The “Recordkeeping for Timely Deposit Insurance Determination” rule (12 CFR Part 370 of the FDIC’s Rules and Regulations) requires each insured depository institution that has two million or more deposit accounts (a “Covered Institution” as defined in § 370.2(c) of the rule) to (1) configure its information technology system to be capable of calculating the insured and uninsured amount in each deposit account by ownership right and capacity, which would be used by the FDIC to make deposit insurance determinations in the event of the institution’s failure, and (2) maintain complete and accurate information needed by the FDIC to determine deposit insurance coverage with respect to each deposit account, except as otherwise provided.
For more information pertaining to the rule, see Federal Register notice Part 370 - Recordkeeping for Timely Deposit Insurance Determination. For questions regarding part 370, please contact the FDIC at Part370@FDIC.gov.
Compliance Review Manual
The Compliance Review Manual includes general guidelines for FDIC testing, as well as compliance documentation modules to be used by FDIC staff in scoping and performing the review.
Information Technology Functional Guide Version 2.1
The Information Technology Functional Guide (ITFG) was developed to assist the information technology teams of the Covered Institutions in implementing systems for 12 C.F.R. part 370 (“Part 370”). This update incorporates feedback from Covered Institutions on the draft ITFG version 2.0 issued on June 29, 2018.
Guidelines for Relief
The Guidelines for Relief describe the procedures for CIs to follow when submitting requests for relief from aspects of Part 370.
Federal Register Notices of FDIC Responses to Exception Requests
The FDIC published the following exception request notices in the Federal Register, which a covered institution may rely upon by following the procedures set forth in part 370.8(b)(3).
- Relief granted for Additional Time to Integrate Information Technology Systems that Contain the Requisite Information to Calculate Deposit Insurance Coverage Amounts for Official Items – Federal Register Document 2021-28143 effective December 20, 2021, as published December 28, 2021.
- Relief granted for Certain Deposits Reflected on Loan Systems for Which the Covered Institutions Are Not Capable of Completing Deposit Insurance Calculation Process Because Additional Time Is Required for System Upgrades or Conversions – Federal Register Document 2021-20160 effective September 14, 2021, as published September 17, 2021.
- Relief granted for Mortgage Servicing Accounts for Which the Covered Institution’s System of Record Cannot Calculate Principal and Interest at an Account Level at a Given Point in Time - Federal Register Document 2021-02781 effective February 4, 2021, as published February 11, 2021.
- Relief granted for: 1) Certain Formal Revocable and Irrevocable Trust Accounts With Transactional Features for Which the Covered Institution Must Maintain a Unique Identifier for a Grantor in its Deposit Account Records; 2) Certain Deposit Accounts for Which the Covered Institution’s Information Technology System Is Not Capable of Completing Deposit Insurance Calculation Process Because Additional Time is Required for Data Cleanup to Assign an Ownership, Right and Capacity Code and for Related System Updates; 3) A Limited Number of Internal (Work-in-Process) Deposit Accounts for Which the Covered Institution’s Information Technology System Is Not Capable of Completing Deposit Insurance Calculation Process Within 24 Hours of Failure; and, 4) A Limited Number of Deposit Accounts for Which the Covered Institution’s Trust Department Acts in an Agency or Fiduciary Capacity - Federal Register Document 2021-02782 effective February 3, 2021, as published February 11, 2021.
- Relief granted for: 1) Certain Deposit Accounts for Sole Proprietorships That the Covered Institution’s Information Technology Systems Misclassify With an Incorrect Ownership, Right and Capacity Code; and, 2) A Limited Number of Joint Accounts for which the Covered Institution Has Not Confirmed “Qualifying Joint Account” Status for Deposit Insurance Purposes Pursuant to 12 CFR Section 330.9 - Federal Register Document 2020–16899 effective July 28, 2020, as published August 4, 2020.
- Relief granted for: 1) Certain Deposit Accounts for Which the Covered Institution’s Information Technology System Is Not Capable of Completing Deposit Insurance Calculation Process Because Additional Time Is Required for Data Clean Up, System Updates, and Customer Outreach; and, 2) Certain Internal Accounts That Require an Additional 24 Hours Post Failure for the Covered Institution To Obtain Beneficial Ownership Information From Internal Business Lines Necessary To Make a Deposit Insurance Determination - Federal Register Document 2020–11987 effective May 28, 2020, as published June 3, 2020.
- Relief granted for: 1) Government Deposit Accounts for Which the Covered Institution Does Not have the Requisite Information Regarding the Official Custodian; 2) Informal Revocable Trust Accounts for Which the Covered Institution Needs Additional Time to Integrate Beneficiary Information; and, 3) Deposits Held in Connection With Low Balance, Short-Term Prepaid Cards - Federal Register Document 2019–27626 effective November 26, 2019, as published December 23, 2019.
Frequently Asked Questions
The following frequently asked questions and answers are intended to help covered institutions interpret the Part 370 requirements. They were prepared by, and represent the views of, the staff of the Federal Deposit Insurance Corporation (the “FDIC”). They are not rules, regulations, or statements of the FDIC, and do not have the approval or disapproval of the Board of Directors of the FDIC. They are not legally binding on covered institutions or the FDIC. The staff may update these questions and answers periodically based on the experience gained in the implementation of Part 370 by various covered institutions.
Q: If a Covered Institution reports each omnibus account as one account according to Call Report instructions for RC-O and accordingly does not meet the two million deposit account threshold, is the Covered Institution covered by Part 370?
No. Covered Institutions that conclude that they may accurately report under the two million deposit account threshold may take the following actions:
- Amend previously filed Call Reports for Q4 2016 and all subsequent Call Reports. Accurate, filed Call Reports must show that an institution does not meet the two million deposit account threshold during the two consecutive quarters preceding the Part 370 effective date of April 1, 2017, or thereafter. No further action would be necessary and an institution would not be considered a Covered Institution;
- Amend the three most recent Call Reports showing that an institution is under the two million deposit account threshold and apply for release from Part 370 pursuant to section 370.8(c); or
- Begin filing Call Reports, according to correct Call Report instructions, showing an institution is under the two million deposit account threshold. Upon filing three consecutive quarterly Call Reports under the deposit account threshold, an institution can apply for release from Part 370 pursuant to section 370.8(c). The FDIC requests that an institution availing itself of this type of relief inform the FDIC as soon as possible of its intent to do so and commence filing Call Reports under the threshold immediately so as to be eligible for relief prior to the Part 370 Compliance Date of April 1, 2020.
Q: In the ITFG v2.1, there appear to be two possible ways to process joint accounts if signature card requirements are not met. One method states accounts should be treated as owned by the named individuals in their SGL ORC, while the other states they should be placed in the Pending File with the JNT ORC designation and the RAC pending reason code. Which is correct?
