Each depositor insured to at least $250,000 per insured bank



Home > Regulation & Examinations > Laws & Regulations > FDIC Federal Register Citations




FDIC Federal Register Citations
[Federal Register: January 11, 2007 (Volume 72, Number 7)]

[Notices]

[Page 1372-1380]

From the Federal Register Online via GPO Access [wais.access.gpo.gov]

[DOCID:fr11ja07-82]

=======================================================================

DEPARTMENT OF THE TREASURY

Office of the Comptroller of the Currency

[Docket No. 06-17]

Office of Thrift Supervision

[Docket No. 2006-55]

FEDERAL RESERVE SYSTEM

[Docket No. OP-1254]

FEDERAL DEPOSIT INSURANCE CORPORATION

SECURITIES AND EXCHANGE COMMISSION

[Release No. 34-55043; File No. S7-08-06]

Interagency Statement on Sound Practices Concerning Elevated Risk

Complex Structured Finance Activities

AGENCIES: Office of the Comptroller of the Currency, Treasury

(``OCC''); Office of Thrift Supervision, Treasury (``OTS''); Board of

Governors of the Federal Reserve System (``Board''); Federal Deposit

Insurance Corporation (``FDIC''); and Securities and Exchange

Commission (``SEC'') (collectively, the ``Agencies'').

ACTION: Notice of final interagency statement.

-----------------------------------------------------------------------

SUMMARY: The Agencies are adopting an Interagency Statement on Sound

Practices Concerning Elevated Risk Complex Structured Finance

Activities (``Final Statement''). The Final Statement pertains to

national banks, state banks, bank holding companies (other than foreign

banks), federal and state savings associations, savings and loan

holding companies, U.S. branches and agencies of foreign banks, and

SEC-registered broker-dealers and investment advisers (collectively,

``financial institutions'' or ``institutions'') engaged in complex

structured finance transactions (``CSFTs''). In May 2004, the Agencies

issued and requested comment on a proposed interagency statement

(``Initial Proposed Statement''). After reviewing the comments received

on the Initial Proposed Statement, the Agencies in May 2006 issued and

requested comment on a revised proposed interagency statement

(``Revised Proposed Statement''). The modifications to the Revised

Proposed Statement, among other things, made the statement more

principles-based and focused on the identification, review and approval

process for those CSFTs that may pose heightened levels of legal or

reputational risk to the relevant institution (referred to as

``elevated risk CSFTs''). After carefully reviewing the comments on the

Revised Proposed Statement, the Agencies have adopted the Final

Statement with minor modifications designed to clarify, but not alter,

the principles set forth in the Revised Proposed Statement. The Final

Statement describes some of the internal controls and risk management

procedures that may help financial institutions identify, manage, and

address the heightened reputational and legal risks that may arise from

elevated risk CSFTs. As discussed further below, the Final Statement

will not affect or apply to the vast majority of financial

institutions, including most small institutions, nor does it create any

private rights of action.

EFFECTIVE DATE: The Final Statement is effective January 11, 2007.

FOR FURTHER INFORMATION CONTACT:

OCC: Kathryn E. Dick, Deputy Comptroller, Credit and Market Risk,

(202) 874-4660; Grace E. Dailey, Deputy Comptroller, Large Bank

Supervision, (202) 874-4610; or Ellen Broadman, Director, Securities

and Corporate Practices Division, (202) 874-5210, Office of the

Comptroller of the Currency, 250 E Street, SW., Washington, DC 20219.

OTS: Fred J. Phillips-Patrick, Director, Credit Policy, (202) 906-

7295, and Deborah S. Merkle, Project Manager, Credit Policy, (202) 906-

5688, Examinations and Supervision Policy; or David A. Permut, Senior

Attorney, Business Transactions Division, (202) 906-7505, Office of

Thrift Supervision, 1700 G Street, NW., Washington, DC 20552.

Board: Sabeth I. Siddique, Assistant Director, (202) 452-3861, or

Virginia Gibbs, Senior Supervisory Financial Analyst, (202) 452-2521,

Division of Banking Supervision and Regulation; or Kieran J. Fallon,

Assistant General Counsel, (202) 452-5270, or Anne B. Zorc, Senior

Attorney, (202) 452-3876, Legal Division, Board of Governors of the

Federal Reserve System, 20th Street and Constitution Avenue, NW.,

Washington, DC 20551. Users of Telecommunication Device for Deaf (TTD)

only, call (202) 263-4869.

FDIC: Jason C. Cave, Associate Director, (202) 898-3548; Division

of Supervision and Consumer Protection; or Mark G. Flanigan, Counsel,

Supervision and Legislation Branch, Legal Division, (202) 898-7426,

Federal Deposit Insurance Corporation, 550 17th Street, NW.,

Washington, DC 20429.

SEC: Mary Ann Gadziala, Associate Director, Office of Compliance

Inspections and Examinations, (202) 551-6207; Catherine McGuire, Chief

Counsel, Linda Stamp Sundberg, Senior Special Counsel (Banking and

Derivatives), or Randall W. Roy, Branch Chief, Division of Market

Regulation, (202) 551-5550, Securities and Exchange Commission, 100 F

Street, NE., Washington, DC 20549.

SUPPLEMENTARY INFORMATION:

I. Background

Financial markets have grown rapidly over the past decade, and

innovations in financial instruments have facilitated the structuring

of cash flows and allocation of risk among creditors, borrowers, and

investors in more efficient ways. Financial derivatives for market and

credit risk, asset-backed securities with customized cash flow

features, specialized financial conduits that manage pools of assets,

and other types of structured finance transactions serve important

purposes, such as diversifying risk, allocating cash flows and reducing

cost of capital. As a result, structured finance transactions,

including the more complex variations of these transactions, now are an

essential part of U.S. and international capital markets.

When a financial institution participates in a CSFT, it bears the

usual market, credit, and operational risks associated with the

transaction. In some circumstances, a financial institution also may

face heightened legal or reputational risks due to its involvement in a

CSFT. For example, a financial institution involved in a CSFT may face

heightened legal or reputational risk if the customer's regulatory, tax

or accounting treatment for the CSFT, or disclosures concerning the

CSFT in its public filings or financial statements, do not comply with

applicable laws, regulations or accounting principles.\1\

---------------------------------------------------------------------------

\1\ For a memorandum on the potential liability of a financial

institution for securities laws violations arising from

participation in a CSFT, see Letter from Annette L. Nazareth,

Director, Division of Market Regulation, Securities and Exchange

Commission, to Richard Spillenkothen and Douglas W. Roeder, dated

December 4, 2003 (available at http://www.federalreserve.gov/boarddocs/srletters/2004/ and http://www.occ.treas.gov).

