The Division of Supervision and Consumer Protection's Approach for Supervising Limited-Charter Depository Institutions

September 30, 2004
Evaluation Report No. 04-048

FDIC
Federal Deposit Insurance Corporation
Office of Audits
Office of Inspector General
Washington, D.C. 20434

DATE: September 30, 2004

MEMORANDUM TO: Michael J. Zamorski, Director, Division of Supervision and Consumer Protection

FROM: Russell A. Rau [Electronically produced version; original signed by Russell A. Rau], Assistant Inspector General for Audits

SUBJECT: The Division of Supervision and Consumer Protection's Approach for Supervising Limited-Charter Depository Institutions (Report No. 04-048)

The subject final report is provided for your information and use. Please refer to the Executive Summary section for the overall results. Our evaluation of your response is incorporated into the body of the report, and your response is included in its entirety as an appendix to the report. Management's proposed actions for addressing our recommendations are responsive, and the recommendations are resolved. However, the recommendations will remain undispositioned and open for reporting purposes until we have determined that agreed to corrective actions have been completed and are effective.

If you have any questions concerning the report, please contact Stephen M. Beard, Deputy Assistant Inspector General for Audits, at (202) 416-4217, or Marshall Gentry, Director, Corporate Evaluations, Office of Audits, at (202) 416-2919. We appreciate the courtesies extended to the evaluation staff.

Attachment:

cc: James H. Angel, Jr., OERM



Executive Summary

There are a number of insured depository institutions owned by organizations that are exempt from the Bank Holding Company Act of 1956 (BHCA) and not subject to Federal Reserve Board (FRB) supervision. These institutions include those chartered as industrial loan companies (ILC) and industrial banks, [1] Competitive Equality Banking Act of 1987 (CEBA) credit card banks, and those chartered as non-bank banks. [2] The Division of Supervision and Consumer Protection (DSC) refers to these institutions collectively as limited-charter depository institutions. The Federal Deposit Insurance Corporation (FDIC) has the authority to examine parent holding companies or affiliates [3] of state nonmember banks, including limited-charter depository institutions, to determine the relationship between the institution and its parent/affiliate and the effect of such a relationship on the institution. [4]

Much has been said and published about limited-charter depository institutions, especially ILCs and the sufficiency of regulatory authority over ILC parent holding companies. In addition, the Congress has repeatedly expressed interest in the safety and soundness of ILCs and posed questions to both the FDIC and the Office of Inspector General regarding whether selected limited-charter depository institutions represent an increased risk to the deposit insurance fund.

EVALUATION OBJECTIVE

The objectives of our review were to evaluate:

  • whether limited-charter depository institutions pose greater risks to the insurance fund than other financial institutions, including whether certain bank activities are uniquely permissible in the limited-charter depository institutions that could present potential material risks to the insurance fund, and
  • DSC's supervisory approach in determining and mitigating material risks posed to limited charter depository institutions by parent companies.

DSC suggested we include all limited-charter depository institutions within our evaluation scope and provided a listing of ILCs, CEBA banks, and non-bank banks to be considered for our evaluation. The FDIC is the primary federal regulator for all of the 56 existing ILCs; however, we found that the FDIC is the primary federal regulator for only 5 of the 31 CEBAs and none of the 5 other non-bank banks in the list of limited-charter depository institutions that DSC provided. Accordingly, we refocused the scope of our evaluation on the ILCs.

WHAT WE FOUND

According to DSC, the risks to the deposit insurance fund are typically related to the type of business lines in which the depository institution is involved rather than the type of charter through which the depository institution is operating. We did not identify any bank activities that are uniquely permissible in the ILCs we reviewed. Typically, limited-charter depository institutions can engage in most activities permitted for other insured depository institutions but cannot accept demand deposits, except in limited circumstances. Thus, DSC contends that ILCs pose no greater risks to the insurance fund than other financial institutions. However, the FDIC has determined that there are two limitations in the Corporation's authority regarding ILCs when compared to other charters, namely Cross-Guarantee Authority and Golden Parachute Payments. Appendix II provides a detailed discussion of ILC business lines, permissible activities, and charter limitations.

We found that ILC parent companies are subject to varying degrees of federal regulation. In fact, close to 89 percent of the total ILC assets in our sample (10 of the 12) are subject to FDIC oversight and some form of federal regulation at the holding company level by the Office of Thrift Supervision (OTS) and/or the FRB. Further, 94 percent of total ILC assets in our sample are regulated at the holding company level by the Securities and Exchange Commission (SEC).

The FDIC has consistently stated that it has sufficient legislative authority to adequately supervise ILCs; to examine parent companies, when appropriate; and to protect the deposit insurance fund. However, differences exist in the scope of authority granted to the FDIC and FRB relating to holding companies. The FDIC has the authority to examine any affiliate of the institution, including the parent company, for the purpose of determining the relationship between the ILC and its parent and the effect of such a relationship on the ILC. FRB has the authority to examine BHCs and subsidiaries of the BHC to assess their operations and financial condition and to assess the financial and operational risks within the organization that may pose a threat to the safety and soundness of any depository institution subsidiary of the holding company. [5]

The BHCA also authorizes FRB to impose consolidated capital requirements and enforcement actions at the holding company level. The FDIC does not have the authority to establish capital requirements at the holding company level. The FDIC's enforcement actions have historically been directed at the ILC level. [6] The Corporation's position is evolving regarding its enforcement authority over ILC parents, which the FDIC views as institution affiliated parties (IAP). The FDIC indicated that it could impose enforcement actions, such as a cease and desist order, against non bank holding company parents or any other IAP for engaging in an unsafe or unsound practice in conducting the business of the depository institution, for violating any condition imposed in writing in connection with the granting of an application or other request by the depository institution, for violating any written agreement entered into with the FDIC, or for any violation of a law, rule or regulation. However, the full scope of these authorities has not been tested. Additionally, the ILC parents in Utah and California, the states chartering 95 percent of all ILC assets, are subject to state examination and enforcement authority. Appendix III provides a detailed discussion of regulatory supervision of ILC parent companies.

We concluded that ILCs may pose additional risks to the deposit insurance fund by virtue of the fact that these depository institutions' parent holding companies are not always subject to the scope of consolidated supervision, consolidated capital requirements, or enforcement actions imposed on parent organizations subject to the BHCA. Further, the banking organizations that are being created as a result of ILC charter powers allow some mixing of banking and commerce, which is otherwise prohibited for most depository institutions owned by commercial firms. However, we concluded that DSC has established controls to help mitigate these added risks.

During 2004, DSC issued revised deposit insurance application and examination guidance that focused on limited-charter depository institutions, including ILCs. DSC's guidance and other related control practices are incorporated in the processes that DSC has for (1) deposit insurance applications and investigations, (2) safety and soundness examinations, and (3) offsite monitoring, and help to mitigate the additional risks presented by ILCs and their non-bank holding company parents. Nevertheless, based on our review of 3 ILC insurance applications and 11 ILC examinations, there are opportunities to: strengthen DSC's insurance application process; better define and clarify guidance for determining the parent company's source of financial and managerial strength to the ILC; enhance examination policies and procedures for assessing the impact of ILC-parent relationships; and develop a more formal examination program for non-bank holding company parent organizations.

With respect to the three ILC deposit insurance applications we reviewed, DSC considered statutory factors, [7] including the risk the depository institution poses to the deposit insurance fund, and imposed additional conditions, when needed, in approving these charters. Further, DSC has developed investigation procedures for examiners to consider in assessing whether an application meets the seven statutory factors. However, DSC's investigation procedures do not discuss the prudential conditions that could be imposed on the ILC applicant. Revised investigation procedures would facilitate examiners consistently and effectively evaluating applications to ensure appropriate prudential conditions are imposed, when warranted. We are recommending that DSC revise its investigation procedures.

The FDIC has not formally adopted the principle that holding companies must serve as a source of financial and managerial strength (source of strength) to subsidiary financial institutions. Further, DSC's examination procedures do not address or specifically mention the source of strength concept or how examiners should determine whether the parent holding company is or is not a source of strength to the depository institution. However, DSC stated that should the management or financial capacity of the parent company provide a significant source of strength to the insured entity, this finding would typically be incorporated into the report of examination (ROE). Because DSC's policies and procedures do not define the source of strength or procedures that should be performed to determine and report on the source of strength for depository institutions, examiners may not be aware of DSC's position that the ROE should reflect the parent's source of strength to the depository institution. Defining the concept and clarifying corresponding procedures would increase DSC's assurance that examiners are adequately evaluating the effect that the ILC-parent relationship has on the ILC. Therefore, we are recommending that DSC expand its discussion of the concept that holding companies may serve as a source of financial and managerial strength to subsidiary financial institutions, and make this discussion a part of examiner guidance, as appropriate.

In regard to safety and soundness examinations of ILCs, DSC examiners applied examination procedures for the 11 ILCs to evaluate the ILC's relationship with its parent and to help determine the impact of the relationship on the ILC. However, DSC could improve its examination policies and procedures for reviewing dual-employee arrangements, business plans, financial ratios, and contingency plans for critical functions performed by affiliated companies. [8] The FDIC addressed these areas in Supervisory Insights, an FDIC publication issued in June 2004, which describes the FDIC's approach to supervising ILCs and highlights supervisory practices to assess the ILC's corporate structure, determine the manner in which the ILC interacts with affiliates, and evaluate the financial risks that may be inherent in the relationship. However, DSC's examination guidance does not include policies and procedures for several of the practices identified in Supervisory Insights. Establishing uniform and complete policies and procedures for examining affiliate relationships will help ensure that examiners are adequately evaluating risks that may be inherent in an ILC-parent relationship.

We are recommending that DSC enhance its framework of existing policies and procedures for assessing a bank's corporate structure or relationships with affiliated entities, including the parent company, to provide steps and instructions for the following:

  • reviewing dual-manager and dual-employee arrangements,
  • evaluating changes to business plans,
  • calculating holding company financial ratios,
  • assessing whether all service relationships are governed by a written agreement, and
  • determining the existence of contingency plans for all critical business functions performed by affiliated entities.

DSC has various controls such as offsite monitoring of banks and parent companies and onsite visitations of parent companies, when deemed necessary, to help mitigate identified risks posed to the depository institution by its parent holding company. DSC conducts formal offsite monitoring through programs designed for large depository institutions and uses internal information systems to track the financial condition of the depository institution and identify potential emerging problems. DSC performed offsite monitoring for all 11 ILCs in our sample. Although DSC prefers these offsite activities, or less formal activities facilitated through company management, the FDIC can exercise its statutory authority to conduct an onsite examination of the parent company, under certain conditions. In that regard, DSC established a goal in its 2004 Performance Plan to formalize an examination program for non-bank holding company parent organizations and estimated completing the program by July 31, 2004. DSC drafted a program, but did not finalize it. Given the potential significance of such onsite procedures and the sensitivity associated with the FDIC examining entities for which it is not the primary regulator, we are recommending that DSC establish a 2005 divisional objective to consider the expansion of the FDIC's examination program for non bank parents and affiliates.

BACKGROUND

ILCs are state-chartered, FDIC supervised financial institutions that may be owned by commercial firms that are not regulated by a federal banking agency. One of the main benefits of the ILC charter is that it allows companies to engage in non-banking activities and to engage in banking activities without falling under the regulatory umbrella of the FRB and the BHCA.

Financial institutions meeting certain conditions are considered non-banks and are not subject to the BHCA. A parent company controlling an institution that is not a BHCA bank is not required to register as a bank holding company with the FRB and is not subject to FRB regulation and supervision. Non-banks, including ILCs, generally must satisfy one of the following conditions to remain exempt from the BHCA:

  • the institution does not accept demand deposits,
  • the institution's total assets are less than $100,000,000, or
  • control of the institution has not been acquired by any company after August 10, 1987.

Historically, ILCs operated as consumer financial companies using their own capital or borrowings to fund loans and investments. ILCs provided high-interest rate loans to industrial wage earners who could not otherwise obtain credit. Initially, ILCs were not subject to federal regulatory supervision. The Garn-St. Germain Depository Institutions Act of 1982 [9] allowed ILCs to apply for deposit insurance and FDIC supervision.

The ILC has become an attractive vehicle for non-bank companies who desire to offer banking services without being subject to the limitations of the BHCA. As an ILC, a bank can offer its parent company the following competitive advantages.

  • Enhanced overall operational efficiency and profitability of the parent company and affiliated organizations.
  • Exportation of nationally uniform interest rates and other charges unimpeded by usury and licensing limitations imposed by other states.
  • Acceptance of federally insured deposits.

--Excerpt from an ILC presentation to DSC.

Today's ILCs represent an attractive charter for companies that want to own a financial institution without requiring the parent company to divest all non-banking related activities at the parent company level. One ILC proponent notes that the BHCA exemption for ILCs allows businesses to offer banking services even though they might not be eligible for BHC status (e.g., because they do not engage exclusively in activities that are financial in nature). The proponent concludes that this exemption provides optional sources of services and product innovation to individuals and business and, in some cases, addresses banking needs that might not otherwise be met. Further, the proponent concludes that the availability of the industrial loan bank charter serves as a competitive force in the marketplace, encouraging traditional banks to remain innovative in the services they offer and competitive in their pricing of bank products and services.

As of March 31, 2004 there were 9,095 FDIC-insured institutions with total assets of $9.377 trillion. Of these institutions, 56 were operating ILCs with total assets of $135 billion, or 1.4 percent of the total assets in insured depository institutions. Figure 1 illustrates that the 56 ILCs are located in only 7 states, with Utah, California, and Nevada chartering the institutions that hold 99 percent of all ILC assets.

Figure 1: Distribution of ILC Assets by State Charter
Figure 1: Distribution of ILC Assets by State Charter
Source: OIG Analysis of DSC Information.
[D]

We selected a sample of 12 of the 56 ILCs in performing our evaluation. Our sample included 8 ILCs in Utah, 3 ILCs in California, and 1 ILC in Nevada. These 12 ILCs had total assets of $121 billion, or 90 percent of the $135 billion total assets in all ILCs. The examination workpapers for one of the ILCs in our sample indicated that this ILC had no affiliate activity. Thus, Appendix IV, Results of ILC Workpaper Review, does not include this ILC.