Where a covered institution believes accounts would qualify under the JNT ORC but where the accounts require additional review or remediation, those accounts can be placed in the Pending File with the JNT ORC designation and a pending code of RAC, in conjunction with an approved relief request. Where a covered institution believes an account does not meet the JNT ORC requirements, then that account should revert to the SGL ORC with the funds apportioned evenly among the named owners.
The recent amendments to 12 C.F.R. § 330.9(c) provide flexibility for institutions to meet the signature card requirements through information in the institution’s deposit account records establishing co-ownership of the account, such as evidence that the institution has issued a mechanism for accessing the account to each co-owner or evidence of usage of the deposit account by each co-owner. As an example, the requirement could be satisfied by evidence that an IDI has issued a debit card to each co-owner of the account or evidence that each co-owner of the account has transacted using the deposit account. These amendments do not attempt to specify all of the forms of evidence of co-ownership that could be used to satisfy the signature card requirement.
Q: In the Customer File description on line 10, "CS Street Add Ln1" calls for the mailing address of record, but lines 13 to 16, "CS City, CS State, CS ZIP, and CS Country," calls for the permanent legal address. The same discrepancy exists for lines 18 to 24 in the Pending File. Which one should be used to populate the fields? Combination, legal or mailing?
The mailing address should be used for lines 10 through 16 on the Customer File and lines 18 through 24 on the Pending File, notwithstanding instructions in the file descriptions. The FDIC may need to contact or deliver items to account holders by mail in the event of a CI’s failure and this ensures that the FDIC has the contact information where the depositor prefers to be reached.
Q: If any of the accounts that a customer participates in are pending, should all accounts for that customer go to the pending file instead of the account file since a CI will not have all the information on all accounts for that customer to calculate the insurance accurately?
No. A Covered Institution’s IT system must be capable of accurately calculating the deposit insurance coverage for each deposit account. The IT Functional Guide provides additional guidance that may assist the Covered Institution in implementing the requirements of Part 370. A Covered Institution must conduct deposit insurance calculations for all deposit accounts for which sufficient information is available on the CI's book and records. The CI’s IT systems must be able to adjust account balances for those accounts within 24 hours after the appointment of the FDIC as receiver. When additional information needed for deposit insurance calculation is received, the CI’s IT systems should have the capability to revisit pending accounts and complete the calculation. Certain types of missing information for a customer across all relevant deposit accounts may necessitate that all deposit accounts for that customer be shown in the pending file. However there may be instances where all information needed to calculate deposit insurance for deposits held in a particular right and capacity is available, so those accounts should be processed without delay.
Q: Is a covered institution required to close a deposit account because it cannot satisfy Part 370 recordkeeping or IT system requirements with respect to that account?
No, Part 370 does not require a covered institution to close a deposit account if the covered institution cannot satisfy Part 370 requirements with respect to the account. Moreover, FDIC staff would not direct a covered institution to close a deposit account in order for the covered institution to comply with Part 370.
A covered institution may decide to close a deposit account for a number of reasons, however, and that decision is between the covered institution and its depositor. A covered institution’s efforts to comply with Part 370 may reveal reasons to close a deposit account or restructure a deposit relationship. For example, a covered institution may identify through recordkeeping research or other customer due diligence measures that the depositor of record is deceased or will not comply with BSA/AML requirements. Additionally, a covered institution may find that a depositor would optimize deposit insurance coverage by restructuring its deposit account(s). A covered institution must make those decisions, but to reiterate, covered institutions are not required to close a deposit account in order to comply with Part 370.
Q: Does the FDIC have an interpretation of the language in 12 CFR § 370.4(b)(2) that affords “alternative recordkeeping" for accounts where a covered institution “does not maintain the information" that would be needed for its IT systems to meet the requirements set forth in 12 CFR § 370.3?
FDIC staff recognizes that a covered institution is unlikely to have
ready and continuous access to all of the information that would be needed to
accurately calculate the deposit insurance coverage for each formal revocable trust
account or irrevocable trust account insured as described in §§ 330.10, 330.12 or
330.13, as applicable. Even if a covered institution has access to some of the
information that is needed, it does not necessarily have access to all of the
information that would be needed to calculate deposit insurance coverage. It is
likely that the information a covered institution has would need to be confirmed,
updated, or supplemented, such as in a situation where a trust names “all of
children" as beneficiaries, but does not specifically name each child.
Given these complexities, FDIC staff recognizes and accepts the position that a covered institution does not “maintain" the information that would be needed for its information technology system to meet the requirements set forth in § 370.3 if it does not maintain all of the information needed to calculate deposit insurance for formal trust accounts. FDIC staff will interpret § 370.4(b)(2) accordingly and will generally presume that a covered institution’s deposit account records for formal trust accounts will be maintained in accordance with the alternative recordkeeping requirements.
However, this interpretation should not be viewed as precluding a covered institution from determining independently that it does maintain the information needed for its information technology system to meet the requirements set forth in § 370.3. Further, this interpretation does not alter the recordkeeping provisions of § 370.4(b)(2)(i)-(iii) which specify the information covered institutions must maintain for these types of accounts.
Each covered institution is in the best position to decide what information it is capable of collecting and how current it can keep such information. As deposit-taking practices and relationship management processes evolve with technological advancement, or as the rules for deposit insurance coverage change, it may be possible for a covered institution to maintain all of the information needed to accurately calculate deposit insurance coverage for formal trust accounts in accordance with the FDIC’s deposit insurance rules set forth in 12 CFR part 330.
Q: Beneficiary IDs
For informal revocable trusts, such as payable-on-death accounts, covered institutions often have limited information for non-customer beneficiaries. Part 370 indicates certain fields are required fields in the Account Participant File, such as the AP_GOV_ID. Will a covered institution need to file an exception request for these accounts where there is missing government identification for beneficiaries?
Where limited information on non‐customer beneficiaries and government
identification is available, a covered institution should use its best efforts to
create a unique identifier for these beneficiaries, notwithstanding the missing
information. Should an institution choose to create a unique identifier for these
beneficiaries, it should populate the identical unique identifier in fields 6 and 7
of the Account Participant File, and populate field 8 "AP_GOVT_ID_Type" with OTH.
If a covered institution cannot create unique identifiers or does not have access to a United States or foreign government –issued unique identifier for beneficiaries for informal revocable trust accounts, then it will need to file an exception request for the affected accounts.
Please note that FDIC’s deposit insurance regulations, found at 12 C.F.R. Part 330, are separate and distinct from the requirements of Part 370. The relevant section of Part 330, section 330.10, requires that the names of the beneficiaries be disclosed in the bank’s records. There is no requirement in the FDIC’s deposit insurance regulations for banks to obtain or maintain a beneficiary’s government identification for purposes of being eligible for deposit insurance.
