03 Feb Read Between the Lines – February 2015
Read Between the Lines
Each month Bank Insights reviews news from regulators and others to give perspective on regulatory challenges.
Make Sure Your Business Continuity Plan Includes IT
In yet another sign of increasing regulatory focus on cybersecurity, the prudential regulators have added an appendix to the FFIEC Information Technology Examination Handbook to cover outsourced technology services. The new section discusses a bank’s reliance on third-party service providers and reminds examiners to make sure that there are effective policies to identify, measure, monitor and mitigate risks associated with outsourcing, especially when it comes to recovering IT and critical functions in an emergency.
OCC Deputy Comptroller Beth Dugan repeated those themes in a Feb. 11 speech in Chicago. “Financial institutions need to expand their disruption scenarios to consider the impacts of cyber threats not only to themselves and their critical systems and operations, but also from and to their third-party relationships, their customers, and the critical infrastructure components on which they depend.”
Study Recommends Cost-Benefit Analyses for Financial Regs
A new Harvard Kennedy School paper, “The State and Fate of Community Banking,” explores whether the Dodd-Frank law is responsible for community banks’ declining market share since 2010. The paper suggests that “inappropriately designed regulation and inadequate regulatory coordination” may be responsible for industry consolidation. It recommends that Congress conduct cost-benefit analyses of financial regulations and simplify capital rules.
FDIC Tells Senate that ‘Strong Capital’ is Essential
The Senate Banking Committee held hearings again this month on the community bank regulatory burden. The FDIC’s Doreen Eberley, director of the risk management division, testified that changes to Call Reports are in the works that will include “a more robust process for bank agency users to justify retaining or adding items.” She made it clear, however, that “strong capital, strong risk management” is crucial to preserving the long-term health of the industry.
Senior Deputy Comptroller Toney Bland reiterated the OCC’s position that the Volcker Rule should not apply at all to community banks with assets of less than $10 billion, noting that it would cost money and resources just for community banks to determine whether they even have compliance obligations.
The Federal Reserve’s Maryann Hunter, deputy director of the division of banking supervision and regulation, revealed that the Fed has a new program that involves using “forward-looking risk analytics” to identify at-risk banks that need focused supervision.
CFPB: Exams are Private
The CFPB issued a bulletin reminding financial institutions that confidential supervisory information should not be shared. Among items that should not be disclosed are exam reports and documents prepared “by, or on behalf of, or for” the CFPB for use during supervision of a financial institution.
Regulators Release New Regulatory Capital Tool
The OCC, the FDIC and the Fed have developed an automated tool to help banks calculate risk-based capital for securitization exposures under the revised capital rules. Use of the tool is discretionary.
Fed Small Bank Rule Will Eliminate Filings
The proposed Fed small bank holding company rule, would eliminate some quarterly filings (FRY-9C), which banks have complained are an unnecessary and duplicative burden. The Fed is taking comments on the proposal.
CFPB Prepaid Rule Could Signal Short-Term Credit Actions
An interesting report from the Jones Day law firm suggests that the CFPB’s proposed prepaid products rule could signal future action on checking accounts, because it treats overdraft services as credit.