AGENCY:
Board of Governors of the Federal Reserve System (Board).
ACTION:
Notice.
SUMMARY:
The Board invites comment on a proposal addressing supervisory expectations for the boards of directors of bank holding companies, savings and loan holding companies, state member banks, U.S. branches and agencies of foreign banking organizations, and systemically important nonbank financial companies designated by the Financial Stability Oversight Council for supervision by the Federal Reserve. For the largest domestic bank and savings and loan holding companies and systemically important nonbank financial companies, the proposal would establish principles regarding effective boards of directors focused on the performance of a board's core responsibilities. The proposal would also better distinguish between the roles and responsibilities of an institution's board of directors and those of senior management. For domestic bank and savings and loan holding companies, the proposal also would eliminate or revise supervisory expectations contained in certain existing Federal Reserve Supervision and Regulation letters, which would be aligned with existing or proposed guidance for boards depending on the size of the firm.
DATES:
Comments must be received no later than October 10, 2017.
ADDRESSES:
Interested parties are invited to submit written comments by following the instructions for submitting comments at http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm.
- Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
- Email: regs.comments@federalreserve.gov. Include the docket number in the subject line of the message.
- Fax: (202) 452-3819 or (202) 452-3102.
- Mail: Address to Ann E. Misback, Secretary, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue NW., Washington, DC 20551.
All public comments will be made available on the Board's Web site at http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm as submitted, unless modified for technical reasons. Accordingly, comments will not be edited to remove any identifying or contact information. Public comments may also be viewed electronically or in paper in Room 3515, 1801 K Street NW. (between 18th and 19th Street NW.), Washington, DC 20006 between 9:00 a.m. and 5:00 p.m. on weekdays.
FOR FURTHER INFORMATION CONTACT:
Michael Hsu, Associate Director, (202) 912-4330, Michael Solomon, Associate Director, (202) 452-3502, Richard Naylor, Associate Director, (202) 728-5854, Division of Supervision and Regulation; Ben McDonough, Assistant General Counsel, (202) 452-2036, Scott Tkacz, Senior Counsel, (202) 452-2744, Keisha Patrick, Senior Counsel, (202) 452-3559, or Chris Callanan, Senior Attorney, (202) 452-3594, Legal Division, Board of Governors of the Federal Reserve System, 20th and C Streets NW., Washington, DC 20551. For the hearing impaired only, Telecommunications Device for the Deaf (TDD) users may contact (202) 263-4869.
SUPPLEMENTARY INFORMATION:
The Board invites comment on a proposal addressing supervisory expectations on boards of directors (boards or boards of directors). The proposal has been informed by a multi-year review by the Federal Reserve of practices of boards of directors, particularly at the largest banking organizations. The review assessed, among other things, the factors that make boards effective, the challenges boards face, and how boards influence the safety and soundness of their firms and promote compliance with laws and regulations. The Federal Reserve also reviewed expectations contained in Board supervisory guidance. This notice and the guidance proposed herein constitute the results of the review.
Among other things, the results of the review and discussions with independent directors suggest that supervisory expectations for boards of directors and senior management have become increasingly difficult to distinguish. Greater clarity regarding these supervisory expectations could improve corporate governance overall, increase efficiency, support greater accountability, and promote compliance with laws and regulations. The results of the review also suggest that boards often devote a significant amount of time satisfying supervisory expectations that do not directly relate to the board's core responsibilities, which include guiding the development of the firm's strategy and the types and levels of risk it is willing to take (also referred to as risk tolerance), overseeing senior management and holding them accountable for effective risk management and compliance among other responsibilities, supporting the stature and independence of the firm's independent risk management and internal audit functions, and adopting effective governance practices. Boards completing such non-core tasks may do so at the expense of sufficiently focusing on their core responsibilities, which when exercised effectively promote the safety and soundness of the firm. Finally, the results of the review suggest that boards of large financial institutions face significant information flow challenges, especially in preparing for and participating in board meetings. Absent actively managing its information flow, boards can be overwhelmed by the quantity and complexity of information they receive. Although boards have oversight responsibilities over senior management, they are inherently disadvantaged given their dependence on senior management for the quality and availability of information.
The Board invites comment on a proposal consisting of three parts that are each intended to refocus supervisory expectations for boards on a board's core responsibilities. The first part includes proposed supervisory guidance addressing effective boards of directors (proposed BE guidance), which would apply to all bank and savings and loan holding companies with total consolidated assets of $50 billion or more, and to systemically important nonbank financial companies designated by the Financial Stability Oversight Council for supervision by the Federal Reserve. The proposed BE guidance would clarify supervisory expectations for boards as distinct from expectations for senior management, and identifies five key attributes of effective boards of directors that the Board would use when assessing a firm's board of directors.
The proposed BE guidance would not apply to U.S. intermediate holding companies (IHCs) of foreign banking organizations (FBOs) established pursuant to Regulation YY. The Board anticipates proposing guidance on board effectiveness for IHCs at a later date.
