12 C.F.R. § 403.3
(a) Classification Principles.
(b) Classification Designations. Information which requires protection against unauthorized disclosure in the interest of national security (classified information) shall be classified at one of the following three levels:
(3) CONFIDENTIAL shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause damage to the national security.
Except as provided by statute, no other terms, such as SENSITIVE, OFFICIAL BUSINESS ONLY, AGENCY, BUSINESS, ADMINISTRATIVELY, etc., shall be used within the Bank in conjunction with any of the three classification levels defined above.
(c) Original Classification Authority and Criteria.
(1) The Bank's authority to assign original classification to any document is limited as follows and is nondelegable:
| Classification | Classifier |
|---|---|
| CONFIDENTIAL | |
| President and Chairman. | |
| First Vice President and Vice Chairman. | |
| General Counsel. | |
| Senior Vice Presidents. | |
| Security Officer. |
(2) A determination to classify information shall be made by an original classification authority when the information concerns one or more of categories (i) through (x) of this paragraph, and when the unauthorized disclosure of the information, either by itself or in the context of other information, reasonably could be expected to cause damage to the national security. Information shall be considered for classification if it concerns:
(d) Duration of Original Classification.
(e) Marking and Identification.
(1) Classified information must be marked, or otherwise identified, to inform and warn the holder of the information of its sensitivity. The classifier is responsible for ensuring that proper classification markings are applied. At the time of classification, the following information shall be shown on the face of all classified documents, or clearly associated with other forms of classified information in a manner appropriate to the medium involved, unless this information itself would reveal a confidential source or relationship not otherwise evident in the document or information:
(f) Limitations on Classification.
(3) The Chairman or other authorized original classifiers may reclassify information previously declassified and disclosed if it is determined in writing that—
(ii) The information may reasonably be recovered.
In making such determination, the Chairman or any other authorized original classifier shall consider the following factors: The lapse of time following disclosure; the nature and extent of disclosure; the ability to bring the fact of reclassification to the attention of persons to whom the information was disclosed; the ability to prevent further disclosure; and the ability to retrieve the information voluntarily from persons not authorized access to its reclassified state. These reclassification actions shall be reported promptly to the Director of the Information Security Oversight Office.