The purpose of the Part 370 requirements is to ensure prompt and accurate payment of deposit insurance to depositors of large, complex banks in the event of the institution’s failure. As a result, the lack of government or other unique identifier may delay the calculation of deposit insurance but does not have any impact on eligibility for or availability of deposit insurance.
Q: Can the FDIC provide additional information on the calculation of coverage for deposits held by an IDI as trustee of an irrevocable trust? Section 330.12 of the regulations does not always provide rules to address particular scenarios we have encountered for accounts within the DIT ORC.
Coverage for deposits held by an IDI as trustee of an irrevocable trust
are governed by section 7(i) of the FDI Act, 12 U.S.C. § 1817(i), and section 330.12
of the FDIC’s regulations. Staff’s position is that covered institutions
the general rules for coverage of deposits of irrevocable trusts, set forth in §
330.13, to calculate insurance coverage for deposits held by an IDI as trustee of an
irrevocable trust, except for where those general rules are inconsistent with
section 7(i) and section 330.12. There are two aspects of the calculation, in
particular, where deposits held by an IDI as trustee of an irrevocable trust are
First, a grantor’s retained interest in a trust held by an IDI as trustee of an irrevocable trust is not treated as a single ownership deposit and aggregated with the grantor’s other single ownership deposits. Section 330.12 provides for coverage up to the standard maximum deposit insurance limit for each owner or beneficiary represented, “separate from, and in addition to, the insurance provided for any other deposits of the owners or the beneficiaries.” § 330.12(a). Therefore, a grantor’s retained interest in a DIT account should be classified under the DIT ORC.
Second, the typical aggregation of funds that pass from the same grantor to the same beneficiary under the general trust rules does not apply to deposits held by an IDI as trustee of an irrevocable trust. Aggregation would occur only across multiple deposit accounts held by a single trust. This is because the statutory provision that generally requires aggregation specifically exempts deposits held pursuant to section 7(i). See 12 U.S.C. § 1821(a)(1)(C).
Q: What information does the FDIC expect covered institutions to maintain related to official custodians of government accounts?
For purposes of Part 370, the title, position, or office of an official custodian can be used for government account calculations.
Q: Prepaid Cards
Are pre-paid cards subject to Part 370? If so, how should they be processed for compliance with the rule?
Yes, stored value or pre-paid cards are subject to Part 370 and are
considered deposits. The calculation of deposit insurance depends upon the
satisfaction of the requirements for obtaining pass-through insurance coverage. To
satisfy these requirements, the records of the institution, the fiduciary, or a
third party must disclose the agency or custodial relationship, indicate both the
identities of the principal(s) as well as the ownership interest in the deposit, and
show the deposits are actually owned by the named owners and not the custodian.
Pass-through insurance generally applies to stored value or pre-paid cards that are
registered and where the institution can identify the cardholder and ownership
interest. If the underlying registered card information is not maintained on the
Part 370 institution’s system, the data can be submitted using the alternative
recordkeeping entity input file format and integrated through the
370 deposit insurance calculation process. Part 370 requires the ability to restrict
access to these accounts until insurance determinations are complete.
Where cards are not registered, and where the covered institution cannot identify the cardholder and ownership interest, the pass-through insurance requirements would not be met and the aggregate of the funds attributable to unregistered cards would be insured to the custodian up to the Standard Maximum Deposit Insurance Amount (SMDIA). For example, Anycorp provides its employees with spot bonuses paid in the form of $50 pre-paid cards issued by Largebank, a Part 370 covered institution, and the account documentation properly establishes a fiduciary relationship. Employees have the option to visit the website of the pre-paid card administrator and input his or her name and address to register the cards, but 99% of the employees choose not to do so. For the 1% of the registered employee bonus cards, Largebank would aggregate the individual card value with all other deposits of the employee in the same ownership right and capacity at Largebank and insure up to the SMDIA. For the 99% of unregistered cards, Largebank would aggregate the value attributable to those cards with Anycorp’s other deposits at Largebank and insure up to the SMDIA notwithstanding the fact that the unregistered cards are in the hands of individual employees.
Q: Local Chapters of National Organizations
How should local chapters of charitable organizations be in a covered institution’s Part 370 records when the local chapter uses the EIN of the main organization to administer its accounts?
Deposits for local chapters of international, national, or regional charities are insured separately from those of the main entity. Deposits for entities, such as the Boy Scouts, would be aggregated at the troop or local chapter level and insured up to the SMDIA for their respective right and capacity, separate from funds held by the parent entity. The unique ID of the local chapter would differentiate it from the parent entity in the Part 370 output files.
Q: Are Covered Institutions’ internal operational processing accounts outside of the scope of Part 370?
Internal operational accounts, including intercompany accounts, zero-balance accounts, accounts payable, disbursement accounts, error accounts, suspense accounts, mortgage application fees, and bank teller accounts are generally not covered by FDIC insurance and, therefore, are outside of the scope of Part 370, to the extent that these are bank-owned funds. In the event of failure, the FDIC will address these accounts through specific instructions.
Q: While noting that recordkeeping for official items (section 370.4(c)) allows for minimal information to be retained regarding accounts from which withdrawals are made to honor payment instruments to specific payees, what is the minimum information required for an insurance calculation?
The payee is the owner of the funds. If the Covered Institution has the payee name, government identification for the payee, and the amount of the official item, the Covered Institution’s IT system should be able to complete the insurance calculation. If an institution does not have this required information, the account would go in the pending file with the pending reason code "OI," and there would be no need for an exception request.
Q: In the event a Covered Institution serves as co-trustee for an irrevocable trust, does the account belong in the DIT or IRR ORC? For example, the other co-trustee could be a non-bank person or entity, such as a lawyer, law firm, wealth manager, or family member.
It would be accurate to assign either the DIT or the IRR ORC codes to a deposit held by the type of irrevocable trust described, assuming the requirements of both categories are satisfied. The deposit insurance rules for trusts in the DIT category may be more generous in some situations than the rules for the IRR category, particularly with respect to aggregation.
Q: Regarding formal revocable trusts and irrevocable trusts, is grantor information required, even if it is in the records that require manual review, for FDIC Part 370 certification?
