will vary by program. 
All records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549.

CONTESTING RECORD PROCEDURES:
    See record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    Pursuant to 5 U.S.C. 552a(j)(2) and 17 CFR 200.313(a), this system 
of records is exempt from the provisions of the Privacy Act of 1974, 5 
U.S.C. 552a, except subsections (b), (c)(1) and (2), (e)(4)(A) through 
(F), (e)(6), (7), (9), (10), and (11), and (i), and 17 CFR 200.303, 
200.403, 200.306, 200.307, 200.308,

[[Page 85464]]

200.309, and 200.310, insofar as the system contains information 
pertaining to criminal law enforcement investigations.
    Pursuant to 5 U.S.C. 552a(k)(2) and 17 CFR 200.313(b), this system 
of records is exempt from 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), 
(H), and (I), and (f), and 17 CFR 200.303, 200.304, and 200.306, 
insofar as the system contains investigatory materials compiled for law 
enforcement purposes.

HISTORY:
    This SORN was last published in full in the Federal Register at 79 
FR 30661 (May 28, 2014).

SYSTEM NAME AND NUMBER:
SEC-45:
    Mass Transportation Subsidy Program.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission (SEC), Operations Center, Office 
of Human Resources, 100 F Street NE, Washington, DC 20549. Records are 
also maintained at SEC Regional Offices. U.S. Department of 
Transportation, 1200 New Jersey Avenue SE, Washington, DC 20590.

SYSTEM MANAGER(S):
    Assistant Director, Office of Human Resources, 100 F Street NE, 
Washington, DC 20549-2465.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Executive Order: 12191; Pub. L. 101-509, Section 629; Pub. L. 103-
172; 26 CFR 1.132-6; and 42 U.S.C. 13201 et seq.

PURPOSE(S) OF THE SYSTEM:
    To encourage employees to use public transportation as a means to 
conserve petroleum, reduce traffic congestion, and improve air quality.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    SEC employees who participate in the Mass Transportation Subsidy 
Program.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records include the employee's name, address, office telephone 
number, mode of transportation, transportation costs, date of entry 
into transit program, last four digits of social security number, 
organization, SmartTrip number, and date of annual certification.

RECORD SOURCE CATEGORIES:
    Records include SEC Form 2445, Application to Transit Subsidy 
Program, SEC Form 2344, Return/Termination of Public Transportation 
Subsidy; Employee Certification for Public Transportation Subsidy; 
Receipt for Public Transportation Subsidy; SEC Form 2318, Disbursing 
Agents, Voucher; and SEC Form 2407, Authorization for Third-Party 
Receipt of Public Transportation Subsidy.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    4. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    5. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    6. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    7. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    8. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    9. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    10. To the appropriate personnel for periodic review of 
revalidation for subsidy.
    11. To the Office of Inspector General for investigating 
allegations of abuse.
    12. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    13. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained and stored in an electronic format.

[[Page 85465]]

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by name, last four digits of SSN or assigned 
division within the SEC.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 63 
FR 37423 (July 10, 1998). Subsequent notices of revision can be found 
at the following citations:

SYSTEM NAME AND NUMBER:
SEC-46:
    Facilities Access Badge System.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
SYSTEM MANAGER(S):
    Securities and Exchange Commission, Office of Security Services, 
Office of Support Operations, 100 F Street NE, Washington, DC 20549-
1627.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 301 and Executive Order 13231 of October 16, 2001, on 
Critical Infrastructure Protection ; the Federal Property and 
Administrative Services Act of 1949, 40 U.S.C. 101 et seq.; Homeland 
Security Presidential Directive 12 (HSPD-12), Policy for a Common 
Identification Standard for Federal Employees and Contractors, August 
27, 2004.

PURPOSE(S) OF THE SYSTEM:
    Records are for physical and operational security to identify 
authorized personnel permitted unescorted access to Commission 
facilities. It is also used to issue Special Credentials used as a 
physical and operational security measure to identify SEC employees in 
the performance of their duties. Records are for physical and 
operational security and can only be used for purposes compatible with 
the purpose for which it was collected as cited in the Privacy Act of 
1974, 5 U.S.C. 552(a)7.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Commission employees, members of the press, contractors, 
volunteers, tenants, interns, consultants, and employees of other 
Federal agencies who require access to Commission facilities for 
extended periods of time.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records include the Government Personal Identity Verification (PIV) 
Card. The SEC system of records may contain the following: Name, date 
of birth, sex, social security number, citizenship, weight, height, 
color of hair and eyes, photograph, employee record number, card chip 
number, authorized access rights, date of issuance, date of return, 
date background investigation completed, Headquarters and Field Office 
Access Card (name, date of birth, weight, height, color of hair and 
eyes, photograph, employee record number, card chip number, authorized 
access rights, date of issuance, and date of expiration); Special 
Credential (signature of authorizing official, photograph, control 
number, date of issuance and date of expiration).

RECORD SOURCE CATEGORIES:
    The issuing official or person issued the badge.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or tribal law enforcement 
agencies; to assist in or coordinate law enforcement activities with 
the SEC.
    3. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    4. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of

[[Page 85466]]

assisting the Commission in the efficient administration of its 
programs, including by performing clerical, technical, or data analysis 
functions, or by reproduction of records by electronic or other means. 
Recipients of these records shall be required to comply with the 
requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
    5. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    6. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    7. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    8. To respond to subpoenas in any litigation or other proceeding.
    9. To the Office of Inspector General or Office of Human Resources 
for investigative purposes.
    10. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Electronic records may be retrieved by the employee's name and 
identification number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 63 
FR 37423 (July 10, 1998). Subsequent notices of revision can be found 
at the following citations:
    --72 FR 2036 (January 17, 2007)

SYSTEM NAME AND NUMBER:
SEC-48:
    Fitness Center Membership, Payment, and Fitness Records SEC 
Employee's Health and Fitness Program Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.
    Aquila Fitness Consulting Systems, Ltd, 429 Lenox Avenue, Suite 
4W21, Miami Beach, FL 33139-6532.

SYSTEM MANAGER(S):
    Associate Executive Director, Office of Human Resources, Securities 
and Exchange Commission, Operations Center, 6432 General Green Way, 
Mail Stop 0-1, Alexandria, VA 22312-2413.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 7901, et seq.

PURPOSE(S) OF THE SYSTEM:
    The system enables SEC Fitness Center staff to track Fitness Center 
membership, fee payments, and the physical fitness of members. The 
primary use of these records is to allow the SEC to provide a variety 
of health and fitness resources to its employees.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    SEC employees who voluntarily sign up for membership benefits for 
SEC fitness programs.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records may contain employee name, division, office address, email 
address, home address, home and cell telephone numbers, date of birth, 
health pre-screening questions, membership number, fee and payment 
information (including electronic debit information), and fitness 
progress charts.

