October 10, 2019 - eCBSV Industry Call Script
SSA conducted an eCBSV Industry Call on Thursday, July 11, 2019, to share information about the current enrollment process. The script for that call can be found here.
October 10, 2019 - eCBSV Enrollment period (July 17, 2019 to July 31, 2019)
Permitted entities that wish to enroll must:
- Complete form SSA-157 (OMB No. 0960-0802), Data Exchange Request Form (DXRF) with additional Forms SSA-157 for any permitted entities you will service.
- Follow instructions for completing Form SSA-157, including the certification statement within the application.
- Submit the completed document beginning July 17, 2019, at 6:00 a.m. EST to firstname.lastname@example.org, but no later than July 31, 2019, at 6:00 p.m. EST.
- Following the enrollment period, Social Security will select and notify the selected permitted entities and provide the necessary instructions to complete enrollment, including billing information.
- Selected permitted entities will be required to complete and sign a reimbursable memorandum of understanding with payment. Refer to the “Fees” tab on the left for further information.
- Selected permitted entities will be required to sign a user agreement closer to June 2020 rollout.
October 10, 2019 - eCBSV Enrollment FAQ
A qualified enrollee of the eCBSV service must be a permitted entity as defined by section 509 of the Gramm-Leach-Bliley Act. 42 USCA 405b(b)(4), Pub. L. No. 115-174, Title II, §215(b)(4). If a fintech company determines that they meet the definition of a permitted entity as a service provider, subsidiary, affiliate, agency, subcontractor, or assignee of a financial institution, then they must identify the financial institution they are servicing in order to qualify regardless of how they share the verification results.
To apply, the fintech company as a service provider must complete the SSA-157 identifying all of the permitted entities’ EINs that they will service during the initial enrollment period, up to 20. Each permitted entity they will service must also complete the SSA-157 form to include the permitted entity certification, and submit it during the enrollment period; however, SSA will accept changes if needed prior to the initial rollout. No fees are charged for submitting an application. The service provider may choose to consolidate all SSA-157s for each of the permitted entities they will service with their own SSA-157 application to submit in one email to SSA.
Yes, we would accept the 20th application later during the enrollment period, and we will also accept changes to the 20 approved financial institutions - permitted entities at any time leading up to the initial rollout in June 2020 with no adverse impact on the service provider’s – permitted entity’s initial application or potential selection. The service provider would be required to provide us with those changes via a corrected SSA-157 with the financial institution - permitted entity EIN listed and we would have to receive an SSA-157 from any added financial institution - permitted entities before we would begin providing transactions to that permitted entity.
Every individual entity with a unique EIN must be separately identified as a permitted entity. So, if two legal entities have two separate EINs, then you must submit an application for each entity. Each would be entirely separate entities, user agreements, volume estimates, and tier level fees, etc.
Correct. If N/A is provided, you do not need to answer those questions.
It means that we have determined that all applicants for eCBSV must answer “no” to this question, and you cannot share the data with anyone other than those listed in question 12.
SSA has determined that eCBSV permitted entities may not store the actual verification response that SSA provides in any format or location; therefore, you must annotate “No” to this question. You will be authorized to use the verification response only for the purpose stated on the consumer consent, may record the fact of the verification, but may not make any further use or disclosure of the verified SSN.
No. Each verification request must be supported by an individual signed consumer consent for one specified purpose authorizing the disclosure to the specific permitted entity for which the verification is provided. Also, keep in mind, each service provider is a “permitted entity” for purposes of Section 215 of the Economic Growth, Regulatory Relief, and Consumer Protection Act, Public Law (PL)115-174.
Regarding question 6 on the SSA-157, SSA annotated on the instructions that you may mark this response as N/A. You do not need to respond to that question. For question 23, if you are a current CBSV user with a formal, executed CBSV User Agreement, then you are a CBSV User, and should identify yourself as such in this question.
For question 18, you should appropriately mark “Not Applicable – Non-Federal Agency” and respond to question 19.
You may enter the list of EINs in box 12 or box 36, or submit a separate list.
Yes, we will provide a confirmation and it will include the time stamp of receipt.
None, unless they apply independently.
No, not specifically on the SSA-157. SSA will associate the EIN on the financial institution’s application with the list on the service provider’s application. The service provider may also gather all financial institutions’ SSA-157s and submit them together in one application email to SSA. Or the financial institution may indicate its intent in the financial institution’s own application email to SSA.
No, as the service provider you must provide at least an initial list now; however, we will accept changes before the initial rollout in June 2020. And, no, as previously stated, you can make changes to your list of financial institutions up to the initial rollout date in June 2020; therefore, the financial institutions you want to service may submit their application for being serviced by you later as well. Please note, if the financial institutions intend to participate in eCBSV directly with SSA, not through anyone as a service provider, their application must be received during the enrollment period to be considered for both the initial and the expanded rollouts.
There is no need to sign the SSA-157 or permitted entity certification at this time. Permitted entities will be required to sign a certification at the time of selection for the initial rollout. SSA is building the new eCBSV service to include the capability to provide an electronic signature on the certification for those enrolled later.
No, the SSA-157 may be submitted both ways.
You do not need to respond to Question 11. It is indicated as not applicable (N/A) on the SSA-157 instructions.