The proposed BE guidance would be used in connection with the supervisory assessment of board effectiveness under the proposed Large Financial Institution (LFI) rating system, which the Federal Reserve is issuing for public comment concurrently with this proposal. The proposed LFI rating system would apply to all bank holding companies with total consolidated assets of $50 billion or more; all non-insurance, non-commercial savings and loan holding companies with total consolidated assets of $50 billion or more; and U.S. intermediate holding companies of foreign banking organizations established pursuant to the Federal Reserve's Regulation YY. The proposed LFI rating system consists of three components, each of which would be assigned a rating: Governance and Controls, Capital Planning and Positions, and Liquidity Risk Management and Positions. The Governance and Controls component rating would evaluate the effectiveness of a firm's (i) board of directors, (ii) management of core business lines and independent risk management and controls, and (iii) recovery planning (only for domestic bank holding companies subject to the Federal Reserve's Large Institution Supervision Coordinating Committee (LISCC) supervisory framework).
The Federal Reserve also plans to separately release additional proposed guidance seeking comment on supervisory expectations relating to a firm's management of core business lines and independent risk management and controls. The release describing the proposed LFI rating system includes a summary of that planned guidance.
See SR letter 14-8, “Consolidated Recovery Planning for Certain Large Domestic Bank Holding Companies,” at https://www.federalreserve.gov/supervisionreg/srletters/sr1408.htm.
The second part of the proposal would refocus supervisory guidance found in existing Supervision and Regulation (SR) letters for boards of directors of bank and savings and loan holding companies of all sizes. This proposal would revise certain supervisory expectations for boards to ensure they are aligned with the Federal Reserve's supervisory framework, and would eliminate redundant, outdated, or irrelevant supervisory expectations. The Board also plans to review guidance that has been adopted on an interagency basis and requirements established by rule concerning boards of directors and would consider modifications in those areas at a later date.
The third part of the proposal includes proposed supervisory guidance that would replace Federal Reserve SR letter 13-13/CA letter 13-10. The proposed guidance would facilitate the execution of boards' core responsibilities by clarifying expectations for communicating supervisory findings to an institution's board of directors and senior management. The proposed guidance would indicate that the Federal Reserve expects to direct most Matters Requiring Immediate Attention (MRIAs) and Matters Requiring Attention (MRAs) to senior management for corrective action. MRIAs and MRAs would only be directed to the board for corrective action when the board needs to address its corporate governance responsibilities or when senior management fails to take appropriate remedial action. The board would remain responsible for holding senior management accountable for remediating supervisory findings. This proposed guidance would apply to all financial institutions supervised by the Federal Reserve.
See SR letter 13-13/CA letter 13-10, “Supervisory Considerations for the Communication of Supervisory Findings,” at https://www.federalreserve.gov/supervisionreg/srletters/sr1313.htm.
Although the proposal would not address all existing supervisory expectations for boards of directors, the Board intends to continue reviewing existing supervisory expectations for boards of directors.
I. Proposed Board Effectiveness (BE) Guidance
The proposed BE guidance better distinguishes the supervisory expectations for boards from those of senior management, and describes effective boards as those which: (1) Set clear, aligned, and consistent direction regarding the firm's strategy and risk tolerance, (2) actively manage information flow and board discussions, (3) hold senior management accountable, (4) support the independence and stature of independent risk management and internal audit, and (5) maintain a capable board composition and governance structure.
Independent risk management includes compliance.
These five attributes support safety and soundness and would provide the framework with which the Federal Reserve proposes to assess a firm's board of directors under the proposed LFI rating system. Assessing the effectiveness of a board of directors using these attributes reflects the view that applying standardized expectations for boards of directors fails to take into account differences in firms' activities, risk profiles, and complexity, and potentially prevents a board from achieving maximum effectiveness in meeting its core responsibilities.
In assessing a board's effectiveness, supervisors rely on various sources of information, including firm-provided materials and examinations. As noted in the proposed BE guidance, a board of directors may also provide to supervisors a self-assessment of its effectiveness, for example, relative to the five attributes, which the Federal Reserve would take into consideration in its evaluation. The proposed BE guidance does not prescribe how such a self-assessment should be conducted or documented.
II. Rescinding or Revising Existing Federal Reserve Expectations for Boards of Directors
The Federal Reserve is conducting a comprehensive review of all existing supervisory expectations and regulatory requirements relating to boards of directors of bank and savings and loan holding companies of all sizes. The purpose of the review is to identify supervisory expectations for boards of directors which do not relate to their core responsibilities or are not aligned with the Federal Reserve's supervisory framework. The Federal Reserve believes that revising or eliminating unnecessary, redundant, or outdated expectations, as appropriate, will allow boards to focus more of their time and resources on fulfilling their core responsibilities.
The Federal Reserve is conducting this review in two phases. The first phase is focused on reviewing supervisory expectations of boards set forth in existing SR letters that communicate Board guidance. The preliminary results of the first phase are discussed in more detail below. The second phase of the review is focused on requirements and supervisory expectations set forth in Board regulations or in various forms of interagency guidance. Revising Board regulations generally will take more time to complete, and revisions to interagency guidance require consultation and collaboration with other federal banking agencies. The Board's proposed changes to supervisory expectations for the second phase would be released for notice and comment at a later date.
The Federal Reserve would make conforming changes to existing examination manuals, examination procedures, and training materials as supervisory expectations evolve over time.
