Financial Institution Letters
July 29, 2016
FDIC Seeking Comment on Proposed Guidance for Third-Party Lending
Comment period extended to October 27, 2016 - see Press Release: FDIC Extends Comment Period on Third-Party Lending Guidance
The FDIC is seeking comment on proposed Guidance for Third-Party Lending to set forth safety and soundness and consumer compliance measures FDIC-supervised institutions should follow when lending through a business relationship with a third party. The proposed guidance is intended to supplement the FDIC's existing Guidance for Managing Third-Party Risk, which is applicable to any of an institution's third-party arrangements, including lending through a third party.
Statement of Applicability to Institutions with Total Assets Under $1 Billion: This Financial Institution Letter applies to all FDIC-supervised institutions that engage in third-party lending.
- The proposed guidance defines third-party lending as an arrangement that relies on a third party to perform a significant aspect of the lending process. Categories include (but are not limited to): institutions originating loans for third parties; institutions originating loans through third parties or jointly with third parties; and institutions originating loans using platforms developed by third parties.
- An institution's board of directors and senior management are ultimately responsible for managing third-party lending arrangements as if the activity were handled within the institution. However, managing and controlling risks can be challenging when origination volumes are significant or there are numerous third-party relationships.
- The proposed guidance emphasizes that institutions should establish a third-party lending risk management program and compliance management system (CMS) that is commensurate with the significance, complexity, risk profile, transaction volume, and number of third-party lending relationships. Consistent with existing guidance, the risk management program and CMS should address risk assessment, due diligence and oversight, and contract structuring when selecting and managing individual third-party lending relationships.
- For institutions that engage in significant lending activities through third parties the proposal includes increased supervisory attention, including a 12-month examination cycle, concurrent risk management and consumer protection examinations, offsite monitoring, and possible review of third parties.
- Comments are sought on the entire proposed guidance with particular emphasis on those areas outlined in the introductory letter. Comments will be accepted until September 12, 2016. Comments should be sent to firstname.lastname@example.org and will be posted on the FDIC's website at https://www.fdic.gov/regulations/laws/publiccomments/.
Continuation of FIL-50-2016
- FDIC-Supervised Institutions
- Chief Executive Officer
- Chief Credit Officer
- Chief Risk Officer
- Rae-Ann Miller, Associate Director, 202-898-3898
FDIC Financial Institution Letters (FILs) may be accessed from the FDIC's Web site at https://www.fdic.gov/news/news/financial/2016/.
To receive FILs electronically, please visit http://www.fdic.gov/about/subscriptions/fil.html.
Paper copies may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).
July 29, 2016
FDIC Seeking Comment on Proposed Guidance for Third-Party Lending
The FDIC is seeking comment on the attached proposed Guidance for Third-Party Lending (Proposed Guidance). The Proposed Guidance is intended to provide FDIC-supervised financial institutions and examiners with clear expectations on managing and assessing third-party lending arrangements and associated risks. The Proposed Guidance supplements and expands on the principles established in the FDIC's Guidance on Managing Third-Party Risk (FIL 44-2008)1 by establishing specific expectations for third-party lending arrangements.
The FDIC is seeking comment until September 12, 2016. Comments are sought on the entire Proposed Guidance, with particular emphasis on the questions below. Comments received will be considered for development of final guidance. Comments should be sent to email@example.com.
Third-Party Lending Definition and Scope of Guidance
1. The Proposed Guidance defines third-party lending as "a lending arrangement that relies on a third party to perform a significant aspect of the lending process." Does the proposed definition appropriately capture the various types of financial institution lending through relationships with third parties?
2. Is the scope of the definition (and therefore, the scope of the guidance) appropriate, too broad, or too narrow?
3. The proposed third-party lending definition also describes examples of services performed by a third party. Do those services appropriately reflect services being provided, and may be reasonably expected to be provided in the future, by third parties?
4. The Proposed Guidance outlines three categories of third-party lending arrangements: originating loans for third parties; originating loans through third parties or jointly with third parties; and originating loans using platforms developed by third parties. Do those examples appropriately capture the various types of arrangements? Are the respective descriptions of those arrangements appropriate?
5. The Proposed Guidance notes the numerous risks that may arise from use of third parties and outlines those that may be associated with third-party lending programs in particular. While recognizing that not all risks can be outlined, does the Proposed Guidance reasonably identify and describe the risks that warrant emphasis for third-party lending arrangements? If not, which additional risks should be addressed?
Third-Party Lending Risk Management Program
6. The Proposed Guidance outlines expectations for establishing a third-party lending risk management program, including expectations around strategic planning policy development, risk assessment, due diligence and ongoing oversight, model risk management, vendor oversight, and contract structuring and review. Are these the appropriate elements for an adequate risk management framework?
7. The Proposed Guidance outlines some of the risk management areas examiners will consider when reviewing third-party lending relationships. These considerations include credit underwriting and administration, loss recognition practices, the applicability of subprime lending guidance, capital adequacy, liquidity and funding, profitability and budgeting, accounting and allowance for loan and lease losses maintenance, consumer compliance, programs for safeguarding customer information, and information technology. Are the considerations appropriate? Should additional considerations be addressed?
8. The Proposed Guidance indicates defines "significant" third-party lending arrangements as those, for example, that have a material impact on revenues, expenses, or capital; involve large lending volumes in relation to the bank's balance sheet; involve multiple third parties; or present material risk of consumer harm. The Proposed Guidance also states that institutions that have significant arrangements with third parties would be expected to oversee the third-party lending arrangements on an ongoing basis. Is the definition of significant arrangements reasonable and it is appropriate to expect ongoing monitoring of these arrangements?
9. The Proposed Guidance indicates that institutions engaging in significant activity will generally receive increased supervisory attention. In this regard, the Proposed Guidance establishes a 12-month examination cycle for institutions with significant third-party lending programs, including for those institutions that may otherwise qualify for an 18-month examination cycle.2 Is this an appropriate examination interval for these types of arrangements?
10. The Proposed Guidance states that examiners will conduct targeted examinations of significant third party lending arrangements and may also conduct targeted examinations of other third parties, where authorized. As part of these reviews, the Proposed Guidance states that reviews of third parties should include transaction testing of individual loans to assess compliance with consumer compliance regulations, underwriting and loan administration guidelines, credit quality, appropriate treatment of loans under delinquency, and re-aging and cure programs. Is the proposed scope of third party lending arrangement reviews and transaction testing appropriate?
- Doreen R. Eberley
Division of Risk Management Supervision
- Mark Pearce
Division of Depositor and Consumer Protection
2 Section 337.12 of the FDIC Rules and Regulations requires a full-scope, on-site examination of every insured state nonmember bank and state savings association at least once during each 12-month period. Annual examination intervals may be extended to 18 months for an institution that has total assets of $1 billion or less and has a composite rating of 1 or 2 provided certain conditions are met.