2005 Annual Report
I. Management's Discussion and Analysis - The Year in Review
Supervision and Consumer Protection
Supervision and consumer protection are cornerstones of the FDIC's efforts
to ensure the stability of and public confidence in the nation's financial
system. The FDIC's supervision program promotes the safety and soundness
of FDIC-supervised insured depository institutions, protects consumers' rights,
and promotes community investment initiatives by FDIC-supervised insured depository
At year-end 2005, the Corporation
was the primary federal regulator for 5,265 FDIC-insured, state-chartered
institutions that are not members of the Federal
Reserve System (generally referred to as "state non-member" institutions).
Through safety and soundness, consumer compliance and Community Reinvestment
Act (CRA) examinations of these FDIC-supervised institutions, the FDIC assesses
their operating condition, management practices and policies, and their compliance
with applicable laws and regulations. The FDIC also educates bankers and consumers
on matters of interest and addresses consumers' questions and concerns.
DRR Director Mitchell Glassman, second from left, chairs a meeting of the Hurricane Task Force at Washington Headquarters.
Members of the Dallas Region Hurricane Katrina Task Force (l-r): Randy Taylor, Nann Wright, Stan Ivie, Cheryl Couch and Cynthia Scott.
Hurricane Recovery Assistance
The federal banking regulatory agencies (agencies) worked cooperatively with
state banking regulatory agencies and other organizations to determine the
operating status of financial institutions located in the areas affected by
Hurricanes Katrina and Rita. The agencies quickly released regulatory relief
guidance to help rebuild areas affected by these hurricanes and encouraged
bankers to work with consumers and business owners experiencing difficulties
due to the storms. Exercising their authority under Section 2 of the Depository
Institutions Disaster Relief Act of 1992 (DIDRA), the agencies made exceptions
to statutory and regulatory requirements relating to appraisals for transactions
involving real property in major disaster areas when the exceptions would facilitate
recovery from the disaster and would be consistent with principles of safety
In the wake of the 2005 hurricane season, the agencies confirmed that the
banking industry is resilient in the face of tremendous devastation. There
were 280 financial institutions, with approximately $270 billion in total assets,
operating in the area impacted by Hurricane Katrina. Only a handful of smaller
institutions remain as supervisory concerns. The majority of institutions operating
in the path of Hurricane Katrina were well-run, had strong management teams,
implemented sound back-up contingency plans, and were well capitalized.
The Federal Financial Institutions
Examination Council (FFIEC) announced the formation of an interagency working
group to enhance the agencies' coordination
and communication on, and supervisory responses to, issues facing the industry
in the aftermath of Hurricane Katrina. This working group established a user-friendly,
web-based, frequently asked questions forum on the FFIEC's Web site at
www.ffiec.gov. The task force will also publish examiner guidance to clarify
expectations with respect to the assessment of credit risk and other supervisory
In addition to interagency
efforts, the FDIC established a 24-hour hotline and a Web page devoted to
hurricane victims to obtain information
about their financial institution's operating status, as well as tips
on other financial matters, such as replacing identification documents, checks
and credit cards.
Safety and Soundness Examinations
of December 31, 2005, the Corporation had conducted 2,399, or 100 percent of
the statutorily required safety and soundness examinations. The number and
total assets of FDIC-supervised institutions identified as "problem" institutions
(defined as having a composite CAMELS1 rating of "4" or "5")
declined during 2005. As of December 31, 2005, 29 institutions with total assets
of $2.9 billion were identified as problem institutions, compared to 44 institutions
with total assets of $5.4 billion on December 31, 2004. These changes represent
a decrease of 34.1 percent and 46.3 percent, respectively, in the number and
assets of problem institutions. During 2005, 36 institutions were removed from
problem institution status due to composite rating upgrades, mergers, consolidations
or sales and 19 institutions were newly identified as problem institutions.
Additionally, two problem institutions converted to State non-member charters
and are now under FDIC supervision. The FDIC is required to conduct follow-up
examinations of all designated problem institutions within 12 months of the
last examination. As of December 31, 2005, 100 percent of all follow-up examinations
for problem institutions had been performed on schedule.
