1

US Regulatory/Compliance Orientation

WHAT TO EXPECT FROM AN EXAMINATION HOW TO PREPARE

JULY 16, 2007

2

DISCUSSION POINTS

Supervisors

FBO Risk Focused Supervision

SOSA Ranking

ROCA Rating

RFI/C (D) Rating

CAMELS Rating

3

FBO SUPERVISORS

FBOs’ potential US regulators FEDERAL RESERVE BANKS (FED) OFFICE OF THE COMPTROLLER OF THE

CURRENCY (OCC) FEDERAL DEPOSIT INSURANCE

CORPORATION (FDIC) STATE BANKING DEPARTMENTS THE SECURITIES & EXCHANGE

COMMISSION (SEC)

4

FBO SUPERVISORS - continued

Regulator determined by charter: Branches, agencies, and banks can have a

Federal or State charter Federal chartered institution is regulated by

OCC State chartered institution regulated by the

appropriate Sate Banking Department If a branch or bank has federal deposit

insurance, the FDIC also has a regulatory role Broker/dealers and other financial nonbanks

are regulated by the SEC

5

Examination Cycle

Smaller institutions < $250 million Larger institutions > $250 million Ratings matter Joint vs. alternate year

examinations 18 vs. 12 month cycle

6

Examination Procedures

On-site planning Scope development Prepare First Day Letter Staff needs determined On-site examination Report writing and vetting Exit meeting with management

7

FOCUS

Numbers? Profits? Ability to rely upon Internal Audit

Independence Qualifications of personnel Senior management cooperation Audit program standards Annual audit plan Quality Control Scope of Audits

8

Results of Planning

Risk Matrix/Assessment Scope First Day Letter

9

Effective Planning

On-going supervisory concerns Prior examination report & transmittal

letter Management’s response to the report Supervisory actions? Specialty exams? Pending applications? Regulatory Reports Public information

10

Preparation of First Day Letter

Prepare in advance of examiners arrival

Liaison Officer’s duties Central point for information requests Examiner room Supplies Secure facilities Arrange meetings

11

FBO SUPERVISION PROGRAM

Systematic, coordinated approach to the supervising of US operations of Foreign Banking Organizations includes:

SOSA = Strength of Support Assessment of the FBO

ROCA = Rating system for branches and agencies: Risk Management, Operational Controls, Compliance & Asset Quality

Combined Rating = Based on ROCA rating Continuous Monitoring = Regulatory reporting and

periodic visitsSR Letter 00-14

12

STRENGTH-OF-SUPPORT ASSESSMENT (SOSA)

Analysis starts with an Institutional Profile based on rating agency reports, annual and interim reports, interviews & meetings, and public information.

Assesses FBO’s ability to support US operations

Places US operations in a larger context Aids risk focused exam process by

highlighting FBOs warranting higher levels of supervisory attention

Disclosed to Institution and Home Supervisor

13

SOSA RANKINGS

“1” = low risk that FBO will be unable to support its US Operations

“2” = more than normal review warranted

“3” = significant weaknesses apparent

14

SOSA RANKINGS - Continued

Characteristics of “1” Investment Grade Meet or exceeds international capital standards Ample access to US Dollar funding No concerns with home country support & supervision or transfer riskCharacteristics of “2” Non-investment grade Does not meet international capital standards Mitigating factors – home country support and supervision – transfer

risk concernsCharacteristics of “3” Seriously deficient financial profile (government/outside support

maybe required) Lack of supervisory oversight and support Significant transfer risk FBO may be unable to honor US Obligations

15

ROCA RATING SYSTEM

R isk Management O perational Controls C ompliance A sset Quality

We also assign a Composite Rating Used for Branches and Agencies Scale 1-5

16

“R”- RISK MANAGEMENT

Process of identifying, measuring, controlling, monitoring, and reporting various risks Credit Market Liquidity Operational Reputational Legal

17

“O”- OPERATIONAL CONTROLS

Evaluates the effectiveness of all operational controls –

Internal/External Audit Information Technology/Security Funds Transfer Accounting

18

“O”- OPERATIONAL CONTROLS CON’D

Internal audit frequency & scope – how often, what areas? adequacy of program – does it cover all areas? head office approval – oversight? independence of reporting line? risk sensitive – focus on areas of greater risk? staffing size and appropriate expertise? audit reporting process

timely reports, findings, opinion of controls tracking responses/resolutions and

escalation process

19

o External audit reports will be reviewed Financial audit required annually of

insured branches over $500 million Other “agreed upon procedures.”