Based on the number of ILC charters and the dollar amount of ILC assets in Utah, we focused our review on Utah charters. There are more state-chartered ILCs than state-chartered banks in Utah. From 1992 to 2004, Utah ILCs grew from 17 to only 29, averaging 1 new ILC a year during this period. However, there has been a significant growth in total assets from $1.5 billion to $114 billion during that time frame.

EVALUATION RESULTS

We concluded that ILCs may present additional risks to the deposit insurance fund by virtue of the fact that the ILCs' parent holding companies are not always subject to the scope of consolidated supervision, consolidated capital requirements, or enforcement actions imposed on parent organizations subject to the BHCA. The banking organizations that are being created as a result of ILC charter powers allow some mixing of banking and commerce, which is otherwise prohibited for most depository institutions owned by commercial firms. However, we concluded that DSC has established controls to help mitigate these added risks. During 2004, DSC issued revised guidance regarding deposit insurance applications, safety and soundness examinations, and offsite monitoring with a focus on limited-charter depository institutions, including ILCs. These controls help to mitigate the additional risks and supervisory challenges presented by ILCs and their non-bank holding company parents. We also noted several areas where DSC's examination policies and procedures could be strengthened, and we are making recommendations in that regard.

FDIC SUPERVISORY STRATEGIES FOR ILCs, AFFILIATES, AND PARENT COMPANIES

During 2004, DSC issued revised guidance regarding deposit insurance applications, safety and soundness examinations, and offsite monitoring. These revisions focused on limited-charter depository institutions, including ILCs. Table 1 identifies DSC's revised guidance.

Table 1: DSC 2004 Policy and Procedure Changes Affecting ILCs
Issue Date
Policy Number
Policy Description
1/20/04
Regional Directors Memorandum (RDM) 2003-060
Large Insured Depository Institutions (LIDI) Process Redesign -- discusses expansion of the LIDI program to ILCs.
3/12/04
RDM 2004-009
Review and Analysis of Depository Institutions Owned by Organizations That Are Not Bank or Thrift Holding Companies -- expands LIDI reporting protocol to limited-charter institutions.
3/12/04
RDM 2004-010
Update to Manual of Examination Policies – Chapter 4.3, Related Organizations – makes significant changes relating to examinations of ILCs and their affiliates, including parent organizations.
3/12/04
RDM 2004-011
Imposition of Prudential Conditions in Approvals of Applications for Deposit Insurance -- In assessing risks and supervisory strategies of a financial institution during the application process, the FDIC may impose additional conditions on the institution.
April 2004
Manual
Drafted proposed revision of the Case Manager Procedures Manual, Section 21, instructions for processing new bank applications including ILCs.
4/28/04
San Francisco
Regional Office Memorandum
The San Francisco Regional Office issued a memorandum titled, Applications Processing Guidance, to clarify and update regional procedures for processing applications to complement instructions outlined in the Case Manager Procedures Manual.
6/28/04
RDM 2004-030
State Federal Working Group Supervisory Agreement provides recommended practices for state and federal supervisors to communicate and coordinate the planning and execution of supervisory activities.
6/30/04 Revised the Related Organizations Examination Documentation (ED) Module.
Source: DSC.

The ILC issue has also been the subject of several internal DSC initiatives. Table 2 identifies DSC initiatives related to ILCs.

Table 2: DSC Internal Initiatives Related to ILCs
Initiative Due Date Initiative Description
7/31/04 Publish a comprehensive update to the Case Manager Procedures Manual, which references RDM 2003-060 that expands the LIDI program to ILCs.
7/31/04 Formalize an examination program for non-bank holding company parent organizations.
9/30/04 Publish Final Rule: Part 324, clarifying the FDIC's role in implementing and enforcing the FRB's Regulation W, which implements Sections 23A and 23B of the Federal Reserve Act and governs transactions with affiliates.
12/31/04 Publish an update to the Manual of Examination Policies, which includes the changes to Chapter 4.3, Related Organizations.
Source: DSC 2004 division initiatives.

DSC issued the revised Case Manager Procedures Manual on August 23, 2004. However, as of the date of this report, DSC had not yet formalized an examination program for non-bank holding company parent organizations.

Application and Investigation Process

The FDIC is solely authorized to approve applications for deposit insurance. In the case of ILCs, the chartering authority is the respective state regulatory agency. Approvals must be granted by both agencies in order for an ILC to accept insured deposits. In evaluating and approving applications for deposit insurance, DSC considers seven statutory factors, including the risk the depository institution poses to the insurance fund. In addition, the FDIC may impose additional prudential conditions for bank applications, including ILC applications. As an example of a prudential condition, the FDIC may require that the ILC's board of directors be independent of the ILC's parent company and its affiliated entities. Further, all ILC applications for deposit insurance are reviewed and approved at DSC headquarters. We reviewed DSC's field and regional files for three ILC applications for deposit insurance and confirmed that DSC addressed the statutory factors, imposed prudential conditions, as needed, and reviewed and approved all three applications at DSC headquarters.

DSC has developed investigation procedures for examiners to consider in assessing whether an application meets the seven statutory factors. However, DSC's investigation procedures do not address ILCs in sufficient detail or discuss the prudential conditions that could be imposed on the ILC applicant. Revised investigation procedures would facilitate examiners consistently and effectively evaluating applications to ensure appropriate prudential conditions are imposed, when warranted.

State Charter Process: Specifically, just as for all other insured banks, ILC management (senior officers and directors) is held accountable for ensuring that all bank operations and business functions are performed in compliance with banking regulations and in a safe and sound manner. To guarantee sufficient autonomy and insulate the bank from the parent, the state authority, the FDIC, or both, typically impose certain controls. One example of proactive state supervision is the Utah Department of Financial Institutions, which imposes conditions for approval of new industrial bank charters, giving considerable weight to the following factors listed in Table 3.

Table 3: Utah DFI Conditions for Approval of Industrial Bank Charters
Conditions
  • The board of directors shall be composed of a majority of outside-unaffiliated directors, and those unaffiliated directors shall not serve on the board of any other FDIC-insured depository institution.
  • There shall be no change in the executive officers or in the board of directors as submitted in the application without the prior approval of the State Commissioner for a period of 3 years after the ILC commences operations.
  • Requires, at a minimum, an onsite President, Chief Financial Officer, and Chief Credit Officer with sufficient support staff with the knowledge, ability, and expertise to successfully manage the risks of the ILC, maintain direct control of the ILC, and retain the ILC's independence from the parent company.
  • The board of directors meeting will be held no less than monthly for at least the first 24 months after commencing operations.
  • The ILC shall operate within the parameters of the 3-year pro-forma business plan submitted with the application, and any significant deviation from the plan must have the prior written approval from the Commissioner.
  • Within 30 days of receiving all required regulatory approval to operate as an insured Utah ILC, the ILC's holding company shall register with the DFI by filing a registration statement as required by Utah law.
Source: Commissioner, Department of Financial Institutions, Utah.

Deposit Insurance Statutory Factors (Section 6 of the FDI Act, 12 U.S.C. § 1816)

  • Financial History and Condition
  • Adequacy of Capital Structure
  • Future Earnings Prospects
  • General Character of Management
  • Risk to Deposit Insurance Funds
  • Convenience and Needs of Community
  • Consistency of the Applicant's Corporate Powers with the FDI Act

FDIC Statutory Factors: In evaluating and approving applications for deposit insurance, DSC considers seven statutory factors (per section 6 of the FDI Act, 12 U.S.C. § 1816), including the risk the depository institution poses to the insurance fund. The FDIC's assessment of that risk, and its ongoing supervisory strategy, is based on an institution's business plan, management's competency in administering the institution's affairs, and the quality and implementation of risk management programs. The FDIC has provided general instructions for completing and submitting applications for deposit insurance through its regulations, statements of policy, and application forms. These instructions are typically discussed in pre-filing meetings with applicants.

RDM 2002-008, Revisions to the Report of Investigation, dated March 21, 2002, provides general guidance for conducting field investigations and preparing the ROI. The RDM requires the examiner to review the entire application and business plan to identify potential problems, incomplete or inconsistent information, areas of non-compliance with FDIC's Statement of Policy on Applications for Deposit Insurance and/or Federal and State banking statutes, and any other factors requiring additional attention. The RDM includes procedures for examiners to consider in assessing each statutory factor including holding individual interviews with organizers and proposed directors to determine the extent of their understanding of the responsibilities they are taking on as directors, their abilities to execute the business plan and their commitment to the proposed bank.

Prudential Conditions: DSC issued RDM 2004-011 titled, Imposition of Prudential Conditions in Approvals of Applications for Deposit Insurance, dated March 12, 2004, that identified prudential (nonstandard) conditions that might be imposed in approvals of applications for deposit insurance involving financial institutions to be owned by or significantly involved in transactions with commercial or financial companies, should the risk characteristics of a given proposal warrant such action. Table 4 presents some of the nonstandard conditions that may be imposed.

Table 4: FDIC Prudential Conditions in Approvals of Deposit Insurance
Nonstandard Prudential Conditions
  • The organizers will appoint a board of directors, the majority of which will be independent of the bank's parent company and its affiliated entities.
  • The bank will appoint and retain knowledgeable, experienced, and independent executive officers.
  • The bank will develop and maintain a current written business plan that is adopted by the bank's board of directors, appropriate to the nature and complexity of the activities conducted by the bank, and separate from the business plan of the affiliated companies.
  • The bank conducts business pursuant to operating policies that are commensurate with the proposed business plan, independent from those of affiliated entities, and adopted by the board of directors of the bank. Further, the board will ensure that executive officers are delegated reasonable authority to implement and enforce the policies independently of the bank's parent and affiliated entities.
  • The bank will adhere to generally accepted accounting principles, maintain separate accounting and other business records, and ensure that the bank's books and records are maintained under the control and direction of authorized bank officials and are available for review by the FDIC at the bank's main office.
  • To the extent management, staff, or other personnel or resources are employed by both the bank and the bank's parent company or any affiliated entities, the bank's board of directors will ensure that such arrangements are governed by written contracts giving the bank the authority and control necessary to direct and administer the bank's affairs.
Source: DSC RDM 2004-011.

Field Investigations: Upon receipt of a substantially complete application, the FDIC typically coordinates a field investigation with the respective state authority. Field examiners conducting the onsite investigation review application materials and interview key individuals associated with the application. Based on the investigation findings, field examiners present a favorable or unfavorable recommendation to the appropriate FDIC regional office regarding each statutory factor, and in the case of an approval recommendation, may recommend appropriate standard and nonstandard conditions to be incorporated into an order approving deposit insurance. These matters are summarized in a written Report of Investigation (ROI).

The regional office reviews the application materials and the ROI and resolves any outstanding matters. As a matter of practice, the regional office also contacts the state authority to ascertain the status of the charter application and the actual/probable decision. Upon completion of its review, the regional office forwards a recommendation to DSC headquarters for review because the approval authority regarding applications involving a parent organization not subject to the BHCA has not been delegated to the regional offices.

DSC headquarters reviews the application and related materials, resolves outstanding matters, and develops a recommendation to DSC management, who generally acts under delegated authority in the case of application approvals. The exercise of delegated authority to approve an application requires favorable findings with respect to each of the factors. Authority to deny applications is reserved by the FDIC's Board of Directors.

FDIC Manual of Examination Policies: Section 9.1 of the Manual discusses the filing and processing of deposit insurance applications and includes a section on an examiner's responsibility. The Manual states that a copy of the formal application will be made available to the examiner for use in the investigation and notes that the investigation report should detail the relevant facts and data pertinent to each of the seven statutory factors and include an opinion as to whether the FDIC's criteria under each of the statutory factors have been met. The report should also include a general recommendation relative to admission and, if appropriate, a list of conditions that should be imposed. Section 9.1 of the Manual contains a discussion of the seven statutory factors but does not address the prudential conditions identified in RDM 2004-011.

Section 1 of the Manual covers basic examination concepts and guidelines. The Examination Priorities and Frequency Criteria subsection addresses limited scope examinations and visitations, and states that for newly chartered and insured institutions, examiners should conduct a limited scope examination within the first 6 months of operation, and a full-scope examination within the first 12 months of operation. Section 1 of the Manual does not mention prudential conditions or include provisions that examiners review the conditions imposed when conducting the limited scope examination within the first 6 months of the newly insured depository institution's operation.

DSC's 2004 DSC Divisional Objectives includes an objective to develop, implement, and communicate examination procedures and supervisory processes that enhance efficiency, effectiveness, and consistency of application. One of DSC's planned actions in this area is to publish an update to the Manual by December 31, 2004.

Case Manager Procedures Manual: The FDIC's Case Manager Procedures Manual (CM Manual) provides that Case Managers are responsible for reviewing, evaluating, and processing all applications filed by institutions within their assigned caseloads. The CM Manual states that the Virtual Supervisory Information On the Net Application Tracking System (ViSION AT) is the official record of all applications submitted to the FDIC. Case Managers are responsible for ensuring that ViSION AT records are created and updated and establishing a follow-up system to monitor the consummation dates of approved applications. Section 21 of the CM Manual states that it is the responsibility of the Regional Office to determine that all conditions contained in the order granting deposit insurance have been met.

OIG Evaluation of ILC Applications and DSC Investigations: We reviewed the files for three ILC applications for deposit insurance and found that DSC addressed the seven statutory factors in processing and approving each application. Further, we found that the FDIC imposed and addressed additional prudential factors for all three applications that we reviewed. We were able to generally determine what procedures the examiner performed to assess each statutory factor.

Further, in reviewing FDIC procedures for conducting investigations of deposit insurance applications, we concluded that RDM 2002-008 has specific procedures for examiners to consider in assessing each of the seven statutory factors. However, RDM 2002-008 does not address ILCs in detail. Under the Risk to the Funds factor, the RDM provides limited background information on ILCs, including a brief discussion of charter powers and limitations and the states in which ILC charters are allowed. The RDM notes that examiners must be particularly cautious in reviewing management competencies, corporate structures and relationships, and the underlying business plan.

Moreover, RDM 2002-008 does not include a discussion of prudential conditions that might be imposed in approving applications for deposit insurance. Revising RDM 2002-008 to include a discussion of prudential conditions could help ensure that examiners adequately assess whether applicants' business proposals present unique characteristics that may warrant the imposition of such non-standard conditions.