In the first phase of the review, the Board preliminarily identified 27 SR letters for potential elimination or revision, which collectively include more than 170 supervisory expectations for holding company boards. These SR letters are listed in Table A, “SR letters in Which Guidance on the Roles and Responsibilities for Boards of Directors of Holding Companies Would Be Rescinded or Revised.” For SR letters on this list that have other supervisory expectations unrelated to boards of directors that remain relevant, only the specific portions of the guidance relating to boards of directors would be revised, and the other portions of the letter would generally be left unchanged. SR letters which are outdated or no longer relevant would be rescinded in their entirety.
Existing supervisory expectations would be eliminated or revised for (1) domestic bank and savings and loan holding companies (including insurance and commercial savings and loan holding companies) with total consolidated assets of $50 billion or more (“larger firms”) and (2) domestic bank and savings and loan holding companies (including insurance and commercial savings and loan holding companies) with total consolidated assets of less than $50 billion (“smaller firms”). For larger firms, supervisory expectations for boards would be revised to align with the attributes of effective boards outlined in the proposed BE guidance. For smaller firms, supervisory expectations would be revised to align with the supervisory expectations set forth in SR letter 16-11, “Supervisory Guidance for Assessing Risk Management at Supervised Institutions with Total Consolidated Assets Less than $50 Billion” (SR 16-11), which applies to all Federal Reserve-supervised institutions with total consolidated assets of less than $50 billion. SR 16-11 includes the Federal Reserve's supervisory expectations for the roles and responsibilities of the board of directors for an institution's risk management, such as approving the institution's overall business strategies and significant policies; understanding the risks the institution faces and having access to information to identify the size and significance of the risks; providing guidance regarding the level of acceptable risk exposures to the institution; and overseeing senior management's implementation of the board-approved business strategies and risk limits.
SR letters could be revised in several ways, including deleting portions of an SR letter that would include duplicative expectations to those contained in the proposed BE guidance or SR 16-11, or which otherwise are no longer relevant; modifying specific portions of an SR letter to more clearly delineate the roles and responsibilities of boards from those of senior management; or making general adjustments to an SR letter so that it is aligned and consistent with the proposed BE guidance or SR 16-11. For example, when an existing supervisory expectation ascribes the same roles and responsibilities to both the “board and senior management,” the Board would, in most cases, revise that expectation to refer only to senior management.
Although it represents only the first portion of its review, the Board believes the proposal would result in several changes in supervisory expectations for holding company boards of directors. For instance:
- Replacing the original guidance with SR 13-13 would clarify a board's roles and responsibilities in the supervisory process and more efficiently allocate its time and resources;
- Revising supervisory expectations for boards included in existing SR letters such as SR letter 00-9, “Supervisory Guidance on Equity Investment and Merchant Banking Activities,” would eliminate expectations on boards relating to managing a firm's day-to-day operations, a role which is better suited to senior management;
- Revising supervisory guidance which does not clearly distinguish a board's roles and responsibilities from those of senior management would eliminate uncertainty, which can lead to boards unnecessarily addressing matters that are better suited for senior management, and would support the board's core responsibility of holding senior management accountable;
- Emphasizing their responsibility to review and approve only significant firm-wide policies would reduce the need for boards to devote significant amounts of time considering policies of lesser importance; and
- Eliminating redundant, unnecessary, and outdated supervisory expectations would provide more flexibility to adopt effective governance practices.
Table A—SR Letters in Which Guidance on the Roles and Responsibilities for Boards of Directors of Holding Companies Would Be Rescinded or Revised
III. Revising SR Letter 13-13/CA 13-10, “Supervisory Considerations for the Communication of Supervisory Findings”
The Board is also proposing to clarify expectations regarding the communication of supervisory findings set forth in SR letter 13-13/CA letter 13-10, “Supervisory Considerations for the Communication of Supervisory Findings.” SR 13-13 currently establishes an expectation that all supervisory findings, referred to as Matters Requiring Immediate Attention (MRIAs) and Matters Requiring Attention (MRAs), would be presented to the board of directors so that the board may ensure that senior management devotes appropriate attention to addressing these matters. This approach has in many cases led boards of directors to believe they should become directly involved in addressing the MRIA or MRA.
The proposed guidance, like the existing guidance, would apply to all Federal Reserve-supervised institutions, and would clarify the process that Federal Reserve examiners and supervisory staff should follow in communicating supervisory findings to an institution's board of directors and senior management. The proposed guidance would indicate that Federal Reserve examiners and supervisory staff would direct most MRIAs and MRAs to senior management for corrective action. MRIAs or MRAs would only be directed to the board for corrective action when the board needs to address its corporate governance responsibilities or when senior management fails to take appropriate remedial action. Boards of directors would remain responsible for holding senior management accountable for remediating supervisory findings.
“Federal Reserve-supervised institutions” includes bank holding companies, savings and loan holding companies, state member banks, U.S. branches and agencies of foreign banking organizations, and systemically important nonbank financial companies designated by FSOC for supervision by the Federal Reserve.
Request for Comments
The Board invites comment on all aspects of the proposal, including responses to the following questions:
(1) The Federal Reserve is considering applying the proposed BE guidance to U.S. intermediate holding companies of foreign banking organizations. How should the proposed BE guidance and refocusing of existing supervisory guidance be adapted to apply to boards of the U.S. intermediate holding companies of foreign banking organizations and state member banks?
(2) What other attributes of effective boards should the Board assess?
(3) Should boards of firms subject to the proposed BE guidance be required to perform a self-assessment of their effectiveness and provide the results of that self-assessment to the Board? If so, what requirements should apply to how the board performs the self-assessment? Should such self-assessments be used as the primary basis for supervisory evaluations of board effectiveness?
