Federal Deposit
Insurance Corporation

FIL-72-98
July 2, 1998

TO:	CHIEF EXECUTIVE OFFICER
SUBJECT:	Ongoing Year 2000 Readiness Supervisory Review Initiatives

The Federal Deposit Insurance Corporation (FDIC), in partnership with state banking authorities, completed its first round of on-site Year 2000 assessments on May 29, 1998. The first phase of the supervisory process focused primarily on the Year 2000 project management awareness and assessment phases. Most financial institutions, service providers and software vendors are now in the process of completing the renovation phase and initiating validation. Testing is considered the most critical phase of the Year 2000 project and, because of its importance, the FDIC will complete a second round of Year 2000 on-site reviews.

On-site assessments of service providers, software vendors and institutions with in-house programming will be completed by December 31, 1998. On-site assessments of serviced and turnkey institutions will be completed by March 31, 1999.

The on-site assessments may be conducted as part of a regularly scheduled Safety and Soundness or Information Systems examination, or as a separate visitation. Upon completion of the assessment, examiners will again categorize the organization's efforts as "Satisfactory," "Needs Improvement," or "Unsatisfactory." At the conclusion of the assessment, the examiner-in-charge will meet with the board of Directors, a committee thereof, or senior management representatives to discuss the assessment findings, as appropriate. The examiner will meet with a quorum of the board of Directors for institutions assessed as "Needs Improvement" or "Unsatisfactory."

Examiners may be contacting financial institutions, service providers and software vendors for a copy of their testing plans, which were to be completed by June 30, 1998. These testing plans will be used to assist in planning and scheduling reviews. Examiners may expedite pre-assessment planning by reviewing an institution's testing plans. However, the examiner will not serve as a consultant to these plans.

The FDIC will use supervisory actions for institutions assessed as less than satisfactory due to the criticality of testing and contingency planning to the success of Year 2000 projects. The FDIC intends to mandate supervisory action for virtually all institutions assessed less than satisfactory. In addition, the FDIC will consider a change in a component or composite rating if identified deficiencies so warrant. The FDIC will also consider the impact of Year 2000 readiness risk factors in the assignment of any insured financial institution's supervisory subgroup and when processing applications.

Revised Workprogram

The Federal Financial Institutions Examination Council's (FFIEC) Task Force on Supervision has issued the attached Year 2000 Workprogram Phase II for use during a second round of on-site Year 2000 assessments. The procedures are designed to focus on the adequacy of the institution's plans and processes for achieving Year 2000 readiness, with particular emphasis on the final phases of the Year 2000 project-testing and implementation-and on the institution's contingency plans.

The Workprogram is intended to assist the examiner:

• Determine whether the institution has implemented an effective plan for testing Year 2000 renovated products and implementing Year 2000 compliant products into their production environment;
• Assess the adequacy of the institution's Year 2000 contingency plans;
• Determine if the institution is handling Year 2000 issues in a safe and sound manner; and
• Identify whether corrective action may be necessary to assure an appropriate level of attention to Year 2000 readiness activities.