[[Page 85467]]

RECORD SOURCE CATEGORIES:
    All information is provided by Fitness Center members.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    3. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    4. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    5. To members of Congress, the Government Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    6. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    7. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by the individual's name or membership 
number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 64 
FR 19840 (April 22, 1999). Subsequent notices of revision can be found 
at the following citations:
    --77 FR 16569 (March 21, 2012)

SYSTEM NAME AND NUMBER:
SEC-51:
    Continuity Support Center (CSC).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    Executive Director, Office of the Executive Director, Securities 
and Exchange Commission, 100 F Street NE, Washington, DC 20549.

[[Page 85468]]

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 301, Executive Order 12656 (Nov. 18, 1988), Assignment of 
Emergency Preparedness Responsibilities; National Security Presidential 
Directive 51/Homeland Security Presidential Directive 20; National 
Continuity Policy, May 9, 2007.

PURPOSE(S) OF THE SYSTEM:
    1. To maintain emergency contact information for current members 
and employees of the Commission for use in developing and maintaining 
emergency contingency operations plans, such as a formal continuity of 
operations (COOP) plan, for the Commission.
    2. To provide alert and notification, determine team and task 
assignments, develop and maintain an emergency contact system for 
general emergency preparedness programs and specific situations 
(including threat alerts, weather related emergencies or other critical 
situations).
    3. To activate COOP for Commission wide response to threat alerts 
issued by the Department of Homeland Security (DHS).

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Members and employees of the Commission and contractors.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Name, job title, organizational code number, work and home 
addresses, work and personal electronic mail addresses, work, home, and 
cellular telephone numbers; pager numbers and Blackberry PIN numbers.

RECORD SOURCE CATEGORIES:
    Records are obtained from the position control system and from the 
individual.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    4. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    5. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    6. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    7. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    8. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    9. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    10. To any Federal government authority for the purpose of 
coordinating and reviewing agency continuity of operations plans or 
emergency contingency plans developed for responding to Department of 
Homeland Security threat alerts.
    11. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    12. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    These records are retrieved by individual's names, or by the 
categories listed above under ``Categories of Records in the System.''

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security

[[Page 85469]]

cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may be directed 
to the FOIA/PA Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 68 
FR 23168 (April 30, 2003).

SYSTEM NAME AND NUMBER:
SEC-52:
    Visitor Badge and Employee Day Pass System.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, Security Branch, Office of 
Administrative Services, 100 F Street NE, Washington, DC 20549-1627.

SYSTEM MANAGER(S):
    Chief of Security Branch, Office of Administrative Services, 
Security Branch, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-1627.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 301 and Executive Order 13231 of October 16, 2001 on 
Critical Infrastructure Protection; Homeland Security Presidential 
Directive 12 (HSPD-12), Policy for a Common Identification Standard for 
Federal Employees and Contractors, August 27, 2004.

PURPOSE(S) OF THE SYSTEM:
    This system is primarily designed as a physical and operational 
security system to control access to Commission facilities by visitors 
and representatives from other Federal agencies. It is also used to 
issue temporary badges for Commission staff or contractors who are not 
in possession of their badge and are authorized to enter SEC 
facilities. Records are for physical and operational security and can 
only be used for purposes compatible with the purpose for which it was 
collected as cited in the Privacy Act of 1974, 5 U.S.C. 552(a)7.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Authorized visitors and Commission employees who access Commission 
facilities are covered by this system.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records may include the name, photograph, country represented the 
number of the printed barcode issued for each badge, visitor category, 
the location, date, and time of entry to the secure Commission 
facility. Records may include the following information from scanned 
driver's licenses and passports: First and last name. Further 
information contained within the system will be the name of the person 
being visited and the reason for the visit. The system may maintain 
check in and check out times, current status of visitor, and a barcode 
assigned by the system software for each visitor record.

RECORD SOURCE CATEGORIES:
    Information is provided by the visitor seeking access to Commission 
facilities to meet with Commission employees or contractors, by 
Commission employees who pre-register visitors, and by Commission 
employees or contractors with badges, who on that occasion do not have 
their access badge and seek access to SEC facilities.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or tribal law enforcement 
agencies; to assist in or coordinate law enforcement activities with 
the SEC.
    3. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    4. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    5. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
technical, or data analysis functions, or by reproduction of records by 
electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    6. To members of advisory committees that are created by the

[[Page 85470]]

Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    7. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    8. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    9. To respond to subpoenas in any litigation or other proceeding.
    10. To the Office of Inspector General or the Office of Human 
Resources for investigative purposes.
    11. Records may be used by staff of the Commission's Security 
Branch, the Office of Human Resources, and the Office of the Inspector 
General in routine reports or investigations to review access to SEC 
facilities and to assess compliance with established security 
procedures and policies.
    12. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by the Individual's name, person visited, 
date of visit and/or barcode number (as printed in the form of a 
barcode on the badge).

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 71 
FR 3907 (January 24, 2006).

SYSTEM NAME AND NUMBER:
SEC-54:
    Photographic Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    Branch Chief, Library Services, Securities and Exchange Commission, 
Library, 100 F Street NE, Room 1550, Washington, DC 20549-2465.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 301, Departmental Regulations.

PURPOSE(S) OF THE SYSTEM:
    1. To digitize SEC photographic files in support of the 
preservation of these materials.
    2. To be used for reproduction by Commission staff organizing such 
events as awards ceremonies, farewell ceremonies and receptions, 
Commission anniversary ceremonies and receptions, and Commission 
training and educational programs.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Commission staff, visitors from other Federal agencies and members 
of the public.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The records in the system include photographic prints, negatives, 
and slides. Records may also include digital photographs, as well as 
digitized images of photographic prints, negatives, and slides. 
Indexing data, including such data elements as date, event, and 
personal name and title, will be created for these materials.

RECORD SOURCE CATEGORIES:
    Photographic files are provided to the Library for inclusion in the 
Library's collection on an ongoing basis. Donors include Commission 
employees who have photographed an event or individuals donating their 
photographic collections to the Library for the purposes of 
preservation and access. Indexing information is derived from 
information recorded on photographs, or from Commission staff or other

[[Page 85471]]

individuals who have knowledge of the event and individuals 
photographed.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    5. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    6. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    7. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    8. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    9. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    10. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    11. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    12. To respond to subpoenas in any litigation or other proceeding.
    13. For distribution and presentation for news, public relations 
and community affairs purposes.
    14. In support of research activities conducted by staff of the 
Commission and other Federal agencies, as well as members of the 
public.
    15. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by such information as date of event, name 
of event, and/or name(s) of individual(s), where such information is 
available.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National

[[Page 85472]]

Institute of Standards and Technology (NIST) Security Standards from 
Access Control to Data Encryption and Security Assessment & 
Authorization (SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 71 
FR 63810 (October 31, 2006).

SYSTEM NAME AND NUMBER:
SEC-55:
    Information Pertaining or Relevant to SEC Registrants and Their 
Activities

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Records also are maintained in the SEC Regional Offices.

SYSTEM MANAGER(S):
    Chief Information Officer, Office of Information Technology, 
Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549-2465.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 78a et seq., 80a-1 et seq., and 80b-1 et seq.

