The Board of Governors has approved a new risk-focused program for Federal Reserve Banks to follow in supervising most bank holding companies with assets of less than $1 billion. Details of the program are outlined in Attachment A.

                        The new program builds upon longstanding policies of the Board aimed at the early identification of problems in banking organizations and at improved coordination and cooperation with other Federal banking agencies and state banking departments.  It provides, in general, for enhanced monitoring of institutions on a continual basis and for greater supervisory attention to specific weaknesses that need correction. 

                        In 1985, the Board adopted guidelines that called for periodic on-site inspections of all bank holding companies in accordance with a standard frequency based on the size and condition of the consolidated organization. [F.R.R.S. 3-1531 (S-2493, attachment A; October 7, 1985)].   The new supervisory program supersedes the 1985 inspection frequency guidelines for certain bank holding companies that are defined in the new program as small shell organizations [F.R.R.S. 3-1531 (S-2493, attachment A; October 7, 1985)].  Accordingly, the program permits a more flexible approach to supervising those entities in a risk-focused environment and is designed to enhance the overall effectiveness and efficiency of the Federal Reserve's bank supervisory efforts.  Collateral benefits of the program include improved coordination with other regulatory agencies and a reduction of the burden on supervised institutions.

                        Implementation of the new program is to commence no later than November 30, 1997.

Sincerely yours,

William W. Wiles
Secretary

Attachments

TO:	THE PRESIDENT OF EACH FEDERAL RESERVE BANK AND THE OFFICERS IN CHARGE OF BRANCHES

---

RISK-FOCUSED SUPERVISION POLICY
FOR SMALL SHELL BANK HOLDING COMPANIES

                         This policy sets forth a framework for applying risk-focused supervision concepts to small shell bank holding companies (SSBHCs).¹  It was developed in the interest of increasing the effectiveness of Federal Reserve supervisory activities, while enhancing interagency coordination and reducing regulatory burden on banking organizations.  In recent years, changes to statutory frequency requirements for bank examinations, enhancements to off-site monitoring procedures, and the implementation of risk- focused examination practices have made it possible to focus supervisory activities more effectively on SSBHCs exhibiting the greatest degree of risk.  Accordingly, the Federal Reserve is adopting a risk-focused supervision program for SSBHCs that tailors supervisory activities for these companies based on an assessment of their reported condition and activities and the condition of their bank subsidiaries.  Based on these assessments, Reserve Banks will be required to develop a strategy for addressing the supervisory issues related to each organization.  For companies where significant risk factors are present, Reserve Banks must consider a range of supervisory responses, including informational requests and management interviews, visitations or advisory visits, as well as on-site target and full-scope inspection activities.  The program is to be implemented as soon as practical, but should be fully operational by November 30, 1997.  With the implementation of this program, the Board is rescinding for SSBHCs the bank holding company inspection scope and frequency requirements of SR 85-28, "Examination Frequency and Communicating with Directors."

Risk Assessment Process

                        Under this program, Reserve Banks should perform a risk assessment for each SSBHC at least once during each "supervisory cycle." For each company, its supervisory cycle will be determined by the examination frequency mandated for the lead subsidiary bank.  The purpose of this risk assessment is to determine whether the risk profile of the SSBHC has weakened, the company is having an adverse effect on the subsidiary bank(s), or there are violations of law or regulation warranting further review.  As described more fully below, where the risk assessment does not raise significant supervisory concerns, the assessment would serve as the basis for assigning a final BOPEC rating for the company.  The risk assessment should be completed within 45 days of receipt of the lead bank's full-scope examination report. While risk assessments will be driven in most cases by the conclusions expressed in the current examination reports for subsidiary banks, they should also incorporate information from other sources available at the Reserve Bank, such as regulatory financial reports, previous inspection reports, and surveillance reports.  The preparation of risk assessments should not routinely require requests for additional information from the company.  Risk assessments should include reviews of the following areas:

• Financial condition of the parent company, including an evaluation of debt levels and cash flow;
  

• Financial condition of bank subsidiaries;
  

• Consolidated analysis (if applicable);
  

• Management, including any changes to senior management or ownership;
  

• Compliance with laws and regulations by the bank holding company and bank subsidiaries, as well as compliance with regulatory orders and other requirements imposed in connection with the granting of any application or other request;
  

• Intercompany and insider transactions as addressed by examinations and financial reports; and
  

• New activities and recent or planned acquisitions.
  