---------------------------------------------------------------------------

In some cases, certain CSFTs appear to have been used in illegal

schemes

[[Page 1373]]

that misrepresented the financial condition of public companies to

investors and regulatory authorities. After conducting investigations,

the OCC, Federal Reserve System and SEC took strong and coordinated

civil and administrative enforcement actions against certain financial

institutions that engaged in CSFTs that appeared to have been designed

or used to shield their customers' true financial health from the

public. These actions involved the assessment of significant financial

penalties on the institutions and required the institutions to take

several measures to strengthen their risk management procedures for

CSFTs.\2\ The complex structured finance relationships involving these

financial institutions also sparked an investigation by the Permanent

Subcommittee on Governmental Affairs of the United States Senate,\3\ as

well as numerous lawsuits by private litigants.

---------------------------------------------------------------------------

\2\ See, e.g., In the Matter of Citigroup, Inc., Securities

Exchange Act Release No. 48230 (July 28, 2003), Written Agreement by

and between Citibank, N.A. and the Office of the Comptroller of the

Currency, No. 2003-77 (July 28, 2003) (pertaining to transactions

entered into by Citibank, N.A. with Enron Corp.) and Written

Agreement by and between Citigroup, Inc. and the Federal Reserve

Bank of New York, dated July 28, 2003 (pertaining to transactions

involving Citigroup Inc. and its subsidiaries and Enron Corp. and

Dynegy Inc.); SEC v. J.P. Morgan Chase, SEC Litigation Release No.

18252 (July 28, 2003) and Written Agreement by and among J.P. Morgan

Chase & Co., the Federal Reserve Bank of New York, and the New York

State Banking Department, dated July 28, 2003 (pertaining to

transactions involving J.P. Morgan Chase & Co. and its subsidiaries

and Enron Corp.).

\3\ See Fishtail, Bacchus, Sundance, and Slapshot: Four Enron

Transactions Funded and Facilitated by U.S. Financial Institutions,

Report Prepared by the Permanent Subcomm. on Investigations, Comm.

on Governmental Affairs, United States Senate, S. Rpt. 107-82

(2003).

---------------------------------------------------------------------------

The OCC, Federal Reserve System and SEC also conducted special

reviews of several large financial institutions engaged in CSFTs, and

the Agencies have focused attention on the CSFT activities of financial

institutions in the normal course of the supervisory process. These

reviews and activities indicate that many of the large financial

institutions engaged in CSFTs have taken meaningful steps in recent

years to improve their control infrastructure relating to CSFTs.

II. Initial and Revised Proposed Statements

To assist financial institutions in identifying, managing, and

addressing the risks that may be associated with CSFTs, the Agencies

developed and requested public comment on the Initial Proposed

Statement.\4\ The Initial Proposed Statement described the types of

policies and procedures that a financial institution engaged in CSFTs

should have in place to allow the institution to identify, document,

evaluate, and control the full range of credit, market, operational,

legal, and reputational risks that may arise from CSFTs. The agencies

collectively received comments from more than 40 commenters on the

Initial Proposed Statement. Although commenters generally supported the

Agencies' efforts to describe the types of risk management procedures

and internal controls that may help institutions manage the risks

associated with CSFTs, virtually all of the commenters recommended

changes to the Initial Proposed Statement.

---------------------------------------------------------------------------

\4\ See 69 FR 28980, May 19, 2004.

---------------------------------------------------------------------------

After carefully reviewing the comments on the Initial Proposed

Statement, the Agencies issued and requested comment on a Revised

Proposed Statement.\5\ The Revised Proposed Statement was modified in

numerous respects to clarify the purpose, scope and effect of the

statement; make the statement more risk-focused and principles based;

and focus the statement on those CSFTs that may pose elevated levels of

legal or reputational risk to the relevant institution.\6\

---------------------------------------------------------------------------

\5\ See 71 FR 28326, May 16, 2006.

\6\ A more detailed summary of the comments on the Initial

Proposed Statement, as well as the changes made in response to those

comments, is contained in the Federal Register notice accompanying

the Revised Proposed Statement (71 FR 28326, 28328-29 (May 16,

2006)).

---------------------------------------------------------------------------

III. Overview of Comments on the Revised Proposed Statement

The Agencies collectively received written comments from 19

commenters on the Revised Proposed Statement, although many commenters

submitted identical comments to multiple Agencies. Commenters included

banking organizations, financial services trade associations, and

individuals. Commenters generally expressed strong support for the

Revised Proposed Statement, including its principles-based structure

and focus on elevated risk CSFTs. Many commenters also asserted that

the Revised Proposed Statement provides a financial institution

appropriate flexibility to develop internal controls and risk

management procedures that are tailored to the institution's own

business activities and organizational structure.

Several commenters requested that the Agencies clarify or revise

the Revised Proposed Statement in certain respects. For example, some

commenters asked the Agencies to further streamline the provisions in

the statement pertaining to documentation of elevated risk CSFTs, or

clarify how the U.S. branches or agencies of foreign banks might

implement risk management systems, policies or controls consistent with

the statement's principles. In addition, some commenters asked the

Agencies to set forth or clarify the legal standards governing the

potential liability of financial institutions for CSFTs or provide

``safe harbors'' from such potential liability. One group of commenters

also argued that the Revised Proposed Statement should not be

implemented because it allegedly would encourage or condone illegal

conduct by financial institutions. The comments received on the Revised

Proposed Statement are further discussed below.

IV. Overview of Final Statement

After carefully reviewing the comments on the Revised Proposed

Statement, the Agencies have made minor modifications to the Revised

Proposed Statement in response to comments and to clarify the

principles, scope, and intent of the Final Statement. The Final

Statement has been adopted as supervisory guidance by the Board, OCC,

FDIC and OTS and as a policy statement by the SEC. The Agencies will

use the Final Statement going forward in reviewing the internal

controls and risk management policies, procedures and systems of

financial institutions engaged in CSFTs as part of the Agencies'

ongoing supervisory process.

The Agencies continue to believe that it is important for a

financial institution engaged in CSFTs to have policies and procedures

that are designed to allow the institution to effectively manage and

address the full range of risks associated with its CSFT activities,

including the elevated legal or reputational risks that may arise in

connection with certain CSFTs. For this reason, the Final Statement

describes the types of risk management principles that the Agencies

believe may help a financial institution to identify elevated risk

CSFTs and to evaluate, manage, and address these risks within the

institution's internal control framework.\7\ These policies and

procedures should, among other things, be designed to allow the

institution to identify elevated risk CSFTs during its

[[Page 1374]]

transaction and new product approval processes, and should provide for

elevated risk CSFTs to be reviewed by appropriate levels of control and

management personnel at the institution, including personnel from

control areas that are independent of the business line(s) involved in

the transaction.

