On March 21, the Federal Reserve Board, the OCC, and the FDIC issued final interagency guidance to ensure institutions provide leverage lending in a safe and sound manner by: (i) identifying the institution’s risk appetite for leveraged finance, establishing appropriate credit limits, and ensuring prudent oversight and approval processes; (ii) establishing underwriting standards that clearly define expectations for cash flow capacity, amortization, covenant protection, collateral controls, and the underlying business premise for each transaction, and consider whether the borrower’s capital structure is sustainable; (iii) concentrating valuation standards on the importance of sound methods in the determination and periodic revalidation of enterprise value; (iv) accurately measuring exposure on a timely basis, establish policies and procedures that address failed transactions and general market disruptions, and ensure periodic stress tests of exposures to loans not yet distributed to buyers; (v) developing information systems that accurately capture key obligor characteristics and aggregate them across business lines and legal entities on a timely basis, with periodic reporting to the institution’s board of directors; (vi) considering in risk rating standards the use of realistic repayment assumptions to determine a borrower’s ability to de-lever to a sustainable level within a reasonable period of time; (vii) establishing underwriting and monitoring standards similar to loans underwritten internally; and (viii) performing stress testing on leveraged loans held in portfolio as well as those planned for distribution. The new guidance took effect on March 22, 2013, and institutions have until May 21, 2013 to comply.

On March 12, the U.S. House of Representatives passed H.R. 749, a bill that would exempt from the Gramm-Leach-Bliley Act’s annual privacy policy notice requirements any financial institution that (i) provides nonpublic personal information only in accordance with specified requirements and (ii) has not changed its policies and practices with regard to disclosing nonpublic personal information from its most recent disclosure. The bill is identical to one passed by the House last year, H.R. 5817, but which the Senate never addressed. H.R. 749 now awaits consideration by the Senate.

On January 7, the Basel Committee released its revised Liquidity Coverage Ratio (LCR), a component of the comprehensive Basel III accords that also address capital standards. The committee’s LCR is intended to promote short-term resilience of a bank’s liquidity risk and reduce the risk of the banking sector harming the broader economy by failing to absorb shocks arising from financial and economic stress. The LCR requires that a bank have an adequate stock of unencumbered high-quality liquid assets that can be converted into cash easily and immediately in private markets to meet a 30-day liquidity stress scenario. The revised LCR updates standards originally adopted by the Committee in 2010. Given slower than expected strengthening of the banking system and the broader economy, and in response to industry requests, the Committee decided to expand the range of eligible assets to include corporate debt, unencumbered equities, and highly-rated residential mortgage-backed securities. The Committee also clarified its intention to allow banks use their high-quality liquid assets in times of stress. Finally, the Committee revised the timetable for phase-in of the standard. The standard will take effect as planned on January 1, 2015, but the minimum requirement will begin at 60%, rising 10 percentage points each year until full implementation on January 1, 2019.

On November 15, the Federal Reserve Board, the OCC, and the FDIC released the macroeconomic and financial market scenarios to be used in annual stress tests conducted by covered institutions pursuant to rules the regulators finalized last month. The economic scenarios are the same for each regulator and their covered institutions and include baseline, adverse, and severely adverse scenarios with variables that reflect, among other things, economic activity, unemployment, exchange rates, prices, incomes, and interest rates. The baseline scenario represents expectations of private-sector forecasters, while the adverse and severely adverse scenarios present hypothetical conditions designed to assess the strength and resilience of financial institutions, as well as their ability to continue to meet the credit needs of households and businesses in stressful economic and financial environments. The Federal Reserve Board also published a proposed policy statement and the OCC issued interim guidance to describe how those agencies will develop and distribute stress test scenarios in future years. Comments are due on the Federal Reserve Board policy statement by February 15, 2013, and on the OCC interim guidance within 60 days after publication in the Federal Register. Finally, last week, the Federal Reserve Board issued instructions and guidelines for covered institutions, including timelines for submissions. In a shift from prior years, the Federal Reserve Board will provide covered firms an opportunity to adjust planned capital distributions based on the stress test results before the Federal Reserve Board makes a final decision on their capital adequacy.

