Offboarding Resources

The National Finance Center (NFC) is making a temporary change to the Employee Personnel Page (EPP).  By the end of this week, employees using a username and password combination to access the application will no longer have access to change Electronic Funds Transfer (EFT) banking information.  This change is being put in place as a security measure and NFC has provided the following guidance:    

NFC was recently alerted to fraudulent EPP sites on the internet. Threat actors are buying ads to misdirect federal employees who are searching for the NFC website. When clicking on the search engine ad, employees are routed to a sophisticated phishing site that mimics the real EPP website and tricks employees into providing their access credentials. Cyber criminals can capture employees’ credentials if employees access fraudulent EPP sites, and cyber criminals use those credentials to change direct deposit information in the real EPP.

NFC takes the protection of your data very seriously and will be implementing measures to reduce the risk. The USDA Office of Chief Information Office, in collaboration with the FBI, continues to scan for and investigate fraudulent activity and has taken down several of the domain. NFC has notified impacted agencies for immediate action. NFC will continue to monitor changes to financial or personal information however, it is often difficult to ascertain whether bank routing changes are valid when legitimate banking institutions are unknowingly used as part of fraudulent activity.

As a security measure, NFC strongly suggests you take the following actions to safeguard your EPP account information and to ensure your data is accurate:

• Only use https://www.nfc.usda.gov/EPPS/, or the Applications Launchpad on the NFC Home page at www.nfc.usda.gov to access EPP
• Utilize Login.gov or PIV access as the primary means to access EPP.
• If you have utilized an EPP password and User ID change them immediately
• Review your allotments and other financial data in EPP.
• Monitor your financial data each pay period for fraudulent changes.
• Review your biweekly Earnings and Leave Statements to detect any fraudulent deductions.

Employees should never use any other uniform resource locator (URL) on the internet to access EPP or any NFC systems. Doing so can put employee information and NFC systems at risk. Also, please note that all NFC systems web systems will end in .gov.

This is a complete outage of direct deposit and allotment functionality in EPP if employees are utilizing username and password. If employees are using eAuth or Login.gov, there should be no impact. Employees logging in with username and password will be unable to start, stop or change direct deposit and allotment information.  There is no known timeframe for the outage. National Finance Center will be issuing communications with further details soon. 

Human Resource Representatives have reached out directly to anyone who had Pay Period 8 direct deposit changes. There were less than 50 employees across the mission-area with changes, and it is unknown if any are fraudulent until the employees respond to the inquiry. 

Current employees should ensure they log into myEPP through ConnectHR utilizing their eAUTH credentials. For employees who are unable to use eAUTH: complete an SF-1199A B Completing Sections: A, B, D, E, F, G (if allotment), sign and indicate in Section 3:  Name and Address of Financial Institution and the Routing Number. The form does not need to be signed by the financial institution. It can be submitted  via ECC Portal Ticket or through the CHCO email inbox.   

All employees are strongly encouraged to review their Earnings and Leave Statement (ELS) each pay period and report anything that is unexpected or suspicious. If any employee notices anything strange about their ELS they should reach out to HRD via the ECC portal or CHCO inbox once they review their ELS on Monday, May 12.