Finally, we noted another matter regarding deposit insurance applications that was not the focus of our evaluation, but is an area that we may pursue in a future review. Specifically, we noted that, while RDM 2004-011 addresses the imposition of prudential conditions and provides examples of non-standard conditions that have been imposed in prior approval actions, the RDM does not include procedures for verifying that applicants actually implement prudential conditions, once imposed. In addition, although the Manual addresses the statutory conditions that DSC considers in reviewing and approving applications, it does not include a discussion of the prudential conditions that might be imposed on applicants in approving applications for deposit insurance or procedures that should be used in examining newly-insured institutions to determine that the conditions have been implemented. Section 21 of the Case Manager Procedures Manual indicates that it is the responsibility of the Regional Office to determine that all conditions contained in the order granting deposit insurance have been met. We are not recommending any action relative to this matter, but we may do additional work in this area to determine the overall effectiveness of DSC's deposit insurance application process.

Recommendation

We recommend that the Director, DSC:

  1. Revise RDM 2002-008, Revisions to the Report of Investigation, to include discussion of prudential conditions that might be considered during investigations for deposit insurance applications from ILCs or other banks.

Safety and Soundness Examination Process

The relationship of a bank with its affiliated organizations is important to an analysis of the condition of the bank itself. Because of the commonality of ownership or management which exists, transactions with affiliates may not be subject to the same sort of objective analysis that exists in transactions between independent parties. Also, affiliates offer an opportunity to engage in types of business endeavors which are prohibited to the bank itself yet those endeavors may affect the condition of the bank. In recognition of the importance of relationships with affiliated organizations the FDIC has been granted authority, under certain conditions, to examine affiliates in connection with its examination of a bank.

--Manual of Examination Policies

The DSC examination process for ILCs is the same as that for other banks with traditional charters. DSC uses a risk-focused examination approach and examination procedures developed jointly by the FDIC and the FRB. For depository institutions with affiliates, including ILCs, DSC performs procedures to assess the bank's corporate structure, the bank's interactions with affiliates, and the financial risks that may be inherent in the affiliate relationship. The examination process is the same for ILCs and other banks; however, in Utah, where nearly 50 percent of the ILCs are chartered, FDIC and state examiners jointly conduct examinations of the ILCs. We reviewed examination workpapers for 11 ILCs and generally found that DSC applied examination procedures to evaluate the ILC's relationship with its parent and help determine the impact of the relationship on the ILC. Further, several ILCs are included in FDIC large bank and dedicated examiner programs and receive continuous supervision. However, we found that DSC could improve its examination guidance for reviewing a bank's corporate structure and relationships with affiliates, especially in the areas of source of strength determination, and examination policies and procedures for dual-employee arrangements, business plans, and financial ratios.

Examination Policies and Procedures

DSC's examination program employs risk focused supervision for banks, including ILCs. The FDIC's Manual of Examination Policies (Manual) states that the objective of a risk-focused examination is to effectively evaluate the safety and soundness of the bank, including the assessment of risk management systems, financial condition, and compliance with applicable laws and regulations, while focusing resources on the bank's highest risks. The exercise of examiner judgment to determine the depth of review in each functional area is crucial to the success of the risk-focused supervisory process. In March 2004, the FDIC issued an update to the Manual, Chapter 4.3, Related Organizations, to:

  • describe and classify the types of insured depository institutions that may be owned by organizations exempt from the BHCA;
  • expand the discussion of management's fiduciary responsibilities toward ensuring that an insured depository institution maintains a separate corporate existence from its affiliates;
  • discuss safeguards to mitigate potential conflicts of interest resulting from the use of dual employees -- or those that perform similar duties for a banking entity and the affiliated organization;
  • provide additional factors that might be considered in assessing a parent company's potential impact on an insured depository institution subsidiary; and
  • reinforce examiners' authority under Sections 10(b) and (c) of the FDI Act to examine affiliates of state nonmember banks, if deemed warranted.

The FDIC and FRB have also developed ED modules to provide examiners with a tool to focus on risk management and establish an appropriate examination scope. At the initiation of each onsite examination, the FDIC submits a Request Package to the subject institution requesting items such as:

  • List of officers and directors of affiliates, including organizational chart, if available.
  • List of affiliated organizations and their financial statements as of the financial statement date, or most recent date available.
  • Most recent annual report, SEC 10-K report, and /or SEC 10-Q report (annual and quarterly financial filings to the SEC).
  • Tax allocation agreement with the holding company.
  • Fee structure of transactions with the holding company and/or affiliates.

The above items serve as the starting point for reviews of an institution's relationships with affiliated entities. The ED modules include a Related Organizations module containing 29 review points addressing policies and procedures; internal controls; audit or independent reviews; information and communication systems; affiliate operations; compliance with Sections 23A and 23B of the FRA, Part 362, and other applicable regulations; and affiliate capital requirements.

In June 2004, the FDIC issued a new publication for public release, Supervisory Insights, to provide a forum to discuss how bank regulation and policy is put into practice in the field, share best practices, and communicate emerging issues that bank supervisors are facing. This inaugural issue described a number of areas of current supervisory focus at the FDIC, including the ILC charter. Supervisory Insights stated that, as with any bank-level review of an institution with affiliates, examination procedures for an ILC include an assessment of the bank's corporate structure and how the bank interacts with affiliates -- including a review of inter-company transactions and interdependencies -- as well as an evaluation of any financial risks that may be inherent in the relationship. Table 5 presents examination procedures performed during a bank-level review of an institution with affiliates, including ILCs.

Table 5: Affiliate-Related Examination Procedures for ILCs
Examination Procedures for an ILC Include:
  1. An assessment of the bank's corporate structure.
  1. A review of inter-company transactions to determine how the bank interacts with the affiliates.
  1. A review of the interdependencies of the bank and affiliates.
  1. An evaluation of any financial risks that may be inherent in the relationship.
  1. A review of the current written business plan and an evaluation of any changes.
  1. A review of any arrangements involving shared management.
  1. A review of any arrangements involving shared employees.
  1. A review of services provided to an affiliate to determine whether the same terms and conditions are in place as would be for nonaffiliated entities.
  1. A review of the services purchased from an affiliate to determine whether the same terms and conditions are in place as would be for nonaffiliated entities.
  1. An assessment of whether all service relationships are governed by a written agreement.
  1. A review to determine whether the bank should have a contingency plan for all critical business functions performed by affiliated companies.
Source: Supervisory Insights, June 2004.

OIG Analysis of Examination Policies and Procedures and ILC Examination Workpapers

FDIC headquarters, regional, and field officials consistently told us that the updates to the Manual and procedures discussed in Supervisory Insights were not new requirements for examiners but instead formalized examination best practices that the San Francisco Region examiners had been using routinely. Accordingly, we selected a judgmental sample of 11 ILCs and analyzed examination working papers and ROEs, basing our analyses on the updates to the Manual and Related Organizations ED Module and the procedures reported in Supervisory Insights. Appendix IV presents a summary of the results of our review. As shown in Appendix IV, we generally found that DSC applied examination procedures to evaluate the ILC's relationship with its parent and to determine the impact of the relationship on the ILC. We also noted that three ILCs are included in the FDIC's Large Bank Program discussed below, and the parent company of two ILCs is included in the Dedicated Examiner Program. Both programs subject the respective ILCs to continuous supervision. We did, however, identify several areas where improvements can be made and are making recommendations in this regard. The following sections discuss the results of our review of examination policies, procedures, and workpapers, including our recommendations regarding source of strength and revisions to policies and procedures.

Large State Nonmember Bank Onsite Supervision (Large Bank) Program: The Large Bank Program provides an onsite presence at depository institutions through visitations and targeted reviews throughout the year as opposed to the traditional annual point-in-time examination. This program is predominantly an onsite activity, but the supervisory plan for one ILC in our sample also calls for offsite monitoring affecting the bank as well as the parent company. DSC's RDM 00-049, Large State Nonmember Bank Onsite Supervision Program, dated August 9, 2000, implemented the large bank program and assigned responsibility to the Regional Directors or their designees to determine which institutions qualified for the program. The RDM stated that all state nonmember banks with total assets of $10 billion or more should be considered for the program. The RDM specified that, in addition to the size, the complexity and risk profile should also be considered when determining which institutions qualified for the Large Bank Program.

Three of the ILCs in our sample are included in the Large Bank Program and are subject to continuous supervision and oversight. Through our reviews of workpapers we made the following observations:

  • The Large Bank Program includes visitations and targeted reviews throughout the year by DSC examiners. Findings resulting from the ongoing targeted reviews are updated, to the extent necessary, and incorporated into an annual report of examination. For example, for one sampled ILC, DSC and Utah examiners conducted three targeted reviews of the ILC for the 2003 examination cycle, produced separate reports for the first and second reviews, and issued an ROE incorporating the results of the third targeted review. Three targeted reviews are scheduled for this ILC in 2004.

  • The largest ILC supervised through the Large Bank Program also received three targeted reviews in 2003. DSC and Utah examiners issued an ROE that presented the findings of the December 31, 2003 examination and included a compilation and summary of findings of onsite targeted reviews conducted in April, July, and December 2003. Some of the major areas covered in the targeted reviews for 2003 included capital markets activities; lending; risk management; operations, internal controls, and audit; management supervision; capital; earnings; and liquidity. DSC has scheduled six targeted reviews to be conducted in 2004 through January 2005, and the reviews include offsite monitoring activities.

The three ILCs represent nearly 75 percent of total ILC assets. Thus, we concluded that the preponderance of ILC assets is subject to continuous monitoring and targeted reviews.

Dedicated Examiner Program: The FDIC established the Dedicated Examiner Program in 2002 to provide the Corporation access to the eight largest insured depository institutions in the United States. The FDIC appointed eight dedicated examiners to monitor operations at these institutions by working closely with the federal financial regulators who are the primary supervisors of those institutions. The FDIC, Office of the Comptroller of the Currency (OCC), OTS, and FRB signed an interagency agreement in 2002, which, in part, allowed FDIC's dedicated examiners to have access to information gathered by the resident examination staff of the other federal regulators and to observe and participate in certain examination activities. The FDIC's dedicated examiners work with the resident examination staff of the other regulators and bank personnel to obtain real-time access to information about the risk and trends in these institutions.

Citigroup Incorporated (Citigroup), the parent financial holding company for two ILCs, is one of the eight depository institutions in the Dedicated Examiner Program. Citigroup is a registered bank holding company with the FRB and subject to FRB supervision. In addition, Citigroup has 12 FDIC-insured bank and thrift subsidiaries, including the two ILCs chartered in Utah, which receive various federal regulatory oversight from the OCC, FRB, and FDIC.

DSC issued RDM 03-017, Dedicated Examiner Program Guidelines, on May 2, 2003. The RDM calls for dedicated examiners to prepare quarterly and annual written analytical reports and submit them to appropriate regional management personnel and the Chief, Large Bank Section, DSC headquarters. The RDM requires that the annual reports include the following basic elements:

  • An in-depth, forward-looking discussion of perceived risk from varying perspectives (the dedicated examiner, other regulators, and internal management).
  • An in-depth discussion of major business lines and associated risks.
  • A detailed description of economic capital methodologies and allocations.
  • A recap of risk-analysis procedures performed by the designated examiner throughout the previous calendar year.

DSC headquarters officials provided us copies of the December 2003 and June 2004 quarterly reports and the FRB inspection report for Citigroup for 2003. The FRB inspection report included a section on bank subsidiaries which stated that overall, banking subsidiaries remain in satisfactory condition as indicated by the examinations conducted by the respective bank regulators. The report described one subsidiary ILC's condition as satisfactory and reported the other subsidiary ILC's condition as strong.

Source of Strength of ILC Parents

The FDIC has not formally adopted as policy the principle that holding companies must serve as a source of strength to subsidiary financial institutions, believing that such parental support is not necessary in all cases. In June 2004, DSC stated in a formal response to the Government Accountability Office (GAO) [10] that, if the management or financial capacity of the parent company provides a significant source of strength to the insured entity, this finding would typically be incorporated into the ROE for the ILC. In our review of examination workpapers for the 11 ILCs, we found that examiners identified either the immediate or ultimate parent holding company as a source of strength for the ILC in 8 cases. However, in our review of the ROEs, we found that DSC incorporated the source of strength statement into the ROEs for only 4 of the 11 ILCs.

In June 2004, the GAO initiated an audit of issues relating to ILCs. The GAO asked DSC whether the FDIC's safety and soundness procedures for examining ILCs and their parents were similar to the FRB's procedures. DSC provided the following written response:

  • The FDIC and FRB have similar examination and supervision procedures for banks. The FDIC and FRB (as well as most state banking departments) make use of the risk focused examination procedures that were jointly developed by the FDIC and FRB. The FDIC does not have separate ROEs for ILC holding companies. Transactions between the ILC and its parent or affiliate are examined as part of the examination of the insured entity, and any adverse findings are documented in the ROE for the ILC.

  • The focus of any examination of the holding company or affiliates is based on the extent and impact of the relationship on the insured entity. Should the management or financial capacity of the parent company provide a significant source of strength to the insured entity, this finding would typically be incorporated into the ROE for the ILC.

Section 4.3 of the Manual that is used to examine ILCs and other financial institutions with affiliates states that a sound, well-managed holding company can be a source of strength for unit banks. However, if the condition of the holding company or its non-bank subsidiaries is unsound, the operation of subsidiary banks can be adversely affected. DSC noted it is very difficult to draw a general connection between the soundness of a parent or affiliate and the impact on a subsidiary bank. Table 6 presents guidance for examiners' use in assessing parent-subsidiary relationships.

Table 6: Examination Policy Excerpts Related to Parent-Subsidiary Relationships
Examiner Guidance Related to Parent-Subsidiary Relationships
  • The board of directors is responsible for ensuring that the insured depository institution maintains a separate corporate existence from its affiliates.
  • The holding company structure can provide its subsidiary bank strong financial support because of greater ability to attract and shift funds from excess capital areas to capital deficient areas.
  • When the financial condition of the holding company or its non-banking subsidiaries is tenuous, pressures can be exerted on the subsidiary banks by payment of excessive dividends, investing in high risk assets, purchase and/or trade of high quality assets for affiliate's lower quality assets; purchase of unnecessary services, or payment of excessive management or other fees.
  • Measure the ability of the parent company to cover its interest expense (Fixed Charge Coverage Ratio).
  • Test parent cash availability to meet not only interest expenses, but also operating expenses, taxes, shareholders dividends, and debt maturities (Cash Flow Match).
  • The use of dual employees can be a cost-effective manner for leveraging in-house expertise or for employees that specialize in certain core competencies. Nevertheless, the use of dual-employee arrangements may present increased risk to a bank if the bank fails to adequately monitor the arrangements.
Source: Manual of Examination Policies, Section 4.3.

