Prudential Management and Operations Standards, 33950-33964 [2012-13997]

Download as PDF 33950 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations pmangrum on DSK3VPTVN1PROD with RULES the expiration of the conformance period.9 In particular, commenters sought confirmation that the Conformance Rule would allow a banking entity the full period permitted by statute to conform all of its investments and activities to section 13 and the final implementing rules. In addition, commenters sought confirmation that activities conducted and investments made during the conformance period would not be subjected to the requirements of the implementing rules during the conformance period. Section 13 of the BHC Act generally provides that, unless the period for conformance is extended by the Board, a banking entity must conform its activities and investments to the prohibitions and requirements of that section and any final implementing rules no later than 2 years after the statutory effective date of section 13.10 The effective date of section 13 is July 21, 2012.11 As noted in the issuing release for the Conformance Rule and the legislative history of section 13, the conformance period for banking entities is intended to give markets and firms an opportunity to adjust to the prohibitions and requirements of that section and any implementing rules adopted by the agencies.12 Consistent with this purpose and the statute, the Conformance Rule provides each banking entity with a 9 See, e.g., comment letters to the agencies from the Securities Industry and Financial Markets Association et al., ‘‘Comment Letter on the Notice of Proposed Rulemaking Implementing the Volcker Rule—Proprietary Trading’’ (Feb. 13, 2011); The Bank of New York Mellon Corporation et al. (Feb. 13, 2012); and Credit Suisse, ‘‘Covered Funds Issues in the Volcker Rule Proposal’’ (Feb. 13, 2012). 10 See 12 U.S.C. 1851(c)(2); see also proposed 12 CFR 248.31(a), 76 FR 68969. Pursuant to section 13(c)(2) of the BHC Act, the Board may, by rule or order, extend the two-year conformance period provided in the Conformance Rule for not more than one year at a time, with a maximum of three one-year extensions, if the Board determines that such an extension is consistent with the purposes of this section and would not be detrimental to the public interest. See 12 U.S.C. 1851(c)(2), proposed 12 CFR 248.31(a)(3), 76 FR at 68969. The Board may further extend the period of time within which a banking entity may acquire or retain an ownership interest in, or otherwise provide additional capital to, an illiquid fund, provided that certain criteria are satisfied. See 12 U.S.C. 1851(c)(3), proposed 12 CFR 248.31(b), 76 FR at 68969. 11 Section 13(c)(1) of the BHC Act provides that section 13 shall take effect on the earlier of (i) 12 months after the date of issuance of final rules implementing that section, or (ii) 2 years after the date of enactment of section 13, which is July 21, 2012. See 12 U.S.C. 1851(c)(1). Because the agencies did not issue final rules implementing section 13 of the BHC Act by July 21, 2011, section 13 of the BHC Act specifies that the effective date for its provisions will be July 21, 2012. Id. 12 See 76 FR at 8265 (citing 156 Cong. Reg. S5898 (daily ed. July 15, 2010) (statement of Sen. Merkley)). VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 period of 2 years after the effective date of section 13 (i.e., until July 21, 2014) in which to fully conform its activities and investments to the prohibitions and requirements of section 13 and the final implementing rules, unless that period is extended by the Board (the ‘‘conformance period’’). The Conformance Rule also provides a nonbank financial company supervised by the Board with 2 years after the date the company becomes a nonbank financial company supervised by the Board to comply with any applicable requirements of section 13 of the BHC Act, including any applicable capital requirements or quantitative limitations adopted thereunder, unless that period is extended by the Board.13 Under the Conformance Rule, all proprietary trading activity conducted by each banking entity must conform to the prohibitions and requirements of section 13 of the BHC Act and any final implementing rules by no later than the end of the conformance period. Similarly, all activities, investments and transactions with or involving a covered fund, including a covered fund organized and offered or sponsored by the banking entity, must conform to section 13 of the BHC Act and final implementing rules by no later than the end of the relevant conformance period. During the conformance period, every banking entity that engages in an activity or holds an investment covered by section 13 is expected to engage in good-faith efforts, appropriate for its activities and investments, which will result in the conformance of all of its activities and investments to the requirements of section 13 of the BHC Act by no later than the end of the conformance period. This includes evaluating the extent to which the banking entity is engaged in activities and investments that are covered by section 13 of the BHC Act, as well as developing and implementing a conformance plan that is as specific as possible about how the banking entity will fully conform all of its covered activities and investments with section 13 of the BHC Act and any final implementing rules by July 21, 2014, unless that period is extended by the Board. These good-faith efforts should take account of the statutory provisions in section 13 of the BHC Act as they will 13 See proposed 12 CFR 248.32, 76 FR 68970. As noted in the October 2011 proposed rule to implement section 13 of the BHC Act, the Board has not proposed at this time to require any additional capital requirements, quantitative limits, or other restrictions on nonbank financial companies pursuant to section 13, in light of the fact that the Council has not yet finalized the criteria for designation of, nor yet designated, any nonbank financial company. See 76 FR at 68847. PO 00000 Frm 00002 Fmt 4700 Sfmt 4700 apply to the activities and investments of the banking entity at the end of the conformance period as well as any applicable implementing rules adopted in final by the primary financial regulatory agency for the banking entity. Good-faith conformance efforts may also include complying with reporting or recordkeeping requirements if such elements are included in the final rules implementing section 13 of the BHC Act and the agencies determine such actions are required during the conformance period. Nothing in this guidance restricts in any way the authority of any agency to use its supervisory or other authority to limit any activity the agency determines to be unsafe or unsound or otherwise in violation of law. By order of the Board of Governors of the Federal Reserve System, June 5, 2012. Jennifer J. Johnson, Secretary of the Board. [FR Doc. 2012–13937 Filed 6–7–12; 8:45 am] BILLING CODE 6210–01–P FEDERAL HOUSING FINANCE AGENCY 12 CFR Part 1236 RIN 2590–AA13 Prudential Management and Operations Standards Federal Housing Finance Agency. ACTION: Final rule. AGENCY: Section 1108 of the Housing and Economic Recovery Act of 2008 (HERA) amended the Federal Housing Enterprises Financial Safety and Soundness Act of 1992 (Safety and Soundness Act) to require the Federal Housing Finance Agency (FHFA) to establish prudential standards (Standards) relating to the management and operations of the Federal National Mortgage Association (Fannie Mae), Federal Home Loan Mortgage Corporation (Freddie Mac), and Federal Home Loan Banks (Banks) (collectively, regulated entities). This final rule implements those HERA amendments by providing for the establishment of the Standards in the form of guidelines, which initially are set out in an appendix to the rule. The final rule includes other provisions relating to the possible consequences for a regulated entity that fails to operate in accordance with the Standards. DATES: This final rule is effective on August 7, 2012. For additional SUMMARY: E:\FR\FM\08JNR1.SGM 08JNR1 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations information, see SUPPLEMENTARY INFORMATION. FOR FURTHER INFORMATION CONTACT: Anthony Cornyn, Senior Associate Director, Office of Offsite Monitoring and Analysis, Anthony.Cornyn@fhfa.gov, (202) 649– 3303; Karen Walter, Senior Associate Director, Office of Examination Policy and Programs, Karen.Walter@fhfa.gov, (202) 649–3405; Neil R. Crowley, Deputy General Counsel, Office of the General Counsel, Neil.Crowley@fhfa.gov, (202) 649–3055; or Michou Nguyen, Assistant General Counsel, Office of the General Counsel, Michou.Nguyen@fhfa.gov, (202) 649– 3081; Federal Housing Finance Agency, 400 7th Street SW., Washington, DC 20024, (not toll free numbers). The telephone number for the Telecommunications Device for the Deaf is (800) 877–8339. SUPPLEMENTARY INFORMATION: pmangrum on DSK3VPTVN1PROD with RULES I. Background A. HERA Requirements Effective July 30, 2008, HERA, Public Law 110–289, 122 Stat. 2654 (2008), created FHFA as an independent agency of the Federal Government and transferred to it the supervisory and oversight responsibilities over the regulated entities formerly vested with the Office of Federal Housing Enterprise Oversight (OFHEO) and the Federal Housing Finance Board (Finance Board). Section 1108 of HERA also added a new section 1313B to the Safety and Soundness Act, which requires the FHFA Director to establish standards that address 10 separate areas relating to the management and operation of the regulated entities, and authorizes the Director to establish the standards by regulation or by guideline. 12 U.S.C. 4513b. Those 10 areas relate to: Adequacy of internal controls and information systems; adequacy and independence of the internal audit systems; management of interest rate risk; management of market risk; adequacy of liquidity and reserves; management of growth in assets and in the investment portfolio; management of investments and acquisition of assets to ensure that they are consistent with the purposes of the Safety and Soundness Act and the regulated entities’ authorizing statutes; 1 adequacy of overall risk management processes; 1 The authorizing statute for Fannie Mae is the Federal National Mortgage Association Charter Act (12 U.S.C. 1716–1723i), for Freddie Mac, the Federal Home Loan Mortgage Corporation Act (12 U.S.C. 1451–1459), and for the Banks, the Federal Home Loan Bank Act (12 U.S.C. 1421–1449) (Bank Act). 12 U.S.C. 4502(3). VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 adequacy of credit and counterparty risk management practices; and maintenance of records that allow an accurate assessment of the institution’s financial condition. 12 U.S.C. 4513b(a)(1)–(10). Section 1313B(a) also specifically authorizes the Director to establish other appropriate management and operations standards. 12 U.S.C. 4513b(a)(11). Section 1313B(b)(1) addresses the possible consequences for a regulated entity that fails to meet any of the Standards, and provides that the Director ‘‘shall require’’ the regulated entity to submit a corrective plan if the Standards have been adopted by regulation and ‘‘may require’’ the regulated entity to submit a corrective plan if the Standards have been adopted as guidelines. 12 U.S.C. 4513b(b)(1)(A). If a regulated entity is required to submit a corrective plan to FHFA, it must do so within thirty (30) days after the Director determines that it has failed to meet any Standard. That plan must specify the actions that the regulated entity will take to conform its practices to the requirements of the Standards. 12 U.S.C. 4513b(b)(1). FHFA generally must act on such plans within thirty (30) days after receipt. 12 U.S.C. 4513b(b)(1)(C)(ii). Section 1313B(b)(2) also addresses the possible consequences for a regulated entity that fails to submit an acceptable plan within the required time period or that fails in any material respect to implement a corrective plan that the Director has approved. In those cases, the Director must order the regulated entity to correct the deficiency. 12 U.S.C. 4513b(b)(2)(A). The Director also has the discretionary authority to order further sanctions, including limits on asset growth, increases in capital, or any other action the Director believes will better carry out the purposes of the statute, until the regulated entity meets the Standard. 12 U.S.C. 4513b(b)(2)(B). Although the imposition of those additional sanctions generally is a matter of discretion for the Director, if a regulated entity that has failed to submit or implement a corrective plan also has experienced ‘‘extraordinary growth’’ within the preceding 18 months, the Director is then required to impose at least one of those additional sanctions. The remedial powers that the Director may invoke under the prudential standards provisions are not exclusive, and section 1313B(c) expressly preserves the Director’s right to exercise any other supervisory or enforcement authority available under the Safety and Soundness Act. 12 U.S.C. 4513b(c). PO 00000 Frm 00003 Fmt 4700 Sfmt 4700 33951 B. The Proposed Rule On June 20, 2011, FHFA proposed a rule to establish the Standards as guidelines, which were set out in an appendix to the proposed rule.2 The proposal included other provisions relating to procedures for FHFA to notify a regulated entity of its failure to meet the Standards and the possible consequences for doing so. The proposed rule did not subject the Banks’ Office of Finance (OF) to the prudential standards regime because several of the Standards address matters that are not relevant to the OF, such as those relating to interest rate, market and credit risks, and investment portfolio growth, and because the relevant HERA provisions did not require the inclusion of the OF. The same is true with respect to the statutory sanctions for noncompliance with the Standards, which include limits on asset growth and mandatory increases in capital. C. Considerations of Differences Between the Banks and the Enterprises Section 1313(f) of the Safety and Soundness Act, as amended by HERA, requires the Director, when promulgating regulations relating to the Banks, to consider differences between the Banks and the Enterprises (Fannie Mae and Freddie Mac) with respect to the Banks’ cooperative ownership structure; mission of providing liquidity to members; affordable housing and community development mission; capital structure; and joint and several liability. In preparing this final rule, the Director considered the differences between the Banks and the Enterprises as they relate to the above factors, and determined that the rule is appropriate. In developing the proposed rule, FHFA differentiated between the Banks and the Enterprises in defining ‘‘extraordinary growth’’ by excluding Bank advances from the calculation of extraordinary growth. The proposed standards also included provisions relating to market value of equity and par value of capital stock, which applied only to the Banks. Those provisions recognized the Banks’ mission of providing liquidity to members through advances, as well as their unique capital structure. As discussed below in Section II.B.2. of this final rule, FHFA has further refined the definition of extraordinary growth in response to the Banks’ comments by using a longer-term six calendar quarter period as the basis for measuring such growth. The revised definition should make it less likely that the short-term 2 76 E:\FR\FM\08JNR1.SGM FR 35791 (June 20, 2011). 08JNR1 pmangrum on DSK3VPTVN1PROD with RULES 33952 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations fluctuations in non-advance assets that occur between the time that a member repays an advance and the time that a Bank redeems or repurchases the underlying capital stock will be deemed to constitute extraordinary growth. FHFA considered the Banks’ request for different treatment in other areas as well. The Banks, in their joint comment letter (Joint Bank Letter), cited the importance of advances to the Banks’ mission and the history of no creditdefault on advances in support of their request to be exempted from § 1236.5(a)(1) of the proposed rule, which allows FHFA, among other things, to prohibit a regulated entity from increasing its average total assets if it fails to submit a corrective plan or fails to comply with an approved corrective plan. The Banks raised that same argument with respect to certain requirements under Standard 9 relating to credit concentration.3 With respect to § 1236.5(a)(1) of the proposed rule, that provision included a cross-reference to a statutory definition of ‘‘total assets,’’ located at 12 U.S.C. 4516(b)(4), because the Safety and Soundness Act explicitly mandates that FHFA use that definition in determining a regulated entity’s ‘‘total assets’’ for purposes of imposing any growth limitations under the remedial provisions of § 1236.5(a). The Banks contended that the statutory definition of total assets in 12 U.S.C. 4516(b)(4) should not apply to them because that provision on its face applies only to the Enterprises. Although that is technically true, the HERA provision mandating the establishment of the prudential standards, 12 U.S.C. 4513b(b)(2)(B)(i), explicitly incorporates that definition into the prudential standards regime, which effectively extends that definition to the Banks for purposes of this final rule. Moreover, that definition, which includes only a regulated entity’s onbalance sheet assets, any mortgagebacked securities that it has issued or guaranteed, and any off-balance sheet obligations permitted by FHFA, can readily be applied to the Banks. Accordingly, FHFA has determined not to treat the Banks any differently from the Enterprises for purposes of the definition of ‘‘total assets,’’ as used in § 1236.5(a)(1). With respect to the comments about credit concentration, FHFA has determined that § 1236.5(a)(1) could serve as an effective and necessary remedy in appropriate circumstances without jeopardizing the Banks’ mission. Furthermore, the absence of any history of defaults on advances does not guarantee that future 3 See Joint Bank Letter at 7 and 10–11. VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 defaults would not occur. Therefore, FHFA did not adopt these suggestions in the final rule. II. Final Rule A. Overview In this final rule, FHFA establishes the Standards, which are attached in an Appendix, as guidelines, as is authorized by 12 U.S.C. 4513b(a). By adopting the Standards as guidelines, rather than as regulations, the Director may modify, revoke, or add to any one or more of them at any time by order and without undertaking a notice and comment rulemaking. The final rule also establishes certain procedures related to the Standards, and sets out the processes by which FHFA can notify a regulated entity of its failure to operate in accordance with the Standards and can direct the entity to take corrective action. The final rule also specifies the possible consequences for any regulated entity that fails to operate in accordance with the Standards or otherwise fails to comply with this part. In adopting the final rule, FHFA considered the four comment letters received in response to the proposed rule. The twelve Banks jointly submitted one comment letter, and individual letters were received from Fannie Mae (Fannie Letter), Freddie Mac (Freddie Letter), and the Mortgage Insurance Companies of America (MICA Letter). FHFA adopted some of the commenters’ recommendations, in some instances making changes to the language of several rule provisions and Standards, and in other instances providing clarification in the SUPPLEMENTARY INFORMATION. In response to certain comments regarding the inclusion within many of the proposed Standards of references to the responsibilities of the boards and management, FHFA has made two principal revisions to the Standards. First, FHFA has created an introductory section to the Standards, entitled ‘‘General Responsibilities of the Board of Directors and Senior Management.’’ Second, FHFA has revised the Standards to remove many of the references to specific obligations of the board and management from the individual standards. The introductory section does not constitute a separate Standard, and thus does not impose any additional requirement on the regulated entities. Instead, this section is intended to recite, in the context of the regulated entities and the Standards generally, common concepts of corporate governance that would be typical for the board and management of any financial PO 00000 Frm 00004 Fmt 4700 Sfmt 4700 institution. The introductory section also contains a reminder that the specified responsibilities found in the Standards are not a comprehensive listing of the responsibilities of either the boards of directors or senior management, each of whom have additional duties and responsibilities to those described in the Standards. The streamlining of certain principles under the other Standards is designed to simplify them and eliminate repetition. The final rule also makes several clarifying non-substantive changes to the wording of certain principles of the Standards and to the text of §§ 1236.1, 1236.3(b), 1236.4(b), and 1236.5(b) and (c). With those exceptions, the overall approach to establishing the Standards used in the proposed rule remains the same in the final rule. The following discussion of the comments is divided into two sections. The first section discusses three comments that are general in nature. These comments relate to the definition of extraordinary growth, corporate governance and the role of boards of directors of regulated entities, and potential conflicts between the Standards and existing FHFA regulations, including those of the Finance Board and OFHEO that remain in effect. The second category consists of comments that relate to specific provisions of the proposed rule or Standards. For ease of reference, in discussing the comments on the specific principles that make up each Standard, FHFA refers to each principle using the number given to the principle in the proposed rule. Other than the modifications discussed in this section, FHFA is adopting the rule and Standards as proposed. B. General Comments 1. Responsibility of Boards of Directors of Regulated Entities The Banks and the Enterprises both believe that the language of several Standards can be read as placing on boards of directors of regulated entities responsibilities that are above and beyond the fiduciary duties typically imposed by existing corporate law. They also believe that the proposed rule may be interpreted in a manner that distorts the conventional distinction between the respective roles of boards of directors and senior management.4 In response to these comments, FHFA has modified the Standards in a manner that clarifies the duties of the boards of directors but still preserves the intent of the Standards. As previously noted, 4 See Joint Bank Letter at 2, Fannie Letter at 1– 2, and Freddie Letter at 1–2. E:\FR\FM\08JNR1.SGM 08JNR1 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations FHFA has also streamlined and combined many of the principles relating to responsibilities of boards of directors and imported certain universally applicable concepts from the individual Standards into the new introductory section of the Standards. FHFA notes that boards of directors of regulated entities are ultimately responsible for overseeing the operations of a regulated entity and are expected to understand and remain informed about the nature of the risks faced by a regulated entity, and to have in place appropriate policies and controls to manage those risks. FHFA did not intend to suggest in the proposed rule that the boards of directors must effectively assume the duties of senior management, such as by becoming involved in the day-to-day operations of the entity, in order to carry out their oversight responsibilities. 2. Definition of Extraordinary Growth pmangrum on DSK3VPTVN1PROD with RULES a. Threshold for Extraordinary Growth The proposed rule included separate definitions of ‘‘extraordinary growth’’ for the Banks and for the Enterprises.5 For the Enterprises, ‘‘extraordinary growth’’ was defined to mean, for a given calendar quarter, quarterly nonannualized growth of assets in excess of 7.5 percent, with such growth occurring within the 18-month period preceding the date on which FHFA notified the Enterprise that it must submit a corrective plan to address a failure to operate in accordance with the Standards. For the Banks, the definition was the same except that it was based on the growth of ‘‘non-advance assets’’ rather than total assets. The Banks suggested expanding the definition of ‘‘extraordinary growth’’ in § 1236.2 of the proposed rule to include a 20 percent annualized combined six calendar quarter growth threshold in addition to the quarterly 7.5 percent threshold proposed by FHFA.6 The Banks argued that, due to the mechanics and time lags in the repayment of advances and redemption of capital stock, short-term quarterly fluctuations in non-advance assets are common and can distort the results of the 7.5 percent test. In support of their contention, the Banks stated that as of 5 The concept of ‘‘extraordinary growth’’ becomes relevant only if a regulated entity has either failed to submit an acceptable corrective plan or has failed to implement an approved plan. The presence of ‘‘extraordinary growth’’ by itself does not trigger any of the supervisory sanctions under the prudential standards statute or this rule, although FHFA may invoke its other supervisory authorities if necessary to address asset growth that it believes poses safety and soundness concerns. 6 See Joint Bank Letter at 3–5. VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 the date of their letter, 9 of the 12 Banks would have been considered to be experiencing extraordinary growth, as defined by the proposed rule. The Banks believed that implementing an additional threshold of 20 percent annualized growth over the entire six calendar quarter look-back period would resolve their issue.7 After careful consideration of the Banks’ comment and conducting its own analysis, FHFA is persuaded that the proposed definition of extraordinary growth for the Banks could have resulted in Banks being deemed to have experienced extraordinary growth based on shortterm fluctuations in their non-advance assets that should not necessarily be deemed to have been extraordinary, given the cooperative business model of the Banks. Accordingly, in the final rule FHFA is eliminating the 7.5 percent threshold for the Banks and replacing it with a threshold of 30 percent nonannualized growth in non-advance assets over the entire six calendar quarter look-back period.8 b. Calculation of Extraordinary Growth The look-back trigger date for the determination of extraordinary growth is the date on which FHFA notifies a regulated entity that it has failed to operate in accordance with the Standards and must submit a corrective plan. In order to accommodate situations where the trigger date occurs in the middle of a calendar quarter, FHFA is interpreting the look-back period to be the six full calendar quarters 9 immediately prior to the trigger date. For example, if FHFA notifies an Enterprise on September 15, 2012 that it must submit a corrective plan, the relevant six calendar quarters over which the extraordinary growth calculation would be made would be the first two quarters of 2012 and all four quarters in 2011. If the Enterprise had asset growth of more than 7.5 percent in any of those quarters, it would be deemed to have experienced extraordinary growth. For a Bank, utilizing the same dates, if its nonadvance assets grew more than 30 percent from January 1, 2011 (the beginning of the first quarter of 2011) to June 30, 2012 (the end of the second 7 See Join Bank Letter at 3–5. efficiency and clarity, FHFA is adopting a 30% non-annualized growth threshold instead of the Banks’ suggested threshold of 20% annualized growth, which would equal 31.45% growth over the six quarter time period. 