Compliance and Community Reinvestment Act (CRA) Examinations
FDIC conducted 815 comprehensive compliance-CRA examinations, 1,198 compliance-only
examinations2, and seven CRA-only examinations in 2005, compared to 1,459
joint compliance-CRA examinations, 673 compliance-only examinations, and four
examinations in 2004. The FDIC conducted 100 percent of all joint and comprehensive
examinations within established time frames. As of December 31, 2005, three
institutions were assigned a "4" rating for compliance, and no
institutions were rated "5." The first "4" -rated
institution is currently under an outstanding Cease and Desist Order and
an on-site examination
was underway at year-end. Management of the second institution executed a
Memorandum of Understanding on October 5, 2005. The third institution was
2005 and the Regional Office is currently finalizing a Cease and Desist Order
to address the FDIC examination findings.
|FDIC Examinations 2002-2004
|Safety and Soundness:
| State Nonmember Banks
| Savings Banks
| Savings Associations
| National Banks
| State Member Banks
|Subtotal - Safety and Soundness Examinations
| Compliance - Community Reinvestment Act
| Compliance - only
| CRA - only
|Subtotal CRA/Compliance Examinations
| Trust Departments
| Data Processing Facilities
Relationship Manager Program
On October 1, 2005, the Corporation implemented the Relationship Manager Program
for all FDIC-supervised institutions. The program, which was piloted in 390
institutions during 2004, is designed to strengthen communication between bankers
and the FDIC, as well as improve the coordination, continuity and effectiveness
of regulatory supervision. Each FDIC-supervised institution was assigned a
relationship manager, who serves as a local point of contact over an extended
period and will often participate in or lead examinations for his or her assigned
institution. The program will allow for flexibility in conducting examination
activities at various times during the 12- or 18-month examination cycle based
on risk or staffing considerations.
FDIC has updated its risk-focused information technology (IT) examination
procedures for FDIC-supervised financial
institutions under its new Information
Technology Risk Management Program (IT-RMP). IT-RMP procedures were issued
to examiners on August 15, 2005. The new procedures focus on the financial
institution's information security program and risk-management practices
for securing information assets. The program integrates with the Relationship
Manager Program by embedding the IT examination within the Risk Management
Report of Examination for all FDIC-supervised financial institutions, regardless
of size, technical complexity or prior examination rating. IT-RMP eliminates
reporting of IT component ratings and reports only a single technology rating.
The financial sector is a critical part of the infrastructure in the United
States, and the FDIC has taken a leadership role in assisting the financial
sector to prepare for emergencies. As a member of the Financial and Banking
Information Infrastructure Committee (FBIIC), the FDIC sponsored a series
of outreach meetings titled "Protecting the Financial Sector: A
Public and Private Partnership." From 2003 to early 2005, the homeland security
meetings were held in 29 cities across the United States with the last meeting
held in New York City, NY. These meetings provided members of the financial
sector with the opportunity to communicate with senior government officials,
law enforcement, emergency management personnel and private sector leaders
about emergency preparedness. A second round of homeland security meetings
started in late 2005 with four meetings held during this timeframe. Homeland
Security meetings are planned for 21 cities in 2006.
The FDIC served as the FBIIC's liaison with the Department of Homeland
Security (DHS) during 2005 and assisted DHS with items relating to the financial
At the BSA/AML teleconference in the FDIC RAC (l-r): William Spaniel, FFIEC; Bridget Neil, Federal Reserve; Lisa Arquette, FDIC-DSC; John Wagner, OCC; and Timothy Leary, OTS
Bank Secrecy Act
The FDIC is committed to assisting in efforts designed to thwart the inappropriate
use of the banking system through activities conducted by terrorists and other
criminals. In 2005, the Division of Supervision and Consumer Protection established
a new Anti-Money Laundering (AML) and Financial Crimes Branch to focus important
resources and attention on our increasing responsibilities in these areas.
The new branch brings together specialists to address issues related to Bank
Secrecy Act (BSA) compliance, money laundering, financial crimes, terrorist
financing, and cyber-fraud.
The FDIC continued in 2005 to play a critical role in the fight against money
laundering and terrorist financing. Our efforts included:
- Contributing to the development and implementation of rules and interpretive
guidance related to BSA and the USA PATRIOT Act.
- Adopting through the
FFIEC, comprehensive interagency examination procedures. The new procedures
emphasize a banking
to establish and implement risk-based policies and procedures to comply with
the BSA and safeguard its operations from money laundering and terrorist financing.
