Whether your bank uses an in–house, an outsourced or co-sourced internal audit function, the internal audit program must be independent. And no matter the arrangement, management and the board have a degree of responsibility for internal audit’s efficacy—as such, they must accept ownership of this function even where it is fully outsourced.
As part of this, national chartered banks need to comply with the requirements issued by the Office of the Comptroller of the Currency (OCC) in October 2013 entitled “Third Party Relationships: Risk Management Guidance,” which deals with the selection and ongoing oversight of all critical third-party relationships, including outsourced or co-sourced internal audit arrangements. Although the guidance is addressed to national banks, it also establishes a best practices approach for state chartered banks that are supervised by the Federal Reserve or Federal Deposit Insurance Corp. The OCC guidance stipulates that banks must implement effective risk management processes to actively manage outsourced vendors, and that the roles and responsibilities for overseeing and managing all third-party relationships be specific and clearly defined. Therefore, whether the bank outsources or co-sources all or parts of an internal audit program, it does not diminish the responsibility of its board of directors and senior management with respect to overseeing and managing the program.
So the question becomes how best to manage outsourced or co-sourced internal audit relationships while optimizing the independence that is necessary for boards and audit committees in the fulfillment of their responsibilities.
Banks are deploying a variety of approaches driven by organizational structure, cost or culture. Sometimes these are successful, but they often fall short of regulatory expectations.
It is possible to achieve a quality internal audit program as long as the board and management adhere to a number of key principals and are truly committed to having an internal control environment that helps the bank manage its risks.
Our firm has helped hundreds of banks implement effective internal audit programs in both full outsourced and co-sourced scenarios. Some of the elements that we have found most critical to building an effective program include:
Corporate Governance: Corporate governance and the tone at the top is the foundation of an effective program. This entails setting up a structure that includes direct reporting to the chairman of the audit committee while, at the same time, having appropriate internal management oversight. Often that oversight resides with the chief risk officer of the bank. However, we have observed successful programs that use compliance officers or an in-house internal auditor. Independence is derived from board and management commitment, setting the tone and culture within the bank.
Internal Audit Risk Assessment and Audit Plan: The success of an internal audit program is highly dependent on identifying the risk profile of the bank and developing an appropriate audit plan that addresses those risks. Just a few of the areas complicating today’s bank risk environment include information security and technology driven service delivery channels, consumer compliance and BSA/AML compliance requirements and interest rate risk management.
Experienced and Qualified Internal Audit Team: A successful internal audit program is simply not possible without deploying the right expertise and experience to audit the different aspects of a bank’s business and compliance requirements.
A successful internal audit program is often accomplished by seeking an outsourced or co-sourced solution which, based on regulatory guidance, management is responsible for managing. However, independence does not need to be compromised—particularly if the bank culture and tone at the top are committed to an independent risk-based internal audit program.
Most of the news coverage about the potential for rising interest rates has assumed rising rates will help banks. But will it help your bank? It turns out, that’s not an automatic yes. This article will help board members understand how interest rates impact a bank’s profitability, and offers questions that you should be asking your management team.
Many of the biggest banks in the country, which are the subject of so much news and analyst coverage, are deliberately managed to be asset sensitive. That means that they benefit from a rising interest rate environment, because their “assets,” mainly loans, will generate higher income as rates rise. Many big banks have more variable-rate loans on their books, such as commercial and industrial loans, than community banks do, and those loans tend to reprice more quickly up or down when rates rise or fall.
However, community banks can’t make the assumption that they will benefit when rates rise. A careful analysis of their own particular situation is necessary.
“There does seem to be a general perception that rising rates are good for all banks. That’s simply not true,’’ says Matthew D. Pieniazek, president of Darling Consulting Group, in Newburyport, Massachusetts, which advises banks on asset liability management. Many community banks that manage as if they are asset sensitive will actually experience earnings pressures when interest rates rise, he says. (This is known as liability sensitivity, when funding costs increase faster than asset yields.) The biggest risk could come from deposits, but there are also impacts on loans and investment portfolios to consider.
Regulators have made it clear that oversight of interest rate risk, or IRR, rests squarely on the shoulders of the board. The Office of the Comptroller of the Currency issued a joint “advisory on interest rate risk management in 2010” that emphasizes this point:
“Existing interagency and international guidance identifies the board of directors as having the ultimate responsibility for the risks undertaken by an institution, including IRR. As a result, the regulators remind boards of directors that they should understand and be regularly informed about the level and trend of their institutions’ IRR exposure. The board of directors or its delegated committee of board members should oversee the establishment, approval, implementation, and annual review of IRR management strategies, policies, procedures, and limits (or risk tolerances). Institutions should understand the implications of the IRR strategies they pursue, including their potential impact on market, liquidity, credit, and operating risks.”