9 Calendar quarters means January 1st to March 31st, April 1st to June 30th, July 1st to September 30th, and October 1st to December 31st. 8 For PO 00000 Frm 00005 Fmt 4700 Sfmt 4700 33953 quarter of 2012), it would be deemed to have experienced extraordinary growth. c. Other Comments on Extraordinary Growth FHFA received the following additional comments with respect to the definition of extraordinary growth. The Banks’ letter asked that FHFA apply the extraordinary growth test prospectively, such that only asset growth occurring after the effective date of the final rule would be considered.10 The Freddie Letter asked that FHFA follow the approach of the federal banking agencies, in which the definition would only apply to regulated entities that are not in the highest capital classification. The Freddie Letter also asked that, for the Enterprises, assets be measured using the criteria specified in determining compliance with the portfolio limit covenant of the Senior Stock Purchase agreement with the Department of the Treasury.11 Both Freddie and the Banks also advocated for the creation of a process by which a regulated entity could challenge FHFA’s finding of extraordinary growth. The Banks also argued that FHFA should be required to submit its numerical analysis to the regulated entity to support its finding of extraordinary growth.12 Applying the extraordinary growth test using only asset growth that would occur after the effective date of the final rule would unduly delay the operation of that portion of the rule for at least 18 months, which FHFA does not believe is necessary given the revisions that it has made to the definition of extraordinary growth with respect to the Banks. FHFA also believes that modifying the definition of extraordinary growth with respect to the Enterprises to incorporate the portfolio limit covenant of the Senior Stock Purchase agreement is not appropriate. Under that covenant, the Enterprises are required to reduce their ‘‘mortgagerelated investments portfolios’’ by 10 percent per year until reaching a specified limit, and FHFA does not believe that such a provision is appropriate for measuring growth of the Enterprises. With respect to limiting the application of extraordinary growth to those entities that are not in the highest capital classification, FHFA is not persuaded that the standards used for depository institutions are necessarily well-suited to the regulated entities, and the Safety and Soundness Act does not 10 See Joint Bank Letter at 5. Freddie Letter at 4. 12 See Freddie Letter at 4 and Joint Bank letter at 5. 11 See E:\FR\FM\08JNR1.SGM 08JNR1 33954 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations mandate that the definition be limited in that manner. Moreover, the Standards address matters other than capital adequacy, and it is possible that an adequately-capitalized entity may fail to operate in accordance with the Standards. Lastly, FHFA does not believe that it is appropriate to include a method to contest a determination of extraordinary growth or to require FHFA to submit numerical analysis to justify a finding of extraordinary growth, as both steps would unduly delay the administration of the rule and remedies for failures to meet the Standards. Also, given that FHFA has revised the definition of extraordinary growth for the Banks, they should be able to assess FHFA’s determination based on the data in their own call reports. pmangrum on DSK3VPTVN1PROD with RULES 3. Potential Conflicts With FHFA Regulations The Banks believed that certain Standards conflict or overlap with other existing regulations, particularly the remaining regulations of the Finance Board.13 As noted when this rule was proposed, FHFA intends to review all of its regulations, as well as those of the Finance Board and OFHEO as it incorporates them into the FHFA regulations, to ensure conformity and eliminate conflicts and overlap. To address any potential issues that may arise until such review is completed, FHFA is amending § 1236.3 of the proposed rule to provide that in cases of a direct conflict between a Standard and an FHFA regulation (including Finance Board and OFHEO regulations that remain in effect pursuant to sections 1302 and 1312 of HERA), the regulation would control. Additionally, in such cases, a regulated entity would not be held accountable for failing to meet the Standard and the remedial provisions in §§ 1236.4 and 1236.5 relating to the failure to meet a Standard and the submission and implementation of a corrective plan would not apply. FHFA notes that in cases where it is possible for a regulated entity to comply with both a Standard and a regulation, such as when there is substantial overlap or when a Standard is more stringent than a regulation, FHFA does not consider this to be a direct conflict and expects regulated entities to comply with both the Standard and the regulation. C. Specific Comments 1. Section 1236.3 (Prudential Standards as Guidelines) The Banks have requested that FHFA provide the opportunity for notice and comment on any future changes to the Standards and afford regulated entities at least a 90-day grace period to conform with such changes.14 The proposed rule would have allowed FHFA to update the Standards by order, as necessary to incorporate changes in best practices and to address particular supervisory concerns. That approach is clearly contemplated by the HERA amendments, which authorize the Director to adopt the Standards as regulations, which require formal notice and comment, or as guidelines, which do not. Although the final rule does not require the Director to go through a rulemaking process to amend the Standards, it does allow the Director the flexibility to seek public comment on particular changes to the guidelines, as the Director deems to be appropriate. FHFA believes that the decision to exercise the flexibility to seek public comment and to provide a grace period for regulated entities to align their practices with new or revised guidelines is best addressed on a case-by-case basis when future changes are proposed. 2. Section 1236.4 (Failure To Meet a Standard, Corrective Plans) The Banks have requested that in making any finding of a failure to meet a Standard pursuant to § 1236.4(a), FHFA identify the relevant Standard and the basis for the determination. The Banks’ letter also requests that FHFA create a process for a regulated entity to contest a finding of failure to meet a Standard, and a safe-harbor provision for a good faith effort to meet a Standard.15 FHFA has added language to § 1236.4(b) of the final rule that would provide that the written notice that FHFA must provide to any regulated entity that is required to submit a corrective plan must inform the regulated entity of FHFA’s determination. By adding that language, FHFA intends that any such notice would clearly identify the Standard and the substance of the regulated entity’s failure to meet it. However, FHFA does not believe that the creation of a process to contest a finding of failure to meet a Standard is appropriate because it would unduly delay the remediation of the underlying problem and hinder FHFA’s ability to carry out its oversight responsibilities. Furthermore, such a 14 See 13 See Joint Bank Letter at 1–2. VerDate Mar<15>2010 14:57 Jun 07, 2012 15 See Jkt 226001 PO 00000 Joint Bank Letter at 2. Joint Bank Letter at 6. Frm 00006 Fmt 4700 Sfmt 4700 process is not required by statute. Unlike a violation of a statute or a regulation that has been adopted with force and effect of law, a regulated entity’s failure to meet a Standard that has been adopted as a guideline would likely not trigger FHFA’s administrative enforcement authority. Instead, a failure to meet a Standard would, in the absence of any other violation or unsafe or unsound conduct, trigger only those remedies provided by HERA with respect to the prudential standards regime. Section 1236.4(c) addresses the contents and filing requirements relating to a corrective plan. One provision of the proposed rule implemented a statutory provision, which provides that a regulated entity that is undercapitalized and is required to submit a capital restoration plan may submit the corrective plan required under these regulations as part of the capital restoration plan. 12 U.S.C. 4513b(b)(1)(B). Section 1236.4(c)(2)(ii) of the proposed rule carried over the substance of the statutory provision, providing that a regulated entity that is required to file a capital restoration plan may, with the permission of FHFA, submit a corrective plan as part of the capital restoration plan. The proposed rule also expanded on the statutory authorization by allowing a regulated entity to submit its corrective plan as part of its response to any cease-anddesist order, agreement with FHFA, or a report of examination or inspection. The Banks have requested that FHFA remove the requirement for obtaining FHFA permission in order for a regulated entity to file its corrective plan as part of some other submission.16 In the final rule, in order to be consistent with the statutory language, FHFA is removing the requirement that a regulated entity obtain FHFA’s permission before combining its corrective plan with a capital restoration plan. However, FHFA notes that in certain cases, a capital restoration plan and a corrective plan may well have little in common to justify their combination or may present matters that must be addressed on different timeframes. For example, a corrective plan will set out the actions that a regulated entity plans to take in order to conform its practices to one or more of the prudential standards and the timeframe for doing so. A capital restoration plan will address matters relating to the capital adequacy and may present issues of more compelling urgency that must be addressed before any other supervisory matters. In any 16 See E:\FR\FM\08JNR1.SGM Joint Bank Letter at 6. 08JNR1 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations pmangrum on DSK3VPTVN1PROD with RULES cases where combining a corrective plan and capital restoration plan would not be effective, FHFA may decline to consider a corrective plan as part of a capital restoration plan. Because the HERA amendments are permissive in nature, providing that a regulated entity ‘‘may’’ submit a corrective plan as part of a capital restoration plan, FHFA believes that it need not consider the two plans together if it believes there are valid supervisory reasons for evaluating them separately. Thus, FHFA expects that any undercapitalized entity that is contemplating submitting combined plans should first consult with FHFA to determine whether it would have any supervisory reasons for objecting to that approach. Furthermore, for similar reasons as stated above, FHFA has retained the requirement that a regulated entity obtain FHFA’s permission before combining its corrective plan with another type of response to a supervisory action because FHFA believes that the discretion on whether it is desirable to combine a corrective plan with another type of response to a supervisory action, other than a capital restoration plan, must remain with FHFA. FHFA has made clarifying revisions to § 1236.4(c)(2)(ii), which make clear that while it may be possible for a regulated entity to submit a corrective plan as part of a capital restoration plan, the corrective plan would not be ‘‘part of’’ a cease-and desist order, formal or informal agreement, or examination, even if it were to be submitted as part of a regulated entity’s compliance with any such order, agreement, or response to an examination. Section 1236.4(e) addresses the period of time within which FHFA must act in response to the submission of a corrective plan. As a general matter, within thirty (30) calendar days of its receipt of a corrective plan, FHFA must notify the regulated entity of its decision on the plan (i.e., approval or denial), or of its need for additional information, or of its decision to extend the review period beyond thirty (30) calendar days. The Banks’ letter requests that the decision to extend the review period be communicated in writing.17 FHFA is revising § 1236.4(e) to adopt this suggestion. 3. Section 1236.5 (Failure To Submit a Corrective Plan, Noncompliance) The underlying statute sets forth certain actions that FHFA may take if a regulated entity has failed to timely submit an acceptable corrective plan or has failed to implement or otherwise comply with an approved corrective plan in any material respect. At a minimum, the Director must order the regulated entity to correct that deficiency. The Director also has the discretion under the statute to place limits on asset growth, require increases to capital, limit dividends and stock redemptions or repurchases, or require a minimum level of retained earnings, or take any other action that the Director deems would better carry out the purposes of the prudential standards statutory regime. 12 U.S.C. 4513b(b)(2)(B). The statute further provides that, if a regulated entity that has failed to submit or implement a corrective plan also has experienced ‘‘extraordinary growth’’ over the 18month period preceding its failure to meet the Standards, the Director must impose at least one of the remedies listed above. Section 1236.5(a) and (b) of the proposed rule largely carried over those statutory requirements into the final rule. Freddie Mac’s letter requests that materiality be factored into any determination of non-compliance with a corrective plan, and seeks clarification that any other remedy that the Director decides to impose must be deemed to be more effective than the five remedies listed in § 1236.5(a).18 The Banks’ letter requests that a regulated entity be afforded an opportunity to modify a corrective plan deemed unacceptable instead of being penalized for a failure to submit an acceptable plan.19 In response to Freddie Mac’s comment, FHFA is revising § 1236.5(a) to add in the words ‘‘in any material respect’’ in relation to a regulated entity’s failure to implement an approved corrective plan, and is revising § 1236.5(a)(6) to include language that any ‘‘other actions’’ that the Director may order must ‘‘better carry out’’ the purposes of the statute, as that proviso also appears in the statute. FHFA also notes that it does not intend to penalize regulated entities that in good faith submit corrective plans that require modifications in order to be accepted by FHFA. FHFA would not deem a plan unacceptable unless a regulated entity fails to promptly modify it to provide for acceptable remediation, or submits a plan that is so significantly insufficient that it does not appear to be realistically susceptible of acceptable modification through the normal processes of discussion between a regulator and the regulated entity. With respect to the ‘‘other actions’’ that the Director may take under § 1236.5(a)(6), FHFA does not interpret 18 See 17 See Joint Bank Letter at 6. VerDate Mar<15>2010 14:57 Jun 07, 2012 19 See Jkt 226001 PO 00000 Freddie Letter at 4. Joint Bank Letter at 7. Frm 00007 Fmt 4700 Sfmt 4700 33955 the ‘‘better carry out’’ proviso as requiring that any such ‘‘other action’’ must be taken in lieu of the enumerated remedies. Rather, FHFA believes that the proviso authorizes the Director to combine one or more of the enumerated remedies with any ‘‘other action’’ that the Director determines will better enable FHFA to ensure that the entity operates in accordance with the Standards.20 Under § 1236.5(c)(1), FHFA generally will notify a regulated entity that has failed to submit or implement a corrective plan of its intent to issue an order requiring the regulated entity to take corrective action. However, if the circumstances so require, § 1236.5(c)(4) provides that FHFA need not provide advance notice and may instead require a regulated entity immediately to take or refrain from taking actions to correct its failure to meet one or more of the Standards. Within fourteen (14) calendar days of the issuance of such an immediately effective order, unless otherwise specified by FHFA, a regulated entity may appeal the order in writing. FHFA will act on an appeal within sixty (60) days, during which time the order will remain in effect unless FHFA stays its effectiveness. The Banks have requested that FHFA clarify the circumstances under which the Director may invoke the provision in § 1236.5(c)(4) and issue an immediately effective order. The Banks also believe that the sixty (60) days granted to FHFA to act on an appeal is too lengthy, especially when compared to the fourteen (14) days granted to a regulated entity to appeal an immediately effective order.21 FHFA believes that it is impractical to specify in advance all of the circumstances under which an immediately effective order might be necessary, and that the rule must allow the Director sufficient latitude to respond to various types of circumstances that may require immediate corrective action. Furthermore, FHFA believes that the safeguards provided by the appeal process, including the proposed time frames, as proposed, are appropriate. 4. Standard 1 (Internal Controls and Information Systems) 22 The Banks and Freddie Mac both requested revisions to Standard 1, 20 As discussed in Section I.C. supra, the Banks requested that restrictions on increases in advances not be included as a possible remedy ordered by the Director. For the reasons previously stated, FHFA is not adopting the Banks’ suggestion. 21 See Join Bank Letter at 7–8. 22 The Joint Bank Letter cites several specific provisions in the Standards that the Banks believe Continued E:\FR\FM\08JNR1.SGM 08JNR1 33956 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations pmangrum on DSK3VPTVN1PROD with RULES believing that the scope of Principle 2 of proposed Standard 1, which requires the board of directors of a regulated entity to review and approve the overall business strategy and significant policies of the regulated entity, is overly broad. The Banks’ letter suggests that the term ‘‘significant policies’’ should be defined only as internal controls that must be approved by the audit committee under the Sarbanes-Oxley Act, while Freddie Mac’s letter suggests that the principle be limited to corporate governance rules of the national securities exchanges where a regulated entity’s securities are listed.23 FHFA believes that having boardapproved business strategies and significant policies are a key starting point for having effective internal controls and that narrowing the scope of Principle 2 in the manner suggested would unnecessarily weaken the effectiveness of the principle.24 Freddie Mac’s letter states that proposed Principle 3, which requires the board of directors of a regulated entity to approve the entity’s organizational structure, is too vague and overly burdensome. Freddie suggests either eliminating the principle or limiting its scope.25 FHFA disagrees with Freddie Mac’s assessment and believes that, as drafted, the principle is an appropriate means to ensure that regulated entities have appropriate organizational structures that are part of a robust internal control function.26 In their letter, the Banks argue that the requirement to have a formal selfassessment process to monitor internal controls under proposed Principle 12 is redundant in light of the fact that the Banks must comply with SarbanesOxley Act requirements relating to internal controls.27 However, the scope of Principle 12 is broader than the scope of the Sarbanes-Oxley requirements, as those requirements address internal controls for financial reporting, whereas either overlap or conflict with existing regulations. The issue of conflicts with regulations is addressed in section II.B.3. supra. Similarly, the Joint Bank Letter, the Fannie Mae Letter, and the Freddie Mac Letter cite several specific Standards in relation to corporate governance issues. Those comments are addressed comprehensively in section II.B.1. supra. 23 See Joint Bank Letter at 8 and Freddie Letter at 2. 24 In the final rule, proposed Principle 2 has been consolidated with proposed Principles 1, 3, and 4 into a final Principle 1. Portions of proposed Principle 2, including the requirement to review ‘‘significant policies,’’ have been relocated to part 1 of the general responsibilities section of the Standards in the final rule. 25 See Freddie Letter at 2. 26 In the final rule, the substance of proposed Principle 3 has been consolidated with proposed Principles 1, 2, and 4 into final Principle 1. 27 See Joint Bank Letter at 8. VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 Principle 12 is designed to address all types of internal controls. Therefore, FHFA does not believe that Principle 12 is redundant and is adopting it as proposed.28 5. Standard 2 (Independence and Adequacy of Internal Audit Systems) The Banks have requested that proposed Principle 5, relating to internal audit systems, use the term ‘‘testing’’ instead of ‘‘monitoring’’ because the Banks believe that audits are designed to test and not provide ongoing monitoring.29 Freddie Mac believes that the term ‘‘internal audit system’’ should be changed to ‘‘internal audit function’’ to avoid any suggestion that ‘‘system’’ means a fully automated system.30 FHFA is adopting both of these suggestions. In addition, FHFA is changing proposed Principle 10, in response to a comment by the Banks, to clarify the scope of the responsibilities of the internal audit department. This revision removes a requirement that the audit department must ‘‘ensure’’ that certain violations or findings are satisfactorily resolved because the auditors do not have operational responsibilities and thus cannot act to ‘‘resolve’’ the underlying matters. As revised, the Standard requires the audit department to determine whether the responsible parties within the organization have addressed the violations or findings. 6. Standard 3 (Management of Market Risk Exposure) Fannie Mae believes that proposed Principle 1, relating to market risk exposure, is redundant because proposed Principle 7, which requires the board of directors or a committee of the board to review risk exposures periodically, and proposed Principle 6 under Standard 8, which requires, among other things, that the board of directors and senior management be provided with accurate and timely reports on market risk exposure, sufficiently address the issue of market risk.31 FHFA believes that proposed Principle 1 is broader and different in focus than the other principles cited by Fannie Mae and should not be repealed. However, in an effort to streamline the 28 In the final rule, FHFA has consolidated proposed Principles 5 and 6 into final Principle 2; proposed Principles 7 through 12 have been consolidated into final Principles 4 and 5 and certain concepts from those principles have been relocated to parts 1 and 5 of the general responsibilities section. FHFA also made clarifying changes to proposed Principle 13 and renumbered it and other principles accordingly. 29 See Joint Bank Letter at 8. 30 See Freddie Letter at 2. 31 See Fannie Letter at 2–3. PO 00000 Frm 00008 Fmt 4700 Sfmt 4700 board of responsibility requirements, the substance of proposed Principles 2, 3, 4, 5, 6, and 7 have been merged into final Principles 2 and 3 and certain concepts have been relocated to parts 1 and 4 of the general responsibilities section. Proposed Principle 11 requires senior management to ensure that a regulated entity’s policies and procedures identify remedial actions to be taken in the event that market risk limits are violated. The Banks argue that a particular future remedial action to be taken in response to a violation of the market risk limitations cannot be predetermined, and thus should not be required to be stated in their policies and procedures.32 In response to the comment, FHFA has revised the principle to require that if a market risk limit is breached, the board of directors must ensure that appropriate remedial action is taken.33 The Banks’ letter asks FHFA to clarify that under proposed Principle 12, which requires senior management to keep the board of directors sufficiently informed about market risk exposures, satisfactory monitoring by the board would generally include periodic monitoring of established market risk tolerances and limits and exception-based reporting.34 Although the actions identified by the Banks’ letter may well be part of an acceptable process for identifying and managing market risk exposure, FHFA does not believe that it would be appropriate to specify that these particular actions would be sufficient to demonstrate compliance with the Standard. Because the level of market risk may vary from regulated entity to regulated entity, FHFA believes that the language of the proposed standard, which requires that the information provided to the board be sufficient for it to meaningfully assess market risk exposures, is a better approach. Accordingly, the final rule does not include the requested change. FHFA has, however, streamlined proposed Principles 3, 4, 5, 8, 9, 10, 12 and 13 (which are now final Principles 3, 5, 6) and moved certain concepts to items 4, 6, and 8 of the general responsibilities section of the Standards. 7. Standard 4 (Management of Market Risk—Measurement Systems, Risk Limits, Stress Testing, and Monitoring and Reporting) Proposed Principle 3 requires that a regulated entity’s market risk 32 See Joint Bank Letter at 9. substance of proposed Principle 11 has been reorganized into final Principles 2 and 6. 34 See Joint Bank Letter at 9. 33 The E:\FR\FM\08JNR1.SGM 08JNR1 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations measurement system be capable of valuing all financial assets and liabilities in the entity’s portfolio. The Banks’ letter requests further clarification of the terms ‘‘financial assets and liabilities.’’ 35 FHFA believes that these terms are widely understood and do not require additional clarification. pmangrum on DSK3VPTVN1PROD with RULES 8. Standard 5 (Adequacy and Maintenance of Liquidity and Reserves) Proposed Principle 1 of this Standard requires a regulated entity’s board to approve, at least annually, all major strategies and policies governing liquidity and reserves. The Banks’ letter notes that Finance Board regulations § 917.3(a)(2) and 917.3(b)(3)(iii) require the boards of directors of the Banks to review the risk management policy annually and re-adopt such policy at least every three years, which the Banks view as a direct conflict.36 FHFA does not believe that the regulations directly conflict with Principle 1 because the annual approval contemplated by the Standard would satisfy the requirement that the boards re-adopt policies at least every three years. However, FHFA has streamlined proposed Principles 1 and 2 into final Principle 1, streamlined proposed Principles 3 and 4 into final Principle 2, and relocated some of the requirements to parts 1 and 2 of the general responsibilities section of the Standards. 9. Standard 6 (Management of Asset and Investment Portfolio Growth) Proposed Principle 2 generally requires the board of directors to establish policies governing asset and investment growth, including limits on growth of mortgage loans and mortgagebacked securities. The Banks asked that FHFA revise this provision to make clear that it is not intended to apply to the growth of advances or letters of credits by the Banks.37 FHFA has decided not to make any changes to the text of the principle to exempt advances and standby letters of credit from these requirements because it believes that the Banks should monitor growth in those products to ensure that the Banks are not taking any undue risks. That said, the requirement that the Banks must have policies relating to growth in advances and letters of credit does not mean that the Banks must establish numerical limits for those products. Instead, it would be sufficient for the Banks to have policies that link growth in advances and letters of credit to 35 See Joint Bank Letter at 9. Joint Bank Letter at 9. 37 See Joint Bank Letter at 9–10. 14:57 Jun 07, 2012 10. Standard 7 (Investments and Acquisitions of Assets) Proposed Standard 7 implements a statutory requirement that FHFA adopt Standards that relate to a regulated entity’s ‘‘investments and acquisitions of assets’’ to ensure that they are consistent with the regulated entity’s chartering statute and the Safety and Soundness Act. Several principles under Standard 7 utilize the terms ‘‘investments’’ and ‘‘other assets,’’ neither of which is defined, and Freddie Mac has asked that FHFA clarify the meaning of ‘‘other assets.’’ 38 FHFA considers ‘‘investments’’ to mean all assets held by the regulated entity for the purpose of yielding a return but that are not related to its core mission as a GSE. In the case of the Banks, ‘‘investments’’ would include things such as federal funds sold, repurchase agreements, and investment securities. In the case of the Enterprises, investments would include things such as federal funds and investment securities. ‘‘Other assets’’ are all assets held by the regulated entity other than ‘‘investments,’’ including mission related assets such as advances and acquired member assets in the case of the Banks and mortgage loans in the case of the Enterprises. FHFA notes that the final rule has streamlined proposed Principles 1 and 2 into final Principle 1 and replaced a subheading within Standard 7. 