- Dedicating more staff to BSA/AML oversight. The number of trained BSA/AML
subject matter experts has more than doubled since 2004 to 347 as of year-end.
These specialists perform BSA/AML examinations at institutions that have a
higher-risk profile due to geographic location, customer base, BSA/AML compliance
record, or types of products or services offered.
- Providing various forms of examiner and industry training including one outreach
session per region, over 70 events hosted by Washington and Regional offices
and representation in 212 BSA/AML events sponsored by states and other entities.
In total, the banker calls and outreach events reached more than 23,000 bankers
FDIC has long recognized the importance of minority depository institutions
and their importance in promoting
the economic viability of minority and under-served
communities. As a reflection of the FDIC's commitment to minority depository
institutions, on April 9, 2002, the FDIC issued a Policy Statement Regarding
Minority Depository Institutions. The policy, which can be found at www.fdic.gov/regulations/resources/index.html,
implements an outreach program designed to preserve and encourage minority
ownership of financial institutions.
Since the adoption of the
policy by the FDIC Board of Directors, the program's
National Coordinator has maintained contact with various minority depository
institution trade associations, and has met periodically with the other Federal
banking regulators to discuss the initiatives underway at the FDIC, and to
identify opportunities where the agencies might work together to assist minority
institutions. All of the FDIC's six DSC Regions have held annual Minority
Depository Institution Outreach Programs, made annual contact with each FDIC-supervised
minority depository institution, and offered to make return visits to these
institutions following the examination process.
During 2004, the FDIC created
the Minority Bankers' Roundtable series,
a forum designed primarily to explore partnerships between the minority depository
institutions community and the FDIC. During 2005, there were six sessions held
in: Nashville, Tennessee; New York, New York; Houston, Texas; Santa Monica,
California; Atlanta, Georgia, and San Juan, Puerto Rico. The Minority Banker
Roundtable and annual Regional outreach events will continue in 2006.
In 2005, the FDIC also
provided technical assistance, training and educational programs and held
forums to address the unique challenges faced
by minority depository institutions. Training and educational programs for
minority depository institutions included the FDIC's Director's
College Program and the FDIC's Money Smart Program. The FDIC
co-hosted Regional Forums with the America's Community Bankers Association and
the National Bankers Association in 2005. FDIC also participated in and/or
co-sponsored conferences with America's Community Bankers, National Bankers
Association, National Association of Chinese American Bankers, Western Independent
Bankers, and Puerto Rico Bankers Association.
FDIC also supported the preservation of minority depository institutions in
its response to Hurricane Katrina. The FDIC Task Force on Minority Community
Banking and Non-Branch Banking met with representatives from the Utah industrial
loan company industry to facilitate their assistance to minority depository
institutions in the Gulf Coast region affected by Hurricane Katrina. The result
has been that as of year-end 2005, the Utah industrial loans companies have
pledged more than $18 million in deposits and over $120,000 in direct grants
to this effort. Efforts similar to these made by this FDIC task force will
continue in 2006.
FDIC will continue its minority depository institution programs in 2006.
recognition of the increasing concentration of risk exposure in large insured
institutions, as well as
new challenges posed by the implementation of the
Basel II Capital Accord, the FDIC enhanced its large-bank supervision and risk
assessment efforts in 2005 by creating two branches—the Large Bank Supervision
Branch and the International and Large Bank Policy Branch.
The Large Bank Supervision
Branch is responsible for supporting supervisory activities in large banks
minimum standards and supervisory
strategies necessary to ensure a consistent approach to large-bank supervision
on a national basis. In 2005, Branch staff was actively involved in domestic
and international discussions intended to ensure effective implementation of
the Basel II Capital Accord, which included participation in numerous "supervisory
working group" meetings with foreign regulatory authorities to address
Basel II home-host issues.
The International and Large Bank Policy Branch is responsible for supporting
supervisory activities in the areas of risk model assessment, economic capital
processes, examination work related to market risk under Part 325 Appendix
C of the FDIC rules and regulations and other processes that are dependent
on quantitative methods. The purpose of Part 325 Appendix C is to ensure that
banks with significant exposure to market risk maintain adequate capital to
support that exposure. In addition, the International and Large Bank Policy
Branch is responsible for policy development regarding large-bank supervision
and international matters.