PURPOSE(S) OF THE SYSTEM:
    1. For use by authorized SEC personnel in connection with their 
official functions including, but not limited to, conducting 
examinations for compliance with Federal securities laws, 
investigations into possible violations of the Federal securities laws, 
and other matters relating to the SEC's regulatory and law enforcement 
functions.
    2. To maintain continuity within the SEC as to each Regulated 
Entity and to provide SEC staff with the background and results of 
earlier examinations of Regulated Entities, as well as an insight into 
current industry practices or possible regulatory compliance issues.
    3. To conduct lawful relational searches or analysis or filtering 
of data in matters relating to the SEC's examination, regulatory or law 
enforcement functions.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Records concern individuals associated with entities or persons 
that are regulated by the SEC to include broker-dealers, investment 
advisers, investment companies, self-regulatory organizations, clearing 
agencies, nationally recognized statistical rating organizations, 
transfer agents, municipal securities dealers, municipal advisors, 
security-based swap dealers, security-based swap data repositories, 
major security-based swap participants, security-based swap execution 
facilities, and funding portals (individually, a ``Regulated Entity;'' 
collectively, ``Regulated Entities''). Records may also concern 
persons, directly or indirectly, with whom Regulated Entities or their 
affiliates have client relations or business arrangements.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records may contain Regulated Entities' and their associated 
persons' names, addresses, telephone numbers and email addresses. 
Additionally, there may be information relating to the business 
activities and transactions of Regulated Entities and their associated 
persons, as well as their compliance with provisions of the Federal 
securities laws and with other applicable rules.

RECORD SOURCE CATEGORIES:
    Record sources include filings made by Regulated Entities; 
information obtained through examinations or investigations of 
Regulated Entities and their activities; information contained in SEC 
correspondence with Regulated Entities; information received from other 
Federal, state, local, foreign or other regulatory organizations or law 
enforcement agencies; complaint information received by the SEC via 
letters, telephone calls, emails or any other form of communication; 
and data obtained from third-party sources.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records; (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct.
    5. In any proceeding where the Federal securities laws are in issue 
or in

[[Page 85473]]

which the Commission, or past or present members of its staff, is a 
party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    23. To members of Congress, the Government Accountability Office, 
or others charged with monitoring the work of the Commission or 
conducting records management inspections.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape, and/
or digital media. Paper records and records on digital media are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information is indexed by name of the Regulated Entity or by 
certain SEC identification numbers. Information regarding individuals 
may be obtained through the use of cross-reference methodology or some 
form of personal identifier. Access for inquiry purposes is via a 
computer terminal.

[[Page 85474]]

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. Records are required to be 
safeguarded in accordance with applicable SEC rules and policies. 
Computerized records are safeguarded in a secured environment. Security 
protocols meet the promulgating guidance as established by the National 
Institute of Standards and Technology (NIST) Security Standards from 
Access Control to Data Encryption and Security Assessment & 
Authorization (SA&A). Records are maintained in a secure, password-
protected electronic system that will utilize commensurate safeguards 
that may include: Firewalls, intrusion detection and prevention 
systems, and role-based access controls. Additional safeguards will 
vary by program. All records are protected from unauthorized access 
through appropriate administrative, operational, and technical 
safeguards. These safeguards include: Restricting access to authorized 
personnel who have a ``need to know''; using locks; and password 
protection identification features. Contractors and other recipients 
providing services to the Commission shall be required to maintain 
equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.
Notification Procedures
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 74 
FR 36281 (July 22, 2009). Subsequent notices of revision can be found 
at the following citations:
    --75 FR 35853 (June 23, 2010)
    --79 FR 69894 (November 24, 2014)

SYSTEM NAME AND NUMBER:
SEC-56:
    Mailing, Contact and Other Lists.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Records are also maintained in the SEC Regional Offices.

SYSTEM MANAGER(S):
    U.S. Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549. Components: Office of the Chairman and 
Commissioners, Division of Corporation Finance, Division of Trading and 
Markets, Division of Investment Management, Division of Enforcement, 
Office of the General Counsel, Office of the Chief Accountant, Office 
of Economic Analysis, Office of Compliance Inspections and 
Examinations, Office of International Affairs, Office of Investor 
Education and Advocacy, Office of Information Technology, Office of the 
Executive Director, Office of Human Resources, Office of Financial 
Management, Office of Administrative Services, Office of Risk 
Assessment, Office of the Inspector General, Office of Legislative and 
Intergovernmental Affairs, Office of Public Affairs, Office of the 
Secretary, Office of Equal Employment Opportunity, and Office of 
Administrative Law Judges.

For Regional Offices
    New York Regional Office, Regional Director, 3 World Financial 
Center, Suite 400, New York, NY 10281-1022; Boston Regional Office, 
Regional Director, 33 Arch Street, 23rd Floor, Boston, MA 02110-1424; 
Philadelphia Regional Office, Regional Director, The Mellon 
Independence Center, 701 Market Street, Suite 2000, Philadelphia, PA 
19106-1532; Miami Regional Office, Regional Director, 801 Brickell 
Avenue, Suite 1800, Miami, FL 33131-4901, Atlanta Regional Office, 
Regional Director, 3475 Lenox Road NE, Suite 1000, Atlanta, GA 30326-
1232; Chicago Regional Office, Regional Director, 175 West Jackson 
Boulevard, Suite 900, Chicago, IL 60604-2908; Denver Regional Office, 
Regional Director, 1801 California Street, Suite 1500, Denver, CO 
80202-2656; Fort Worth Regional Office, Regional Director, Burnett 
Plaza, Suite 1900, 801 Cherry Street, Unit #18, Fort Worth, TX 76102-
6882; Salt Lake Regional Office, Regional Director, 15 West South 
Temple Street, Suite 1800, Salt Lake City, UT 84101-1573; Los Angeles 
Regional Office, Regional Director, 5670 Wilshire Boulevard, 11th 
Floor, Los Angeles, CA 90036-3648; San Francisco Regional Office, 
Regional Director, 44 Montgomery Street, Suite 2600, San Francisco, CA 
94104-4716.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 77a et seq., 78a et seq., 80a-1 et seq., and 80b-1 et 
seq.

PURPOSE(S) OF THE SYSTEM:
    1. To track and process complaints/inquiries/requests/comments and 
communications from members of the public, including industry 
representatives, counsel, and others.
    2. To handle subscription requests for informational literature, 
reports, and other SEC materials, via individual, mass, and targeted 
mailing in the furtherance of SEC activities.
    3. To process registration, conduct surveys, and issue supplemental 
information for SEC-related activities and events.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Records contain information related to individuals and employees 
who submit requests for information, subscriptions, inquiries, 
guidance, informal advice and other assistance to the SEC in any 
format, including but not limited to paper, telephone, and electronic 
submissions; SEC personnel assigned to handle such correspondence; 
individuals who have registered for SEC events and responded to 
questionnaires, request forms and feedback forms; and individuals who 
elect to participate in SEC surveys and studies.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records may contain information relating to but not limited to 
name, title, affiliation, mailing address, telephone number, cell phone 
number, fax number, email address, business affiliation, other contact 
and related supporting information provided to the Commission by 
individuals or derived from other sources covered by this system of 
records and not currently covered under an existing SORN.

