2020 Annual Performance Plan

Supervision Program

Another way the FDIC promotes public confidence and stability in the nation’s financial system is through its Supervision Program, which promotes the safety and soundness of IDIs, protects consumer rights, and promotes community investment initiatives by FDIC-supervised institutions.

The FDIC is the primary federal regulator for state-chartered banks and savings associations that are not members of the Federal Reserve System, generally known as state nonmember banks and state-chartered savings associations. This includes state-licensed insured branches of foreign banks. As insurer, the FDIC also has special (back-up) examination authority for state member banks that are supervised by the Board of Governors of the Federal Reserve System (FRB) and national banks and federal savings associations that are supervised by the Office of the Comptroller of the Currency (OCC). The FDIC’s roles as insurer and primary supervisor are complementary, and many activities undertaken by the FDIC support both the insurance and supervision programs.

Through the review of examination reports, use of off-site monitoring tools, participation in examinations conducted by other federal regulators, and, where appropriate, performance of special (back-up) examination activities, the FDIC regularly monitors the potential risks at all insured institutions, including those for which it is not the primary federal regulator.

The Dodd-Frank Act expanded the FDIC’s statutory responsibilities beyond IDIs to bank holding companies (BHCs) with more than $250 billion in assets and nonbank financial companies that are designated as systemically important financial institutions (SIFIs) by the Financial Stability Oversight Council (FSOC). The Dodd-Frank Act designates the FRB as the primary supervisor of these companies, and the FDIC has established off-site monitoring programs and has certain statutory back-up examination authorities for these institutions. The purpose of the FDIC’s monitoring and risk assessment activities for these institutions is, where possible, to mitigate identified risks; to assess the adequacy of the institutions’ efforts to prepare to reorganize or liquidate through bankruptcy in the event of financial distress; and to be prepared, if necessary, to conduct an orderly liquidation of the company.

As the primary federal regulator of all insured state nonmember banks and state-chartered savings associations, the FDIC performs periodic risk management examinations of these institutions to assess their overall financial condition, management policies and practices, and compliance with applicable laws and regulations. The FDIC also performs Bank Secrecy Act (BSA) and information technology (IT) reviews at each risk management examination and, when applicable, conducts reviews of trust, registered transfer agent, municipal securities dealer, and government security dealer activities at these examinations.

Through the examination process, the FDIC also assesses the adequacy of an institution’s management and internal control systems to identify and control risks. In addition, the FDIC uses off-site monitoring programs to enhance its ability to promptly identify emerging safety-and-soundness issues.

The FDIC’s consumer compliance examination program promotes compliance with federal consumer protection laws, fair lending statutes, the Community Reinvestment Act (CRA), and the regulations that implement these laws and statutes. The program seeks to ensure that consumers are treated fairly and that the disclosures institutions provide to consumers are accurate and complete. To promote the most effective and efficient use of resources, the consumer compliance examination program focuses on the activities and products that pose the greatest potential risk of consumer harm or otherwise require increased supervisory attention. The FDIC conducts separate examinations for all FDIC-supervised institutions to assess the effectiveness of their compliance management systems and CRA performance. Institutions that are subject to the primary jurisdiction of the Consumer Financial Protection Bureau (CFPB) are examined for compliance with the regulations that were not transferred to the CFPB, including the CRA. More information on the FDIC’s relationship with CFPB is found in Appendix D.

If weaknesses are identified through the examination process, the FDIC promptly takes appropriate supervisory action. Formal and informal enforcement actions may be taken to correct identified violations, unsafe or unsound practices, or breaches of fiduciary duty. Enforcement actions may also be taken if institutions are operating in a deteriorated financial condition or are failing to comply with consumer protection, fair lending, or other statutes. These enforcement actions remain in place until the identified weaknesses are remedied.

The FDIC also investigates consumer complaints about FDIC-supervised IDIs. Consumers write or electronically submit to the FDIC complaints and inquiries regarding consumer protection and fair lending issues. Through its investigation of and response to consumer complaints and inquiries, the FDIC attempts to help consumers better understand their rights under federal consumer protection and fair lending laws. The FDIC uses surveys to monitor consumers’ satisfaction with its responses to complaints and inquiries.

In addition, the FDIC acts on applications from IDIs to undertake certain transactions or engage in new or expanded business activities. In reviewing these applications, the FDIC evaluates the statutory factors relevant to the application. Generally, depending on the type of application, these factors may pertain to, for instance, capital adequacy, management, financial resources, convenience and needs of the community to be served, and risk to the DIF. Consistent with the relevant statutory factors, the FDIC’s evaluations consider an institution’s compliance with consumer protection and fair lending requirements, as well as performance under the CRA.

During the examination process, FDIC examiners assess how well an institution is managing the risks associated with its particular business model. The findings of these assessments are shared with the institution’s management in the report of examination. In 2020, the FDIC will continue to identify risks that are not well managed, recommend improvements to bank management, and track management’s corrective actions.

More information about the FDIC’s supervisory program, including laws, regulations, and supervisory guidance, is available at www.fdic.gov.

Cybersecurity

Cybersecurity remains an ongoing concern for the financial services sector because of the reliance on IT not only in bank operations, but also as an interface with customers. The frequency and sophistication of cyberattacks continues to increase, and the financial services sector is a prime target. In response, financial institutions and their service providers are continually challenged to assess the quickly changing risks and to allocate adequate resources to mitigate those risks to an acceptable level.

The FDIC monitors cybersecurity issues on a regular basis, through on-site examinations of insured institutions, participation in the Financial and Banking Information Infrastructure Committee (FBIIC), examination of services provided to IDIs by certain technology service providers, and threat monitoring, such as through membership in the Financial Services Information Sharing and Analysis Center.

