Exception Tracking Spreadsheet (TicklerTrax™)
Downloaded by more than 1,000 bankers. Free Excel spreadsheet to help you track missing and expiring documents for credit and loans, deposits, trusts, and more. Visualize your exception data in interactive charts and graphs. Provided by bank technology vendor, AccuSystems. Download TicklerTrax for free.
FDIC to propose corporate governance and risk management guidelines for banks over $10 billion
In FIL-55-2023, issued yesterday, the FDIC announced that its board, by a notational vote, has approved a notice of proposed rulemaking that would add an Appendix C to the FDIC’s regulation for safety and soundness standards, at 12 C.F.R. § 364. Appendix C is intended to promote strong corporate governance and risk management at FDIC-supervised institutions that have total consolidated assets of $10 billion or more (covered institutions) by proposing corporate governance and risk management guidelines (Guidelines). The NPR also proposes conforming amendments to parts 308 and 364 to implement the proposed Guidelines.
The proposed guidelines:
- Describe the general obligations of the board of directors (“board”) to ensure good corporate governance by:
- being active and involved, protecting the interests of the covered institution, setting goals, approving a strategic plan and policies, and selecting and supervising senior management;
- adopting a code of ethics requiring high ethical standards in the covered institutions’ operations; and
- creating a committee structure, including a Risk Committee, designed to permit the board to actively oversee the affairs of the covered institution.
- Describe the general obligations of individual directors.
- State that the board should establish an effective risk management program that identifies, measures, monitors, and controls risk appropriate for the size, complexity, and risk profile of the covered institution and in compliance with applicable laws and regulatory requirements.
- Include as the risk management program a three-line-of-defense model of risk management for monitoring and reporting risks, including front line business units (responsible for limiting their risk-taking activities to those approved by management), an independent risk management function, and the covered institution’s internal audit unit.
- State that the covered institution should effectively communicate its risk appetite and policies to encourage compliance by all employees and identify and report breaches of risk limits, even if the covered institution does not realize a loss from the breach.
The FDIC is seeking comments on the proposal from all interested parties. Comments will be accepted for 60 days after publication in the Federal Register.
Publication and comment period update:
- Published at 88 FR 70391 on 10/11/2023, with a comment period ending 12/11/2023.
- On 11/29/2023, the FDIC announced it will extend the comment period to end on 2/9/2024.
print
share