Section 4.3 of the Manual did not indicate that the ROE should contain a comment pertaining to the support provided by the parent when a source of strength determination is relevant to the examination findings.

Also, the Related Organizations ED Module steps to be considered in evaluating affiliate operations do not address or specifically mention the source of strength concept or how examiners should determine whether the parent holding company is or is not a source of strength to the depository institution. Further, the Core Analysis Decision Factors in the Related Organizations ED Module do not specifically address the source of strength concept. Appendix V presents excerpts from the Related Organizations ED Module.

Because DSC's policies and procedures on related organizations do not address source of strength or the procedures that should be performed to determine and report on source of strength, examiners may not be aware of DSC's position that the ROE should reflect whether the parent is a source of strength to the financial institution. Defining source of strength and clarifying corresponding procedures would increase DSC's assurance that examiners are adequately evaluating the effect that the ILC-parent relationship has on the ILC.

Recommendations

We recommend that the Director, DSC:

  1. Revise Chapter 4.3 of the Manual of Examination Policies to expand the discussion of the source of strength provided to a subsidiary bank by the managerial and financial capabilities of the parent company, and provide guidance for including comments on the parent's source of strength in the Report of Examination.
  2. Revise the Related Organizations ED module to include procedures and corresponding Core Analysis Decision Factors for analyzing the parent's source of strength.

Examination Policies and Procedures for a Review of a Bank with Affiliates

Examination guidance for reviewing a depository institution's corporate structure or relationships with affiliates could be improved. Specifically, the Manual and the Related Organizations ED Module do not include policies or procedures for several of the 11 examination procedures, identified by the FDIC in the June 2004 Supervisory Insights, for reviewing a bank with affiliates. Establishing uniform and complete policies and procedures for assessing a bank's corporate structure or relationships with affiliated entities, including the parent company, should help ensure that examiners adequately identify risks that may be inherent in the ILC-parent relationship.

Table 7 details procedures mentioned in Supervisory Insights that are not currently included in Chapter 4.3 of the Manual or the proposed revisions to the Related Organizations ED Module, or both.

Table 7: Examination Procedures Not Included in the Examination Manual or ED Module
Supervisory Insights' Examination Procedures for an ILC Included In:
Chapter 4.3 ED Module
Review arrangements involving shared management. Yes No
Review arrangements involving shared employees. Yes Partially
Review the current written business plan and evaluate any changes. No No
Evaluate any financial risks that may be inherent in the relationship.
(Chapter 4.3 discusses 3 ratios in the context of financial risks.)
Partially Partially
Assess whether all service relationships are governed by a written agreement. No No
Review to determine whether the bank should have a contingency plan for all critical business functions performed by affiliated companies. No No
Source: OIG analysis of DSC examination policies and procedures.

Examination Policies and Procedures for Reviewing Dual-Manager and Dual-Employee Arrangements: Dual manager and dual-employee [11] arrangements can be a cost effective measure for leveraging in house expertise; however, such arrangements may present increased risks to the insured banking entity. A DSC representative told us that dual-employee arrangements do not relate only to ILCs and are a sweeping and growing business concern to examiners. While this subject has been addressed by DSC in a number of ways, DSC could enhance its examination guidance to include specific procedures for examiners to follow in assessing dual manager and dual-employee arrangements.

Supervisory Insights discusses the FDIC's supervisory approach used with any bank-level review of an institution with affiliates and identified 11 examination procedures, including a review of any arrangements involving shared management and any arrangements involving shared employees. In addition, DSC revised Chapter 4.3 of the Manual to include a discussion of safeguards to help mitigate potential conflicts of interest that could arise by utilizing dual employees. Table 8 on the next page presents the safeguards in the Chapter 4.3 revision.

Table 8: Dual Employee Safeguards
Safeguards
  1. In regard to shared-management arrangements -- the ability of financial institution management to make decisions independently from the parent organization.
  1. Shared-employee arrangements should be independently reviewed by the bank's board of directors.
  1. Compensation arrangements need to be clearly delineated to ensure they are equitable for both the bank and the affiliated entity.
  1. The location where the dual employee is to perform duties needs to be established and detailed, along with reporting and authority.
  1. The agreement should require dual employees to avoid conflicts of interest, and it should state that dual employees or officers must act in the best interest of the bank while performing any activities on behalf of the bank.
  1. The agreement should contain sanctions for noncompliance (with provisions of the agreement).
  1. The agreement should provide for a periodic determination concerning the status of a dual-employee and the factors to be considered for terminating the dual-employee relationship in favor of either full-time bank or affiliated entity employment.
  1. Authority for managing the dual-employee relationships should be clearly assigned.
  1. Lines of authority for dual employees should be established.
Source: Manual of Examination Policies.

The June 2004 proposed revisions to the Related Organizations ED Module include one procedure regarding dual-employee arrangements:

Determine if formal and informal employee sharing agreements are appropriate and dual employees' work allocation conforms to the agreement. Ideally, a formal written employee sharing agreement should be established to define the employment relationship between the banking entity and affiliate. The agreement should be independently reviewed by the bank's board of directors and authority for managing the dual-employee relationships should be clearly assigned.

The proposed revisions also include one step to review the management structure and programs of the holding company or parent organization and its subsidiaries and to determine the impact on the institution, including a consideration of movement of officers between the bank, holding company, and affiliates, noting any unfilled positions within the bank subsidiary.

DSC's San Francisco Regional Office (SFRO) sponsored a regional training conference in June 2004. Included in the list of 38 Breakout Sessions for the conference was a session on Affiliate Relationships. The Salt Lake City Field Office made a presentation that addressed the dual-employee issue. The presentation provided a comprehensive discussion of the dual-employee safeguards, and we encourage DSC to include such a discussion in subsequent training sessions related to affiliate relationships.

DSC's examination workpaper guidance is documented in RDM 2001-039, Guidelines for Examination Workpapers and Discretionary Use of Examination Documentation Modules, dated September 25, 2001. This guidance encourages examiners to use ED Modules when appropriate and stipulates that examination documentation should "demonstrate a clear trail of decisions and supporting logic within a given area" and provide written support for the examination and verification procedures performed, conclusions reached, and narrative comments on the ROE. This examination documentation should include a "Summary Statement," which, at a minimum, should briefly detail the procedures used, documents relied upon, and the analysis conducted to support the examiner's conclusions relative to the assigned CAMELS [12] components. Summary Statements can take many forms, including notations on copies of the source documents, separate hand-written comments, use of an ED Module, and/or a document prepared electronically with a hard copy maintained in the appropriate workpaper file.

However, in our review of examination workpapers and ROEs for 11 ILCs, we could not always determine whether examiners performed the procedures to review dual-management or dual-employee arrangements. In some cases, the ROEs or workpapers included information indicating that certain employees, officers, or directors were also employed at the ILCs' affiliates, but we could not determine whether the examiners had assessed the appropriateness of dual-employment arrangements, or if such arrangements actually existed. Subsequent to our review, DSC provided responses indicating that only one of the SFRO ILCs in our sample had dual-manager or dual-employee arrangements.

Without uniform and complete policies and procedures in this area, there is a risk that examiners may not thoroughly review dual-employee agreements. Accordingly, there is a potential for inappropriate sharing of managers and employees to go undetected, which could impact the independence of the ILC. Emphasizing the need to review and document dual-employee activities will help to better prepare examiners to address the risks presented by the dual-employee arrangements and their predicted growth in the banking industry.

Examination Procedures for Reviewing a Bank's Business Plans: The FDIC has reported to the Congress, the GAO, and the public that the risk posed by any insured depository institution, including ILCs, is a factor of the appropriateness of the business plan and model, management's competency in administering the institution's affairs, and the quality and implementation of risk management programs. DSC could enhance its examiner guidance by including additional policies and procedures to address areas examiners should review in regard to a financial institution's written business plan.

As discussed earlier, one of the ILC related examination procedures discussed in DSC's Supervisory Insights was a review of the bank's current written business plan and an evaluation of any changes. The article also included a statement that cooperation between regulators from the state authorities and the FDIC's SFRO and ILC management has resulted in critical controls, including requirements for local management, boards of directors, and files, as well as definitive business plans for the ILCs.

The March 12, 2004, revision to Chapter 4.3 of the Manual of Examination Policies expanded a discussion of management's fiduciary responsibilities toward ensuring that an insured depository institution maintains a separate corporate existence from its affiliates. The revisions included a discussion on bank management with a focus on the bank's board of directors and its responsibilities. Specifically, the board of directors is responsible for actively overseeing the affairs of the institution. This oversight should include reviewing, approving, and monitoring major corporate actions and the institution's overall corporate strategies, business plans, performance objectives, risk policies and risk tolerances, including policies and standards relating to conflicts of interest for management; reviewing appropriate regulatory and audit reports; and taking appropriate action with respect to all matters requiring board attention.

Management teams are often evaluated on their ability to plan for and respond to risks that arise from the initiation of new products or services. As management's current plans for the bank represent a significant change in the institution's overall operations examiners expect to see documented, well-developed plans which identify key risk areas, project earnings, assess the impact on the balance sheet and capital, and address sources of capital if forecasts show a need for additional equity. Since the last exam the bank has developed its FHLB mortgage sale program. Examiners reviewed a large volume of documentation on this project from board minutes, legal opinions, correspondence with regulators, and a brief business plan. The documentation is cursory and does not adequately address the issues described above. Management should develop formal, written business plans for new products and services. Plans should reflect thorough analysis. They should include financial statement forecasts and language addressing how each of the bank's risk profile would change with the adoption of the initiative. Plans should be presented to the Board of Directors for approval.

--Excerpt from one ROE for an ILC in our sample

In one of the ROEs in our sample, we found one case in which a lack of formal written business plans was listed as a finding in the Management component of the report. The sidebar presents excerpts from that ROE.

We also reviewed DSC's procedures for implementing examination policies and made the following observations:

  • The proposed revisions to the Related Organizations ED Module include no procedures requiring the examiner to review the bank's current written business plan or to assess any changes reflected in the business plan.

  • The Management and Internal Control Evaluation ED Module mentions strategic plans and budget plans, but the ED Module does not specifically address current written business plans.

  • DSC's Entry Letter and accompanying Examination Request List sent to the bank prior to starting an examination include a request for the bank's annual operating budget and strategic plan. However, the request list does not discuss the bank's business plan.

In our review of examination workpapers and ROEs for 11 ILCs, we could not always determine whether examiners reviewed the ILCs' current written business plans in evaluating any changes that might have occurred since the last examination. In response to these findings, two EICs noted that they had reviewed ILC budgets and strategic plans, rather than business plans. A DSC headquarters representative also noted that business plans for operating institutions are often more appropriately contained in operating budgets, annual earnings estimates, or similar strategic planning documents.

Nevertheless, we concluded that DSC's procedures could be clarified with respect reviewing business plans, operating budgets, or strategic planning documents to ensure that examiners consistently apply the examination procedures detailed in Supervisory Insights, and that examiners obtain a comprehensive understanding of the bank's business operations and associated risks.

Policies and Procedures for Calculating Holding Company Financial Ratios: DSC has developed a number of financial ratios for assessing the impact that an affiliate is having on a depository institution and determining whether a further review of affiliate activity is needed. Most ILCs are not required to file holding company reports with the FRB; therefore, these ratios become more important in understanding the impact that affiliates may be having on the ILC. We believe that DSC's examination procedures could be improved if examiners calculate and report these ratios in the ROE for ILCs with significant affiliate activity.

The FDIC sponsors a 2-week course, Financial Institution Analysis School (FIAS) that addresses the onsite and offsite analysis of financial institutions. The FIAS program key objective is that, upon completion of this course, participants will be able to analyze a financial institution and holding company using onsite and offsite techniques. FIAS consists of 15 separate modules, including the Ownership/Structure module and
BHC–Financial Analysis (BHC-FA) module. The BHC-FA module contains 10 key ratios that are intended to provide the examiner a "good sense of issues" that could impact the bank. The ratios are intended to indicate whether further review is needed at the affiliates to determine affiliate impact on the bank. The ratios are calculated based on information in the BHC Performance Report (BHCPR) prepared by bank holding companies. In the absence of a BHCPR (e.g., non-bank holding companies), examiners can calculate the ratios manually from the parent company's financial statements. Table 9 lists the ten FIAS ratios.

Table 9: Ten FIAS Ratios
Ten Suggested Ratios Addressed In:
Examination Manual? Proposed ED Module?
  1. Consolidated Average Assets – discloses the size of the holding company.
No
No
  1. Consolidated Net Income – discloses the net income for the consolidated entity and can be used to calculate a ratio of the bank's net income to the consolidated net income.
No
No
  1. Parent's Debt to Equity – reviews the level of debt versus the level of equity used to fund the parent holding company.
No
No
  1. Equity Investments in Subsidiaries to Parent Equity (Double Leverage) – measures the degree to which capital in the subsidiaries is actually debt at the holding company.
No
Yes
  1. Equity Investment in Subsidiaries less Equity Capital of Parent/Net Income less Dividends (Double Leverage
    Payback) -- indicates how many years it would take the holding company to repay its double leverage.
No
No
  1. Pre-tax Operating Income plus Interest Expense/Interest Expense (Fixed Charge Coverage) – measures the ability of the parent company to cover its interest expense.
Yes
No
  1. Operating Income less Tax plus Noncash Items/Operating Expenses plus Dividends (Cash Flow Match) – shows the ability of the parent company to meet cash flow needs.
Yes
No
  1. Fees plus Other Income from Subsidiaries/Salaries and Other Expenses – shows the degree to which fees and other income cover the parent overhead.
No
No
  1. Dividends Paid/Net Income (Payout Ratio) – indicates how much of the parent's net income is being paid out in dividends.
Yes
No
  1. Dividends from All Subsidiaries – indicates if the parent is using dividends from subsidiaries to pay dividends at the parent level or if the funds are used for other purposes.
No
No
Source: FIAS and Manual of Examination Policies.