Trust-specific information, including the identities of the grantor(s) and beneficiary(ies), is required to calculate deposit insurance for trust accounts insured in either the REV or IRR right and capacity. Under section 370.4(b)(2), covered institutions may apply alternative recordkeeping treatment to trust accounts for which they do not maintain all information needed to calculate deposit insurance. For trust accounts that qualify for alternative recordkeeping treatment and that have “transactional features,” covered institutions must assign a unique identifier for the grantor. This requirement applies regardless of whether grantor information is maintained in paper-based records such as trust documents or certificates of trust. The Covered Institution must collect from the trustee or account holder the grantor name and unique identifier, if it hasn’t already, and input or transform that information into an electronic file format that can be used by the covered institution’s part-370 compliant IT system to begin calculating deposit insurance so that some insured deposits can be made available right away. It is not sufficient to maintain grantor information in records that require manual review. Additionally, if the proposed revision of Part 370 is finalized, then the Covered Institutions would also be required to maintain the corresponding “right and capacity” code in their deposit account records.
The FDIC expects that the covered institution’s part 370-compliant IT system would be able to process the remaining information necessary to complete a deposit insurance determination for trust accounts using data files submitted the standard file format by the account holder. For example, for formal revocable trust accounts with transactional features and irrevocable trust accounts with transactional features, relevant information regarding beneficiaries would be needed to complete the deposit insurance determination. For formal revocable trust accounts that do not have transactional features and irrevocable trust accounts that do not have transactional features, information regarding the grantor(s) and beneficiary(ies) would be needed.
Q: Does the FDIC expect the OFAC status of an account to be considered in an insurance calculation?
OFAC holds would be reflected in the DP_Hold_Amount field in the Account File and Pending File. The hold amount would not impact the deposit insurance calculation, but would restrict the release of funds equal to the hold amount. For the avoidance of doubt, all holds or freezes placed by regulators would survive the insurance calculation and determination process.
Q: What will be reviewed during the compliance visit for accounts that qualify for alternative recordkeeping as allowed under section 370.4?
During the compliance review, a mock data file will be used to test the Covered Institution’s ability to receive the alternative recordkeeping file (as described in Appendix C to the IT Functional Guide v2.1) and incorporate the data contained therein in subsequent iterations of the deposit insurance calculation. Contractual language and disclosures may be reviewed, as well.
Q: Irrevocable Trust Account
What is the correct treatment for irrevocable trust account that became an Irrevocable Trust due to the death of an owner of a revocable trust account? Should it follow REV rules or IRR rules?
Revocable trusts (REV) that become irrevocable (IRR) upon the death of an owner (grantor) may be treated as REV for deposit insurance purposes. To the extent the CI maintains sufficient information to complete deposit insurance calculation as REV, this is the preferred approach. There are instances where the REV trust has become IRR and the CI no longer maintains the information necessary to complete the insurance determination as if it were REV. In this instance, the FDIC would expect the account to be treated as IRR.
Q: Pass-through Coverage for 15c3-3 accounts
How would pass-through coverage be applied for funds held in 15c3-3 reserve accounts that are not considered brokered deposits? What would the ownership category be?
Where deposits are held by an agent on behalf of its principals, deposit insurance may "pass through" the holder of the account (the agent) to the owners of the funds (the principals). 12 C.F.R. § 330.7(a). Generally, pass-through coverage is only available if three requirements are satisfied:
- The custodial nature of the account must be disclosed in the deposit account records of the insured depository institution. 12 C.F.R. § 330.5(b)(1).
- The identities and interests of the actual owners must be ascertainable either from the account records of the insured depository institution or records maintained in good faith by the agent or other party. 12 C.F.R. § 330.5(b)(2).
- The agency or custodial relationship must be genuine. Through this relationship, the deposits actually must be owned by the named owners and not by the agent or custodian. Actual ownership of the deposits will depend upon the agreements among the parties and also may depend upon applicable state law. See 12 C.F.R. § 330.3(h); § 330.5(a)(1).
Where funds are not owned by particular clients of the broker-dealer, pass-through insurance would not apply. Our understanding is that the funds in the special reserve bank accounts maintained under SEC Rule 15c3-3 generally are not attributable to particular clients. Thus, the funds in these accounts would be considered corporate funds for purposes of the FDIC’s deposit insurance regulations, and insured to the broker-dealer up to $250,000. See 12 C.F.R. § 330.11(a).
In addition, a 15c3-3 account would be subject to aggregation with any other corporate deposits a broker-dealer has at your institution. For example, if a broker-dealer has a corporate account and a 15c3-3 account at your institution, then both accounts are categorized under the BUS ORC. The combined balance would be insured up to $250,000.
Q: Annuity Contract Accounts (ANC)
How does insurance determination differ between annuities which are owned by the insurance company versus annuities owned by the annuitant?
If the insurance company is the owner of the funds then the applicable regulation provides that the insurance company’s funds are insured in an amount of up to $250,000 per annuitant. This is similar to the per-beneficiary coverage that generally applies to trust accounts. Even if funds of two different insurance companies are associated with the same annuitant, there are two separate owners and therefore the funds are separately insured.
If the annuity is owned by the annuitant, then the funds would be aggregated across insurance companies and would aggregate all balances owned by the annuitant thereby causing deposit insurance to be limited to $250,000. The need to aggregate funds across insurance companies for a particular annuitant should be rare as most state laws emphasize that the insurance company is the owner of the funds.
Q: In situations where a covered institution does not have a signature card with each co- owner’s ink or digital signature, but rather has a unique customer code, can the unique customer code serve as a deposit account record of the covered institution and the account be categorized as a joint account?
As long as the account opening process for joint deposit accounts satisfies each of the FDIC’s requirements for joint accounts, the accounts would be insured under the joint account category.
Section 330.9 of the FDIC’s regulations provides that a joint deposit account is deemed to be a “qualifying joint account” insured separately from any individually owned deposit accounts only if: (1) all co-owners of the funds are natural persons; (2) each co-owner has personally signed a deposit account signature card; and (3) each co-owner possesses withdrawal rights on the same basis.
Section 330.9 does not require any particular format for the signature card, and a signed deposit account contract would satisfy the requirement. Institutions can satisfy the signature card requirement through methods such as electronic signatures. In the context of the covered institution’s account opening process, if joint account ownership coding establishes that the customer has executed the deposit account contract for joint accounts, this would satisfy the signature card requirement even in the absence of an ink signature or a digital representation of an ink signature.
Q: What is the purpose for addressing accounts with "transactional
features" in Section 370.5?
Banks offer depositors certain accounts that allow the depositor to write checks, send or receive ACH payments, or conduct other transactions. Because it may take several days for these transactions to be completed, they could still be pending when a bank fails. If, for example, a check is presented to the successor to the failed bank on the business day following the failure, the successor bank will not be able to honor the check unless the FDIC has completed a deposit insurance determination. If there is a delay in completing the deposit insurance determination, the check could be returned, causing complications for the depositor. Moreover, a delayed deposit insurance determination could result in a large number of checks or other transactions not being processed, making operations very difficult for the successor bank. Accordingly, section 370.5 requires account holders who maintain information necessary for deposit insurance determinations outside of the bank and whose accounts have transactional features, to provide to the FDIC the information needed in time for the FDIC to calculate deposit insurance coverage within 24 hours after the FDIC’s appointment as receiver.
