InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC, Fed Supervisory Guidance on Model Risk Management Followed by FDIC
On June 7, the FDIC issued Financial Institution Letter FIL-22-2017 announcing that, in order to provide consistency across institutions and agencies, it is adopting the 2011 model risk management supervisory guidance that was issued by the Federal Reserve (SR 11-7 ) and the OCC (OCC Bulletin 2011-12) thereby making the guidance applicable to certain FDIC-supervised institutions, namely those with $1 billion or more in total assets. The FDIC guidance defines the term “model” as “a quantitative method, system, or approach that applies statistical, economic, financial, or mathematical theories, techniques, and assumptions to process input data into quantitative estimates.” The FDIC indicated that banks’ heavy reliance on models in financial decision-making can come with costs, especially when the decisions are “based on models that are incorrect or misused.”
According to the FIL, the guidance contains “technical conforming changes” that make it relevant to institutions that are regulated by the FDIC, such as a “revised definition of 'banks' to reflect the FDIC's supervisory authority.”
Among other things, the FIL highlights that an effective model risk management framework should include the following:
- “disciplined and knowledgeable development that is well documented and conceptually sound”;
- “controls to ensure proper implementation”;
- “processes to ensure correct and appropriate use”;
- “effective validation processes”; and
- “strong governance, policies, and controls.”
For institutions with assets totaling less than $1 billion, the guidance will only apply in certain circumstances, such as when “the institution's model use is significant, complex, or poses elevated risk to the institution.”
OCC Issues Updated Procedures for Termination of Federal Charters
On June 7, the OCC released Bulletin OCC 2017-20 announcing a revised booklet covering termination of federal bank charters. The booklet, part of its Comptroller’s Licensing Manual, replaces “Termination of National Bank Status,” issued in April, 1998, and applies to all national banks and federal savings associations. According to the Bulletin, these are the highlights of the revised booklet:
- “provides an overview of policy considerations and evaluative factors that the OCC considers when reviewing notices to terminate a bank”;
- “outlines requirements and procedures that a bank should follow when completing the process to terminate, either through a merger, conversion, or liquidation, including completing related filings and notices”;
- “lists references and links to informational resources, sample forms, and documents that a bank may find useful during the termination process”;
- “incorporates revised regulatory requirements for terminating a bank.”
Updates include termination procedures and requirements from after July, 21 2011, when the Office of Thrift Supervision and the OCC were integrated.
OCC Updates Guidance on Violations of Laws and Regulations in Comptroller’s Handbook
On May 23, the OCC issued OCC Bulletin 2017-18 announcing updated guidance on its policies and procedures regarding violations of laws and regulations for its examiners. The updates will be reflected in its “Bank Supervision Process,” “Community Bank Supervision,” “Federal Branches and Agencies Supervision,” and “Large Bank Supervision” booklets as well as other sections of the Comptroller’s Handbook and internal guidance. According to the Bulletin, an International Peer Review Report from 2013 noted that the OCC could improve its supervisory effectiveness. In response, the OCC released Bulletin 2014-52 to address the report’s concerns. These latest updates are an extension of the 2014 Bulletin to support the OCC’s mission of ensuring a safe and sound federal banking system by “emphasizing timely detection and correction of violations before they affect a bank’s condition.”
The OCC’s updated guidance implements certain goals and practices, including:
- ensuring the consistency of the purpose, processes, and procedures within and across all OCC lines of business, including: community, midsize, and large banks; federal branches and agencies; and banks overseen by the OCC’s Special Supervision group;
- communicating violations using a consistent format such as: (i) using legal citation and description; (ii) summarizing relevant statutory or regulatory requirements; (iii) including facts supporting the violation and root causes; (iv) outlining required corrective actions; and (v) noting commitments to corrective action by board and management;
- reinforcing the importance of timely and thorough follow-up and tracking of bank management’s corrective actions and milestones;
- conveying the relationship of violations to “matters requiring attention, CAMELS/ITCC or ROCA ratings, and the bank’s risk appetite and profile;” and
- emphasizing the need for examiners to timely and effectively communicate with the bank’s board of directors and management team as well as with OCC supervisors.
The policy goes into effect July 1, 2017.
OCC, FDIC, and Fed Release Stress Test Scenarios for 2017
On February 3, the Fed announced the release of the “Supervisory Scenarios” to be used by banks and supervisors for the 2017 Comprehensive Capital Analysis and Review (CCAR) and Dodd-Frank Act stress test exercises and also issued instructions to firms participating in CCAR. The Fed also published three letters that provide additional information on its stress-testing program. The three letters describe: (i) the Horizontal Capital Review for large, noncomplex companies; (ii) the CCAR qualitative assessment for U.S. intermediate holding companies of foreign banks, which are submitting capital plans for the first time; and (iii) improvements to how the Fed will estimate post-stress capital ratios.
On February 3, the OCC similarly released economic and financial market scenarios for 2017 that are to be used by national banks and federal savings associations (with total consolidated assets of more than $10 billion) in their annual Dodd-Frank Act-mandated stress test. On February 6, the FDIC released its stress test scenarios, working in consultation with the Fed and OCC.
The three sets of supervisory scenarios provide each agency with forward-looking information for use in bank supervision and will assist the agencies in assessing the covered institutions’ risk profile and capital adequacy.
Special Alert: OCC Takes the Next Step Toward a Fintech National Bank Charter
On December 2, 2016, the Office of the Comptroller of the Currency (“OCC”) announced its plans to move forward with developing a special purpose national bank charter for financial technology (“fintech”) companies. Accompanying the Comptroller of the Currency, Thomas J. Curry’s announcement, the OCC published a white paper that describes the OCC’s authority to grant national bank charters to fintech companies and outlines minimum supervisory standards for successful fintech bank applicants.[1] These standards would include capital and liquidity standards, risk management requirements, enhanced disclosure requirements, and resolution plans. Over the past several months, the OCC has taken a series of carefully calculated steps to position itself as the preeminent regulator of fintech companies in a hotly-contested race among other federal and state regulators who have similarly expressed interest in formalizing a regulatory framework for fintech companies. This proposal from the OCC reflects the culmination of those efforts.
