FEDERAL DEPOSIT INSURANCE CORPORATION Subcommittee Analysis The Federal Deposit Insurance Corporation reported two data banks. Neither is computerized. I. Index Title A. Sec. 7(j) file (not computerized).. Description: (1) Purpose; (2) Contents (1) Certain bank stock transactions are required by B. Secs. 8 and 19 file (not computerized)...... (1) Under the Federal Deposit Insurance Act, the FDIC is responsible for taking certain actions if it II. Nature of Material Submitted Subjects 10,000. 20,000. Most of the information requested was furnished by FDIC in great detail. The only insufficient answer had to do with access by other agencies; limitations as to the categories of data that may be disclosed were not stated. The FDIC's original response to the questionnaire stated that the numbered questions were inapplicable to its manually maintained files. In a letter to Chairman Wille dated February 28, 1972, Senator Ervin requested that questions be applied to the files even though they were not computerized. FDIC responded July 6, 1972. III. Comments A. Statutory Authority Data bank A, Section 7(j) File, is expressly authorized by 12 U.S.C. 1817 subsection (j) which requires that reports of changes in control or loans secured by bank stock be made to the FDIC. Data bank B, Sections 8 and 19 Files, is justified by derivative authorization based on the Federal Deposit Insurance Act which requires the FDIC to take certain actions if it is learned that persons associated with insured banks engage in, or have engaged in, various forms of wrongdoing. For instance, the FDIC is required to look into the character of management of banks making application for membership (12 U.S.C. 1815, 1816). Another statutory responsibility is to report violations of laws, rules, regulations, or orders to the Comptroller of the Currency, Federal Reserve Board, and state banking authorities. Record keeping is obviously required. B. Subject Notification and Access FDIC does not notify individuals of their inclusion in the files, nor does it allow review and update of information by subject individuals. No procedure for assuring accuracy of files is mentioned in the response. C. Access by Other Agencies The response does not provide clear information regarding the extent to which information in FDIC files is accessible by other agencies. No official outside the FDIC is allowed physical access to files. However, information is provided ". . . on a verbal basis with only limited factual information disclosed. . . ." The extent of the limitations is not clearly stated. Sections 8 and 19 Files are updated with information supplied by the Justice Department. Reports of criminal acts which have occurred in insured banks are forwarded to the United States Attorney. The Justice Department supplies the FDIC with information as to the final disposition of the cases. D. Public Access The response states that access is not provided to private individuals. E. Security Precautions The reference card files are maintained under ordinary file cabinet lock. No information is furnished as to security of the actual documents upon which information is recorded. F. Sources of Information Data bank A, Section 7(j) File, is comprised of information which is submitted to the FDIC by insured banks. Also, the Comptroller of the Currency and the Federal Reserve System provide the FDIC with information coming to them regarding changes in control of insured banks. Data bank B, Section 8 and 19 Files, collect some information directly from subject individuals on financial reports submitted by directors, officers, and subscribers to 5% or more of the stock of a proposed new State nonmember bank. Some material is furnished by bank examiners, employees of the FDIC who conduct examinations of member banks and report their findings to the FDIC. The FBI conducts name checks and completes identification records which become part of the files. Department of Justice supplies information regarding case-disposition which is used to update files. IV. Evaluation The statutory authority for record keeping is strong; the responsibilities assigned to the FDIC in the Federal Deposit Insurance Act could not be discharged without the maintenance of files on individuals. The failure of the FDIC to provide access to files and a right of review to subject individuals is curious. Not only is it unfair to in dividuals concerned; in all probability, subjects would make a valuable contribution to the accuracy of the files. Since the response failed to list limitations on disclosure, it is not possible to evaluate the matter of access to files by outsiders. The response makes little mention of the files containing actual reports and documents. It would seem that the documents themselves and not files referencing them would be of most concern to the respondents. A good example is provided in the response to the question regarding file security. The reference card files are kept in locked file cabinets; there is no mention of how, or even whether, the actual documents are secured. Agency Response The Federal Deposit Insurance Corporation responded to the standard subcommittee questionnaire (see inside back cover), on February 22, 1972. The subcommittee requested additional information by letter dated February 28, 1972. On July 6, 1972 the FDIC responded to the subcommittee's second request for information. All of this correspondence is printed below. Hon. SAM J. ERVIN, Jr., FEDERAL DEPOSIT INSURANCE CORPORATION, OFFICE OF THE CHAIRMAN, Washington, D.C., February 22, 1972. Chairman, Committee on the Judiciary, Subcommittee on Constitutional Rights, U.S. Senate, Washington, D.C. DEAR SENATOR