[[Page 85475]]

RECORD SOURCE CATEGORIES:
    The information is supplied by the individual and/or company making 
the request. Data may also be added pertaining to the fulfillment of 
the request. Information may also be obtained from other SEC records 
systems.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    5. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    6. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    7. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    8. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    9. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    10. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    11. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    12. To respond to subpoenas in any litigation or other proceeding.
    13. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by any of the following: Email address, 
name, or an assigned file number for the purpose of responding to the 
requestor. Information may additionally be retrieved by other personal 
identifiers.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

[[Page 85476]]

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.
    NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 74 
FR 36281 (July 22, 2009). Subsequent notices of revision can be found 
at the following citations:
    --75 FR 9968 (April 13, 2010)

SYSTEM NAME AND NUMBER:
SEC-57: Office of International Affairs Records.
SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Office of International Affairs, Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549.

SYSTEM MANAGER(S):
    Deputy Director, Office of International Affairs, Securities and 
Exchange Commission, 100 F Street NE, Washington, DC 20549-1004.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 77s, 77t, 78u, 77uuu, 80a-41, 80b-9, and 17 CFR 202.5.

PURPOSE(S) OF THE SYSTEM:
    Tracks data gathered by the Office of International Affairs with 
respect to processing (1) requests for enforcement cooperation with 
foreign regulators and law enforcement agencies; (2) international 
regulatory policy matters designed to protect investors, improve market 
efficiency, and eliminate opportunities for ``regulatory arbitrage''; 
(3) technical assistance and international training programs for 
emerging securities markets; (4) directory of contacts for foreign 
regulators and stock exchanges; (5) SEC staff foreign travel; and (6) 
USAID Reimbursement.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Foreign and domestic contacts for Enforcement workload/Commission 
and foreign requests; foreign and domestic contacts for policy 
requests; Foreign officials trained in SEC Headquarters; Chairmen, 
CEOs, and Presidents of foreign regulators and stock exchanges; SEC 
staff traveling overseas; and information on vendors providing support 
for SEC's technical assistance program and individuals entitled to 
USAID reimbursements.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Contact information of individuals related to Enforcement cases and 
policy requests. Contact information of international institute foreign 
officials trained in SEC Headquarters; Contact information for 
Chairmen, CEOs, and Presidents of foreign regulators and stock 
exchanges; SEC staff traveling overseas; and information on vendors 
providing support for SEC's technical assistance program and 
individuals entitled to USAID reimbursements. Correspondence relevant 
to the matter, internal staff memoranda, Commission Minutes and 
Commission Orders, working papers of the staff and other documents and 
records relating to the matter, opening reports, progress reports and 
closing reports, miscellaneous records relating to cross-border 
investigations or litigation and other international enforcement and 
regulatory matters.

RECORD SOURCE CATEGORIES:
    Information contained in this system is obtained from enforcement 
requests related to an SEC investigation; international institute 
training programs; foreign regulators and stock exchanges; SEC travel 
records; and USAID reimbursable programs.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or

[[Page 85477]]

regulatory authorities of a foreign government in connection with their 
regulatory or enforcement responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

[[Page 85478]]

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Data are retrievable by the individual's name or other identifier, 
such as case number, name, as well as non-identifying information.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 74 
FR 36281 (July 22, 2009).

SYSTEM NAME AND NUMBER:
SEC-60:
    Ethics Conduct Rules Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    The Ethics Counsel and the Designated Agency Ethics Official, 
Office of the General Counsel, Securities and Exchange Commission, 100 
F Street NE, Washington, DC 20549-1050.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The Federal securities laws (15 U.S.C. 77s, 78w, 77sss, 80a-37 and 
80b-11) and the regulations promulgated thereunder, including the 
Ethics Conduct Rules currently located at 17 CFR part 200 Subpart M.

PURPOSE(S) OF THE SYSTEM:
    For use by authorized SEC Ethics Office personnel, designated by 
the Ethics Counsel, and from time to time certain other SEC personnel, 
designated by the Ethics Counsel in his or her discretion, in 
connection with their official functions related to administering and 
supervising compliance with the Commission's Ethics Conduct Rules.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    SEC Members and employees, past and present.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Information relating to the SEC's ``Regulation Concerning Conduct 
of Members and Employees and Former Members and Employees of the 
Commission'' (``Ethics Conduct Rules''), currently located at 17 CFR 
part 200 Subpart M, including outside employment and activities, and 
covered securities transactions, securities holdings and securities 
accounts.

RECORD SOURCE CATEGORIES:
    Information is provided by current Members and employees of the 
Commission or their designees in accordance with the requirements of 
the SEC Ethics Conduct Rules.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records, (2) the SEC has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the SEC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To a Federal, State, or local law enforcement agency if the 
disclosing agency becomes aware of a violation or potential violation 
of law or regulation.
    3. To a court or party in a court or Federal administrative 
proceeding if the Government is a party or in order to comply with a 
judge-issued subpoena.
    4. To a source when necessary to obtain information relevant to a 
conflict of interest or securities law investigation or decision.
    5. To the National Archives and Records Administration or the 
General Services Administration in records management inspections.
    6. To the Office of Management and Budget during legislative 
coordination on private relief legislation.
    7. To the Department of Justice or in certain legal proceedings 
when the disclosing agency, and employee of the disclosing agency, or 
the United States is a party to litigation or has an interest in the 
litigation and the use of such records is deemed relevant and necessary 
to the litigation.
    8. To reviewing officials in a new office, department or agency 
when an employee transfers from one position to another subject to the 
Ethics Conduct Rules.
    9. To a Member of Congress or a congressional office in response to 
an inquiry made on behalf of an individual who is the subject of the 
record.

[[Page 85479]]

    10. To interns, grantees, experts and contractors who have been 
engaged by the Commission to assist in the performance of a service 
related to this system of records and who need access to the records 
for the purpose of assisting the Commission in the efficient 
administration of its programs. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a; and
    11. As a data source for management information for production of 
summary descriptive statistics and analytical studies in support of the 
function for which the records are collected and maintained; may also 
be utilized to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    12. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by the individual's name or other personal 
identifiers, as well as non-identifying information. Information 
regarding individuals may be obtained through the use of cross-
reference methodology.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained for six years or otherwise in 
accordance with records schedules of the Commission and as approved by 
the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/Privacy Act Officer, Securities and Exchange Commission, 100 F 
Street NE, Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 74 
FR 46254 (September 8, 2009).

SYSTEM NAME AND NUMBER:
SEC-62:
    Office of Municipal Advisor Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission (``Commission'' or ``SEC'') 100 
F Street NE, Washington, DC 20549.

SYSTEM MANAGER(S):
    Assistant Director, Division of Trading and Markets, Securities and 
Exchange Commission, 100 F Street NE, Washington, DC 20549-7561.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Dodd-Frank Wall Street Reform and Consumer Protection Act, Section 
975(a), Pub. L. 111-203 (2010); 15 U.S.C. 78a et seq.; 80b-1 et. seq.; 
and 17 CFR 202.1 through 202.10.