How do rising interest rates impact deposits? Since late 2008, the Federal Reserve has kept interest rates near zero, resulting in all kinds of interest bearing deposits and investment products also hitting near zero yields. Alternatives to noninterest bearing deposits such as CDs and other term investments carry premiums that are hardly worth the trouble. There is almost no rate differential between a CD or even a government bond and an FDIC-insured nonmaturity account, such as a savings or checking account at a bank. As a result, the banking industry has experienced a substantial increase in non-maturity deposits. Pieniazek estimates that industry-wide, nonmaturity bank deposits are as much as 20 to 25 percent above normalized levels.
So it’s hard to know as rates rise, how much money will leave the bank. Some customers may do nothing. Others may move money into higher interest-bearing accounts or CDs at the bank. Still, others will put their money in investment accounts or move it to other banks and credit unions that are offering higher rates than your bank.
Pieniazek thinks there is a lot of pent-up demand for higher rates, as baby boomers are getting ready to retire and retirees have been sitting on low-earning deposits for many years. He says that a bank can look historically at its own deposit levels, and take appropriate actions to gauge how much of their non-maturity deposit base might be at risk.
It’s important as a board member to know what your bank’s plan is. “One hundred percent of financial institutions will see deposits leave,’’ Pieniazek says. Deciding how much the bank is willing to lose and the impact of rising rates on its deposit strategy is important for any board.
Questions to ask: When the Fed raises rates the first, second or third time, how are we going to react? Are we going to hold our rates and not chase money? Are we going to let deposits leave us? What are the ramifications and why is that our plan? What could occur that will cause us to change our plan?
Determining to what extent you will lose deposits when rates rise is somewhat of a guessing game, which makes it the hardest part of the balance sheet to assess. Your bank management team can look at particular characteristics of their deposit base to make assumptions about how “sticky” those deposits are, meaning how likely they are to stay with your bank, says Rick Childs, a partner with consulting and accounting firm Crowe Horwath LLP. How long has each customer had a deposit account with the bank? Do they have other accounts or products with the bank, such as loans? Do they direct deposit every month and pay bills out of the account? Or is it a stand-alone money market account where the customer has no other relationship with the bank? Those are the depositors most likely to leave when interest rates rise.
We haven’t seen a lull this long in interest rates so it’s hard to know what will happen, Childs says. If funds leave and you have to replace those funds at higher rates, how will margins be impacted?
Net interest margins are net interest expenses subtracted from net interest income, divided by earning assets, such as loans and investments. So the higher your interest expense, the lower your income. The cost of funds is what it takes to generate the funds your bank needs to operate and lend at the level it desires. While interest expense on deposits is a large part of that, funding costs will also be impacted by borrowings and deposit surrogates such as customer sweep accounts. Bank analysts such as Fig Partners are already looking at the cost of funds for various banks to determine which banks will do better when rates rise. The theory is that the lower the cost of funds, the better the bank will do because it won’t be forced to raise rates on deposits to compete for funds.
Your management team should have well developed assumptions about how deposit rates will be impacted and what the plan is for reacting to rising rates. In general, Childs says the board should be asking management: “Explain to me what those assumptions are and how you derive those.”
What are your bank’s assumptions about what will happen to interest rates and how are those derived? How will your bank react? Your management team should have assumptions about the lag time before your bank raises rates in its different products. For example, if the Federal Reserve raises the federal funds target rate by 100 basis points over time, how much will your NOW accounts (checking accounts that earn interest) go up?
Most banks use vendors to provide interest rate risk modeling tools, and those models will have default assumptions of their own. It’s important to note that the board is responsible for making sure the bank is assessing the appropriateness and reasonableness of those assumptions. It’s not enough to outsource decision-making about interest rate risk and assume you are taking care of your oversight responsibilities.
The good news is that most banks do some kind of stress testing to see what happens to the bank under a variety of interest rate “shock” scenarios. For example, what happens if short-term rates rise 50 basis points? What about 100 basis points? How will that impact earnings? You might read or hear about a phenomenon known as the “flattening of the yield curve.” The yield curve refers to the difference between short and long-term rates or, for example, the fed funds rate versus a 10-year Treasury yield. If short-term rates increase while long-term rates don’t, that lessens the difference between those rates. A more ideal yield curve would have an upward slope, with short-term rates significantly lower than long-term rates. Flatter yield curves are generally bad for banks, because the cost of funds are driven by short-term rates.
How will rising rates impact loans? Your bank has a particular mix of terms on its loans that will impact what happens to your bank when rates rise.
You probably have a number of floating rate loans that are at a floor, meaning your bank won’t make loans or enable loans to reprice below that level despite prevailing market rates. How much will interest rates need to rise before prevailing rates go above the floor? How long will it take?
Obviously, variable rate loans in a rising rate environment are good for the bank. The bank will see increased interest income as a result. If interest income rises faster than the cost of funds, that means the bank is asset sensitive and earnings will improve in that scenario.