In 2020, the FDIC, along with the other members of the Federal Financial Institutions Examination Council (FFIEC) ⁵, will continue to update the FFIEC IT Examination Handbook, which provides examination guidelines and procedures. The FFIEC issued an updated Business Continuity Management Booklet in 2019 to replace the former Business Continuity Planning Booklet. The FDIC, in concert with other agencies, will also assess cyber risks horizontally at large, complex financial institutions to understand the level of risk in the financial system.

Monitoring Large Institutions

In 2020, the FDIC will continue to develop its capabilities related to its responsibilities under the Dodd-Frank Act. The FDIC will conduct ongoing risk monitoring reviews of all banking organizations with more than $100 billion in assets, as well as any nonbank financial companies designated as systemically important by the FSOC (designated nonbank SIFIs).

The FDIC and the FRB are jointly responsible for reviewing the resolution plans filed by BHCs and designated nonbank SIFIs to ensure that each provides a credible plan for reorganizing a firm or liquidating it through bankruptcy without severe adverse consequences for the financial system or the U.S. economy. The FDIC will review the resolution plans submitted in 2020.

The FDIC also presently requires IDIs with more than $50 billion in assets to submit IDI resolution plans pursuant to the FDIC’s independent IDI Plan Rule. In 2020, the FDIC intends to publish a notice of proposed rulemaking (NPR) soliciting public comments on possible amendments to the IDI Plan Rule to tailor IDI resolution plan requirements. Following a review of comments received, the FDIC intends to publish a final rule.

Supervision Modernization

The FDIC continues to leverage technology to improve the efficiency and effectiveness of its supervision efforts. These improvements are designed to reduce the compliance burden for institutions – especially community banks – without sacrificing the quality of the FDIC’s supervision program.

In 2019, the FDIC established a new Supervision Modernization subcommittee of the CBAC, comprised of bankers, technologists, former regulators, and legal experts to consider how the FDIC can improve the efficiency of the examination process. The Subcommittee will report its findings to the CBAC in the first half of 2020.

⁵See Appendix D for more information about the FFIEC, its members, and its functions

The following table depicts the strategic goal, strategic objective, and annual performance goals for the Risk Management component of the Supervision Program.

The following table depicts the strategic goal, strategic objectives, and annual performance goals for the Consumer Compliance and Consumer Affairs components of the Supervision Program.

The following table depicts the strategic goal, strategic objectives, and annual performance goal for the Resolution Planning component of the Supervision Program.

STRATEGIC GOAL 2:
FDIC-insured institutions are safe and sound.

STRATEGIC OBJECTIVE 2.1    

The FDIC exercises its statutory authority, in cooperation with primary federal regulators and state agencies, to ensure that all FDIC-insured institutions appropriately manage risk.

Annual Performance Goal 2.1-1     

Conduct on-site risk management examinations to assess the overall financial condition, management practices and policies, and compliance with applicable laws and regulations of FDIC-supervised depository institutions. When problems are identified, promptly implement appropriate corrective programs and follow up to ensure that identified problems are corrected.

Indicators and Targets

1. Percentage of required examinations conducted in accordance with statutory requirements and FDIC policy
• Conduct all required risk management examinations within the timeframes prescribed by statute and FDIC policy.
2. Follow-up actions on identified problems
• For at least 90 percent of IDIs that are assigned a composite CAMELS rating of 2 and for which the examination report identifies “Matters Requiring Board Attention” (MRBAs), review progress reports and follow up with the institution within six months of the issuance of the examination report to ensure that all MRBAs are being addressed.

Means and Strategies

Operational Processes (initiatives and strategies): Risk management examinations assess the overall financial condition, management practices and policies, and compliance with applicable laws and regulations of FDIC-supervised institutions. The FDIC performs safety and soundness, BSA, and IT reviews at each risk management examination of an FDIC-supervised IDI. As applicable, the FDIC also conducts reviews of trust, registered transfer agent, municipal securities dealer, and government security dealer activities at these examinations.

In 2020, the FDIC projects that it will conduct more than 1,400 risk management examinations required under statute, FDIC policy, or agreements with state supervisors. The number of risk management examinations to be conducted during 2020 may fluctuate as the number of FDIC-supervised IDIs changes as a result of mergers, closings, newly approved charters, and other actions. In addition, increases in asset size or changes to an institution’s condition or capital levels may accelerate examination cycles and increase the number of required examinations.

The FDIC follows a risk-focused approach to examinations, which allows examiners to focus resources on those areas with the greatest potential risk. The FDIC has several analytical tools to identify higher-risk financial institutions by considering factors such as rapid growth, fluctuating earnings, economic downturns, and concentrations in vulnerable industry sectors. Examiners use these off-site tools to help them focus on various risks during on-site examinations. These tools are also used to identify the need for inquiries or on-site visits to FDIC-supervised institutions outside of the regular examination cycle.

On-site examinations also review technology-related activities to determine how each FDIC- supervised institution manages its IT risks. The FDIC proactively monitors indicators of technology risk that may affect FDIC-supervised institutions and provides information to the industry about risks associated with technology outsourcing practices. The FDIC regularly engages with technology vendors, trade associations, and standards- and rule-setting entities to identify and promote effective risk management practices for emerging technologies.

The examination report identifies any corrective actions to be taken by the institution. If deemed necessary, a formal or informal enforcement action is sent to the financial institution with the report of examination. To ensure that supervisory actions are taken promptly, the FDIC monitors the time it takes to provide examination reports to FDIC-supervised institutions after the completion of an examination. In addition to an on-site visit and a subsequent examination, compliance with an enforcement action is assessed through progress reports from the institution, use of off-site monitoring tools, and direct communication with management of the financial institution.

