90 FR 89 pgs. 19735-19738 - Privacy Act of 1974; System of Records
Type: NOTICEVolume: 90Number: 89Pages: 19735 - 19738
Pages: 19735, 19736, 19737, 19738FR document: [FR Doc. 2025-08214 Filed 5-8-25; 8:45 am]
Agency: Postal Service
Official PDF Version: PDF Version
[top]
POSTAL SERVICE
Privacy Act of 1974; System of Records
AGENCY:
Postal Service.
[top]
ACTION:
Notice of modified system of records.
SUMMARY:
The United States Postal Service (USPS) is proposing to revise a Customer Privacy Act System of Records (SOR), in order to enhance the flexibility needed to support ongoing administrative and compliance activities for the Bank Secrecy Act (BSA), Anti-Money Laundering (AML) and Office of Foreign Assets Control (OFAC) requirements and standards, as determined by the Financial Crimes Enforcement Network (FinCEN).
DATES:
These revisions will become effective without further notice on June 9, 2025, unless responses to comments received on or before that date result in a contrary determination.
ADDRESSES:
Comments may be submitted via email to the Privacy and Records Management Office, United States Postal Service Headquarters ( USPSPrivacyFedRegNotice@usps.gov ). To facilitate public inspection, arrangements to view copies of any written comments received will be made upon request.
FOR FURTHER INFORMATION CONTACT:
Janine Castorina, Chief Privacy and Records Management Officer, Privacy and Records Management Office, via USPSPrivacyFedRegNotice@usps.gov and by phone at 202-268-2000.
SUPPLEMENTARY INFORMATION:
This notice is in accordance with the Privacy Act requirement that agencies publish their systems of records in the Federal Register when there is a revision, change, or addition, or when the agency establishes a new system of records. The Postal Service has determined that Customer Privacy Act System of Records, USPS SOR 860.000, Financial Transactions, should be revised to promote transparency and support ongoing administrative and compliance activities to meet BSA, AML and OFAC requirements and standards.
I. Background
The Postal Service is defined as a money services business (MSB) under the BSA as it is a provider of money orders, gift cards, and limited check cashing services to customers throughout the United States. Moreover, the Postal Service is the only entity specifically mentioned in the BSA as being covered by the BSA and therefore, has a legal mandate to detect and deter suspicious activities. In addition, the Postal Service must train those who sell postal financial instruments, products, or services and those who supervise them, along with meeting federal recordkeeping and reporting requirements and standards.
II. Rationale for Changes to USPS Privacy Act Systems of Records
Transactional limits and thresholds that trigger compliance and reporting activities are determined by FinCEN, a bureau of the U.S. Department of the Treasury. USPS SOR 860.000, Financial Transactions is being modified to increase flexibility to meet changing requirements and standards.
III. Description of the Modified System of Records
The Postal Service is proposing modifications to USPS SOR 860.000, Financial Transactions, as summarized below:
Updated PURPOSES #1 and #2 to include financial instruments.
• Updated PURPOSE #3 to include the BSA, AML and OFAC compliance and reporting standards.
• Updated PURPOSE #4 to include the reporting of potential fraud, crime, or violation of law or regulation.
• Updated PURPOSE #5 to include crime, and violations of law or regulation.
• Updated CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM #2 to include financial instruments, products, and services.
• Updated CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM #4 to be more comprehensive and consistent with other sections of the SOR.
• Updated CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM #1, #2, #3 and #5 to delete fund transfers, international wire transfers, and fixed dollar amounts.
• Updated CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM #5 to further define beneficiaries.
• Updated CATEGORIES OF RECORDS IN THE SYSTEM #8 d. and g. and #9 to delete fixed dollar amounts and Sure Money TM /Dinero Seguro.
• Added CATEGORIES OF RECORDS IN THE SYSTEM #10.
• Updated RECORD SOURCE CATEGORIES add beneficiaries.
• Updated Special Routine Use a. for consistency.
• Updated POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS to delete for funds transfers, transaction records are retained 3 years.
• Deleted funds transfers from NOTIFICATION PROCEDURES.
• Updated NOTIFICATION PROCEDURES to include and claims related to other financial instruments, products, or services.
Pursuant to 5 U.S.C. 552a(e)(11), interested persons are invited to submit written data, views, or arguments on this proposal. A report of the proposed revisions has been sent to Congress and to the Office of Management and Budget (OMB) for their evaluations. The Postal Service does not expect this amended system of records to have any adverse effect on individual privacy rights. USPS SOR 860.000, Financial Transactions is displayed below in its entirety:
SYSTEM NAME AND NUMBER:
USPS 860.000 Financial Transactions.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
USPS Headquarters; Integrated Business Solutions Services Centers; Accounting Service Centers; Bank Secrecy Act (BSA) Anti-Money Laundering (AML) Compliance group; and contractor sites.
SYSTEM MANAGER(S):
Chief Financial Officer and Executive Vice President, United States Postal Service, 475 L'Enfant Plaza SW, Washington, DC 20260.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
39 U.S.C. 401, 403, and 404; 31 U.S.C. 5311 et seq., and 7701.
PURPOSE(S) OF THE SYSTEM:
1. To provide financial instruments, products, and services.
2. To respond to inquiries and claims related to financial instruments, products, and services.
3. To fulfill compliance and reporting standards found in statutes, regulations and guidance under the BSA, AML and Office of Foreign Assets Control (OFAC).