                        In the process of conducting the risk assessment Reserve Banks should pay special attention to bank examination report findings pertaining to possible violations of law or inappropriate transactions.  In addition, changes in the organizational structure, management, or ownership of the company should be assessed to determine whether these may be cause for concern.  The use of automated analytical tools and screens to perform the required financial analysis will normally suffice.  When this review discloses no material supervisory concerns, the risk assessment should be used to assign a final rating to the company.

Development of Supervisory Strategies

                         If no unusual supervisory issues or concerns are identified by the risk assessment, no special follow-up with the company is necessary.  However, all companies should continue to be monitored under existing surveillance and monitoring programs aimed at identifying significant changes in a company's condition, performance, or compliance profile that may prompt further review.  Such changes may include 1) a material decline in the earnings performance or capital position of a bank subsidiary; 2) significant changes in management or ownership; 3) a large increase in outstanding debt; 4) new or expanded activities that may pose additional risk; 5) rapid growth; 6) questionable insider or intercompany transactions; 7) less than satisfactory SEER or other performance factors for the subsidiary bank(s); or 8) information suggesting less than satisfactory compliance with regulatory orders and other requirements imposed in connection with the granting of any application or other request.  When these or other changes raise supervisory concerns, the risk assessment should be updated using the methods discussed below. 

                        When a risk assessment is prepared in conjunction with the review of an examination report for a bank rated satisfactory or better, but supervisory concerns such as those listed above preclude the immediate assignment of a satisfactory BOPEC rating, a strategy for addressing those concerns must be developed and documented as part of the risk assessment.  The strategy would typically require gathering additional information from the bank regulator or the company, either written or verbal.  Where supervisory concerns are not satisfactorily addressed through off-site measures, a number of remedies should be considered, including visitations, targeted reviews of internal processes and specific transactions, or broader inspections encompassing a review of more significant financial and managerial issues, processes, or reporting systems.  The specific timing of these activities is not prescribed by this policy; however, the on-site activity should be conducted as soon as possible following the off-site review, given that it is required only in situations when supervisory concerns have surfaced.

Strategies for Problem and Deteriorating Companies and Those with
            Identified Management Weaknesses

                        A full-scope, on-site inspection should be conducted the first time that the risk assessment preliminarily supports the assignment of a BOPEC rating of 3 or worse, or a management rating of less than satisfactory.  Typically, this would occur when a significant subsidiary bank's CAMELS composite or management component is assigned a rating of 3, 4, or 5.  In such a case, an inspection is deemed necessary to ensure that sufficient information is available to develop an effective supervisory strategy.  The purpose of the inspection is: 1) to confirm the Reserve Bank's understanding of the SSBHC's financial condition, activities, and management oversight of the bank, as well as whether violations of law or regulation or inappropriate intercompany transactions have occurred; 2) to determine the extent to which any of these factors is having an adverse effect on the bank(s); 3) to identify steps the holding company should take to strengthen its subsidiary bank(s); and 4) to assign a BOPEC rating to the company.  Based on these inspection results and information available prior to the inspection, and in consultation with the bank's federal and state supervisory authority(ies), the Reserve Bank should develop a supervisory strategy for dealing with the company.

                        In situations where the company and management are adversely affecting the bank, the strategy should contemplate enforcement activities that are coordinated with those of the bank's federal or state regulator(s), a clear delineation of the actions and reports expected of holding company management, and plans for additional supervisory activities, either on-site or off-site.  The Reserve Bank should designate a primary contact responsible for monitoring the company's condition and updating the risk assessment and supervisory strategy.