As shown in Table 9, the revised Chapter 4.3 of the Manual discusses only of 3 of the 10 ratios. Further, the proposed revisions to the Related Organizations ED Module include a procedure to consider the level of holding company or parent organization borrowing to provide equity contributions to the subsidiary bank (double leverage ratio) in reviewing and analyzing the holding company's or parent company's financial information. However, the proposed revisions do not include the three ratios mentioned in revised Chapter 4.3.

RDM 2001-045, Revised Report of Examination, dated October 11, 2001, provides guidance on the ROE formatting, based on feedback from internal and external ROE users, streamlining the format in order to improve efficiency and increase readability. For example, the "Relationships with Affiliates and Holding Companies" (RAHC) page(s) is not mandatory in the ROE. The RAHC page included a table of holding company ratios and trends, a schedule of extension of credit to affiliated organizations and comments, including a description of holding company relationships. The table of holding company ratios and trends included 7 of the 10 ratios in the FIAS training program.

In our review of examination workpapers and ROEs for 11 ILCs, we could not always determine whether examiners calculated these ratios. DSC Salt Lake City Field Office representatives told us that for large ILCs, these ratios are not always informative. Further, two examiners did not calculate these ratios because the ILCs were a small part of their parents' operations. In addition, one examiner believed that these ratios would yield virtually useless information.

In the absence of FRB holding company reports, these ratios could provide examiners with important insights about the impact that affiliates are having on the ILC. DSC's examination policies, procedures, and the ROE could be improved by requiring examiners to calculate and report the ratios in the ROE, especially for ILCs.

Service Relationships and Contingency Plans: The revised Chapter 4.3 and proposed revisions to the Related Organizations ED Module do not include a policy discussion or procedures for the last two factors identified in Supervisory Insights:

  • Assess whether all service relationships are governed by a written agreement.
  • Review whether the bank should have a contingency plan for all critical business functions performed by affiliated companies.

In our review of examination workpapers for 11 ILCs, we found that examiners performed procedures to determine that service relationships were documented in written agreements, when applicable, in all 11 examinations. However, in the 11 examinations, we could not determine whether examiners addressed the factor regarding contingency plans for critical functions performed by affiliated companies. DSC responded that, when applicable, the question regarding contingency plans for critical functions was addressed during the Information Technology (IT) review of the examination, which, in some cases, is reported in a separate IT report. We did not review the IT workpapers.

Recommendations

In June 2004, the FDIC issued to the public Supervisory Insights, which includes some suggested best practices for ensuring "corporate separateness" in the case of insured depository institutions that are owned by a non-bank parent company, which include ILCs. Supervisory Insights includes a discussion of possible examination procedures for assessing a bank's corporate structure, determining how the bank interacts with affiliates, and evaluating financial risks that may be inherent in the relationship. Table 7 in this report identifies some procedures in Supervisory Insights that are presently not fully included in DSC's current policies and procedures. In light of the importance of the ILC-affiliate relationship, we recommend that DSC ensure that its examination policies and procedures incorporate the best practices for "corporate separateness." Therefore, we recommend that the Director, DSC:

  1. Revise Chapter 4.3 of the Manual of Examination Policies to include a discussion of the 11 factors discussed in the Supervisory Insights article.

  2. Revise the Related Organizations ED module to incorporate the various procedures mentioned in the Supervisory Insights article.

  3. Revise Chapter 4.3 of the Manual of Examination Policies to include a discussion of possible sources for examiners to obtain relevant financial ratios when analyzing non-bank holding companies or commercial parents.

  4. Include the "Relationships with Affiliates and Holding Companies" page in the ROE when necessary.

Offsite Monitoring Process

DSC has various controls such as offsite monitoring of banks and parent companies and onsite visitations of parent companies, when deemed necessary, to help mitigate identified risks posed to the depository institution by its parent holding company. Formal offsite monitoring of the ILCs is performed through the FDIC's Offsite Review Program and the Large Insured Depository Institutions (LIDI) Program. These programs focus primarily on the bank itself, but certain activities of the LIDI Program take the parent company into consideration. Although the FDIC can exercise its statutory authority (Section 10(b)(4) of the FDI Act, codified to 12 U.S.C. §1820) to conduct an onsite examination of the parent company, DSC prefers to engage in less formal activities facilitated through company management or less intrusive activities such as reviewing financial reports. We interviewed case managers and EICs and reviewed regional files and field examination workpapers for 11 ILCs and found that offsite monitoring was performed in all 11 instances. DSC did not deem it necessary to perform a full-scope onsite visitation [13] to any of the parent companies of the 11 ILCs. DSC initiated efforts to develop an onsite visitation program for non-bank holding company parents. We are recommending that DSC establish a goal in its 2005 Performance Plan to formalize the onsite visitation program.

Offsite Review Program: The Offsite Review Program is designed to identify emerging supervisory concerns and potential problems so that supervisory strategies can be adjusted appropriately. DSC case managers or field supervisors perform Offsite Reviews quarterly for each bank on the Offsite Review List (ORL). DSC regional management is responsible for ensuring that Offsite Review findings are considered in examination schedules and other supervisory activities.

The Statistical CAMELS Offsite Rating (SCOR) and Growth Monitoring System (GMS) are offsite review programs based on statistical models that use Call Report [14] data to monitor the condition of financial institutions and assist in prioritizing onsite safety and soundness examination efforts. SCOR-lag is a derivation of SCOR that attempts to more accurately assess financial condition in rapidly growing banks. After Call Report data is updated each quarter, an ORL is generated using SCOR, GMS, and SCOR-lag risk measures. According to the FDIC CM Manual, the Offsite Review Program is intended to identify potential emerging problems; therefore, the ORL includes only 1- and 2-rated institutions. The CM Manual also states that each institution on the ORL must have an Offsite Review completed and approved 14 weeks after each Call Report date.

LIDI Program: The FDIC established the LIDI Program to provide analyses of risk profiles of companies with total consolidated assets of $10 billion or more. Although LIDI companies are primarily holding companies, the LIDI Program also includes banks and thrifts that meet the assets threshold. In January 2004, DSC issued RDM 2003-060, Large Insured Depository Institutions (LIDI) Process Redesign, which changed the asset-size reporting threshold to $10 billion or more and expanded the scope to include certain ILCs that did not otherwise meet the existing LIDI Program criteria. Prior to the January 2004 RDM, six ILCs were in the LIDI Program; nine additional ILCs were included in the first quarter 2004 LIDI reporting cycle.

The objectives of the LIDI Program include:

  • Timely and complete analyses of risk profiles of the LIDI institutions.
  • Documentation and communication of risk profiles.
  • Development, review, and analysis of supervisory strategies.
  • Documentation and communication [15] of supervisory strategies.
  • Identification and communication of emerging risks and trends to the overall banking industry and to the deposit insurance funds.

Case managers prepare quarterly written reports that document the analysis of the risk profile and supervisory strategies of large depository institutions in the LIDI program. The Large Bank Section synthesizes information from LIDI reports, aggregates data on large banks to identify trends and emerging risks, and communicates these trends and emerging risks to FDIC's senior management, the FDIC's Board of Directors, other regulators, and DSC staff.

The FDIC has established a DSC Web site, Risk Management – Large Banks – LIDI Guidance & Web Resources, which contains information on LIDI companies; LIDI templates; links to offsite analysis and information, including the 25 largest banking organizations; statistics on depository institutions, and bank and company research; debt ratings; and descriptions.

The LIDI case manager has various sources of information on which to base an analysis of the risk profile and supervisory strategies of large depository institutions. For example, DSC's Large Bank Section can provide statistics based on market information. We reviewed case manager files for the eight ILCs in our sample that were included in the LIDI Program and determined that quarterly reports had been completed for six ILCs for either the last quarter of 2003 or the first quarter of 2004.

Informal Offsite Monitoring: The case managers we interviewed told us that one of their activities to help mitigate risks posed to the insurance fund by an ILC or any depository institution is the offsite analysis performed using data generated from SCOR and GMS. The case managers also said their monitoring efforts include reviewing public Securities and Exchange Commission (SEC) filings for holding companies, annual reports and financial statements, news articles and press releases, stock price reports, and corporate debt ratings. The case manager and the EIC for the largest ILC in our sample and the EIC for the second largest ILC routinely receive monthly board of directors' meeting packages. We saw copies of such meeting minutes, bank committee meeting minutes, SEC filings, news articles, and miscellaneous stock and debt rating information in the case manager files we reviewed. In addition, several EICs said that they typically look at offsite review reports during the planning and risk-scoping phase of examinations and public filings, annual statements, news reports, and other offsite financial reports of the parent company during the course of their examinations.

State Authorities: DSC and chartering State Authorities supervise ILCs and examine transactions and agreements the ILCs may have with the parent companies. Further, the states of Utah, California, and Nevada, which collectively supervise 48 of the 56 FDIC-insured ILCs, have direct authority to conduct examinations of parent and affiliates. The Commissioner, Utah Department of Financial Institutions (DFI) told us that in addition to Utah's examination jurisdiction and enforcement authorities over the ILCs, each ILC holding company must register with the DFI and is subject to DFI's jurisdiction, per Section 7-8-16 of the Utah Code. Furthermore, the Utah Code (Section 7-1-510) stipulates that each ILC holding company is subject to examination and enforcement authority of the DFI. In addition, DFI examiners use various methods to monitor a parent holding company's operations, including those shown in Table 10.

Table 10: Utah DFI Methods for Monitoring Parent Holding Company Operations
Methods for Monitoring Holding Company Operations
  • Reviewing SEC filings 10-K and 10-Q for publicly traded companies.
  • Reading American Banker Association articles.
  • Reading and reviewing audit reports for the holding company financial statement audits.
  • Reviewing service agreements that the ILC has with its parent and testing transactions for compliance with Sections 23A and 23B of the FRA.
  • Reviewing parent company's annual reports.
Source: DFI, Utah.

The Commissioner, DFI, California, told us that although DFI has the authority to examine parent company holding company organizations, DFI examiners review the parent holding company as part of the examination of the financial institution. [16] If the parent holding company has other activities, DFI examiners will review those activities, as deemed necessary. The Commissioner pointed out that usually the parent holding company is at the same physical location as its bank.

Visitations to the Parent Company

The FDIC has the authority to examine an industrial bank's parent for the purpose of determining (i) the relationship between the industrial bank and its parent and (ii) the effect of such relationship on the industrial bank. When it has been deemed necessary to review such relationships, the existence of this examination authority has greatly enhanced the FDIC's success in obtaining the information needed to make such determinations without any resistance from the parent organization. As a result, the FDIC has had only two cases where it had to use its authority to examine industrial banks' parent companies onsite. These cases were problem situations that involved securitization activities run through the parent organization.

--FDIC June 3, 2004 Response to the Chairman, Committee on Banking, Housing, and Urban Affairs.

Based on our discussions with EICs and a review of workpapers for the largest ILC, we saw situations in which examination teams conducted visitations to the parent company. These were generally targeted reviews of such things as the parent's capital market operations, and the results of the reviews were documented in the examination workpapers. As noted earlier, the FDIC does not have explicit statutory authority to supervise ILC parent companies; the FDIC, however, does have the authority to examine the ILC's parent for the purpose of determining the relationship between the ILC and its parent and the effect of such a relationship on the ILC. When it is deemed necessary to review these relationships, the FDIC's preference and DSC's practices are to make such determinations informally through the ILC and parent company management. DSC's supervisory approach is to examine transactions between the ILC and its parent and to evaluate the financial and managerial strength of the parent company through an offsite review of financial and organizational documents. DSC had planned to formalize an onsite visitation program for non-bank holding company parents.

DSC established a goal in its 2004 Performance Plan to formalize an examination program for non-bank holding company parent organizations and estimated completing the examination program by July 31, 2004. DSC officials told us that they prepared a very preliminary draft outline of an examination program which was provided to DSC and Legal Division senior management for review and comment. As of the date of this report, DSC had not completed the examination program. DSC officials told us that DSC is still in the "conceptual feasibility stage" of developing an examination program for non-bank holding company parent organizations.

Generally, the FDIC would only exercise its statutory authority to examine a non-bank holding company when DSC examiners identify a perceived risk or problem. In addition there is sensitivity associated with the FDIC examining entities for which it is not the primary federal regulator. Accordingly, to ensure adequate coverage of potential risks and to minimize any uncertainty on the part of other federal regulators regarding DSC's examination approach, DSC should consider developing a clear supervisory philosophy governing the appropriate broadening of financial analysis or examination of non bank holding company parents. Any policies arising from this high level review should provide guidance for examiners regarding the areas of the parent organization that should be reviewed and procedures associated with the review.

Recommendation

We recommend that the Director, DSC:

  1. Establish a 2005 divisional objective to consider the expansion of the FDIC's examination program for non-bank parents and affiliates.

Corporation Comments and OIG Evaluation

The Director, DSC, with the concurrence of the Deputy to the Chairman and Chief Operating Officer, provided a written response dated September 28, 2004 to a draft of this report. The FDIC's response is presented in its entirety in Appendix VI. Appendix VII presents a summary of FDIC's responses to our recommendations.

FDIC generally agreed with the intent of all eight of our recommendations. Further, the FDIC proposed actions sufficient to resolve each recommendation. However, the recommendations will remain undispositioned and open for reporting purposes until we have determined that the agreed to corrective actions have been completed and are effective.



APPENDIX I

OBJECTIVE, SCOPE, AND METHODOLOGY

The objectives of the review were to evaluate:

  • whether limited-charter depository institutions pose greater risks to the insurance fund than other financial institutions, including whether certain bank activities are uniquely permissible in the limited-charter depository institutions that could present potential material risks to the insurance fund, and

  • DSC's supervisory approach in determining and mitigating material risks posed to limited-charter depository institutions by parent companies.

As of March 31, 2004 there were 56 ILCs with total assets of nearly $135.4 billion. The 56 ILCs are located in 7 states. Utah, California, and Nevada charter 48 of the 56 ILCs, and the 48 ILCs hold 99 percent of all ILC assets. We judgmentally selected 12 of the 56 ILCs for our review of DSC's supervisory approach in determining and mitigating risks posed to the ILCs by their parent holding companies. Of the 12 ILCs in our sample, 8 were chartered in Utah, 3 in California, and 1 in Nevada. The 12 ILCs had total assets of $121.1 billion, approximately 90 percent of the nearly $135.4 billion total assets for the 56 ILCs. During the course of our evaluation, we discovered that one of the ILCs had no affiliate activities, and we did not include it in our assessment of DSC's supervisory approach in determining and mitigating risks posed to ILCs by parent companies.