---------------------------------------------------------------------------

\7\ As noted in the Final Statement, financial institutions are

encouraged to refer to other supervisory guidance and materials

prepared by the Agencies for further information concerning market,

credit and operational risk, as well as for further information on

legal and reputational risk, internal audit and internal controls.

---------------------------------------------------------------------------

The Final Statement--like the Revised Proposed Statement--applies

to financial institutions that are engaged in CSFT activities and

focuses on those CSFTs that may create heightened levels of legal or

reputational risks for a participating financial institution. Because

CSFTs typically are conducted by a limited number of large financial

institutions, the Final Statement will not affect or apply to the vast

majority of financial institutions, including most small institutions.

As the Final Statement recognizes, structured finance transactions

encompass a broad array of products with varying levels of complexity.

Most structured finance transactions, such as standard public mortgage-

backed securities and hedging-type transactions involving ``plain

vanilla'' derivatives or collateralized debt obligations, are familiar

to participants in the financial markets, have well-established track

records, and typically would not be considered CSFTs for purposes of

the Final Statement. Some commenters requested that the Agencies

provide a more extensive list of structured finance transactions that

typically would not be considered CSFTs. The Agencies note that the

types of non-complex transactions listed in the Final Statement are

only examples of the types of transactions that typically would not be

considered CSFTs and that any list of examples would not, and could

not, be all inclusive given the changing nature of the structured

finance market. Consistent with the principles-based approach of the

Final Statement, the Agencies believe the statement appropriately

highlights the hallmarks of a non-complex transaction--i.e., a well

established track record and familiarity to participants in the

financial markets--that may guide institutions and examiners in

considering whether a particular type of transaction should be

considered a CSFT now or in the future.

A. Identification, Due Diligence, and Approval Processes for Elevated

Risk CSFTs

As noted above, a financial institution should establish and

maintain policies, procedures and systems that are designed to identify

elevated risk CSFTs as part of the institution's transaction or new

product approval processes, and to ensure that transactions or new

products identified as elevated risk CSFTs are subject to heightened

review.\8\ In general, a financial institution should conduct the level

and amount of due diligence for an elevated risk CSFT that is

commensurate with the level of risks identified. A financial

institution's policies and procedures should provide that CSFTs

identified as potentially having elevated legal or reputational risk

are reviewed and approved by appropriate levels of management. The

Agencies continue to believe that the designated approval process for

elevated risk CSFTs should include the institution's representatives

from the relevant business line(s) and/or client relationship

management, as well as from appropriate control areas that are

independent of the business line(s) involved in the transaction. An

institution's policies should provide that new complex structured

finance products receive the approval of all relevant control areas

that are independent of the profit center before the product is offered

to customers.\9\

---------------------------------------------------------------------------

\8\ In response to comments, the Agencies have modified the

Final Statement to clarify that a U.S. branch or agency of a foreign

bank is not necessarily expected to establish or adopt separate

U.S.-based risk management structures or policies for its CSFT

activities. In addition, the Agencies believe the Final Statement

provides U.S. branches and agencies of foreign banks sufficient

flexibility to develop controls, risk management and reporting

structures, and lines of authority that are consistent with the

internal management structure of U.S. branches and agencies.

However, the risk management structure and policies used by a U.S.

branch or agency, whether adopted or implemented on a group-wide or

stand-alone basis, should be effective in allowing the branch or

agency to manage the risks associated with its CSFT activities.

\9\ One commenter sought clarification regarding when during the

new product approval process a new complex structured finance

product should receive the approval of relevant control areas. The

Agencies note that the Final Statement is not intended to prevent

institutions from engaging in initial or preliminary discussions or

negotiations with potential customers about a new complex structured

finance product. However, an institution should obtain the necessary

approvals for a new complex structured finance product from

appropriate control areas before the institution enters into, or

becomes obligated to enter into, a transaction with the customer.

---------------------------------------------------------------------------

The Final Statement--like the Revised Proposed Statement--provides

examples of transactions that may warrant additional scrutiny by an

institution. These examples include, among other things, transactions

that appear to the institution to:

Lack economic substance or business purpose;

Be designed or used primarily for questionable accounting,

regulatory, or tax objectives, particularly when the transactions are

executed at year-end or at the end of a reporting period for the

customer; or

Raise concerns that the client will report or disclose the

transaction in its public filings or financial statements in a manner

that is materially misleading or inconsistent with the substance of the

transaction or applicable regulatory or accounting requirements.

A few commenters contended that the examples of elevated risk CSFTs

contained in the Revised Proposed Statement have characteristics that

are signals, if not conclusive proof, of fraudulent activity, and

recommended that the Agencies inform financial institutions that

transactions or products with any of these characteristics should be

considered presumptively prohibited. The commenters also argued that

the statement encourages or condones illegal conduct by financial

institutions. The Agencies believe that CSFTs that initially appear to

an institution, during the ordinary course of its new product or

transaction approval process, to have one or more of the

characteristics identified in the Final Statement should generally be

identified as an elevated risk CSFT, and the institution should conduct

due diligence for the transaction that is commensurate with the level

of identified, potential risks. The Agencies, however, do not believe

it is appropriate to provide that all transactions initially identified

as potentially creating elevated legal or reputational risks for an

institution should be considered presumptively prohibited. For example,

an institution, after conducting additional due diligence for a

transaction initially identified as an elevated risk CSFT, may

determine that the transaction does not, in fact, have the

characteristics that initially triggered the review. Alternatively, the

institution may take steps to address the legal or reputational risks

that initially triggered the review. In this regard, the Final

Statement expressly provides that, if after evaluating an elevated risk

CSFT, a financial institution determines that its participation in the

transaction would create significant legal or reputational risks for

the institution, the financial institution should take appropriate

steps to manage and address these risks. Such steps may include

modifying the transaction or conditioning the institution's

participation in the transaction upon the receipt of representations or

assurances from the customer that reasonably address the heightened

risks presented by the transaction.

Importantly, the Final Statement continues to provide that a

financial

[[Page 1375]]

institution should decline to participate in an elevated risk CSFT if,

after conducting appropriate due diligence and taking appropriate steps

to address the risks from the transaction, the institution determines

that the transaction presents unacceptable risks to the institution or

would result in a violation of applicable laws, regulations or

accounting principles.\10\ The Final Statement also expressly notes

that financial institutions must conduct their activities in accordance

with applicable statutes and regulations. The Agencies believe the

Final Statement should assist financial institutions engaged in CSFTs

in managing the risks associated with these activities and complying

with the law, and does not, as some commenters alleged, encourage or

condone illegal conduct.