At this point in the economic cycle, it is important to ensure that problems identified at well-rated institutions are promptly addressed before they result in more serious deficiencies requiring formal or informal corrective programs. When there are material issues and recommendations that require attention by the institution’s board of directors, the examination report will identify MRBAs to highlight areas that, if not properly measured, monitored, and controlled, could adversely affect the institution. A timely response is requested from institution management to mitigate risks and correct noted deficiencies. The response is reviewed to ensure it is appropriate and that it addresses supervisory concerns.

Human Resources (staffing and training): In 2020, the FDIC has 1,497 authorized positions in its field workforce to conduct risk management examinations. Field examiners conduct on-site examinations and visits. These positions include a variety of examiners with specialized skills, such as large bank specialists, loan review analysts, and IT examiners and specialists.

Staffing and training needs are reviewed regularly to ensure that the examination staff possess the skills and knowledge to effectively identify existing and emerging risks. The FDIC updated its IT certification training program in 2019 and is currently updating its certification training programs and subject matter expertise in the areas of IT, trust, accounting, BSA/anti-money laundering, and capital markets.

The FDIC has cooperative agreements with most states to conduct joint or alternating risk management examinations. If a state supervisor handling an examination has scheduling, staffing, or other resource constraints, the statutory examination requirement may not be met. In such cases, the FDIC will work with the state supervisor to make sure that any delinquent examination is quickly scheduled and completed. When appropriate, the FDIC may conduct the examination instead of the state supervisor.

Case managers and other regional office officials finalize reports of examination and monitor compliance with enforcement programs. Staffing and training needs for this function are also reviewed regularly to ensure that the resources available are adequate and that employees possess the required skills and knowledge.

Information Technology: The FDIC’s Virtual Supervisory Information on the Net (ViSION) system is used to schedule and track the completion of risk management examinations. ViSION also is used to monitor all enforcement activity and other significant events at troubled institutions and to schedule on-site visits and follow-up examinations of 3-, 4-, and 5-rated institutions.

Verification and Validation

The number and timing of examinations are tracked through ViSION and reported through established management reporting processes. Enforcement actions and the timing of required on-site visits are also tracked through ViSION. The FDIC uses its Regional Office Internal Control Review program to ensure that regions effectively monitor the compliance of FDIC-supervised institutions with formal and informal enforcement actions. This review incorporates various components of the supervisory process, including assessment of the appropriateness of formal and informal corrective actions and monitoring of enforcement implementation and follow-up activities. Any material exceptions noted during the reviews are brought to management’s attention for appropriate action.

2019 Performance Results

The FDIC successfully met the performance targets for this annual performance goal in 2019. This annual performance goal and its associated performance indicators and targets are unchanged for 2020.

Annual Performance Goal 2.1-2

Assist in protecting the infrastructure of the U.S. banking system against terrorist financing, money laundering, and other financial crimes.

Indicator and Target

1. Percentage of required examinations conducted in accordance with statutory requirements and FDIC policy
• Conduct all BSA examinations within the timeframes prescribed by statute and FDIC policy.

Means and Strategies

Operational Processes (initiatives and strategies): The FDIC conducts Bank Secrecy Act/Anti- Money Laundering (BSA/AML) examinations and Office of Foreign Assets Control (OFAC) reviews to assess the BSA/AML and OFAC compliance programs of FDIC-supervised institutions. These examinations and reviews cover sound risk management, compliance with recordkeeping and reporting requirements, the ability of the institution to identify and report suspicious activities, and compliance with trade and economic sanctions. BSA/AML examinations and OFAC reviews are performed as a part of all risk management examinations of FDIC-supervised institutions. The FDIC also completes BSA/AML examinations and OFAC reviews for states that do not conduct these examinations. The FDIC follows a risk-based approach to BSA/AML examinations and OFAC reviews, which allows examiners to focus resources on those areas with the greatest potential risk.

Guidance is provided to risk management staff through written memoranda, participation in the FFIEC BSA/AML Examination Workshop, and attendance at the FFIEC Advanced BSA/AML Specialists Conference.

Human Resources (staffing and training): More than 300 FDIC examiners are designated as BSA/AML subject matter experts. Staffing and training needs are reviewed regularly to ensure the staff resources supporting the BSA/AML examination program are adequate and that employees possess the skills and knowledge to effectively and successfully assess compliance with BSA/AML requirements and detect any emerging risks. In 2017, the FDIC strengthened its BSA/AML staffing resources by establishing senior BSA/AML examiner positions in each region. In 2018, the FDIC began the development of a formal on-the-job training program to develop higher-level proficiencies in the BSA/AML and OFAC examination specialty area. This program will be implemented in 2020. Additionally, the FDIC initiated implementation of a web-based BSA training program for all examiners during 2019; all staff will complete the course within the first half of 2020.

Information Technology: ViSION is used to track the number and timing of required BSA/AML examinations. Examiners also use the Examination Tool Suite (ETS) to update BSA violation codes automatically, thereby increasing the efficiency of those examinations.

Verification and Validation

The number and timing of BSA/AML examinations are tracked in ViSION and reported through established management reporting processes.

2019 Performance Results

The FDIC successfully met the performance target for this annual performance goal in 2019. This annual performance goal and its associated performance indicator and target are unchanged for 2020.

Annual Performance Goal 2.1-3     

Establish regulatory capital standards that ensure institutions have sufficient loss-absorbing capacity to remain resilient under stress while reducing complexity and maximizing efficiency.

Indicator and Targets

1. U.S. implementation of internationally agreed capital standards and other capital standards for large institutions
• Issue an interagency final rule on holdings of total loss-absorbing capacity.
• Issue an NPR to implement the final Basel III standards into the U.S. regulatory capital framework.
• Issue a final rule to implement the Net Stable Funding Ratio (NSFR).

