Speeches & Testimony
Remarks by Martin J. Gruenberg, Chairman, Federal Deposit Insurance Corporation to the American Association of Bank Directors, Washington, D.C.
May 12, 2015
Good evening and thank you for the opportunity to take part in your Bank Director summit.
In my remarks this evening, I will focus on the role of bank directors in the safety and soundness of our banking system, and discuss some initiatives underway at the FDIC that are designed to assist directors.
Community Bank Profile
Before I begin my remarks, I'd like to present a brief snapshot of the community banking sector, which has continued to improve since the recent financial crisis—even more than the overall industry. This is good news because community banks provide traditional, relationship-based banking services to their communities, including many small towns and rural areas that would otherwise not have access to any physical banking services. They make up 93 percent of all banks in the U.S.—a higher percentage than at any time going back to at least 1984. While community banks hold just 13 percent of all banking assets, they account for about 45 percent of all of the small loans to businesses and farms made by insured institutions.
According to the latest available data, as of December 31, 2014, the overall financial condition of both community banks and the industry as a whole has continued to improve. Community banks earned $4.8 billion during the fourth quarter, an increase of 28 percent from a year ago. Higher net interest income, increased noninterest income, and lower provision expenses were the primary drivers of stronger earnings at community banks. Net interest income for community banks grew 6.4 percent from the year-ago quarter, outpacing the industry growth of 1.0 percent. Meanwhile, community bank loan balances rose by 8.6 percent in 2014 compared to 5.3 percent for the industry. Community banks reported growth in all major loan categories, including residential mortgages and loans to small businesses, and asset quality showed continued improvement with the volume of noncurrent loans 19.1 percent lower at the end of the fourth quarter from a year earlier.
Given how vital community banks are to our economy, we need diligent and conscientious bank directors to guide them. The quality of management and the way it governs a bank's affairs are probably the most important factors in the successful operation of a bank. When we refer to "management," we mean both the board of directors and the bank's executive officers. In the broadest sense, the board of directors is the source of authority and responsibility at the bank, while the executive officers are responsible for operating the bank on a day-to-day basis.
More specifically, a bank's board of directors provides the framework of objectives, policies, and risk limits within which the bank's executive officers operate, and it monitors the extent to which executive officers comply with that framework and with applicable laws and regulations. Effective corporate governance requires a high level of cooperation between a bank's board of directors and its executive officers, but a director's responsibility to oversee the conduct of the bank's business necessitates that directors exercise independent judgment in monitoring and evaluating management's actions. Directors should stay engaged and informed about the activities and condition of the institution and its operating environment and should avoid preferential transactions.
Corporate Governance Expectations
Strong corporate governance is the foundation for an institution's safe and sound operations. An effective governance framework is necessary to remain profitable, competitive, and resilient despite changing economic and market conditions. Studies conducted by the FDIC Inspector General based on Material Loss Reviews1 and professional liability claims confirm that ineffective leadership and oversight by directors and management are often the root causes of a bank's failure.2
While we expect every bank to have sound corporate governance, we know this does not look the same at every institution. The FDIC is the primary federal regulator for more than 4,000 institutions, ranging from $3 million to $182 billion in total assets. We recognize that a bank's size, risk profile, and complexity of its activities will determine the most appropriate framework, and therefore we do not expect community bank governance to have the same level of complexity as that found in larger banks.
The FDIC's expectations for bank directors are based on basic, common sense principles that have been around for quite some time. We have various guidance, most of which is long-standing, around corporate governance, including the Pocket Guide for Directors, issued in 1988, and the Statement Concerning the Responsibilities of Bank Directors and Officers, issued in 1992 (statement).3
The statement was issued by the FDIC in response to concerns regarding personal liability of directors and officers of federally insured institutions—a topic I understand you are discussing at this summit. The statement emphasizes how important it is for institutions to attract and retain experienced and conscientious directors and officers, and addresses their fiduciary obligations to the shareholders and creditors of their institutions.
A bank director's responsibilities are similar to directors of other types of corporations, including the duties of loyalty and care. These two duties really set the tone for a director's service. This requires directors to exercise their duties with candor, honesty, and integrity; avoid advancing personal interests at the expense of the bank; and act as prudent and diligent business persons in conducting the bank's affairs.
Because history has shown that the consequences of governance failures are so serious, FDIC examiners carefully assess an institution's corporate governance framework at each onsite examination. The governance assessment takes place mainly in the context of the Management review—the "M" component of the CAMELS rating4—but it is also addressed in other components of the examination, such as asset quality and interest rate risk reviews.
Some of the basic expectations for sound governance that involve directors and that are reviewed at examinations include the appropriateness of the board's corporate and strategic planning process, the adequacy of bank policies and compliance with those policies, the quality of the audit program and strength of internal controls, the bank's program for meeting its community's credit needs, the adequacy of management information systems and reports provided to the board, and the degree to which the board exercises independent judgment.
It has been the FDIC's practice for many years to invite outside bank directors to meet with examiners and participate in examiner discussions with bank management during the course of the examination. This is intended to build communication between examiners and the board of directors and increase directors' knowledge of the examination process. If you have not taken advantage of this opportunity, I really encourage you to do so.