The FDIC, as a member of the Consultative Group (CG) with respect to the Middle
East-North Africa (MENA) Partnership for Financial Excellence (PFE) initiative,
continues to work with the other federal banking agencies, the State Department
and the Department of Treasury, to develop technical assistance programs to
meet needs in the MENA region. In 2005, the FDIC delivered two courses under
the MENA training initiative in 2005: Principles of Bank Resolutions and Receiverships
hosted by the Arab Academy for Training and Financial Sciences in Amman, Jordan;
and Examination Management hosted by the Central Bank of Tunisia in Tunis.
Preparations are underway to establish training venues and course curriculum
for these initiative in 2006. The objective of this initiative is to help foster
economic growth in the region through the implementation of sound supervisory
The FDIC chairs the Association
of Supervisors of Banks of the Americas, (ASBA) Working Group on Deposit
Insurance and Bank Resolutions. The Working Group,
an outgrowth of actions plans for ASBA's 2004-2008 strategic plan, is
charged with promoting best practices and identifying opportunities for improvement
in deposit insurance and bank resolutions. Similarly, in 2005, the FDIC also
actively participated in ASBA's Working Group on Credit and Operational
Risk, which was formed to identify best practices and opportunities for improvement
in credit risk and operational risk management policies and procedures among
The FDIC fulfilled 20 technical assistance missions in 2005. The missions
provided technical support in supervision, deposit insurance, resolutions/receiverships,
and legal underpinnings of supervision and insurance. Beneficiaries of these
missions included Macedonia, Russia, Tanzania, Thailand, Ukraine, several Latin
American countries, and several countries involved in the Partnership for Financial
Excellence Program in the Middle East and North Africa. The FDIC also held
60 meetings with representatives from foreign countries, typically representing
a country's central bank, bank supervisory authority or deposit insurance agency.
Frequent visitors included: Albania (2), Canada (2), China (11), France (2),
Japan (6), Korea (8), Malaysia (2), Russia (2), and Taiwan (2).
Chairman Powell praises Michael Jackson, Sandra Thompson and Donna Gambrel for their work on a recent conference on preventing identity theft.
Chicago Region team makes sure bankers get the answers they need (l-r): Art Khan, Sharon Vejvoda, Dan Peters, Angelina Pollard, Ronald Regal, Teresa Sabanty, and Ray Jackson
Identity Theft and Consumer Privacy
In 2005, the FDIC continued to take a leading role in helping banks combat
identity theft. The FDIC solicited public comment on its study Putting
an End to Account Hijacking Identity Theft published in December 2004 and in June
2005, published a study supplement. The study and the supplement took an in-depth
look at identity theft, focusing on account hijacking (the unauthorized use
of deposit accounts).
One of the study's
conclusions was that increased consumer education and information-sharing
the incidence of identity theft. As a
result of these recommendations, the FDIC sponsored four symposia in 2005 in
Washington, DC., Atlanta, Los Angeles and Chicago that brought together experts
representing federal and state government, the banking industry, consumer groups,
and law enforcement who discussed current efforts to combat scams such as phishing,
which can lead to account hijacking. The symposium speakers also addressed
efforts to educate consumers on avoiding other scams that can lead to identity
theft and on the steps to take in the unfortunate event that identity theft
should happen to them.
The FDIC is one of several federal agencies charged with implementing the
provisions of the Fair and Accurate Credit Transactions Act of 2003 (FACT Act),
which substantially amended the Fair Credit Reporting Act, particularly in
the areas of consumer access to and quality of credit information, privacy,
and identity theft. The FACT Act:
Consistent with the privacy requirements of the FACT Act, the FDIC worked with
other federal agencies to finalize rules in 2005 that permit creditors to obtain,
use and share medical information only to the degree necessary to facilitate
legitimate operational needs. The FDIC is training its examiners on the concepts
underlying the entire FACT Act, and is developing examination procedures to
evaluate industry compliance.
- preserves uniform national standards for the content of consumer report
information and creditor access to such information,
- improves consumer access to credit information,
- improves the quality of reported credit information,
- protects privacy,
- combats identity theft, and
- promotes financial literacy.
Consistent with the identity theft provision of the FACT Act, the FDIC worked
with other federal agencies in 2004 to propose rules that would require banks
to implement a written identity theft protection program which includes procedures
to evaluate red flags that might indicate identity theft. The FDIC, with the
other agencies, also finalized rules requiring institutions to properly dispose
of consumer information derived from credit reports in order to prevent identity
theft and other fraud. The rules on disposal of consumer information became
effective on July 1, 2005.