11. Standard 8 (Overall Risk Management Processes) The final rule revises proposed Principle 11 (renumbered as final Principle 5) to state that the chief risk officer should report directly to both the chief executive officer and the risk committee of the board of directors. This change is being made to conform proposed Principle 11 to the recommended practices issued by other financial regulators.39 The final rule also 38 See Freddie Mac Letter at 3. Principle 11 has been renumbered as final Principle 5. 36 See VerDate Mar<15>2010 factors such as the financial condition of the members, the amount and quality of the collateral, the members’ collateral management practices, and prudent underwriting standards. FHFA notes that it has combined proposed Principles 1 and 2 into final Principle 1; streamlined proposed Principles 3 and 4 (renumbered as final Principles 2 and 3); moved certain concepts in proposed Principles 1, 2, and 3 to items 1, 2, and 5 in the general responsibilities section of the Standards; and reorganized the subheadings in Standard 6. 39 Proposed Jkt 226001 PO 00000 Frm 00009 Fmt 4700 Sfmt 4700 33957 combines proposed Principles 1 through 4 into final Principle 1 and proposed Principles 5 through 8 into final Principle 2 and certain concepts from these principles have been relocated to items 2 and 4 of the general responsibilities section of the Standards. 12. Standard 9 (Management of Credit Counterparty Risk) In light of a pending joint rulemaking on derivative instruments by the Commodity Futures Trading Commission (‘‘CFTC’’) and the Securities and Exchange Commission (‘‘SEC’’), the Banks’ letter requests that FHFA suspend proposed Principle 2, relating to policies and procedures for the use of derivative instruments, until the completion of the CFTC and SEC rulemaking.40 FHFA has decided not to suspend this principle until the joint rulemaking is complete because the Banks currently use derivative instruments and should already have appropriate derivative policies in place, even in the absence of final rulemaking by the CFTC and SEC. FHFA expects that those policies will need to be modified after the issuance of final rules by the CFTC and SEC relating to the use of clearinghouses and exchanges for derivatives trades.41 Proposed Principle 4 42 requires senior management to brief the board regularly on a regulated entity’s credit exposure including, among other things, ‘‘problem credits,’’ and proposed Principle 10 requires entities to have policies for addressing such ‘‘problem credits.’’ The Banks’ letter requests that FHFA exclude advances from the scope of the term ‘‘problem credits’’ because the Banks have never sustained any credit losses on advances. The Banks further argue that the programs that they currently have in place to assess, monitor, measure, and report credit risk are sufficient.43 As previously noted, the historical absence of credit losses on advances does not guarantee that there will be no future losses and does not justify excluding advances from the scope of Principles 4 and 10.44 The Banks again cite the historical absence of credit losses on advances to argue that proposed Principle 5 40 See Joint Bank Letter at 10. Principles 1, 2, and 3 have been streamlined and combined into final Principle 1 and certain concepts have been relocated to items 1 and 2 of the general responsibilities section of the Standards. 42 Proposed Principle 4 has been streamlined and renumbered as final Principle 2. 43 See Joint Bank Letter at 10. 44 In order to streamline Standard 9, the requirement to address problem credits has been removed from Principle 4 but still exists in Principle 8 (formerly Principle 10). 41 Proposed E:\FR\FM\08JNR1.SGM 08JNR1 pmangrum on DSK3VPTVN1PROD with RULES 33958 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations (renumbered as final Principle 3), which requires a regulated entity to have policies that limit concentrations of credit risk and systems that can identify such concentrations, should not apply to them.45 For the same reasons discussed in the previous paragraph, FHFA believes that proposed Principle 5 should apply to all regulated entities. Concentrations of credit risk for the Banks may be present in their advances business as well as in other areas of their business, such as extensions of unsecured credit and derivatives transactions, as well as the investment portfolio. The existence of those other sources of risk requires that the Banks have systems in place that can identify such concentration of risk, as well as policies to limit those concentration risks. Although the secured nature of advances and the lien priority that is afforded to the Banks lessen the risks to a Bank resulting from a concentration of advances to certain borrowers, the risks exist and the Banks should have in place policies for addressing them. Given the unique nature of advances and the Banks’ cooperative business model, FHFA expects that a Bank’s policies and limits relating to concentrations arising from its advances business may well differ from those relating to concentrations arising from other sources. MICA’s letter suggests that FHFA expand proposed Principle 8 (renumbered as final Principle 6) to not only require that regulated entities have procedures and policies in place to make informed credit decisions at the outset, but to also require that such procedures are employed on an ongoing basis and include the use of back-testing to ensure that the initial credit decisions are validated and to reveal any need for further improvement in credit-risk protocols.46 FHFA does not believe that the extra procedures requested by MICA are necessary at this time. Proposed Principle 11 (renumbered as final Principle 9) requires a regulated entity to have a system of independent, ongoing credit review, including stress testing and scenario analysis. The Banks’ letter seeks clarification of the scope of the term ‘‘independent ongoing credit review.’’ 47 In response to the comment, FHFA is revising Principle 11 to more specifically identify the type of ongoing credit review program envisioned by this principle. 45 See Joint Bank Letter at 11. MICA Letter at 2. 47 See Joint Bank Letter at 11. 46 See VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 13. Standard 10 (Maintenance of Adequate Records) In response to a comment from the Banks, FHFA is changing the term ‘‘records management plan’’ to ‘‘record retention program’’ in proposed Principle 3 48 to better align it with the terminology of part 1235 of the FHFA regulations (12 CFR part 1235), which addresses record retention requirements for the regulated entities.49 In response to a comment from Freddie Mac, FHFA is modifying proposed Principle 4 to make it clear that the scope of the records management plan includes all records and not just the records of the board of directors.50 Lastly, in response to a comment by the Banks requesting clarification as to what type of ‘‘reporting errors’’ or ‘‘irregularities’’ must be detected and corrected, FHFA is revising proposed Principle 5 to delete the term ‘‘irregularities.’’ 51 FHFA believes that the term ‘‘reporting errors’’ is sufficiently clear. The final rule also deletes the subheading that appears before proposed Principle 6. D. Introduction—General Responsibilities for Boards and Management As discussed previously, the final version of the Standards includes an introductory section dealing with the general responsibilities of the boards and management of the regulated entities. That new section consists of the following three parts: Responsibilities of the board of directors, responsibilities of senior management, and joint responsibilities of the board and senior management. Each section is compiled from concepts that had been included as part of the Principles under most of the 10 proposed Standards. FHFA believes that grouping these generally applicable board of directors and senior management responsibilities in an introductory section, rather than dispersing them over 10 separate Standards, improves the presentation and clarity of the Standards. As stated previously, the introductory section is intended to provide an overview of what FHFA believes to be typical director and officer responsibilities in the context of financial institutions generally, as well as in the context of the Standards. 48 The numbering of the principles in Standard 10 has not changed from the proposed rule to the final rule. 49 See Joint Bank Letter at 11. 50 See Freddie Mac Letter at 3. 51 See Joint Bank Letter at 11. PO 00000 Frm 00010 Fmt 4700 Sfmt 4700 1. Board of Director Responsibilities Items 1 through 4 of the general responsibilities section address responsibilities of boards of directors. Item 1 requires the board of directors, with respect to each subject matter addressed by each Standard, to adopt appropriate business strategies, policies, and procedures. It also requires boards to review such strategies, policies and procedures periodically and approve all major strategies, policies, and procedures annually. The next item addresses the board’s responsibility in overseeing management and ensuring that management includes qualified personnel. Items 3 and 4 require boards to remain informed about the operations of a regulated entity and about specific risks and exposures, including market, credit, and counterparty risk. These items also address the need to establish risk tolerances and remedy any violation of those risk limits. 2. Senior Management Responsibilities Items 5 through 8 of the general responsibilities section address the responsibilities of senior management of the regulated entities. Item 5 requires senior management, with respect to each subject matter addressed by each Standard, to develop the policies, procedures, and practices that are necessary to implement the business strategies and policies adopted by the board of directors. Senior management should also ensure that the policies, procedures, and practices are followed by all personnel and that such personnel are competent and appropriately trained. Item 6 requires senior management to ensure that the regulated entity has adequate resources, systems, and controls to effectively execute the entity’s business strategies, policies and procedures, including operating consistently with each of the Standards. The last two items, 7 and 8, address the need for senior management to keep the board of directors informed through periodic reports and discussions. 3. Joint Responsibilities Items 9 and 10 (formerly Principle 13 of proposed Standard 1 and Principle 7 of proposed Standard 8, respectively) of the general responsibilities section require the board of directors and senior management to conduct themselves in a manner that promotes high ethical standards and a culture of compliance throughout the organization. The board of directors and senior management are also required to ensure that the regulated entity’s overall risk profile is aligned with its mission objectives. E:\FR\FM\08JNR1.SGM 08JNR1 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations III. Paperwork Reduction Act The final rule does not contain any information collection requirement that requires the approval of the Office of Management and Budget under the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). IV. Regulatory Flexibility Act The final rule applies only to the Banks and the Enterprises, which do not come within the meaning of small entities as defined in the Regulatory Flexibility Act (5 U.S.C. 601 et seq.). See 5 U.S.C. 650(b). Therefore, FHFA certifies that this final rule will not have significant economic impact on a substantial number of small entities. List of Subjects in 12 CFR Part 1236 Administrative practice and procedure, Federal home loan banks, Government-sponsored enterprises, Reporting and recordkeeping requirements. For the reasons stated in the SUPPLEMENTARY INFORMATION, FHFA amends chapter XII of title 12 of the Code of Federal Regulations by adding part 1236 to subchapter B to read as follows: PART 1236—PRUDENTIAL MANAGEMENT AND OPERATIONS STANDARDS § 1236.3 Prudential standards as guidelines. Sec. 1236.1 Purpose. 1236.2 Definitions. 1236.3 Prudential standards as guidelines. 1236.4 Failure to meet a standard; corrective plans. 1236.5 Failure to submit a corrective plan; noncompliance. Appendix to Part 1236—Prudential Management and Operations Standards Authority: 12 U.S.C. 4511, 4513(a) and (f), 4513b, and 4526. pmangrum on DSK3VPTVN1PROD with RULES § 1236.1 Purpose. This part establishes the prudential management and operations standards that are required by 12 U.S.C. 4513b and the processes by which FHFA can notify a regulated entity of its failure to operate in accordance with the standards and can direct the entity to take corrective action. This part further specifies the possible consequences for any regulated entity that fails to operate in accordance with the standards or otherwise fails to comply with this part. § 1236.2 Definitions. Unless otherwise indicated, terms used in this part have the meanings that they have in the Federal Housing Enterprises Financial Safety and Soundness Act, 12 U.S.C. 4501 et seq., VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 or the Federal Home Loan Bank Act, 12 U.S.C. 1421 et seq. Extraordinary growth—(1) For purposes of 12 U.S.C. 4513b(b)(3)(C), means: (i) With respect to a Bank, growth of non-advance assets in excess of 30 percent over the six calendar quarter period preceding the date on which FHFA notified the Bank that it was required to submit a corrective plan; and (ii) With respect to an Enterprise, quarterly non-annualized growth of assets in excess of 7.5 percent in any calendar quarter during the six calendar quarter period preceding the date on which FHFA notified the Enterprise that it was required to submit a corrective plan. (2) For purposes of calculating an increase in assets, assets acquired through merger or acquisition approved by FHFA are not to be included. FHFA means the Federal Housing Finance Agency. Standards means any one or more of the prudential management and operations standards established by the Director pursuant to 12 U.S.C. 4513b(a), as modified from time to time pursuant to § 1236.3(b). (a) The Standards constitute the prudential management and operations standards required by 12 U.S.C. 4513b. (b) The Standards have been adopted as guidelines, as authorized by 12 U.S.C. 4513b(a), and the Director may modify, revoke, or add to the Standards, or any one or more of them, at any time by order or notice. (c) In the case of a direct conflict between a Standard and an FHFA regulation, when it is not possible to comply with both the Standard and the FHFA regulation, the regulation shall control. (d) Failure to meet any Standard may constitute an unsafe and unsound practice for purposes of the enforcement provisions of 12 U.S.C. chapter 46, subchapter III. § 1236.4 Failure to meet a standard; corrective plans. (a) Determination. FHFA may, based upon an examination, inspection or any other information, determine that a regulated entity has failed to meet one or more of the Standards. (b) Submission of corrective plan. If FHFA determines that a regulated entity has failed to meet any Standard, FHFA may require the entity to submit a corrective plan, in which case FHFA shall, by written notice, inform the PO 00000 Frm 00011 Fmt 4700 Sfmt 4700 33959 regulated entity of that determination and the requirement to submit a corrective plan. (c) Corrective plans.—(1) Contents of plan. A corrective plan shall describe the actions the regulated entity will take to correct its failure to meet any one or more of the Standards, and the time within which each action will be taken. (2) Filing deadline.—(i) In general. A regulated entity must file a written corrective plan with FHFA within thirty (30) calendar days of being notified by FHFA of its failure to meet a Standard and need to file a corrective plan, unless FHFA notifies the regulated entity in writing that the plan must be filed within a different time period. (ii) Other plans. If a regulated entity must file a capital restoration plan submitted pursuant to 12 U.S.C. 4622, it may submit the corrective plan required under this section as part of the capital restoration plan, subject to the deadline in paragraph (c)(2)(i) of this section. If a regulated entity currently is operating under a cease-and-desist order entered into pursuant to 12 U.S.C. 4631 or 4632, or a formal or informal agreement, or must file a response to a report of examination or report of inspection, it may, with the permission of FHFA, submit the corrective plan required under this section as part of the regulated entity’s compliance with that order, agreement or response, subject to the deadline in paragraph (c)(2)(i) of this section, but the corrective plan would not become a part of the order, agreement, or response. (d) Amendment of corrective plan. A regulated entity that is operating in accordance with an approved corrective plan may submit a written request to FHFA to amend the plan as necessary to reflect any changes in circumstance. Until such time that FHFA approves a proposed amendment, the regulated entity must continue to operate in accordance with the terms of the corrective plan as previously approved. (e) Review of corrective plans and amendments. Within thirty (30) calendar days of receiving a corrective plan or proposed amendment to a plan, FHFA will notify the regulated entity in writing of its decision on the plan, will direct the regulated entity to submit additional information, or will notify the regulated entity in writing that FHFA has established a different deadline. § 1236.5 Failure to submit a corrective plan; noncompliance. (a) Remedies. If a regulated entity fails to submit an acceptable corrective plan under § 1236.4(b), or fails in any material respect to implement or E:\FR\FM\08JNR1.SGM 08JNR1 pmangrum on DSK3VPTVN1PROD with RULES 33960 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations otherwise comply with an approved corrective plan, FHFA shall order the regulated entity to correct that deficiency, and may: (1) Prohibit the regulated entity from increasing its average total assets, as defined in 12 U.S.C. 4516(b)(4), for any calendar quarter over its average total assets for the preceding calendar quarter, or may otherwise restrict the rate at which the average total assets of the regulated entity may increase from one calendar quarter to another; (2) Prohibit the regulated entity from paying dividends; (3) Prohibit the regulated entity from redeeming or repurchasing capital stock; (4) Require the regulated entity to maintain or increase its level of retained earnings; (5) Require an Enterprise to increase its ratio of core capital to assets, or require a Bank to increase its ratio of total capital, as defined in 12 U.S.C. 1426(a)(5), to assets; or (6) Require the regulated entity to take any other action that the Director determines will better carry out the purposes of the statute by bringing the regulated entity into conformance with the Standards. (b) Extraordinary growth. If a regulated entity that has failed to submit an acceptable corrective plan or has failed in any material respect to implement or otherwise comply with an approved corrective plan, also has experienced extraordinary growth, FHFA shall impose at least one of the sanctions listed in paragraph (a) of this section, consistently with the requirements of 12 U.S.C. 4513b(b)(3). (c) Orders.—(1) Notice. Except as provided in paragraph (c)(4) of this section, FHFA will notify a regulated entity in writing of its intent to issue an order requiring the regulated entity to correct its failure to submit or its failure in any material respect to implement or otherwise comply with an approved corrective plan. Any such notice will include: (i) A statement that the regulated entity has failed to submit a corrective plan under § 1236.4, or has not implemented or otherwise has not complied in any material respect with an approved plan; (ii) A description of any sanctions that FHFA intends to impose and, in the case of the mandatory sanctions required by 12 U.S.C. 4513b(b)(3), a statement that FHFA believes that the regulated entity has experienced extraordinary growth; and (iii) The proposed date when any sanctions would become effective or the proposed date for completion of any required actions. VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 (2) Response to notice. A regulated entity may file a written response to a notice of intent to issue an order, which must be delivered to FHFA within fourteen (14) calendar days of the date of the notice, unless FHFA determines that a different time period is appropriate in light of the safety and soundness of the regulated entity or other relevant circumstances. The response should include: (i) An explanation why the regulated entity believes that the action proposed by FHFA is not an appropriate exercise of discretion; (ii) Any recommended modification of the proposed order; and (iii) Any other relevant information, mitigating circumstances, documentation or other evidence in support of the position of the regulated entity regarding the proposed order. (3) Failure to file response. A regulated entity’s failure to file a written response within the specified time period will constitute a waiver of the opportunity to respond and will constitute consent to issuance of the order. (4) Immediate issuance of final order. FHFA may issue an order requiring a regulated entity immediately to take actions to correct a Standards deficiency or to take or refrain from taking other actions pursuant to paragraph (a) of this section. Within fourteen (14) calendar days of the issuance of an order under this paragraph, or other time period specified by FHFA, a regulated entity may submit a written appeal of the order to FHFA. FHFA will respond in writing to a timely filed appeal within sixty (60) days after receiving the appeal. During this period, the order will remain in effect unless FHFA stays the effectiveness of the order. (d) Request for modification or rescission of order. A regulated entity subject to an order under this part may submit a written request to FHFA for an amendment to the order to reflect a change in circumstance. Unless otherwise ordered by FHFA, the order shall continue in place while such a request is pending before FHFA. (e) Agency review and determination. FHFA will respond in writing within thirty (30) days after receiving a response or amendment request, unless FHFA notifies the regulated entity in writing that it will respond within a different time period. After considering a regulated entity’s response or amendment request, FHFA may: (1) Issue the order as proposed or in modified form; (2) Determine not to issue the order and instead issue a different order; or PO 00000 Frm 00012 Fmt 4700 Sfmt 4700 (3) Seek additional information or clarification of the response from the regulated entity, or any other relevant source. Appendix to Part 1236—Prudential Management and Operations Standards General Responsibilities of the Board of Directors and Senior Management The following provisions address the general responsibilities of the boards of directors and senior management of the regulated entities as they relate to the matters addressed by each of the Standards. The descriptions are not a comprehensive listing of the responsibilities of either the boards or senior management, each of whom have additional duties and responsibilities to those described in these Standards. Responsibilities of the Board of Directors 1. With respect to the subject matter addressed by each Standard, the board of directors is responsible for adopting business strategies, policies, and procedures that are appropriate for the particular subject matter. The board should review all such strategies, policies, and procedures periodically, and should review and approve all major strategies and policies at least annually, and make any revisions that are necessary to ensure that they remain consistent with the entity’s overall business plan. 2. The board of directors is responsible for overseeing management of the regulated entity, which includes ensuring that management includes personnel who are appropriately trained and competent to oversee the operation of the regulated entity as it relates to the functions and requirements addressed by each Standard, and that management implements the policies and procedures set forth by the board. 3. The board of directors is responsible for remaining informed about the operations and condition of the regulated entity, including operating consistently with the Standards, and senior management’s implementation of the strategies, policies and procedures established by the board of directors. 4. The board of directors must remain sufficiently informed about the nature and level of the regulated entity’s overall risk exposures, including market, credit, and counterparty risk, so that it can understand the possible short- and long-term effects of those exposures on the financial health of the regulated entity, including the possible shortand long-term consequences to earnings, liquidity, and economic value. The board of directors should: establish the regulated entity’s risk tolerances and should provide management with clear guidance regarding the level of acceptable risks; review the regulated entity’s entire market risk management framework, including policies and entity-wide risk limits at least annually; oversee the adequacy of the actions taken by senior management to identify, measure, manage, and control the regulated entity’s risk exposures; and ensure that management takes appropriate corrective measures whenever market risk limit violations or breaches occur. E:\FR\FM\08JNR1.SGM 08JNR1 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations Responsibilities of Senior Management 5. With respect to the subject matter addressed by each Standard, senior management is responsible for developing the policies, procedures and practices that are necessary to implement the business strategies and policies adopted by the board of directors. Senior management should ensure that such items are clearly written, sufficiently detailed, and are followed by all personnel. Senior management also should ensure that the regulated entity has personnel who are appropriately trained and competent to carry out their respective functions and that all delegated responsibilities are performed. 6. Senior management should ensure that the regulated entity has adequate resources, systems and controls available to execute effectively the entity’s business strategies, policies and procedures, including operating consistently with each of the Standards. 7. Senior management should provide the board of directors with periodic reports relating to the regulated entity’s condition and performance, including the subject matter addressed by each of the Standards, that are sufficiently detailed to allow the board of directors to remain fully informed about the business of the regulated entity. 8. Senior management should regularly review and discuss with the board of directors information regarding the regulated entity’s risk exposures that is sufficient in detail and timeliness to permit the board of directors to understand and assess the performance of management in identifying and managing the various risks to which the regulated entity is exposed. Responsibilities of the Board of Directors and Senior Management 9. The board of directors and senior management should conduct themselves in such a manner as to promote high ethical standards and a culture of compliance throughout the organization. 10. The board of directors and senior management should ensure that the regulated entity’s overall risk profile is aligned with its mission objectives. The following provisions constitute the prudential management and operations standards established pursuant to 12 U.S.C. 4513b(a). pmangrum on DSK3VPTVN1PROD with RULES Standard 1—Internal Controls and Information Systems Responsibilities of the Board of Directors 1. Regarding internal controls and information systems, the board of directors of each regulated entity should adopt appropriate policies, ensure personnel are appropriately trained and competent, approve and periodically review overall business strategies, approve the organizational structure, and assess the adequacy of senior management’s oversight of this function. Responsibilities of Senior Management 2. Regarding internal controls and information systems, senior management should implement strategies and policies approved by the board of directors, establish appropriate policies, monitor the adequacy VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 and effectiveness of this function, and ensure personnel are appropriately trained and competent. The organizational structure should clearly assign responsibility, authority, and reporting relationships. Responsibilities of the Board of Directors and Senior Management 3. Regarding internal controls and information systems, both the board of directors and senior management should promote high ethical standards, create a culture that emphasizes the importance of this function, and promptly address any issues in need of remediation. Framework 4. The regulated entity should have an adequate and effective system of internal controls, which should include a board approved organizational structure that clearly assigns responsibilities, authority, and reporting relationships, and establishes an appropriate segregation of duties that ensures that personnel are not assigned conflicting responsibilities. 