---------------------------------------------------------------------------

\10\ Some commenters asked the Agencies to clarify that the

Final Statement does not necessarily prevent a financial institution

from proceeding with a CSFT simply because there may be some

ambiguity in how the transaction might be viewed under the law or

applicable accounting principles. The Agencies recognize that in

certain circumstances ambiguities may exist as to how the law or

accounting principles apply to a CSFT, particularly in light of the

inherent complexity and rapidly evolving nature of CSFTs.

Nevertheless, as discussed in the Final Statement, a financial

institution should maintain strong and effective processes and

controls designed to determine whether any such ambiguities may

create significant legal or reputational risks for the institution

and to manage and address those risks as appropriate.

---------------------------------------------------------------------------

Some commenters also requested that the Agencies enunciate, clarify

or modify the legal standards governing the potential liability of a

financial institution for participating in a CSFT that is used for

fraudulent or illegal purposes. For example, some commenters asked the

Agencies to declare that institutions do not have a duty to ensure the

accuracy of a client's public filings or accounting. Other commenters

asked that the Agencies state that an institution will not be held

liable or responsible for a CSFT if the institution has a reasonable

degree of confidence that the customer will report or account for the

transactions properly. Other commenters expressed concern that the

Revised Proposed Statement, or the comments submitted on that document,

attempted to alter the current legal standards under which a financial

institution may be held liable for fraudulent activity or criminally

responsible under the Federal securities law or other laws.

As events in recent years have highlighted, institutions may in

certain circumstances bear significant legal or reputational risk from

participating in a CSFT. In light of these risks, the Final Statement

describes the types of risk management systems and internal controls

that may help a financial institution engaged in CSFTs to identify

those CSFTs that may pose heightened legal or reputational risk to the

institution, and to evaluate, manage, and address those risks. Because

the Final Statement represents guidance on the part of the Banking

Agencies and a policy statement on the part of the SEC, it does not, by

itself, establish any legally enforceable requirements or obligations.

Moreover, as the Final Statement expressly provides, it does not create

any private rights of action, nor does it alter or expand the legal

duties and obligations that a financial institution may have to a

customer, its shareholders or other parties under applicable law.

Accordingly, the Agencies do not believe it is appropriate or possible

to address in the Final Statement these legal concerns expressed by

commenters.

B. Documentation

The Final Statement states that a financial institution should

create and collect sufficient documentation to, among other things,

verify that the institution's policies and procedures related to

elevated risk CSFTs are being followed and allow the internal audit

function to monitor compliance with those policies and procedures. The

Final Statement also provides that, when an institution's policies and

procedures require an elevated risk CSFT to be submitted for approval

to senior management, the institution should maintain the transaction-

related documentation provided to senior management as well as other

documentation that reflect management's approval (or disapproval) of

the transaction, any conditions imposed by senior management, and the

reasons for such action.

Several commenters strongly suggested that the Agencies should

eliminate or modify the portions of the statement that provide for a

financial institution to maintain certain documentation related to

elevated risk CSFTs that are submitted to the institution's senior

management for approval (or denial). For example, some commenters

argued that institutions should not be required to maintain any

documentation for declined transactions. Other commenters expressed

concern that this provision was inconsistent with the current practice

of financial institutions, would require financial institutions to

create new and potentially extensive documentation to memorialize all

aspects of the institution's analytical and decision-making process

with respect to an elevated risk CSFT, or would require institutions to

create or maintain extensive documentation even for transactions that

are approved or rejected by junior staff.

As an initial matter, the Agencies note that the Final Statement's

provisions regarding documentation for elevated risk CSFTs submitted to

senior management for approval (or disapproval) do not apply to

transactions that may be reviewed and acted on by more junior personnel

in accordance with the institution's policies and procedures. Rather,

these provisions apply only to those elevated risk CSFTs that are

identified by the institution as potentially involving the greatest

degree of risk to the institution and, for this reason, are required to

be reviewed by the institution's senior management. The Agencies

believe that it is important for institutions to maintain documentation

for this category of elevated risk CSFTs, whether approved or declined,

that reflects the factors considered by senior management in taking

such action. The Agencies believe this type of documentation may be of

significant benefit to the institution and to the Agencies in reviewing

the effectiveness of the institution's CSFT-related policies,

procedures, and internal controls. However, to help address the

commenter's concern about potential burden, the Agencies have modified

the Final Statement to recognize that the minutes of an institution's

reviewing senior management committee may have the information

described and to clarify that the documentation for a transaction

should reflect the factors considered by senior management in taking

action, but does not have to detail every aspect of the institution's

legal or business analysis of the transaction.\11\

---------------------------------------------------------------------------

\11\ In light of comments, the Agencies have modified the

Documentation section of the Statement to clarify that an

institution should retain sufficient documentation to establish that

it has provided the customer any disclosures concerning an elevated

risk CSFT that the institution is otherwise required to provide to

the customer.

---------------------------------------------------------------------------

C. General Risk Management Principles for Elevated Risk CSFTs

The Final Statement--like the Revised Proposed Statement--also

describes some of the other key risk management policies and internal

controls that financial institutions should have in place for elevated

risk CSFTs. For example, the Final Statement provides that the board of

directors and senior management of an institution should establish a

``tone at the top'' through both actions and formalized policies that

sends a strong message throughout

[[Page 1376]]

the financial institution about the importance of compliance with the

law and overall good business ethics. The Final Statement also

describes the types of training, reporting mechanisms, and audit

procedures that institutions should have in place with respect to

elevated risk CSFTs. The Final Statement also provides that a financial

institution should conduct periodic independent reviews of its CSFT

activities to verify and monitor that its policies and controls

relating to elevated risk CSFTs are being implemented effectively and

that elevated risk CSFTs are accurately identified and receive proper

approvals.

In response to comments, the Agencies have modified the Final

Statement to clarify that the independent reviews conducted by a

financial institution may be performed by the institution's audit

department or an independent compliance function within the

institution. One commenter also asked the Agencies to state that the

proper role of an institution's independent review function is only to

confirm that the institution's policies and procedures for elevated

risk CSFTs are being followed and that the function should not assess

the quality of the decisions made by institution personnel. The

Agencies believe that an institution's audit or compliance department

should have the flexibility, in appropriate circumstances, to review

the decisions made by institution personnel during the review and

approval process for elevated risk CSFTs and for this reason have not

made the recommended change.

V. Paperwork Reduction Act

In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C.

3506; 5 CFR Part 1320, Appendix A.1), the Agencies reviewed the Final

Statement. The Agencies may not conduct or sponsor, and an organization

is not required to respond to, this information collection unless it

displays a currently valid OMB control number. The Agencies previously

determined that certain provisions of the Revised Proposed Statement

contained information collection requirements. OMB reviewed and

approved the information collections contained in the Revised Proposed

Statement for the FDIC, OTS, OCC and SEC; and the Board reviewed the

Revised Proposed Statement under the authority delegated to the Board

by OMB (5 CFR Part 1320, Appendix A.1).