ERVIN: This is in response to your request for information concerning any data banks containing personal information maintained by the FDIC for statistical, administrative or intelligence purposes. Your letter asks about intelligence-type files maintained for surveillance of individuals involved in political activities or for other purposes. The FDIC does not maintain any files for the purpose of surveillance of demonstrators or others involved in political activities. We do maintain information on people now associated with banks insured by the FDIC or who have been associated with such banks in the past. We keep a name record of any individual associated with an insured bank if a letter-report to the United States Attorney has been written naming that person as a possible violator of the U.S. Code. We also maintain in this file the names of purchasers of bank stock required to be reported to us by Section 7(j) of the Federal Deposit Insurance Corporation Act, and the names of individuals gained from newspapers and other public sources if they are characterized as having an unsatisfactory relationship with any insured bank or any closed insured bank. We also include information supplied to the Corporation by other investigative or regulatory agencies on persons connected with an insured bank. While the FDIC maintains a substantial amount of statistical data in a computerized form, it has not developed and does not maintain any computerized intelligence-type files containing personal information about individuals. We do not have any plans at present for automating or microfilming either a list of names or the files relating to these persons. At some time in the future it is possible that problems related to record storage and retrieval may lead to some consideration of microfilming. The specific questions in your letter refer to automated files which, as I have indicated, we do not maintain. Some of these questions appear relevant to nonautomated files as well. If you would be interested we can answer those questions to the extent that they are applicable to our non-automated files. If any further information concerning this matter would be helpful to your Subcommittee, we will be happy to cooperate. Sincerely, FRANK WILLE, Chairman. FEBRUARY 28, 1972. Hon. FRANK WILLE, Chairman, Federal Deposit Insurance Corporation, DEAR MR. CHAIRMAN: This is to thank you for your prompt reply to the Subcommittee's questionnaire concerning the computer systems and data banks maintained by the Federal Deposit Insurance Corporation. As I indicated in my letter, the purpose of our study is to survey the laws and regulations which govern such federal activities and to evaluate the need for new legislation to protect the privacy and due process rights of all citizens. Since your letter has not responded to the Subcommittee questionnaire in the detail necessary for our purpose, I should appreciate it if you could provide me with a description of the major categories of data banks by applying to them any relevant questions contained in the Subcommittee questionnaire. In particular, would you apply these questions to the files described briefly in the second paragraph of your letter which relate to (1) persons associated now or in the past with FDIC-insured banks; (2) persons characterized as having an unsatisfactory relationship with any insured bank or any closed insured bank; and (3) persons connected with an insured bank who are subjects of information supplied to the Corporation by other investigative or regulatory agencies. In connection with such description, I should appreciate an explanation of the terms "associated," ," "unsatisfactory relationship" and "connected" as applied to individuals who are subjects of your files. I ask for such an elaborated explanation from your agency as well as from all other federal departments and agencies so that Congress can begin to make some headway in its study of a major legal issue of our times. For this reason, your cooperation and continued assistance in our investigation is deeply appreciated. Sincerely yours, SAM J. ERVIN, Jr., Chairman. FEDERAL DEPOSIT INSURANCE CORPORATION, OFFICE OF THE CHAIRMAN, Hon. SAM J. ERVIN, Jr., Chairman, Committee on the Judiciary, of " Subcommittee on Constitutional Rights, DEAR MR. CHAIRMAN: This is in further response to your February 28 request for an explanation of certain terms we used in previous correspondence and for a further description of the administrative reference card files we maintain. We would like to emphasize that the reference card files are not for the purpose surveillance of demonstrators and others involved in political activities either for or against various government policies. . .". The card files are used as reference directories to the various correspondence and records which relate to administration of our bank supervisory responsibilities. The words "associated" and "connected" were used synonymously and apply to persons who are proposed as directors, officers, employees or subscribers to 5% or more of the stock of new insured nonmember banks, past and present directors, officers and employees of insured banks if they have been the subject of a letter-report to the United States Attorney for a possible violation of the U.S. Code, and individuals who have purchased a "control" stock interest in a bank or borrowed on bank stock. The term "unsatisfactory relationship," in the context in which it is used, means individuals or business entities whose relationships with banks have been to the possible detriment of a financial institution. The reference card files provide the source to associate or connect quickly an individual or business entity to a bank and to locate the correspondence, examination reports and other files relating thereto which are maintained by the Corporation on every insured bank; reference to the various files is necessary to determine: (a) the general character of management of a bank (Sections 5 and 6 of the Federal Deposit Insurance Act, 12 U.S.