How will rising rates impact our investment portfolio? There are questions to ask about the bank’s securities portfolio as well. Does the bank own any securities with material extension risk? What is the concentration? Material extension risk is when the life of the security extends in a rising rate environment. Mortgage-backed securities are a good example, and plenty of banks have these. In a rising rate environment, borrowers are less likely to pay off their mortgages. Does the bank have callable bonds? These are bonds where the lender can call the bond early if rates drop, or extend the life of the bond if rates rise, Pieniazek says. Is the bank monitoring opportunities to sell bonds with undue extension risk?
Another factor to consider is what happens if rates don’t rise. Or, they rise much less and more slowly than the Fed portends. For many banks, this could be very harmful, especially if the bank is already experiencing continued declines in net interest margin… For most banks, the sustained low-rate environment is the most problematic issue, Pieniazek says. It’s important to consider this alternative scenario, as well.
In the end, all banks will be impacted by the rate environment. Understanding how your bank is affected by interest rates and the assumptions going into those estimations is a crucial ingredient to providing good oversight both today and in the years ahead.
On September 2, 2014, the OCC issued guidelines establishing heightened standards for certain institutions with $50 billion in total assets and for “highly complex” institutions, noting that it does not intend to apply the guidelines to community banks. However, the guidelines distill the OCC’s characterization of directors’ responsibilities that apply regardless of asset size. In this regard, the guidelines should be required reading for directors of every bank.
With regard to the role of directors, the OCC did not adopt a higher standard of director liability than the law generally provides (depending upon state of incorporation or chartering). This approach is very different from that espoused by the Federal Reserve Board’s Governor Tarullo in his controversial speech last year. Governor Daniel Tarullo exhorted legislatures to change the standards governing director conduct to impose a duty to meet regulatory and supervisory objectives (not just a duty to their institution and shareholders). The OCC notably bypassed the opportunity to try to extend director obligations beyond statute. Thus, the guidelines need to be read in conjunction with the existing legal framework.
The OCC reformulated what are in many cases age-old principles of director conduct. The guidelines are beneficial to directors in a variety of ways. Notably, the OCC sought to reclarify the divide between director and managerial responsibilities. To understand the significance of such line drawing, directors need to be aware of the regulatory approach to conflating the roles of directors and management since the downturn. Specifically, administrative actions, matters requiring attention and supervisory correspondence, have discussed the directors’ obligations to become further involved in their institutions’ activities in a quasi-managerial tone.
The OCC’s guidelines, however, note that they do not impose managerial responsibilities on boards or suggest the boards must guarantee any particular result. Instead, the OCC notes that the board’s duty is the traditional one of strategy and oversight.
However, there are increasing expectations for directors, particularly in terms of oversight of risk management. First, the OCC expects institutions to establish strategic plans that set forth a risk appetite. The board then must hold management accountable for adhering to the framework established. The guidelines clarify that the board provides active oversight by relying on risk assessments prepared by the departments of risk management and internal audit. Thus, although the board’s active oversight is in reliance on risk assessments, the board still must evaluate whether the risk appetite is being exceeded.
This expectation for oversight of risk tolerance have been seeping down the landscape and has become common practice for banking organizations of over $1 billion. I have seen institutions of $600 million and $700 million in total assets adding chief risk officers and risk committees. Risk assessments have proliferated like kudzu. Whether the guidelines are only expectations generally for the systemic important financial institutions (SIFIs) or not, these principles are becoming mainstream ideas for community banks as well. For SIFIs, the scope and pervasiveness of the risk management and mitigation framework are yet to be fleshed out.
The OCC expects boards to provide a credible challenge to management. Specifically, boards, in reliance on information from independent risk management and internal audit, should question, challenge and, when necessary, oppose decisions to expand the bank’s risk profile beyond its risk appetite.
The guidelines note that boards are not prohibited from engaging third-party experts to assist them. Thus, the OCC keeps open the well-worn ability of directors to rely on others for guidance (although the fiduciary decision-making remains exclusively the province of the board).
Otherwise, the OCC trots out existing basic minimum standards for corporate governance. Specifically, the guidelines provide that boards should conduct annual self-assessments. The guidelines also note that the OCC will review director training to see if it touches on all appropriate areas. Moreover, the guidelines note that directors must dedicate time and energy to reviewing and understanding the key issues affecting their bank. Those expectations are hardly new.
In short, the guidelines represent a mixed bag for bank directors. The OCC’s adherence to the separation between board and managerial responsibilities and directors’ ability to rely on third-party experts is reassuring. The OCC’s discussion of risk management and engaged directors challenging managerial direction are not threatening in themselves. Director concerns lie in the notion that examiners will expect an increasingly elaborate edifice of risk tolerance and assessment. For community banks, the question is how much of this edifice will they need. Thus, it is not the principles that are controversial, but the way in which such principles will be measured that causes concern for director liability.