Consumer Complaints and Inquiries
The FDIC's centralized Consumer Response Center (CRC) is responsible
for investigating all types of consumer complaints about FDIC-supervised institutions
and for answering inquiries about consumer protection laws and banking practices.
During 2005, the FDIC received 8,851 complaints, of which 3,307 were against
state non-member institutions. Approximately 36 percent of the state non-member
bank consumer complaints concerned credit card accounts, with the most frequent
complaints involving billing disputes and account errors, loan denials, terms
and conditions, collection practices, reporting of erroneous information, credit
card fees and service charges, interest rates, and disclosures. The FDIC responded
to over 97 percent of written complaints on a timely basis.
The FDIC also responded
to 4,042 written and 9,395 telephone inquiries from consumers and members
of the banking
community about consumer protection issues.
In addition, the FDIC responded to over 64,000 written and telephone inquiries
from bankers and consumers about the FDIC's deposit insurance program
and insurance coverage issues.
Deposit Insurance Education
important part of the FDIC's role in insuring deposits and protecting
the rights of depositors is its responsibility to ensure that bankers and consumers
have access to accurate information about FDIC's deposit insurance rules.
To that end, the FDIC has an expansive deposit insurance education program
consisting of seminars for bankers, electronic tools for estimating deposit
insurance coverage, and written and electronic information targeting both bankers
During 2005, the FDIC completed
development of a major update of its popular Electronic Deposit Insurance
Estimator (EDIE) for consumers, an Internet application
located on FDIC's Web site that estimates insurance coverage for users' deposit
accounts at insured institutions. The new Consumer EDIE offers two different
approaches for calculating coverage, one for novice users and one for frequent
users. The new Consumer EDIE application is available for public use starting
During 2005, the FDIC conducted
a nationwide series of telephone/Internet seminars for bankers and a nationwide
survey of insured institutions to gather
information about current awareness of, and opinions about, the FDIC's
existing educational resources on the deposit insurance rules. The FDIC also
initiated an effort to encourage more bank trade organizations to sponsor FDIC
deposit insurance seminars for their members.
In 2005, the FDIC released
several new "job aids" for bankers,
- A new 100-minute
video for bankers that provides an in-depth review of FDIC deposit insurance
on CD-ROM and for viewing on the FDIC's
- An Inventory of Deposit Insurance Guidance (IDIG), which is an electronic
support system on CD-ROM that includes a searchable database of deposit insurance
information and has links to all FDIC deposit insurance publications, application
tools and services.
- A major update of The
Financial Institution Employee's Guide to Deposit
Insurance, the FDIC's most authoritative resource on deposit insurance
coverage for bankers.
The FDIC also released its two most popular brochures for bank customers — Insuring Your Deposits (a basic primer on deposit insurance coverage) and Your
Insured Deposits (a comprehensive guide to deposit insurance coverage) in Chinese
The FDIC conducted 27 seminars
for financial institution employees and consumer organizations on the rules
deposit insurance coverage. These seminars,
which were conducted in a variety of formats, including Internet, teleconference
and classroom, provided a comprehensive review of how FDIC insurance works,
including the FDIC's rules for coverage of different types of deposit
Financial Education and Community Development
FDIC's financial education activities continue to serve as a vital
part of the Corporation's efforts to help maintain the stability of the
nation's financial system, support community development and strengthen
the economy. Since launching its award-winning Money Smart financial education
program in 2001, the FDIC has helped thousands of consumers get started on
the road to greater financial independence and gain access to mainstream products
and services. The FDIC continues to distribute and promote the Money Smart curriculum,
which is available in five languages – English, Spanish,
Chinese, Korean and Vietnamese.
The FDIC exceeded two of the three
program goals for Money Smart. With over 252,000 copies of the curriculum
having been distributed, the FDIC has exceeded
by more than two times the original distribution goal of 100,000 copies. This
year, the FDIC also exceeded its goal to recruit 1,000 partners for Money
Smart Alliance. Over 1,200 organizations throughout the country have joined
with the FDIC to help deliver and promote financial education. The FDIC has
made significant strides toward achieving the third goal – to provide one million
consumers with financial education – more than 589,000 consumers have
now been reached. Of the consumers that have taken Money Smart classes, the
FDIC is aware of over 82,100 who have subsequently opened bank accounts. Some
class participants have become first-time home-buyers and others have engaged
in other asset-building activities.
