Interagency Guidance on Testing for Year 2000 Readiness
The Federal Financial Institutions Examination Council (FFIEC) has issued the attached guidance for the industry on Year 2000 readiness testing. The statement supplements the FFIEC's statement "Year 2000 Project Management Awareness," issued May 5, 1997.
The interagency statement emphasizes the critical nature of the validation phase, particularly for an institution's mission-critical systems. Financial institutions should develop and implement written testing strategies and testing plans for both internal systems and interfaces with external systems.
The FDIC expects financial institutions to meet the following key milestones in the Year 2000 testing process:
should complete the development of their written testing strategies
processing in-house and service providers should have commenced testing
of internal mission-critical systems, including those programmed in-house
and those purchased from software vendors.
of internal mission-critical systems should be substantially complete.
Service providers should be ready to test with customers.
by institutions relying on service providers for mission-critical
systems should be substantially complete. External testing with material
other third parties (customers, other financial institutions, business
partners,payment system providers, etc.) should have begun.
of mission-critical systems should be complete and implementation
should be substantially complete.
All financial institutions, including those that use software supplied by vendors or receive services from service providers, will be responsible for ensuring that systems operate correctly in their own environment. Serviced financial institutions that rely on proxy testing are cautioned to
comprehensively assess the reliability of their servicers' testing strategies, plans and results to ensure that applications and interfaces, especially those that are unique to an institution, are appropriately tested.
Previous guidance has emphasized the importance of user groups in the monitoring and testing stages of a Year 2000 readiness plan. User groups can be an effective forum for exchanging ideas and information on testing.
While the FFIEC agencies will conduct focused Year 2000 readiness reviews of service providers and certain software vendors, the agencies will not certify the testing strategies, plans or results of these parties.
The FDIC and state banking authorities will continue to review the efforts of all FDIC-supervised banks to become Year 2000 ready. An institution's failure to appropriately address Year 2000 readiness problems may result in supervisory actions, including formal and informal enforcement actions, denials of applications filed pursuant to the Federal Deposit Insurance Act,
civil money penalties, and reductions in the institution's management component or composite ratings.
Distribution: FDIC-Supervised Banks (Commercial and Savings)
NOTE: Paper copies of FDIC financial
institution letters may be obtained through the FDIC's Public
Information Center, 801 17th Street, N.W., Room 100, Washington,
D.C. 20434 (800-276-6003 or (703) 562-2200).