Once again, regulators are zeroing in on inadequate strategic and capital planning processes at many community banks.
The Office of the Comptroller of the Currency (OCC) listed “strategic planning and execution” as its first supervisory priority for the second half of 2015 in its mid-cycle status report released in June. That echoes concerns from the latest OCC semiannual risk perspective, which found that strategic planning was “a challenge for many community banks.”
FDIC Chairman Martin J. Gruenberg said in May that regulators expect banks “to have a strategic planning process to guide the direction and decisions of management and the board. I want to stress the word ‘process’ because we don’t just mean a piece of paper.”
He said that effective strategic planning “should be a dynamic process that is driven by the bank’s core mission, vision and values. It should be based on a solid understanding of your current business model and risks and should involve proper due diligence and the allocation of sufficient resources before expanding into a new business line. Further, there should be frequent, objective follow-up on actual versus planned results.”
In writing about strategic risk, the Atlanta Federal Reserve’s supervision and regulation division said that “a sound strategic planning process is important for institutions of all sizes, although the nature of the process will vary by size and complexity.” The article noted that the process “should not result in a rigid, never-changing plan but should be nimble, regularly updated (at least annually) and capable of responding to risks and changing market conditions.”
Given economic changes and increased market competition, community banks must understand how to conduct effective strategic planning. This is more important now than ever, says Invictus Consulting Group Chairman Kamal Mustafa.
The smartest banks are using new analytics to develop their strategic plans— not because of regulatory pressure, but because it gives them an edge in the marketplace and a view of their banks they cannot otherwise see, Mustafa said.
“Strategic planning is useless without incorporating capital planning. The most effective capital planning is built from the results of stress testing. These critical functions—strategic planning, capital planning and stress testing—must be integrated if a bank truly wants to understand its future,” he said.
He advises banks to use the same fundamental methodology for both capital planning and strategic planning, or else they will run the risk of getting misleading results. This strategy is also crucial in analyzing mergers and acquisitions.
OCC Deputy Comptroller for Supervision Risk Management Darrin Benhart also advises community banks to use stress testing to determine if the bank has enough capital. “Boards also need to make sure the institution has adequate capital relative to all of its risks, and stress testing can help,” he said in a February speech. “We also talk about the need to conduct stress testing to assess and inform those limits as bank management and the board make strategic decisions.”
The culture inside a bank has received renewed discussion in various forums over the course of the last year. The regulators are now moving from crisis and reaction to root cause analysis of the financial crisis. Regulators have expressed concern that despite the array of new rules, guidance, and enforcement actions brought in the wake of the financial crisis and the Dodd Frank Act, banks just seem to keep turning up problems. Fair or not, and whether you think that this concern is really attributable to the largest financial institutions, the regulators’ signals merit attention for any bank.
Bank regulators, notably the Federal Reserve and the Office of the Comptroller of the Currency (OCC), have contrasted two broad categories of banks: those that adopt an approach of mere compliance with regulation, where compliance concerns are background noise to be silenced; and those that embrace risk management and compliance programs as an important part of cultural norms. The signal from the regulators is that they look for, and can sense whether the bank is in one or the other of these camps. Supervisory judgment calls are informed by those perceptions.
What is culture? William Dudley, president of the New York Fed, recently stated: “Like a gentle breeze, culture may be hard to see, but you can feel it.” Culture is the norms of behavior that drive the business, including ethical standards above and beyond the rules. This is attributable to the tone at the top set by directors and top executives, but it is manifested (or not) in behaviors throughout the organization. What incentives (compensation and otherwise) drive what kinds of performance throughout the organization? To what degree do risk management concerns get air time alongside financial performance in the board room? Do the board and senior management discuss risk management and compliance in terms of “regulatory burden?” Worse, do you talk openly about your talented risk and compliance staff as a “burden” weighing on the bottom line?
Increasingly, bank supervisors are beginning to mandate cultural norms. Internationally, the Basel Committee on Banking Supervision has set forth corporate governance principles to assess whether a bank’s board and senior management perform their risk governance responsibilities and establish an appropriate organizational risk culture. The OCC’s heightened expectations for enterprise risk management by the largest banks have emphasized the need for a board to provide what’s known as an “effective challenge” of management, and this has become the gold standard for all banks. The OCC has had open debate with the industry over whether directors must “ensure” rather than only “validate” the effectiveness of a risk management and compliance program. All of the regulators, including the Consumer Financial Protection Bureau, have sent strong signals in the form of enforcement actions, guidance and examination messages.
A key cultural norm is how the bank thinks of its customers. Thomas Watson, legendary leader of IBM, famously said: “The essence of trust building is to emphasize the similarities between you and the customer.” Does your bank consider borrowers as counterparties in a contract, or customers for whom the bank has a shared (fiduciary-like) interest in their success?
