TO:
|
CHIEF EXECUTIVE OFFICER
|
SUBJECT:
|
Interagency Guidance on Testing for Year 2000 Readiness
|
The Federal Financial Institutions Examination Council (FFIEC) has issued the attached guidance for
the industry on Year 2000 readiness testing. The statement supplements the FFIEC's statement
"Year 2000 Project Management Awareness," issued May 5, 1997.
The interagency statement emphasizes the critical nature of the validation phase, particularly for
an institution's mission-critical systems. Financial institutions should develop and implement
written testing strategies and testing plans for both internal systems and interfaces with
external systems.
The FDIC expects financial institutions to meet the following key milestones in the Year 2000
testing process:
June
30, 1998
|
Institutions
should complete the development of their written testing strategies
and plans.
|
September
1, 1998
|
Institutions
processing in-house and service providers should have commenced testing
of internal mission-critical systems, including those programmed in-house
and those purchased from software vendors.
|
December
31, 1998
|
Testing
of internal mission-critical systems should be substantially complete.
Service providers should be ready to test with customers.
|
March
31, 1999
|
Testing
by institutions relying on service providers for mission-critical
systems should be substantially complete. External testing with material
other third parties (customers, other financial institutions, business
partners,payment system providers, etc.) should have begun.
|
June
30, 1999
|
Testing
of mission-critical systems should be complete and implementation
should be substantially complete.
|
All financial institutions, including those that use software supplied by vendors or
receive services from service providers, will be responsible for ensuring that systems
operate correctly in their own environment. Serviced financial institutions that rely on
proxy testing are cautioned to
comprehensively assess the reliability of their servicers' testing strategies, plans and
results to ensure that applications and interfaces, especially those that are unique to an
institution, are appropriately tested.
Previous guidance has emphasized the importance of user groups in the monitoring and
testing stages of a Year 2000 readiness plan. User groups can be an effective forum
for exchanging ideas and information on testing.
While the FFIEC agencies will conduct focused Year 2000 readiness reviews of
service providers and certain software vendors, the agencies will not certify the
testing strategies, plans or results of these parties.
The FDIC and state banking authorities will continue to review the efforts of
all FDIC-supervised banks to become Year 2000 ready. An institution's failure
to appropriately address Year 2000 readiness problems may result in
supervisory actions, including formal and informal enforcement actions,
denials of applications filed pursuant to the Federal Deposit Insurance Act,
civil money penalties, and reductions in the institution's management
component or composite ratings.
The attached interagency statement and related information on Year 2000
issues are available on the Internet via the World Wide Web at /news/news/financial/ or http://www.ffiec.gov.
The FFIEC will issue additional guidance on contingency planning in
the near future. For further information, please contact your Division
of Supervision Regional Office.
|
Nicholas J. Ketcha Jr.
|
|
Director
|
Attachment: FFIEC Interagency
Statement: Guidance Concerning Testing for Year 2000
Readiness
Distribution: FDIC-Supervised Banks (Commercial and
Savings)
NOTE: Paper copies of FDIC financial
institution letters may be obtained through the FDIC's
Public
Information Center, 801 17th Street, N.W., Room 100,
Washington,
D.C. 20434 (800-276-6003 or (703) 562-2200).
|