I would like to take a few moments to talk about some of the challenges we have observed that are facing the boards of many of our banks, particularly the community banks we supervise. As I mentioned earlier, industry performance is improving, which is a welcome trend. However, the current operating environment remains challenging. In particular, revenue growth continues to be held back by narrow interest margins and lower mortgage-related income.
In response to this operating environment, we do see some institutions we supervise reaching for yield, launching new products or lines of business, and looking for new sources of non-interest income. We want to make sure that these banks are doing so with the benefit of proper due diligence, strong policies, and a solid understanding of the risks.
There's an old saying that "failing to plan is planning to fail." One of the important lessons we learned from the financial crisis is that poor planning can harm institutions, their communities, and the financial system as a whole. Many financial institution failures were traced to management engaging in a new or expanded business line without adequate planning, controls, and understanding of the risks related to the new activity.
The FDIC expects its supervised institutions to have a strategic planning process to guide the direction and decisions of management and the board. I want to stress the word "process" because we don't just mean a piece of paper. Strategic planning should be a dynamic process that is driven by the bank's core mission, vision, and values. It should be based on a solid understanding of your current business model and risks and should involve proper due diligence and the allocation of sufficient resources before expanding into a new business line. Further, there should be frequent, objective follow-up on actual versus planned results.
Governance expectations are fairly straightforward in principle, but not always easy to implement when the operating environment changes continuously and sometimes quite dramatically. For example, cyber risks that exist today were not a top priority a few years ago. That said, dealing with cyber risk is not uncharted territory. We have always expected business continuity and disaster recovery considerations to be incorporated in an institution's business model. In the past, banks have focused mainly on natural disasters and other physical threats. Increasingly, however, continuity means preserving access to customer data and the integrity and security of that data in the face of cyber attacks.
For this reason, the FDIC encourages banks to practice responses to cyber risk as part of their regular disaster planning and business continuity exercises. They can use our Cyber Challenge program, which is available to anyone on fdic.gov. Cyber Challenge was designed to encourage community bank directors to discuss operational risk issues and the potential impact of information technology disruptions. The exercise contains four videos that depict various operational disruption scenarios and materials to facilitate discussion about how the bank would respond. Later this year, the FDIC will add additional videos to the Cyber Challenge simulation exercise and will continue to work as a member of the Federal Financial Institutions Examination Council (FFIEC) to implement actions to enhance the effectiveness of cyber security-related supervisory programs, guidance, and examiner training.
Community Bank Outreach and Technical Assistance to Directors
We understand that the combination of economic challenges, changes in the regulatory environment, and long-term and evolving trends, like cyber security, makes the role of bank director particularly challenging compared to other types of industries. Community bank directors are unique in that they often operate their own businesses within the community while overseeing the operations of their community bank.
The FDIC has implemented a number of outreach and technical assistance efforts to aid directors in meeting their fiduciary obligations to their institutions, including our Directors' College Program offered and coordinated by our regional offices. Topics include current issues faced by the banking industry, expectations around corporate governance and director responsibilities, and improved communication and clarity surrounding the FDIC's risk management and examination process.
Starting in 2013 and continuing today, a major component of our outreach and technical assistance efforts includes more than 20 training videos on topics of interest to community bank directors and officers.5 For example, we issued six videos designed to provide new bank directors with information to prepare them for their fiduciary role in overseeing the bank. This was followed by the release of a virtual version of the FDIC's Directors' College Program that regional offices deliver throughout the year. We also issued a series of videos, primarily targeted to bank officers and employees, providing more in-depth coverage of important supervisory topics with a focus on bank management's responsibilities. Recently, we released three new technical assistance videos developed to assist bank employees in meeting the requirements of certain mortgage rules issued by the Consumer Financial Protection Bureau.
At the local level, we have enhanced communication efforts by having our community bank examiners and local supervisors contact supervised institutions between examinations to touch base and discuss and clarify supervisory and regulatory changes and the overall risk profile of the institutions.
Also, in June 2014, the FDIC mailed an Information Packet to the chief executive officers of FDIC-supervised community banks containing resources and products developed as part of the FDIC's Community Banking Initiatives, as well as documents describing our examination processes. The packet contained brochures highlighting the content of key resources and programs and a copy of the FDIC's Cyber Challenge simulation exercise that I mentioned previously.
Professional Liability Program
I'm pleased to be able to share with you this information about the FDIC's supervisory expectations and supporting resources because the FDIC views bank directors as a critical part of the supervisory and enforcement framework. Given bank directors' role in setting the objectives and policies to govern and guide bank operations, it is not an overstatement to say that the health of our banking system and our national economy depends in large part on your care and dedication to the role you play as bank directors. The vast majority of bank directors are doing a good job on corporate governance, and most banks are well managed.
From the beginning of 2007 through the end of 2014, 510 banks and thrifts failed. That's less than 8 percent of the approximately 6,500 FDIC-insured institutions. The annual number of failed banks has fallen substantially from the peak of 157 failures in 2010 to only 18 failures in 2014. So far this year, only five banks have failed, and we expect the total number of failures to be even less than last year.
