Supervision and Regulation Letters
SR 12-17 / CA 12-14
Consolidated Supervision Framework for Large Financial Institutions
SUPERVISION AND REGULATION
AND COMMUNITY AFFAIRS
|SUBJECT:||Consolidated Supervision Framework for Large Financial Institutions|
Building upon lessons learned from the recent financial crisis, the Federal Reserve has taken a number of important steps to improve its supervisory program for large financial institutions. Keeping these institutions strong and resilient to adverse market developments through effective supervision should contribute to a more robust U.S. financial system and economy.
This letter sets forth a new framework for the consolidated supervision of large financial institutions.1 The framework strengthens traditional microprudential supervision and regulation to enhance the safety and soundness of individual firms. It also incorporates macroprudential considerations to reduce potential threats to the stability of the financial system and to provide insights into financial market trends. The consolidated supervision framework has two primary objectives:
Enhancing resiliency of a firm to lower the probability of its failure or inability to serve as a financial intermediary.
Each firm is expected to ensure that the consolidated organization (or the combined U.S. operations in the case of foreign banking organizations) and its core business lines2 can survive under a broad range of internal or external stresses. This requires financial resilience by maintaining sufficient capital and liquidity, and operational resilience by maintaining effective corporate governance, risk management, and recovery planning.
Reducing the impact on the financial system and the broader economy in the event of a firmís failure or material weakness.
Each firm is expected to ensure the sustainability of its critical operations3 and banking offices4 under a broad range of internal or external stresses. This requires, among other things, effective resolution planning that addresses the complexity and the interconnectivity of the firmís operations.
These objectives are consistent with key provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act). These provisions include enhanced prudential standards, which provide the Federal Reserve with the flexibility to tailor the application of these standards to individual firms or groups of firms.5
The framework set forth in this letter is designed to support a tailored supervisory approach that accounts for the unique risk characteristics of each firm, including the nature and degree of potential systemic risks inherent in a firmís activities and operations, as well as broader trends across firms. This framework applies to the following institutions:
Large Institution Supervision Coordinating Committee (LISCC) firms: the largest, most complex U.S. and foreign financial organizations subject to consolidated supervision by the Federal Reserve. Nonbank financial companies designated by the Financial Stability Oversight Council (FSOC) for supervision by the Federal Reserve are included in the LISCC portfolio. LISCC firms are considered to pose the greatest systemic risk to the U.S. economy.
The LISCC is a multidisciplinary body that oversees supervision and evaluates conditions of supervised firms. The committee also develops cross-firm perspectives and monitors interconnectedness and common practices that could lead to greater systemic risk.
Large Banking Organizations (LBOs): domestic bank and savings and loan holding companies with consolidated assets of $50 billion or more that are not included in the LISCC portfolio.
Large Foreign Banking Organizations (Large FBOs): foreign banking organizations with combined assets of U.S. operations of $50 billion or more that are not included in the LISCC portfolio.
In certain instances, the framework applies to the intermediate holding company that is the primary focus of regulations and supervisory activities for the consolidated entity.
Overview of Framework
The supervisory framework is presented below in sections A and B, which specify the Federal Reserveís expectations across the following core areas of supervisory focus:
Enhancing Resiliency of a Firm
- Capital and Liquidity Planning and Positions
- Corporate Governance
- Recovery Planning
- Management of Core Business Lines
Reducing the Impact of a Firmís Failure
- Management of Critical Operations
- Support for Banking Offices
- Resolution Planning
- Additional Macroprudential Supervisory Approaches to Address Risks to Financial Stability
The Federal Reserve may periodically identify additional supervisory priorities beyond these core areas of focus as necessary to enhance firm-specific supervision and develop cross-firm perspectives.
Section C outlines the conduct of supervisory activities used to maintain a comprehensive understanding and assessment of each firm. Effective consolidated supervision requires strong, cooperative relationships between the Federal Reserve and other bank supervisors and functional regulators. The Federal Reserve generally relies to the fullest extent possible on the information and assessments provided by other supervisors and regulators to support effective supervision. Supervisory agencies engaged in the supervision of large financial institutions continue to enhance formal and informal discussions to jointly identify and address key vulnerabilities, and to coordinate supervisory strategies for these firms.