Means and Strategies

Operational Processes (initiatives and strategies): FDIC staff have been working closely with the staffs of the other federal banking agencies to tailor capital and liquidity requirements for large institutions, consistent with the provisions of the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA). EGRRCPA raised the asset threshold for the application of enhanced prudential standards under the Dodd-Frank Act to $250 billion, while giving the FRB the authority to apply enhanced standards to firms with total consolidated assets between $100 billion and $250 billion under certain conditions. In 2019, the agencies finalized a rule to implement the relevant EGRRCPA provisions by tailoring the application of regulatory capital and liquidity requirements based on a banking organization’s size, risk profile, and systemic footprint. The largest, most systemically important banks will continue to be subject to the most rigorous standards while smaller, less systemically important institutions will be subject to standards tailored to their risk profile. EGRRCPA also made certain changes to the leverage ratio calculation for custody banks. The agencies issued both an NPR and final rule to address these changes during 2019.  

The remaining Basel III standards to be implemented in the United States for the largest and most complex institutions would address concerns regarding excessive variability in the measurement of risk-weighted assets (RWAs) across large internationally active banking institutions. These revisions are designed to reduce RWA variability by enhancing the robustness and risk sensitivity of the standardized approach for credit risk and operational risk and constraining the use of internal models. In addition, the Basel III revisions will enhance the market risk framework by introducing: a clearer boundary between the trading book and the banking book, an internal models approach that relies upon the use of expected shortfall models, separate capital requirements for risk factors that cannot be modeled, and a risk-sensitive standardized approach that is designed and calibrated to be a credible fallback to the internal models approach. The FDIC, OCC, and FRB will issue a proposed rule in 2020 to address these issues.

In April 2019, the FDIC, OCC, and FRB issued an NPR that would address an advanced approaches banking organization’s regulatory capital treatment of an investment in unsecured debt instruments issued by foreign or U.S. global systemically important banking organizations (GSIBs) for the purposes of meeting minimum total loss-absorbing capacity and, where applicable, long-term debt requirements, or unsecured debt instruments issued by GSIBs that are equivalent or subordinated to such debt instruments. Under the proposal, investments by an advanced approaches banking organization in such unsecured debt instruments generally would be subject to deduction from the advanced approaches banking organization’s own regulatory capital. The proposal would reduce both interconnectedness within the financial system and systemic risk. The agencies have received and reviewed comments on the proposed rule and plan to issue a final rule during 2020.

During the financial crisis, a number of large banking organizations failed or experienced serious difficulties, in part, because of severe liquidity problems. In May 2016, the FDIC and other banking agencies proposed a rule that would reduce the vulnerability of large banking organizations to liquidity risk. The NSFR rule would require certain large banks to maintain sufficient levels of stable funding, including capital, long-term debt, and other stable sources over a one-year window, to account for the liquidity risks arising from their assets, derivatives, and off-balance-sheet activities. Comments were received and carefully reviewed by FDIC staff along with the staffs of other federal banking agencies. FDIC staff anticipate a final rule for consideration in 2020.

Human Resources (staffing and training): The breadth and depth of knowledge among FDIC staff on bank liquidity, funding, and other capital markets matters has expanded in recent years, partly through continued staff participation in numerous Basel policy development groups. In 2019, the FDIC continued to increase the number of staff with capital markets expertise by providing internal and external training on liquidity, funding, capital, trading activities, financial modeling, and other capital market areas. The FDIC is also developing a formal on-the-job training program to develop higher-level proficiencies in the capital markets specialty area.

Information Technology:  The FDIC will use existing technology to accomplish this annual performance goal.

Verification and Validation

Progress in meeting this annual performance goal will be tracked through periodic meetings and established management reporting processes.

2019 Performance Results

The FDIC met six of the seven performance targets for this annual performance goal in 2019. A final rule to implement the NSFR is still under review. This annual performance goal is unchanged, but its associated performance indicator and targets have been updated for 2020.

Annual Performance Goal 2.1-4

Implement strategies to promote enhanced cybersecurity and business continuity within the banking industry.

Indicator and Targets

1. Enhance the cybersecurity awareness and preparedness of the banking industry
• Continue to conduct horizontal reviews that focus on the IT risks in large, complex supervised institutions and in technology service providers.
• Continue to use the Cybersecurity Examination Program for the most significant service provider examinations.
• Improve the analysis and sharing of cybersecurity-related threat information with financial institutions.

Means and Strategies

Operational Processes (initiatives and strategies): The importance of cybersecurity and business continuity management to ensure the soundness and stability of the nation’s financial sector cannot be overstated. The FDIC prioritizes this issue and adjusts its financial institution supervision and technology service provider examinations to address cybersecurity risk in light of current threats. Currently, the FDIC assesses supervised institutions’ ability to manage IT risks through the Information Technology Risk Examination (InTREx) program. This program, developed in collaboration with the FRB and the Conference of State Bank Supervisors (CSBS), supports examiners in evaluating cybersecurity, business continuity, incident response, audit and assessment, board and management oversight, vendor relationships, and payment systems. When weaknesses are identified in supervised institutions or technology service providers, the FDIC uses a range of informal and formal actions to compel correction.

The FDIC co-led an effort through the FFIEC Task Force on Supervision to develop a uniform process and tool for assessing how technology service providers manage cybersecurity risks. The Cybersecurity Examination Program was issued in August 2017 and is now being used to assess cybersecurity risk management at the most significant technology service provider examinations.

Human Resources (staffing and training): All commissioned risk management examiners have basic IT examination skills attained through the FDIC’s training programs. The FDIC also has 78 designated IT examiners, 163 (145 intermediate and 18 advanced) risk management examiners designated as either intermediate or advanced IT subject matter experts based on completion of the FDIC’s IT on-the-job training program, and 27 specialized IT Examination Analysts who support the IT examination process with advanced technical skills. IT policy and examination personnel at headquarters also support the examination function.