PURPOSE(S) OF THE SYSTEM:
    The records are used by SEC staff to track, process, respond to, 
and maintain documentation of correspondence, inquiries/requests/
comments, communications, and related information from or regarding 
members of the public, including industry representatives, counsel, and 
others, relating to Municipal Advisors; to document Commission or SEC 
staff responses on a formal or informal basis.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Persons applying for registration or exemption from registration as 
a Municipal Advisor, persons currently or formerly registered with the 
Commission as a Municipal Advisor, and their partners, officers, 
directors, associated persons, control persons, control affiliates, 
employees, owners, principal shareholders, other related persons, and 
their representatives or counsel; and representatives of regulated 
entities and their counsel, members of the public, representatives of 
other governmental agencies or Congress, and others who submit 
correspondence, inquiries, information, comments, or other forms of 
communication to the Commission or SEC staff relating to Municipal 
Advisors.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Both electronic and paper records in this system may include 
information concerning an individual's activities and transactions as 
or pertaining to, or relationships with, a Municipal Advisor; the name 
of the correspondent or inquirer/requester/commenter/communicant or 
their representative; the name of the entity; the subject of the 
correspondence, inquiry/request/comment or communication; the date of 
the correspondence, inquiry/request/comment or communication; and the 
Commission or SEC staff response provided, or other disposition, on a

[[Page 85480]]

formal or informal basis. Paper records may include, but are not 
limited to, letters, facsimiles, imaged documents, other written forms 
of communication, and related documentation.

RECORD SOURCE CATEGORIES:
    Information collected is received from individuals primarily 
through correspondence or other written or verbal forms of 
communication, including without limitation telephone calls, emails and 
other forms of electronic communication, letters, or facsimiles to the 
Commission and SEC staff.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or

[[Page 85481]]

conduct of enforcement actions brought by the Commission for such 
violations, or otherwise in connection with the Commission's 
enforcement or regulatory functions under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To any governmental agency, governmental or private collection 
agent, consumer reporting agency or commercial reporting agency, 
governmental or private employer of a debtor, or any other person, for 
collection, including collection by administrative offset, Federal 
salary offset, tax refund offset, or administrative wage garnishment, 
of amounts owed as a result of Commission civil or administrative 
proceedings.
    24. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by any of the following: Name, receipt 
date, entity name, registration number, telephone/cellular/facsimile 
number, email or internet address, subject matter, or other indexed 
information.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 75 
FR 51854 (August 23, 2010).

SYSTEM NAME AND NUMBER:
SEC-63:
    Tips, Complaints, and Referrals (TCR) Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Files may also be maintained in the Commission's Regional 
Offices that conducted an investigation or litigation.

SYSTEM MANAGER(S):
    Deputy Director, Division of Risk, Strategy, and Financial 
Innovation, U.S. Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 77a et seq., 78a et seq., 80a-1 et seq., 80b-1 et seq., 
and 5 U.S.C. 302.

PURPOSE(S) OF THE SYSTEM:
    For use by authorized SEC personnel in receiving, recording, 
assigning, tracking, and taking action on tips, complaints, and 
referrals received from individuals and entities related to actual or 
potential violations of the Federal securities laws; investor harm; or 
conduct of public companies, securities professionals, regulated 
entities and associated persons.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    (1) Individuals that submit tips, complaints, or related 
information about actual or potential violations of the Federal 
securities laws; investor harm; conduct of public companies, securities 
professionals, regulated entities, and associated persons; and internal 
and external referrals of misconduct; (2) Individuals that are the 
subjects of a tip or complaint related to an actual or potential 
securities law violation; (3) Attorneys or other related individuals; 
and (4) SEC personnel or contractors

[[Page 85482]]

assigned to handle such tips, complaints, and referrals.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records may include individual names, dates of birth, social 
security numbers, addresses, telephone numbers, tip, complaint, and 
referral information including allegation descriptions, dates, and 
supporting details; supporting documentation; web forms; emails; 
criminal history; working papers of the staff; and other documents and 
records relating to the matter.

RECORD SOURCE CATEGORIES:
    Information in these records may be supplied by investors and the 
general public, Commission-regulated entities including broker-dealers, 
investment advisers, self-regulatory organizations, other government 
agencies, and foreign regulators.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1

[[Page 85483]]

through 200.735-18, and who assists in the investigation by the 
Commission of possible violations of the Federal securities laws (as 
such term is defined in section 3(a)(47) of the Securities Exchange Act 
of 1934, 15 U.S.C. 78c(a)(47)), in the preparation or conduct of 
enforcement actions brought by the Commission for such violations, or 
otherwise in connection with the Commission's enforcement or regulatory 
functions under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by an individual's or entity's name, 
receipt date, subject matter, keywords that may include personal 
information, and/or other personal identifier. The system will also 
enable authorized SEC personnel to search for and retrieve records 
using conventional methods including but not limited to the use of 
unique record identifiers, keyword searches, geographic data (e.g. ZIP 
code), date and time searches, and sorts and filters.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Under 5 U.S.C. 552a(k)(2), this system of records is exempted from 
the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), 
(e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, 
and 200.306, insofar as it contains investigatory materials compiled 
for law enforcement purposes. This exemption is contained in 17 CFR 
200.312(a)(1).

HISTORY:
    This SORN was last published in full in the Federal Register at 76 
FR 30213 (May 24, 2011). Subsequent notices of revision can be found at 
the following citations:
    --76 FR 57636 (September 16, 2011)

SYSTEM NAME AND NUMBER:
SEC-64:
    SEC Security in the Workplace Incident Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549.

SYSTEM MANAGER(S):
    Chief, SEC Security Branch, 100 F Street NE, Washington, DC 20549-
2465.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 7902(d) and (e).

PURPOSE(S) OF THE SYSTEM:
    The records are used by SEC personnel to take action on, or to 
respond to a complaint about a threat, harassment, intimidation, 
violence, or other inappropriate behavior involving one or more SEC 
employees, contractors, interns, or other individuals against an SEC 
employee; and to make assessments of violent or potentially violent 
situations and then make recommendations regarding interventions for 
those persons involved with the situations.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Past and present employees, interns, and volunteers of the 
Securities and Exchange Commission (employees), contractors, visitors, 
and others who have access to SEC facilities who report

[[Page 85484]]

potential or actual workplace violence; persons accused of threatening 
to commit, or committing workplace violence, and persons interviewed or 
investigated in connection with reports or allegations of potential or 
actual workplace violence.

CATEGORIES OF RECORDS IN THE SYSTEM:
    These records include, but are not limited to: Case number, 
victim's name, office telephone number, room number, office/division, 
duty station, position, supervisor, supervisor's telephone number, 
location of incident, activity at time of incident, circumstances 
surrounding the incident, perpetrator, name(s) and telephone number(s) 
of witness(es), injured party(s), medical treatment(s), medical report, 
property damages, report(s) to police, and related information needed 
to investigate violence, threats, harassment, intimidation, or other 
inappropriate behavior causing SEC employees, contractors, or other 
individuals to fear for their personal safety in the SEC workplace.