Deposit accounts with “transactional features” include deposit accounts from which deposits can be used to make payments or transfers to third persons or others (including another account of the depositor or account holder at the same institution or at a different institution). By including the phrase “another account of the depositor or account holder at the same institution or at a different institution,” the rule encompasses deposit accounts held in connection with prepaid card programs, brokered deposit programs, sweep programs, or other programs that permit their customers (who are the beneficial owners of the deposits that would be entitled to deposit insurance) to use those deposits to make payments. These programs may involve transaction processing by an IDI other than the IDI at which the deposit is maintained. In such cases, the deposited funds may be “swept" from one IDI to another IDI which will process the transaction that was initiated by the program’s customer. In order for these transactions to be completed without undue disruption resulting from a delay in the deposit insurance determination, the definition “transactional features” is used to include deposit accounts used in connection with programs like these within the scope of section 370.5.
A CI may submit a request for relief pursuant to section 370.8 if the CI is unable to certify that the account holder will submit to the FDIC the information needed for the FDIC, using the CI’s IT system, to calculate the deposit insurance coverage for deposit accounts with transactional features within the first 24 hours after the failure.
Q: Will extension notices submitted under section 370.6(b)(2) to extend the Part 370 compliance date for a period of up to one year be posted and made public?
A notice of extension submitted under section 370.6(b)(2) will be considered supervisory information and will be kept confidential.
Q: If a covered institution submits an extension notice under section 370.6(b)(2) prior to April 1, 2020, should the data required in the notice be updated as of April 1, 2020?
Yes. Covered institutions may submit the section 370.6(b)(2) extension notice prior to April 1, 2020. Such notice should state the total number and dollar amount of deposits for which the institution’s information technology system cannot calculate deposit insurance as of the date of the submission of the notice. Institutions should thereafter provide updated data as of April 1, 2020, as required by section 370.6(b)(2). The data should include all accounts for which the institution cannot calculate deposit insurance, whether because of technology or data issues.
Q: Signature Cards
Do Covered Institutions need to request relief before placing joint accounts with missing, incomplete, or inaccurate signature cards into the pending file?
As noted in section 370.8(b), covered institutions should request an exception in conjunction with placing joint accounts in the Pending File for reasons other than those allowed by Part 370 or the ITFG (for example, missing data fields without a “null” allowance). Section 330.9 establishes the requirements for joint accounts, which are needed for the FDIC to determine account ownership interests and insurance coverage, and the FDIC has provided additional information regarding means by which Covered Institutions can satisfy the signature card requirements of section 330.9.
Q: Should relief pursuant to section 370.8 for certain accounts be requested before the April 1, 2020, certification submission?
Yes, requests for relief should be submitted in advance of the Compliance Date. The summary report to be submitted pursuant to section 370.10(2)(v) requires the identification of deposit accounts for which the calculation could not be completed in the event of a Covered Institution’s failure. It is presumed that the CI’s certifying official would expect clarity with respect to the subset of deposit accounts for which relief is granted or pending when completing a certification submission.
Q: What are the criteria by which the FDIC may grant exceptions for certain deposit accounts?
The FDIC is required to pay depositors’ insured funds as soon as possible, which has typically been on the next business day. To assess the impact of an exception on the ability to quickly and accurately calculate the deposit insurance for the related deposit accounts, the following information must be provided to the FDIC in accordance with section 370.8(b):
- Is the need for exception clearly conveyed and adequately demonstrated? The FDIC must understand the need.
- Does the request explain how compliance with the requirement from which relief is sought would be impracticable or overly burdensome? The FDIC will consider whether a legal impediment or logical impossibility to compliance exists.
- How does the exception, if granted, impact the ability of the CI’s IT system to quickly and accurately calculate deposit insurance for the related deposit accounts? - The FDIC needs to know the effect the exception will have on its efforts to conduct deposit insurance determination in the event of the CI’s failure.
- Identification of whether the accounts have transactional features, as defined
under section 370.2(j), and if so:
- Description of the ability to continue to conduct depositors' transactions until the deposit insurance determination is complete.
- Identification of the sources and sufficiency of available liquidity to support continued transaction clearing during the pendency of the insurance determination, including the number of days funding will be available based on average daily transaction flows.
- Does the request state the number of, and dollar value of deposits in, the related deposit accounts? The FDIC needs to know the effect the exception will have on its efforts to conduct deposit insurance determination in the event of the CI’s failure.
Depending on the nature of the relief request, providing the following information, as necessary, with a relief request would facilitate the review of the necessary elements listed above:
- Identification of the beneficial owners of the funds by type (individual, commercial, government, etc.) if the beneficial owner is not the account holder.
- Breakdown of the number of affected deposit accounts above and below $250,000 and the average account balance. The proportion of all deposit accounts that these deposit accounts represent, and the proportion of the CI’s deposit dollar volume that they represent.
- Estimated time required for banks or account holders to submit the information required to complete a deposit insurance determination.
- Description of trends or volatility, in the number of accounts and dollar value, of the affected accounts over time in relation to the number of accounts reported in the request for relief today.
- Description of disclosures made to the depositors about timely access to insured funds.
- Description of remediation plans that have been developed including a timeline for execution, resources dedicated and expected progress at key milestones.
Q: If a CI was exempted, or certain accounts were exempted from section 360.9, would the relief also apply under Part 370?
No. The requirements of Part 370 are independent of section 360.9.
Q: Will Covered Institutions subject to section 360.9 and Part 370 still be required to comply with section 360.9 and the requirement to file the FDIC Annual Questionnaire until the actual compliance date of April 1, 2020 for Part 370?
Covered Institutions subject to section 360.9 will be required to comply with section 360.9 until submission of the Part 370 compliance certification as required under section 370.10(a). While the deadline for the Part 370 compliance certification is April 1, 2020, the Covered Institution is permitted to certify Part 370 compliance prior to the deadline. A Covered Institution is released from the requirements of section 360.9 upon submitting to the FDIC the compliance certification required under section 370.10(a). Please note: Part 370 does not require CIs to terminate their section 360.9 capabilities. Further, section 370.3(a)(3) requires CIs to be able to restrict access to some or all deposits in each deposit account.
NEW Q: Compliance with Part 330 Simplification Rules
The FDIC’s Final Rule to simplify deposit insurance, 87 Fed. Reg. 4455 (January 28, 2022), has an effective date on April 1, 2024. What are the impacts on submitting annual certifications of compliance with Part 370? Will the FDIC publish a revised Information Technology Functional Guide?