4. To report potential fraud, crime, or violation of law or regulation and to support investigations related to law enforcement for financial transactions.
5. To provide additional verification procedures to combat fraud, crime, and violations of law or regulation in financial transactions.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
1. Customers who use online payment services.
2. Customers who file claims or make inquiries related to online payment services, money orders, stored-value cards, and financial instruments, products, and services.
[top] 3. Customers who purchase financial instruments, products, or services including money orders and gift cards.
4. Customers who purchase or redeem money orders, stored value cards, financial instruments, products, or services in a manner raising the possibility of a violation of law or regulation or deemed suspicious expressly including under BSA, AML, or OFAC statutes, regulations, or guidance.
5. Beneficiaries who cash or redeem financial instruments, products, or services.
6. Specially Designated Nationals and Blocked Persons List (SDNs) as defined and mandated by the OFAC.
CATEGORIES OF RECORDS IN THE SYSTEM:
1. Customer information: Name, customer ID(s), mail and email address, telephone number, occupation, type of business, Employer Identification Number (EIN), and customer history.
2. Identity verification information: Date of birth, username and/or ID, password, Social Security Number (SSN) or tax ID number, and driver's license number (or other type of ID if driver's license is not available, such as Alien Registration Number, Passport Number, Military ID, Tax ID Number). (Note: For online payment services, SSNs are collected, but not retained, in order to verify ID.)
3. Billers registered for online payment services: Biller name and contact information, bill detail, and bill summaries.
4. Transaction information: Name, address, and phone number of purchaser, payee, and biller; amount, date, and location; credit and/or debit card number, type, and expiration; sales, refunds, and fees; type of service selected and status; sender and recipient bank account and routing number; bill detail and summaries; transaction number, serial number, and/or reference number or other identifying number, pay out agent name and address; type of payment, currency, and exchange rate; Post Office information such as location, phone number, and terminal; employee ID numbers, license number and state, and employee comments.
5. Information to determine credit-worthiness: Period at current residence, previous address, and period of time with same phone number.
6. Information related to claims and inquiries: Name, address, phone number, signature, SSN, location where product was purchased, date of issue, amount, serial number, and claim number.
7. Online user information: Internet Protocol (IP) address, domain name, operating system version, browser version, date and time of connection, and geographic location.
8. Funds Transaction Report (FTR) Postal Service (PS) Form 8105-A:
a. Type of Transaction (completed by customer): on behalf of self, on behalf of another individual, on behalf of a business/organization, law enforcement agent or government representative on behalf of an agency, private courier on behalf of individual, private courier on behalf of a business/organization, armored car service on behalf of a business/individual.
b. Customer Information (completed by customer): last name/first name, address (number, street, box, suite/apt no.), city, state, ZIP Code, country, date of birth (MM/DD/YYYY), SSN, telephone number (include area code); Photo ID: driver's license no. (U.S. only-must indicate state), resident alien/permanent resident ID no., other ID (U.S./state government-issued IDs, including tribal, and Mexican matricular consular), state ID no. (U.S. only-must indicate state), military ID no. (U.S. only), passport no. (must indicate country); Describe other ID: ID number, issuing state, issuing country (passport), occupation (be as specific as possible); (Completed by Postal Service employee): round date stamp.
c. Other Person/Business/Organization on Whose Behalf Transaction Is Being Conducted (completed by customer): last name/first name or business name or organization name (no acronyms), SSN or employer ID number (EIN), North American Industry Classification System (NAICS) (if business), type of business/organization/occupation, address (number, street, box, suite/apt no.), city, state, ZIP Code, country, date of birth (MM/DD/YYYY), telephone number (include area code), ID type, ID number, issuing state;
d. Completed by Postal Service Employee: type of transaction (check one)-amount purchased or amount redeemed/cashed, total face value (excluding fee), transaction date (MM/DD/YYYY), beginning serial no. thru ending serial no. money order ranges 1-2, number of money orders sold, number of money orders redeemed/cashed, number of gift cards sold (provide numbers in section on back of form), signature of USPS employee, Post Office, ZIP Code;
e. Law Enforcement Agent of Government Representative on Behalf of an Agency (completed by customer): last name/first name, date of birth (MM/DD/YYYY), work telephone number (include area code), law enforcement agent/government representative photo ID number (if photo ID does not have a number please use agent/representative driver's license number), type of ID: law enforcement ID, government representative ID, driver's license number (must note state if using driver's license), state, agency name (no acronyms), address (number, street, box, suite/apt. no.), city, state, ZIP Code, occupation, agency Employer Identification Number (EIN), NAICS;
f. Armored Car Service Information (completed by customer): armored car business name (no acronyms), EIN, telephone number (include area code), address (number, street, box, suite/apt no.), city, state, ZIP Code; and
g. Completed by Postal Service Employee (Continued): type of transaction (check one)-amount purchased or amount redeemed/cashed additional transaction numbers for money orders and gift cards-beginning serial no. thru ending serial no. money order ranges 3-6, and gift card numbers 1-4.