RECORD SOURCE CATEGORIES:
    Records source is from individuals who report potential or actual 
workplace security incidents, and reports made on individuals 
interviewed or investigated in connection with allegations of potential 
or actual workplace security incidents.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. When a person or property is harmed, or when threats of harm to 
a person or property are reported, disclosure will be made, as 
appropriate, to law enforcement authorities, medical treatment 
authorities, and those persons being threatened or harmed.
    3. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
securities authorities to assist in or coordinate regulatory or law 
enforcement activities with the SEC.
    4. To a bar association, a state accountancy board, the Public 
Company Accounting Oversight Board, or any similar Federal, state, or 
local licensing authority for possible disciplinary action.
    5. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    6. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    7. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    8. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    9. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    10. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    11. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    12. To a Congressional office in response to an inquiry from that 
Congressional office made at the request of the individual to whom the 
record pertains.
    13. To respond to subpoenas in any litigation or other proceeding.
    14. To members of Congress, the Government Accountability Office, 
or others charged with monitoring the work of the Commission or 
conducting records management inspections.
    15. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach; or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by name or case designation (those who 
reported a violent or potentially violent event and those who were 
reported), event date, and event location

[[Page 85485]]

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Under 5 U.S.C. 552a(k)(2), this system of records is exempted from 
the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), 
(e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, 
and 200.306, insofar as it contains investigatory materials compiled 
for law enforcement purposes. This exemption is contained in 17 CFR 
200.312(a)(1).

HISTORY:
    This SORN was last published in full in the Federal Register at 76 
FR 30213 (May 24, 2011). Subsequent notices of revision can be found at 
the following citations:
    --76 FR 57636 (September 17, 2011)

SYSTEM NAME AND NUMBER:
SEC-65:
    Correspondence Response Systems.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, 100 F Street NE, Washington, DC 
20549. Also, records covered by Subsystem A are received by and 
maintained in the Commission's Regional Offices, whose addresses are 
listed below under System Manager(s) and Address.

SYSTEM MANAGER(S):
    Subsystem A: Chief Counsel, Office of Investor Education and 
Advocacy, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549; New York Regional Office, Regional Director, 3 
World Financial Center, Suite 400, New York, NY 10281-1022; Boston 
Regional Office, Regional Director, 33 Arch Street, 23rd Floor, Boston, 
MA 02110-1424; Philadelphia Regional Office, Regional Director, The 
Mellon Independence Center, 701 Market Street, Suite 2000, 
Philadelphia, PA 19106-1532; Miami Regional Office, Regional Director, 
801 Brickell Avenue, Suite 1800, Miami, FL 33131-4901, Atlanta Regional 
Office, Regional Director, 3475 Lenox Road, NE, Suite 1000, Atlanta, GA 
30326-1232; Chicago Regional Office, Regional Director, 175 West 
Jackson Boulevard, Suite 900, Chicago, IL 60604-2908; Denver Regional 
Office, Regional Director, 1801 California Street, Suite 1500, Denver, 
CO 80202-2656; Fort Worth Regional Office, Regional Director, Burnett 
Plaza, Suite 1900, 801 Cherry Street, Unit #18, Fort Worth, TX 76102-
6882; Salt Lake Regional Office, Regional Director, 15 West South 
Temple Street, Suite 1800, Salt Lake City, UT 84101-1573; Los Angeles 
Regional Office, Regional Director, 5670 Wilshire Boulevard, 11th 
Floor, Los Angeles, CA 90036-3648; San Francisco Regional Office, 
Regional Director, 44 Montgomery Street, Suite 2600, San Francisco, CA 
94104-4716.
    Subsystem B: Office of the Chairman, Securities and Exchange 
Commission, 100 F Street NE, Washington, DC 20549.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 77s, 77sss, 78d, 78d-1, 78d-2, 78w, 78ll(d), 79t, 80a-37, 
and 80b-11.

PURPOSE OF THE SYSTEM:
    The records will be used by the staff to track and process 
complaints/inquiries/requests from members of the public and others.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Subsystem A:
    Records are maintained in the Investor Response Information System 
(IRIS) on members of the public and others who submit questions or 
complaints to the Commission generally, or to Divisions and Offices of 
the Commission, or who contact the Office of Investor Education and 
Advocacy or the Commission's Regional Offices.
    Subsystem B:
    Records are maintained in the Chairman's Correspondence System 
(CCS) on members of the public, members of Congress or their staff, and 
others who address their inquiries or complaints to the Commission's 
Chairman's Office or to the Office of Legislative and Intergovernmental 
Affairs.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Both electronic and paper records in this system/subsystems may 
contain the name of the complainant/inquirer/requester or their 
representative, the name of the entity and/or subject of the complaint/
inquiry/request, the date relating to the receipt and disposition of 
the complaint/inquiry/request, Personally Identifiable Information 
(PII) and other sensitive information such as investment account 
information, and, where applicable, the type of complaint/inquiry/
request and other information derived from or relating to the 
complaint/inquiry/request. Paper records may include, but are not 
limited to, letters of complaint/inquiry/request, responses, and 
related documentation.

RECORD SOURCE CATEGORIES:
    Information collected in all subsystems is received from 
individuals primarily through web forms, email,

[[Page 85486]]

