risk management

Agencies Issue Advanced Notice of Proposed Rulemaking on Enhanced Cyber Risk Management Standards

 

On October 19, 2016, the Federal Reserve Board, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency announced proposed rules relating to cybersecurity and risk management concerns that would apply to larger institutions under their purview. FDIC Press Release. Federal Reserve Press Release. OCC Press Release.

The OCC Publishes Guidance Concerning Foreign Correspondent Banking Accounts

 

On October 5, 2016, the Office of the Comptroller of the Currency (the “OCC”) issued risk management guidance that addresses periodic reevaluations of risks associated with foreign correspondent banking accounts. The guidance includes the OCC’s best practices for banks to consider when conducting reevaluations and making account termination and retention decisions. Press Release.

Federal Reserve Updates Risk Management Supervisory Guidance for Smaller FBOs

On June 8, 2016, the Federal Reserve updated its Supervisory Guidance that partially supersedes SR letter 95-51, “Rating the Adequacy of Risk Management and Internal Controls at State Member Banks and Bank Holding Companies.”  The guidance clarifies Board and senior management oversight of risk management, policies, procedures and limits, risk monitoring and MIS, and internal controls.  One revision extends the applicability of the guidance to the U.S. operations of foreign banking organizations with total consolidated U.S. assets of less than $50 billion (such as ISP), which were not previously subject to SR 95- 51. The guidance notes, however, that FBO risk management processes and control functions for the U.S. operations may be implemented domestically or outside of the U.S. and in cases where the functions are performed outside of the U.S., the FBO’s oversight function, policies and procedures, and information systems need to be sufficiently transparent to allow U.S. supervisors to assess their adequacy.

Additionally, the FBO’s U.S. senior management need to demonstrate and maintain a thorough understanding of all relevant risks affecting the U.S. operations and the associated management information systems, used to manage and monitor these risks within the U.S. operations.  With respect to Board responsibilities, the guidance states in a footnote: “For the purpose of this guidance, for foreign banking organizations, ‘board of directors’ refers to the equivalent governing body of the U.S. operations of the FBO.”

The guidance goes on further to state that:

The board of directors should collectively have a balance of skills, knowledge, and experience to clearly understand the activities and risks to which the institution is exposed.  The board of directors should take steps to develop an appropriate understanding of the risks the institution faces, through briefings from experts internal to their organization and potentially from external experts.  The institution’s management information systems should provide the board of directors with sufficient information to identify the size and significance of the risks.  Using this knowledge and information, the board of directors should provide clear guidance regarding the level of exposures acceptable to the institution and oversee senior management’s implementation of the procedures and controls necessary to comply with approved policies, the guidance states.

The Office of the Comptroller Provides Updated Guidance for Risk Assessment System

On December 3, 2015, the Office of the Comptroller of the Currency (“OCC”) provided updated guidance for its risk assessment system (“RAS”). The guidance (i) clarifies the relationship between RAS and the Uniform Financial Institutions Rating System (“CAMELS”), (ii) revises the definition of banking risk, (iii) expands the “quality of risk management” assessment, and (iv) expands strategic and reputation risk assessments. These updates affect the following booklets of the Comptroller’s Handbook: “Bank Supervision Process,” “Community Bank Supervision,” “Federal Branches and Agencies Supervision,” and “Large Bank Supervision.” Press Release.

SEC Proposed Clearing Agency Standards for Operations and Governance

On March 3, the SEC proposed rules, as required under the Dodd-Frank Act, regarding the operation and governance of clearing agencies. Under the proposed rules, clearing agencies would be required to: (i) maintain standards with respect to risk management and operations; (ii) have adequate safeguards and procedures to protect the confidentiality of trading information; (iii) have procedures to identify and address conflicts of interest; (iv) require minimum governance standards for their boards of directors; (v) designate a chief compliance officer; and (vi) disseminate pricing and valuation information if they are a central counterparty for security-based swaps. The SEC also reopened the public comment period for rules proposed in October to mitigate conflicts of interest for security-based swap clearing agencies and execution facilities and national securities exchanges that post or make available for trading security-based swaps. Comments on the proposed rules must be submitted by April 29. SEC Release. SEC Proposed Rule. SEC Proposed October Rules.