InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Agencies propose new capital requirements for biggest banks
On July 27, the FDIC’s Board of Directors unveiled proposed interagency amendments to the regulatory capital requirements for the largest and most complex banks in the United States. The notice of proposed rulemaking (NPRM), issued jointly by the FDIC, OCC, and the Federal Reserve Board (and passed by an FDIC Board vote of 3-2 and a Fed vote of 4-2), would revise capital requirements for large banking organizations with at least $100 billion in assets, as well as certain banking organizations with significant trading activity. (See also FDIC fact sheet here.) The proposed changes would implement the final components of the Basel III agreement—recent changes made to international capital standards issued by the Basel Committee on Banking Supervision—as well as modifications made in response to recent bank failures in March, the agencies said.
Specifically, the NPRM would implement standardized approaches for market risk and credit valuation adjustment risk by amending the way banks calculate their risk-weighted assets. According to FDIC FIL-38-2023, the new “expanded risk-based approach” would incorporate a standardized approach for credit risk and operational risk, a revised internal models-based approach, a new standardized measure for market risk, and a new revised approach for credit valuation adjustment. Banks subject to Category III and IV standards would also be required “to calculate their regulatory capital in the same manner as banking organizations subject to Category I and II standards, including the treatment of accumulated other comprehensive income, capital deductions, and rules for minority interest.” Additionally, the supplementary leverage ratio and the countercyclical capital buffer would be applied to banks subject to Category IV standards.
The agencies said the proposed modifications are intended to:
- Better reflect banks’ underlying risks;
- Increase transparency and consistency by revising the capital framework in four main areas: credit, market, operational, and credit valuation adjustment risk;
- Strengthen the banking system, by applying consistent capital requirements across large banks by requiring institutions to (i) include unrealized gains and losses from certain securities in capital ratios; (ii) comply with the supplementary leverage ratio requirement; and (iii) comply with the countercyclical capital buffer, if activated.
The agencies predict that these changes will “result in an aggregate 16 percent increase in common equity tier 1 capital requirements for affected bank holding companies, with the increase principally affecting the largest and most complex banks.” The impact would vary by bank based on activities and risk profiles, the agencies stated, noting that most banks currently have enough capital to meet the proposed requirements. The NPRM would not amend capital requirements for smaller, less complex banks or for community banks. The agencies propose a three-year phased-in transition process beginning July 1, 2025, to provide banks sufficient time to accommodate the changes and minimize potentially adverse impacts. The changes would be fully phased in on July 1, 2028.
Separately, the Fed also issued an NPRM on a proposal that would modify certain provisions relating to the calculation of the capital surcharge for the largest and most complex banks in order to “better align the surcharge to each bank’s systemic risk profile. . .by measuring a bank’s systemic importance averaged over the entire year, instead of only at the year-end value.”
Comments on both NPRMs are due November 30.
FDIC Chairman Martin Gruenberg stressed that “[e]nhanced resilience of the banking sector supports more stable lending through the economic cycle and diminishes the likelihood of financial crises and their associated costs.” Also voting in favor of the NPRM was CFPB Chairman and FDIC Board Member Rohit Chopra who expressed interest in feedback from the public on ways to simplify the methodologies used to calculate the requirements. Acting Comptroller of the Currency Michael also voted in favor and encouraged commenters “to include assumptions about capital distributions and competition from banks and other financial institutions in their analyses of the impacts of the proposal on lending and economic growth.”
Voting against the new standards, FDIC Vice Chairman Travis Hill argued that while he supports strong capital requirements, he has several “concerns with the impact of excessive gold plating of international standards.” He stressed that the “proposal rejects the notion of capital neutrality and takes a starkly different path, ‘gold plating’ the new Basel standard in a number of ways and dramatically increasing capital requirements for banks with certain business models.”
OCC releases recent enforcement actions
On July 20, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Among the enforcement actions is a formal agreement with a California-based bank to update its BSA/AML compliance program. According to the agreement, the OCC identified deficiencies and violations relating to the bank’s compliance with BSA/AML laws and regulations. Among other things, the bank agreed to establish a compliance committee and revise its adherence to appropriate policies and procedures for collecting customer due diligence “when opening new accounts, when renewing or modifying existing accounts for customers, and when the [b]ank obtains event-driven information indicating that it needs to obtain updated customer due diligence information.” The bank also agreed to institute an “enhanced written risk-based program of internal controls and processes” to ensure an appropriate review of BSA/AML suspicious activity.