(4) Would any parts of this proposal conflict with effective governance of insurance and commercial savings and loan holding companies? If so, what adjustments to the proposal would be warranted?
(5) Is the proposed guidance on the communication of supervisory findings clear with respect to the division of responsibilities between the board and senior management?
(6) What Federal Reserve supervisory expectations for boards are not included in Table A, yet interfere with a board's ability to focus on its core responsibilities and should be included in the proposal? Should such expectations be rescinded or revised? If revised, how?
III. Administrative Law Matters
A. Paperwork Reduction Act Analysis
In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3501-3521) (PRA), the Federal Reserve may not conduct or sponsor, and a respondent is not required to respond to, an information collection unless it displays a currently valid Office of Management and Budget (OMB) control number. The Federal Reserve reviewed the proposed supervisory guidance under the authority delegated to the Federal Reserve by OMB.
The proposed supervisory guidance contains a collection of information subject to the PRA. The reporting requirement is found in the proposed BE guidance. The proposed BE guidance provides that a board of directors may provide to supervisors a self-assessment of its effectiveness, which the Federal Reserve would take into consideration in its evaluation of the effectiveness of the board of directors. The Federal Reserve is not prescribing how such a self-assessment should be conducted or documented. This information would assist supervisors in evaluating board effectiveness.
Comments are invited on:
a. Whether the collections of information are necessary for the proper performance of the Federal Reserve's functions, including whether the information has practical utility;
b. The accuracy or the estimate of the burden of the information collections, including the validity of the methodology and assumptions used;
c. Ways to enhance the quality, utility, and clarity of the information to be collected;
d. Ways to minimize the burden of the information collections on respondents, including through the use of automated collection techniques or other forms of information technology; and
e. Estimates of capital or startup costs and costs of operation, maintenance, and purchase of services to provide information.
All comments will become a matter of public record. Comments on aspects of this notice that may affect reporting, recordkeeping, or disclosure requirements and burden estimates should be sent to: Secretary, Board of Governors of the Federal Reserve System, 20th and C Streets NW., Washington, DC 20551. A copy of the comments may also be submitted to the OMB desk officer by mail to U.S. Office of Management and Budget, 725 17th Street NW., #10235, Washington, DC 20503 or by facsimile to (202) 395-5806, Attention, Agency Desk Officer.
Report title: Board Effectiveness Guidance.
Agency form number: FR 4204.
OMB control number: 7100-NEW.
Frequency: Annual.
Respondents: Domestic bank and savings and loan holding companies with total consolidated assets of $50 billion or more (excluding intermediate holding companies of foreign banking organizations established pursuant to the Federal Reserve's Regulation YY), and systemically important nonbank financial companies designated by the Financial Stability Oversight Council for supervision by the Federal Reserve.
Legal authorization and confidentiality: This information collection is voluntary, and allows the board of directors of an affected financial institution to submit to Federal Reserve supervisors a self-assessment of its effectiveness, which supervisors would take into consideration in their evaluation of the effectiveness of the board of directors. The Board has determined that the collection of information is authorized by section 5(c) of the Bank Holding Company Act (12 U.S.C. 1844(c)); section 10(b) of the Homeowners' Loan Act (12 U.S.C. 1467a(b)(4), section 113 of the Dodd-Frank Act (12 U.S.C. 5323). The information contained in the self-assessment would be considered confidential pursuant to exemption 8 of FOIA (5 U.S.C. 552(b)(8)), as it relates to examination reports prepared by supervisors.
Estimated number of respondents: 40.
Estimated average time per respondent: 1,000 hours for initial implementation, 800 hours for subsequent years. This has been calculated based on an estimate of five (5) individuals each working for four (4) weeks to prepare this information collection.
Estimated total annual burden hours: 40,000 hours for initial implementation; 32,000 hours for subsequent years.
Regulatory Flexibility Analysis
B. Regulatory Flexibility Act
The Federal Reserve is providing an initial regulatory flexibility analysis with respect to this proposal. While the proposal is not being adopted as a rule, the Federal Reserve has considered the potential impact of the proposal on small banking organizations using considerations that would apply if the Regulatory Flexibility Act, 5 U.S.C. 601 et seq. (RFA) were applicable. For the reason discussed in the Supplementary Information section above, the proposal is intended to refocus the Federal Reserve's supervisory expectations for boards of directors on their core responsibilities. The proposal should not increase, and in fact may slightly reduce, the amount of burden imposed on small banking organizations.
Under regulations issued by the Small Business Administration, a small banking organization includes a depository institution, bank holding company, or savings and loan holding company with total assets of $550 million or less, as measured by the institution's average assets reported on its four quarterly financial statements for the preceding year (collectively, small banking organizations). It is estimated that as of June 1, 2017, there are 3,539 small banking organizations that would be subject to this proposal.
See 13 CFR 121.201. Effective July 14, 2014, the Small Business Administration revised the size standards for banking organizations to $550 million in assets from $500 million in assets. 79 FR 33647 (June 12, 2014).