Moreover, once a strategic decision is made by the top leaders of the organization, does the company do a good job of challenging the decision when evidence arises that it was wrong-headed, or does the company suffer from confirmation bias, collectively seeking only the evidence that justifies the strategy? Institutional groupthink can result in hidden problems for a bank, whether they are credit concerns, compliance concerns, or lost market opportunities, for example. Does the organization value diverse views that can positively challenge norms?
Examiners assess culture by looking for patterns of behavior, rather than individual instances, just as they focus less on specific loans than on concentrations of credit risk. Distinctions between policies and actual behavior are measurable; exceptions to policy are measurable; meaningfully reviewable management reports should allow detection of patterns. In this sense, examiners and directors are aligned and can be complementary of each other.
Undoubtedly, the audit of risk management or compliance culture is subjective. Are we on the verge of bank supervisors becoming culture police? There is a real concern that supervisors could also suffer from confirmation bias and thereby feed a concentration of cultural norms and fail to appreciate the idiosyncratic nature of institutions and the value of their diversity. Nevertheless, it behooves all boards of directors to look inward and take heed of the bank regulators’ messaging about culture.
It wasn’t that long ago that a bank’s CEO proposed his own pay and the board of directors for the bank approved it with few questions asked.
That practice continues at many small, privately owned banks. But increasingly, boards are the drivers of the bank’s executive compensation, including the CEO’s. They are asking difficult questions, getting pressure from proxy firms and regulators to adjust pay, and positioning themselves not only as the decision makers, but crafting the bank’s executive pay plan from day one.
The increasingly powerful proxy firms, such as Institutional Shareholder Services (ISS) and Glass Lewis, are making a difference in the pay practices not only of big, publicly traded banks, but smaller banks as well. One key emphasis of these firms is to tie executive pay with shareholder returns.
Although many banks don’t have much institutional ownership of their stock, and therefore don’t necessarily need to worry about ISS’ view of their pay plan, many of them do want to implement pay practices that will balance the need to recruit and retain great talent, as well meet the demands of shareholders and regulators. Banks increasingly give restricted stock to executives that vests when multiple performance measures for the bank and the individual are met.
In addition to the proxy firms, regulators are putting pressure on boards to assess the risk in all their incentive programs, including loan officer pay, in keeping with the 2010 joint regulatory guidance on incentive pay. Boards seem to be increasingly involved in the minutiae of pay structures for all levels of staff, a job that was previously left up to management. Boards are simplifying and cutting the number of pay plans at their banks, which sometimes run to 20 or 30 different bonus programs.
Another change noted in the conference was the increasing use of deferrals of executive bonuses over a three or five-year period, even for banks below $50 billion in assets, as a way to mitigate risk, an awfully interesting development since only those above $50 billion in assets will be required to defer pay under the 2010 Dodd-Frank Act.
The fact that regulators haven’t finalized many pay rules under Dodd-Frank, including the deferral rule, is making the job of the board harder. Attendees at the conference told me they want to design a program that will last three or five years down the road without having to be revamped every time a new rule comes out. Michele Meyer, legal counsel for the Office of the Comptroller of the Currency’s Central District, explained during a panel discussion that multiple regulatory agencies, each with a different mission statement, have to sign off on the new rules, which has delayed the process.
All these headaches combined might be a reason why directors are getting paid more for the work they do for the bank—director pay increases at public banks below $15 billion in assets varied from 8 percent to 15 percent in 2012, as reported in 2013 proxy statements and analyzed by compensation consulting firm McLagan. As an example, the average total director compensation in cash and stock was $43,946 in 2012 for publicly traded banks between $1 billion and $5 billion in assets, an 8 percent increase from the year before. Many banks had frozen pay during the financial crisis, and now directors want to get paid in line with increasing shareholder value, said McLagan principal Gayle Appelbaum, a presenter at the conference.
The conference didn’t focus only on executive and director pay. Steve Steinour, the chairman, president and chief executive officer of $56-billion asset Huntington Bancshares in Columbus, Ohio, was the keynote speaker and didn’t talk about the frustrating issues of proxy advisor firms and regulatory guidance. Instead, he urged the audience to think about what kind of bank they wanted to run, and how to attract young people to work in banking. “There are fewer people seeking careers in banking than there were years ago,’’ he said, noting that the industry has been pilloried, sometimes deservedly. (Huntington Bank’s recruitment and training video features images taken of Occupy Wall Street demonstrations and pledges the bank will operate on the simple principle of doing the right thing.)
Steinour offered a different perspective on the issue of pay and retention: How do you make sure you have the staff you need so you can excel in the coming years? It was a question very much on the minds of some of the more than 250 attendees of the conference.