Click here to read the full special alert
* * *
BuckleySandler welcomes questions regarding this new approach to fintech and banking, and would be happy to assist companies in determining whether a national bank charter would be beneficial for executing on their corporate strategies. Questions regarding the matters discussed in this Alert may be directed to any of our lawyers listed below, or to any other BuckleySandler attorney with whom you have consulted in the past.
- Jeremiah S. Buckley, (202) 349-8010
- John P. Kromer, (202) 349-8040
- Jeffrey P. Naimon, (202) 349-8030
- Clinton R. Rockwell, (310) 424-3901
- Walter E. Zalenski, (202) 461-2910
OCC Issues Q1 2017 CRA Evaluation Schedule
On December 2, the OCC posted its schedule of Community Reinvestment Act (CRA) evaluations to be conducted in the first quarter of 2017. In a press release accompanying the 2017 schedule, the OCC encouraged public comment on the national banks and federal savings associations scheduled to be evaluated, and suggested that “comments be submitted to the institutions themselves at the mailing addresses listed on the schedule, or to the appropriate OCC supervisory office prior to—or as early as possible during—the month in which the evaluation is scheduled.” The OCC will consider all public comments received prior to the close of the CRA evaluation.
Comptroller Curry Discusses Importance of Effective Supervision Before Clearing House Annual Conference
In prepared remarks delivered on November 30 before The Clearing House Annual Conference in New York City, Comptroller of the Currency Thomas J. Curry discussed lessons from the 2008 financial crisis. Curry noted that he was “often disappointed how quickly some forget the lessons of more recent events, particularly what brought the financial system to the cliff in 2008 and what has put our banks and our economy on much firmer ground since.” His remarks emphasized the value of strong capital, the need for ample liquidity, and the importance of effective supervision.
In discussing capital, Curry noted that since the beginning of 2009, there has been a $700 billion increase in common equity capital. Such levels would allow the 33 largest bank holding companies to be well capitalized and continue lending even under the most severe scenario used by the banking agencies’ stress tests. He cautioned, however, that “[w]eakening the ratio through special exclusions only undermines our original intent and weakens the protection against excessive leverage.” Comptroller Curry similarly noted that the Liquidity Coverage Ratio and the proposed Net Stable Funding Ratio complement each other to push covered banks to hold ready resources to meet short-term cash outflows and to shift to more stable, longer-term funding.
On the subject of supervision, Curry noted the importance of “holistic supervision based on the CAMELS rating system.” He also added that while a periodic reassessment of banking laws and regulations is appropriate, “we must never settle for ‘light-touch’ supervision.” And, in concluding, Curry stressed that community banks and their examiners, in order to “remain strong and healthy,” need to “focus on strategic risk, rising credit risk from stretching for yield while relaxing underwriting standards, expansion of new technologies, and compliance issues.”
OCC Promotes Morris Morgan to Oversee Large Bank Supervision
In a press release, issued on November 1, the OCC announced that Morris Morgan, a senior OCC official, will take on a new role as Senior Deputy Comptroller for Large Bank Supervision on December 24. Morgan, a 31-year veteran of the OCC, has served as Examiner-in-Charge of a major bank, and PNC and Deputy Comptroller for Large Bank Supervision. In his new role, Morgan will serve as a member of the OCC's Executive Committee and the Committee on Bank Supervision. He also will oversee operations of the OCC’s International Banking Supervision group and its London Office.
CFPB Reissues Guidance on Service Providers
On October 26, the CFPB published Bulletin 2016-02 on service providers to amend previously issued guidance covered in Bulletin 2012-03. Bulletin 2016-02 seeks to clarify that supervised banks and nonbanks have flexibility in managing the risks of service provider relationships. Specifically, the CFPB advises that “the depth and formality of the risk management program for service providers may vary depending upon the service being performed —its size, scope, complexity, importance and potential for consumer harm—and the performance of the service provider in carrying out its activities in compliance with Federal consumer financial laws and regulations.” The CFPB plans to post Bulletin 2016-02 on its website on October 31, 2016.
FFIEC Releases FAQs on Cybersecurity Assessment Tool
On October 17, the FFIEC published a Frequently Asked Questions guide related to the Cybersecurity Assessment Tool (Assessment) that was released in Summer 2015. Developed to assist financial institutions identify risks and to assess cybersecurity preparedness, use of the Assessment is voluntary. The FAQs guide explains that management may use the Assessment to determine an institution’s cybersecurity maturity level within five different domains: (i) Cybersecurity Risk Management and Oversight; (ii) Threat Intelligence and Collaboration; (iii) Cybersecurity Controls; (iv) External Dependency Management; and (v) Cyber Incident Management and Resilience. The FAQs guide clarifies that “the Assessment is not designed to identify an overall cybersecurity maturity level.” Regarding third-party oversight, FAQ number 10 explains that the Assessment may be used as a resource for management’s “oversight of third parties as part of the institution’s comprehensive third-party management program.” Additional topics addressed in the FAQs include, but are not limited to, the following: (i) how the Assessment aligns with the National Institute of Standards and Technology Cybersecurity Framework; (ii) whether an automated version of the Assessment will be released; (iii) the Assessment’s ability to determine an institution’s Inherent Risk Profile; and (iv) the expectations for Inherent Risk Profile levels to align with an institution’s Cybersecurity Maturity.