Information Technology: ViSION is used to schedule and track the completion of risk management examinations, and to track any related enforcement actions or significant events at institutions due to noncompliance with IT-related banking laws and regulations.

Verification and Validation

The number and timing of IT examinations are tracked through ViSION and reported through established management processes. Enforcement actions and the timing of required on-site visits are also tracked through ViSION.

The majority of technology service provider examinations are conducted and scheduled on an interagency basis. Planning for examinations of the largest technology service providers takes place annually with the OCC and the FRB. Examinations of smaller technology service providers are managed at the FDIC regional office level in coordination with local FRB and OCC counterparts.

All IT examination activity (including technology service provider examinations) conducted by FDIC staff and detailed information on individual examiner participation is tracked through FDIC systems.

The FDIC uses its Regional Office Internal Control Review program to ensure that regions effectively monitor the compliance of FDIC-supervised institutions with formal and informal enforcement actions. This review incorporates various components of the supervisory process, including assessment of the appropriateness of formal and informal corrective actions and monitoring of enforcement implementation and follow-up activities. Any material exceptions noted during the reviews are brought to management’s attention for appropriate action.

2019 Performance Results

The FDIC successfully met the performance targets for this annual performance goal in 2019. This annual performance goal and its associated performance indicator and targets are unchanged for 2020.

Annual Performance Goal 2.1-5

Update rules, regulations, and other guidance to enhance efficiency and transparency while maintaining the safety and soundness of the financial system.

Indicators and Targets

1. Modernize FDIC regulations to tailor regulatory requirements and processes
• Issue a final rule on brokered deposits.
• Issue revised stress testing guidance.
2. Revise and clarify FDIC policies, procedures, and guidance
• Issue a final rule to codify and amend the FDIC’s Statement of Policy on Section 19 of the Federal Deposit Insurance Act (FDI Act).
• Issue a final rule clarifying the applicability of the “valid when made” rule.
3. Complete rulemakings related to large, complex financial institutions
• Issue an interagency final rule to modify the treatment of covered funds under the Volcker Rule.
• Issue a final rule amending the swap margin requirements.

Means and Strategies

Operational Processes (initiatives and strategies): The FDIC has worked to strengthen the banking system by modernizing its approach to supervision and regulation. These efforts seek to enhance efficiency and transparency while maintaining the safety and soundness of the system. To have a strong financial system – and strong economic growth – banks must be able to meet the needs of consumers and businesses across the nation. This requires, in turn, that regulators modernize rules as the industry evolves.

In 2019, the FDIC began a comprehensive review of its longstanding regulatory framework for brokered deposits, which was implemented in 1989. The implementing regulation has not been revised to meaningfully address the significant changes in technology, business models, and products across the financial services industry over those 30 years. The FDIC’s review resulted in a proposal issued for public comment in December 2019 that would establish a new, transparent framework for determining what qualifies as a brokered deposit. In 2020, the FDIC intends to issue a final rule on brokered deposits.

The federal banking agencies issued interagency guidance on stress testing in 2012 for banking organizations with more than $10 billion in total consolidated assets. The guidance generally describes the importance of tailored stress testing as a part of broader risk management and governance practices that can better equip banking organizations to address a range of adverse outcomes. The guidance also establishes broad principles for an effective stress testing framework in relation to institution risk management and governance structures, as well as for contributing to capital and liquidity planning. EGRRCPA raised the asset threshold for mandatory stress testing established under the Dodd-Frank Act to $250 billion in total consolidated assets. Accordingly, the FDIC amended its stress testing rule regarding the Dodd-Frank Act, and is working with the other agencies to revise the 2012 guidance to better align with the spirit of this statutory change.

During 2020, the FDIC will also continue its review of existing FDIC policies, procedures, and guidance. In November 2019, the FDIC approved an NPR to clarify the federal law governing interest rates state banks may charge their customers. The FDIC’s proposal would codify longstanding legal interpretations of the FDI Act and provide that the interest rate on a loan, as permitted by the law where the bank is located, would not be affected by subsequent events, such as a change in state law, a change in the relevant commercial paper rate, or the sale/assignment/transfer of the loan. In 2020, the FDIC intends to issue a final rule.

Section 19 of the FDI Act generally prohibits individuals convicted of certain crimes from becoming employed by, or participating in the affairs of, an insured depository institution. In 1998, the FDIC issued a Statement of Policy (SOP) on Section 19, which set forth criteria for providing relief for individuals with convictions for certain low-risk crimes that constituted de minimis crimes, forgoing the need for an application for a waiver of Section 19. In November 2019, the FDIC approved an NPR to codify the Section 19 SOP in the FDIC’s regulations and seek public comment on all aspects of the Section 19 SOP. In 2020, the FDIC intends to issue a final rule.

Lastly, the FDIC will issue rulemakings related to large, complex financial institutions.

In January 2020, the FDIC issued a proposal to modify the regulations implementing the Volcker Rule by clarifying the provisions related to the prohibitions and restrictions on investments in private equity and hedge funds (i.e., “covered funds”). Following a review of comments received, the FDIC intends to issue a final rule.

In November 2019, the FDIC, FRB, OCC, Federal Housing Finance Agency (FHFA), and Farm Credit Administration (FCA) published a proposed rule that would amend the swap margin rule, which establishes capital and margin requirements for non-cleared swaps. Specifically, the proposal would:

• Preserve the status quo for legacy swaps transferred to or by a covered swap entity in the event of the U.K. withdrawal from the E.U. without a Withdrawal Agreement (i.e., Brexit);
• Preserve the status quo for legacy swaps amended as part of the London Inter-Bank Offered Rate (LIBOR) transition;
• Modify inter-affiliate margin treatment to repeal initial margin requirements but retain the variation margin requirements; and
• Extend the compliance period for certain smaller counterparties and clarify the existing trading documentation requirements in the swap margin rule.

