Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On October 24, FDIC announced a proposed rule to implement the Fair Hiring in Banking Act (FHB Act). The proposed rule amends 2 C.F.R. part 303, subpart L, and part 308, subpart M. The Federal Deposit Insurance Act (FDI Act) prohibits a person from participating in the affairs of an FDIC-insured institution if he or she has been convicted of an offense involving dishonesty, breach of trust, or money laundering, or has entered a pretrial diversion or similar program in connection with a prosecution for such an offense, without the prior written consent of the FDIC, among other provisions. The proposed rule would incorporate several statutory changes to the FDI Act, such as:
- Excluding certain offenses from the scope of the FHB Act based on the amount of time that has passed since the offense occurred or since the individual was released from incarceration;
- Clarifying that the FHB Act does not apply to the following offenses, if one year or more has passed since the applicable conviction or program entry: using fake identification, shoplifting, trespassing, fare evasion, and driving with an expired license or tag;
- Excluding certain offenses from the definition of “criminal offenses involving dishonesty,” including “an offense involving the possession of controlled substances”;
- Excluding certain convictions from the scope of the FHB Act that have been expunged, sealed, or dismissed. While existing FDIC regulations already exclude most of those offenses, the proposed rule would modestly broaden the statutory language concerning such offenses to harmonize the FDIC’s current regulations concerning expunged and sealed records with the statutory language; and
- Prescribing standards for the FDIC’s review of applications submitted under the FHB Act.
The proposed rule also provides interpretive language that addresses, among other topics, when an offense “occurs” under the FHB Act, whether otherwise-covered offenses that occurred in foreign jurisdictions are covered by the FDI Act, and offenses that involve controlled substances.
Comments will be accepted for 60 days after publication in the Federal Register.
On October 20, the Fed issued a joint press release with the FDIC and the OCC announcing the extension of the comment period on proposed rules to expand large bank capital requirements. Earlier this year, the agencies announced the proposed rule which would implement the final components of the Basel III Agreement. The components would revise capital requirements for large banking organizations, among other things. (Covered by InfoBytes here.) Adding an additional six weeks (from the original 120-day comment period set to expire on November 30), the new comment period deadline is by January 16, 2024.
On October 18, the FDIC Office of Inspector General released a report on the FDIC’s strategies addressing the risks posed by crypto assets. According to the report, the FDIC has started to develop and implement strategies that address crypto risks but has not assessed the significance and potential impact of the risks. Additionally, although the FDIC requested that financial institutions provide information pertaining to their crypto‑related activities, its process for providing supervisory feedback is unclear. Between March 2022 and May 2023, the FDIC sent pause letters to several institutions related to their crypto activities, but it had not provided supervisory feedback to all of those institutions, it did not have an expected timeline for reviewing information and responding to institutions, and its procedures did not describe what constitutes the end of the review process for supervised institutions that received a pause letter.
The OIG report recommends that the FDIC set a timeframe for assessing risks pertaining to related activities and update and clarify the supervisory feedback process related to its review of supervised institutions’ crypto-related activities. The FDIC agreed with both recommendations and plans to complete corrective actions by January 30, 2024.
On October 12, the European Banking Authority (EBA) announced the publication of a report on the role of environmental and social risks in the prudential framework of credit institutions and investment firms. The report recommends risk-based enhancements to the risk categories of the Pillar 1 framework, which sets capital requirements, noting that environmental and social risks are “changing the risk picture for the financial sector” and are expected to be more prominent over time. The report puts forward recommendations for actions over the next three years as part of the revised capital requirements regulations. Specifically, the EBA is proposing to: (i) include environmental risks as part of stress testing programs; (ii) encourage the inclusion of environmental and social factors as part of external credit assessments by credit rating agencies; (iii) encourage the inclusion of environmental and social factors as part of due diligence requirements and valuation of immovable property collateral; (iv) require institutions to identify whether environmental and social factors constitute triggers of operational risk losses; and (v) develop environment-related concentration risk metrics as part of supervisory reporting. With respect to revisions to the Pillar 1 framework, the report proposes: (i) the possible use of scenario analysis to enhance the forward-looking elements of the prudential framework; (ii) changes to the role that transition plans could play in the future; (iii) reassessing the appropriateness of revising the internal ratings-based supervisory formula and the corresponding standardized approach for credit risk to better reflect environmental risk elements; and (iv) the introduction of environment-related concentration risk metrics under the Pillar 1 framework.