EU-U.S. release statement on Joint Financial Regulatory Forum
On July 20, participants in the U.S.-EU Joint Financial Regulatory Forum, including officials from the Treasury Department, Federal Reserve Board, CFTC, FDIC, SEC, and OCC, issued a joint statement regarding the ongoing dialogue that took place from June 27-28, noting that the matters discussed during the forum focused on six themes: “(1) market developments and financial stability risks; (2) regulatory developments in banking and insurance; (3) anti-money laundering and countering the financing of terrorism (AML/CFT); (4) sustainable finance and climate-related financial risks; (5) regulatory and supervisory cooperation in capital markets; and (6) operational resilience and digital finance.”
Participants acknowledged that the financial sector in both the EU and the U.S. is exposed to risk due to ongoing inflationary pressures, uncertainties in the global economic outlook, and geopolitical tensions as a result of Russia’s war on Ukraine. During discussions, participants emphasized the significance of strong bank prudential standards, effective resolution frameworks, and robust supervision practices. They also stressed the importance of international cooperation and continued dialogue to monitor vulnerabilities and strengthen the resilience of the financial system. Participants took note of recent developments relating to, among other things, recent bank failures, digital finance, the crypto-asset market, and the potential adoption of central bank digital currencies.
OCC allows institutions affected by Vermont flooding to temporarily close
On July 11, the OCC issued a proclamation permitting OCC-regulated institutions to close offices, at their discretion, affected by severe flooding in Vermont “for as long as deemed necessary for bank operation or public safety.” In issuing the proclamation, the OCC noted that only bank offices directly affected by potentially unsafe conditions should close, and that institutions should make every effort to reopen as quickly as possible to address customers’ banking needs. The proclamation directs institutions to OCC Bulletin 2012-28 for further guidance on actions they should take in response to natural disasters and other emergency conditions.
Find continuing InfoBytes coverage on disaster relief here.
Agencies put out policy on CRE workouts
On June 29, the FDIC, OCC, Federal Reserve Board, and NCUA, in consultation with state bank and credit union regulators, jointly issued a final policy statement addressing prudential commercial real estate loan accommodations and workouts for borrowers experiencing financial difficulty. The policy statement applies to all supervised financial institutions and supersedes previous guidance issued in 2009. Building on existing supervisory guidance, the policy statement advises financial institutions “to work prudently and constructively with creditworthy borrowers during times of financial stress.” The policy statement (i) updates interagency supervisory guidance on commercial real estate loan workouts; (ii) adds a new section on short-term loan accommodations (for purposes of the policy statement, “an accommodation includes any agreement to defer one or more payments, make a partial payment, forbear any delinquent amounts, modify a loan or contract, or provide other assistance or relief to a borrower who is experiencing a financial challenge”); (iii) addresses relevant accounting standard changes on estimating loan losses; and (iv) provides updated examples on how to classify and account for loans modified or affected by loan accommodations or loan workout activity. The policy statement takes effect upon publication in the Federal Register.
OCC updates cybersecurity exam procedures
On June 26, the OCC issued Bulletin 2023-22 announcing recent updates to the agency’s approach to cybersecurity assessment procedures. The Cybersecurity Supervision Work Program (CSW) provides high-level examination objectives and procedures aligned with the National Institute of Standards and Technology Cybersecurity Framework (NIST-CFS) and is part of the agency’s risk-based bank information technology supervision process. The CSW is intended to provide examiners an effective approach for identifying cybersecurity risks in supervised banks.
According to an overview provided by the OCC, the CSW “provides examiners with a common framework and terminology in discussions with bank management” and is structured according to the following NIST-CSF functions: identify, protect, detect, respond, and recover (as well as related categories and subcategories). The OCC also developed an additional function, Specialty Areas, to address areas of risk that may be part of OCC cybersecurity assessments, where applicable. Examiners will use these procedures to supplement those outlined in the “Community Bank Supervision,” “Large Bank Supervision,” and “Federal Branches and Agencies Supervision” booklets of the Comptroller’s Handbook, the FFIEC’s Information Technology Examination Handbook booklets, and other related supervisory guidance.
The OCC encourages supervised banks to use standardized approaches to assess and improve cybersecurity preparedness. Banks may choose from a variety of standardized tools and available frameworks, and should use the agency’s CSW cross-references table for further guidance. No new regulatory expectations are established with the issuance of the CSW.
Agencies release 2023 list of distressed, underserved communities
On June 23, the FDIC, Federal Reserve Board, and the OCC released the 2023 list of distressed or underserved nonmetropolitan middle-income geographies where revitalization or stabilization activities are eligible to receive Community Reinvestment Act (CRA) consideration. According to the joint release, the list of distressed nonmetropolitan middle-income geographies and underserved nonmetropolitan middle-income geographies are designated by the agencies under their CRA regulations and reflect local economic conditions such as unemployment, poverty, and population changes. Under CRA, banks are encouraged to help meet the credit needs of the local communities listed. For any geographies that were designated by the agencies in 2022 but not in 2023, the agencies apply a one-year lag period, so such geographies remain eligible for CRA consideration for another 12 months.