Human Resources (staffing and training): The FDIC maintains dedicated staff who are experts in the development of regulation, policy, and guidance within its Division of Risk Management Supervision and Legal Division. These experts will work together to carry out the policy matters listed above.

Information Technology: Information regarding changes to FDIC rules, regulations, and guidance will be communicated through the FDIC’s public website (www.fdic.gov).

Verification and Validation

Progress in meeting this goal will be reported through established management reporting processes.

2019 Performance Results

This annual performance goal and its associated performance indicators and targets are new for 2020.

STRATEGIC GOAL 3:
Consumers’ rights are protected, and FDIC-supervised institutions invest in their communities.

STRATEGIC OBJECTIVE 3.1    

FDIC-supervised institutions comply with consumer protection, CRA, and fair lending laws and do not engage in unfair or deceptive practices.

Annual Performance Goal 3.1-1     

Conduct on-site CRA and consumer compliance examinations to assess compliance with applicable laws and regulations by FDIC-supervised institutions. When violations are identified, promptly implement appropriate corrective programs and follow up to ensure that identified problems are corrected.

Indicators and Targets

1. Percentage of examinations conducted in accordance with the timeframes prescribed by FDIC policy
• Conduct all required examinations within the timeframes established.
2.  Implementation of corrective programs
• Conduct visits and/or follow-up examinations in accordance with established FDIC processes and timeframes to ensure that the requirements of any corrective program have been implemented and are effectively addressing identified violations.

Means and Strategies

Operational Processes (initiatives and strategies): The FDIC conducts CRA and consumer compliance examinations of FDIC-supervised depository institutions to determine compliance with consumer protection and fair lending laws and performance under the CRA. The frequency of compliance examinations is specified by FDIC policy. For CRA examinations, the FDIC’s examination frequency policy conforms to applicable provisions of the Gramm-Leach-Bliley Act (GLBA), which establishes the CRA examination cycle for most small institutions. In 2020, the FDIC estimates that it will conduct 1,089 consumer compliance and/or CRA examinations.

The FDIC’s consumer compliance examination approach emphasizes a risk-focused scoping process to look at an institution’s compliance risk management practices and the potential risk of consumer harm. This approach involves an expanded review of an institution’s systems and compliance policies so that transaction testing can be better targeted and focused on areas that pose the greatest risk for consumer harm. This approach creates a more efficient and effective use of examination resources, especially in financial institutions with high compliance risk profiles.

Institutions with compliance deficiencies are identified primarily through the examination process. While discussions with bank management are usually sufficient to correct these deficiencies, the FDIC has broad enforcement powers to correct practices, conditions, or violations of law that result in an institution’s non-compliance with consumer protection and fair lending laws or infringe upon consumer’s rights under those laws.

Institutions that are subject to enforcement actions because of unfavorable ratings for compliance with consumer protection and fair lending laws and regulations are closely monitored by regional office officials. A follow-up examination or on-site visit is conducted to review compliance with supervisory actions for each institution that receives an unsatisfactory rating. Additional follow- up action is taken when the initial corrective program is determined to have been insufficient in addressing the identified problem. Progress in complying with an enforcement action is also assessed through quarterly progress reports from, and direct communication with, management of the financial institution.

Human Resources (staffing and training): The FDIC has 438 authorized permanent consumer compliance examiner positions in its field examination workforce in 2020. Staffing and training needs are reviewed regularly to ensure that staff resources supporting the consumer compliance supervision program are adequate to conduct a high-quality examination program and to ensure that employees possess the skills and knowledge to effectively implement this program.

Information Technology: The System of Uniform Reporting of Compliance and CRA Examinations (SOURCE) is used to schedule and track consumer compliance and CRA examinations, support pre-examination planning, and provide management information. The FDIC is in the process of developing a replacement set of applications for SOURCE (planned for implementation in 2021).

Verification and Validation

The FDIC will analyze examination-related data collected in SOURCE to determine whether the performance target for this goal is achieved during the reporting period. Results will be reported through established management reporting processes.

2019 Performance Results

The FDIC achieved the performance targets for the annual performance goal in 2019. This annual performance goal and its associated performance indicators and targets are substantively unchanged for 2020.

STRATEGIC OBJECTIVE 3.2

Consumers have access to accurate and easily understood information about their rights and the disclosures due them under consumer protection and fair lending laws.

Annual Performance Goal 3.2-1     

Effectively investigate and respond to written consumer complaints and inquiries about FDIC-supervised financial institutions.

Indicators and Targets

1. Timely responses to written consumer complaints and inquiries
• Respond to 95 percent of written consumer complaints and inquiries within timeframes established by policy, with all complaints and inquiries receiving at least an initial acknowledgement within two weeks.
2. Public availability of information on consumer complaints
• Publish, through the Consumer Response Center (CRC), an annual report regarding the nature of the FDIC’s interactions with consumers and depositors.
• Publish, on the FDIC’s website, and regularly update metrics on requests from the public for FDIC assistance.

Means and Strategies

Operational Processes (initiatives and strategies): The FDIC has a comprehensive program to disseminate information to IDIs and the public on consumer rights under consumer protection and fair lending laws and regulations. It also operates a centralized CRC that coordinates the investigation of, and response to, consumer complaints and inquiries. For correspondence related to FDIC-supervised institutions, FDIC staff contact the institution and reviews its actions for compliance with applicable federal consumer protection regulations before providing a response. Correspondence regarding institutions under the jurisdiction of other primary federal regulators is referred to those agencies. Target response times vary by the type of inquiry or complaint.