We selected a separate sample of three ILCs for our review of the FDIC's process for approving applications for deposit insurance. Two of the three ILCs are chartered in Utah, and one ILC is chartered in Delaware.

The evaluation field work was performed in DSC headquarters in Washington, D.C.; DSC regional offices in San Francisco, California, New York, New York, and Dallas, Texas; and DSC field offices in Salt Lake City, Utah, Orange, California, Sacramento, California, and Claymont, Delaware.

We performed our evaluation from April 2004 through August 2004 and in accordance with generally accepted government auditing standards. To accomplish our objectives, we performed the following.

  • Reviewed DSC policies and procedures pertaining to safety and soundness examinations, particularly in the area of related organizations and a bank's relationships with affiliated organizations.
  • Reviewed DSC policies and procedures pertaining to deposit insurance applications, with an emphasis on the FDIC's process for reviewing and approving applications.
  • Reviewed DSC policies and procedures pertaining to offsite monitoring activities and programs for depository institutions and parent holding companies.
  • Reviewed Federal Reserve Board and Office of Thrift Supervision policies and procedures pertaining to examinations of bank holding companies and thrift holding companies.
  • Reviewed and analyzed examination workpapers and Reports of Examination (ROE) for the 12 ILCs in our sample to determine the procedures that examiners applied in assessing the ILC's relationship with its parent company and determining the impact of that relationship.
  • Reviewed and analyzed files and Reports of Investigation (ROI) for three ILC applications for deposit insurance.
  • Interviewed case managers and Examiners-in-Charge (EIC) responsible for managing the ILCs in our sample.
  • Interviewed the EICs who conducted the investigations and prepared the ROIs for the three ILC deposit insurance applications in our sample.
  • Interviewed DSC policymakers in Washington, D.C.
  • Interviewed the Commissioner, Department of Financial Institutions (DFI), Utah.
  • Interviewed the Commissioner, DFI, California.
  • Interviewed DSC officials in DSC's San Francisco and New York Regional Offices and respective field offices.

Government Performance and Results Act

The FDIC 2003 Corporate Performance Objectives included a performance objective to develop and effectively articulate FDIC analysis and policy positions in a timely manner by developing and articulating to the Congress, the industry, and other stakeholders the Corporation's analysis and/or policy positions on identified issues. As a result, an interdivisional working group prepared an internal report articulating the FDIC's position on the ILC issue. DSC used portions of the report in Supervisory Insights that was issued to the public in June 2004.

The 2004 DSC Division Objectives included the following planned actions related to ILCs.

  • Expand the Large Insured Depository Institutions (LIDI) reporting protocol to include ILCs.
  • Communicate prudential conditions that might be imposed in approving an ILC's application for deposit insurance.
  • Update the Manual of Examination Policies to include a full discussion of ILCs in the Related Organizations chapter.
  • Formalize an examination program for non-bank holding company parent organizations.

Reliance on Computer-Generated Data

We relied on some computer-generated data pertaining to reports of examination from the Interagency Examination Repository (IER). The nature of our evaluation objectives did not require performing a comprehensive data reliability assessment of computer-processed data obtained from the IER or other FDIC computerized systems.

Management Controls

We gained an understanding of relevant control activities by reviewing DSC's applicable policies and procedures for processing deposit insurance applications and safety and soundness examinations. These policies and procedures are presented in FDIC Manual of Examination Policies, Case Manager Procedures Manual, ED Modules, Regional Directors Memoranda, and Supervisory Insights, June 2004. Our evaluation resulted in recommendations to strengthen certain policies and procedures, as discussed in the section entitled FDIC Supervisory Strategies for ILCs, Affiliates, and Parent Companies.

Laws and Regulations

We gained an understanding of certain aspects of the FDI Act, the Bank Holding Company Act of 1956, and Sections 23A and 23B of the Federal Reserve Act, and evaluated the FDIC's establishment and implementation of procedures for examining the sampled institutions' compliance with the Acts and adherence to deposit insurance applicant requirements.

Fraud and Illegal Acts

The nature of our evaluation objectives did not require that we assess the possibility for fraud and illegal acts. However, no instances of fraud and illegal acts came to our attention during our evaluation.

Review of Examination Workpapers and ROEs

On August 6, 2004, we sent our preliminary analysis of the examination workpapers and ROEs for the 11 ILCs in our sample to DSC SFRO. We identified the criteria used in our analysis – Section 4.3 of the Manual and Supervisory Insights – and welcomed any discussion with or comments from DSC. DSC SFRO provided written comments on August 17, 2004, and August 19, 2004. DSC's comments are reflected in pertinent sections of this report, and we incorporated DSC's comments in Appendix IV, Results of ILC Workpaper Review.



APPENDIX II

ILC BUSINESS LINES AND PERMISSIBLE ACTIVITIES

It is important to note here that risk posed by any depository institution depends on the appropriateness of the institution's business plan and model; management's competency to run the bank; the quality of the institution's risk-management processes; and the institution's level of capital.

The FDIC must be vigilant in its supervisory role. But I will reiterate: The FDIC believes the ILC charter, per se, poses no greater safety and soundness risk than other charter types.

--Excerpt from May 30, 2003 speech made by Donald E. Powell, Chairman, FDIC, before the Conference of State Bank Supervisors.

DSC contends that risks presented by ILCs are typically related to the type of business lines in which the depository institution is involved rather than the type of charter through which the depository institution is operating. In respect to evaluating whether certain bank activities are allowed only for ILCs, we did not identify any bank activities that are uniquely permissible in the ILCs we reviewed. Typically, limited-charter depository institutions can engage in activities permitted for other insured depository institutions. ILCs can engage in most banking activity but cannot accept demand deposits, except in limited circumstances. Thus, DSC believes that the ILCs pose no greater risks to the insurance fund than other financial institutions.

The FDIC has reported to the Congress, the GAO, and the public that the Corporation's experience does not indicate that the overall risk profile of ILCs is dissimilar from the overall risk profile of the remaining portfolio of insured institutions. Through various communications, the FDIC has repeatedly reported that the risk posed by any insured depository institution is a factor of the appropriateness of the business plan and model, management's competency in administering the institution's affairs, and the quality and implementation of risk management programs. For example, included in the FDIC's April 7, 2004 response to the Chairman, Subcommittee on Oversight and Investigations, Committee on Financial Services, U.S. House of Representatives, is the statement:

Similar to institutions with other charter types, an ILC's capital adequacy and overall safety and soundness posture is driven by the composition and stability of the institution's lending, investing, and funding activities and the competence of management. Accordingly, the FDIC concentrates on these elements when considering a new application for deposit insurance as well as in supervising existing ILCs.

DSC's Approach for Identifying Risks at ILCs

As discussed in other sections of this report, the FDIC uses a risk-focused examination process designed to focus bank examinations on bank functions that pose the greatest risk. DSC uses this risk-focused examination approach for FDIC-supervised banks, including ILCs. The risk-focused examination process attempts to assess an institution's risk by evaluating its processes to identify, measure, monitor, and control risk. The objective of a risk-focused examination is to effectively evaluate the safety and soundness of the bank, including the assessment of risk management systems, financial condition, and compliance with applicable laws and regulations, while focusing resources on the bank's highest risk areas. Examiner judgment to determine the depth of review in each functional area is crucial to the success of the risk-focused supervisory process.

Business Lines of ILCs

Business models involving significant transactions or affiliations generally fall into one of several broad categories:

Table 11: Information on ILC Business Models
Business Model Description Number of ILCs Total Assets
($ in millions)
Example ILCs
Community-focused, stand-alone institutions.
6
$786.5

1% of total ILC assets

  • Golden Security Bank
  • Tustin Community Ban
Institutions embedded in organizations whose activities are predominantly:   $127,748.2

94% of total ILC assets

  • Finance Factors, LTD
  • Merrill Lynch Bank USA
  • American Express Centurion Bank
  • USAA Savings Bank
  • Associates Capital Bank
  • Trust Industrial Bank
a) financial in nature, with the ILC having a community focus,
15
b) financial in nature, with the ILC supporting a specialty function or niche within the business organization, or
16
c) conducted within the financial services sector.
3
  Subtotal – 34
Institutions embedded in business organizations whose activities are conducted within the financial services units of larger corporate organizations that are not necessarily financial in nature.
7
$4,212.0

3% of total ILC assets

  • GE Capital Financial, Inc.
  • GMAC Commercial Mortgage Bank
  • Exante Bank
Institutions that directly support the parent organizations' distinctly commercial activities.
9
$2,633.4

2% of total ILC assets

  • BMW Bank of North America
  • Volkswagen Bank USA
  • Pitney Bowes Bank
Total
56
$135,380.1  
Source: DSC.

Differences Between ILCs and Traditional Charter Banks

ILCs are subject to the same banking laws and are regulated in the same manner as other insured depository institutions. Although ILCs are supervised and examined by federal and state regulators, the ILC's parent company may not always be subject to the same supervision because most owners of ILCs are exempt from FRB supervision. Table 12 on the following page shows the differences as well as the similarities of powers afforded an ILC compared to a bank with a traditional charter.

Table 12: Comparison of Powers and Regulatory Oversight Between State Commercial Banks and ILCs
Powers State Commercial Bank That Is a BHCA Bank ILCs That Are Not BHCA Banks
Ability to accept demand deposits Yes Varies with the particular state. Where authorized by the state, demand deposits can be offered if either the ILC's assets are less than $100 million or the ILC was not acquired after August 10, 1987.
Ability to export interest rates Yes Yes
Ability to branch interstate Yes Yes
Ability to offer full range of deposits and loans Yes Yes, including negotiable order of withdrawal (NOW) accounts, except for the restriction regarding demand deposit accounts for some ILCs.
Authorized in every state Yes No. ILCs currently are chartered in seven states.(a)
Examination, supervision, and regulation by federal banking agency Yes Yes
The FDIC may conduct limited scope examination of affiliates Yes Yes
Golden Parachute restrictions apply Yes Yes, to the institution; no, to the parent.
Cross Guarantee liability applies Yes No
23A & 23B, Reg. O, CRA apply Yes Yes
Anti-tying restrictions apply Yes Yes
Parent(b) subject to umbrella federal oversight Yes No
Parent(b) activities generally limited to banking and financial activities Yes No
Parent(b) could be prohibited from commencing new activities if a subsidiary depository institution has a CRA rating that falls below satisfactory Yes No
Parent(b) could be ordered by a federal banking agency to divest of a depository institution subsidiary if the subsidiary becomes less than well capitalized Yes No
Full range of enforcement actions can be applied to the subsidiary depository institutions if parent fails to maintain adequate capitalization Yes Yes(c)
Control owners who have caused a loss to a failed institution may be subject to personal liability Yes Yes
Source: The FDIC Supervisory Insights, Summer 2004.
Notes:
(a) California, Colorado, Hawaii, Indiana, Minnesota, Nevada, and Utah.
(b) Parent, with respect to a state commercial bank, refers to a bank holding company or financial holding company subject to supervision by the Federal Reserve. Broker-dealers who own ILCs may be able to choose consolidated supervision by the Securities and Exchange Commission.
(c) OIG Note: If an ILC becomes undercapitalized, its parent must guarantee that the ILC will comply with the capital restoration plan that the ILC must submit under the Prompt Corrective Action provisions of Section 38 of the FDI Act.

Permissible Activities

Generally, the authority of ILCs to engage in activities is determined by the laws of the states in which the ILCs are chartered. The authority granted to an ILC may vary from one state to another and may be different from the authority granted to commercial banks. In an April 30, 2003, response to questions posed by Senator Robert F. Bennett, the FDIC Chairman stated that except for offering demand deposits, an ILC generally may engage in all types of consumer and commercial lending activities and all other activities permissible for banks.

The FDIC Chairman noted that from a federal law perspective, one of the major differences between an ILC charter and other depository institution charters is that certain ILCs have a grandfathered exemption from the BHCA. Generally, an ILC can maintain its exemption so long as it meets at least one of the following conditions: (1) the ILC does not accept demand deposits, (2) the ILC's total assets are less than $100 million, or (3) control of the ILC has not been acquired by any company after August 10, 1987. The FDIC Chairman further stated that the FDIC has determined that there are two limitations in the Corporation's authority regarding ILCs when compared to other charters. These two limitations pertain to Cross-Guarantee Authority and Golden Parachute Payments.

Cross-Guarantee Authority: As part of the Federal Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (FIRREA), Congress established a system that generally permits the FDIC to assess liability across commonly controlled institutions for FDIC losses caused by the default of one of the institutions. Currently, cross-guarantee liability is limited to insured depository institutions that are commonly controlled as defined by the statute. The definition of "commonly controlled" limits liability to insured depository institutions that are controlled by the same depository institution holding company (i.e., either a bank holding company or a savings and loan holding company). Since the parent company of an ILC is neither a bank holding company nor a savings and loan holding company, ILCs that are owned by the same parent company would not be "commonly controlled." As a result, cross-guarantee liability may not attach to ILCs that are owned by the same parent company. The Financial Services Regulatory Relief Act of 2003 contains language that would enhance the FDIC's efforts to protect the deposit insurance funds by establishing parity with other types of charters. This discretionary authority would extend only against an insured depository institution under common control with the defaulting institution. The cross-guarantee authority makes no significant difference unless two or more ILCs are owned by a parent and one fails.

Golden Parachute Payments: As part of the same proposed legislation, there is an amendment to section 18(k) of the FDI Act, 12 United States Code Section 1828 (k), to clarify that the FDIC could prohibit or limit a non-bank holding company's golden parachute payment or indemnification payment. In 1990, Congress authorized the FDIC to prohibit or limit prepayment of salaries or any liabilities or legal expenses of an institution-affiliated party by an insured depository institution or a depository institution holding company. Such payments are prohibited if they are made in contemplation of the insolvency of such institution or holding company or if they prevent the proper application of assets to creditors or create a preference for creditors of the institution. Due to the existing statutory definition of a depository institution holding company, it is not clear whether the FDIC is authorized to prohibit these types of payments made by non-bank holding company parents (such as ILC parent companies). Limiting or prohibiting the golden parachute payments reduces the loss to the deposit insurance fund.