9. Suspicious Transaction Report (STR) PS Form 8105-B (completed by Postal Service employee): activity type-purchased, redeemed/cashed, other (describe in comments section), begin serial no. thru end serial no. money order ranges 1-3, transaction amount, transaction date, transaction time, recorded by camera, check box if a debit/credit card was used in the transaction (do not include any information from the debit/credit card on this form), description of customer(s) 1-4-sex (M/F), approximate age, height, weight, ethnicity, round date stamp, Post Office, ZIP Code, comments (check all that apply), vehicle description (if available)-make, type, color, license number, license state, comments, money order ranges 4-5, gift cards 1-2, business name/customer last name, first name, address (number, street, box, suite/apt. no.), city, state, ZIP Code, country, type of business, date of birth (MM/DD/YYYY), SSN, driver's license no., state, other ID no., type of other ID, mailpiece information (if available)-mailpiece number, mailpiece type, additional comments.
10. Completed Suspicious Activity Reports, Currency Transaction Reports, and currency transaction records under the BSA and supporting documentation and records.
RECORD SOURCE CATEGORIES:
Customers, recipients, beneficiaries, financial institutions, and USPS employees.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
[top] Standard routine uses 1. through 7., 10., and 11. apply. In addition; a. Legally required or permitted
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Automated database, computer storage media, microfiche, and paper.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
For online payment, information is retrieved by customer name, customer ID(s), transaction number, or address.
Claim information is retrieved by name of purchaser or payee, claim number, serial number, transaction number, check number, customer ID(s), or ZIP Code.
Information related to BSA, OFAC and AML is retrieved by customer name; SSN; alien registration, passport, or driver's license number; serial number; transaction number; ZIP Code; transaction date; data entry operator number; and employee comments, and individuals that appear on the Specially Designated Nationals and Blocked Persons List (SDNs) as defined and mandated by the OFAC.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
1. Summary records, including bill due date, bill amount, biller information, biller representation of account number, and the various status indicators, are retained 2 years from the date of processing.
2. Records related to claims are retained up to 3 years from date of final action on the claim.
3. Forms related to fulfillment of BSA, anti-money laundering requirements are retained for a 5-year and one-month period.
4. Related automated records are retained the same 5-year and one-month period and purged from the system quarterly after the date of creation.
5. Enrollment records related to online payment services are retained 7 years after the subscriber's account ceases to be active or the service is cancelled.
6. Account banking records, including payment history, Demand Deposit Account (DDA) number, and routing number, are retained 7 years from the date of processing.
7. Online user information may be retained for 6 months.
Records existing on paper are destroyed by burning, pulping, or shredding. Records existing on computer storage media are destroyed according to the applicable USPS media sanitization practice.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Paper records, computers, and computer storage media are located in controlled-access areas under supervision of program personnel. Access to these areas is limited to authorized personnel, who must be identified with a badge.
Access to records is limited to individuals whose official duties require such access. Contractors and licensees are subject to contract controls and unannounced on-site audits and inspections. Computers are protected by mechanical locks, card key systems, or other physical access control methods. The use of computer systems is regulated with installed security software, computer logon identifications, and operating system controls including access controls, terminal and transaction logging, and file management software. Online data transmissions are protected by encryption.
RECORD ACCESS PROCEDURES:
Requests for access must be made in accordance with the Notification Procedure above and USPS Privacy Act regulations regarding access to records and verification of identity under 39 CFR 266.5.
CONTESTING RECORD PROCEDURES:
See Notification Procedure below and Record Access Procedures above.
NOTIFICATION PROCEDURES:
For online payment services, and stored-value cards, individuals wanting to know if information about them is maintained in this system must address inquiries in writing to the Chief Marketing Officer and Executive Vice President. Inquiries must contain name, address, and other identifying information.
For money order claims and claims related to other financial instruments, products, or services, or BSA, OFAC and anti-money laundering documentation, inquiries should be addressed to the Chief Financial Officer and Executive Vice President. Inquiries must include name, address, or other identifying information of the purchaser (such as driver's license, Alien Registration Number, Passport Number, etc.), and serial or transaction number. Information collected for anti-money laundering purposes will only be provided in accordance with Federal BSA, OFAC, anti-money laundering laws, regulations and requirements.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Systems Exempted From Certain Provisions of the Act: USPS has established regulations at 39 CFR 266.9 that exempt information contained in this system of records from various provisions of the Privacy Act in order to conform to the prohibition in the Bank Secrecy Act, 31 U.S.C. 5318(g)(2), against notification of the individual that a suspicious transaction has been reported.
HISTORY:
July 26, 2024, 89 FR 60666, January 4, 2023, 88 FR 374, December 15, 2021, 86 FR 71294; May 8, 2008, 73 FR 26155; April 29, 2005, 70 FR 22516.
Helen E. Vecchione,
Attorney, Ethics & Legal Compliance.
[FR Doc. 2025-08214 Filed 5-8-25; 8:45 am]
BILLING CODE 7710-12-P