BY ORDER OF THE SECRETARY OF THE TREASURY

TREASURY ORDER: 106-09

DATE: October 2, 1986

SUNSET REVIEW: TBD

SUBJECT: Electronic Funds and Securities Transfer Policy -- Message Authentication and Enhanced Security

By virtue of the authority vested in me as Secretary of the Treasury, the following policy is hereby mandated in order to prevent the undetected, deliberate, or inadvertent unauthorized manipulation, modification, or loss of Electronic Funds Transfer (EFT) data.

1. It is Treasury policy that EFT transactions be properly authenticated. Authentication measures must conform to American National Standards Institute (ANSI) Standard X9.9, "American National Standard for Financial Institution Message Authentication" or equivalent authentication technique. This standard established a universally applicable method to authenticate financial messages, including fund transfers, letters of credit, security transfers, loan agreements, and foreign exchange contracts which are transmitted by electronic means.

2. This policy shall be applied to Federal systems which originate, transmit, relay, receive, or process Federal Government EFT transactions.

3. The Fiscal Assistant Secretary is delegated the authority to execute the provisions of this order within the Department of the Treasury and throughout the Federal Government. This authorization may be redelegated.

4. The Assistant Secretary of the Treasury (Management) is responsible for providing technical support, to include: evaluation of proposed security techniques; maintenance of a list of approved authentication and other security devices; providing key materials for fielded systems; and providing consulting services within the Department as required.