The Basel III final rules recently released make clear one thing: Small, community banks are getting a break. It may not actually feel that way. In fact, community bank CEOs across the country tell me they are very frustrated with new regulation, with Basel III, with the Dodd-Frank Act and with examiners scrutinizing their banks and coming up with problems that never seemed to be a problem before. The overarching theme is that more regulation is coming down the pike, Basel III’s final rules are just one part, and they will be burden to digest and implement.
“It’s a massive rule where they consolidated three notices of proposed rulemakings,” says Dennis Hild, a former Federal Reserve bank examiner and Crowe Horwath LLP director. Even though Hild is based in Washington, D.C. and it is his job to understand this stuff, even he admitted he had a lot of reading to do. So it will be a bundle for a small bank CEO to figure out, too. “There is still much to learn. We need to dig through it. We need to find out what’s important.”
The news in late June and early July that the Federal Reserve Board, the Office of the Comptroller of the Currency (OCC), and the Federal Deposit Insurance Corp. (FDIC) would jointly mitigate some of the proposals most onerous to community banks was a welcome, if small, relief in a heavily regulated industry.
Under the final Basel III rule:
Banks under $15 billion in assets can continue to count trust-preferred securities—known as TRuPS—as Tier 1 capital.
Banks can continue to risk-weight residential mortgages as they had under the original Basel I regime. The final rule abandons a proposal to institute a complicated formula of risk weights for residential mortgages.
All but the largest banks (above $250 billion in assets) can keep available-for-sale securities on the balance sheet without having to adjust regulatory capital levels based on the current market value of those securities. Banks have a one-time opportunity to opt-out on their first regulatory call report after Jan. 1, 2015 from what’s called the accumulated other comprehensive income (AOCI) filter. If they miss doing so, they can’t opt-out later.
FDIC Chairman Martin J. Gruenberg specifically said in a press release that changes to the final rule had been made because of community bank objections. The Federal Reserve even published a guide just for community banks to explain the new rules. The Independent Community Bankers of America (ICBA) acknowledged the gesture on behalf of community banks but said in a statement that it still supported an outright exemption from Basel III capital standards for community banks.
It doesn’t appear that community banks will be getting that. The goal of the new rules is to improve the quality and quantity of capital maintained by banks, should another financial crisis take place.
Most community banks will have to comply with the higher regulatory capital standards under the Basel III final rules. Small bank holding companies with less than $500 million in assets are exempt, but their depository institutions must comply. Thrifts and thrift holding companies also must comply with the new rules. The FDIC estimated that 95 percent of insured depository institutions already meet the capital standards required under the final rules. Still, bank management teams, and the bank boards that oversee them, will have to figure out if their banks need to raise capital, and if so, how.
Many other aspects of Basel III will impact community banks as well. Bank officers have been calling consultants and law firms to figure out the impact of the new rules.
One of the biggest questions has been how an acquisition might subject a bank to new rules under Basel III, say if an acquisition bumps the bank above $15 billion in assets. How will the TRuPS on the merged companies’ books be treated?
The biggest banks might feel deterred from M&A if it propels them into the ranks of “advanced approach” institutions, which are those with more than $250 billion in assets or more than $10 billion in on-balance sheet foreign exposure, such as foreign government debt. Such a category subjects those banks to special Basel III rules and higher standards. Also, under yet another proposed rule from all three federal banking regulators, bank holding companies with more than $700 billion in combined total assets or $10 trillion in assets under custody must maintain double the current minimum leverage ratio of 3 percent to be considered “well capitalized.” Regulators estimate only eight institutions in the country would be subject to this leverage requirement.
One aspect of Basel III that might impact community banks is exposure to certain “high volatility” commercial real estate loans, usually acquisition and development loans, which will require higher risk weights. There also will be limitations on certain kinds of deferred tax assets, says Hild.
His advice? Don’t freak out right now. Banks will have time to figure this out.
Although banks with more than $250 billion in assets will have to comply with new capital rules during a phase-in period that starts January 1, 2014, smaller institutions have until January 1, 2015 to begin phasing in the new standards. That will certainly be enough time to figure out if Basel III is a non-event for your organization.
Federal regulators are feeling the heat from community bankers fed up with the burden of increased regulations, and two of them made efforts to appease a crowd in Nashville last week attending the Independent Community Bankers of America National Convention and Techworld. More than 3,000 people attended the convention.
The Federal Deposit Insurance Corp.’s Acting Chairman Martin Gruenberg said he has begun a series of roundtables with small banks in each of the six FDIC districts across the country, and will review the exam and supervision process to make it better and more efficient.
“We are going to work very hard to understand community banks better,’’ he said. He added that he didn’t want to raise expectations unrealistically, but he thinks the agency can do better.
Bankers have been bristling under the weight of increased regulation following the financial crisis, including the passage of the Dodd-Frank Act in 2010 that has new rules for everything from compensation practices to the creation of a new Consumer Financial Protection Bureau that will define and forbid “abusive practices” among financial institutions.