As the most recent crisis has demonstrated, there will always be directors who fail in their obligations, through negligence or worse. And although they represent a small minority of all bank directors, their actions and inactions have nevertheless caused substantial losses, not only to the failed banking institutions, but to the communities they serve. A strong regulatory program helps safeguard the health and integrity of our banking system by ensuring that negligent and dishonest directors are held accountable for damages that they cause. This is as much a benefit to bank directors who take their responsibilities and duties seriously as it is to depositors and customers.
To that end, as receiver for a failed bank, the FDIC may sue professionals, including bank directors, who caused losses to the bank. Throughout the nearly three-decade existence of the FDIC's professional liability program, concerns have been raised that the specter of such litigation would discourage quality candidates from serving as directors of banks. And yet, throughout the last 30 years, many thousands of highly qualified people have joined bank boards to provide guidance to banks across the country.
The statistics demonstrate that diligent and conscientious directors have no reason to fear either regulators or lawsuits. The FDIC does not pursue litigation against directors who do their jobs. It only pursues directors who breach duties they owe to their institution.
The FDIC fully investigates potential claims in connection with all failed institutions, big or small. Actions are not brought lightly or in haste. Most investigations are completed within 18 months from the time an institution is closed, although the FDIC generally has three years, depending on state laws, to file suit against directors and officers. Potential claims are evaluated based on the legal standards established by applicable state law, including the business judgment rule, and are pursued only if they are meritorious and expected to be cost-effective. Before any lawsuit can be filed, staff must pursue a multi-layer review and approval process that includes approval by the FDIC's Board of Directors. As Chairman, I review and approve each request by staff for authority to file a case against a director or officer. Through the end of 2014, the Board authorized suit in 149 of the 510 failures, or approximately 29 percent of bank failures. The number of claims filed annually by the FDIC peaked in 2013 at 40 and declined last year to 20 cases, and I expect that this number will continue to decline.
In most cases, before a lawsuit is filed, FDIC attorneys will reach out to see if the claims can be resolved short of litigation. If a settlement cannot be reached, the FDIC typically engages outside counsel to assist with litigation, but attorneys in the Legal Division continue to oversee and manage the cases, and are active in all key decisions, and ultimately make all key decisions. As such, the FDIC's in-house attorneys are always available to discuss any aspect of litigation.
Directors and officers are no longer even the primary focus of the FDIC's professional liability investigations. While director and officer claims were the primary source of recoveries in the past crisis, this is not true in the recent crisis. Of the nearly $2.6 billion recovered from professional liability claims from 2007 through 2014, more than half—53.6 percent—came from residential mortgage-backed securities claims. Recoveries from director and officer claims made up less than one-third of total recoveries. The remaining recoveries came from residential mortgage malpractice and mortgage fraud claims and claims against other professionals, including appraisers and attorneys.
Pursuing director and officer claims nonetheless remains important to the FDIC's goal of ensuring that directors and officers of insured institutions engage in sound corporate governance by being attentive to the standards of care set by the states, policies and procedures adopted by individual banks, and regulatory guidelines.
Finally, I would note that since 1986, when we began tracking recoveries and expenses for the program, the FDIC has recovered more than $8.6 billion and spent $2.1 billion, so the program has been cost effective. Most of those recoveries go back to the deposit insurance fund covering some of the losses the failed banks have caused, and this helps to reduce the amount existing banks must pay for assessments.
In conclusion, I would like to thank all of you for taking the time to participate in today's summit. Bank directors play a critical role in fulfilling our mission to maintain stability and confidence in our banking system, and the FDIC understands the complex challenges that you face in meeting your fiduciary obligations. We've developed the many resources and programs I've highlighted tonight to help you stay on top of the banking laws, regulations, and supervisory guidance.
We appreciate your service to our nation's community banks, and welcome your feedback and comments to help us to make our regulatory and supervisory processes as efficient and effective as possible. It is because of your attention to these issues that community banks will continue to thrive.
1 The Inspector General of the appropriate federal banking agency must conduct a Material Loss Review when losses to the Deposit Insurance Fund from failure of an insured depository institution exceed certain thresholds. See http://www.fdicoig.gov/mlr.shtml for further details.
2 See for example "Enforcement Actions and Professional Liability Claims Against Institution-Affiliated Parties and Individuals Associated with Failed Institutions" (http://www.fdicoig.gov/reports14/14-002EV.pdf) and "Follow-up Audit of FDIC Supervision Program Enhancements" Report No. MLR-11-010 December 2010 (http://www.fdicoig.gov/reports11%5C11-010.pdf).
4 FDIC examiners assign risk-based CAMELS ratings according to the Uniform Financial Institutions Rating System (UFIRS) adopted by the Federal Financial Institutions Examination Council (FFIEC) in 1979, and updated in 1997. See FDIC Statement of Policy "Uniform Financial Institutions Rating System" https://www.fdic.gov/regulations/laws/rules/5000-900.html.