letters, telephone calls, or personal visits to the Commission's 
offices.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (a) it is 
suspected or confirmed that the security or confidentiality of 
information in the system of records has been compromised; (b) the SEC 
has determined that, as a result of the suspected or confirmed 
compromise, there is a risk of harm to economic or property interests, 
identity theft or fraud, or harm to the security or integrity of this 
system or other systems or programs (whether maintained by the SEC or 
another agency or entity) that rely upon the compromised information; 
and (c) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with the SEC's efforts to 
respond to the suspected or confirmed compromise and prevent, minimize, 
or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. To national securities exchanges and national securities 
associations that are registered with the SEC, the Municipal Securities 
Rulemaking Board; the Securities Investor Protection Corporation; the 
Public Company Accounting Oversight Board; the Federal banking 
authorities, including, but not limited to, the Board of Governors of 
the Federal Reserve System, the Comptroller of the Currency, and the 
Federal Deposit Insurance Corporation; state securities regulatory 
agencies or organizations; or regulatory authorities of a foreign 
government in connection with their regulatory or enforcement 
responsibilities.
    4. By SEC personnel for purposes of investigating possible 
violations of, or to conduct investigations authorized by, the Federal 
securities laws.
    5. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    6. In connection with proceedings by the Commission pursuant to 
Rule 102(e) of its Rules of Practice, 17 CFR 201.102(e).
    7. To a bar association, state accountancy board, or other Federal, 
state, local, or foreign licensing or oversight authority; or 
professional association or self-regulatory authority to the extent 
that it performs similar functions (including the Public Company 
Accounting Oversight Board) for investigations or possible disciplinary 
action.
    8. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    9. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    10. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    11. To any trustee, receiver, master, special counsel, or other 
individual or entity that is appointed by a court of competent 
jurisdiction, or as a result of an agreement between the parties in 
connection with litigation or administrative proceedings involving 
allegations of violations of the Federal securities laws (as defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)) or pursuant to the Commission's Rules of Practice, 17 CFR 
201.100 through 900 or the Commission's Rules of Fair Fund and 
Disgorgement Plans, 17 CFR 201.1100 through 1106, or otherwise, where 
such trustee, receiver, master, special counsel, or other individual or 
entity is specifically designated to perform particular functions with 
respect to, or as a result of, the pending action or proceeding or in 
connection with the administration and enforcement by the Commission of 
the Federal securities laws or the Commission's Rules of Practice or 
the Rules of Fair Fund and Disgorgement Plans.
    12. To any persons during the course of any inquiry, examination, 
or investigation conducted by the SEC's staff, or in connection with 
civil litigation, if the staff has reason to believe that the person to 
whom the record is disclosed may have further information about the 
matters related therein, and those matters appeared to be relevant at 
the time to the subject matter of the inquiry.
    13. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    14. In reports published by the Commission pursuant to authority 
granted in the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), which authority shall include, but not be limited to, 
section 21(a) of the Securities Exchange Act of 1934, 15 U.S.C. 
78u(a)).
    15. To members of advisory committees that are created by the 
Commission or by Congress to render advice and recommendations to the 
Commission or to Congress, to be used solely in connection with their 
official designated functions.
    16. To any person who is or has agreed to be subject to the 
Commission's Rules of Conduct, 17 CFR 200.735-1 through 200.735-18, and 
who assists in the investigation by the Commission of possible 
violations of the Federal securities laws (as such term is defined in 
section 3(a)(47) of the Securities Exchange Act of 1934, 15 U.S.C. 
78c(a)(47)), in the preparation or conduct of enforcement actions 
brought by the Commission for such violations, or otherwise in 
connection with the Commission's enforcement or regulatory functions 
under the Federal securities laws.
    17. To a Congressional office from the record of an individual in 
response to

[[Page 85487]]

an inquiry from the Congressional office made at the request of that 
individual.
    18. To members of Congress, the press, and the public in response 
to inquiries relating to particular Registrants and their activities, 
and other matters under the Commission's jurisdiction.
    19. To prepare and publish information relating to violations of 
the Federal securities laws as provided in 15 U.S.C. 78c(a)(47)), as 
amended.
    20. To respond to subpoenas in any litigation or other proceeding.
    21. To a trustee in bankruptcy.
    22. To members of Congress, the General Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    23. To respond to inquiries from individuals who have submitted 
complaints/inquiries/request, or from their representatives.
    24. To entities against which complaints/inquiries/requests are 
directed when Commission staff requests them to research the issues 
raised and report back to the staff.

POLICIES AND PRACTICES STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases and/or on computer disc. 
Paper records and records on computer disc are stored in file rooms 
and/or file cabinets, as well as off-site locations including the 
Federal Records Center, pursuant to applicable record retention 
guidelines.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    The files (both paper and electronic) in Subsystems A and B are 
retrievable by the name, receipt date, name of the registered 
representative or associated person named in the complaint/inquiry/
request, or the name of the entity/issuer that is the subject of the 
complaint/inquiry/request.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Records are safeguarded in a secured environment. Buildings where 
records are stored have security cameras and 24 hour security guard 
service. The records are kept in limited access areas during duty hours 
and in file cabinets and/or offices or file rooms at all other times. 
Computerized records are safeguarded through use of access codes and 
information technology security. Contractors and other recipients 
providing services to the Commission are contractually obligated to 
maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Under 5 U.S.C. 552a(k)(2), this system of records is exempted from 
the following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3), (d), 
(e)(1), (e)(4)(G), (H), (I), and (f) and 17 CFR 200.303, 200.304, and 
200.306, insofar as it contains investigatory materials compiled for 
law enforcement purposes. This exemption is contained in 17 CFR 
200.312(a)(1).

HISTORY:
    This SORN was last published in full in the Federal Register at 76 
FR 30213 (May 24, 2011). Subsequent notices of revision can be found at 
the following citations:
    --76 FR 57636 (September 18, 2011)

SYSTEM NAME AND NUMBER:
SEC-66:
    Backup Care Employee and Family Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Bright Horizons Family Solutions, 200 Talcott Avenue, Watertown, MA 
02472. Records may also be maintained at subcontracted childcare center 
locations. Electronic Reports of SEC Employees' registrations and uses 
are maintained at the Securities and Exchange Commission, 100 F Street 
NE, Washington, DC 20549.

SYSTEM MANAGER(S):
    Associate Executive Director, Office of Human Resources, Securities 
and Exchange Commission, 100 F Street NE, Washington, DC 20549-3901.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    40 U.S.C 590.

PURPOSE(S) OF THE SYSTEM:
    The records are used to determine an employee's eligibility to 
request backup care benefits for family members.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Current SEC employees who voluntarily sign up for backup care 
benefits and their family members for whom care is needed.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records may contain employee name, email address, home address, 
home and cell telephone numbers, and date of birth; family member's 
name, address, date of birth, physician medical form, and medical 
identification number; photos of child, and individuals authorized to 
pick up child; and provider's name.

RECORD SOURCE CATEGORIES:
    All information is provided by SEC employees registering for the 
services.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower

[[Page 85488]]

studies; may also be used to respond to general requests for 
statistical information (without personal identification of 
individuals) under the Freedom of Information Act.
    3. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    4. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    5. To members of Congress, the Government Accountability Office, or 
others charged with monitoring the work of the Commission or conducting 
records management inspections.
    6. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs. Recipients of these records shall be required 
to comply with the requirements of the Privacy Act of 1974, as amended, 
5 U.S.C. 552a.
    7. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach; or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic format. Electronic records are 
stored in computerized databases, magnetic disc, tape and/or on digital 
media. Paper records and records on computer disc are stored in locked 
file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by the individual's name.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with records 
schedules of the United States Securities and Exchange Commission and 
as approved by the National Archives and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 77 
FR 65913 (October 31, 2012). Subsequent notices of revision can be 
found at the following citations:
    --78 FR 41962 (July 12, 2013)

SYSTEM NAME AND NUMBER:
SEC-67:
    General Information Technology Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Securities and Exchange Commission, Headquarters, 100 F Street NE, 
Washington, DC 20549 and the SEC's Regional Offices.

SYSTEM MANAGER(S):
    Chief Information Officer, Securities and Exchange Commission, 100 
F Street NE, Washington, DC 20549-2465.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 302, Delegation of Authority; 44 U.S.C. 3534; Federal 
Information Security Act (Pub. L. 104-106, section 5113); Electronic 
Government Act (Pub. L. 104-347, section 203); and E.O. 9397 (SSN), as 
amended by E.O. 13487.