Hsu tells banks to approach AI cautiously
On June 16, Acting Comptroller of the Currency Michael J. Hsu warned that the unpredictability of artificial intelligence (AI) can pose significant risks to the financial system. During remarks presented at the American Bankers Association’s Risk and Compliance Conference, Hsu cautioned that banks must manage risks when adopting technologies such as tokenization and AI. Although Hsu reiterated his skepticism of cryptocurrency (covered by InfoBytes here), he acknowledged that AI and blockchain technology (where most tokenization efforts are currently focused) have the potential to present “significant” benefits to the financial system. He explained that trusted blockchains may improve settlement efficiency through tokenization of real-world assets and liabilities by minimizing lags and thereby reducing related frictions, costs, and risks. However, he warned that legal frameworks and risk and compliance capabilities for tokenizing real-world assets and liabilities at scale require further development, especially considering cross-jurisdictional situations and ownership and property rights.
With respect to banks’ adoption of AI, Hsu flagged AI’s “potential to reduce costs and increase efficiencies; improve products, services and performance; strengthen risk management and controls; and expand access to credit and other bank services.” But there are significant challenges, Hsu said, including bias and discrimination challenges in consumer lending, fraud, and risks created from the use of “generative” AI. Alignment is also the core challenge, Hsu said, explaining that because AI systems are built to learn and may not do what they are programed to do, governance and accountability challenges may become an issue. “Who can and should be held accountable for misaligned, unexpected, and harmful outcomes?” Hsu asked, pointing to banks’ use of third parties to develop and support their AI systems as an area of concern.
Hsu advised banks to approach innovation “responsibly and purposefully” and to proceed cautiously while keeping in mind three principles for managing risks: (i) innovate in stages, expand only when ready, and monitor, adjust and repeat; (ii) “build the brakes while building the engine” and ensure risk and compliance professionals are part of the innovation process; and (iii) engage with regulators early and often during the process and ask for permission, not forgiveness.
OCC warns banks to “guard against complacency” in risk management
On June 14, the OCC released its Semiannual Risk Perspective for Spring 2023, which reports on key risks threatening the safety and soundness of national banks, federal savings associations, and federal branches and agencies. The agency reported that the overall strength of the federal banking system is sound but warned banks to remain diligent and maintain effective risk management practices over critical functions in order to withstand current and future economic and financial challenges.
The OCC highlighted liquidity, operational, credit, and compliance risk as key risk themes in the report. Observations include: (i) in response to recent bank failures and investment portfolio depreciation, liquidity levels have been strengthened; (ii) credit risk remains moderate, however in certain commercial real estate segments, signs of stress are increasing (high inflation and rising interest rates are also causing credit conditions to deteriorate); (iii) operational risk, including persistent cyber threats, is elevated, while opportunities and risks are created by banks’ increased use of third parties and the digitalization of banking products and service; and (iv) compliance risk remains heightened as banks continue to navigate a dynamic environment where compliance management systems try to keep pace with evolving products, services, and delivery channel offerings.
The report also discussed challenges banks face when trying to manage climate-related financial risks, as well as the importance of investing and aligning technology with banks’ business goals. Acting Comptroller of the Currency Michael Hsu urged banks “to ‘be on the balls of their feet’ with regards to risk management” and “guard against complacency.”
Hsu discusses significance of consumer trust in banking
On June 8, acting Comptroller of Currency Michael J. Hsu discussed the significance of consumer trust in banking, and announced the OCC is considering designing and releasing an annual survey to measure the extent of consumer trust in banking. (See OCC’s request for comments on its proposed annual trust survey.) Hsu noted that public trust in banking is imperative to a good relationship with the communities served and to ensure consumers do not rely on risky means for storing funds. Distrust also presents risks for banks, Hsu said, explaining that “banks that have material fairness and compliance deficiencies may face stiff civil money penalties, restrictions on growth, and sustained reputational damage, limiting their capacities to make loans.” Hsu’s focus on trust in the banking system is also inspired by the threatening impact of unfairness and a lack of inclusivity. Therefore, in addition to the survey, the OCC is focusing on methods of consumer protection to underpin public trust in banks. Efforts include strengthening and modernizing the Community Reinvestment Act to create more lending opportunities to those in low- and moderate-income areas, reforming overdrafts by issuing guidance on overdraft protection programs, and addressing bias in the appraisal of homes by issuing a proposed rule to implement quality control standards for automated valuation models.