Human Resources (staffing and training): The CRC is located in Kansas City and is staffed by FDIC employees. CRC staff and management work in partnership with supervisory staff in each region on consumer complaints and inquiries involving new or unusual issues or sensitive matters.

Information Technology: The FDIC relies on EPIC to maintain records and process public correspondence submitted through an online portal.

Verification and Validation

The FDIC closely monitors the timeliness of its acknowledgment letters and responses through EPIC. Performance results are monitored through established management reporting processes.

In addition, surveys are sent to all consumers who have filed written consumer protection and fair lending complaints about an FDIC-supervised institution to assess their satisfaction with the FDIC’s investigations and responses. Established survey research methods are used to ensure the validity and reliability of the survey instrument and results.

2019 Performance Results

The FDIC successfully met the performance target for this annual performance goal in 2019. This annual performance goal and its associated performance indicator and targets are unchanged for 2020.

STRATEGIC OBJECTIVE 3.3

The public has access to safe and affordable products and services from IDIs and the opportunity to benefit from a banking relationship.

Annual Performance Goal 3.3-1

Promote economic inclusion and access to responsible financial services through supervisory, research, policy, and consumer/community affairs initiatives.

Indicator and Targets

1. Completion of planned initiatives
• Issue rules and guidance to ensure that FDIC-supervised institutions meet the credit needs of their communities.
• Publish the results of the 2019 Survey of Unbanked and Underbanked Households.
• Launch “How Money Smart Are You?” an online, interactive learning game.
• Strengthen connections between small businesses and FDIC-insured institutions.
• Increase engagement and collaboration to preserve and promote Minority Depository Institutions (MDIs).

Means and Strategies

Operational Processes (initiatives and strategies): Approximately 25 percent of U.S. households were underserved by the banking industry in 2017, based on survey results published by the FDIC in October 2018. This includes both “unbanked” households (i.e., those with no checking or savings accounts) and “underbanked” households (i.e., those with checking or savings accounts who have used nonbank alternative financial services and providers, such as money orders, check cashing services, payday loans, rent-to-own agreements, pawn shops, or refund anticipation loans, in the past 12 months). 

During 2019, the FDIC worked with its regulatory partners to issue a proposal to modernize regulations under the CRA, which have not been substantively updated for nearly 25 years. The proposal seeks to encourage greater lending and investment in low- and moderate-income communities where there is significant need for credit. In addition, the proposal would recognize the evolution of the banking system, including the emergence of digital banks, by adding a test to determine whether banks need to establish additional CRA assessment areas. During 2020, the FDIC will review comments on the proposal and work with the OCC to issue a final rule.

The FDIC will also work with the other banking agencies to issue guidance regarding small-dollar lending. An FRB study found that nearly four in 10 households cannot cover a $400 emergency expense with cash. While some banks offer small-dollar lending to help consumers meet needs such as this, many banks have chosen not to offer such products, due in part to regulatory uncertainty. The FDIC will assess its current guidance to ensure that it does not impose an unnecessary impediment to banks that may be considering extending responsible small-dollar credit.

In 2020, the FDIC will undertake several initiatives to promote economic inclusion.

• The FDIC will launch “How Money Smart Are You?”, a set of interactive online learning tools that use a gameshow format to help consumers build financial skills and knowledge at their own pace, with an option to receive certificates of completion. This product is based on the recently updated Money Smart for Adults instructor-led curriculum, which features tested tools to help people build financial skills and confidence through knowledge and practice. In addition, the FDIC expects to highlight opportunities for greater usage of Money Smart with specific audiences, such as people located in disproportionally unbanked geographic areas, persons with disabilities, or youth workforce programs. The FDIC highlights examples of how Money Smart is effectively used through Money Smart News, a newsletter for financial educators that has more than 70,000 subscribers.
• The FDIC will encourage IDIs and their partners to prudently serve the financial needs of emerging entrepreneurs and small businesses through training and technical assistance. For example, the FDIC will expand awareness of the Money Smart for Small Business curriculum, including two modules, recently updated in collaboration with the U.S. Small Business Administration (SBA), by promoting promising strategies to use the curriculum to support lending activities. The FDIC will also engage community banks and their partners to identify and promote local opportunities to support small businesses. These efforts include raising awareness of responsive, effective, and prudent lending programs offered by the SBA and others.
• The FDIC will publish the results of the 2019 FDIC National Survey of Unbanked and Underbanked Households, conducted jointly with the U.S. Census Bureau and complete planning for the 2021 administration of this survey.
• ComE-IN will continue to support research, demonstration projects and pilots, and promote sound supervisory and public policies to improve the “appropriate engagement” of underserved households with mainstream financial institutions. Appropriate engagement means that households are using financial products and services that are affordable, easy to understand, and not subject to unfair or unforeseen fees. ComE-IN’s work will support the expanded availability of SAFE accounts and the responsible use of technology, including mobile banking, to expand banking services to the underbanked population. ComE-IN may recommend to the FDIC specific improvements, many of which may represent national objectives that require the participation and cooperation of multiple stakeholders, including other federal agencies; federal, state, and local policy makers; the financial services industry; nonprofit and philanthropic groups; and consumer groups.
• During 2020, FDIC working groups will continue to facilitate partnerships and conduct outreach to expand access to mainstream banking services for underserved consumers. The FDIC may present these proposals to ComE-IN for advice and recommendations.
• The FDIC will increase engagement and collaboration to preserve and promote MDIs in 2020. The FDIC will convene meetings of the new MDI Subcommittee of the CBAC to gain insight into industry needs, seek input on program operations, and share best practices. In addition, the agency will host roundtables and other opportunities to match MDIs with potential collaboration partners, including other MDIs; conduct a media campaign to promote the visibility and benefits of MDIs; and engage troubled MDIs through the execution of supervisory strategies, enhanced outreach, and technical assistance.