Although many of the new regulations are supposed to apply only to large institutions, with the CFPB applying to banks and thrifts with more than $10 billion in assets, Eric Gaver, a director at $500-million asset Sturdy Savings Bank in New Jersey, said he’s skeptical.
“The general trend is [regulations meant for big banks] become a best practice for small institutions on future exams,’’ he said.
Regulatory exams have been a crucial point of frustration, as more than 800 banks and thrifts are on the FDIC’s list of “problem” institutions requiring special supervision. In response, U.S. Rep. Shelley Moore Capito (R-West Virginia), and Carolyn Maloney (D-New York) introduced last year the Financial Institutions Examination Fairness and Reform Act (H.R. 3461), which would allow bankers to appeal exam decisions to a separate ombudsman.
The ICBA is supporting the idea of a separate appeals process and ombudsman.
However, Acting Comptroller of the Currency John Walsh stood up before the ICBA crowd Tuesday and defended the existing review process in the face of the proposed legislation.
“We have long supported the notion that bankers deserve a fair and independent review,’’ he said, adding that the Office of the Comptroller of the Currency (OCC) Ombudsman Larry Hattix is independent of the supervisory process and reports directly to Walsh.
Appeals can be viewed on the OCC’s web site, which lists only five appeals since the start of 2011. Of those, the ombudsman sided with examiners in four of the five.
Walsh said that “as regulators, we don’t expect to be loved,” but that he can promise there shouldn’t be any surprises about how the OCC approaches the exam.
Walsh disputed rumors that regulators want to reduce the number of community banks and thrifts in the country.
“I can assure you the OCC is deeply committed to community banks and thrifts and the goal of our institution is to make sure your institutions remain safe and sound and able to serve your communities,’’ he said.
The Dodd-Frank Act is unlikely to be repealed, although it may be tweaked, according to John Walsh, the acting comptroller of the currency, who spoke before a crowd of about 400 bankers and bank directors at the 2012 Acquire or Be Acquired conference Monday in Phoenix.
The banking industry has been pushing for a repeal of Dodd-Frank, or at least major changes.
The Office of the Comptroller of the Currency (OCC) supervises about 2,000 banks and federal savings associations, most of them community institutions with less than $2 billion in assets.
Walsh said he didn’t see how Dodd-Frank could be repealed because some of the work of implementing it has already been done, including the merger of the Office of Thrift Supervision and the OCC.
“We just spent a year and a half joining the OTS and the OCC,’’ he said. “I’m not sure how you just send everybody back to their two buildings.”
Walsh said there may be pieces that could be changed, although that would be up to Congress.
Even though many of Dodd-Frank’s new rules apply only to banks and thrifts above $10 billion in assets, some will impact community banks as well. For example, the new Consumer financial Protection Bureau (CFPB) will have minimum standards for mortgages, new disclosure requirements, a new regime of standards and oversight for appraisers and an expansion of the Home Mortgage Disclosure Act requirements for lenders. The bureau also must define and ban “unfair or abusive” practices.
“Each change will have a proportionately larger impact on community banks due to their small revenue base,’’ Walsh said.
He said checking accounts will be impacted as debit card fee income falls as a result of the Dodd-Frank Act. Also as a result of the law, banks of all sizes will have to evaluate the quality of securities investments they make, without relying on the rating agencies to evaluate the appropriateness of such investments. Small, community banks don’t have the resources of larger banks to do such assessments in-house.
Walsh said economic weakness and regulatory burdens are putting more pressure on bank management and told the crowd: “Believe me when I tell you that I feel your pain.”
He also acknowledged that more decisions are being made in Washington, D.C., decisions that formerly would have been made in local OCC district offices when economic times were better.
“In difficult times or in particular when difficult decisions are being made…. we do subject more of those decisions to review,” he said.
Joe Kesler, the president and chief executive officer of First Montana Bank in Missoula, Montana, who attended the conference, said he would most like to have the Consumer Financial Protection Bureau disbanded.
Even though the CFPB’s rules are supposed to apply to banks of $10 billion in assets or more, and Kesler’s bank has about $300 million, he thinks the bureau’s decisions will trickle down to banks of his size. First Montana Bank has a mortgage business, and the CFPB has begun putting together new rules for residential mortgages.
“The big uncertainty cloud is the impact of the CFPB,’’ he says. “It’s troubling we can’t plan for the future.”
Few pieces of legislation in recent years have riled up the financial services industry as thoroughly as the Dodd-Frank Act. And the white hot center of that controversial law is probably the new Consumer Financial Protection Bureau (CFPB), which the Act created to police the marketplace for personal financial services. If you’ve been reading the news lately, you know that the CFPB has a new director—former Ohio Attorney General Richard Cordray—who received a sharply-criticized recess appointment recently from President Obama. Senate Republicans had refused to hold confirmation hearings on Cordray until certain changes were made to the agency’s organizational structure, and Obama finally lost his patience and made Cordray’s appointment official while Congress was in recess.
