Committee to Establish the
 
National Institute of Finance
Providing the data and analytic tools needed to safeguard the U.S. financial system
Access
Would financial institutions outside of the NIF have access to the data?  E-mail

Financial entities and other institutions (beyond regulatory agencies specifically identified in legislation) would only have access to aggregated data that is deemed public under rules and guidelines established by the NIF.

 
How would access to the data be controlled?  E-mail

Access to the data contained within the Federal Financial Data Center would be controlled by formal policies and procedures, enforced by access control rules that determine the type of data accessible by various functions and users. These access control policies would be implemented in compliance with current federal standards and best practices.

Automated and manual access controls would be a primary focus of the security design and implementation. The development stage would identify the expected users and all possible access privileges to support the processing requirements. Identification controls would be developed to ensure that only authorized users could access the system. Role-based access controls would inventory privileges and entitlements, and would package these into various role groups that would then be assigned carefully to internal and external users based on their responsibilities. 

 
Would the NIF redistribute confidential transaction data from one bank to another?  E-mail
No. Business confidential information reported by financial institutions to the NIF would not be released to other firms, or to the public.  Sensitive business confidential information reported by financial institutions would be accessible only by authorized regulatory personnel carrying out authorized regulatory functions, in accordance with strict data security safeguards.
 
Would the NIF provide information only to regulators? Or would the NIF also provide information to firms and to the public?  E-mail

The government has well established rules and procedures for distinguishing confidential and non-confidential information. The details of portfolio holdings of individual firms, or of contracts between firms, are proprietary business confidential information; this highly sensitive information would be accessible only to financial regulators and their agents with appropriate clearance, working on authorized tasks.

 

The NIF would publish "reference data," including, for example, unique identifiers for corporate entities and securities issuances, or standardized formats for describing financial contracts. In addition, the NIF would publish certain aggregated statistical information about the state of the financial system, as part of its role in informing Congress, the Executive Branch agencies, and the general public.