Č. 1815 and 1816); (b) if bank directors, officers or employees "have engaged or are engaging in unsafe or unsound practices in conducting the business of such bank or violated an applicable law, rule, regulation or order (Section 8(a) of the Federal Deposit Insurance Act, 12 U.S.C. 1818(a)); (c) if any director or officer has committed any violation of law, rule, regulation or been a part to any act, omission or practice which constitutes a breach of fiduciary duty involving personal dishonesty (Section 8(e) of the Federal Deposit Insurance Act, 12 U.S.C. 1818(e)); and, (d) whether any action is necessary under Section 19 (12 U.S.C. 1829) which states in effect that the consent of this Corporation is necessary when any insured bank desires to employ or continue the employment of any person convicted of a criminal offense involving dishonesty or a breach of trust. Each director, officer, and subscriber to 5% or more of the stock of a proposed new State nonmember bank is asked to answer a question contained in the Financial Report format concerning whether he has been convicted of a criminal offense involving dishonesty or a breach of trust. In addition, a request is made of the Federal Bureau of Investigation for a name check and identification record for these same individuals, with the response thereto made a part of the reference card files if a person has been charged with an act of dishonesty or breach of trust. In certain instances, these same checks are made for other individuals to determine compliance with Section 19 of the Federal Deposit Insurance Act. This reference card file is updated with information supplied by the Department of Justice on its investigation and the eventual disposition of charges contained in letter-reports to the United States Attorney prepared by Corporation Examiners. Also in this particular reference card file are the names of individuals gained from newspapers and other public sources, and the reported facts surrounding each individual, if they are characterized as having been involved in a fraud or attempted fraud against a bank. This is not a law enforcement-oriented or intelligence-type file (described herein as the "Section 8 and 19 file"). The Corporation also maintains a reference card file of the names of persons involved in certain bank stock transactions which are required to be reported by Section 7(j) of the Federal Deposit Insurance Act (12 U.S.C. 1817(j)). This same Section requires each of the other Federal supervisory agencies to report to this Corporation facts concerning bank stock loans and changes of "control" of banks under their supervision. This is not a law enforcement-oriented or intelligence-type file (described herein as the "Section 7(j) file'). The information in the Section 7(j) file concerning changes in bank ownership is duplicated, in part, in the public files of the Secretary of the Corporation. The public files indicate name and location of the bank involved, names of sellers and purchasers, date of transaction, the number of shares involved and the number of shares outstanding. The Corporation presently has no plans to automate, film or computerize these administrative reference card files. In accordance with your request, there is enclosed an elaboration and further explanation of our use of these card files, following your questionnaire format of December 23, 1971. In addition to the Financial Report, Changes in Bank Ownership and Loans Secured by Bank Stock, Name Check and Identification Record forms, we also enclose copies of Sections 5, 6, 7(j), 8 and 19 of the Federal Deposit Insurance Act, and a copy of the Freedom of Information Act (Public Law 89-487). Also enclosed are copies of Corporation memoranda implementing the foregoing. In response to question 19, there are enclosed selected testimony and statements of Corporation representatives before Congressional committees. This material is described in detail in the response to question 19. We are pleased to furnish this additional information. Sincerely, Enclosures. FRANK WILLE, Chairman. (1) Describe briefly the major categories of data on individuals presently maintained and stored under auspices of the Federal Deposit Insurance Corporation and its agencies and the approximate number of subject individuals covered in each category. The Section 7(j) file contains the names of approximately 10,000 individuals and corporations who have borrowed on the security of bank stock where the number of shares represent 25% or more of the outstanding voting stock, and/or who have purchased a "control" interest in an insured bank or banks. The information is submitted by the banks and individuals (or their representatives) who are involved in the transactions, and the Section 7(j) file contains only the name of the owner or major purchaser of the stock, the name and location of the bank, and the date of the transaction. The actual reporting documents which detail such additional items as amounts, names of sellers of stock, and addresses are placed in other permanent files of the Corporation. The Section 8 and 19 file contains the names of approximately 20,000 individuals or corporations who have been reported to be involved in an internal bank irregularity (e.g., embezzlement, false entries) or who have been reported to have de |