5. The regulated entity should establish appropriate internal control policies and should monitor the adequacy and effectiveness of its internal controls and information systems on an ongoing basis through a formal self-assessment process. 6. The regulated entity should have an organizational culture that emphasizes and demonstrates to personnel at all levels the importance of internal controls. 7. The regulated entity should address promptly any violations, findings, weaknesses, deficiencies, and other issues in need of remediation relating to the internal control systems. Risk Recognition and Assessment 8. A regulated entity should have an effective risk assessment process that ensures that management recognizes and continually assesses all material risks, including credit risk, market risk, interest rate risk, liquidity risk, and operational risk. Control Activities and Segregation of Duties 9. A regulated entity should have an effective internal control system that defines control activities at every business level. 10. A regulated entity’s control activities should include: a. Board of directors and senior management reviews of progress toward goals and objectives; b. Appropriate activity controls for each business unit; c. Physical controls to protect property and other assets and limit access to property and systems; d. Procedures for monitoring compliance with exposure limits and follow-up on noncompliance; e. A system of approvals and authorizations for transactions over certain limits; and f. A system for verification and reconciliation of transactions. Information and Communication 11. A regulated entity should have information systems that provide relevant, accurate and timely information and data. PO 00000 Frm 00013 Fmt 4700 Sfmt 4700 33961 12. A regulated entity should have secure information systems that are supported by adequate contingency arrangements. 13. A regulated entity should have effective channels of communication to ensure that all personnel understand and adhere to policies and procedures affecting their duties and responsibilities. Monitoring Activities and Correcting Deficiencies 14. A regulated entity should monitor the overall effectiveness of its internal controls and key risks on an ongoing basis and ensure that business units and internal and external audit conduct periodic evaluations. 15. Internal control deficiencies should be reported to senior management and the board of directors on a timely basis and addressed promptly. Applicable Laws, Regulations, and Policies 16. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing internal controls and information systems. Standard 2—Independence and Adequacy of Internal Audit Systems Audit Committee 1. A regulated entity’s board of directors should have an audit committee that exercises proper oversight and adopts appropriate policies and procedures designed to ensure the independence of the internal audit function. The audit committee should ensure that the internal audit department includes personnel who are appropriately trained and competent to oversee the internal audit function. 2. The board of directors should review and approve the audit committee charter at least every three years. 3. The audit committee of the board of directors is responsible for monitoring and evaluating the effectiveness of the regulated entity’s internal audit function. 4. Issues reported by the internal audit department to the audit committee should be promptly addressed and satisfactorily resolved. Internal Audit Function 5. A regulated entity should have an internal audit function that provides for adequate testing of the system of internal controls. 6. A regulated entity should have an independent and objective internal audit department that reports directly to the audit committee of the board of directors. 7. A regulated entity’s internal audit department should be adequately staffed with properly trained and competent personnel. 8. The internal audit department should conduct risk-based audits. 9. The internal audit department should conduct adequate testing and review of internal control and information systems. 10. The internal audit department should determine whether violations, findings, weaknesses and other issues reported by regulators, external auditors, and others have been promptly addressed. E:\FR\FM\08JNR1.SGM 08JNR1 33962 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations Applicable Laws, Regulations, and Policies 11. A regulated entity should comply with applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the independence and adequacy of internal audit systems. Standard 3—Management of Market Risk Exposure Responsibilities of the Board of Directors 1. Regarding the overall management of market risk exposure, the board of directors should remain sufficiently informed about the nature and level of the regulated entity’s market risk exposures. At least annually, the board should review the entire market risk framework, including policies and risk limits, and provide an assessment of compliance. 2. Regarding the policies, practices and procedures surrounding the management of market risk, the board of directors should approve all major strategies and policies relating to the management of market risk, ensure all major strategies and policies are consistent with the overall business plan, establish and communicate a market risk tolerance, and ensure appropriate corrective measures are taken when market risk limit violations or breaches occur. 3. The board, or a board appointed committee, should oversee the adequacy of actions taken by senior management to identify, measure, manage, and control market risk exposures, ensure market risk policies establish lines of authority and responsibility, and review risk exposures on a periodic basis. pmangrum on DSK3VPTVN1PROD with RULES Responsibilities of Senior Management 4. Regarding the overall management of market risk exposure, senior management should provide sufficient and timely information to the board of directors, ensure personnel are appropriately trained and competent, ensure adequate systems and resources are available to manage and control market risk, report any breaches to the board of directors (or the appropriate board committee), and take appropriate remedial action. 5. Regarding the policies, practices, and procedures surrounding market risk exposure, senior management should ensure market risk policies and procedures are clearly written, sufficiently detailed, and followed. Approved policies and procedures should include clear market risk limits and lines of authority for managing market risk. Market Risk Strategy 6. A regulated entity should have a clearly defined and well-documented strategy for managing market risk, which must be consistent with its overall business plan, must enable the regulated entity to identify, manage, monitor, and control the regulated entity’s risk exposures on a business unit and an enterprise-wide basis, and must ensure that the lines of authority and responsibility for managing market risk and monitoring market risk limits are clearly identified. The strategy should specify a target account, or target accounts, for managing market risk (e.g., specify whether the objective is to control risk to earnings, net portfolio value, VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 or some other target, or some combination of targets), and, if a market risk limit is breached, should require that the breach be reported to the board of directors, or the appropriate board committee, and that appropriate remedial action, including any ordered by the board of directors, should be taken. 7. Management should ensure that the board of directors is made aware of the advantages and disadvantages of the regulated entity’s chosen market risk management strategy, as well as those of alternative strategies, so that the board of directors can make an informed judgment about the relative efficacy of the different strategies. 8. A Bank’s strategy for managing market risk should take into account the importance of maintaining the market value of equity of member stock commensurate with the par value of that stock so that the Bank is able to redeem and repurchase member stock at par value. 9. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance, (e.g., advisory bulletins) governing the independence and adequacy of the management of market risk exposure. Standard 4—Management of Market Risk— Measurement Systems, Risk Limits, Stress Testing, and Monitoring and Reporting Risk Measurement Systems 1. A regulated entity should have a risk measurement system (a model or models) that capture(s) all material sources of market risk and provide(s) meaningful and timely measures of the regulated entity’s risk exposures, as well as personnel who are appropriately trained and competent to operate and oversee the risk measurement system. 2. The risk measurement system should be capable of estimating the effect of changes in interest rates and other key risk factors on the regulated entity’s earnings and market value of equity over a range of scenarios. 3. The measurement system should be capable of valuing all financial assets and liabilities in the regulated entity’s portfolio. 4. The measurement system should address all material sources of market risk including repricing risk, yield curve risk, basis risk, and options risk. 5. Management should ensure the integrity and timeliness of the data inputs used to measure the regulated entity’s market risk exposures, and should ensure that assumptions and parameters are reasonable and properly documented. 6. The measurement system’s methodologies, assumptions, and parameters should be thoroughly documented, understood by management, and reviewed on a regular basis. 7. A regulated entity’s market risk model should be upgraded periodically to incorporate advances in risk modeling technology. 8. A regulated entity should have a documented approval process for model changes that requires model changes to be authorized by a party independent of the party making the change. PO 00000 Frm 00014 Fmt 4700 Sfmt 4700 9. A regulated entity should ensure that its models are independently validated on a regular basis. Risk Limits 10. Risk limits should be consistent with the regulated entity’s strategy for managing interest rate risk and should take into account the financial condition of the regulated entity, including its capital position. 11. Risk limits should address the potential impact of changes in market interest rates on net interest income, net income, and the regulated entity’s market value of equity. Stress Testing 12. A regulated entity should conduct stress tests on a regular basis for a variety of institution-specific and market-wide stress scenarios to identify potential vulnerabilities and to ensure that exposures are consistent with the regulated entity’s tolerance for risk. 13. A regulated entity should use stress test outcomes to adjust its market risk management strategies, policies, and positions and to develop effective contingency plans. 14. Special consideration should be given to ensuring that complex financial instruments, including instruments with complex option features, are properly valued under stress scenarios and that the risks associated with options exposures are properly understood. 15. Management should ensure that the regulated entity’s board of directors or a committee thereof considers the results of stress tests when establishing and reviewing its strategies, policies, and limits for managing and controlling interest rate risk. 16. The board of directors and senior management should review periodically the design of stress tests to ensure that they encompass the kinds of market conditions under which the regulated entity’s positions and strategies would be most vulnerable. Monitoring and Reporting 17. A regulated entity should have an adequate management information system for reporting market risk exposures. 18. The board of directors, senior management, and the appropriate line managers should be provided with regular, accurate, informative, and timely market risk reports. Applicable Laws, Regulations, and Policies 19. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the management of market risk. Standard 5—Adequacy and Maintenance of Liquidity and Reserves Responsibilities of the Board of Directors 1. Regarding the adequacy and maintenance of liquidity and reserves, the board of directors should review (at least annually) all major strategies and policies governing this area, approve appropriate revisions to such strategies and policies, and ensure senior management are appropriately trained to effectively manage liquidity. E:\FR\FM\08JNR1.SGM 08JNR1 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations Responsibilities of Senior Management 2. Regarding the adequacy and maintenance of liquidity and reserves, senior management should develop strategies, policies, and practices to manage liquidity risk, ensure personnel are appropriately trained and competent, and provide the board of directors with periodic reports on the regulated entity’s liquidity position. Policies, Practices, and Procedures 3. A regulated entity should establish a liquidity management framework that ensures it maintains sufficient liquidity to withstand a range of stressful events. 4. A regulated entity should articulate a liquidity risk tolerance that is appropriate for its business strategy and its mission goals and objectives. 5. A regulated entity should have a sound process for identifying, measuring, monitoring, controlling, and reporting its liquidity position and its liquidity risk exposures. 6. A regulated entity should establish a funding strategy that provides effective diversification in the sources and tenor of funding. 7. A regulated entity should conduct stress tests on a regular basis for a variety of institution-specific and market-wide stress scenarios to identify sources of potential liquidity strain and to ensure that current exposures remain in accordance with each regulated entity’s established liquidity risk tolerance. 8. A regulated entity should use stress test outcomes to adjust its liquidity management strategies, policies, and positions and to develop effective contingency plans. 9. A regulated entity should have a formal contingency funding plan that clearly sets out the strategies for addressing liquidity shortfalls in emergencies. Where practical, contingent funding sources should be tested or drawn on periodically to assess their reliability and operational soundness. 10. A regulated entity should maintain adequate reserves of liquid assets, including adequate reserves of unencumbered, marketable securities that can be liquidated to meet unexpected needs. Applicable Laws, Regulations, and Policies 11. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the adequacy and maintenance of liquidity and reserves. pmangrum on DSK3VPTVN1PROD with RULES Standard 6—Management of Asset and Investment Portfolio Growth Responsibilities of the Board of Directors and Senior Management 1. Regarding the management of asset and investment portfolio growth, the board of directors is responsible for overseeing the management of growth in these areas, ensuring senior management are appropriately trained and competent, establishing policies governing the regulated entity’s assets and investment growth, with prudential limits on the growth of mortgages and mortgage-backed securities, and reviewing policies at least annually. VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 2. Regarding the management of asset and investment portfolio growth, senior management should adhere to boardapproved policies governing growth in these areas, and ensure personnel are appropriately trained and competent to manage the growth. Risk Measurement, Monitoring, and Control 3. A regulated entity should manage its asset growth and investment growth in a prudent manner that is consistent with the regulated entity’s business strategy, boardapproved policies, risk tolerances, and safe and sound operations, and should establish prudential limits on the growth of its portfolios of mortgage loans and mortgage backed securities. 4. A regulated entity should manage asset growth and investment growth in a way that is compatible with mission goals and objectives. 5. A regulated entity should manage investments and acquisition of assets in a way that complies with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins). Standard 7—Investments and Acquisitions of Assets Responsibilities of the Board of Directors and Senior Management 1. The board of directors is responsible for overseeing the regulated entity’s investments and acquisition of other assets, ensuring senior management are appropriately trained and competent, and establishing, approving and periodically reviewing policies and procedures governing investments and acquisitions of other assets. Policies, Practices, and Procedures 2. A regulated entity should have a boardapproved investment policy that establishes clear and explicit guidelines that are appropriate to the regulated entity’s mission and objectives. The investment policy should establish the regulated entity’s investment objectives, risk tolerances, investment constraints, and policies and procedures for selecting investments. 3. A regulated entity should have a boardapproved policy governing acquisitions of major categories of assets other than investments. The policy should establish clear and explicit guidelines for asset acquisitions that are appropriate to the regulated entity’s mission and objectives. 4. A regulated entity should manage investments and acquisitions of assets prudently and in a manner that is consistent with mission goals and objectives. 5. Each Bank’s investment policies and acquisition of assets should take into account the importance of maintaining the market value of member stock commensurate with the par value of that stock so that the Bank is able to redeem and repurchase member stock at par value at all times. 6. A regulated entity should manage investments and acquisitions of assets in a way that complies with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins). PO 00000 Frm 00015 Fmt 4700 Sfmt 4700 33963 Standard 8—Overall Risk Management Processes Responsibilities of the Board of Directors 1. Regarding overall risk management processes, the board of directors is responsible for overseeing the process, ensuring senior management are appropriately trained and competent, ensuring processes are in place to identify, manage, monitor and control risk exposures (this function may be delegated to a board appointed committee), approving all major risk limits, and ensuring incentive compensation measures for senior management capture a full range of risks. Responsibilities of the Board and Senior Management 2. Regarding overall risk management processes, the board of directors and senior management should establish and sustain a culture that promotes effective risk management. This culture includes timely, accurate and informative risk reports, alignment of the regulated entity’s overall risk profile with its mission objectives, and the annual review of comprehensive selfassessments of material risks. Independent Risk Management Function 3. A regulated entity should have an independent risk management function, or unit, with responsibility for risk measurement and risk monitoring, including monitoring and enforcement of risk limits. 4. The chief risk officer should head the risk management function. 5. The chief risk officer should report directly to the chief executive officer and the risk committee of the board of directors. 6. The risk management function should have adequate resources, including a welltrained and capable staff. Risk Measurement, Monitoring, and Control 7. A regulated entity should measure, monitor, and control its overall risk exposures, reviewing market, credit, liquidity, and operational risk exposures on both a business unit (or business segment) and enterprise-wide basis. 8. A regulated entity should have the risk management systems to generate, at an appropriate frequency, the information needed to manage risk. Such systems should include systems for market, credit, operational, and liquidity risk analysis, asset and liability management, regulatory reporting, and performance measurement. 9. A regulated entity should have a comprehensive set of risk limits and monitoring procedures to ensure that risk exposures remain within established risk limits, and a mechanism for reporting violations and breaches of risk limits to senior management and the board of directors. 10. A regulated entity should ensure that it has sufficient controls around risk measurement models to ensure the completeness, accuracy, and timeliness of risk information. 11. A regulated entity should have adequate and well-tested disaster recovery and business resumption plans for all major E:\FR\FM\08JNR1.SGM 08JNR1 33964 Federal Register / Vol. 77, No. 111 / Friday, June 8, 2012 / Rules and Regulations systems and have remote facilitates to limit the impact of disruptive events. Applicable Laws, Regulations, and Policies 12. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the management of risk. Standard 9—Management of Credit and Counterparty Risk Responsibilities of the Board of Directors and Senior Management 1. Regarding the management of credit and counterparty risk, the board of directors and senior management are responsible for ensuring that the regulated entity has appropriate policies, procedures, and systems that cover all aspects of credit administration, including credit pricing, underwriting, credit limits, collateral standards, and collateral valuation procedures. This should also include derivatives and the use of clearing houses. They are also responsible for ensuring personnel are appropriately trained, competent, and equipped with the necessary tools, procedures and systems to assess risk. 2. Senior management should provide the board of directors with regular briefings and reports on credit exposures. Policies, Procedures, Controls, and Systems 3. A regulated entity should have policies that limit concentrations of credit risk and systems to identify concentrations of credit risk. 4. A regulated entity should establish prudential limits to restrict exposures to a single counterparty that are appropriate to its business model. 5. A regulated entity should establish prudential limits to restrict exposures to groups of related counterparties that are appropriate to its business model. 6. A regulated entity should have policies, procedures, and systems for evaluating credit risk that will enable it to make informed credit decisions. 7. A regulated entity should have policies, procedures, and systems for evaluating credit risk that will enable it to ensure that claims are legally enforceable. 8. A regulated entity should have policies and procedures for addressing problem credits. 9. A regulated entity should have an ongoing credit review program that includes stress testing and scenario analysis. pmangrum on DSK3VPTVN1PROD with RULES Applicable Laws, Regulations, and Policies 10. A regulated entity should manage credit and counterparty risk in a way that complies with applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins). Standard 10—Maintenance of Adequate Records 1. A regulated entity should maintain financial records in compliance with Generally Accepted Accounting Principles (GAAP), FHFA guidelines, and applicable laws and regulations. 2. A regulated entity should ensure that assets are safeguarded and financial and VerDate Mar<15>2010 14:57 Jun 07, 2012 Jkt 226001 operational information is timely and reliable. 3. A regulated entity should have a records retention program consistent with laws and corporate policies, including accounting policies, as well as personnel that are appropriately trained and competent to oversee and implement the records management plan. 4. A regulated entity, with oversight from the board of directors, should conduct a review and approval of the records retention program and records retention schedule for all types of records at least once every two years. 5. A regulated entity should ensure that reporting errors are detected and corrected in a timely manner. 6. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the maintenance of adequate records. Dated: May 31, 2012. Edward J. DeMarco, Acting Director, Federal Housing Finance Agency. [FR Doc. 2012–13997 Filed 6–7–12; 8:45 am] BILLING CODE 8070–01–P DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection DEPARTMENT OF THE TREASURY 19 CFR Parts 111 and 163 [CBP Dec. 12–12; USCBP–2009–0019] RIN 1515–AD66 (Formerly RIN 1505–AC12) Customs Broker Recordkeeping Requirements Regarding Location and Method of Record Retention U.S. Customs and Border Protection, Department of Homeland Security; Department of the Treasury. ACTION: Final rule. AGENCIES: This document adopts as a final rule, with an additional technical correction, proposed amendments to the Customs and Border Protection (CBP) regulations regarding customs broker recordkeeping requirements as they pertain to the location and method of record retention. The amendments permit a licensed customs broker, under prescribed conditions, to store records relating to his or her customs transactions at any location within the customs territory of the United States. The amendments also remove the requirement, as it currently applies to brokers who maintain separate electronic records, that certain entry records must be retained in their original format for the 120-day period SUMMARY: PO 00000 Frm 00016 Fmt 4700 Sfmt 4700 after the release or conditional release of imported merchandise. These changes maximize the use of available technologies and serve to conform CBP’s recordkeeping requirements to reflect modern business practices without compromising the agency’s ability to monitor and enforce recordkeeping compliance. DATES: Effective July 9, 2012. FOR FURTHER INFORMATION CONTACT: Anita Harris, Broker Compliance Branch, Trade Policy and Programs, Office of International Trade, Customs and Border Protection, 202–863–6069. SUPPLEMENTARY INFORMATION: Background On March 23, 2010, U.S. Customs and Border Protection (CBP) published in the Federal Register (75 FR 13699) a proposal to amend title 19 of the Code of Federal Regulations (19 CFR) regarding customs broker recordkeeping requirements as they pertain to the location and method of record retention. In that document, CBP proposed amendments to the CBP regulations to permit a licensed customs broker to store records relating to his or her customs transactions at any location within the customs territory of the United States, so long as the broker’s designated recordkeeping contact, identified in the broker’s permit application, makes all records available to CBP within a reasonable period of time from request at the broker district that covers the CBP port to which the records relate. The document also proposed to remove the requirement, as it applied to brokers who maintain separate electronic records, that certain entry records must be retained in their original format for the 120-day period after the release or conditional release of imported merchandise. CBP solicited comments on the proposed rulemaking. Discussion of Comments Eleven commenters responded to the solicitation of public comment in the proposed rule. Eight commenters expressed support for the proposed rulemaking, noting in particular that the proposed amendments serve to maximize the use of available technologies, increase efficiency and reduce the cost of storing records. Several of these eight commenters included additional suggestions. A description of the comments received, together with CBP’s analyses, is set forth below. Comment: One commenter requested that CBP issue guidance to the ports as to what constitutes a ‘‘reasonable time E:\FR\FM\08JNR1.SGM 08JNR1

