Oct 12 -- The Federal Deposit Insurance Corporation (FDIC) is seeking comment on proposed corporate governance and risk management guidelines (Guidelines) that would apply to all insured state nonmember banks, state-licensed insured branches of foreign banks, and insured state savings associations that are subject to Section 39 of the Federal Deposit Insurance Act (FDI Act), with total consolidated assets of $10 billion or more on or after the effective date of the final Guidelines. These proposed Guidelines would be issued as Appendix C to FDIC's standards for safety and soundness regulations in part 364, pursuant to Section 39 of the FDI Act, and would be enforceable under Section 39. The FDIC also proposes to make corresponding amendments to parts 308 and 364 of its regulations to implement the proposed Guidelines. Comments on the proposed Guidelines must be received by December 11, 2023.
Strong corporate governance is the foundation for an insured depository institution's safe and sound operations. An effective governance framework is necessary for an insured depository institution to remain profitable, competitive, and resilient through changing economic and market conditions. The board of directors serves a critical role in maintaining an insured depository institution's safety and soundness and continued financial and operational resilience.
The FDIC observed during the 2008 financial crisis and more recent bank failures in 2023 that financial institutions with poor corporate governance and risk management practices were more likely to fail. Reports reviewing the recent 2023 bank failures noted that poor corporate governance and risk management practices were contributing factors. Failures of insured depository institutions (IDIs) impose costs on the Deposit Insurance Fund (DIF) and negatively affect a wide variety of stakeholders including the institution's depositors and shareholders, employees, customers (including consumers and businesses that rely on the institution's services and the availability of credit), regulators, and the public as a whole. Insufficient attention and responsiveness to internal controls and governance processes can result in noncompliance with laws and regulations going undetected or unaddressed.
The safety and soundness standards in part 364 currently include guidelines in Appendix A, which contain operational and managerial standards for insured state nonmember banks, state-licensed insured branches of foreign banks, and insured state savings associations (together, “FDIC-supervised institutions”). In smaller, noncomplex institutions, risk management processes and internal controls that generally incorporate these standards may be adequate. However, as the recent bank failures show, corporate and risk governance structure and practices should keep pace with the bank's changes in size, business model, risk profile, and complexity. Larger or more complex institutions should have more sophisticated and formal board and management structures and practices to ensure appropriate corporate governance.
In order to strengthen the corporate governance and risk management practices of large institutions, the FDIC is proposing to issue Guidelines as a new Appendix C to part 364 to address corporate governance and risk management practices and board oversight. The proposed Guidelines would apply to all FDIC-supervised institutions with total consolidated assets of $10 billion or more on or after the effective date of the final Guidelines (together “covered institutions” and each, a “covered institution”). The proposed Guidelines would apply in addition to any other requirements established by law or regulation. The FDIC's supervisory experience has shown that institutions with assets greater than $10 billion are larger, more complex and present a higher risk profile. The proposed Guidelines are intended to raise the FDIC's standards for corporate governance, risk management, and control to help ensure these larger institutions effectively anticipate, evaluate, and mitigate the risks they face.
In developing the proposed Guidelines, the FDIC considered other statutory and regulatory authorities that impose requirements and expectations concerning corporate governance activities and risk management practices. For example, the Office of the Comptroller of the Currency (OCC) has developed heightened expectations to strengthen the corporate governance and risk management practices of large national banks with total consolidated assets of $50 billion or more. Under guidelines the OCC issued pursuant to Section 39 of the FDI Act, it expects larger national banks to establish and implement a risk governance framework for managing and controlling the bank's risk taking. The Board of Governors of the Federal Reserve System (Federal Reserve Board) has incorporated corporate governance and risk management requirements in Regulation YY and various Supervision and Regulation (SR) Letters for bank holding companies with total consolidated assets of $50 billion or more. The Federal Reserve Board has also noted that the risk management processes of a regional IDI, which it generally considers to be a midsize IDI with total consolidated assets between $10 and $100 billion, should typically contain detailed guidelines that set specific prudent limits on the principal types of risks relevant to a regional IDI's consolidated activities.
The proposed Guidelines are drawn from the principles set forth in the authorities noted above and would therefore align the FDIC's supervisory framework more closely with the other Federal banking agencies. Although the proposed Guidelines would apply more broadly to capture FDIC-supervised institutions with total assets of $10 billion or more, the FDIC believes that the proposed scope of application threshold is appropriate, as effective risk management practices should be tailored to the size of the institution and the nature, scope, and risk of its activities. These institutions are typically more complex and present a higher risk profile than community banking organizations with less than $10 billion in total assets.
FRN:
https://www.federalregister.gov/d/2023-22421