If adopted in final form, only certain sections of the proposal would apply to small banking organizations, and the Federal Reserve believes that the proposal would not impose any new burden on small banking organizations. The proposed BE guidance would not apply to or impact small banking organizations as it is intended for the largest financial institutions and would only apply to domestic depository institution holding companies with total consolidated assets of $50 billion or more. The rescission and revision of existing SR letters would not increase, and in fact may reduce, the amount of burden on small bank holding companies and savings and loan holding companies with $550 million or less in total consolidated assets. This is because the proposed rescission and revision would reduce the overall number of supervisory expectations to which their boards are subject, including reporting, recordkeeping, and other compliance requirements associated with these expectations. Finally, the proposed guidance concerning the communication of supervisory findings, which would also apply to financial institutions supervised by the Federal Reserve including small banking organizations, would not increase the amount of burden on small banking organizations because it clarifies the process for communicating supervisory findings to an institution's board of directors and senior management.
There are no significant alternatives to the proposal that would have less economic impact on small banking organizations, and as noted above, the proposal would not increase the amount of burden on small banking organizations, and may result in a slight reduction in burden. As discussed above, the projected reporting, recordkeeping, and other compliance requirements of the proposal will not increase burden on small banking organizations. The Federal Reserve does not believe that the proposal duplicates, overlaps, or conflicts with any Federal rules. In light of the foregoing, the Federal Reserve does not believe that the proposal, if adopted in final form, would have a significant economic impact on a substantial number of small entities. Nonetheless, the Board seeks comment on whether the proposal would impose undue burdens on, or have unintended consequences for, small entities, and whether there are ways such potential burdens or consequences could be minimized in a manner consistent with the purpose of the proposal. A final regulatory flexibility analysis will be conducted after consideration of comments received during the public comment period.
Text for the Proposed Supervisory Guidance on Board of Directors' Effectiveness for Domestic Bank and Savings and Loan Holding Companies With Total Consolidated Assets of $50 Billion or More (Excluding Intermediate Holding Companies of Foreign Banking Organizations Established Pursuant to the Federal Reserve's Regulation YY), and Systemically Important Nonbank Financial Companies Designated by the Financial Stability Oversight Council for Supervision by the Federal Reserve
The Federal Reserve is issuing this letter to provide additional guidance on key attributes of effective boards of directors (also referred to as a firm's “board”). An effective board of directors is central to maintaining the safety and soundness and continued resiliency of a firm's consolidated operations.
“Board” or “board of directors” also refers to committees of the board of directors, as appropriate.
As used here, “resiliency” is defined as maintaining effective governance and controls, including effective capital and liquidity governance and planning processes and sufficient capital and liquidity, to provide for the firm's continuity, and promote compliance with laws and regulations, including those related to consumer protection, through a range of conditions.
In developing this guidance, the Federal Reserve considered other statutory and regulatory authorities which impose requirements and expectations concerning the roles, responsibilities, and expectations of a firm's board of directors. For example, the Federal Reserve reviewed applicable Delaware law, rules promulgated by the U.S. Securities and Exchange Commission (“SEC”), and listing requirements implemented by the New York Stock Exchange (“NYSE”) and the NASDAQ Stock Market (“NASDAQ”). This proposal does not supersede or replace any applicable legal, regulatory, or listing requirements to which firms may currently be subject in the United States, and nothing herein is believed to conflict with such requirements.
See Del. Code Ann. tit. 8 (2016).
In assessing board effectiveness, supervisors rely on various sources of information, including firm-provided materials and examinations. A board of directors also may provide to supervisors a self-assessment of its effectiveness, for example, relative to the five attributes, which the Federal Reserve would take into consideration in its evaluation. The Federal Reserve is not prescribing how such a self-assessment should be conducted or documented.
Attributes of Effective Boards of Directors
A board is most effective when directors focus on establishing a firm-wide corporate strategy and setting the types and levels of risk it is willing to take (also referred to as risk tolerance), making certain that senior management effectively carries out that strategy within the established risk tolerances, and holding management accountable for its actions, including effective risk management and compliance. This guidance focuses on five key attributes of an effective board rather than on process-oriented supervisory expectations that do not directly relate to the board's core responsibilities.
A. Set Clear, Aligned, and Consistent Direction
An effective board of directors guides the development of and approves the firm's strategy and sets the types and levels of risk it is willing to take. The strategy and tolerance of risk should be clear and aligned, and should also include a long-term perspective on risks and rewards that is consistent with the capacity of the firm's risk management framework.
A clear strategy includes sufficient detail to enable senior management to identify the firm's strategic objectives; to create an effective management structure, implementation strategies, plans and budgets for each business line; and to establish effective audit, compliance and risk management and control functions. A clear strategy also allows senior management to discern which opportunities the firm should pursue or avoid and determine the resources and controls necessary to implement the strategy.
The term “senior management” refers to the core group of individuals directly accountable to the board of directors for the sound and prudent day-to-day management of the firm.
A “business line” is a defined unit or function of a financial institution, including associated operations and support that provides related products or services to meet the firm's business needs and those of its customers.
A clear risk tolerance includes sufficient detail to enable the firm's Chief Risk Officer (CRO) and its independent risk management function to set firm-wide risk limits. Risk limits should be set in aggregate by concentration and risk type, as well as at more granular levels as appropriate. A clear risk tolerance also allows senior management to establish risk management expectations and monitor risk-taking for the level and types of risks assumed by the firm.
An “independent risk management function” is responsible for identifying, measuring, aggregating, and reporting risks in a comprehensive and independent manner.