Agencies

FEDERAL HOUSING FINANCE AGENCY

[Federal Register Volume 77, Number 111 (Friday, June 8, 2012)]
[Rules and Regulations]
[Pages 33950-33964]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2012-13997]


=======================================================================
-----------------------------------------------------------------------

FEDERAL HOUSING FINANCE AGENCY

12 CFR Part 1236

RIN 2590-AA13


Prudential Management and Operations Standards

AGENCY: Federal Housing Finance Agency.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: Section 1108 of the Housing and Economic Recovery Act of 2008 
(HERA) amended the Federal Housing Enterprises Financial Safety and 
Soundness Act of 1992 (Safety and Soundness Act) to require the Federal 
Housing Finance Agency (FHFA) to establish prudential standards 
(Standards) relating to the management and operations of the Federal 
National Mortgage Association (Fannie Mae), Federal Home Loan Mortgage 
Corporation (Freddie Mac), and Federal Home Loan Banks (Banks) 
(collectively, regulated entities). This final rule implements those 
HERA amendments by providing for the establishment of the Standards in 
the form of guidelines, which initially are set out in an appendix to 
the rule. The final rule includes other provisions relating to the 
possible consequences for a regulated entity that fails to operate in 
accordance with the Standards.

DATES: This final rule is effective on August 7, 2012. For additional

[[Page 33951]]

information, see SUPPLEMENTARY INFORMATION.

FOR FURTHER INFORMATION CONTACT: Anthony Cornyn, Senior Associate 
Director, Office of Offsite Monitoring and Analysis, 
Anthony.Cornyn@fhfa.gov, (202) 649-3303; Karen Walter, Senior Associate 
Director, Office of Examination Policy and Programs, 
Karen.Walter@fhfa.gov, (202) 649-3405; Neil R. Crowley, Deputy General 
Counsel, Office of the General Counsel, Neil.Crowley@fhfa.gov, (202) 
649-3055; or Michou Nguyen, Assistant General Counsel, Office of the 
General Counsel, Michou.Nguyen@fhfa.gov, (202) 649-3081; Federal 
Housing Finance Agency, 400 7th Street SW., Washington, DC 20024, (not 
toll free numbers). The telephone number for the Telecommunications 
Device for the Deaf is (800) 877-8339.

SUPPLEMENTARY INFORMATION: 

I. Background

A. HERA Requirements

    Effective July 30, 2008, HERA, Public Law 110-289, 122 Stat. 2654 
(2008), created FHFA as an independent agency of the Federal Government 
and transferred to it the supervisory and oversight responsibilities 
over the regulated entities formerly vested with the Office of Federal 
Housing Enterprise Oversight (OFHEO) and the Federal Housing Finance 
Board (Finance Board). Section 1108 of HERA also added a new section 
1313B to the Safety and Soundness Act, which requires the FHFA Director 
to establish standards that address 10 separate areas relating to the 
management and operation of the regulated entities, and authorizes the 
Director to establish the standards by regulation or by guideline. 12 
U.S.C. 4513b. Those 10 areas relate to: Adequacy of internal controls 
and information systems; adequacy and independence of the internal 
audit systems; management of interest rate risk; management of market 
risk; adequacy of liquidity and reserves; management of growth in 
assets and in the investment portfolio; management of investments and 
acquisition of assets to ensure that they are consistent with the 
purposes of the Safety and Soundness Act and the regulated entities' 
authorizing statutes; \1\ adequacy of overall risk management 
processes; adequacy of credit and counterparty risk management 
practices; and maintenance of records that allow an accurate assessment 
of the institution's financial condition. 12 U.S.C. 4513b(a)(1)-(10). 
Section 1313B(a) also specifically authorizes the Director to establish 
other appropriate management and operations standards. 12 U.S.C. 
4513b(a)(11).
---------------------------------------------------------------------------

    \1\ The authorizing statute for Fannie Mae is the Federal 
National Mortgage Association Charter Act (12 U.S.C. 1716-1723i), 
for Freddie Mac, the Federal Home Loan Mortgage Corporation Act (12 
U.S.C. 1451-1459), and for the Banks, the Federal Home Loan Bank Act 
(12 U.S.C. 1421-1449) (Bank Act). 12 U.S.C. 4502(3).
---------------------------------------------------------------------------

    Section 1313B(b)(1) addresses the possible consequences for a 
regulated entity that fails to meet any of the Standards, and provides 
that the Director ``shall require'' the regulated entity to submit a 
corrective plan if the Standards have been adopted by regulation and 
``may require'' the regulated entity to submit a corrective plan if the 
Standards have been adopted as guidelines. 12 U.S.C. 4513b(b)(1)(A). If 
a regulated entity is required to submit a corrective plan to FHFA, it 
must do so within thirty (30) days after the Director determines that 
it has failed to meet any Standard. That plan must specify the actions 
that the regulated entity will take to conform its practices to the 
requirements of the Standards. 12 U.S.C. 4513b(b)(1). FHFA generally 
must act on such plans within thirty (30) days after receipt. 12 U.S.C. 
4513b(b)(1)(C)(ii).
    Section 1313B(b)(2) also addresses the possible consequences for a 
regulated entity that fails to submit an acceptable plan within the 
required time period or that fails in any material respect to implement 
a corrective plan that the Director has approved. In those cases, the 
Director must order the regulated entity to correct the deficiency. 12 
U.S.C. 4513b(b)(2)(A). The Director also has the discretionary 
authority to order further sanctions, including limits on asset growth, 
increases in capital, or any other action the Director believes will 
better carry out the purposes of the statute, until the regulated 
entity meets the Standard. 12 U.S.C. 4513b(b)(2)(B). Although the 
imposition of those additional sanctions generally is a matter of 
discretion for the Director, if a regulated entity that has failed to 
submit or implement a corrective plan also has experienced 
``extraordinary growth'' within the preceding 18 months, the Director 
is then required to impose at least one of those additional sanctions. 
The remedial powers that the Director may invoke under the prudential 
standards provisions are not exclusive, and section 1313B(c) expressly 
preserves the Director's right to exercise any other supervisory or 
enforcement authority available under the Safety and Soundness Act. 12 
U.S.C. 4513b(c).

B. The Proposed Rule

    On June 20, 2011, FHFA proposed a rule to establish the Standards 
as guidelines, which were set out in an appendix to the proposed 
rule.\2\ The proposal included other provisions relating to procedures 
for FHFA to notify a regulated entity of its failure to meet the 
Standards and the possible consequences for doing so. The proposed rule 
did not subject the Banks' Office of Finance (OF) to the prudential 
standards regime because several of the Standards address matters that 
are not relevant to the OF, such as those relating to interest rate, 
market and credit risks, and investment portfolio growth, and because 
the relevant HERA provisions did not require the inclusion of the OF. 
The same is true with respect to the statutory sanctions for 
noncompliance with the Standards, which include limits on asset growth 
and mandatory increases in capital.
---------------------------------------------------------------------------

    \2\ 76 FR 35791 (June 20, 2011).
---------------------------------------------------------------------------

C. Considerations of Differences Between the Banks and the Enterprises

    Section 1313(f) of the Safety and Soundness Act, as amended by 
HERA, requires the Director, when promulgating regulations relating to 
the Banks, to consider differences between the Banks and the 
Enterprises (Fannie Mae and Freddie Mac) with respect to the Banks' 
cooperative ownership structure; mission of providing liquidity to 
members; affordable housing and community development mission; capital 
structure; and joint and several liability. In preparing this final 
rule, the Director considered the differences between the Banks and the 
Enterprises as they relate to the above factors, and determined that 
the rule is appropriate.
    In developing the proposed rule, FHFA differentiated between the 
Banks and the Enterprises in defining ``extraordinary growth'' by 
excluding Bank advances from the calculation of extraordinary growth. 
The proposed standards also included provisions relating to market 
value of equity and par value of capital stock, which applied only to 
the Banks. Those provisions recognized the Banks' mission of providing 
liquidity to members through advances, as well as their unique capital 
structure. As discussed below in Section II.B.2. of this final rule, 
FHFA has further refined the definition of extraordinary growth in 
response to the Banks' comments by using a longer-term six calendar 
quarter period as the basis for measuring such growth. The revised 
definition should make it less likely that the short-term

[[Page 33952]]

fluctuations in non-advance assets that occur between the time that a 
member repays an advance and the time that a Bank redeems or 
repurchases the underlying capital stock will be deemed to constitute 
extraordinary growth.
    FHFA considered the Banks' request for different treatment in other 
areas as well. The Banks, in their joint comment letter (Joint Bank 
Letter), cited the importance of advances to the Banks' mission and the 
history of no credit-default on advances in support of their request to 
be exempted from Sec.  1236.5(a)(1) of the proposed rule, which allows 
FHFA, among other things, to prohibit a regulated entity from 
increasing its average total assets if it fails to submit a corrective 
plan or fails to comply with an approved corrective plan. The Banks 
raised that same argument with respect to certain requirements under 
Standard 9 relating to credit concentration.\3\ With respect to Sec.  
1236.5(a)(1) of the proposed rule, that provision included a cross-
reference to a statutory definition of ``total assets,'' located at 12 
U.S.C. 4516(b)(4), because the Safety and Soundness Act explicitly 
mandates that FHFA use that definition in determining a regulated 
entity's ``total assets'' for purposes of imposing any growth 
limitations under the remedial provisions of Sec.  1236.5(a). The Banks 
contended that the statutory definition of total assets in 12 U.S.C. 
4516(b)(4) should not apply to them because that provision on its face 
applies only to the Enterprises. Although that is technically true, the 
HERA provision mandating the establishment of the prudential standards, 
12 U.S.C. 4513b(b)(2)(B)(i), explicitly incorporates that definition 
into the prudential standards regime, which effectively extends that 
definition to the Banks for purposes of this final rule. Moreover, that 
definition, which includes only a regulated entity's on-balance sheet 
assets, any mortgage-backed securities that it has issued or 
guaranteed, and any off-balance sheet obligations permitted by FHFA, 
can readily be applied to the Banks. Accordingly, FHFA has determined 
not to treat the Banks any differently from the Enterprises for 
purposes of the definition of ``total assets,'' as used in Sec.  
1236.5(a)(1). With respect to the comments about credit concentration, 
FHFA has determined that Sec.  1236.5(a)(1) could serve as an effective 
and necessary remedy in appropriate circumstances without jeopardizing 
the Banks' mission. Furthermore, the absence of any history of defaults 
on advances does not guarantee that future defaults would not occur. 
Therefore, FHFA did not adopt these suggestions in the final rule.
---------------------------------------------------------------------------

    \3\ See Joint Bank Letter at 7 and 10-11.
---------------------------------------------------------------------------

II. Final Rule

A. Overview

    In this final rule, FHFA establishes the Standards, which are 
attached in an Appendix, as guidelines, as is authorized by 12 U.S.C. 
4513b(a). By adopting the Standards as guidelines, rather than as 
regulations, the Director may modify, revoke, or add to any one or more 
of them at any time by order and without undertaking a notice and 
comment rulemaking. The final rule also establishes certain procedures 
related to the Standards, and sets out the processes by which FHFA can 
notify a regulated entity of its failure to operate in accordance with 
the Standards and can direct the entity to take corrective action. The 
final rule also specifies the possible consequences for any regulated 
entity that fails to operate in accordance with the Standards or 
otherwise fails to comply with this part.
    In adopting the final rule, FHFA considered the four comment 
letters received in response to the proposed rule. The twelve Banks 
jointly submitted one comment letter, and individual letters were 
received from Fannie Mae (Fannie Letter), Freddie Mac (Freddie Letter), 
and the Mortgage Insurance Companies of America (MICA Letter). FHFA 
adopted some of the commenters' recommendations, in some instances 
making changes to the language of several rule provisions and 
Standards, and in other instances providing clarification in the 
Supplementary Information.
    In response to certain comments regarding the inclusion within many 
of the proposed Standards of references to the responsibilities of the 
boards and management, FHFA has made two principal revisions to the 
Standards. First, FHFA has created an introductory section to the 
Standards, entitled ``General Responsibilities of the Board of 
Directors and Senior Management.'' Second, FHFA has revised the 
Standards to remove many of the references to specific obligations of 
the board and management from the individual standards.
    The introductory section does not constitute a separate Standard, 
and thus does not impose any additional requirement on the regulated 
entities. Instead, this section is intended to recite, in the context 
of the regulated entities and the Standards generally, common concepts 
of corporate governance that would be typical for the board and 
management of any financial institution. The introductory section also 
contains a reminder that the specified responsibilities found in the 
Standards are not a comprehensive listing of the responsibilities of 
either the boards of directors or senior management, each of whom have 
additional duties and responsibilities to those described in the 
Standards. The streamlining of certain principles under the other 
Standards is designed to simplify them and eliminate repetition. The 
final rule also makes several clarifying non-substantive changes to the 
wording of certain principles of the Standards and to the text of 
Sec. Sec.  1236.1, 1236.3(b), 1236.4(b), and 1236.5(b) and (c). With 
those exceptions, the overall approach to establishing the Standards 
used in the proposed rule remains the same in the final rule.
    The following discussion of the comments is divided into two 
sections. The first section discusses three comments that are general 
in nature. These comments relate to the definition of extraordinary 
growth, corporate governance and the role of boards of directors of 
regulated entities, and potential conflicts between the Standards and 
existing FHFA regulations, including those of the Finance Board and 
OFHEO that remain in effect. The second category consists of comments 
that relate to specific provisions of the proposed rule or Standards. 
For ease of reference, in discussing the comments on the specific 
principles that make up each Standard, FHFA refers to each principle 
using the number given to the principle in the proposed rule. Other 
than the modifications discussed in this section, FHFA is adopting the 
rule and Standards as proposed.