Human Resources (staffing and training): This annual performance goal will be carried out largely by existing staff in the FDIC’s Consumer Policy and Consumer and Community Affairs Sections, as well as researchers in the Division of Insurance and Research. ComE-IN activities are supported by staff in several FDIC divisions. Employees in those divisions provide staff support for ComE-IN, as needed, including support for its research, demonstration projects, and pilots. MDI-related activities will be carried out by the FDIC’s National Director for MDI and Community Development Banking and supporting staff.

Information Technology: Existing technology will be used to accomplish this goal.  The FDIC broadcasts ComE-IN’s public meetings on its website.

Verification and Validation

Progress in completing the initiatives planned for this annual performance goal will be monitored through established management reporting processes.

2019 Performance Results

The FDIC successfully met the performance targets for this annual performance goal in 2019. This annual performance goal is unchanged from 2019, but the performance indicators and targets have been updated for 2020.

STRATEGIC GOAL 4:
Large, complex financial institutions are resolvable in an orderly manner under bankruptcy.

STRATEGIC OBJECTIVE 4.1    

Large, complex financial institutions are resolvable under the Bankruptcy Code.

Annual Performance Goal 4.1-1     

Identify and address risks in large, complex financial institutions, including those designated as systemically important.

Indicators and Targets

1. Rulemaking for resolution planning requirements
• Issue an NPR and, following a review of comments, a final rule to tailor and make adjustments to the FDIC’s resolution planning requirements for IDIs.
2. Compliance with the statutory and regulatory requirements under Title I of the Dodd-Frank Act and Section 360.10 of the FDIC Rules and Regulations
• In collaboration with the FRB, review all resolution plans subject to the requirements of Section 165(d) of the Dodd-Frank Act to ensure their conformance to statutory and other regulatory requirements. Identify and provide feedback to firms on potential impediments in those plans to resolution under the Bankruptcy Code.
• Review resolution plans subject to the requirements of Section 360.10 of the IDI Rule to ensure their conformance to other regulatory requirements.
3. Risk monitoring of large, complex financial institutions, BHCs, and designated nonbanking firms
• Conduct ongoing risk analysis and monitoring of large, complex financial institutions to understand and assess their structure, business activities, risk profiles, and resolution and recovery plans.

Means and Strategies

Operational Processes (initiatives and strategies): Under Section 165(d) of the Dodd-Frank Act, covered companies (defined as certain nonbank financial companies, BHCs, and foreign banks that have total consolidated assets of $250 billion or more) are required to submit resolution plans that provide for their rapid and orderly resolution under the Bankruptcy Code in the event of material financial distress or failure. The staffs of the FDIC and FRB have shared responsibility for the review of the plans submitted by covered companies to assess informational completeness and the resolvability of individual banks and BHCs.

In addition, under Section 360.10 of the FDIC Rules and Regulations, the IDI Plan Rule requires each covered IDI (defined as IDIs with $50 billion or more in total assets) to provide a resolution plan that allows the FDIC as receiver to resolve the institution in an orderly manner, enable prompt access to insured deposits, maximize the return from the failed institution’s assets, and minimize losses realized by creditors and the DIF. The FDIC has the sole authority to review those plans.

Ongoing risk analysis and monitoring is conducted by resident FDIC teams at large, complex financial institutions and off-site analytical teams composed of quantitative experts and complex financial institution specialists with resolution and supervision backgrounds. The off-site teams analyze industry and market conditions and trends to support individual institution monitoring and the consideration of broader policy issues. They attempt to identify early warning signals and triggers and the range of possible response actions by monitoring the financial condition and performance, assessing institutional risk management capabilities, and reviewing recovery plans. FDIC staff also participate in collaborative risk management examinations and targeted reviews of SIFIs with other regulatory agencies.

To implement EGRRCPA, the FDIC and FRB issued a final rule in 2019 amending the asset threshold for the applicability of resolution plan requirements under Section 165(d) of the Dodd-Frank Act. In addition, as noted above, the FDIC issued an advance notice of proposed rulemaking (ANPR) in April 2019 soliciting public comments on possible amendments to the IDI Plan Rule to tailor IDI resolution plan requirements. In 2020, the FDIC intends to publish an NPR soliciting public comments on possible amendments to the IDI Plan Rule to tailor IDI resolution plan requirements. Following a review of comments received, the FDIC intends to publish a final rule.

Human Resources (staffing and training): The FDIC’s review of resolution plans submitted under Section 165(d) of the Dodd-Frank Act is carried out by a multidisciplinary team of personnel from various divisions with expertise across all major operational and business line functions of the covered companies, both domestically and internationally. The FDIC’s review of resolution plans submitted under the IDI Plan Rule is carried out by multidisciplinary teams primarily consisting of commissioned examiners and resolution specialists. These teams are complemented by subject matter experts, as necessary. Training needs for each of these groups are reviewed regularly to ensure that these teams have the knowledge and expertise necessary to appropriately perform their assigned responsibilities.

Ongoing risk monitoring is conducted by on-site resident teams and off-site analysts who have expertise with large, complex financial institution operations.

Information Technology: The FDIC uses existing technology to track the submission and review of the resolution plans required under Section 165(d) of the Dodd-Frank Act and Section 360.10 of the FDIC Rules and Regulations. In addition, the FDIC uses the Systemic Monitoring System for ongoing risk monitoring of systemically important BHCs and nonbank financial companies.

Verification and Validation

Progress in achieving this annual performance goal will be monitored through established management reporting processes.

2019 Performance Results

The FDIC successfully met the performance targets for this annual performance goal in 2019. This annual performance goal and associated performance indicators are unchanged from 2019, but the performance targets have been updated for 2020.