APPENDIX III

REGULATORY SUPERVISION OF ILC PARENT COMPANIES

Much has been said and published about ILCs and the sufficiency of regulatory authority over ILC parent holding companies. Opponents of ILCs contend that because ILCs are not subject to the BCHA, their parent companies escape FRB supervision at the holding company level. Proponents of the ILC charter note that in some cases, other federal agencies, such as the OTS or the SEC, provide supervision at the parent company level. We found that ILC parent companies are subject to varying degrees of federal regulation.

Regulatory Framework for ILC Parent Companies

By far, the parents of the ILCs we reviewed are regulated in some fashion by one or more federal agencies. Further, all ILC parents are subject to some regulation or oversight by the state banking agency under which the ILC was chartered. In fact, the parents in 10 of the 12 ILCs in our sample were subject to state regulation as well as some form of federal supervision, as shown in Table 13. [17]

Table 13: Federal Regulation of ILC Parents
ILC Name State Total Assets
($ in millions)
As Of 3/31/04
Parent Company Is Parent Publicly Traded? Other Regulators
involved in Supervision
Merrill Lynch Bank USA Utah $67,079 Merrill Lynch & Company, Inc. Yes SEC, OTS
American Express Centurion Bank Utah $19,574 American Express Yes SEC, OTS
UBS Bank USA Utah $14,784 UBS AG Yes SEC, FRB
Freemont Investment & Loan California $9,707 Fremont General Corporation Yes SEC
USAA Savings Bank Nevada $5,803 United States Automobile Association (USAA) No OTS
BMW Bank of North America Utah $1,370 BMW No N/A
Fireside Bank California $1,109 Unitrin, Inc/Teledyne, Inc. Yes SEC
Universal Financial Corporation Utah $516 Citigroup, Inc. Yes SEC, FRB
Wright Express Financial Services Utah $381 Cendant Corporation Yes SEC
Associates Capital Bank, Inc. Utah $357 Citigroup Yes SEC, FRB
Republic Bank, Inc. Utah 275 Republic Bancorp No N/A
First Security Thrift Company California $170 First American Corporation Yes SEC, OTS
Source: OIG Analysis.

As shown in Table 13 on the previous page, for 7 of the 12 ILCs in our sample, either the FRB or the OTS provide supervision of the parent company. Those ILCs had 89 percent, or $108 billion of the total assets in our sample.

In addition to the parent company regulation afforded by the FRB under the BHCA, ILC parent regulation can occur in a number of ways, such as the following:

  • OTS Regulation: Several of the larger ILCs are affiliated with savings institutions. As a result, these firms are subject to oversight as "unitary thrift holding companies" by the OTS. Savings and loan holding companies are required to register with the OTS and submit reports about the operations of the holding company and its subsidiaries and are subject to examination by the OTS. The OTS examiners have the power to make such examinations of the affairs of all affiliates of such savings association as shall be necessary to disclose fully the relations between such savings associations and their affiliates and the effect of such relations upon such savings associations. [18]

    In November 2003, the OTS issued Regulatory Bulletin 35, addressing the supervision of "large and complex enterprises" that control thrifts. The Bulletin requires examiners of conglomerates that include thrifts to conduct a "comprehensive assessment from the perspective of the consolidated regulator at the parent, top tier, organization within the conglomerate." The Bulletin provides detailed guidance to enable examiners to identify and understand significant relationships and transactions within the conglomerate, assess the organization's financial condition and capital adequacy, and evaluate the organization's risk profile, management capability, and internal control systems.

    We determined that the parents of three large ILCs (i.e., banks controlled by Merrill Lynch, American Express, and Morgan Stanley) were subject to regulation by the OTS. Collectively, these three ILCs hold approximately $91 billion in total assets and represent about 67 percent of the total ILC assets. The FDIC has information-sharing agreements in place with the OTS, and the FDIC routinely communicates with OTS examiners when performing examinations of these ILCs.

  • SEC Consolidated Supervision: On June 8, 2004, the SEC adopted rule amendments under the Securities Exchange Act of 1934, which established a voluntary, alternative method of computing deductions to net capital for certain broker-dealers. As a condition to a broker-dealer's use of the alternative method of computing net capital, the rule amendments require a broker-dealer's ultimate holding company, if that ultimate holding company does not have a principal regulator, to consent to certain undertakings. In particular, the ultimate holding company must do the following:

    • Provide information about the financial and operational condition of the ultimate holding company. Specifically, the ultimate holding company must provide the SEC with certain capital and risk exposure information provided to the ultimate holding company's senior risk managers. This information would include market and credit risk exposures and an analysis of the ultimate holding company's liquidity risk.

    • Comply with rules regarding the implementation and documentation of a comprehensive, group-wide risk management system for identifying, measuring, and managing market, credit, liquidity, legal, and operational risk.

    • Consent to SEC examination of the ultimate holding company and its material affiliates.

    • As part of its reporting requirements, compute, on a monthly basis, group-wide allowable capital and allowances for market, credit, and operational risk in accordance with the standards adopted by the Basel Committee on Banking Supervision. [19]

Holding companies such as BHCs that have a principal regulator are not subject either to SEC examination or those rules requiring internal risk management controls outside of the broker-dealer and are subject to reduced reporting, recordkeeping, and notification requirements.

  • Supervision of Foreign Banking Organizations: Foreign banking organizations such as UBS AG are subject to consolidated supervision under the European Union model, which requires review at the holding company level of internal controls, capital adequacy, intra-group transactions and risk concentration. Further, industrial bank owners that do business in European Union countries (such as broker-dealer and investment bank owners of industrial banks) are subject to the European Union Directive for Financial Conglomerates, 2002/87/EC, dated December 16, 2002. This Directive requires financial services holding companies to be regulated under a supervisory framework that is the functional equivalent of European Union consolidated supervision. The SEC finalized the CSE option mentioned above, in part, in response to the Directive requirement.

  • FRB Supervision: Three of the ILCs we reviewed are organized within large corporate families that are ultimately parented by bank holding companies or financial holding companies supervised by the FRB pursuant to the BHCA. For example, Universal Financial Corporation and Associates Capital Bank, Inc, are both Utah ILCs whose ultimate parent is Citigroup, a bank holding company supervised by the FRB.

Accordingly, consolidated supervision of ILC parents can, and does, occur in a variety of ways.

Mixing of Banking and Commerce

As discussed earlier, one benefit of the ILC charter is that it allows commercial companies to own a financial institution without divesting all non-bank related activities, which is contrary to the long-standing prohibitions on mixing banking and commerce. However, FDIC representatives contend that private individual banking owners have always been allowed to own non-financial companies and to use the insured depository institution to fund the operations of non-financial companies subject to the limitations of Sections 23A and 23B of the FRA.

As previously illustrated in Table 11, DSC groups ILCs into four categories. ILCs within category 4, those institutions that directly support the parent organizations' distinctly commercial activities, are those that mix banking and commerce activities. This category represents 2 percent of total ILC assets. Table 14 provides details on the nine ILCs that fall into this category.

Table 14: ILCs that Mix Banking and Commerce
ILC Name State Total Assets
(in Millions)
Description of Business Line
Pitney Bowes Bank, Inc. UT $504.1 Small business credit cards
Transportation Alliance BK UT $146.2 Fuel purchase cards and small business lending
BMW Bank of North America UT $1,370.0 Financial services for BMW customers
Volvo Commercial Credit Corporation of Utah UT $24.2 Consumer credit cards
First Electronic Bank UT $7.2 Private label credit card
Volkswagen Bank, USA UT $513.4 Financing autos
Eaglemark Savings Bank NV $34.5 Harley Davidson
Enerbank UT $33.2 Consumer energy product financing
Toyota Financial Savings Bank NV New Toyota
Source: DSC and DFI, Utah.

Bank-Centric Supervisory Approach and Supervisory Focus

The FDIC describes its approach to examining financial institutions and their affiliates, including parent companies, as a bank-centric or bank-up approach. In effect, the FDIC uses its examination authority, especially Sections 23A and 23B of the FRA, to insulate the bank from affiliates that may pose a threat to the safety and soundness of the bank. For example, FDIC executives offer their experiences in supervising the former Conseco, which was an ILC, as a successful example of the how the FDIC was able to "wall off" Conseco from its parent company and save the ILC from failing.

We can and do visit the parent companies - and other affiliated entities, for that matter - to look over issues or operations that could impact the insured institution. Congress has given us the power to protect the integrity of those relationships. We have exercised that power, and we have coordinated closely with you - the state regulators - in our work. We have found parent companies of ILCs to be acutely conscious of their responsibilities with respect to their ILC subsidiaries and the consequences of violating applicable laws and regulations.

Further, the firewalls and systems of governance safeguarding ILCs from misuse by their parent companies are, in many cases, more stringent than what exists in many affiliates of bank holding companies. In part, the generally positive experience of the ILC charter in recent years is attributable to a continually evolving supervisory approach that considers each institution's purpose and placement within the organizational structure.

--Excerpt from FDIC Chairman, Donald E. Powell's May 30, 2003, speech before the Conference of State Bank Supervisors.

Authority to Examine ILC Parents: Although the FDIC does not have statutory authority to directly supervise the parent companies of ILCs, the FDIC does have the authority under Section 10(b)(4) of the FDI Act, codified to 12 U.S.C. § 1820, to examine any insured depository institution, to make examinations of the affairs of any affiliate, including the parent company, as may be necessary to fully disclose the relationship between the ILC and its affiliate and to determine the effect of such a relationship on the ILC.

Examinations of affiliates that are considered necessary by the examiner must be supported by compelling reasons and must receive prior clearance from the FDIC regional office. We identified two cases in which the FDIC had formally exercised its 10(b) authority to examine ILC parent companies—the case of Pacific Thrift and Loan and Southern Pacific Bank. Both ILCs ultimately failed. However, as noted earlier in this report, we did see evidence that the FDIC performs targeted examination work at the parent and affiliate level as part of the examination of the ILCs.

Further, Section 10(c) of the FDI Act empowers the FDIC, in the course of its supervisory activities, to issue subpoenas and to take and preserve testimony under oath so long as the documentation or information sought relates to the affairs or ownership of the insured institution. Accordingly, individuals, corporations, partnerships, or other entities that in any way affect the institution's affairs or ownership may be subpoenaed.

As discussed elsewhere in this report, Utah, California, and Nevada have direct authority to conduct examinations of parents and affiliates. We contacted state regulators in Utah and California to obtain an understanding of their approach and to determine how frequently they examined ILC parents. We discuss the states' activities in the Offsite Monitoring Process section of this report.

Enforcement Authority Over ILC Parents: In mid-September 2004, in response to a draft version of this report, DSC officials informed us that DSC had determined that the FDIC has enforcement authority over non-bank holding company parents. In general, DSC reported that Section 3(u) of the FDI Act makes FDIC's enforcement powers detailed in Section 8 of the FDI Act applicable to non bank holding company parents. In particular, DSC noted that Section 3(u) defines an institution affiliated party to include any controlling stockholder (other than a bank holding company); any shareholder (other than a bank holding company) who participates in the conduct of the affairs of an insured depository institution; or any other person who is required to file a change-in-control notice. In this context, stockholder, shareholder, and person apply to a non-bank holding company parent. DSC also concluded that the enforcement authority granted under Section 8 of the FDI Act, while somewhat different in their specifics from similar powers the FRB exerts over bank holding companies, were no less comprehensive and effective in providing federal regulatory authority over non bank holding company parents. FDIC Legal Division representatives provided a 1999 legal opinion from the SFRO in support of DSC's conclusions.

Section 8(b) of the FDI Act, Cease and desist proceedings, states the following:

If in the opinion of the appropriate Federal banking agency, any insured depository institution…or any institution affiliated party is engaging…in an unsafe or unsound practice in conducting the business of such depository institution, or is violating or has violated...a law, rule, or
regulation…the agency may issue and serve upon the depository institution or such party a notice of charges in respect thereof.

In late September 2004, FDIC's Senior Deputy General Counsel indicated that the position of the FDIC General Counsel, and therefore, the Corporation's position, was evolving regarding its enforcement authority over ILC parents. Specifically, the FDIC's position is that it could impose enforcement actions, such as a cease and desist order, against non bank holding company parents or any other IAP for engaging in an unsafe or unsound practice in conducting the business of the depository institution, for violating any condition imposed in writing in connection with the granting of an application or other request by the depository institution, for violating any written agreement entered into with the FDIC, or for any violation of a law, rule or regulation.

Other Legal Division representatives that we interviewed indicated that the FDIC had not tested its enforcement authority against non-bank holding company parents and, from a practical standpoint, the FDIC would likely only pursue its enforcement authority for situations having a negative effect on the ILC.

In contrast, the FRB has described its enforcement authority to include issuing cease and desist orders against any bank holding company, any IAP, and any non-bank subsidiary of a bank holding company that engages in an unsafe or unsound practice or violates any law. We concluded that FRB's enforcement authority extends more broadly to subsidiaries of holding companies.

We asked if DSC had exercised its enforcement authority against a non-bank holding company parent. A DSC SFRO representative responded that while SFRO had not issued enforcement actions exclusively against ILC parents, ILC parents had been included in orders or other formal enforcement actions against ILCs, such as:

  • FDI Act Section 8(b)—cease and desist orders to limit the payment of fees to the parent holding company or to require written policies on transactions with the parent holding company or bank insiders, and

  • Prompt corrective action (PCA) supervisory directives issued against ILCs that restricted affiliate transactions. The FDIC also required and obtained performance guarantees of PCA capital plans from two parents of ILCs.

DSC also noted that the FDIC's Section 8(b), cease and desist orders, include language making the provisions applicable to all IAPs as defined in Section 3(u) of the FDI Act. As discussed earlier, the FDIC has determined that Section 3(u) defines IAPs to include non bank holding company parents.

Consolidated Supervisory Approach and Supervisory Focus

Consolidated supervision is a supervisory framework that provides a supervisor the tools needed—such as reporting, examination, capital and enforcement authority—to understand, monitor and, when appropriate, restrain the risks associated with an organization's consolidated or group wide activities. Consolidated supervision is a fundamental component of bank supervision in the United States and, increasingly, abroad. This is so because such supervision provides important protection to the insured banks within the overall organization as well as the federal safety net that supports those banks. In addition, consolidated supervision aids in the detection and prevention of financial crises and, thus mitigates the potential for systemic risk in the financial system.