B. General Comments

1. Responsibility of Boards of Directors of Regulated Entities
    The Banks and the Enterprises both believe that the language of 
several Standards can be read as placing on boards of directors of 
regulated entities responsibilities that are above and beyond the 
fiduciary duties typically imposed by existing corporate law. They also 
believe that the proposed rule may be interpreted in a manner that 
distorts the conventional distinction between the respective roles of 
boards of directors and senior management.\4\
---------------------------------------------------------------------------

    \4\ See Joint Bank Letter at 2, Fannie Letter at 1-2, and 
Freddie Letter at 1-2.
---------------------------------------------------------------------------

    In response to these comments, FHFA has modified the Standards in a 
manner that clarifies the duties of the boards of directors but still 
preserves the intent of the Standards. As previously noted,

[[Page 33953]]

FHFA has also streamlined and combined many of the principles relating 
to responsibilities of boards of directors and imported certain 
universally applicable concepts from the individual Standards into the 
new introductory section of the Standards. FHFA notes that boards of 
directors of regulated entities are ultimately responsible for 
overseeing the operations of a regulated entity and are expected to 
understand and remain informed about the nature of the risks faced by a 
regulated entity, and to have in place appropriate policies and 
controls to manage those risks. FHFA did not intend to suggest in the 
proposed rule that the boards of directors must effectively assume the 
duties of senior management, such as by becoming involved in the day-
to-day operations of the entity, in order to carry out their oversight 
responsibilities.
2. Definition of Extraordinary Growth
a. Threshold for Extraordinary Growth
    The proposed rule included separate definitions of ``extraordinary 
growth'' for the Banks and for the Enterprises.\5\ For the Enterprises, 
``extraordinary growth'' was defined to mean, for a given calendar 
quarter, quarterly non-annualized growth of assets in excess of 7.5 
percent, with such growth occurring within the 18-month period 
preceding the date on which FHFA notified the Enterprise that it must 
submit a corrective plan to address a failure to operate in accordance 
with the Standards. For the Banks, the definition was the same except 
that it was based on the growth of ``non-advance assets'' rather than 
total assets. The Banks suggested expanding the definition of 
``extraordinary growth'' in Sec.  1236.2 of the proposed rule to 
include a 20 percent annualized combined six calendar quarter growth 
threshold in addition to the quarterly 7.5 percent threshold proposed 
by FHFA.\6\
---------------------------------------------------------------------------

    \5\ The concept of ``extraordinary growth'' becomes relevant 
only if a regulated entity has either failed to submit an acceptable 
corrective plan or has failed to implement an approved plan. The 
presence of ``extraordinary growth'' by itself does not trigger any 
of the supervisory sanctions under the prudential standards statute 
or this rule, although FHFA may invoke its other supervisory 
authorities if necessary to address asset growth that it believes 
poses safety and soundness concerns.
    \6\ See Joint Bank Letter at 3-5.
---------------------------------------------------------------------------

    The Banks argued that, due to the mechanics and time lags in the 
repayment of advances and redemption of capital stock, short-term 
quarterly fluctuations in non-advance assets are common and can distort 
the results of the 7.5 percent test. In support of their contention, 
the Banks stated that as of the date of their letter, 9 of the 12 Banks 
would have been considered to be experiencing extraordinary growth, as 
defined by the proposed rule. The Banks believed that implementing an 
additional threshold of 20 percent annualized growth over the entire 
six calendar quarter look-back period would resolve their issue.\7\ 
After careful consideration of the Banks' comment and conducting its 
own analysis, FHFA is persuaded that the proposed definition of 
extraordinary growth for the Banks could have resulted in Banks being 
deemed to have experienced extraordinary growth based on short-term 
fluctuations in their non-advance assets that should not necessarily be 
deemed to have been extraordinary, given the cooperative business model 
of the Banks. Accordingly, in the final rule FHFA is eliminating the 
7.5 percent threshold for the Banks and replacing it with a threshold 
of 30 percent non-annualized growth in non-advance assets over the 
entire six calendar quarter look-back period.\8\
---------------------------------------------------------------------------

    \7\ See Join Bank Letter at 3-5.
    \8\ For efficiency and clarity, FHFA is adopting a 30% non-
annualized growth threshold instead of the Banks' suggested 
threshold of 20% annualized growth, which would equal 31.45% growth 
over the six quarter time period.
---------------------------------------------------------------------------

b. Calculation of Extraordinary Growth
    The look-back trigger date for the determination of extraordinary 
growth is the date on which FHFA notifies a regulated entity that it 
has failed to operate in accordance with the Standards and must submit 
a corrective plan. In order to accommodate situations where the trigger 
date occurs in the middle of a calendar quarter, FHFA is interpreting 
the look-back period to be the six full calendar quarters \9\ 
immediately prior to the trigger date. For example, if FHFA notifies an 
Enterprise on September 15, 2012 that it must submit a corrective plan, 
the relevant six calendar quarters over which the extraordinary growth 
calculation would be made would be the first two quarters of 2012 and 
all four quarters in 2011. If the Enterprise had asset growth of more 
than 7.5 percent in any of those quarters, it would be deemed to have 
experienced extraordinary growth. For a Bank, utilizing the same dates, 
if its non-advance assets grew more than 30 percent from January 1, 
2011 (the beginning of the first quarter of 2011) to June 30, 2012 (the 
end of the second quarter of 2012), it would be deemed to have 
experienced extraordinary growth.
---------------------------------------------------------------------------

    \9\ Calendar quarters means January 1st to March 31st, April 1st 
to June 30th, July 1st to September 30th, and October 1st to 
December 31st.
---------------------------------------------------------------------------

c. Other Comments on Extraordinary Growth
    FHFA received the following additional comments with respect to the 
definition of extraordinary growth. The Banks' letter asked that FHFA 
apply the extraordinary growth test prospectively, such that only asset 
growth occurring after the effective date of the final rule would be 
considered.\10\ The Freddie Letter asked that FHFA follow the approach 
of the federal banking agencies, in which the definition would only 
apply to regulated entities that are not in the highest capital 
classification. The Freddie Letter also asked that, for the 
Enterprises, assets be measured using the criteria specified in 
determining compliance with the portfolio limit covenant of the Senior 
Stock Purchase agreement with the Department of the Treasury.\11\ Both 
Freddie and the Banks also advocated for the creation of a process by 
which a regulated entity could challenge FHFA's finding of 
extraordinary growth. The Banks also argued that FHFA should be 
required to submit its numerical analysis to the regulated entity to 
support its finding of extraordinary growth.\12\
---------------------------------------------------------------------------

    \10\ See Joint Bank Letter at 5.
    \11\ See Freddie Letter at 4.
    \12\ See Freddie Letter at 4 and Joint Bank letter at 5.
---------------------------------------------------------------------------

    Applying the extraordinary growth test using only asset growth that 
would occur after the effective date of the final rule would unduly 
delay the operation of that portion of the rule for at least 18 months, 
which FHFA does not believe is necessary given the revisions that it 
has made to the definition of extraordinary growth with respect to the 
Banks. FHFA also believes that modifying the definition of 
extraordinary growth with respect to the Enterprises to incorporate the 
portfolio limit covenant of the Senior Stock Purchase agreement is not 
appropriate. Under that covenant, the Enterprises are required to 
reduce their ``mortgage-related investments portfolios'' by 10 percent 
per year until reaching a specified limit, and FHFA does not believe 
that such a provision is appropriate for measuring growth of the 
Enterprises. With respect to limiting the application of extraordinary 
growth to those entities that are not in the highest capital 
classification, FHFA is not persuaded that the standards used for 
depository institutions are necessarily well-suited to the regulated 
entities, and the Safety and Soundness Act does not

[[Page 33954]]

mandate that the definition be limited in that manner. Moreover, the 
Standards address matters other than capital adequacy, and it is 
possible that an adequately-capitalized entity may fail to operate in 
accordance with the Standards. Lastly, FHFA does not believe that it is 
appropriate to include a method to contest a determination of 
extraordinary growth or to require FHFA to submit numerical analysis to 
justify a finding of extraordinary growth, as both steps would unduly 
delay the administration of the rule and remedies for failures to meet 
the Standards. Also, given that FHFA has revised the definition of 
extraordinary growth for the Banks, they should be able to assess 
FHFA's determination based on the data in their own call reports.
3. Potential Conflicts With FHFA Regulations
    The Banks believed that certain Standards conflict or overlap with 
other existing regulations, particularly the remaining regulations of 
the Finance Board.\13\ As noted when this rule was proposed, FHFA 
intends to review all of its regulations, as well as those of the 
Finance Board and OFHEO as it incorporates them into the FHFA 
regulations, to ensure conformity and eliminate conflicts and overlap. 
To address any potential issues that may arise until such review is 
completed, FHFA is amending Sec.  1236.3 of the proposed rule to 
provide that in cases of a direct conflict between a Standard and an 
FHFA regulation (including Finance Board and OFHEO regulations that 
remain in effect pursuant to sections 1302 and 1312 of HERA), the 
regulation would control. Additionally, in such cases, a regulated 
entity would not be held accountable for failing to meet the Standard 
and the remedial provisions in Sec. Sec.  1236.4 and 1236.5 relating to 
the failure to meet a Standard and the submission and implementation of 
a corrective plan would not apply. FHFA notes that in cases where it is 
possible for a regulated entity to comply with both a Standard and a 
regulation, such as when there is substantial overlap or when a 
Standard is more stringent than a regulation, FHFA does not consider 
this to be a direct conflict and expects regulated entities to comply 
with both the Standard and the regulation.
---------------------------------------------------------------------------

    \13\ See Joint Bank Letter at 1-2.
---------------------------------------------------------------------------

C. Specific Comments

1. Section 1236.3 (Prudential Standards as Guidelines)
    The Banks have requested that FHFA provide the opportunity for 
notice and comment on any future changes to the Standards and afford 
regulated entities at least a 90-day grace period to conform with such 
changes.\14\ The proposed rule would have allowed FHFA to update the 
Standards by order, as necessary to incorporate changes in best 
practices and to address particular supervisory concerns. That approach 
is clearly contemplated by the HERA amendments, which authorize the 
Director to adopt the Standards as regulations, which require formal 
notice and comment, or as guidelines, which do not. Although the final 
rule does not require the Director to go through a rulemaking process 
to amend the Standards, it does allow the Director the flexibility to 
seek public comment on particular changes to the guidelines, as the 
Director deems to be appropriate. FHFA believes that the decision to 
exercise the flexibility to seek public comment and to provide a grace 
period for regulated entities to align their practices with new or 
revised guidelines is best addressed on a case-by-case basis when 
future changes are proposed.
---------------------------------------------------------------------------

    \14\ See Joint Bank Letter at 2.
---------------------------------------------------------------------------

2. Section 1236.4 (Failure To Meet a Standard, Corrective Plans)
    The Banks have requested that in making any finding of a failure to 
meet a Standard pursuant to Sec.  1236.4(a), FHFA identify the relevant 
Standard and the basis for the determination. The Banks' letter also 
requests that FHFA create a process for a regulated entity to contest a 
finding of failure to meet a Standard, and a safe-harbor provision for 
a good faith effort to meet a Standard.\15\ FHFA has added language to 
Sec.  1236.4(b) of the final rule that would provide that the written 
notice that FHFA must provide to any regulated entity that is required 
to submit a corrective plan must inform the regulated entity of FHFA's 
determination. By adding that language, FHFA intends that any such 
notice would clearly identify the Standard and the substance of the 
regulated entity's failure to meet it. However, FHFA does not believe 
that the creation of a process to contest a finding of failure to meet 
a Standard is appropriate because it would unduly delay the remediation 
of the underlying problem and hinder FHFA's ability to carry out its 
oversight responsibilities. Furthermore, such a process is not required 
by statute. Unlike a violation of a statute or a regulation that has 
been adopted with force and effect of law, a regulated entity's failure 
to meet a Standard that has been adopted as a guideline would likely 
not trigger FHFA's administrative enforcement authority. Instead, a 
failure to meet a Standard would, in the absence of any other violation 
or unsafe or unsound conduct, trigger only those remedies provided by 
HERA with respect to the prudential standards regime.
---------------------------------------------------------------------------

    \15\ See Joint Bank Letter at 6.
---------------------------------------------------------------------------

    Section 1236.4(c) addresses the contents and filing requirements 
relating to a corrective plan. One provision of the proposed rule 
implemented a statutory provision, which provides that a regulated 
entity that is undercapitalized and is required to submit a capital 
restoration plan may submit the corrective plan required under these 
regulations as part of the capital restoration plan. 12 U.S.C. 
4513b(b)(1)(B). Section 1236.4(c)(2)(ii) of the proposed rule carried 
over the substance of the statutory provision, providing that a 
regulated entity that is required to file a capital restoration plan 
may, with the permission of FHFA, submit a corrective plan as part of 
the capital restoration plan. The proposed rule also expanded on the 
statutory authorization by allowing a regulated entity to submit its 
corrective plan as part of its response to any cease-and-desist order, 
agreement with FHFA, or a report of examination or inspection. The 
Banks have requested that FHFA remove the requirement for obtaining 
FHFA permission in order for a regulated entity to file its corrective 
plan as part of some other submission.\16\ In the final rule, in order 
to be consistent with the statutory language, FHFA is removing the 
requirement that a regulated entity obtain FHFA's permission before 
combining its corrective plan with a capital restoration plan. However, 
FHFA notes that in certain cases, a capital restoration plan and a 
corrective plan may well have little in common to justify their 
combination or may present matters that must be addressed on different 
timeframes. For example, a corrective plan will set out the actions 
that a regulated entity plans to take in order to conform its practices 
to one or more of the prudential standards and the timeframe for doing 
so. A capital restoration plan will address matters relating to the 
capital adequacy and may present issues of more compelling urgency that 
must be addressed before any other supervisory matters. In any

[[Page 33955]]

cases where combining a corrective plan and capital restoration plan 
would not be effective, FHFA may decline to consider a corrective plan 
as part of a capital restoration plan. Because the HERA amendments are 
permissive in nature, providing that a regulated entity ``may'' submit 
a corrective plan as part of a capital restoration plan, FHFA believes 
that it need not consider the two plans together if it believes there 
are valid supervisory reasons for evaluating them separately. Thus, 
FHFA expects that any undercapitalized entity that is contemplating 
submitting combined plans should first consult with FHFA to determine 
whether it would have any supervisory reasons for objecting to that 
approach. Furthermore, for similar reasons as stated above, FHFA has 
retained the requirement that a regulated entity obtain FHFA's 
permission before combining its corrective plan with another type of 
response to a supervisory action because FHFA believes that the 
discretion on whether it is desirable to combine a corrective plan with 
another type of response to a supervisory action, other than a capital 
restoration plan, must remain with FHFA. FHFA has made clarifying 
revisions to Sec.  1236.4(c)(2)(ii), which make clear that while it may 
be possible for a regulated entity to submit a corrective plan as part 
of a capital restoration plan, the corrective plan would not be ``part 
of'' a cease-and desist order, formal or informal agreement, or 
examination, even if it were to be submitted as part of a regulated 
entity's compliance with any such order, agreement, or response to an 
examination.
---------------------------------------------------------------------------

    \16\ See Joint Bank Letter at 6.
---------------------------------------------------------------------------

    Section 1236.4(e) addresses the period of time within which FHFA 
must act in response to the submission of a corrective plan. As a 
general matter, within thirty (30) calendar days of its receipt of a 
corrective plan, FHFA must notify the regulated entity of its decision 
on the plan (i.e., approval or denial), or of its need for additional 
information, or of its decision to extend the review period beyond 
thirty (30) calendar days. The Banks' letter requests that the decision 
to extend the review period be communicated in writing.\17\ FHFA is 
revising Sec.  1236.4(e) to adopt this suggestion.
---------------------------------------------------------------------------

    \17\ See Joint Bank Letter at 6.
---------------------------------------------------------------------------

3. Section 1236.5 (Failure To Submit a Corrective Plan, Noncompliance)
    The underlying statute sets forth certain actions that FHFA may 
take if a regulated entity has failed to timely submit an acceptable 
corrective plan or has failed to implement or otherwise comply with an 
approved corrective plan in any material respect. At a minimum, the 
Director must order the regulated entity to correct that deficiency. 
The Director also has the discretion under the statute to place limits 
on asset growth, require increases to capital, limit dividends and 
stock redemptions or repurchases, or require a minimum level of 
retained earnings, or take any other action that the Director deems 
would better carry out the purposes of the prudential standards 
statutory regime. 12 U.S.C. 4513b(b)(2)(B). The statute further 
provides that, if a regulated entity that has failed to submit or 
implement a corrective plan also has experienced ``extraordinary 
growth'' over the 18-month period preceding its failure to meet the 
Standards, the Director must impose at least one of the remedies listed 
above. Section 1236.5(a) and (b) of the proposed rule largely carried 
over those statutory requirements into the final rule.
    Freddie Mac's letter requests that materiality be factored into any 
determination of non-compliance with a corrective plan, and seeks 
clarification that any other remedy that the Director decides to impose 
must be deemed to be more effective than the five remedies listed in 
Sec.  1236.5(a).\18\ The Banks' letter requests that a regulated entity 
be afforded an opportunity to modify a corrective plan deemed 
unacceptable instead of being penalized for a failure to submit an 
acceptable plan.\19\ In response to Freddie Mac's comment, FHFA is 
revising Sec.  1236.5(a) to add in the words ``in any material 
respect'' in relation to a regulated entity's failure to implement an 
approved corrective plan, and is revising Sec.  1236.5(a)(6) to include 
language that any ``other actions'' that the Director may order must 
``better carry out'' the purposes of the statute, as that proviso also 
appears in the statute. FHFA also notes that it does not intend to 
penalize regulated entities that in good faith submit corrective plans 
that require modifications in order to be accepted by FHFA. FHFA would 
not deem a plan unacceptable unless a regulated entity fails to 
promptly modify it to provide for acceptable remediation, or submits a 
plan that is so significantly insufficient that it does not appear to 
be realistically susceptible of acceptable modification through the 
normal processes of discussion between a regulator and the regulated 
entity. With respect to the ``other actions'' that the Director may 
take under Sec.  1236.5(a)(6), FHFA does not interpret the ``better 
carry out'' proviso as requiring that any such ``other action'' must be 
taken in lieu of the enumerated remedies. Rather, FHFA believes that 
the proviso authorizes the Director to combine one or more of the 
enumerated remedies with any ``other action'' that the Director 
determines will better enable FHFA to ensure that the entity operates 
in accordance with the Standards.\20\
---------------------------------------------------------------------------

    \18\ See Freddie Letter at 4.
    \19\ See Joint Bank Letter at 7.
    \20\ As discussed in Section I.C. supra, the Banks requested 
that restrictions on increases in advances not be included as a 
possible remedy ordered by the Director. For the reasons previously 
stated, FHFA is not adopting the Banks' suggestion.
---------------------------------------------------------------------------

    Under Sec.  1236.5(c)(1), FHFA generally will notify a regulated 
entity that has failed to submit or implement a corrective plan of its 
intent to issue an order requiring the regulated entity to take 
corrective action. However, if the circumstances so require, Sec.  
1236.5(c)(4) provides that FHFA need not provide advance notice and may 
instead require a regulated entity immediately to take or refrain from 
taking actions to correct its failure to meet one or more of the 
Standards. Within fourteen (14) calendar days of the issuance of such 
an immediately effective order, unless otherwise specified by FHFA, a 
regulated entity may appeal the order in writing. FHFA will act on an 
appeal within sixty (60) days, during which time the order will remain 
in effect unless FHFA stays its effectiveness.
    The Banks have requested that FHFA clarify the circumstances under 
which the Director may invoke the provision in Sec.  1236.5(c)(4) and 
issue an immediately effective order. The Banks also believe that the 
sixty (60) days granted to FHFA to act on an appeal is too lengthy, 
especially when compared to the fourteen (14) days granted to a 
regulated entity to appeal an immediately effective order.\21\ FHFA 
believes that it is impractical to specify in advance all of the 
circumstances under which an immediately effective order might be 
necessary, and that the rule must allow the Director sufficient 
latitude to respond to various types of circumstances that may require 
immediate corrective action. Furthermore, FHFA believes that the 
safeguards provided by the appeal process, including the proposed time 
frames, as proposed, are appropriate.
---------------------------------------------------------------------------