On October 31, the Federal Financial Institutions Examination Council (FFIEC) issued a revised Supervision of Technology Service Providers Booklet (TSP Booklet). The revised TSP Booklet, which is part of the FFIEC Information Technology Examination Handbook, provides guidance for examiners and financial institutions on the supervision of technology service providers by describing the federal banking regulators’ statutory authority to supervise third-party service providers, outlining the regulators’ risk-based supervision program, and providing the Uniform Rating System for examinations. The TSP Booklet clarifies that outsourced activities should be subject to the same risk management, security, privacy, and other internal controls and compliance policies as if such functions were performed internally, and that a financial institution’s board of directors and management have the responsibility for ensuring that outsourced activities are conducted in a safe and sound manner and in compliance with applicable laws and regulations.

Concurrent with the release of the updated TSP Booklet, the Federal Reserve Board, the FDIC, and the OCC issued new Administrative Guidelines for the Implementation of Interagency Programs for the Supervision of Technology Service Providers. The Guidelines are separate from the FFIEC IT Examination Handbook and describe how the agencies implement their interagency supervisory programs. The Guidelines are primarily a resource for examiners and include the reporting templates used by examiners.

Last week, federal and state policymakers sent letters to federal regulators urging a change in course with regard to proposed regulations to implement the Basel III capital accords. On October 17, U.S. Senators Sherrod Brown (D-OH) and David Vitter (R-LA) expressed concern that the proposed approach would not be sufficient to prevent another financial crisis and urged the federal prudential regulators to simplify and enhance capital rules that will apply to U.S. banks. Specifically, the Senators asserted that Basel III’s continued focus on risk-based capital ratios is too complex and opaque; instead the proposal should focus on “pure, loss-absorbing capital.” On the same day, the Conference of State Bank Supervisors (CSBS) encouraged the federal agencies to consider the impact of their proposal on the national and local economies. The CSBS argued that Basel III is intended only to apply to large, internationally active banks, and suggested that capital requirements for other U.S. banks should be set through a separate rulemaking. In a second letter, the CSBS commented on a related rulemaking regarding a standardized approach to risk-weighted assets. In that letter, the state supervisors expounded on their recent objection to the proposal as “reactionary” and “overly complex.” Earlier in the week, on October 15, Senate Banking Committee Ranking Member Richard Shelby (R-AL) objected to the rulemaking process and challenged the regulators to better explain (i) why the Basel III standards are appropriate for U.S. banks and how the regulators came to their determinations, and (ii) the impact on the U.S. baking system and the economy, including a detailed cost-benefit analysis. Also this week, other federal lawmakers, including Republican members of the House Committee on Financial Services, and the congressional delegations from Arkansas, Colorado, and Mississippi, submitted letters commenting on the proposals.

On October 9, the OCC and the FDIC each finalized a rule to implement the company-run stress test requirements of the Dodd-Frank Act. The stress tests are exercises designed to gauge the losses that covered institutions might experience under hypothetical scenarios established by the regulators. The OCC and FDIC rules apply to covered institutions with average total consolidated assets greater than $10 billion. Covered institutions with assets over $50 billion are subject to the stress test requirements immediately. They will be required to submit results in January 2013 of stress tests based on data as of September 30, 2012 and scenarios that the FDIC and the OCC plan to publish next month. Implementation of the stress test requirements for institutions with assets of $10 billion to $50 billion will not begin until October 2013. Also on October 9, the Federal Reserve Board (FRB) finalized two stress test-related rules. The first rule establishes the stress test requirements for bank holding companies, state member banks, and savings and loan companies with more than $10 billion in total consolidated assets. As with the OCC and FDIC rules, the FRB rule delays implementation of stress test requirements for covered institutions with $50 billion or less in assets until the fall of 2013. Additionally, the results of that first test will not have to be publicly disclosed. The second FRB rule establishes the company-run stress test requirements for bank holding companies with $50 billion or more in total consolidated assets, and nonbank financial companies designated as systemically important by the Financial Stability Oversight Council. These institutions are required to conduct two internal stress tests each year, in addition to a stress test performed by the FRB. Like the OCC and the FDIC, the FRB expects to release its stress test scenarios in November.

