Summary:
On October 11, 2023, the Federal Deposit Insurance Corporation (FDIC) published in the Federal Register a proposal to issue Guidelines as Appendix C to FDIC’s standards for safety and soundness regulations in Part 364 and make conforming amendments to parts 308 and 364 of its regulations. These Guidelines would apply to all insured state nonmember banks, state-licensed insured branches of foreign banks, and insured state savings associations that are subject to Section 39 of the Federal Deposit Insurance Act (FDI Act), with total consolidated assets of $10 billion or more on or after the effective date of the final Guidelines. The notice of proposed rulemaking stated that the comment period would close on December 11, 2023. The FDIC has determined that an extension of the comment period until February 9, 2024, is appropriate.
Statement of Applicability: The contents of, and material referenced in, this FIL do not apply to FDIC-insured and/or FDIC-supervised institutions with less than $10 billion in total consolidated assets.
Highlights:
The extension of the comment period will provide additional opportunity for the public to consider the proposal and prepare comments, including to address the questions posed by the FDIC. Therefore, the FDIC is extending the end of the comment period for the proposal from December 11, 2023, to February 9, 2024.
The Proposed Guidelines:
- Describe the general obligations of the board of directors (“board”) to ensure good corporate governance by:
- being active and involved, protecting the interests of the covered institution, setting goals, approving a strategic plan and policies, and selecting and supervising senior management;
- adopting a code of ethics requiring high ethical standards in the covered institutions’ operations; and
- creating a committee structure, including a Risk Committee, designed to permit the board to actively oversee the affairs of the covered institution.
- Describe the general obligations of individual directors.
- State that the board should establish an effective risk management program that identifies, measures, monitors, and controls risk appropriate for the size, complexity, and risk profile of the covered institution and in compliance with applicable laws and regulatory requirements.
- Include as the risk management program a three-line-of-defense model of risk management for monitoring and reporting risks, including front line business units (responsible for limiting their risk-taking activities to those approved by management), an independent risk management function, and the covered institution’s internal audit unit.
- State that the covered institution should effectively communicate its risk appetite and policies to encourage compliance by all employees and identify and report breaches of risk limits, even if the covered institution does not realize a loss from the breach.
- The FDIC is extending the end of the comment period for the proposal from December 11, 2023, to February 9, 2024.