    \21\ See Join Bank Letter at 7-8.
---------------------------------------------------------------------------

4. Standard 1 (Internal Controls and Information Systems) \22\
---------------------------------------------------------------------------

    \22\ The Joint Bank Letter cites several specific provisions in 
the Standards that the Banks believe either overlap or conflict with 
existing regulations. The issue of conflicts with regulations is 
addressed in section II.B.3. supra. Similarly, the Joint Bank 
Letter, the Fannie Mae Letter, and the Freddie Mac Letter cite 
several specific Standards in relation to corporate governance 
issues. Those comments are addressed comprehensively in section 
II.B.1. supra.
---------------------------------------------------------------------------

    The Banks and Freddie Mac both requested revisions to Standard 1,

[[Page 33956]]

believing that the scope of Principle 2 of proposed Standard 1, which 
requires the board of directors of a regulated entity to review and 
approve the overall business strategy and significant policies of the 
regulated entity, is overly broad. The Banks' letter suggests that the 
term ``significant policies'' should be defined only as internal 
controls that must be approved by the audit committee under the 
Sarbanes-Oxley Act, while Freddie Mac's letter suggests that the 
principle be limited to corporate governance rules of the national 
securities exchanges where a regulated entity's securities are 
listed.\23\ FHFA believes that having board-approved business 
strategies and significant policies are a key starting point for having 
effective internal controls and that narrowing the scope of Principle 2 
in the manner suggested would unnecessarily weaken the effectiveness of 
the principle.\24\
---------------------------------------------------------------------------

    \23\ See Joint Bank Letter at 8 and Freddie Letter at 2.
    \24\ In the final rule, proposed Principle 2 has been 
consolidated with proposed Principles 1, 3, and 4 into a final 
Principle 1. Portions of proposed Principle 2, including the 
requirement to review ``significant policies,'' have been relocated 
to part 1 of the general responsibilities section of the Standards 
in the final rule.
---------------------------------------------------------------------------

    Freddie Mac's letter states that proposed Principle 3, which 
requires the board of directors of a regulated entity to approve the 
entity's organizational structure, is too vague and overly burdensome. 
Freddie suggests either eliminating the principle or limiting its 
scope.\25\ FHFA disagrees with Freddie Mac's assessment and believes 
that, as drafted, the principle is an appropriate means to ensure that 
regulated entities have appropriate organizational structures that are 
part of a robust internal control function.\26\
---------------------------------------------------------------------------

    \25\ See Freddie Letter at 2.
    \26\ In the final rule, the substance of proposed Principle 3 
has been consolidated with proposed Principles 1, 2, and 4 into 
final Principle 1.
---------------------------------------------------------------------------

    In their letter, the Banks argue that the requirement to have a 
formal self-assessment process to monitor internal controls under 
proposed Principle 12 is redundant in light of the fact that the Banks 
must comply with Sarbanes-Oxley Act requirements relating to internal 
controls.\27\ However, the scope of Principle 12 is broader than the 
scope of the Sarbanes-Oxley requirements, as those requirements address 
internal controls for financial reporting, whereas Principle 12 is 
designed to address all types of internal controls. Therefore, FHFA 
does not believe that Principle 12 is redundant and is adopting it as 
proposed.\28\
---------------------------------------------------------------------------

    \27\ See Joint Bank Letter at 8.
    \28\ In the final rule, FHFA has consolidated proposed 
Principles 5 and 6 into final Principle 2; proposed Principles 7 
through 12 have been consolidated into final Principles 4 and 5 and 
certain concepts from those principles have been relocated to parts 
1 and 5 of the general responsibilities section. FHFA also made 
clarifying changes to proposed Principle 13 and renumbered it and 
other principles accordingly.
---------------------------------------------------------------------------

5. Standard 2 (Independence and Adequacy of Internal Audit Systems)
    The Banks have requested that proposed Principle 5, relating to 
internal audit systems, use the term ``testing'' instead of 
``monitoring'' because the Banks believe that audits are designed to 
test and not provide ongoing monitoring.\29\ Freddie Mac believes that 
the term ``internal audit system'' should be changed to ``internal 
audit function'' to avoid any suggestion that ``system'' means a fully 
automated system.\30\ FHFA is adopting both of these suggestions. In 
addition, FHFA is changing proposed Principle 10, in response to a 
comment by the Banks, to clarify the scope of the responsibilities of 
the internal audit department. This revision removes a requirement that 
the audit department must ``ensure'' that certain violations or 
findings are satisfactorily resolved because the auditors do not have 
operational responsibilities and thus cannot act to ``resolve'' the 
underlying matters. As revised, the Standard requires the audit 
department to determine whether the responsible parties within the 
organization have addressed the violations or findings.
---------------------------------------------------------------------------

    \29\ See Joint Bank Letter at 8.
    \30\ See Freddie Letter at 2.
---------------------------------------------------------------------------

6. Standard 3 (Management of Market Risk Exposure)
    Fannie Mae believes that proposed Principle 1, relating to market 
risk exposure, is redundant because proposed Principle 7, which 
requires the board of directors or a committee of the board to review 
risk exposures periodically, and proposed Principle 6 under Standard 8, 
which requires, among other things, that the board of directors and 
senior management be provided with accurate and timely reports on 
market risk exposure, sufficiently address the issue of market 
risk.\31\ FHFA believes that proposed Principle 1 is broader and 
different in focus than the other principles cited by Fannie Mae and 
should not be repealed. However, in an effort to streamline the board 
of responsibility requirements, the substance of proposed Principles 2, 
3, 4, 5, 6, and 7 have been merged into final Principles 2 and 3 and 
certain concepts have been relocated to parts 1 and 4 of the general 
responsibilities section.
---------------------------------------------------------------------------

    \31\ See Fannie Letter at 2-3.
---------------------------------------------------------------------------

    Proposed Principle 11 requires senior management to ensure that a 
regulated entity's policies and procedures identify remedial actions to 
be taken in the event that market risk limits are violated. The Banks 
argue that a particular future remedial action to be taken in response 
to a violation of the market risk limitations cannot be predetermined, 
and thus should not be required to be stated in their policies and 
procedures.\32\ In response to the comment, FHFA has revised the 
principle to require that if a market risk limit is breached, the board 
of directors must ensure that appropriate remedial action is taken.\33\ 
The Banks' letter asks FHFA to clarify that under proposed Principle 
12, which requires senior management to keep the board of directors 
sufficiently informed about market risk exposures, satisfactory 
monitoring by the board would generally include periodic monitoring of 
established market risk tolerances and limits and exception-based 
reporting.\34\ Although the actions identified by the Banks' letter may 
well be part of an acceptable process for identifying and managing 
market risk exposure, FHFA does not believe that it would be 
appropriate to specify that these particular actions would be 
sufficient to demonstrate compliance with the Standard. Because the 
level of market risk may vary from regulated entity to regulated 
entity, FHFA believes that the language of the proposed standard, which 
requires that the information provided to the board be sufficient for 
it to meaningfully assess market risk exposures, is a better approach. 
Accordingly, the final rule does not include the requested change. FHFA 
has, however, streamlined proposed Principles 3, 4, 5, 8, 9, 10, 12 and 
13 (which are now final Principles 3, 5, 6) and moved certain concepts 
to items 4, 6, and 8 of the general responsibilities section of the 
Standards.
---------------------------------------------------------------------------

    \32\ See Joint Bank Letter at 9.
    \33\ The substance of proposed Principle 11 has been reorganized 
into final Principles 2 and 6.
    \34\ See Joint Bank Letter at 9.
---------------------------------------------------------------------------

7. Standard 4 (Management of Market Risk--Measurement Systems, Risk 
Limits, Stress Testing, and Monitoring and Reporting)
    Proposed Principle 3 requires that a regulated entity's market risk

[[Page 33957]]

measurement system be capable of valuing all financial assets and 
liabilities in the entity's portfolio. The Banks' letter requests 
further clarification of the terms ``financial assets and 
liabilities.'' \35\ FHFA believes that these terms are widely 
understood and do not require additional clarification.
---------------------------------------------------------------------------

    \35\ See Joint Bank Letter at 9.
---------------------------------------------------------------------------

8. Standard 5 (Adequacy and Maintenance of Liquidity and Reserves)
    Proposed Principle 1 of this Standard requires a regulated entity's 
board to approve, at least annually, all major strategies and policies 
governing liquidity and reserves. The Banks' letter notes that Finance 
Board regulations Sec.  917.3(a)(2) and 917.3(b)(3)(iii) require the 
boards of directors of the Banks to review the risk management policy 
annually and re-adopt such policy at least every three years, which the 
Banks view as a direct conflict.\36\ FHFA does not believe that the 
regulations directly conflict with Principle 1 because the annual 
approval contemplated by the Standard would satisfy the requirement 
that the boards re-adopt policies at least every three years. However, 
FHFA has streamlined proposed Principles 1 and 2 into final Principle 
1, streamlined proposed Principles 3 and 4 into final Principle 2, and 
relocated some of the requirements to parts 1 and 2 of the general 
responsibilities section of the Standards.
---------------------------------------------------------------------------

    \36\ See Joint Bank Letter at 9.
---------------------------------------------------------------------------

9. Standard 6 (Management of Asset and Investment Portfolio Growth)
    Proposed Principle 2 generally requires the board of directors to 
establish policies governing asset and investment growth, including 
limits on growth of mortgage loans and mortgage-backed securities. The 
Banks asked that FHFA revise this provision to make clear that it is 
not intended to apply to the growth of advances or letters of credits 
by the Banks.\37\ FHFA has decided not to make any changes to the text 
of the principle to exempt advances and standby letters of credit from 
these requirements because it believes that the Banks should monitor 
growth in those products to ensure that the Banks are not taking any 
undue risks. That said, the requirement that the Banks must have 
policies relating to growth in advances and letters of credit does not 
mean that the Banks must establish numerical limits for those products. 
Instead, it would be sufficient for the Banks to have policies that 
link growth in advances and letters of credit to factors such as the 
financial condition of the members, the amount and quality of the 
collateral, the members' collateral management practices, and prudent 
underwriting standards. FHFA notes that it has combined proposed 
Principles 1 and 2 into final Principle 1; streamlined proposed 
Principles 3 and 4 (renumbered as final Principles 2 and 3); moved 
certain concepts in proposed Principles 1, 2, and 3 to items 1, 2, and 
5 in the general responsibilities section of the Standards; and 
reorganized the subheadings in Standard 6.
---------------------------------------------------------------------------

    \37\ See Joint Bank Letter at 9-10.
---------------------------------------------------------------------------

10. Standard 7 (Investments and Acquisitions of Assets)
    Proposed Standard 7 implements a statutory requirement that FHFA 
adopt Standards that relate to a regulated entity's ``investments and 
acquisitions of assets'' to ensure that they are consistent with the 
regulated entity's chartering statute and the Safety and Soundness Act. 
Several principles under Standard 7 utilize the terms ``investments'' 
and ``other assets,'' neither of which is defined, and Freddie Mac has 
asked that FHFA clarify the meaning of ``other assets.'' \38\ FHFA 
considers ``investments'' to mean all assets held by the regulated 
entity for the purpose of yielding a return but that are not related to 
its core mission as a GSE. In the case of the Banks, ``investments'' 
would include things such as federal funds sold, repurchase agreements, 
and investment securities. In the case of the Enterprises, investments 
would include things such as federal funds and investment securities. 
``Other assets'' are all assets held by the regulated entity other than 
``investments,'' including mission related assets such as advances and 
acquired member assets in the case of the Banks and mortgage loans in 
the case of the Enterprises. FHFA notes that the final rule has 
streamlined proposed Principles 1 and 2 into final Principle 1 and 
replaced a subheading within Standard 7.
---------------------------------------------------------------------------

    \38\ See Freddie Mac Letter at 3.
---------------------------------------------------------------------------

11. Standard 8 (Overall Risk Management Processes)
    The final rule revises proposed Principle 11 (renumbered as final 
Principle 5) to state that the chief risk officer should report 
directly to both the chief executive officer and the risk committee of 
the board of directors. This change is being made to conform proposed 
Principle 11 to the recommended practices issued by other financial 
regulators.\39\ The final rule also combines proposed Principles 1 
through 4 into final Principle 1 and proposed Principles 5 through 8 
into final Principle 2 and certain concepts from these principles have 
been relocated to items 2 and 4 of the general responsibilities section 
of the Standards.
---------------------------------------------------------------------------

    \39\ Proposed Principle 11 has been renumbered as final 
Principle 5.
---------------------------------------------------------------------------

12. Standard 9 (Management of Credit Counterparty Risk)
    In light of a pending joint rulemaking on derivative instruments by 
the Commodity Futures Trading Commission (``CFTC'') and the Securities 
and Exchange Commission (``SEC''), the Banks' letter requests that FHFA 
suspend proposed Principle 2, relating to policies and procedures for 
the use of derivative instruments, until the completion of the CFTC and 
SEC rulemaking.\40\ FHFA has decided not to suspend this principle 
until the joint rulemaking is complete because the Banks currently use 
derivative instruments and should already have appropriate derivative 
policies in place, even in the absence of final rulemaking by the CFTC 
and SEC. FHFA expects that those policies will need to be modified 
after the issuance of final rules by the CFTC and SEC relating to the 
use of clearinghouses and exchanges for derivatives trades.\41\
---------------------------------------------------------------------------

    \40\ See Joint Bank Letter at 10.
    \41\ Proposed Principles 1, 2, and 3 have been streamlined and 
combined into final Principle 1 and certain concepts have been 
relocated to items 1 and 2 of the general responsibilities section 
of the Standards.
---------------------------------------------------------------------------

    Proposed Principle 4 \42\ requires senior management to brief the 
board regularly on a regulated entity's credit exposure including, 
among other things, ``problem credits,'' and proposed Principle 10 
requires entities to have policies for addressing such ``problem 
credits.'' The Banks' letter requests that FHFA exclude advances from 
the scope of the term ``problem credits'' because the Banks have never 
sustained any credit losses on advances. The Banks further argue that 
the programs that they currently have in place to assess, monitor, 
measure, and report credit risk are sufficient.\43\ As previously 
noted, the historical absence of credit losses on advances does not 
guarantee that there will be no future losses and does not justify 
excluding advances from the scope of Principles 4 and 10.\44\
---------------------------------------------------------------------------

    \42\ Proposed Principle 4 has been streamlined and renumbered as 
final Principle 2.
    \43\ See Joint Bank Letter at 10.
    \44\ In order to streamline Standard 9, the requirement to 
address problem credits has been removed from Principle 4 but still 
exists in Principle 8 (formerly Principle 10).
---------------------------------------------------------------------------

    The Banks again cite the historical absence of credit losses on 
advances to argue that proposed Principle 5

[[Page 33958]]

(renumbered as final Principle 3), which requires a regulated entity to 
have policies that limit concentrations of credit risk and systems that 
can identify such concentrations, should not apply to them.\45\ For the 
same reasons discussed in the previous paragraph, FHFA believes that 
proposed Principle 5 should apply to all regulated entities. 
Concentrations of credit risk for the Banks may be present in their 
advances business as well as in other areas of their business, such as 
extensions of unsecured credit and derivatives transactions, as well as 
the investment portfolio. The existence of those other sources of risk 
requires that the Banks have systems in place that can identify such 
concentration of risk, as well as policies to limit those concentration 
risks. Although the secured nature of advances and the lien priority 
that is afforded to the Banks lessen the risks to a Bank resulting from 
a concentration of advances to certain borrowers, the risks exist and 
the Banks should have in place policies for addressing them. Given the 
unique nature of advances and the Banks' cooperative business model, 
FHFA expects that a Bank's policies and limits relating to 
concentrations arising from its advances business may well differ from 
those relating to concentrations arising from other sources.
---------------------------------------------------------------------------

    \45\ See Joint Bank Letter at 11.
---------------------------------------------------------------------------

    MICA's letter suggests that FHFA expand proposed Principle 8 
(renumbered as final Principle 6) to not only require that regulated 
entities have procedures and policies in place to make informed credit 
decisions at the outset, but to also require that such procedures are 
employed on an ongoing basis and include the use of back-testing to 
ensure that the initial credit decisions are validated and to reveal 
any need for further improvement in credit-risk protocols.\46\ FHFA 
does not believe that the extra procedures requested by MICA are 
necessary at this time.
---------------------------------------------------------------------------

    \46\ See MICA Letter at 2.
---------------------------------------------------------------------------

    Proposed Principle 11 (renumbered as final Principle 9) requires a 
regulated entity to have a system of independent, ongoing credit 
review, including stress testing and scenario analysis. The Banks' 
letter seeks clarification of the scope of the term ``independent 
ongoing credit review.'' \47\ In response to the comment, FHFA is 
revising Principle 11 to more specifically identify the type of ongoing 
credit review program envisioned by this principle.
---------------------------------------------------------------------------

    \47\ See Joint Bank Letter at 11.
---------------------------------------------------------------------------

13. Standard 10 (Maintenance of Adequate Records)
    In response to a comment from the Banks, FHFA is changing the term 
``records management plan'' to ``record retention program'' in proposed 
Principle 3 \48\ to better align it with the terminology of part 1235 
of the FHFA regulations (12 CFR part 1235), which addresses record 
retention requirements for the regulated entities.\49\ In response to a 
comment from Freddie Mac, FHFA is modifying proposed Principle 4 to 
make it clear that the scope of the records management plan includes 
all records and not just the records of the board of directors.\50\ 
Lastly, in response to a comment by the Banks requesting clarification 
as to what type of ``reporting errors'' or ``irregularities'' must be 
detected and corrected, FHFA is revising proposed Principle 5 to delete 
the term ``irregularities.'' \51\ FHFA believes that the term 
``reporting errors'' is sufficiently clear. The final rule also deletes 
the subheading that appears before proposed Principle 6.
---------------------------------------------------------------------------

    \48\ The numbering of the principles in Standard 10 has not 
changed from the proposed rule to the final rule.
    \49\ See Joint Bank Letter at 11.
    \50\ See Freddie Mac Letter at 3.
    \51\ See Joint Bank Letter at 11.
---------------------------------------------------------------------------

D. Introduction--General Responsibilities for Boards and Management

    As discussed previously, the final version of the Standards 
includes an introductory section dealing with the general 
responsibilities of the boards and management of the regulated 
entities. That new section consists of the following three parts: 
Responsibilities of the board of directors, responsibilities of senior 
management, and joint responsibilities of the board and senior 
management. Each section is compiled from concepts that had been 
included as part of the Principles under most of the 10 proposed 
Standards. FHFA believes that grouping these generally applicable board 
of directors and senior management responsibilities in an introductory 
section, rather than dispersing them over 10 separate Standards, 
improves the presentation and clarity of the Standards. As stated 
previously, the introductory section is intended to provide an overview 
of what FHFA believes to be typical director and officer 
responsibilities in the context of financial institutions generally, as 
well as in the context of the Standards.
1. Board of Director Responsibilities
    Items 1 through 4 of the general responsibilities section address 
responsibilities of boards of directors. Item 1 requires the board of 
directors, with respect to each subject matter addressed by each 
Standard, to adopt appropriate business strategies, policies, and 
procedures. It also requires boards to review such strategies, policies 
and procedures periodically and approve all major strategies, policies, 
and procedures annually. The next item addresses the board's 
responsibility in overseeing management and ensuring that management 
includes qualified personnel. Items 3 and 4 require boards to remain 
informed about the operations of a regulated entity and about specific 
risks and exposures, including market, credit, and counterparty risk. 
These items also address the need to establish risk tolerances and 
remedy any violation of those risk limits.
2. Senior Management Responsibilities
    Items 5 through 8 of the general responsibilities section address 
the responsibilities of senior management of the regulated entities. 
Item 5 requires senior management, with respect to each subject matter 
addressed by each Standard, to develop the policies, procedures, and 
practices that are necessary to implement the business strategies and 
policies adopted by the board of directors. Senior management should 
also ensure that the policies, procedures, and practices are followed 
by all personnel and that such personnel are competent and 
appropriately trained. Item 6 requires senior management to ensure that 
the regulated entity has adequate resources, systems, and controls to 
effectively execute the entity's business strategies, policies and 
procedures, including operating consistently with each of the 
Standards. The last two items, 7 and 8, address the need for senior 
management to keep the board of directors informed through periodic 
reports and discussions.
3. Joint Responsibilities
    Items 9 and 10 (formerly Principle 13 of proposed Standard 1 and 
Principle 7 of proposed Standard 8, respectively) of the general 
responsibilities section require the board of directors and senior 
management to conduct themselves in a manner that promotes high ethical 
standards and a culture of compliance throughout the organization. The 
board of directors and senior management are also required to ensure 
that the regulated entity's overall risk profile is aligned with its 
mission objectives.

