If a director wants to get into hot water—and their financial institution as well—violating Regulation O is a good place to start. It’s “one of the three things that makes bank examiners see red,” says Sanford Brown, a partner at the law firm Alston & Bird (the other two being the violation of lending limits and noncompliance with Regulation W, which governs transactions between a member bank and its affiliates). Designed to prevent insider abuse and ensure the safety and soundness of the bank through good lending practices, it’s a violation that examiners have zero tolerance for, and often results in a civil money penalty, adds Brown. It’s no wonder that bank directors often err on the side of caution when it comes to compliance with the rule.
Regulation O “governs any extension of credit made by a member bank to an executive officer, director or principal shareholder of the member bank, of any company of which the member bank is a subsidiary, and of any other subsidiary of that company.” Loans made to covered individuals, or businesses that these individuals have an interest in, must be made on par with what any other bank customer would receive, with the same terms and underwriting standards. The covered loans are subject to the bank’s legal lending limits, and the aggregate credit for all covered parties cannot exceed the bank’s unimpaired capital and unimpaired surplus. The extension of credit must be approved by the majority of the board, with the affected person abstaining from the discussion. Executive officers are limited further and may only receive credit to finance their child’s education, and to purchase or refinance a primary residence.
Essentially, Regulation O ensures that directors, officers and principal shareholders aren’t treating the institution like their own personal piggy bank. But directors also want to drive business to their bank. “Most directors want to know where [the] line is and stay away from it, but some believe that their job is to drive all the business they can to the bank, and that’s one of the things that great directors do,” says Brown. “But do it right.” Here are a few things to keep in mind to avoid compliance gaps in Regulation O.
Know Who All Are Affected
“With all the various corporate structures that banks can have, having a strong process for the identification of covered individuals is the No. 1 thing a bank can do to help the compliance process,” says Asaad Faquir, a director at RSK Compliance Solutions, a regulatory compliance consultant.
Under Regulation O, “executive officers” are defined as bank employees that participate, or are authorized to participate, in major policymaking functions—regardless of that person’s title within the organization. This generally includes the president, chairman of the board, cashier, secretary, treasurer and vice presidents. There can be some grey area as to which officers are covered under Regulation O, and some banks provide a broader definition than the rule requires to ensure compliance.
Principal shareholders are defined as those that own more than 10 percent of the organization. The definition of director, as a general rule, doesn’t include advisory directors.
An ill-defined population for Regulation O can raise the risk of noncompliance with the rule, says Tim Kosiek, a partner with the accounting and advisory firm Baker Tilly. The law is relatively black-and-white, as legislation goes, but the holdings of bank directors and principal shareholders can be complex, which heightens the compliance challenge. Banks should not only identify the officers, directors and principal shareholders covered by the law, but also family and business interests. The bank’s governing policy should define that process, and indicate how often it will be reviewed, he says.
Covered individuals are required to prepare an annual statement of related interests, and Brown says this is an area where a well-meaning director can easily trip up. “Full disclosure of every business relationship that the director has is critical. And it’s a pain—some of these people really do have their fingers in lots of pies,” he says. These interests should be communicated throughout the organization, to ensure that a loan officer doesn’t unintentionally conduct business as usual with a company that has a relationship with a covered individual.
If the terms of a covered loan are modified, the modification should go back through the bank’s Regulation O process, says Kosiek. And if a director acquires an interest in a company with a preexisting credit relationship with the bank, that should also be reviewed due to the director’s involvement.
A director, officer or principal shareholder must ensure that he or she is seen as having no influence on the process for the approval of a loan in which the covered individual has any interest. It’s a good practice for the affected director to just leave the boardroom before the related loan is discussed, says Faquir. “It protects the directors themselves, it protects the institution, and it’s a cleaner process.” He provides one example where a director explained to the board his own involvement in a loan, and then recused himself—with the good intention of being transparent about the process. From the point of view of the bank’s regulator, however, this was perceived as influencing the board in the loan’s approval. It’s best for the recusal to be immediate, so the regulators, upon reviewing the documentation, find no cause to believe that there was undue influence.
The law requires that each bank maintain records that identify covered parties, and document all extensions of credit to directors, principal shareholders and executive officers, to prove that the bank followed the letter of the law. “If you are to demonstrate compliance with the regulation, you have to make sure that your minutes reflect, No. 1, that the individual did not participate in the discussion” and that the rate and terms offered are the same as what would be offered to any other bank customer, says Scott Coleman, a partner at the law firm Ballard Spahr. Document the credit analysis to ensure the loan received the appropriate terms and underwriting standards. The board should also deliberate annually on who is covered by Regulation O, particularly which officers are involved in policymaking. Recordkeeping in this case can help address questions that come up in an exam, says Coleman.
Handle Violations Proactively
Mistakes can happen, so pay attention to quarterly loan reports. A director may find that a business she is involved in but doesn’t run daily received a loan from the bank. Own the error and make it right by disposing of the loan. Assuming it’s a good loan—which it should be—pay it off in full, at no loss to the bank, and move it to another (unconnected) bank. “That’s the easiest way to remedy it, and to show that there were systems in place to prevent these sorts of things from happening, [and] it just was an honest mistake,” says Brown.
Coleman recommends that banks self-report inadvertent infractions, as the penalties are likely to be less severe. “Contact [the regulator], indicate what was discovered, how the error was made, how the error was corrected and what the bank intends to do in the future to monitor Reg O,” he says.
More serious Regulation O violations can suggest to regulators that other abuses are occurring, and they may go looking for larger problems, adds Coleman. And a violation will almost certainly result in civil money penalties, for the covered individual as well as the board that approved the loan or the loan officer responsible for underwriting the loan. In extreme cases where a violation was seen as intentional, there can be criminal implications in addition to the fine, says Coleman, and regulators could seek the removal of that officer.
Brown believes that regulators under the current administration will focus more on safety and soundness and less on social issues, like consumer risk. “I think the current policymakers are going to focus on where banks make money and where banks lose money, and the real risk in the balance sheet is the loan portfolio,” he says. Banks tend to fail due to bad loans or fraud, so that could mean a heightened focus on Regulation O.