OMB control numbers:

OCC: 1557-0229.

OTS: 1550-0111.

FRB: 7100-0311.

FDIC: 3064-0148.

SEC: 3235-0622.


Burden Estimates


OCC


Number of Respondents: 21.

Estimated Time per Response: 25 hours.

Total Estimated Annual Burden: 525 hours.


OTS


Number of Respondents: 5.

Estimated Time per Response: 25 hours.

Total Estimated Annual Burden: 125 hours.


Board


Number of Respondents: 20.

Estimated Time per Response: 25 hours.

Total Estimated Annual Burden: 500 hours.


FDIC


Number of Respondents: 5.

Estimated Time per Response: 25 hours.

Total Estimated Annual Burden: 125 hours.


SEC


Number of Respondents: 5.

Estimated Time per Response: 25 hours.

Total Estimated Annual Burden: 125 hours.

No commenters addressed the Agencies' information collection

estimates. The Agencies do not believe that the clarifications included

in this Final Statement impact the burden estimates previously

developed and approved for these information collections. The Agencies

have a continuing interest in the public's opinions of our collections

of information. At any time, comments regarding the burden estimate, or

any other aspect of this collection of information, including

suggestions for reducing the burden, may be sent to:

OCC: You should direct your comments to:

Communications Division, Office of the Comptroller of the Currency,

Public Information Room, Mailstop 1-5, Attention: 1557-0229, 250 E

Street, SW., Washington, DC 20219. In addition, comments may be sent by

fax to (202) 874-4448, or by electronic mail to

regs.comments@occ.treas.gov. You can inspect and photocopy the comments

at the OCC's Public Information Room, 250 E Street, SW., Washington, DC

20219. You can make an appointment to inspect the comments by calling

(202) 874-5043. Additionally, you should send a copy of your comments

to OCC Desk Officer, 1557-0229, by mail to U.S. Office of Management

and Budget, 725 17th Street, NW., 10235, Washington, DC 20503,

or by fax to (202) 395-6974.

You can request additional information or a copy of the collection

from Mary Gottlieb, OCC Clearance Officer, or Camille Dickerson, (202)

874-5090, Legislative and Regulatory Activities Division, Office of the

Comptroller of the Currency, 250 E Street, SW., Washington, DC 20219.

OTS: Information Collection Comments, Chief Counsel's Office,

Office of Thrift Supervision, 1700 G Street, NW., Washington, DC 20552;

send a facsimile transmission to (202) 906-6518; or send an e-mail to

infocollection.comments@ots.treas.gov. OTS will post comments and the

related index on the OTS Internet site at http://www.treas.gov. In
 

addition, interested persons may inspect the comments at the Public

Reading Room, 1700 G Street, NW., by appointment. To make an

appointment, call (202) 906-5922, send an e-mail to

public.info@ots.treas.gov, or send a facsimile transmission to (202)

906-7755.

To obtain a copy of the submission to OMB, contact Marilyn K.

Burton at marilyn.burton@ots.treas.gov, (202) 906-6467, or fax number

(202) 906-6518, Chief Counsel's Office, Office of Thrift Supervision,

1700 G Street, NW., Washington, DC 20552

Board: You may submit comments, identified by FR 4022, by any of

the following methods:

Agency Web site: http://www.federalreserve.gov Follow the instructions for submitting comments at http://www.federalreserve.gov/.

Federal eRulemaking Portal: http://www.regulations.gov.

Follow the instructions for submitting comments.

E-mail: Regs.comments@federalreserve.gov. Include docket

number in the subject line of the message.

Fax: (202) 452-3819 or (202) 452-3102.

Mail: Michelle Long, Federal Reserve Board Clearance

Officer (202) 452-3829, Division of Research and Statistics, Board of

Governors of the Federal Reserve System, Washington, DC 20551.

Telecommunications Device for the Deaf (TDD) users may contact (202)

263-4869, Board of Governors of the Federal Reserve System, Washington,

DC 20551.

All public comments are available from the Board's Web site at

http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm as

submitted,

[[Page 1377]]

unless modified for technical reasons. Accordingly, your comments will

not be edited to remove any identifying or contact information. Public

comments may also be viewed electronically or in paper in Room MP-500

of the Board's Martin Building (20th and C Streets, NW.) between 9 a.m.

and 5 p.m. on weekdays.

FDIC: Interested parties are invited to submit written comments to

the FDIC concerning the Paperwork Reduction Act implications of this

proposal. Such comments should refer to ``Complex Structured Finance

Transactions, 3064-0148.'' Comments may be submitted by any of the

following methods:

http://www.FDIC.gov/regulations/laws/federal/propose.html.. E-mail: comments@FDIC.gov. Include Complex Structured

Financial Transactions, 3064-0148 in the subject line of the message.

Mail: Steven F. Hanft (202) 898-3907, Federal Deposit

Insurance Corporation, 550 17th Street, NW., Washington, DC 20429.

Hand Delivery: Comments may be hand-delivered to the guard

station at the rear of the 17th Street Building (located on F Street),

on business days between 7 a.m. and 5 p.m.

SEC: You should direct your comments to: Office of Management and

Budget, Attention Desk Officer for the Securities and Exchange

Commission, Office of Information and Regulatory Affairs, Room 10102,

New Executive Office Building, Washington, DC 20503, with a copy sent

to Nancy M. Morris, Secretary, Securities and Exchange Commission, 100

F Street, NE., Washington, DC 20549-1090 with reference to File No. S7-

08-06.

The Final Statement follows:

Interagency Statement on Sound Practices Concerning Elevated Risk

Complex Structured Finance Activities

I. Introduction

Financial markets have grown rapidly over the past decade, and

innovations in financial instruments have facilitated the structuring

of cash flows and allocation of risk among creditors, borrowers and

investors in more efficient ways. Financial derivatives for market and

credit risk, asset-backed securities with customized cash flow

features, specialized financial conduits that manage pools of assets

and other types of structured finance transactions serve important

business purposes, such as diversifying risks, allocating cash flows,

and reducing cost of capital. As a result, structured finance

transactions now are an essential part of U.S. and international

capital markets. Financial institutions have played and continue to

play an active and important role in the development of structured

finance products and markets, including the market for the more complex

variations of structured finance products.