As a general matter, this framework is applicable in circumstances when the consolidated organization and its banking offices are in at least satisfactory condition and there are no material weaknesses or risks across these core areas of supervisory focus. The Federal Reserve applies additional supervisory expectations, and undertakes related activities, to address identified concerns including areas subject to formal or informal enforcement action.
Enhancing Resiliency of a Firm
Capital and Liquidity Planning and Positions
The financial crisis demonstrated the need for stronger regulatory and supervisory assessments of firmsí financial resiliency.6 The Federal Reserve noted significant weaknesses in the adequacy of firmsí point-in-time regulatory capital to cover accumulated and prospective risks, as well as in firmsí liquidity buffers and risk management practices.7 These weaknesses contributed to the failure or near failure of many financial firms and exacerbated the crisis. To support effective capital and liquidity planning, and the adequacy of capital and liquidity positions, each firm should:
- Maintain strong capital and liquidity positions that not only comply with regulatory requirements, but also support the firmís ongoing ability to meet its obligations to creditors and other counterparties, as well as continue to serve as a financial intermediary through periods of stress.
- Have in place robust internal processes that enable the firm to maintain capital and liquidity commensurate with its unique risks under normal and stressful conditions, and to provide timely restoration of financial buffers in the event of drawdown.
- Maintain processes that enable the identification and measurement of potential risks to asset quality, earnings, cash flows, and other primary determinants of capital and liquidity positions.
- Utilize comprehensive projections of the level and composition of capital and liquidity resources, supported by rigorous and regular stress testing to assess the potential impact of a broad range of expected and potentially adverse scenarios.
- Maintain sound risk measurement and modeling capabilities, supported by comprehensive data collection and analysis, independent validation, and effective governance, policies, and controls.8
- Establish goals for capital and liquidity positions that are approved by the firmís board of directors and reflect the potential impact of legal or regulatory restrictions on the transfer of capital or liquidity between legal entities.
- Maintain independent internal audit and other review functions with appropriate staff expertise, experience, and stature in the organization to monitor the adequacy of capital and liquidity risk measurement and management processes.
In order for a firm to be sustainable under a broad range of economic, operational, legal or other stresses, its board of directors (or equivalent for the U.S. operations of FBOs) should provide effective corporate governance with the support of senior management. The board is expected to establish and maintain the firmís culture, incentives, structure, and processes that promote its compliance with laws, regulations, and supervisory guidance. Each firmís board of directors and committees, with support from senior management, should:
- Maintain a clearly articulated corporate strategy and institutional risk appetite. The board should set direction and oversight for revenue and profit generation, risk management and control functions, and other areas essential to sustaining the consolidated organization.
- Ensure that the firmís senior management has the expertise and level of involvement required to manage the firmís core business lines, critical operations, banking offices, and other material entities.9 These areas should receive sufficient operational support to remain in a safe and sound condition under a broad range of stressed conditions.
- Maintain a corporate culture that emphasizes the importance of compliance with laws and regulations and consumer protection, as well as the avoidance of conflicts of interest and the management of reputational and legal risks.
- Ensure the organizationís internal audit, corporate compliance, and risk management and internal control functions are effective and independent, with demonstrated influence over business-line decision making that is not marginalized by a focus on short-term revenue generation over longer-term sustainability.10
- Assign senior managers with the responsibility for ensuring that investments across business lines and operations align with corporate strategies, and that compensation arrangements and other incentives are consistent with the corporate culture and institutional risk appetite.11
- Ensure that management information systems (MIS) support the responsibilities of the board of directors to oversee the firmís core business lines, critical operations, and other core areas of supervisory focus.
Robust recovery planning is central to ensuring the ongoing resiliency of a firmís consolidated operations as well as its core business lines, critical operations, banking offices, and other material entities. Each firm should plan for potential financial or operational weaknesses and identify actions to correct those weaknesses. Therefore, each firm should:
- Maintain clearly documented quantitative and qualitative criteria that would trigger timely implementation of specific elements of the firmís recovery plan and provide for more rigorous remediation activities if initial actions prove insufficient.
- Ensure that trigger events reflect a sufficiently broad range of market- and firm-specific stresses across financial, operational, reputational, legal, and compliance risks.