--FRB Chairman's June 2003 response to questions raised by the U.S. Senate

Regardless of the various forms of consolidated supervision, the scope of examination authority granted to the FDIC and FRB differs in examinations of holding companies. The FDIC's authority involves understanding and assessing the impact of the relationship between the bank and its parent. On the other hand, FRB's authority involves assessing the financial and operational risks within the holding company system that may pose a threat to the safety and soundness of any depository institution subsidiary of the holding company. The BHCA also authorizes FRB to impose consolidated capital requirements and enforcement actions at the holding company level.

In comments to the U.S. Senate in June 2003, the FRB Chairman noted that consolidated supervision provides the FRB with both the ability to understand the financial strength and risks of the overall banking organization and the authority to address significant management, operational, capital, and other deficiencies within the overall organization before these deficiencies pose a danger to subsidiary insured banks and the federal safety net.

The FRB Chairman stated: "Risks that cross legal entities and that are managed on a consolidated basis cannot be monitored properly through supervision directed at any one, or even several, of the legal entity subdivisions within the overall organization." The FRB Chairman offered examples such as an ILC or other bank owned by a large firm partially or entirely dependent upon affiliates for critical services such as computer support, treasury operations, accounting, personnel, management, and premises.



APPENDIX IV

RESULTS OF ILC WORKPAPER REVIEW

Section 508 compliancy note: Title tags are placed within the cells of the following table to indicate legend status.
Procedures Performed at Bank Source of Procedure California ILCs Utah ILCs
Fireside Fremont First Security Merrill Lynch AMEX Wright Express Universal Financial Associates Capitol UBS BMW USSA Note G
1. Assessment of the bank's corporate structure SI YES YES YES YES YES YES YES YES YES YES YES
No specific comments regarding assessment Sec 4.3                      
Step 4 of the ED module RO-ED                      
2. Review of intercompany transactions to determine how the bank interacts with affiliates SI YES YES YES YES YES YES YES YES Note E YES YES
Guidance on 23A and B complement this step. Sec 4.3                      
Step 4B of the ED Module RO-ED                      
3. Review of interdependencies of bank and affiliates SI YES YES YES YES YES YES YES YES YES YES YES
No specific comments regarding assessment Sec 4.3                      
Steps 3 and 28 of ED Module RO-ED                      
4. Evaluation of any financial risks that may be inherent in the relationship SI YES YES YES YES YES YES YES YES YES YES YES
All policy statements would complement this Step Sec 4.3                      
Step 19 of the ED Module RO-ED                      
5. Review the current written business plan and evaluate any changes SI
YES

YES

YES
Note C
YES

YES

YES
Note C
YES
Note C
YES

YES
Note C
YES

CND
No specific policy comments Sec 4.3                      
No procedures RO-ED                      
6. Review any arrangements involving shared management SI N/A N/A N/A YES N/A N/A YES N/A Note E N/A CND
a. Ability of financial institution affiliate to make decisions independently of parent – Management Sec 4.3                      
Step 20 of ED module RO-ED                      
Comments under management (page 7) would complement this step                        
7. Review any arrangements involving shared employees SI N/A N/A N/A YES N/A N/A N/A N/A Note E N/A CND
a. The agreement was reviewed independently by the board; * Sec 4.3                      
b. Agreement clearly delineates compensation to ensure equitability;                        
c. Identifies location duties are performed;                        
d. Requires employees to avoid conflict of interest – must act in best interest of bank;                        
e. Sanctions for noncompliance;                        
f. Provides for periodic determination concerning status of dual employees and factors to be considered for terminating dual employees;                        
g. Authority for managing dual employees assigned; and *                        
h. Lines of authority for dual employees are established.                        
Step 8 of the ED Module – * only specific substeps mentioned in the ED Module RO-ED                      
8. Review services provided to an affiliate to determine whether on the same terms and conditions as would be applied to nonaffiliated entities SI YES YES YES YES YES N/A YES YES Note E YES YES
Comments on Section 23B complement this step Sec. 4.3                      
Steps 11 and 19c RO-ED                      
9. Review services purchased from an affiliate to determine whether on the same terms and conditions as would be applied to nonaffiliated entities SI YES YES YES YES YES YES YES YES Note E YES YES
a. Suitability of management fees paid to affiliates (23b) – Earnings Sec. 4.3                      
Steps 11 and 21 RO-ED                      
10. Assess whether all service relationships are governed by a written agreement SI YES YES CND YES YES YES YES YES Note E YES YES
No specific policy comments Sec. 4.3                      
No specific examination procedure RO-ED                      
11. Review whether the bank should have a contingency plan for all critical business functions performed by affiliated companies SI
N/A
Note A
N/A
Note A
N/A
Note A
YES
Note A
N/A

N/A

YES

YES

Note E

YES

CND
No specific policy comments Sec. 4.3                      
No specific examination procedure RO-ED                      
12. Determine whether DSC examiners computed Holding Company Ratios recommended in the FIAS Training:       Note B Note D   Note B     Note E Note F  
a. Fixed Charge Coverage Sec 4.3 /
FIAS
YES YES NO NO YES NO YES YES NO NO CND
b. Cash Flow Match Sec 4.3 /
FIAS
YES N/A NO NO YES NO YES YES NO NO CND
c. Dividends from all Subsidiaries Sec 4.3 /
FIAS
N/A N/A NO NO YES NO YES YES NO NO CND
d. Consolidated Average Assets FIAS N/A YES NO NO YES NO YES YES NO NO CND
e. Consolidated Net Income FIAS YES YES NO NO YES NO YES YES NO NO CND
f. Total Debt/Equity Capital FIAS YES YES NO NO YES NO YES YES NO NO CND
g. Equity Investment in Subs/Equity FIAS YES YES NO NO YES NO YES YES NO NO CND
h. Equity Investment in Subs-Equity Capital/NI FIAS NO YES NO NO YES NO YES YES NO NO CND
i. Fees + Other Income From Subsidiary/Salaries + Other Expense FIAS N/A N/A NO NO YES NO YES YES NO NO CND
j. Dividends Paid/Net Income (Pay-Out Ratio) FIAS YES N/A NO NO YES NO YES YES NO NO CND
13. Regarding effect of Parent on Bank Rating, determine:                   Note E    
a. Ability and commitment of affiliates to contribute additional capital if needed and an Assessment of pressure from parent for Dividends--Capital; Sec 4.3 YES CND CND YES YES YES YES YES NO YES CND
b. Quality of assets generated through programs associated with affiliates–Assets; Sec 4.3 N/A CND CND YES YES YES YES YES NO YES CND
c. Access to funding sources that would not otherwise be available–Liquidity; Sec 4.3 YES CND CND YES YES YES YES YES NO YES CND
d. Funds management strategies that are coordinated with those of affiliated–Sensitivity; Sec 4.3 YES CND CND YES YES YES YES YES NO YES CND
Note: See question 6 & 9 above for "M" and "E" ratings and procedures for parent impact.                        

Legend:

YES = Documentation that procedures were performed at most current DSC ILC examination.
CND = Could Not Determine that procedure was performed.
N/A = Not Applicable. DSC examiners responded that the particular procedure did not apply to the ILC operations.
SI = Supervisory Insights dated June 29, 2004.
Sec. 4.3 = Revised Section 4.3 of the Manual of Examination Policies dated March 12, 2004.
RO-ED = Proposed revision to Related Organization Examination Documentation Module dated June 2004.
FIAS = Financial Institution Analysis School Self Study Course Guide, Chapter 8, Bank Holding Company and Affiliates.

Blue = Procedure cited in the Supervisory Insights (SI).
Green = Procedure cited in the Revised Section 4.3 of the Manual of Examination Policies complementing SI procedure.
Orange = Procedure cited in an ED Module complementing SI procedures.
Red = Procedure cited in SI is missing in DSC policies and DSC examination procedures.

Notes:

Note A: According to DSC, examiners addressed the question regarding contingency plans for critical functions performed by affiliates during the Information Technology review of the examination.

Note C: DSC examiners reviewed the ILC's annual budget, income forecasts, or strategic plans rather than business plans, per se.

Note D: Per DSC, these ratios are intended only for bank holding companies. Examiners did not compute these ratios but performed extensive analysis to determine the financial strength of the ILC's parent company.

Note E: This ILC opened in September 2003. DSC has planned three onsite examinations of this ILC, but only one onsite targeted examination had been conducted at the time of our review of workpapers and ROEs. Because the scope of the first examination largely focused on determining the ILC management's progress in establishing operations, many of the 13 areas had not yet occurred at the time of our review of workpapers.

Note F: DSC examiners did not compute the ratios but did review the financial condition of the ILC's parent.

Note G: As of September 30, 2004, we had not received responses from DSC.



APPENDIX V

EXCERPTS FROM THE RELATED ORGANIZATIONS ED MODULE

DSC monitors ILC parent companies through examinations of the ILCs and reviews of financial and organizational information obtained from the parent company. The Related Organizations ED Module includes a section entitled, EVALUATION OF AFFILIATE OPERATIONS, containing 31 procedures regarding financial information and management structure of the holding company and its subsidiaries. Table 15 shows the eight major steps included from those procedures.

Table 15: ED Module Steps for Evaluation of Affiliate Operations
ED Module Steps for Evaluating Affiliate Operations Include:
  1. Confirm the level of bank ownership by the holding company.
  1. Review the stockholders listing and most recent proxy statements of the holding company.
  1. Review and analyze the holding company's financial information, such as 10-K, 10-Q, UBHCPR and BOPEC rating, internal financial statements, annual reports, and officer's questionnaire. Review should consider items such as origin of long-term and short-term debt, level of holding company borrowing, sources of income, and holding company transactions between subsidiaries.
  1. Review the management structure and programs of the holding company and its subsidiaries and determine the impact on the institution. Review should consider issues such as level of centralized control by the holding company over bank subsidiaries; movement of officers between the bank, holding company, and affiliates; bank management time allocated to holding company activities versus bank business; and management contracts with holding company and bank subsidiaries and all supporting documentation.
  1. Determine that management and other fees paid by the bank have a direct relationship to the value of the goods received and services rendered.
  1. Determine the extent of deposit gathering activities performed by employees of affiliates.
  1. Review any mortgage banking activity and servicing contracts with affiliates.
  1. Analyze the subsidiaries' financial information, operating policies, and any activities and determine if they may be detrimental to the institution's financial position.
Source: Related Organizations ED Module, November 2003

The Related Organizations ED Module, includes the following Core Analysis Decision Factors that are completed by examiners to indicate whether risks are appropriately identified, measured, monitored, and controlled:

  • Are bank policies and procedures adequate for the level of transactions among the holding company, affiliates, and subsidiaries?
  • Are internal controls adequate?
  • Are the audit or independent review functions adequate?
  • Are information and communication systems adequate and accurate?
  • Are affiliates appropriately separated from the bank and able to operate without threatening the bank’s financial condition?
  • Do transactions comply with applicable Federal and state laws and regulations?
  • Are all affiliated organizations adequately capitalized?
  • Do the board and senior management effectively supervise this area?



APPENDIX VI

CORPORATION COMMENTS

Corporation Comments - Page 1
Corporation Comments - Page 2
Corporation Comments - Page 3
Corporation Comments - Page 4
Corporation Comments - Page 5
[D]



APPENDIX VII

MANAGEMENT RESPONSES TO RECOMMENDATIONS

This table presents the management responses on recommendations in our report and the status of the recommendations as of the date of report issuance.

Rec. Number Corrective Action:
Taken or Planned/Status
Expected Completion Date Monetary Benefits Resolved:a Yes or No Dispositioned:b Yes or No Open or Closedc
1 DSC will incorporate a brief discussion of prudential conditions into the instructions for preparing an ROI. These instructions will be distributed by RDM 02-008.
9/30/05
N/A
Yes
No
Open
2 DSC will incorporate the substance of the recommended revision, particularly to Chaper 4.3, Related Organizations, as part of the ongoing revision to the Manual of Examination Policies. The expanded discussion will include both the managerial and financial capabilities of the parent company and guidance for when these capacities are relevant to the supervisory assessment of the bank and when comments should be made part of the Report of Examination. 3/31/05 N/A Yes No Open
3 DSC will submit at the next meeting of the Interagency ED Module Maintenance Committee, recommendations for revising such procedures and adding a Core Analysis Decision Factor to the extent these are required by Chapter 4.3 policy revisions. 3/31/05 N/A Yes No Open
4 DSC will include in the relevant chapters of the Manual of Examination Policies, with cross references in the Related Organizations chapter as necessary, a discussion of any of the best practices identified in the Supervisory Insights article that are not already addressed in the Related Organizations chapter. 3/31/05 N/A Yes No Open
5 DSC will recommend revisions to the Related Organizations ED module to the extent that revised procedures are necessary to support the analysis and examination review suggested by the policy guidance to be revised in Chapter 4.3 of the Manual of Examination Policies. 3/31/05 N/A Yes No Open
6 DSC will include in Chapter 4.3, a discussion of the possible sources for examiners to obtain relevant financial ratios when analyzing non bank holding companies or commercial parents. 3/31/05 N/A Yes No Open
7 DSC will incorporate into Chapter 4.3, a discussion of when the "Relationships with Affiliates and Holding Companies" page should be included in the Report of Examination. 3/31/05 N/A Yes No Open
8 DSC will establish a corresponding 2005 objective to consider the issues involved. 6/30/05 N/A Yes No Open

a Resolved:  (1) Management concurs with the recommendation, and the planned corrective action is consistent with the recommendation.
(2) Management does not concur with the recommendation, but planned alternative action is acceptable to the OIG.
(3) Management agrees to the OIG monetary benefits or a different amount, or no ($0) amount. Monetary benefits are considered resolved as long as management provides an amount.
b Dispositioned: The agreed-upon corrective action must be implemented, determined to be effective, and the actual amounts of monetary benefits achieved through implementation identified. The OIG is responsible for determining whether the documentation provided by management is adequate to disposition the recommendation.
c Once the OIG dispositions the recommendation, it can then be closed.

Last updated 11/01/04