The Office of the Comptroller of the Currency has published final guidelines intended to strengthen the governance and risk management practices of large financial institutions.
The guidelines apply to insured national banks, insured federal savings associations, and insured federal branches of foreign banks with $50 billion or more in average total consolidated assets. They also apply to OCC-regulated institutions with less than $50 billion in average total consolidated assets if that institution’s parent company controls at least one other covered institution.
The guidelines provide that covered institutions should establish and adhere to a written risk governance framework to manage and control its risk-taking activities. They also provide minimum standards for the institutions’ boards of directors to oversee the risk governance framework.
“The 2008 financial crisis demonstrated that much stronger supervisory standards would be necessary to manage the risks associated with large, complex financial institutions,” Comptroller of the Currency Thomas Curry said in a statement. “As a result, the OCC raised its standards for risk management, corporate governance, and control to help ensure these institutions effectively anticipate, evaluate, and mitigate the risks they face.”
Under the guidelines, the OCC expects covered banks to establish and implement a framework for managing and controlling the bank’s risk taking. They permit a bank to use its parent company’s risk governance framework if the bank has a risk profile that is substantially the same as its parent company’s risk profile, the parent company’s risk governance framework complies with the guidelines, and the bank demonstrates through a documented assessment that its risk profile and its parent company’s risk profile are substantially the same. The framework should ensure that the bank’s risk profile is easily distinguished and separate from its parent company’s for risk management and supervisory reporting purposes and that the safety and soundness of the bank is not jeopardized by decisions made by the parent company’s board of directors or management.
Under the proposed Guidelines, a parent company’s and bank’s risk profiles would be considered substantially the same if the bank’s average total consolidated assets represent 95 percent or more of the parent company’s average total consolidated assets; the bank’s total assets under management represent 95 percent or more of the parent company’s total assets under management; and the bank’s total off-balance sheet exposures represent 95 percent or more of the parent company’s total off-balance sheet exposures. Banks that do not satisfy this test may ask the OCC for re-consideration of an analysis they feel demonstrates that the risk profiles are substantially the same.
A covered bank would need to develop its own Framework if the parent company’s and bank’s risk profiles are not substantially the same, but, in consultation with the OCC, may incorporate components of its parent company’s risk governance framework.
Institutions with $750 billion or more in average total consolidated assets are expected to comply immediately upon the effective date as published in the Federal Register. Institutions between $100 billion and $750 billion in consolidated assets should comply within six months of the effective date. Institutions with assets from $50 billion to $100 billion should comply within 18 months of effective date. Institutions with less than $50 billion that are covered because their parent company controls at least one other covered bank should comply on the same date that the other covered bank should comply. Institutions that reach the $50 billion threshold after publication of the guidelines should comply within 18 months from the date of the call report determining that it exceeded the threshold.
The final guidelines, although similar to a January 2014 proposal, were revised to provide clarity and avoid imposing managerial responsibilities on board members.
No comments yet