If you have been paying attention, you also know there’s a difference of opinion between Senate Republicans like Majority Leader Mitch McConnell (R-Kentucky) and the White House over whether Congress was technically still in session, so the legality of Cordray’s appointment might be challenged in court. It’s also entirely possible—perhaps even likely—that the CFPB will be legislated out of existence should the Republican Party recapture the White House and both houses of Congress this fall. No doubt many bankers, their trade associations and the U.S. Chamber of Commerce would like to see that happen.
On the other hand, if the president wins reelection, I am sure he would veto any such bill that might emerge from a Republican controlled Congress, should the Republicans hold the House and retake the Senate this fall, which is possible but by no means assured. And if you give Obama a 50/50 chance of being reelected—which is my guess at this point having watched the Republican presidential race closely—then you can reasonably assume the CFPB has a 50/50 chance of surviving at least until January 2016.
And I think that’s a good thing.
This probably puts me at odds with most of Bank Director magazine’s readers. There’s no question that Dodd-Frank, combined with a variety of recent initiatives that have come directly from agencies like the Federal Reserve, will drive up compliance costs for banks and thrifts. And the CFPB‘s information demands alone will be a component of those higher costs. However, I have a hunch that what scares some people the most is the specter of a wild-eyed liberal bureaucrat imposing his or her consumer activist agenda on the marketplace. I don’t think Cordray quite fits that description, based on what I’ve read about him, but obviously we won’t know for sure until he’s been in the job for a while, so the naysayers’ apprehension is understandable. At the very least he seems determined to get on with the job, so we should know soon enough what kind of director he will be.
Here’s my side of the argument. Among the primary causes of the global financial crisis of 2008, which was precipitated by the collapse of the residential real estate market in the United States, were some of the truly deplorable practices that occurred during—and contributed to—the creation of a housing bubble. Chief among them were the notorious option-payment adjustable rate mortgages and similar permutations that allowed borrowers to pay less than the amortization rate that would have paid down their mortgages, which essentially allowed them to buy more house and take out a bigger mortgage than they could afford to repay. Some of these buyers were speculators who didn’t care about amortization because they planned on flipping the house in two years. But many of them were just people who wanted a nicer, more expensive house than they could afford and figured optimistically that things would work out. And the expansion of the subprime mortgage market brought millions of new home buyers into the market just when housing prices were becoming over inflated.
I’m not suggesting that the CFPB, had it been in existence during the home mortgage boom, could have single-handedly prevented the housing bubble. The causes of the bubble and the financial panic that eventually ensued were many and varied, including the interest rate policies of the Federal Reserve, the laxness on the bank regulatory agencies when it came to supervising the commercial banks and thrifts, the laxness of the Securities and Exchange Commission when it came to supervising the Wall Street investment banks and the fact that no one regulated the securitization market. But an agency like the CFPB, had it been doing its job, would have cracked down on dangerous practices like the so-called liar loans, or loans that didn’t require borrowers to verify their income. It would have put an end to phony real estate appraisals that overstated a home’s worth, making it easier for borrowers to qualify for a mortgage. And it would have been appropriately suspicious of option-ARMs if a super-low teaser rate and negative amortization were the only way that a borrower could afford to buy a home.
The CFPB is not a prudential bank regulator and will not focus on bank safety and soundness like the Federal Reserve, Office of the Comptroller of the Currency and Federal Deposit Insurance Corp. But in cracking down on some of these dangerous marketplace practices, the CFPB might have reigned in institutions like Wachovia, Washington Mutual, IndyMac and Countrywide that ultimately failed, or were forced to sell out, because it would have discouraged many of the shenanigans that helped feed the housing bubble.
Of course, many of the unsound practices that helped inflate the bubble were widespread outside the banking industry, and one of the CFPB’s principal—and I would say most important—duties will be to regulate the mortgage brokers and nonbank mortgage originators who accounted for a significant percentage of origination volume during the housing boom. Banks and thrifts should benefit greatly from this effort if it leads to the creation of a level playing field where nonbank lenders can no longer exploit the advantages of asymmetrical regulation.
A truism of our financial system is that money and institutional power will always be attracted to those sectors that have the least amount of regulation. For all intents and purposes, both the gigantic secondary market and the large network of mortgage brokers and nonbank mortgage lenders went unregulated during the boom years, and this is where the greatest abuses occurred. (Dodd-Frank also addressed the secondary market, although the jury is out whether its prescribed changes will work. Indeed, at this point it’s unclear whether the secondary market for home mortgages will ever recover.)
In hindsight, having two mortgage origination markets—one highly regulated, the other unregulated—was asking for trouble. And that’s exactly what we got.