When a financial institution participates in a complex structured

finance transaction (``CSFT''), it bears the usual market, credit, and

operational risks associated with the transaction. In some

circumstances, a financial institution also may face heightened legal

or reputational risks due to its involvement in a CSFT. For example, in

some circumstances, a financial institution may face heightened legal

or reputational risk if a customer's regulatory, tax or accounting

treatment for a CSFT, or disclosures to investors concerning the CSFT

in the customer's public filings or financial statements, do not comply

with applicable laws, regulations or accounting principles. Indeed, in

some instances, CSFTs have been used to misrepresent a customer's

financial condition to investors, regulatory authorities and others. In

these situations, investors have been harmed, and financial

institutions have incurred significant legal and reputational exposure.

In addition to legal risk, reputational risk poses a significant threat

to financial institutions because the nature of their business requires

them to maintain the confidence of customers, creditors and the general

marketplace.

The Office of the Comptroller of the Currency, the Office of Thrift

Supervision, the Board of Governors of the Federal Reserve System, the

Federal Deposit Insurance Corporation, and the Securities and Exchange

Commission (the ``Agencies'') have long expected financial institutions

to develop and maintain robust control infrastructures that enable them

to identify, evaluate and address the risks associated with their

business activities. Financial institutions also must conduct their

activities in accordance with applicable statutes and regulations.

II. Scope and Purpose of Statement

The Agencies are issuing this Statement to describe the types of

risk management principles that we believe may help a financial

institution to identify CSFTs that may pose heightened legal or

reputational risks to the institution (``elevated risk CSFTs'') and to

evaluate, manage and address these risks within the institution's

internal control framework.\12\

---------------------------------------------------------------------------

\12\ As used in this Statement, the term ``financial

institution'' or ``institution'' refers to national banks in the

case of the Office of the Comptroller of the Currency; federal and

state savings associations and savings and loan holding companies in

the case of the Office of Thrift Supervision; state member banks and

bank holding companies (other than foreign banking organizations) in

the case of the Federal Reserve Board; state nonmember banks in the

case of the Federal Deposit Insurance Corporation; and registered

broker-dealers and investment advisers in the case of the Securities

and Exchange Commission. The U.S. branches and agencies of foreign

banks supervised by the Office of the Comptroller, the Federal

Reserve Board and the Federal Deposit Insurance Corporation also are

considered to be financial institutions for purposes of this

Statement.

---------------------------------------------------------------------------

Structured finance transactions encompass a broad array of products

with varying levels of complexity. Most structured finance

transactions, such as standard public mortgage-backed securities

transactions, public securitizations of retail credit cards, asset-

backed commercial paper conduit transactions, and hedging-type

transactions involving ``plain vanilla'' derivatives and collateralized

loan obligations, are familiar to participants in the financial

markets, and these vehicles have a well-established track record. These

transactions typically would not be considered CSFTs for the purpose of

this Statement.

Because this Statement focuses on sound practices related to CSFTs

that may create heightened legal or reputational risks--transactions

that typically are conducted by a limited number of large financial

institutions--it will not affect or apply to the vast majority of

financial institutions, including most small institutions. As in all

cases, a financial institution should tailor its internal controls so

that they are appropriate in light of the nature, scope, complexity and

risks of its activities. Thus, for example, an institution that is

actively involved in structuring and offering CSFTs that may create

heightened legal or reputational risk for the institution should have a

more formalized and detailed control framework than an institution that

participates in these types of transactions less frequently. The

internal controls and procedures discussed in this Statement are not

all inclusive, and, in appropriate circumstances, an institution may

find that other controls, policies, or procedures are appropriate in

light of its particular CSFT activities.

Because many of the core elements of an effective control

infrastructure are the same regardless of the business line involved,

this Statement draws heavily on controls and procedures that the

Agencies previously have found to be effective in assisting a financial

institution to manage and control risks and identifies ways in which

these controls and procedures can be

[[Page 1378]]

effectively applied to elevated risk CSFTs. Although this Statement

highlights some of the most significant risks associated with elevated

risk CSFTs, it is not intended to present a full exposition of all

risks associated with these transactions. Financial institutions are

encouraged to refer to other supervisory guidance prepared by the

Agencies for further information concerning market, credit,

operational, legal and reputational risks as well as internal audit and

other appropriate internal controls.

This Statement does not create any private rights of action, and

does not alter or expand the legal duties and obligations that a

financial institution may have to a customer, its shareholders or other

third parties under applicable law. At the same time, adherence to the

principles discussed in this Statement would not necessarily insulate a

financial institution from regulatory action or any liability the

institution may have to third parties under applicable law.

III. Identification and Review of Elevated Risk Complex Structured

Finance Transactions

A financial institution that engages in CSFTs should maintain a set

of formal, written, firm-wide policies and procedures that are designed

to allow the institution to identify, evaluate, assess, document, and

control the full range of credit, market, operational, legal and

reputational risks associated with these transactions. These policies

may be developed specifically for CSFTs, or included in the set of

broader policies governing the institution generally. A financial

institution operating in foreign jurisdictions may tailor its policies

and procedures as appropriate to account for, and comply with, the

applicable laws, regulations and standards of those jurisdictions.\13\

---------------------------------------------------------------------------

\13\ In the case of U.S. branches and agencies of foreign banks,

these policies, including management, review and approval

requirements, should be coordinated with the foreign bank's group-

wide policies developed in accordance with the rules of the foreign

bank's home country supervisor and should be consistent with the

foreign bank's overall corporate and management structure as well as

its framework for risk management and internal controls.

---------------------------------------------------------------------------

A financial institution's policies and procedures should establish

a clear framework for the review and approval of individual CSFTs.

These policies and procedures should set forth the responsibilities of

the personnel involved in the origination, structuring, trading,

review, approval, documentation, verification, and execution of CSFTs.

Financial institutions may find it helpful to incorporate the review of

new CSFTs into their existing new product policies. In this regard, a

financial institution should define what constitutes a ``new'' complex

structured finance product and establish a control process for the

approval of such new products. In determining whether a CSFT is new, a

financial institution may consider a variety of factors, including

whether it contains structural or pricing variations from existing

products, whether the product is targeted at a new class of customers,

whether it is designed to address a new need of customers, whether it

raises significant new legal, compliance or regulatory issues, and

whether it or the manner in which it would be offered would materially

deviate from standard market practices. An institution's policies

should require new complex structured finance products to receive the

approval of all relevant control areas that are independent of the

profit center before the product is offered to customers.

