Each Bank shall:
Store all identified confidential regulatory information in secure storage areas or filing cabinets or other secured facilities generally used by such Bank and limit access thereto in the same manner as it maintains the confidentiality of its own members' privileged or non-public information;
Have in place a written set of procedures and policies designed to ensure the confidentiality of confidential regulatory information in its possession; and
Establish an internal review of its procedures for storing confidential regulatory information and maintaining its confidentiality, as a part of its internal audit process.