On October 17, Federal Reserve Board Governor Michelle Bowman provided remarks on innovation in money and payments, including crypto assets, central bank digital currency (CBDC), and the development of instant payments, in which she laid out her vision for “responsible innovation,” which recognizes the important role of private-sector innovation and leverages the U.S. banking system supported by clear prudential supervision and regulation. With respect to CBDC, Bowman said that she has yet to see a compelling argument that CBDC could address frictions within the payment system, promote financial inclusion, or provide the public with access to safe central bank money any more effectively or efficiently than alternatives. She explained that, given that the U.S. has a safe and well-functioning banking system, the potential uses of a U.S. CBDC remain unclear and, at the same time, could introduce significant risks and tradeoffs. Bowman also expressed skepticism over stablecoins, stating that in practice they have been less secure, less stable, and less regulated than traditional forms of money. Finally, Bowman discussed technological innovations in wholesale payments, which are large-value, interbank transactions. Bowman said that the Fed is researching emerging technologies that could enable or be supported by future Fed-operated payment infrastructures, including depository institutions transacting with “tokenized” forms of digital central bank money. Bowman noted that banks and other eligible institutions already hold central bank money as digital balances at the Fed. She also stressed that wholesale payment infrastructures operated by the Fed “underpin domestic and international financial activities” by serving as a “foundation” for payments and the broader financial system. Because these wholesale systems function “safely and efficiently” today, it is necessary to investigate and understand the potential opportunities, risks, and tradeoffs for wholesale payment innovation to support a safe and efficient U.S. payment system.
Find continuing InfoBytes coverage on CBDCs here.
On October 11, the FDIC published a request for comment on proposed corporate governance and risk management guidelines that would apply to all insured state nonmember banks, state-licensed insured branches of foreign banks, and insured state savings associations that are subject to Section 39 of the Federal Deposit Insurance Act (FDI Act), with total consolidated assets of $10 billion or more on or after the effective date of the final guidelines.
The proposed guidelines cover board of director’s obligations, composition, duties, and committee structure that must be met to meet the standard of good corporate governance. The proposed guidelines state that the board will ultimately be responsible for the affairs of the covered institution and each individual member must abide by certain legal duties. Under the proposed guidelines, the board of directors must, among other things: (i) evaluate and approve a strategic plan covering at least a three-year period; (ii) establish policies and procedures by which the covered institution operates; (iii) establish a code of ethics covering legal requirements, such as insider information, disclosure, and self-dealing; (iv) provide active oversight of management; (v) exercise independent judgement; and (vi) select and appoint qualified executive officers. Additionally, the board will be required to maintain a majority of independent directors on the board and should consider diversity of demographic representation, opinion, experience, and ownership level when choosing its board members. The proposed guidelines would also require that the board have an audit committee, a compensation committee, a trust committee (if the covered institution has trust powers), and a risk committee.
Comments must be received by the FDIC by December 11, 2023.
On October 5, the FDIC issued a notice of proposed rulemaking that would add a new appendix to the agency’s safety and soundness standards. The new appendix, which would be Appendix C, “is intended to promote strong corporate governance and risk management at FDIC-supervised institutions that have total consolidated assets of $10 billion or more by proposing corporate governance and risk management guidelines.” The proposed guidelines would describe the general obligations of the board of directors, requiring the board to be active and involved in protecting the interests of the institution, adopt a code of ethics for the institution’s operations, and form a Risk Committee within the institution’s committee structure. The proposed guidelines would also require institutions to establish a risk management program that includes a “three-line-of-defense model” for risk monitoring and reporting, as well as require institutions to create and maintain a risk profile and risk appetite statements that are communicated to all employees to encourage compliance.