o Information Technology/Securityo Appropriate access to systemo Proper controls to ensure customer

privacy, and the integrity of the datao Availability of the systems

“O”- OPERATIONAL CONTROLS CON’D

20

“O”- OPERATIONAL CONTROLS CON’D

o Funds transfer proper authorization segregation of duties

o Accounting, financial & general ledger safeguards over assets and records chart of accounts segregation of duties suspense, receivable, dormant, other

accounts, reconciliations

21

“C”- COMPLIANCE

Extent of compliance with and understanding of U.S. laws & regulations Policies and procedures Staff training Regulatory Reporting Management responsiveness &

openness Involvement of internal audit Independent compliance officer

22

“C”- COMPLIANCE CONT’D

Laws and Regulation USA Patriot Act AML/BSA OFAC - U.S. Treasury rules, dealings

with selected foreigners. Reg K - FBOs in the US; legal lending

limit Reg D - IBF requirements; reserve

requirements Asset Pledge/Maintenance

23

“A” - ASSET QUALITY

Numerically driven, unlike “R” Reflects level, trend and severity of

problem credits Policies, Procedures, Credit Files, Watch

Lists, and Credit Administration Ratings of Special Mention, Sub-Standard,

Doubtful, Loss changing with introduction of Basel II – awaiting final guidance

24

“A”- ASSET QUALITY CONT’D

Allowance for loan losses Branches not required to maintain

general reserves Must have in place robust

system of identifying losses and either charging them off or setting aside specific reserves for regulatory reporting purposes

25

RATING’S DEFINITIONS

1 -- Strong in every respect; requires only normal supervisory attention.

2 -- Satisfactory condition; may have modest weaknesses correctable in normal course of business; normal supervisory attention

26

COMPOSITE RATING CONT’D

3 -- Fair; exhibit combination of weaknesses that cause supervisory concern; requires more than normal supervision.

27

COMPOSITE RATING CONT’D

4 -- Marginal; serious weaknesses reflected in the components; unsafe & unsound banking practices or operations exist; requires close supervisory monitoring, definitive action by management

5-- Unsatisfactory; high level of severe weaknesses or unsafe, unsound conditions; need urgent restructuring by management

28

RFI/C (D) RATING SYSTEM

R isk Management F inancial Condition I mpact C omposite D epository Institution Used for Bank Holding Companies Scale 1-5 See SR Letter 04-18

29

“R” RISK MANAGEMENT RATING

Four subcomponent ratings of “R”I. Board and Senior Management

OversightII. Policies, Procedures, and LimitsIII. Risk Monitoring and Management

Information SystemsIV. Internal Controls

30

FINANCIAL CONDITION RATING

Evaluate the consolidated organization’s financial strength, inclusive of the Parent Company and non-depository institutions

Focus on ability of the BHC’s resource to support the risks associated with its activities

Evaluate and assign ratings to the four subcomponents of the “F” rating (Capital, Earnings, Asset Quality, Liquidity)

31

IMPACT RATING

Assess impact of non-depository entities and parent on the depository institutions

Evaluate both risk management/ controls and financial condition of the non-depository entities Do the non-depository entities provide services

to depository institution, are they critical services?

Consider current and potential issues in overall assessment Potential issues include: growth plans, new

products/services to both 3rd parties, and related depository institution(s)

32

COMPOSITE RATING

Represents the overall assessment Encompasses both a forward-

looking and static assessment of the consolidated BHC

Reflects examiner judgment with regard to the relative importance of each RFI component (not an average)

33

DEPOSITORY INSTITUTIONS RATING

“D” rating stands outside of the composite rating

Accept the primary/functional regulator’s CAMELS rating

Multi-bank holding company where there are different ratings? Weighted average of composite ratings

scheme, but ambiguous

34

“CAMELS” RATING SYSTEM

C apital Adequacy A sset Quality M anagement E arnings L iquidity S ensitivity to Market Risks

We also assign a Composite Rating Used for Financial Institutions Scale 1-5

35

OTHER ITEMS

Confidentiality of information Examination ratings are not

negotiated, rather vetted in our offices for uniformity

Examiners do expect management to resolve problems and issues – ideally prior to the examination

Ask rather than guess

36

RESOURCES

FOR Manuals:www.federalreserve.gov/boarddocs/supmanual/

FOR SR Letters:www.federalreserve.gov/boarddocs/srletters

37

Questions

38

Margaret (Meg) L. BonnerSenior Examiner/Relationship SpecialistFederal Reserve Bank of NYmargaret.bonner@ny.frb.org

212 (or 646) 720 -2615

Warren HochbaumAssistant Deputy Superintendent of BanksNew York State Banking Departmentwarren.hochbaum@banking.state.ny.us

212 709-1599