- Ensure that recovery planning reflects a holistic view of sustainability and resiliency. Recovery planning should be closely integrated with resolution planning, capital and liquidity planning, and other aspects of financial contingency, crisis management, and business continuity planning.12
- Undertake recovery testing and training exercises that consider a broad range of internal and external risk scenarios and account for interconnectivities across operations and legal entities.
- Ensure that the recovery plan is updated as needed, and reflects lessons learned from reviews of trigger events, testing, and training exercises.
- Ensure that recovery planning is sufficiently integrated into corporate governance structures and processes, subject to independent validation, and effectively supported by related MIS reporting to the board and its committees.
Management of Core Business Lines
Effective management of core business lines is essential to ensuring the resilience of the consolidated organization, as these activities are the primary drivers of the firmís revenue generation, profitability, and franchise value. For this reason, a firmís corporate governance (as discussed in Section A.2) should extend to the management of each core business line. Each core business line should have:
- Business-line senior management with qualifications and experience commensurate with the size and complexity of related activities and operations;
- A strategic planning process that ensures areas of growth and innovation are effectively managed;
- Appropriate compensation and other incentives that are consistent with the institutional risk appetite and in compliance with laws and regulations;
- An independent and strong risk-management framework that supports identification, measurement, assessment, and control of the full spectrum of risks; and
- Timely identification and resolution of audit, compliance, and regulatory issues.
- Capital and Liquidity Planning and Positions
Reducing the Impact of a Firmís Failure
Management of Critical Operations
The failure or discontinuance of any of a firmís critical operations could weaken the U.S. economy or pose a threat to the financial stability of the United States. Each of the supervisory expectations outlined around management of core business lines (Section A.4) applies equally to management of critical operations to ensure their financial and operational resilience. Additionally, each firm should ensure that critical operations are sufficiently resilient to be maintained, continued, and funded even in the event of failure or material financial or operational distress. These expectations should be fully reflected in recovery and resolution planning.
Support for Banking Offices
The Federal Reserveís consolidated supervision program has historically focused on protecting the safety and soundness of U.S. depository institution subsidiaries of bank holding companies and the U.S. branches and agencies of foreign banking organizations (collectively defined as banking offices). This is due to the risks posed by banking officesí access to the federal safety net. Specifically, these offices pose risks to the payment system, the Federal Reserveís discount window, and Ė in the case of most U.S. depository institutions Ė federal deposit insurance funds.
A consolidated organization should serve as a source of financial and managerial strength to its banking offices. The activities of the parent company and affiliated nondepository subsidiaries should not present material risks to affiliated banking offices, the consolidated organization itself, or to the consolidated organizationís ability to support its banking offices.13 Each firm should:
- Provide for the strength and resiliency of its banking offices, ensuring prompt financial and operational support so that each office remains in a safe and sound condition under a broad range of stressed conditions.
- Ensure that the activities of the parent company and nondepository institution subsidiaries do not present undue direct or indirect risks to the safety and soundness of banking offices. This includes the transmission of financial, operational, legal, compliance, or reputational risks that may undermine public confidence in the financial strength of its banking offices.
- Maintain sufficient liquidity, cash flow, and capital strength at the parent company and nondepository institution subsidiaries to service debt obligations and cover fixed charges. The parent company needs to consider whether there are any legal or regulatory restrictions on financial transfers between legal entities within the organization.
- Implement and maintain effective policies, procedures, and systems to ensure compliance with applicable laws and regulations. This includes compliance with respect to covered transactions subject to the Boardís Regulation W, which implements Sections 23A and 23B of the Federal Reserve Act and limits a bankís transactions with its affiliates.14
To promote financial stability, the Dodd-Frank Act requires each bank holding company with consolidated assets of $50 billion or more, as well as nonbank financial companies designated by the FSOC, to develop and maintain plans for rapid and orderly resolution in the event of material financial distress or failure. These plans should be utilized as an element of the firmís strategic planning and address the complexity and interconnectivity of the firmís operations.15
The Federal Reserve and the FDIC jointly review a firmís resolution plan relative to supervisory requirements, including:
- The firmís strategic analysis describing its plans for rapid and orderly resolution under the U.S. Bankruptcy Code (or other relevant insolvency regimes). This strategy must not pose systemic risk and must exclude reliance on extraordinary support from the United States or any other government to prevent failure of the firm.
- The firmís strategy for maintaining and funding material entities, critical operations, and core business lines in the event of material financial distress.