The term “risk limits” refers to thresholds that constrain risk-taking so that the level and type of risks assumed remains aligned with the firm-wide risk tolerance.
A firm's strategy and risk tolerance are aligned when they are consistent, developed, considered, and approved together. For instance, the firm's strategy should clearly articulate objectives consistent with the firm's risk tolerance, and the risk tolerance should clearly specify the aggregate level and types of risks the board is willing to assume to achieve the firm's strategic objectives.
An effective board considers the capacity of the firm's risk management framework when approving the firm's strategy and risk tolerance. This practice helps ensure that strategic plans are commensurate with the firm's ability to identify and manage its risk. For example, if a strategy calls for expansion into a new line of business or a new jurisdiction, the board should consider the increased level of risk or expanded control requirements for consistency with the risk management framework. The same evaluation could also be conducted on a regular basis to assess growth strategies within current businesses and products.
An effective board assesses whether the firm's significant policies, programs, and plans are consistent with the firm's strategy, risk tolerance, and risk management capacity prior to approving them. Significant policies, programs, and plans include the firm's capital plan, recovery and resolution plans, audit plan, enterprise-wide risk management policies, liquidity risk management policies, compliance risk management program, and incentive compensation and performance management programs. The policies, programs, and plans should contain sufficient clarity and allocation of responsibilities so the board can evaluate whether senior management is executing the firm's strategic plan, as approved by the board.
12 CFR 225.8(e)(iii); 12 CFR 252.47(a); SR letter 15-19, “Federal Reserve Supervisory Assessment of Capital Planning and Positions for Large and Noncomplex Firms;” SR letter 15-18, “Federal Reserve Supervisory Assessment of Capital Planning and Positions for LISCC Firms and Large and Complex Firms;” and Federal Reserve paper on Capital Planning at Large Bank Holding Companies: Supervisory Expectations and Range of Current Practice (Federal Reserve Board press release issued on August 19, 2013).
12 CFR part 243; SR letter 14-8, “Consolidated Recovery Planning for Certain Large Domestic Bank Holding Companies;” and SR letter 14-1, “Heightened Supervisory Expectations for Recovery and Resolution Preparedness for Certain Large Bank Holding Companies—Supplemental Guidance on Consolidated Supervision Framework for Large Financial Institutions (SR letter 12-17/CA letter 12-14).”
SR letter 13-1/CA letter 13-1, “Supplemental Policy Statement on the Internal Audit Function and Its Outsourcing,” and SR letter 03-5, “Amended Interagency Guidance on the Internal Audit Function and its Outsourcing.”
12 CFR 252.33.
12 CFR 252.34(a).
SR letter 08-8/CA letter 08-11, “Compliance Risk Management Programs and Oversight at Large Banking Organizations with Complex Compliance Profiles.”
B. Actively Manage Information Flow and Board Discussions
An effective board of directors actively manages its information flow and its deliberations, so that the board can make sound, well-informed decisions in a manner that meaningfully takes into account risks and opportunities.
For instance, an effective board directs senior management to provide information that is timely and accurate with the appropriate level of detail and context to enable the board to make sound, well-informed decisions. An effective board also has practices and processes in place to evaluate information flows and engage senior management on improvements.
Directors of an effective board may seek information about the firm and its activities, risk profile, talent, and incentives outside routine board and committee meetings, including through special sessions of the board, outreach to staff other than the Chief Executive Officer (CEO) and his or her direct reports, discussions with senior supervisors, and training on specialized topics.
Directors of an effective board take an active role in setting board meeting agendas such that the content, organization, and time allocated to each topic allows the board to discuss strategic tradeoffs and to make sound, well-informed decisions. For example, the agenda is set such that the board has the opportunity to discuss a plan to strategically grow a new business simultaneously, or in connection, with a discussion of risk management capabilities of the new business and of internal audit's perspective on relevant controls.
C. Hold Senior Management Accountable
An effective board of directors holds senior management accountable for implementing the firm's strategy and risk tolerance and maintaining the firm's risk management and control framework. An effective board of directors also evaluates the performance and compensation of senior management.
To facilitate accountability, an effective board actively engages senior management. For instance, in board meetings, active engagement may be supported by structuring sufficient time to facilitate frank discussion and debate of information presented, encouraging diverse views, considering whether and how senior management's assessments and recommendations support the approved strategy and risk tolerance, challenging senior management's assessments and recommendations when warranted, and identifying potential gaps or weaknesses in senior management's assessments and recommendations.
An effective board engages in robust and active inquiry into, among other things, drivers, indicators, and trends related to current and emerging risks; adherence to the board-approved strategy and risk tolerance for relevant lines of business; material or persistent deficiencies in risk management and control practices; and the development and implementation of performance management and compensation programs that encourage prudent risk-taking behaviors and business practices, which emphasize the importance of compliance with laws and regulations, including consumer protection.
Hereinafter, when reference is made to “compliance with laws and regulations” in this guidance, this includes laws and regulations related to banking and consumer protection.
An effective board has independent directors who are sufficiently empowered to serve as a check on senior management. For example, such empowerment may derive from the election of a lead independent director with the authority to set agendas of board meetings or to call board meetings with or without the CEO and board chairman present.