On October 9, the FDIC released a final rule to revise certain definitions included in the large bank pricing assessment system for banks with more than $10 billion in assets. In February 2011, the FDIC published a large bank pricing rule that, among other things, eliminated risk categories and the use of long-term debt issuer ratings. In their place, the FDIC adopted scorecards that combine CAMELS ratings and certain forward-looking measures to assess risk posed by an institution to the FDIC insurance fund. The February rule used existing interagency guidance to define nontraditional mortgage loans, subprime consumer loans, and leveraged commercial loans, but refined the definitions to minimize reporting discrepancies. A subsequent FDIC notice added a requirement that covered institutions include nontraditional mortgage loans, subprime consumer loans, and leveraged commercial loans data in their Call Reports. In response to industry concerns that institutions generally do not maintain data on those loans consistent with the definitions in the February rule, the current final rule extensively renames and revises the definitions of (i) higher-risk consumer loans, (ii) higher-risk consumer and industrial loans, (iii) nontraditional mortgage loans, and (iv) higher-risk securitizations.

On October 3, the Conference of State Bank Supervisors (CSBS) announced its opposition to the “highly reactionary” approach federal regulators have proposed to implement the Basel III capital accord. Although they support higher levels and improved quality of capital, the state regulators argue that the transaction-level approach proposed by federal regulators is too complex and leaves the financial system susceptible to more volatility. Instead, the state regulators favor an approach based on risk management and the supervisory process. Further, the state regulators charge that the federal proposal, including the proposed specific risk-weighted asset requirements, lack empirical support. The CSBS argues that the proposed standardized risk-weighted assets present a specific challenge to mortgage lending, and in other areas would replace supervisory judgment and institution-specific analysis. The state regulators believe that implementing Basel III as currently proposed will only increase industry costs, limit credit availability, and force industry consolidation.

On September 25, the FDIC issued Financial Institution Letter FIL-41-2012, which revises the classification system used to cite violations of consumer financial laws identified during compliance examinations. The new system features three levels of severity and will replace the current two-level system on October 1, 2012. The FDIC letter states that the change is intended to provide greater clarity regarding the severity of a violation by focusing on the most significant issues identified during an examination. For example, the new “Level 3/High Severity” classification will cover violations that result in significant harm to consumers or members of a community. These violations typically result in restitution in excess of $10,000 (in aggregate), and include any pattern or practice violations of anti-discrimination provisions.

On September 24, the Joint Forum, which brings together the Basel Committee on Banking Supervision, the International Organization of Securities Commissions, and the International Association of Insurance Supervisors to coordinate regulation of financial conglomerates, published final principles for the supervision of financial conglomerates. The principles are meant to provide an overarching policy framework to support consistent and effective supervision of financial conglomerates across borders, while closing regulatory gaps. The final guidelines, which update a framework originally adopted in 1999, are organized in five categories—(i) supervisory powers and authority, (ii) supervisory responsibility, (iii) corporate governance, (iv) capital adequacy and liquidity, and (v) risk management—and provide implementation criteria and comments explaining each principle.

On August 16, the OCC published a notice that describes the reports and information the OCC proposes to collect to implement the Dodd-Frank Act’s annual stress tests for banks with consolidated assets of $50 billion or more. The information that the OCC proposes to collect includes documentation regarding income statements, balance sheets, capital statements, retail projections, securities, trading risk, counterparty credit risk, operational risk, and pre-provision net revenue. The OCC proposed rules to implement the stress tests earlier this year. A separate notice regarding reports for institutions with consolidated assets between $10 billion and $50 billion will be published at a later date. The OCC is accepting comments on the instant notice through October 15, 2012.

On August 8, the Federal Reserve Board, the FDIC, and the OCC announced an extension of the comment period for three proposed regulatory capital rules. The proposed rules were announced in June with a comment period closing September 7, 2012. The regulators are now giving interested parties until October 22, 2012 to submit comments.

On July 30, the NCUA proposed a rule that would alter the emergency liquidity requirements applicable to all federally-insured credit unions. For those credit unions with assets of $10 million or more, the rule would require a contingency funding plan with strategies for addressing liquidity under an emergency scenario. The rule would require institutions with assets of $100 million or more to have access to backup federal liquidity. Institutions with less than $10 million in assets would have to establish a board-approved framework for managing liquidity under emergency circumstances, including a list of contingent liquidity sources. The proposal reminds credit unions that their access to the Central Liquidity Facility is expected to close in October 2012. Comments on the proposal are due by September 28, 2012.