- Analysis of potential impediments to resolution, and actions to make the firm more resolvable or otherwise reduce its complexity and interconnectivity.
- Analysis of whether the failure of a major counterparty would likely result in the material financial distress or failure of the firm.
- The manner and extent to which an insured depository subsidiary is adequately protected from risks arising from the activities of non-depository subsidiaries.
- For a U.S. firm with foreign operations, its strategy for addressing the risks arising from these foreign operations to its U.S. operations, and its ability to maintain core business lines and critical operations in foreign jurisdictions.
- Analysis of whether resolution planning is sufficiently integrated into corporate governance structures and processes, subject to independent validation, and effectively supported by related MIS reporting to the board of directors and its committees.
Additional Macroprudential Supervisory Approaches to Address Risks to Financial Stability
The financial crisis demonstrated that too narrow a focus on the safety and soundness of individual firms can result in a failure to detect and address emerging threats to financial stability that arise across many firms. The Dodd-Frank Act requires the Federal Reserve to consider the broader risks to financial stability posed by individual companies and through the interconnectedness among these companies.
The Federal Reserve aims to reduce systemic risks by increasing the capacity of firms and markets to absorb shocks when problems occur, and by reducing potential costs in the event of financial distress or failure of a systemically important institution. Supervision carried out under this framework will support a variety of macroprudential supervisory approaches beyond those already discussed, including:
- Using insights developed through microprudential supervision and related data collection and analysis to identify, understand, and assess potential systemic risks. Areas of review could include, for example, emerging trends in critical operations, interconnectedness, rapidly expanding markets, cyclical industries, and financial products lacking substitutes or effecting large market segments.
- Identifying potential risks to financial stability indicated by the information in supervisory stress tests and through trends in scenarios employed by firms in their internal stress tests.
- Using comparative and aggregate analysis to monitor industry practices, common investment or funding strategies, changes in degree or form of financial interconnectedness, or other developments with implications for financial stability.
- Coordinating with the Federal Reserveís supervision of systemically important financial market utilities to identify and address risks related to payment, clearing, and settlement activities, as well as to identify potential structural vulnerabilities.
- Working closely with the FSOC and other regulators and supervisors to support the designation and supervision of systemically important nonbank firms, and to enhance the monitoring of systemic risk.
- Enhancing international coordination with foreign counterparts, including national supervisors and international bodies such as the Basel Committee on Bank Supervision, the Financial Stability Board, and the Senior Supervisors Group. These activities focus on enhancing oversight of internationally active financial firms and markets and on minimizing the opportunities for firms to take advantage of weaker or inconsistent regulations.
- Management of Critical Operations
Conduct of Supervisory Activities
The Federal Reserve uses a range of supervisory activities to maintain a comprehensive understanding and assessment of each firm, including:
- Coordinated horizontal reviews involve examination of several institutions simultaneously, encompassing firm-specific supervision and the development of cross-firm perspectives. The Federal Reserve recognizes the priority of these reviews through the dedication of multidisciplinary skills and experienced staff. Examples include analysis of capital adequacy and planning via the Comprehensive Capital Analysis and Review (CCAR), as well as horizontal evaluations of resolution plans and incentive compensation practices.
- Firm-specific examination and continuous monitoring activities16 are undertaken to maintain an understanding and assessment across the core areas of supervisory focus for each firm. These activities include review and assessment of changes in strategy, inherent risks, control processes, and key personnel, and follow-up on previously identified concerns (for example, areas subject to enforcement actions or other supervisory issues17), or emerging vulnerabilities.
- In developing and executing a detailed supervisory plan for each firm, the Federal Reserve generally relies to the fullest extent possible on the information and assessments provided by other relevant supervisors and functional regulators. The Federal Reserve actively participates in interagency information sharing and coordination, consistent with applicable laws, to promote comprehensive and effective supervision and limit unnecessary duplication of information requests. Supervisory agencies continue to enhance formal and informal discussions to jointly identify and address key vulnerabilities, and to coordinate supervisory strategies for large financial institutions.
- In certain instances, supervisors may be able to rely on a firmís internal audit or internal control functions in developing a comprehensive understanding and assessment.
This consolidated supervision framework is being implemented in a multi-stage approach. Additional supervisory and operational guidance will be developed to support implementation of the framework and to assess the progress of firms in meeting these expectations. Reserve Banks are asked to distribute this letter to large financial institutions supervised by the Federal Reserve in their districts, as well as to their own supervisory and examination staff.