An effective board establishes and approves clear financial and nonfinancial performance objectives for the CEO, CRO, and Chief Audit Executive (CAE), and, as appropriate, for other members of senior management. These performance objectives are aligned with the firm's strategy and risk tolerance. In addition, each member of senior management's total compensation should be informed by the board's evaluation of the individual's performance against the performance objectives. Performance objectives enable the board to hold senior management accountable.
An effective board approves and periodically reassesses succession plans for the CEO, and as needed, the CRO and CAE. Succession plans for other members of senior management, such as the chief financial officer (CFO), may be warranted.
This may extend beyond requirements to which firms may be subject under other statutory and regulatory authorities. For example, the NYSE requires formalized succession planning for the CEO only. See NYSE Listed Company Manual, section 303A.09.
D. Support the Independence and Stature of Independent Risk Management and Internal Audit
An effective board of directors, through its risk and audit committees, supports the stature and independence of the firm's independent risk management and internal audit functions. Active engagement by directors on the board's risk committee and audit committee entails a director's inquiry into, among other things, material or persistent breaches of risk appetite and risk limits, timely remediation of material or persistent internal audit and supervisory findings, and the appropriateness of the annual audit plan.
The risk committee is responsible for the firm's global risk management policies and oversight of the firm's global risk management framework. Bank holding companies with $50 billion or more in total consolidated assets must maintain a risk committee pursuant to the enhanced prudential standards in the Board's Regulation YY. 12 CFR 252.33(a). Nonbank financial companies supervised by the Federal Reserve are required to establish a risk committee pursuant to section 165 of the Dodd-Frank Act. 12 U.S.C. 5365(h)(1). SLHCs subject to this guidance should maintain a risk committee which meets the supervisory expectations discussed herein in order to enhance its safety and soundness.
See SR letter 13-1/CA letter 13-1. Firms that are publicly-traded are subject to the audit committee requirements contained in the U.S. Securities and Exchange Commission's Rule 10A-3 (“Rule 10A-3”) under the Exchange Act of 1934, in addition to any requirements imposed by the applicable stock exchange on which the firm is listed. See, for example, NYSE Listed Company Manual, sections 303A.06 and 303A.07, and NASDAQ Stock Market Rules, section 5605(c).
An effective risk committee supports the stature and independence of the independent risk management function, including compliance, by communicating directly with the CRO on material risk management issues; reviewing independent risk management's budget, staffing, and systems; providing independent risk management with direct and unrestricted access to the risk committee; and directing the appropriate inclusion of representatives of the independent risk management function on senior management-level committees; and can effect changes that align with the firm's strategy and risk tolerance after reviewing the risk management framework relative to the firm's structure, risk profile, complexity, activities, and size.
See, for example, 12 CFR 252.33(a)(3).
An effective audit committee supports the stature and independence of internal audit by meeting directly with the CAE regarding the internal audit function, organizational concerns, and industry concerns; supporting internal audit's budget, staffing, and system relative to the firm's asset size and complexity and the pace of technological and other changes; and reviewing the status of actions recommended by internal audit and external auditors to remediate and resolve material or persistent deficiencies identified by internal audit and findings identified by supervisors.
An effective board can identify specific instances or decisions where the independence and stature—or lack thereof—of the independent risk management and internal audit have materially impacted business deliberations, decisions, practices, and/or the firm's strategy.
E. Maintain a Capable Board Composition and Governance Structure
An effective board has a composition, governance structure, and established practices that support governing the firm in light of its asset size, complexity, scope of operations, risk profile, and other changes that occur over time.
An effective board is composed of directors with a diversity of skills, knowledge, experience, and perspectives. To support a diverse composition, an effective board establishes a process for identifying and selecting director nominees which would consider, for example, a potential nominee's expertise, availability, integrity, and potential conflicts of interest.
An effective board has a governance structure, for example, committees and management-to-committee reporting lines, which is capable of overseeing and addressing issues arising from the firm's asset size, scope of operations, activities, risk profile, and resolvability. An effective board also has the capacity to engage third-party advisors and consultants, when appropriate, in order to supplement the board's knowledge, expertise, and experience, and to support the board in making sound, well-informed decisions.
An effective board assesses its strengths and weaknesses, including the performance of the board committees, particularly the risk, audit, and other key committees. An effective board adapts its structure and practices to address identified weaknesses or deficiencies, and as the firm's asset size, scope of operations, risk profile, and other characteristics change over time.
Text for the Proposed Guidance on the Communication of Supervisory Findings
In response to questions from supervised institutions, the Federal Reserve is issuing this revised guidance to clarify supervisory communications to institutions concerning examination and inspection findings requiring corrective actions. This guidance explains the process that Federal Reserve examiners and supervisory staff will follow in communicating supervisory findings to an institution's board of directors and senior management. This revised guidance, like the existing guidance, would apply to all Federal Reserve-supervised institutions. In general, Federal Reserve examiners and supervisory staff will direct most supervisory findings to senior management for corrective action.
With the issuance of this SR/CA letter, SR letter 13-13/CA letter 13-10, “Supervisory Considerations for the Communication of Supervisory Findings,” is superseded.
Nothing in this letter is intended to limit in any way the legal and regulatory responsibilities of an institution's board of directors to oversee the institution.
Federal Reserve-supervised institutions includes bank holding companies, savings and loan holding companies, state member banks, U.S. branches and agencies of foreign banking organizations, and systemically important nonbank financial companies designated by FSOC for supervision by the Federal Reserve.