                        In situations where the bank holding company is neither contributing to the bank's problems nor in a position to serve as a source of strength, a typical supervisory strategy would be to maintain an open dialogue with the bank's primary regulator(s) and to review relevant regulatory reports.

Communicating Supervisory Findings

                        When a risk assessment discloses no supervisory concerns, or when an existing 3, 4, or 5 BOPEC rating is reaffirmed through the risk assessment, a brief letter detailing this overall conclusion and the SSBHC's BOPEC rating should be forwarded to the company.  A prototype of such a letter is attached. 

                         When more detailed off-site reviews are performed or on-site targets or visitations are conducted, Reserve Banks may also communicate the scope of these activities, relevant findings, and supervisory recommendations to the company in a letter.  Alternatively, the findings can be conveyed to the company in a more structured report similar to the existing bank holding company inspection report.  When full-scope inspections are conducted, use of existing bank holding company report pages is mandatory; however, the only pages required to be completed are the Examiner's Comments, Scope, Analysis of Financial Factors, and the confidential pages.  The use of any other page (including financial data pages) should be limited to situations where its presentation is useful for supporting conclusions or recommendations.

                        With regard to correspondence and reports to satisfactorily rated SSBHCs, it is generally appropriate for commissioned, non-officer personnel who are designated as the primary contact or portfolio manager for such companies to have signing authority.  Reports and other official communications to problem and deteriorating companies require an officer's signature.

Discontinuation of Risk Management Ratings for SSBHCs

                        Effective January 1, 1997, the Uniform Financial Institutions Rating System (CAMELS) was amended specifically to require the evaluation of risk management systems both in the overall management rating and in the individual financial components.  By definition, financial and management activities at SSBHCs are conducted in the subsidiary banks and the risk management process of the company is essentially the same as that of the bank(s).  Accordingly, no separate risk management rating will be required of SSBHCs. 

Newly Formed SSBHCs

                        Consistent with long-standing Federal Reserve policy, an initial full- scope, on-site inspection of a newly formed SSBHC should be conducted within the first 12 to 18 months of operations.  Thereafter, risk assessments should be performed in accordance with this policy.

---

Prototype Letter to Communicate
Findings of a Risk Assessment

Board of Directors
[name and address of SSBHC]

Dear Members of the Board:

                        This Reserve Bank has conducted a review of [SSBHC] based primarily on financial and other information regularly provided by your organization to the Federal Reserve and other supervisory agencies, as well as the recent examination report for [Bank], SSBHC's subsidiary bank.  The review was conducted by Examiner [EIC] and disclosed no supervisory concerns [or, no concerns in addition to those previously communicated to the institution]. 

                        [SSBHC] is assigned a composite BOPEC rating of [numerical rating], based on a bank component rating of [numerical rating] and a parent company component rating of [numerical rating].  Management is regarded as [rating].  The ratings assigned to the bank holding company are part of the overall findings of this review and are confidential.  They should not be disclosed or made public.

                        If you have any questions or comments regarding the risk assessment, or any regulatory matter concerning your organization, please contact [Reserve Bank contact] of this Reserve Bank at [telephone number].

Sincerely yours,

---

Footnotes

1  Small shell bank holding companies are defined for the purpose of this program as those companies with less than $1 billion in consolidated assets that do not have debt outstanding to the public, and that do not engage in significant nonbank activities.  A nonbank activity could be considered significant based on the scope or type of activity.  For example, credit extending activities as well as investment and trading activities where the holding company acts as a principal would generally be considered significant.  The provision of services on a fee basis such as the provision of data processing services to affiliated and/or unaffiliated banks or the sale of instruments on an agency basis may also, in certain instances, be considered significant, depending on the scale of the activity or other factors that may pose direct or indirect risk to the holding company or any insured depository institution subsidiary.

Return to top

---

Home | SR letters | 1997

For comments on this site, please fill out our feedback form.
Last update: November 6, 1997 4:00 PM