To raise awareness of the
Smart program among Hispanic
adults and encourage them to ask about Money Smart classes and products, a
summer-long Spanish language advertising campaign included print and radio
ads ran in 14 key markets. A total of 1,080 people attended Money Smart classes
as a result of the advertising campaign. The FDIC introduced a Spanish-language
Web page at www.fdic.gov/quicklinks/spanish.html that
contains many consumer-related materials, including Money Smart. In recognition
of the FDIC's leadership
in financial education and outreach to the Hispanic community, President Bush
asked the FDIC to be a part of his national public-private sector partnership
to ensure financial education is available consistently and comprehensively
to Hispanic communities. The partnership, which includes representatives from
the FDIC, U.S. Treasury Department, Small Business Administration, Latino Coalition,
U.S. Hispanic Chamber of Commerce and others, is charged with directing federal,
non-profit and private resources to areas in need of financial education and
coordinating private sector resources to reach Hispanics nationwide.
In 2005, the FDIC provided
assistance to the Inter-American Development Bank (IADB) Multilateral Investment
working with Latin American consulates,
foreign banks, and U.S. financial institutions and bank trade groups to develop
products with special remittance features and offering financial education.
The FDIC also organized a Remittance Trade Fair and two panel discussions for
the Financial Inclusion & Remittances Sessions at the International Forum
on Remittance 2005 held in Washington, DC: Banking the Unbanked: Products
and Marketing Strategies in the United States and The Importance of Financial
Balancing Competition and Regulation in the Remittance Market. The trade fair
provided 30 remittance firms and numerous investors with the opportunity to
network and view new innovative electronic transfer products, which can enable
community banks, credit unions, credit cooperatives and micro-finance institutions
to become more competitive in pricing and product features.
In 2005, the FDIC expanded
its efforts with the New Alliance Task Force (NATF), originally launched
in Chicago, to two additional markets – Los
Angeles, California and Austin, Texas – with 60 financial institutions
participating in those markets. NATF is a broad-based coalition comprised of
banks, community-based organizations, bank regulatory agencies, government
agencies, representatives from the secondary market and private mortgage insurance
companies and the Mexican Consulate. The foundation has also been laid for
the launch of NATF in four other markets – Boston, New York City, Raleigh-Durham
and Kansas City.
Virtual Supervisory Information On The Net (ViSION)
February 2005, the FDIC released the fourth and final phase of ViSION, a
comprehensive processing and tracking
system supporting the Corporation's
supervision function. This phase represents the culmination of a five-year
and approximately $32 million capital-investment project and brings together
– in a single, customized product – detailed information on examination, application,
enforcement and numerous other bank activities. The system, which includes
such features as automated event notification, deadline tracking, and job-specific
role-based security, is used by more than 3,200 federal and state regulators.
Annual Independent Audits and Reporting Requirements
Corporation amended Part 363 of its regulations by raising the asset-size
threshold from $500 million
to $1 billion for requirements relating to internal
control assessments and reports by management and external auditors. The amendment
also relieved covered institutions with total assets of less than $1 billion
of the requirement that all outside directors on the audit committee be independent
of management; under the amended rule, a majority of independent directors
on the audit committee is sufficient. The amendment does not relieve public
covered institutions from their obligation to comply with applicable provisions
of the Sarbanes-Oxley Act and the Securities and Exchange Commission's
implementing rules. The amendments took effect in December 2005.
1The CAMELS composite rating represents the adequacy of Capital, the quality of Assets, the capability of Management, the quality and level of Earnings, the adequacy of Liquidity, and the Sensitivity to market risk, and ranges from "1" (strongest) to "5" (weakest).
2Compliance-only examinations are conducted for most institutions at or near the mid-point between joint compliance-CRA examinations under the Community Reinvestment Act of 1977, as amended by the Gramm-Leach-Bliley Act of 1999. CRA examinations of financial institutions with aggregate assets of $250 million or less are subject to a CRA examination no more than once every five years if they receive a CRA rating of "Outstanding" and no more than once every four years if they receive a CRA rating of Satisfactory.