A. Identifying Elevated Risk CSFTs

As part of its transaction and new product approval controls, a

financial institution should establish and maintain policies,

procedures and systems to identify elevated risk CSFTs. Because of the

potential risks they present to the institution, transactions or new

products identified as elevated risk CSFTs should be subject to

heightened reviews during the institution's transaction or new product

approval processes. Examples of transactions that an institution may

determine warrant this additional scrutiny are those that (either

individually or collectively) appear to the institution during the

ordinary course of its transaction approval or new product approval

process to:

Lack economic substance or business purpose;

Be designed or used primarily for questionable accounting,

regulatory, or tax objectives, particularly when the transactions are

executed at year end or at the end of a reporting period for the

customer;

Raise concerns that the client will report or disclose the

transaction in its public filings or financial statements in a manner

that is materially misleading or inconsistent with the substance of the

transaction or applicable regulatory or accounting requirements;

Involve circular transfers of risk (either between the

financial institution and the customer or between the customer and

other related parties) that lack economic substance or business

purpose;

Involve oral or undocumented agreements that, when taken

into account, would have a material impact on the regulatory, tax, or

accounting treatment of the related transaction, or the client's

disclosure obligations; \14\

---------------------------------------------------------------------------

\14\ This item is not intended to include traditional, non-

binding ``comfort'' letters or assurances provided to financial

institutions in the loan process where, for example, the parent of a

loan customer states that the customer states that the customer

(i.e., the parent's subsidiary) is an integral and important part of

the parent's operations.

---------------------------------------------------------------------------

Have material economic terms that are inconsistent with

market norms (e.g., deep ``in the money'' options or historic rate

rollovers); or

Provide the financial institution with compensation that

appears substantially disproportionate to the services provided or

investment made by the financial institution or to the credit, market

or operational risk assumed by the institution.

The examples listed previously are provided for illustrative

purposes only, and the policies and procedures established by financial

institutions may differ in how they seek to identify elevated risk

CSFTs. The goal of each institution's policies and procedures, however,

should remain the same--to identify those CSFTs that warrant additional

scrutiny in the transaction or new product approval process due to

concerns regarding legal or reputational risks.

Financial institutions that structure or market, act as an advisor

to a customer regarding, or otherwise play a substantial role in a

transaction may have more information concerning the customer's

business purpose for the transaction and any special accounting, tax or

financial disclosure issues raised by the transaction than institutions

that play a more limited role. Thus, the ability of a financial

institution to identify the risks associated with an elevated risk CSFT

may differ depending on its role.

B. Due Diligence, Approval and Documentation Process for Elevated Risk

CSFTs

Having developed a process to identify elevated risk CSFTs, a

financial institution should implement policies and procedures to

conduct a heightened level of due diligence for these transactions. The

financial institution should design these policies and procedures to

allow personnel at an appropriate level to understand and evaluate the

potential legal or reputational risks presented by the transaction to

the institution and to manage and address any heightened

[[Page 1379]]

legal or reputational risks ultimately found to exist with the

transaction.

Due Diligence. If a CSFT is identified as an elevated risk CSFT,

the institution should carefully evaluate and take appropriate steps to

address the risks presented by the transaction with a particular focus

on those issues identified as potentially creating heightened levels of

legal or reputational risk for the institution. In general, a financial

institution should conduct the level and amount of due diligence for an

elevated risk CSFT that is commensurate with the level of risks

identified. A financial institution that structures or markets an

elevated risk CSFT to a customer, or that acts as an advisor to a

customer or investors concerning an elevated risk CSFT, may have

additional responsibilities under the federal securities laws, the

Internal Revenue Code, state fiduciary laws or other laws or

regulations and, thus, may have greater legal and reputational risk

exposure with respect to an elevated risk CSFT than a financial

institution that acts only as a counterparty for the transaction.

Accordingly, a financial institution may need to exercise a higher

degree of care in conducting its due diligence when the institution

structures or markets an elevated risk CSFT or acts as an advisor

concerning such a transaction than when the institution plays a more

limited role in the transaction.

To appropriately understand and evaluate the potential legal and

reputational risks associated with an elevated risk CSFT that a

financial institution has identified, the institution may find it

useful or necessary to obtain additional information from the customer

or to obtain specialized advice from qualified in-house or outside

accounting, tax, legal, or other professionals. As with any

transaction, an institution should obtain satisfactory responses to its

material questions and concerns prior to consummation of a

transaction.\15\

---------------------------------------------------------------------------

\15\ Of course, financial institutions also should ensure that

their own accounting for transactions complies with applicable

accounting standards, consistently applied.

---------------------------------------------------------------------------

In conducting its due diligence for an elevated risk CSFT, a

financial institution should independently analyze the potential risks

to the institution from both the transaction and the institution's

overall relationship with the customer. Institutions should not

conclude that a transaction identified as being an elevated risk CSFT

involves minimal or manageable risks solely because another financial

institution will participate in the transaction or because of the size

or sophistication of the customer or counterparty. Moreover, a

financial institution should carefully consider whether it would be

appropriate to rely on opinions or analyses prepared by or for the

customer concerning any significant accounting, tax or legal issues

associated with an elevated risk CSFT.

Approval Process. A financial institution's policies and procedures

should provide that CSFTs identified as having elevated legal or

reputational risk are reviewed and approved by appropriate levels of

control and management personnel. The designated approval process for

such CSFTs should include representatives from the relevant business

line(s) and/or client management, as well as from appropriate control

areas that are independent of the business line(s) involved in the

transaction. The personnel responsible for approving an elevated risk

CSFT on behalf of a financial institution should have sufficient

experience, training and stature within the organization to evaluate

the legal and reputational risks, as well as the credit, market and

operational risks to the institution.

The institution's control framework should have procedures to

deliver the necessary or appropriate information to the personnel

responsible for reviewing or approving an elevated risk CSFT to allow

them to properly perform their duties. Such information may include,

for example, the material terms of the transaction, a summary of the

institution's relationship with the customer, and a discussion of the

significant legal, reputational, credit, market and operational risks

presented by the transaction.

Some institutions have established a senior management committee

that is designed to involve experienced business executives and senior

representatives from all of the relevant control functions within the

financial institution (including such groups as independent risk

management, tax, accounting, policy, legal, compliance, and financial

control) in the oversight and approval of those elevated risk CSFTs

that are identified by the institution's personnel as requiring senior

management review and approval due to the potential risks associated

with the transactions. While this type of management committee may not

be appropriate for all financial institutions, a financial institution

should establish processes that assist the institution in consistently

managing the review and approval of elevated risk CSFTs on a firm-wide

basis.\16\

---------------------------------------------------------------------------

\16\ The control processes that a financial institution

establishes for CSFTs should take account of, and be consistent

with, any informational barriers established by the institution to

manage potential conflicts of interest, insider trading or other

concerns.