A: A covered institution’s Part 370 capabilities must conform to prevailing deposit insurance rules set forth in Part 330. Certifications of compliance with Part 370 made on or prior to April 1, 2024 should reflect existing requirements. Certifications submitted after April 1, 2024 should reflect the changes in Part 330 that take effect on April 1, 2024. On and after April 1, 2024, covered institutions should utilize ownership right and capacity code “TST” for the combined revocable and irrevocable trust categories as set forth in § 330.10.
FDIC staff is in the process of updating the Part 370 Information Technology Functional Guide (ITFG) to address the recent revisions to Part 330 concerning deposit insurance coverage for certain trust accounts and mortgage servicing accounts. FDIC staff expects to publish an update of the ITFG during the first quarter of 2023.
FDIC staff has not yet updated the 2016 edition of its “Financial Institution Employee’s Guide to Deposit Insurance,” but has provided a fact sheet addressing the changes to the rules for coverage of trust deposits that take effect on April 1, 2024. The “Financial Institution Employee’s Guide to Deposit Insurance” and the fact sheet can be found on the FDIC’s Financial Institution Employee’s Guide to Deposit Insurance website. FDIC staff will alert industry participants when updates to the guides are published.
NEW Q: Many covered institutions have submitted relief requests asserting that they cannot comply with Part 370’s deposit insurance calculation timing requirements with respect to deposits in certain types of accounts that are not held in the name of a depositor and are used for processing transactions (e.g., “work-in-process accounts,” “clearing accounts,” “settlement accounts,” “suspense accounts,” or other similarly described accounts, all collectively referred to in this FAQ as “internal accounts”). How should covered institutions treat depositors’ funds while held in these internal accounts for purposes of compliance with Part 370?
A: Part 370 generally requires a covered institution to configure its recordkeeping and information technology systems to be capable of calculating deposit insurance for each deposit account within 24 hours after the appointment of the FDIC as receiver (“Part 370 capabilities”). A covered institution’s Part 370 capabilities are essential to ensure that if it were to fail, its depositors would receive their insured deposits as soon as possible as mandated by section 11(f)(1) of the FDI Act.
Internal accounts often hold deposits whose owners must be identified before the deposits can be aggregated with the owners’ other deposits at the covered institution or forwarded to another financial institution for settlement. In the event of a covered institution’s failure, this identification must occur as soon as possible after end-of-day processing consistent with the FDIC’s methodology for determining deposit account balances set forth in 12 C.F.R. § 360.8 so that the deposit insurance determination can be completed. In most circumstances, the information necessary to identify the depositors and the amount of their deposits should be available in the covered institution’s deposit account records. The general recordkeeping requirements set forth in section 370.4(a) are applicable to internal accounts holding deposits that have been moved to an internal account from a customer’s deposit account or where the requisite depositor information is otherwise available in the covered institution’s records. For example, an internal account that holds dormant account funds pending escheatment to the appropriate state abandoned property office must be maintained in accordance with the general recordkeeping requirements set forth in section 370.4(a).
The FDIC recognizes, however, that certain internal accounts hold deposit balances that will require outreach to third parties or additional research to confirm the accuracy of the amount or ownership of the deposit and that research or outreach might not be completed within 24 hours after the FDIC’s appointment as receiver. A covered institution may not have the information concerning deposit ownership in its deposit account records at the time of failure because the covered institution must rely upon another party for the requisite depositor information. Moreover, a covered institution may be able to identify the owners of deposits in an internal account but cannot accurately calculate the deposit insurance because the covered institution has not been able to verify certain aspects or elements of the transaction. The requisite information must be identified or obtained before deposit insurance can be calculated. Such internal accounts include, but are not limited to, internal accounts which hold returned wires in process, check deposit errors, check fraud, and loan payment errors.
Although internal accounts must be maintained in accordance with the general recordkeeping requirements set forth in section 370.4(a), FDIC staff acknowledges the practical limitations of satisfying the general recordkeeping requirements continuously in order to calculate deposit insurance for these internal accounts within the 24 hour time requirement. Therefore, FDIC staff will not find a covered institution in violation of Part 370 for instances of noncompliance with Part 370’s general recordkeeping requirements applicable to internal accounts while a covered institution conducts outreach to third parties or additional research to verify deposit ownership or resolve errors, so long as the covered institution maintains its internal accounts in accordance with the alternative recordkeeping requirements set forth in section 370.4(b)(1) and takes the following actions:
- In each Part 370 certification of compliance, describe the number of internal accounts, the average balances of internal accounts that cannot be processed within the 24 hour time frame required by Part 370, how each internal account is used, the General Ledger account numbers associated with such accounts, the amount of time it would take to complete processing and calculate deposit insurance for each type of impacted internal account, and, in the event that processing and calculation would take longer than 30 days, provide an explanation of the circumstances under which processing cannot be completed sooner;
- Maintain policies and procedures to prioritize and expedite the identification of the affected accounts to aggregate deposit balances of each depositor by ownership right and capacity to accurately calculate the deposit insurance coverage amount;
- Covered institution’s information technology system and processes must be capable of making such insured funds available to depositors no later than the time at which the deposits would be available to depositors in the normal course of business, but in no event later than 60 days after failure;
- Maintain the ability to prevent debits or credits to such internal accounts in the event of failure until a deposit insurance determination can be made; and
- Make reasonable efforts, in the ordinary course of upgrading its information technology systems, to implement new payment systems technology as it becomes available to the financial services industry to integrate an information technology solution that would facilitate calculation of deposit insurance for deposits in internal accounts within 24 hours after a covered institution’s failure.
The FDIC will verify ongoing efforts to improve processing capabilities and related policies and procedures for internal accounts during Part 370 compliance tests. Based upon this FDIC staff position, covered institutions that take the actions listed above need not submit an exception request. Moreover, covered institutions that have requested exception relief from Part 370’s deposit insurance calculation processing time frame for internal accounts should withdraw those requests if they intend to take the approach outlined in this FAQ.
This FAQ dated December 01, 2022 supersedes prior FDIC guidance related to relief from Part 370’s deposit insurance calculation processing time frame for internal accounts (including the Part 370 Information Technology Functional Guide and Compliance Review Manual).
Q: Recordkeeping Requirements for which Compliance may be Dependent upon the Receipt of Depositor Information
Part 370 of the FDIC’s rules and regulations requires a covered institution to (i) configure its IT systems to be capable of performing the functions set forth in section 370.3(b) and (ii) maintain in its deposit account records for each deposit account the information necessary for its IT systems to meet the requirements set forth in section 370.3(b). Generally, under section 370.4(a), a covered institution must maintain in its deposit account records information regarding deposit ownership that would be necessary to complete an accurate and timely deposit insurance calculation; e.g., name, address, and a unique identifier at a minimum. The exact depositor information that the covered institution needs to satisfy the applicable recordkeeping requirements may be dependent upon the type of account and a response from the depositor. Under section 370.4(b), however, a covered institution may instead satisfy “alternative recordkeeping requirements” for certain types of accounts (i.e., accounts eligible for pass through deposit insurance coverage and certain formal trust accounts). Furthermore, sections 370.4(c) and (d) prescribe recordkeeping requirements for official items and credit balances, respectively.
