FDIC Issues Guidance to Facilitate Recovery in Areas of Louisiana Affected by Severe Weather

On February 14, the FDIC issued guidance (FIL-9-2017) intended to provide regulatory relief to financial institutions and to facilitate recovery in areas of Louisiana affected by recent severe storms, tornadoes, high winds, and flooding. A current list of designated areas—where damage assessments are currently underway—is available at www.fema.gov. Among other things, the guidance encourages banks to “work constructively with borrowers experiencing difficulties” due to weather-related damage by considering “[e]xtending repayment terms, restructuring existing loans, or easing terms for new loans.” Such flexibility, the FDIC instructs, can both “contribute to the welfare of the local community” and also “serve the long-term interests of the lending institution.” The FDIC is also considering “regulatory relief from certain filing and publishing requirements.”


FDIC Releases 2016 Annual Report; Separately, FDIC’s OIG Issues Report Critical of Bank Service Provider Contracts

On February 15, the FDIC released its 2016 Annual Report–which includes, among other things, the audited financial statements of the Deposit Insurance Fund and the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund. The report also provides an overview of key FDIC initiatives, performance results and other aspects of FDIC operations.

Separately, on the same day, the FDIC’s Office of Inspector General (OIG) released an Audit Report (EVAL-17-004) on the adequacy of a small but random sample of contracts between FDIC-supervised institutions and their technology service providers (TSPs), in light of federal law and banking agency guidance on customer privacy-protection and how to properly manage third-party relationships. All sampled contracts had been designated as “critical” or “high” risk to the supervised institutions’ operations. The OIG specifically evaluated, and generally found insufficient, the clarity of contract provisions on TSP obligations regarding: (i) business continuity planning; and (ii) responding to and reporting on cybersecurity incidents. Despite the insufficiencies noted, the OIG acknowledged that because many contracts were negotiated before some of the relevant guidance was issued, “more time is needed to allow FDIC and FFIEC efforts to have a demonstrable” impact on contractual language.

As a result of these findings, the OIG recommended—and FDIC management agreed—that the agency, after allowing appropriate time for current guidance to be implemented, conduct a “full horizontal review to assess” any continued presence of the contractual insufficiencies noted in the report. The FDIC will “prepare” that horizontal review in 2018.


FDIC Issues List of Banks Examined for CRA Compliance

On February 3, the FDIC released its February 2017 list of state nonmember banks recently evaluated for compliance with the Community Reinvestment Act (CRA). As part of the Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (FIRREA), Congress mandated the public disclosure of an evaluation and rating for each bank or thrift that undergoes a CRA examination on or after July 1, 1990. A monthly list of banks examined for CRA compliance dating back to 1996 can be accessed here. The February 2017 list covers evaluation ratings that the FDIC assigned to institutions in November 2016. Of the 49 banks evaluated, five were rated Outstanding, 43 received a Satisfactory rating, and one was rated Needs to Improve.


OCC, FDIC, and Fed Release Stress Test Scenarios for 2017

On February 3, the Fed announced the release of the “Supervisory Scenarios” to be used by banks and supervisors for the 2017 Comprehensive Capital Analysis and Review (CCAR) and Dodd-Frank Act stress test exercises and also issued instructions to firms participating in CCAR. The Fed also published three letters that provide additional information on its stress-testing program. The three letters describe: (i) the Horizontal Capital Review for large, noncomplex companies; (ii) the CCAR qualitative assessment for U.S. intermediate holding companies of foreign banks, which are submitting capital plans for the first time; and (iii) improvements to how the Fed will estimate post-stress capital ratios.

On February 3, the OCC similarly released economic and financial market scenarios for 2017 that are to be used by national banks and federal savings associations (with total consolidated assets of more than $10 billion) in their annual Dodd-Frank Act-mandated stress test. On February 6, the FDIC released its stress test scenarios, working in consultation with the Fed and OCC.

The three sets of supervisory scenarios provide each agency with forward-looking information for use in bank supervision and will assist the agencies in assessing the covered institutions’ risk profile and capital adequacy.


Major Regional Bank Agrees to Fix Anti-Money Laundering Controls in Fed/FDIC Orders

On January 27, the Federal Reserve publically released a cease-and-desist order against a regional bank concerning its anti-money laundering (AML) program. The order, which is dated January 25, requires the bank to address certain deficiencies identified in a review of the bank’s AML compliance program by the Federal Reserve Bank of Richmond and develop a firm-wide compliance risk management program addressing the AML requirements. The order follows a recent Stipulated Order with the FDIC against the same bank concerning similar allegations and calling for, among other things, corrective actions and enhancements to address certain internal control deficiencies.