These supervisory findings are referred to as Matters Requiring Immediate Attention (MRIAs) and Matters Requiring Attention (MRAs) that are included in examination and inspection reports, targeted and horizontal reviews, or any other supervisory communication that Federal Reserve examiners and supervisory staff send to a supervised institution. The key distinction between MRIAs and MRAs is the nature and severity of supervisory findings requiring corrective action, as well as the immediacy with which a supervised institution must take corrective actions or mitigate the risk with compensating controls.
Matters Requiring Immediate Attention
MRIAs arising from an examination, inspection, or any other supervisory activity are matters of significant importance and urgency that the Federal Reserve requires a supervised institution to address immediately and include: (1) Matters that have the potential to pose significant risk to the safety and soundness of the institution; (2) matters that represent significant noncompliance with applicable laws or regulations; (3) repeat criticisms that have escalated in importance due to insufficient attention or inaction by the institution; and (4) matters that have the potential to cause significant consumer harm. An MRIA will remain an open issue until resolution by the institution and written confirmation from examiners to the institution that the corrective action resolves the matter.
The expected timeframe for a supervised institution to take corrective action or mitigate the risk with compensating controls for MRIAs is generally shorter than for MRAs, and may be “immediate,” in the case of heightened safety-and-soundness or consumer compliance risk. For MRIAs that are necessary to preserve or restore the viability of an institution, the timeframe will take into account any potential for losses to the Federal Deposit Insurance Corporation's Deposit Insurance Fund, including the possibility that a delay in action will increase the potential for loss or the cost of resolution.
Matters Requiring Attention (MRAs)
MRAs constitute matters that are important and that the Federal Reserve is expecting a supervised institution to address over a reasonable period of time, but the timing need not be “immediate.” While issues giving rise to MRAs must be addressed to ensure the institution operates in a safe-and-sound and compliant manner, the threat to safety and soundness is less immediate than with issues giving rise to MRIAs. Likewise, consumer compliance concerns that require less immediate resolution are communicated as an MRA. An MRA typically will remain an open issue until resolution by the institution and written confirmation from examiners to the institution that the corrective action resolves the matter. If an institution does not adequately address an MRA in a timely manner, examiners may elevate an MRA to an MRIA. Similarly, a change in circumstances, environment, or strategy can also lead to an MRA becoming an MRIA.
Communications and Corrective Actions
Federal Reserve examiners and supervisory staff communicate MRIAs and MRAs in writing, for instance through examination or inspection reports. Because senior management is responsible for the institution's day-to-day operations, Federal Reserve examiners and supervisory staff would typically direct senior management to take corrective action to address MRIAs and MRAs. Whereas, as the institution's board of directors is still responsible for establishing policies that direct senior management how to manage the MRIAs and MRAs and when to escalate them to the board, it follows that it will be the responsibility of senior management to keep the institution's board of directors apprised of its progress and efforts to remediate MRIAs and MRAs consistent with these escalation policies.
Federal Reserve examiners and supervisory staff are expected to provide sufficient clarity in the MRIA or MRA for senior management to understand supervisory expectations for corrective action and the timeline for taking such action. Highly technical subcomponents of recommendations may be provided to management separately from the examination or inspection report (for example, listing of specific cases in which a banking organization's transactions were completed outside of policy requirements or a listing of specific deficiencies in technical modelling practices or data management requirements), but this would be noted within the MRIA or MRA in the examination or inspection report. Communications to supervised institutions about MRIAs and MRAs would specify a timeframe within which the corrective action is expected to be completed. The timeframe, at least initially, may require estimation because the institution may first need to complete preliminary planning to establish the timeframe for initiating and completing the corrective action. The timeframes for MRAs are likely to become more precise over time as planning evolves and circumstances make the completion of the MRAs more urgent.
Matters Referred to the Board of Directors
Where significant weaknesses in an institution's board governance structure and practices are identified, Federal Reserve examiners and supervisory staff would direct such matters to the institution's board for corrective action in the first instance. Such weaknesses could include instances where the board does not provide effective oversight of senior management or fails to hold senior management accountable for fulfilling its responsibilities.
For foreign banking organizations (FBOs) that do not have a U.S. domiciled board of directors, Federal Reserve examiners and supervisory staff would generally direct the supervisory finding to the senior U.S. manager responsible for the FBO's U.S. operations. However, examiners have the discretion to direct to the FBO's global board of directors those supervisory findings that concern weaknesses in the FBO's governance structure over its U.S. operations or to address excessive risks in its U.S. business strategies that have or may have negative ramifications to safety and soundness.
In addition, when senior management fails to take or ensure appropriate action is taken to correct material deficiencies or weaknesses, Federal Reserve examiners and supervisory staff would escalate such matters to an institution's board of directors or an executive-level committee of the board.
Escalation of a matter to the board of directors or an executive-level committee of the board is not a precondition to the Federal Reserve System's initiation of an enforcement action against the institution or its directors for failure to address an MRIA or MRA.
By order of the Board of Governors of the Federal Reserve System, August 3, 2017.
Margaret McCloskey Shanks,
Deputy Secretary of the Board.
[FR Doc. 2017-16735 Filed 8-8-17; 8:45 am]
BILLING CODE 6210-01-P