Since Part 370’s effective date, most, if not all, of the covered institutions conducted outreach to their depositors in an effort to obtain information the covered institutions need to comply with the recordkeeping requirements of section 370.4. The covered institutions have been successful in obtaining the requisite information to varying degrees.
In order to be able to certify compliance with Part 370, many of the covered institutions submitted requests for relief from recordkeeping requirements for specific deposit accounts because those depositors did not respond to the covered institutions’ requests for information. The FDIC granted covered institutions time-limited relief from those requirements. This time-limited relief has now or will soon expire; however, most of the covered institutions still have not received the requisite information from the depositors. For deposit accounts opened prior to the covered institution’s compliance date, as defined in section 370.2(d), will FDIC staff consider a covered institution to be in substantial compliance with Part 370’s recordkeeping requirements if (i) the covered institution’s approach for satisfying Part 370’s recordkeeping requirements is dependent solely on the depositors providing the information, and (ii) the depositors remain unresponsive despite ongoing outreach efforts by the covered institution?
A: Yes, for deposit accounts opened prior to the covered institution’s compliance date, FDIC staff will recognize a covered institution as being in substantial compliance with certain recordkeeping requirements of Part 370 in the particular situation where resolution of a Part 370 recordkeeping deficiency is dependent solely on a depositor’s response and that response has not been forthcoming despite the covered institution’s ongoing outreach efforts. The types of deposit accounts affected may include, but are not limited to, government accounts, joint accounts, formal revocable and irrevocable trust accounts, and informal revocable trust accounts. FDIC staff will not consider a covered institution noncompliant with Part 370 in this situation and will not recommend supervisory or enforcement action against a covered institution for this problem alone. Accordingly, a covered institution may submit its Part 370 annual certification of compliance consistent with this FAQ and need not request relief for this problem provided that the covered institution achieves substantial compliance by operating in accordance with the following conditions:
- Made multiple (three or more) attempts to contact a depositor for this information;
- At least annually, contact all depositors who remain unresponsive to the covered institution’s requests;
- States in its Part 370 annual certification of compliance that it is in substantial compliance with recordkeeping requirements, but that full compliance is dependent upon depositor responses;
- States in its Part 370 deposit insurance coverage summary report: the number of accounts for which a depositor’s response is still pending by account type (with description of the type of, or purpose for, the account(s)), the aggregate and average balances of deposits in such deposit accounts by account type, the number of depositor outreach attempts made during the past year, and the communication methods used for contacting depositors;
- Informs these depositors that their failure to respond could result in a delay of deposit insurance payments;
- Collects from the depositor the information needed to satisfy Part 370’s recordkeeping requirements at the time of account opening for deposit accounts opened after the covered institution’s compliance date;
- Maintains the ability to restrict access to the subject accounts in the event of failure;
- Lists in the Part 370 Appendix B – Pending File the deposit accounts for which a depositor’s response has not been forthcoming; and
- Immediately bring to the FDIC’s attention any change of circumstances or conditions.
The FDIC will verify the covered institution’s ongoing depositor outreach efforts and related policies and procedures during its Part 370 compliance tests.
Based upon this FDIC staff position, a covered institution may determine that it is substantially compliant with part 370’s recordkeeping requirements for deposit accounts in this situation, and therefore, an exception request is unnecessary. Moreover, covered institutions should withdraw requests for relief made on this basis.
This FAQ dated June 14, 2022 supersedes prior FDIC guidance, including the Information Technology Functional Guide and Compliance Review Manual, related to grants of relief for requests that identify depositor outreach as the only recourse for rectifying an instance of noncompliance with Part 370’s recordkeeping requirements. Conversely, this FAQ does not apply to any situation in which a covered institution’s compliance with Part 370 recordkeeping requirements is not dependent on depositor response.
Q: How should a covered institution’s Deposit Insurance Coverage Summary Report address omnibus and other accounts that contain deposits owned by various parties that are insured in various ownership rights and capacities?
The Information Technology Functional Guide provides guidance to covered institutions by providing an illustrative example for the Deposit Insurance Coverage Summary Report that can be used to satisfy the reporting requirement set forth under § 370.10(a)(2). In instances where a covered institution has identified deposits in a single account that are owned by various parties insured in various ownership rights and capacities (“ORCs”) and sufficient information is available in the covered institution’s records to calculate deposit insurance, the covered institution should display the beneficial owners’ allocation of the deposit balance by ORC together with the number of accounts attributable to each owner on Table 1, which corresponds with the Customer and Account Files. Covered institutions should also include an additional row in Table 1 as a reconciliation line to report the distinct totals, as shown in the example below, to clarify that the number of deposit accounts listed on the summary report differs from the number of deposit accounts the covered institution reports on its Call Reports or for other purposes.
Q: What is the process for submitting output files in advance of a compliance test?
The FDIC will contact institutions approximately 90 days in advance of a scheduled compliance test. The FDIC will utilize the secure, file-transfer mechanisms provided within Enterprise File Exchange (EFX) (efx.fdic.gov). In providing output files for Part 370 compliance tests, the FDIC requests that covered institutions adhere to the following guidelines:
- Data Formatting: Output files should be pipe-delimited ASCII flat files. Do not pad leading and trailing spacing or zeros for the data fields. Institutions should adhere to the format specified for each output file field as specified in Appendix B to Part 370. Non-numeric characters should not be present in numeric fields. For example, institutions should not include commas or parentheses in numeric or decimal fields. For example, to report an amount of $123,456.78, the deposit file record should look like |123456.78|, and neither |+00000123456.7800| nor |123,456.78|. Please use two consecutive delimiters “||” to report missing data.
- Negative Balances: Institutions may omit negative balances from output files. If an institution selects to include negative balances because of certain deposit system configurations, the only sign needed is the negative “-” sign when the amount is less than zero US dollars.
- Currencies: All monetary values should be reported in U.S. dollars. If a currency conversion is needed, use a reputable source for conversion rates and store that rate so that it would be possible to convert the deposit amount back to the original currency type for processing.
UPDATED Q: What is the process for submitting annual certifications of compliance and deposit insurance coverage summary reports?