---------------------------------------------------------------------------

If, after evaluating an elevated risk CSFT, the financial

institution determines that its participation in the CSFT would create

significant legal or reputational risks for the institution, the

institution should take appropriate steps to address those risks. Such

actions may include declining to participate in the transaction, or

conditioning its participation upon the receipt of representations or

assurances from the customer that reasonably address the heightened

legal or reputational risks presented by the transaction. Any

representations or assurances provided by a customer should be obtained

before a transaction is executed and be received from, or approved by,

an appropriate level of the customer's management. A financial

institution should decline to participate in an elevated risk CSFT if,

after conducting appropriate due diligence and taking appropriate steps

to address the risks from the transaction, the institution determines

that the transaction presents unacceptable risk to the institution or

would result in a violation of applicable laws, regulations or

accounting principles.

Documentation. The documentation that financial institutions use to

support CSFTs is often highly customized for individual transactions

and negotiated with the customer. Careful generation, collection and

retention of documents associated with elevated risk CSFTs are

important control mechanisms that may help an institution monitor and

manage the legal, reputational, operational, market, and credit risks

associated with the transactions. In addition, sound documentation

practices may help reduce unwarranted exposure to the financial

institution's reputation.

A financial institution should create and collect sufficient

documentation to allow the institution to:

Document the material terms of the transaction;

Enforce the material obligations of the counterparties;

Confirm that the institution has provided the customer any

disclosures concerning the transaction that the institution is

otherwise required to provide; and

Verify that the institution's policies and procedures are

being followed and allow the internal audit function to

[[Page 1380]]

monitor compliance with those policies and procedures.

When an institution's policies and procedures require an elevated

risk CSFT to be submitted for approval to senior management, the

institution should maintain the transaction-related documentation

provided to senior management as well as other documentation, such as

minutes of the relevant senior management committee, that reflect

senior management's approval (or disapproval) of the transaction, any

conditions imposed by senior management, and the factors considered in

taking such action. The institution should retain documents created for

elevated risk CSFTs in accordance with its record retention policies

and procedures as well as applicable statutes and regulations.

C. Other Risk Management Principles for Elevated Risk CSFTs

General Business Ethics. The board and senior management of a

financial institution also should establish a ``tone at the top''

through both actions and formalized policies that sends a strong

message throughout the financial institution about the importance of

compliance with the law and overall good business ethics. The board and

senior management should strive to create a firm-wide corporate culture

that is sensitive to ethical or legal issues as well as the potential

risks to the financial institution that may arise from unethical or

illegal behavior. This kind of culture coupled with appropriate

procedures should reinforce business-line ownership of risk

identification, and encourage personnel to move ethical or legal

concerns regarding elevated risk CSFTs to appropriate levels of

management. In appropriate circumstances, financial institutions may

also need to consider implementing mechanisms to protect personnel by

permitting the confidential disclosure of concerns.\17\ As in other

areas of financial institution management, compensation and incentive

plans should be structured, in the context of elevated risk CSFTs, so

that they provide personnel with appropriate incentives to have due

regard for the legal, ethical and reputational risk interests of the

institution.

---------------------------------------------------------------------------

\17\ The agencies note that the Sarbanes-Oxley Act of 2002

requires companies listed on a national securities exchange or

inter-dealer quotation system of a national securities association

to establish procedures that enable employees to submit concerns

regarding questionable accounting or auditing matters on a

confidential, anonymous basis. See 15 U.S.C. 78j-1(m).

---------------------------------------------------------------------------

Reporting. A financial institution's policies and procedures should

provide for the appropriate levels of management and the board of

directors to receive sufficient information and reports concerning the

institution's elevated risk CSFTs to perform their oversight functions.

Monitoring Compliance with Internal Policies and Procedures. The

events of recent years evidence the need for an effective oversight and

review program for elevated risk CSFTs. A financial institution's

program should provide for periodic independent reviews of its CSFT

activities to verify and monitor that its policies and controls

relating to elevated risk CSFTs are being implemented effectively and

that elevated risk CSFTs are accurately identified and received proper

approvals. These independent reviews should be performed by

appropriately qualified audit, compliance or other personnel in a

manner consistent with the institution's overall framework for

compliance monitoring, which should include consideration of issues

such as the independence of reviewing personnel from the business line.

Such monitoring may include more frequent assessments of the risk

arising from elevated risk CSFTs, both individually and within the

context of the overall customer relationship, and the results of this

monitoring should be provided to an appropriate level of management in

the financial institution.

Audit. The internal audit department of any financial institution

is integral to its defense against fraud, unauthorized risk taking and

damage to the financial institution's reputation. The internal audit

department of a financial institution should regularly audit the

financial institution's adherence to its own control procedures

relating to elevated risk CSFTs, and further assess the adequacy of its

policies and procedures related to elevated risk CSFTs. Internal audit

should periodically validate that business lines and individual

employees are complying with the financial institution's standards for

elevated risk CSFTs and appropriately identifying any exceptions. This

validation should include transaction testing for elevated risk CSFTs.

Training. An institution should identify relevant personnel who may

need specialized training regarding CSFTs to be able to effectively

perform their oversight and review responsibilities. Appropriate

training on the financial institution's policies and procedures for

handling elevated risk CSFTs is critical. Financial institution

personnel involved in CSFTs should be familiar with the institution's

policies and procedures concerning elevated risk CSFTs, including the

processes established by the institution for identification and

approval of elevated risk CSFTs and new complex structured finance

products and for the elevation of concerns regarding transactions or

products to appropriate levels of management. Financial institution

personnel involved in CSFTs should be trained to identify and properly

handle elevated risk CSFTs that may result in a violation of law.


IV. Conclusion

Structured finance products have become an essential and important

part of the U.S. and international capital markets, and financial

institutions have played an important role in the development of

structured finance markets. In some instances, however, CSFTs have been

used to misrepresent a customer's financial condition to investors and

others, and financial institutions involved in these transactions have

sustained significant legal and reputational harm. In light of the

potential legal and reputational risks associated with CSFTs, a

financial institution should have effective risk management and

internal control systems that are designed to allow the institution to

identify elevated risk CSFTs, to evaluate, manage and address the risks

arising from such transactions, and to conduct those activities in

compliance with applicable law.

Dated: December 12, 2006.
John C. Dugan,
Comptroller of the Currency.

Dated: December 21, 2006.
By the Office of Thrift Supervision.
Scott M. Polakoff,
Deputy Director & Chief Operating Officer.

By order of the Board of Governors of the Federal Reserve
System, December 20, 2006.
Jennifer J. Johnson,
Secretary of the Board.

Dated at Washington, DC, the 22nd day of December, 2006.
By order of the Federal Deposit Insurance Corporation.
Robert E. Feldman,
Executive Secretary.

Dated: January 5, 2007.
By the Securities and Exchange Commission.
Nancy M. Morris,
Secretary.

[FR Doc. 07-55 Filed 1-10-07; 8:45 am]

BILLING CODE 4810-33-P


    

Last Updated 01/11/2007 Regs@fdic.gov