PURPOSE(S) OF THE SYSTEM:
    The purpose of this system is to (1) provide authentication and 
authorization to individuals with access to SEC-controlled information 
and information system networks; (2) collect, review, and maintain any 
logs, audit trails, or other such security data regarding the use of 
SEC information or information systems; and (3) to enable the 
Commission to detect, report, and take appropriate action against 
improper or unauthorized access to SEC-controlled information and 
information systems networks. The records will also enable the SEC to 
provide individuals access to certain programs and meeting attendance 
and, where appropriate, allow for sharing of information between 
individuals in the same operational program to facilitate 
collaboration. SEC management personnel may use statistical data, with 
all personal identifiers removed or masked, for system efficiency, 
workload calculation, or reporting purposes.

[[Page 85489]]

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Records are maintained on all individuals who are authorized to 
access SEC information or information systems; including: employees, 
contractors, students, interns, volunteers, affiliates, others working 
on behalf of the SEC, and individuals formerly in any of these 
positions. Records may also include individuals who voluntarily join an 
SEC-owned and operated web portal for collaboration purposes; 
individuals who request access but are denied, and/or who have had 
access revoked.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system of records may include: Users' names; social security 
numbers; business telephone numbers; cellular phone numbers; pager 
numbers; levels of access; physical and email addresses; titles; 
departments; division; contractor/employee status; computer logon 
addresses; password hashes; user identification codes; dates and times 
of access; IP addresses; logs of internet activity; types of access/
permissions required; failed access data; archived transaction data; 
historical data; and justifications for access to SEC computers, 
networks, or systems. For individuals who telecommute from home or a 
telework center, the records may contain the internet Protocol (IP) 
address and telephone number at that location. For contractors, the 
system may contain the company name, contract number, and contract 
expiration date. The system may also contain details regarding: 
Programs; databases; functions; and sites accessed and/or used, dates 
and times of use, information products created, received, or altered 
during use, and access or functionality problems reported for technical 
support and resolution.

RECORD SOURCE CATEGORIES:
    Information is supplied by the record subject, their supervisors, 
and the personnel security staff. Logs and details about access times 
and functions used are provided by the system.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the Commission as a 
routine use pursuant to 5 U.S.C. 552 a(b)(3) as follows:
    1. To appropriate agencies, entities, and persons when (1) the SEC 
suspects or has confirmed that there has been a breach of the system of 
records,[middot](2) the SEC has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
the SEC (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the SEC's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    2. To other Federal, state, local, or foreign law enforcement 
agencies; securities self-regulatory organizations; and foreign 
financial regulatory authorities to assist in or coordinate regulatory 
or law enforcement activities with the SEC.
    3. In any proceeding where the Federal securities laws are in issue 
or in which the Commission, or past or present members of its staff, is 
a party or otherwise involved in an official capacity.
    4. To a Federal, state, local, tribal, foreign, or international 
agency, if necessary to obtain information relevant to the SEC's 
decision concerning the hiring or retention of an employee; the 
issuance of a security clearance; the letting of a contract; or the 
issuance of a license, grant, or other benefit.
    5. To a Federal, state, local, tribal, foreign, or international 
agency in response to its request for information concerning the hiring 
or retention of an employee; the issuance of a security clearance; the 
reporting of an investigation of an employee; the letting of a 
contract; or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    6. To produce summary descriptive statistics and analytical 
studies, as a data source for management information, in support of the 
function for which the records are collected and maintained or for 
related personnel management functions or manpower studies; may also be 
used to respond to general requests for statistical information 
(without personal identification of individuals) under the Freedom of 
Information Act.
    7. To any persons during the course of any inquiry, examination, or 
investigation conducted by the SEC's staff, or in connection with civil 
litigation, if the staff has reason to believe that the person to whom 
the record is disclosed may have further information about the matters 
related therein, and those matters appeared to be relevant at the time 
to the subject matter of the inquiry.
    8. To interns, grantees, experts, contractors, and others who have 
been engaged by the Commission to assist in the performance of a 
service related to this system of records and who need access to the 
records for the purpose of assisting the Commission in the efficient 
administration of its programs, including by performing clerical, 
stenographic, or data analysis functions, or by reproduction of records 
by electronic or other means. Recipients of these records shall be 
required to comply with the requirements of the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a.
    9. To respond to subpoenas in any litigation or other proceeding.
    10. To a Congressional office from the record of an individual in 
response to an inquiry from the Congressional office made at the 
request of that individual.
    11. To members of Congress, the Government Accountability Office, 
or others charged with monitoring the work of the Commission or 
conducting records management inspections.
    12. To a commercial contractor in connection with benefit programs 
administered by the contractor on the Commission's behalf, including, 
but not limited to, supplemental health, dental, disability, life and 
other benefit programs.
    13. To another Federal agency or Federal entity, when the SEC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach; or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic and paper format. Electronic 
records are stored in computerized databases, magnetic disc, tape and/
or digital media. Paper records and records on computer disc are stored 
in locked file rooms and/or file cabinets.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information may be retrieved, sorted, and/or searched by an 
identification number assigned by the computer, the last two digits of 
a social security number, email address, or by the name of the 
individual, or other employee

[[Page 85490]]

data fields previously identified in this SORN.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records will be maintained until they become inactive, at 
which time they will be retired or destroyed in accordance with the 
SEC's records retention schedule, as approved by the National Archives 
and Records Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to SEC facilities, data centers, and information or 
information systems is limited to authorized personnel with official 
duties requiring access. SEC facilities are equipped with security 
cameras and 24-hour security guard service. The records are kept in 
limited access areas during duty hours and in locked file cabinets and/
or locked offices or file rooms at all other times. Computerized 
records are safeguarded in a secured environment. Security protocols 
meet the promulgating guidance as established by the National Institute 
of Standards and Technology 4 (NIST) Security Standards from Access 
Control to Data Encryption and Security Assessment & Authorization 
(SA&A).
    Records are maintained in a secure, password-protected electronic 
system that will utilize commensurate safeguards that may include: 
Firewalls, intrusion detection and prevention systems, and role-based 
access controls. Additional safeguards will vary by program. All 
records are protected from unauthorized access through appropriate 
administrative, operational, and technical safeguards. These safeguards 
include: Restricting access to authorized personnel who have a ``need 
to know''; using locks; and password protection identification 
features. Contractors and other recipients providing services to the 
Commission shall be required to maintain equivalent safeguards.

RECORD ACCESS PROCEDURES:
    Persons wishing to obtain information on the procedures for gaining 
access to or contesting the contents of these records may contact the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

CONTESTING RECORD PROCEDURES:
    See Record access procedures above.

NOTIFICATION PROCEDURES:
    All requests to determine whether this system of records contains a 
record pertaining to the requesting individual may be directed to the 
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE, 
Washington, DC 20549-2465.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This SORN was last published in full in the Federal Register at 79 
FR 30661 (May 28, 2014).

    By the Commission.

    Dated: December 21, 2020.
Vanessa A. Countryman,
Secretary.
[FR Doc. 2020-28601 Filed 12-23-20; 8:45 am]
BILLING CODE 8011-01-P