On October 4, Federal Reserve Governor Michelle Bowman delivered a speech at the Fed’s annual Community Banking Research Conference, calling for more research on regulatory thresholds and the deposit insurance framework. In her remarks, Bowman discussed the importance of evidence-based research around community banks and their role in the U.S. banking system, especially in light of recent bank failures. “Research and evidence-based rulemaking can insulate the banking system from wide swings in policy over time,” she said, adding that before rulemaking, the agency must have a comprehensive understanding of both the root causes of bank failures and the costs and consequences of potential reforms.
Bowman additionally discussed needed reforms to bank merger policy, particularly to include nonbank competitors and credit unions in the analysis of the competitive landscape. Bowman argued that the use of a narrower view on competitive concerns has led to increasingly long application and review periods for mergers, which can increase negative outcomes.
Regarding community bank thresholds, Bowman noted contradictions and inconsistencies how community banks are defined, and accordingly regulated, across the regulatory system. For example, while the Dodd-Frank Act defined community banks as those institutions with less than $10 billion in total consolidated assets, the Community Reinvestment Act regulation includes asset thresholds well below the “common understanding of what a community bank is.” “Are these asset size thresholds properly calibrated, and are the impacts, costs, and benefits to institutions and to customers when banks cross these different thresholds rational? Are these thresholds creating the right incentives to promote prudent lending while appropriately balancing risk?” Bowman asked. She suggests leveraging business models in tailoring rules, instead of looking only at asset-size thresholds.
Another area in need of research in the wake of recent bank failures, Bowman suggested, is bank funding models and deposit infrastructure. Thanks to modern technology, consumers can withdraw funds faster than ever, so deposit insurance parameters are worth revisiting to ensure it can “support banking sector stability in the face of the challenges posed by today's technology,” Bowman said.
On September 29, the FDIC released a list of administrative enforcement actions taken against banks and individuals in August. During the month, the FDIC made public nine orders consisting of “three consent orders, three orders terminating consent orders, two orders of prohibition, and one order to pay a civil money penalty.” The list includes an order to pay a civil money penalty imposed against a Utah-based bank related to violations of the Flood Disaster Protection Act. The FDIC claimed that the bank engaged in a pattern practice of violating FDPA by, among other things: (i) issuing loans without adequate flood insurance; (ii) failing to provide notices when increasing or extending loans; and (iii) “failing to provide required force-placed insurance notices when loans were secured by properties and contents located in Special Flood Hazard Areas.” The bank neither admitted nor denied the alleged violations but agreed to, among other things, pay a $4,125 civil money penalty.
On September 28, the OCC’s Committee on Bank Supervision released its bank supervision operating plan for fiscal year 2024. The plan outlines the agency’s supervision priorities and highlights several supervisory focus areas including: (i) asset and liability management; (ii) credit; (iii) allowances for credit losses; (iv) cybersecurity; (v) operations; (vi) digital ledger technology activities; (vii) change in management; (viii) payments; (ix) Bank Secrecy Act/AML compliance; (x) consumer compliance; (xi) Community Reinvestment Act; (xii) fair lending; and (xiii) climate-related financial risks.
Two of the top areas of focus are asset and liability management and credit risk. In its operating plan the OCC says that “Examiners should determine whether banks are managing interest rate and liquidity risks through use of effective asset and liability risk management policies and practices, including stress testing across a sufficient range of scenarios, sensitivity analyses of key model assumptions and liquidity sources, and appropriate contingency planning.” With respect to credit risk, the OCC says that “Examiners should evaluate banks’ stress testing of adverse economic scenarios and potential implications to capital” and “focus on concentrations risk management, including for vulnerable commercial real estate and other higher-risk portfolios, risk rating accuracy, portfolios of highest growth, and new products.”
The plan will be used by OCC staff to guide the development of supervisory strategies for individual national banks, federal savings associations, federal branches and agencies of foreign banking organizations, and certain identified third-party service providers subject to OCC examination.
The OCC will provide updates about these priorities in its Semiannual Risk Perspective, as InfoBytes has previously covered here.