Questions regarding the framework should be directed to Richard Naylor, Deputy Associate Director, at (202) 728-5854; or Bill Charwat, Senior Project Manager, at (202) 452-3006. Questions pertaining to consumer compliance should be addressed to Phyllis L. Harwell, Assistant Director, at (202) 452-3658; or Mayank M. Patel, Senior Supervisory Consumer Financial Services Analyst, at (202) 452-2316. In addition, questions may be sent via the Boardís public website.18
Michael S. Gibson
Division of Banking
Supervision and Regulation
Sandra F. Braunstein
Division of Consumer
and Community Affairs
- With the implementation of this new framework, SR letter 99-15, "Risk-Focused Supervision of Large Complex Banking Organizations," is superseded. In addition, for the firms described below under "Applicability," the framework for consolidated supervision set forth in SR letter 08-9/CA letter 08-12, "Consolidated Supervision of Bank Holding Companies and the Combined U.S. Operations of Foreign Banking Organizations," is no longer applicable. Return to text
- "Core business lines" are those business lines (including associated operations, services, functions, and support) that, in the firm's view, upon failure would result in a material loss of revenue, profit, or franchise value. Return to text
- "Critical operations" are those operations (including associated services, functions and support) that if they were to fail or be discontinued could pose a threat to the financial stability of the United States. Return to text
- "Banking offices" are defined as U.S. depository institution subsidiaries, as well as the U.S. branches and agencies of foreign banking organizations. Return to text
- 12 USC 5365 and 12 USC 5365(a)(2). Return to text
- See the Board's final rule on capital plan requirements for large bank holding companies (76 Federal Register 74631, December 1, 2011) and SR letter 10-6, "Interagency Policy Statement on Funding and Liquidity Risk Management" (75 Federal Register 13656, March 22, 2010). Return to text
- The capital components of this framework, including those related to stress testing, will apply to savings and loan holding companies after they become subject to minimum regulatory capital requirements. Return to text
- See SR letter 11-7 "Guidance on Model Risk Management." Return to text
- "Material entities" are subsidiaries or foreign offices of the firm that are significant to the activities of a core business line or critical operation. Return to text
- See SR letter 08-8/CA letter 08-11, "Compliance Risk Management Programs and Oversight at Large Banking Organizations with Complex Compliance Profiles." Return to text
- Refer to "Guidance on Sound Incentive Compensation Policies" (75 Federal Register 36395, June 25, 2010). Return to text
- Business continuity expectations include adherence with expectations set forth in SR letter 03-9, "Interagency Paper on Sound Practices to Strengthen the Resilience of the U.S. Financial System," including the geographic diversity and resiliency of data centers and operations, and testing of recovery and resumption arrangements. Return to text
- Due to structural differences, there are important distinctions in the forms of support provided to U.S. depository institution subsidiaries versus those provided to the U.S. branches and agencies of foreign banks. For example, branches/agencies do not hold capital and have differing business and liquidity profiles, governance mechanisms, and regulatory requirements than depository institutions. Therefore, the Federal Reserve will consider these differences in its implementation of this supervisory framework for the U.S. branches and agencies of FBOs, and expects parent FBOs and their U.S. branches and agencies to do the same. The extent of supervisory activity undertaken to assess the adequacy of parent company support for U.S branches and agencies of FBOs is scaled to the condition, size, and interconnectedness of these offices. Return to text
- See SR letter 03-2, "Adoption of Regulation W Implementing Sections 23A and 23B of the Federal Reserve Act." Return to text
- Refer to 12 CFR 243 (Federal Reserve) and 12 CFR 381 (FDIC) for the "Resolution Plans Required" regulations. See also, 76 Federal Register 67323, November 1, 2011. Return to text
- "Continuous monitoring activities" include meetings with a banking organization's management; analysis of internal MIS reports, market indicators, and other internal and external information; review of internal and external audit findings; and coordination with other relevant supervisors and functional regulators and utilization of their work as appropriate. Return to text
- See SR letter 08-1/CA letter 08-1, "Communication of Examination/Inspection Findings." Return to text
- See http://www.federalreserve.gov/apps/contactus/feedback.aspx. Return to text