A certification of compliance and deposit insurance coverage summary report should be mailed on or before its compliance date and annually thereafter to the address below:
Office of the Director
Division of Complex Institution Supervision & Resolution
Federal Deposit Insurance Corporation
550 17th Street NW
Washington, DC 20429-0002
Institutions should also provide an electronic copy, via a secure email to the Part 370 mailbox (firstname.lastname@example.org). CEO/COO attestation signatures may be provided electronically.
Deposit Insurance Coverage Summary Reports ("Summary Report")
Electronic copies of the deposit insurance coverage summary report should be provided as a Microsoft Excel worksheet instead of a portable document format (PDF). The Summary Report should reflect the illustrative example in Appendix B of the Information Technology Functional Guide, with as much specificity and granularity as possible. The following guidelines describe expectations for each table of data:
- Table 1: Summary by Ownership Right and Capacity – The FDIC expects institutions
to identify the number of account holders, the total number of deposit accounts,
and the total amount of deposit dollars by each ownership right and capacity
code. Institutions should detail the number and dollar balance of fully insured
and partially insured/uninsured accounts by ownership right and capacity per
account. Institutions should follow the illustrative example on Page 59 of the
Information Technology Functional Guide (ITFG), Version 2.1. Table 1 should
only include accounts in the Account File and Account Participant File for
which an insurance determination can be made.
- Table 2: Records maintained by bank – The FDIC expects institutions to identify
accounts where an insurance determination cannot be made, but where records are
maintained by the bank. This section should reflect accounts for which a
relief request is outstanding or granted and accounts that are not subject
to the general recordkeeping requirements under the rule (i.e. Official
Items). Examples would be government accounts for which a CI has
time-limited relief to conduct customer outreach to obtain official custodian
information (Agency or Custodian – A), informal revocable trust accounts
maintained by the bank with missing records or beneficiary information
(Beneficiary – B), and joint accounts for which a CI has time-limited relief to
confirm qualifying joint account status (e.g. to find missing signature cards or
have account holders execute new signature cards) (Rights and Capacity Codes –
- Table 2: Alternative Recordkeeping – The FDIC expects institutions to identify
accounts for which additional information is needed to complete the insurance
determination, as authorized by Section 370.4(b). Institutions are expected
to use the Pending Reason Code associated with each Pending File
- Table 3: Pending Accounts by Account Type – Institutions are encouraged to
provide additional descriptions of Pending File accounts. Institutions have
discretion as to the classification of the account types provided; however, the
FDIC requests that institutions avoid overly vague categories such as
deposits,” “demand deposit accounts,” or “other savings
accounts.” In addition
to providing granularity in the description of Pending File accounts, the FDIC
expects institutions to specifically identify those accounts for which a relief
request is outstanding.
The total count and dollar balance of Table 3 should match Table 2. The FDIC expects to reconcile an institution’s total deposits by aggregating the deposits reported in Table 1 with the deposits reported in Table 2 or Table 3.
Requests for Relief
Requests for relief may be submitted to the FDIC, in accordance with Section 370.8, for circumstances that exist that would make it impracticable or overly burdensome to meet the requirements of Part 370. For clarity, the FDIC expects CIs to submit requests for relief for accounts meeting the general recordkeeping requirements of the Rule for which a deposit insurance calculation cannot be completed.
Q: Will denial of a request for relief after a covered institution’s compliance date result in immediate non-compliance with Part 370?
Section 370.10(c) provides that a covered institution will not be considered to be in violation of Part 370 for requirements that are subject to a pending request for relief. In the event the FDIC denies a good faith request for relief after a covered institution’s compliance date, FDIC staff will work with the covered institution on a remediation plan. During the remediation period, the covered institution will not be penalized or receive notice of non-compliance with Part 370 if the institution works in full cooperation with the FDIC to remediate the deficiencies. If, in its determination and denial of the relief request, the FDIC finds evidence of concealment, fraud, or other factors that demonstrate a risk of harm or loss to depositors, the FDIC reserves the right to deem the institution in non-compliance with Part 370 and pursue all appropriate remedies.
Q: The FDIC’s Part 370 Compliance Review Manual references reconciliation of deposit accounts. What is the FDIC’s expectation of covered institutions regarding demonstrating reconciliation capabilities?
The reference in the Compliance Review Manual to reconciliation is meant only to indicate that a covered institution should have controls in place to ensure that all eligible deposit accounts are included in its Part 370 output files. For Part 370 compliance testing purposes, the FDIC will only verify that such controls are in place and will not examine or review the substance or details of such controls.
Q: How will the FDIC schedule the compliance reviews and conduct follow-up actions if necessary?
The reviews will be prioritized by internal and external risk factors determined by the FDIC and the primary federal regulator. The FDIC expects that all Covered Institutions will be reviewed in the first three years after an institution’s compliance date.
All findings will be discussed with bank staff upon completion of the review and the FDIC generally expects that Covered Institutions would address the findings. While the FDIC can bring enforcement actions to compel remediation of issues, we would not do so as an early step and only anticipate doing so in the extraordinary circumstance of a Covered Institution’s ongoing refusal to work with the FDIC on identified issues.
Q: Can the output files for the annual coverage summary report and the compliance review be produced from the test environment instead of the production environment?
No. Output files should be produced from the production environment because it will produce the most accurate and up-to-date information for all deposit accounts, as well as demonstrate the capabilities and run-times of the institution’s information technology systems.
Q: If debt flags are optional, why does the compliance manual include a section on such review?
While the debt flags are optional, the FDIC will need to note various loan platforms and processes as well as assess the bank’s and FDIC’s staffing needs to determine mutuality and process offsets at failure.
Q: Are there interim deadlines prior to the Part 370 compliance
No, Part 370 does not impose any interim deadlines prior to the compliance date. The compliance date is April 1, 2020, for all initial Covered Institutions as of April 1, 2017. For a Covered Institution meeting the two million or more deposit accounts criteria for two consecutive quarters after April 1, 2017, the compliance date is three years after the date on which it becomes a Covered Institution (as of the end of the second consecutive quarter). A covered Institution may submit its Part 370 compliance certification prior to the compliance date in the event that it has implemented and successfully tested its information technology system for compliance before such time.
The FDIC has initiated an outreach program with CIs to discuss each Covered Institution’s implementation strategy and to answer questions by providing guidance on their implementation process and categorization of specific products or account types. Separately, the FDIC is considering utilizing a pilot program for CIs that are prepared to implement the Part 370 requirements on an accelerated basis but has not implemented such program at this time. This will be optional, and there are no associated deadlines.
Q: For the summary report due by April 1, 2020, should year-end or quarter-end data be used?
The output files should be tested and produced as close as practical to the certification date but not earlier than four months before the summary report is submitted. That four month window would include the most recent quarter- or year-end if the CI determines such period-end test date would be conducive to the CI’s internal scheduling purposes.