[[Page 33959]]

III. Paperwork Reduction Act

    The final rule does not contain any information collection 
requirement that requires the approval of the Office of Management and 
Budget under the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et 
seq.).

IV. Regulatory Flexibility Act

    The final rule applies only to the Banks and the Enterprises, which 
do not come within the meaning of small entities as defined in the 
Regulatory Flexibility Act (5 U.S.C. 601 et seq.). See 5 U.S.C. 650(b). 
Therefore, FHFA certifies that this final rule will not have 
significant economic impact on a substantial number of small entities.

List of Subjects in 12 CFR Part 1236

    Administrative practice and procedure, Federal home loan banks, 
Government-sponsored enterprises, Reporting and recordkeeping 
requirements.

    For the reasons stated in the Supplementary Information, FHFA 
amends chapter XII of title 12 of the Code of Federal Regulations by 
adding part 1236 to subchapter B to read as follows:

PART 1236--PRUDENTIAL MANAGEMENT AND OPERATIONS STANDARDS

Sec.
1236.1 Purpose.
1236.2 Definitions.
1236.3 Prudential standards as guidelines.
1236.4 Failure to meet a standard; corrective plans.
1236.5 Failure to submit a corrective plan; noncompliance.
Appendix to Part 1236--Prudential Management and Operations 
Standards

    Authority: 12 U.S.C. 4511, 4513(a) and (f), 4513b, and 4526.


Sec.  1236.1  Purpose.

    This part establishes the prudential management and operations 
standards that are required by 12 U.S.C. 4513b and the processes by 
which FHFA can notify a regulated entity of its failure to operate in 
accordance with the standards and can direct the entity to take 
corrective action. This part further specifies the possible 
consequences for any regulated entity that fails to operate in 
accordance with the standards or otherwise fails to comply with this 
part.


Sec.  1236.2  Definitions.

    Unless otherwise indicated, terms used in this part have the 
meanings that they have in the Federal Housing Enterprises Financial 
Safety and Soundness Act, 12 U.S.C. 4501 et seq., or the Federal Home 
Loan Bank Act, 12 U.S.C. 1421 et seq.
    Extraordinary growth--(1) For purposes of 12 U.S.C. 4513b(b)(3)(C), 
means:
    (i) With respect to a Bank, growth of non-advance assets in excess 
of 30 percent over the six calendar quarter period preceding the date 
on which FHFA notified the Bank that it was required to submit a 
corrective plan; and
    (ii) With respect to an Enterprise, quarterly non-annualized growth 
of assets in excess of 7.5 percent in any calendar quarter during the 
six calendar quarter period preceding the date on which FHFA notified 
the Enterprise that it was required to submit a corrective plan.
    (2) For purposes of calculating an increase in assets, assets 
acquired through merger or acquisition approved by FHFA are not to be 
included.
    FHFA means the Federal Housing Finance Agency.
    Standards means any one or more of the prudential management and 
operations standards established by the Director pursuant to 12 U.S.C. 
4513b(a), as modified from time to time pursuant to Sec.  1236.3(b).


Sec.  1236.3  Prudential standards as guidelines.

    (a) The Standards constitute the prudential management and 
operations standards required by 12 U.S.C. 4513b.
    (b) The Standards have been adopted as guidelines, as authorized by 
12 U.S.C. 4513b(a), and the Director may modify, revoke, or add to the 
Standards, or any one or more of them, at any time by order or notice.
    (c) In the case of a direct conflict between a Standard and an FHFA 
regulation, when it is not possible to comply with both the Standard 
and the FHFA regulation, the regulation shall control.
    (d) Failure to meet any Standard may constitute an unsafe and 
unsound practice for purposes of the enforcement provisions of 12 
U.S.C. chapter 46, subchapter III.


Sec.  1236.4  Failure to meet a standard; corrective plans.

    (a) Determination. FHFA may, based upon an examination, inspection 
or any other information, determine that a regulated entity has failed 
to meet one or more of the Standards.
    (b) Submission of corrective plan. If FHFA determines that a 
regulated entity has failed to meet any Standard, FHFA may require the 
entity to submit a corrective plan, in which case FHFA shall, by 
written notice, inform the regulated entity of that determination and 
the requirement to submit a corrective plan.
    (c) Corrective plans.--(1) Contents of plan. A corrective plan 
shall describe the actions the regulated entity will take to correct 
its failure to meet any one or more of the Standards, and the time 
within which each action will be taken.
    (2) Filing deadline.--(i) In general. A regulated entity must file 
a written corrective plan with FHFA within thirty (30) calendar days of 
being notified by FHFA of its failure to meet a Standard and need to 
file a corrective plan, unless FHFA notifies the regulated entity in 
writing that the plan must be filed within a different time period.
    (ii) Other plans. If a regulated entity must file a capital 
restoration plan submitted pursuant to 12 U.S.C. 4622, it may submit 
the corrective plan required under this section as part of the capital 
restoration plan, subject to the deadline in paragraph (c)(2)(i) of 
this section. If a regulated entity currently is operating under a 
cease-and-desist order entered into pursuant to 12 U.S.C. 4631 or 4632, 
or a formal or informal agreement, or must file a response to a report 
of examination or report of inspection, it may, with the permission of 
FHFA, submit the corrective plan required under this section as part of 
the regulated entity's compliance with that order, agreement or 
response, subject to the deadline in paragraph (c)(2)(i) of this 
section, but the corrective plan would not become a part of the order, 
agreement, or response.
    (d) Amendment of corrective plan. A regulated entity that is 
operating in accordance with an approved corrective plan may submit a 
written request to FHFA to amend the plan as necessary to reflect any 
changes in circumstance. Until such time that FHFA approves a proposed 
amendment, the regulated entity must continue to operate in accordance 
with the terms of the corrective plan as previously approved.
    (e) Review of corrective plans and amendments. Within thirty (30) 
calendar days of receiving a corrective plan or proposed amendment to a 
plan, FHFA will notify the regulated entity in writing of its decision 
on the plan, will direct the regulated entity to submit additional 
information, or will notify the regulated entity in writing that FHFA 
has established a different deadline.


Sec.  1236.5  Failure to submit a corrective plan; noncompliance.

    (a) Remedies. If a regulated entity fails to submit an acceptable 
corrective plan under Sec.  1236.4(b), or fails in any material respect 
to implement or

[[Page 33960]]

otherwise comply with an approved corrective plan, FHFA shall order the 
regulated entity to correct that deficiency, and may:
    (1) Prohibit the regulated entity from increasing its average total 
assets, as defined in 12 U.S.C. 4516(b)(4), for any calendar quarter 
over its average total assets for the preceding calendar quarter, or 
may otherwise restrict the rate at which the average total assets of 
the regulated entity may increase from one calendar quarter to another;
    (2) Prohibit the regulated entity from paying dividends;
    (3) Prohibit the regulated entity from redeeming or repurchasing 
capital stock;
    (4) Require the regulated entity to maintain or increase its level 
of retained earnings;
    (5) Require an Enterprise to increase its ratio of core capital to 
assets, or require a Bank to increase its ratio of total capital, as 
defined in 12 U.S.C. 1426(a)(5), to assets; or
    (6) Require the regulated entity to take any other action that the 
Director determines will better carry out the purposes of the statute 
by bringing the regulated entity into conformance with the Standards.
    (b) Extraordinary growth. If a regulated entity that has failed to 
submit an acceptable corrective plan or has failed in any material 
respect to implement or otherwise comply with an approved corrective 
plan, also has experienced extraordinary growth, FHFA shall impose at 
least one of the sanctions listed in paragraph (a) of this section, 
consistently with the requirements of 12 U.S.C. 4513b(b)(3).
    (c) Orders.--(1) Notice. Except as provided in paragraph (c)(4) of 
this section, FHFA will notify a regulated entity in writing of its 
intent to issue an order requiring the regulated entity to correct its 
failure to submit or its failure in any material respect to implement 
or otherwise comply with an approved corrective plan. Any such notice 
will include:
    (i) A statement that the regulated entity has failed to submit a 
corrective plan under Sec.  1236.4, or has not implemented or otherwise 
has not complied in any material respect with an approved plan;
    (ii) A description of any sanctions that FHFA intends to impose 
and, in the case of the mandatory sanctions required by 12 U.S.C. 
4513b(b)(3), a statement that FHFA believes that the regulated entity 
has experienced extraordinary growth; and
    (iii) The proposed date when any sanctions would become effective 
or the proposed date for completion of any required actions.
    (2) Response to notice. A regulated entity may file a written 
response to a notice of intent to issue an order, which must be 
delivered to FHFA within fourteen (14) calendar days of the date of the 
notice, unless FHFA determines that a different time period is 
appropriate in light of the safety and soundness of the regulated 
entity or other relevant circumstances. The response should include:
    (i) An explanation why the regulated entity believes that the 
action proposed by FHFA is not an appropriate exercise of discretion;
    (ii) Any recommended modification of the proposed order; and
    (iii) Any other relevant information, mitigating circumstances, 
documentation or other evidence in support of the position of the 
regulated entity regarding the proposed order.
    (3) Failure to file response. A regulated entity's failure to file 
a written response within the specified time period will constitute a 
waiver of the opportunity to respond and will constitute consent to 
issuance of the order.
    (4) Immediate issuance of final order. FHFA may issue an order 
requiring a regulated entity immediately to take actions to correct a 
Standards deficiency or to take or refrain from taking other actions 
pursuant to paragraph (a) of this section. Within fourteen (14) 
calendar days of the issuance of an order under this paragraph, or 
other time period specified by FHFA, a regulated entity may submit a 
written appeal of the order to FHFA. FHFA will respond in writing to a 
timely filed appeal within sixty (60) days after receiving the appeal. 
During this period, the order will remain in effect unless FHFA stays 
the effectiveness of the order.
    (d) Request for modification or rescission of order. A regulated 
entity subject to an order under this part may submit a written request 
to FHFA for an amendment to the order to reflect a change in 
circumstance. Unless otherwise ordered by FHFA, the order shall 
continue in place while such a request is pending before FHFA.
    (e) Agency review and determination. FHFA will respond in writing 
within thirty (30) days after receiving a response or amendment 
request, unless FHFA notifies the regulated entity in writing that it 
will respond within a different time period. After considering a 
regulated entity's response or amendment request, FHFA may:
    (1) Issue the order as proposed or in modified form;
    (2) Determine not to issue the order and instead issue a different 
order; or
    (3) Seek additional information or clarification of the response 
from the regulated entity, or any other relevant source.

Appendix to Part 1236--Prudential Management and Operations Standards

General Responsibilities of the Board of Directors and Senior 
Management

    The following provisions address the general responsibilities of 
the boards of directors and senior management of the regulated 
entities as they relate to the matters addressed by each of the 
Standards. The descriptions are not a comprehensive listing of the 
responsibilities of either the boards or senior management, each of 
whom have additional duties and responsibilities to those described 
in these Standards.

Responsibilities of the Board of Directors

    1. With respect to the subject matter addressed by each 
Standard, the board of directors is responsible for adopting 
business strategies, policies, and procedures that are appropriate 
for the particular subject matter. The board should review all such 
strategies, policies, and procedures periodically, and should review 
and approve all major strategies and policies at least annually, and 
make any revisions that are necessary to ensure that they remain 
consistent with the entity's overall business plan.
    2. The board of directors is responsible for overseeing 
management of the regulated entity, which includes ensuring that 
management includes personnel who are appropriately trained and 
competent to oversee the operation of the regulated entity as it 
relates to the functions and requirements addressed by each 
Standard, and that management implements the policies and procedures 
set forth by the board.
    3. The board of directors is responsible for remaining informed 
about the operations and condition of the regulated entity, 
including operating consistently with the Standards, and senior 
management's implementation of the strategies, policies and 
procedures established by the board of directors.
    4. The board of directors must remain sufficiently informed 
about the nature and level of the regulated entity's overall risk 
exposures, including market, credit, and counterparty risk, so that 
it can understand the possible short- and long-term effects of those 
exposures on the financial health of the regulated entity, including 
the possible short- and long-term consequences to earnings, 
liquidity, and economic value. The board of directors should: 
establish the regulated entity's risk tolerances and should provide 
management with clear guidance regarding the level of acceptable 
risks; review the regulated entity's entire market risk management 
framework, including policies and entity-wide risk limits at least 
annually; oversee the adequacy of the actions taken by senior 
management to identify, measure, manage, and control the regulated 
entity's risk exposures; and ensure that management takes 
appropriate corrective measures whenever market risk limit 
violations or breaches occur.

[[Page 33961]]

Responsibilities of Senior Management

    5. With respect to the subject matter addressed by each 
Standard, senior management is responsible for developing the 
policies, procedures and practices that are necessary to implement 
the business strategies and policies adopted by the board of 
directors. Senior management should ensure that such items are 
clearly written, sufficiently detailed, and are followed by all 
personnel. Senior management also should ensure that the regulated 
entity has personnel who are appropriately trained and competent to 
carry out their respective functions and that all delegated 
responsibilities are performed.
    6. Senior management should ensure that the regulated entity has 
adequate resources, systems and controls available to execute 
effectively the entity's business strategies, policies and 
procedures, including operating consistently with each of the 
Standards.
    7. Senior management should provide the board of directors with 
periodic reports relating to the regulated entity's condition and 
performance, including the subject matter addressed by each of the 
Standards, that are sufficiently detailed to allow the board of 
directors to remain fully informed about the business of the 
regulated entity.
    8. Senior management should regularly review and discuss with 
the board of directors information regarding the regulated entity's 
risk exposures that is sufficient in detail and timeliness to permit 
the board of directors to understand and assess the performance of 
management in identifying and managing the various risks to which 
the regulated entity is exposed.

Responsibilities of the Board of Directors and Senior Management

    9. The board of directors and senior management should conduct 
themselves in such a manner as to promote high ethical standards and 
a culture of compliance throughout the organization.
    10. The board of directors and senior management should ensure 
that the regulated entity's overall risk profile is aligned with its 
mission objectives.
    The following provisions constitute the prudential management 
and operations standards established pursuant to 12 U.S.C. 4513b(a).

Standard 1--Internal Controls and Information Systems

Responsibilities of the Board of Directors

    1. Regarding internal controls and information systems, the 
board of directors of each regulated entity should adopt appropriate 
policies, ensure personnel are appropriately trained and competent, 
approve and periodically review overall business strategies, approve 
the organizational structure, and assess the adequacy of senior 
management's oversight of this function.

Responsibilities of Senior Management

    2. Regarding internal controls and information systems, senior 
management should implement strategies and policies approved by the 
board of directors, establish appropriate policies, monitor the 
adequacy and effectiveness of this function, and ensure personnel 
are appropriately trained and competent. The organizational 
structure should clearly assign responsibility, authority, and 
reporting relationships.

Responsibilities of the Board of Directors and Senior Management

    3. Regarding internal controls and information systems, both the 
board of directors and senior management should promote high ethical 
standards, create a culture that emphasizes the importance of this 
function, and promptly address any issues in need of remediation.

Framework

    4. The regulated entity should have an adequate and effective 
system of internal controls, which should include a board approved 
organizational structure that clearly assigns responsibilities, 
authority, and reporting relationships, and establishes an 
appropriate segregation of duties that ensures that personnel are 
not assigned conflicting responsibilities.
    5. The regulated entity should establish appropriate internal 
control policies and should monitor the adequacy and effectiveness 
of its internal controls and information systems on an ongoing basis 
through a formal self-assessment process.
    6. The regulated entity should have an organizational culture 
that emphasizes and demonstrates to personnel at all levels the 
importance of internal controls.
    7. The regulated entity should address promptly any violations, 
findings, weaknesses, deficiencies, and other issues in need of 
remediation relating to the internal control systems.

Risk Recognition and Assessment

    8. A regulated entity should have an effective risk assessment 
process that ensures that management recognizes and continually 
assesses all material risks, including credit risk, market risk, 
interest rate risk, liquidity risk, and operational risk.

Control Activities and Segregation of Duties

    9. A regulated entity should have an effective internal control 
system that defines control activities at every business level.
    10. A regulated entity's control activities should include:
    a. Board of directors and senior management reviews of progress 
toward goals and objectives;
    b. Appropriate activity controls for each business unit;
    c. Physical controls to protect property and other assets and 
limit access to property and systems;
    d. Procedures for monitoring compliance with exposure limits and 
follow-up on non-compliance;
    e. A system of approvals and authorizations for transactions 
over certain limits; and
    f. A system for verification and reconciliation of transactions.

Information and Communication

    11. A regulated entity should have information systems that 
provide relevant, accurate and timely information and data.
    12. A regulated entity should have secure information systems 
that are supported by adequate contingency arrangements.
    13. A regulated entity should have effective channels of 
communication to ensure that all personnel understand and adhere to 
policies and procedures affecting their duties and responsibilities.

Monitoring Activities and Correcting Deficiencies

    14. A regulated entity should monitor the overall effectiveness 
of its internal controls and key risks on an ongoing basis and 
ensure that business units and internal and external audit conduct 
periodic evaluations.
    15. Internal control deficiencies should be reported to senior 
management and the board of directors on a timely basis and 
addressed promptly.

Applicable Laws, Regulations, and Policies

    16. A regulated entity should comply with all applicable laws, 
regulations, and supervisory guidance (e.g., advisory bulletins) 
governing internal controls and information systems.

Standard 2--Independence and Adequacy of Internal Audit Systems

Audit Committee

    1. A regulated entity's board of directors should have an audit 
committee that exercises proper oversight and adopts appropriate 
policies and procedures designed to ensure the independence of the 
internal audit function. The audit committee should ensure that the 
internal audit department includes personnel who are appropriately 
trained and competent to oversee the internal audit function.
    2. The board of directors should review and approve the audit 
committee charter at least every three years.
    3. The audit committee of the board of directors is responsible 
for monitoring and evaluating the effectiveness of the regulated 
entity's internal audit function.
    4. Issues reported by the internal audit department to the audit 
committee should be promptly addressed and satisfactorily resolved.

Internal Audit Function

    5. A regulated entity should have an internal audit function 
that provides for adequate testing of the system of internal 
controls.
    6. A regulated entity should have an independent and objective 
internal audit department that reports directly to the audit 
committee of the board of directors.
    7. A regulated entity's internal audit department should be 
adequately staffed with properly trained and competent personnel.
    8. The internal audit department should conduct risk-based 
audits.
    9. The internal audit department should conduct adequate testing 
and review of internal control and information systems.
    10. The internal audit department should determine whether 
violations, findings, weaknesses and other issues reported by 
regulators, external auditors, and others have been promptly 
addressed.

[[Page 33962]]

Applicable Laws, Regulations, and Policies

    11. A regulated entity should comply with applicable laws, 
regulations, and supervisory guidance (e.g., advisory bulletins) 
governing the independence and adequacy of internal audit systems.

Standard 3--Management of Market Risk Exposure

Responsibilities of the Board of Directors

    1. Regarding the overall management of market risk exposure, the 
board of directors should remain sufficiently informed about the 
nature and level of the regulated entity's market risk exposures. At 
least annually, the board should review the entire market risk 
framework, including policies and risk limits, and provide an 
assessment of compliance.
    2. Regarding the policies, practices and procedures surrounding 
the management of market risk, the board of directors should approve 
all major strategies and policies relating to the management of 
market risk, ensure all major strategies and policies are consistent 
with the overall business plan, establish and communicate a market 
risk tolerance, and ensure appropriate corrective measures are taken 
when market risk limit violations or breaches occur.
    3. The board, or a board appointed committee, should oversee the 
adequacy of actions taken by senior management to identify, measure, 
manage, and control market risk exposures, ensure market risk 
policies establish lines of authority and responsibility, and review 
risk exposures on a periodic basis.

Responsibilities of Senior Management

    4. Regarding the overall management of market risk exposure, 
senior management should provide sufficient and timely information 
to the board of directors, ensure personnel are appropriately 
trained and competent, ensure adequate systems and resources are 
available to manage and control market risk, report any breaches to 
the board of directors (or the appropriate board committee), and 
take appropriate remedial action.
    5. Regarding the policies, practices, and procedures surrounding 
market risk exposure, senior management should ensure market risk 
policies and procedures are clearly written, sufficiently detailed, 
and followed. Approved policies and procedures should include clear 
market risk limits and lines of authority for managing market risk.

Market Risk Strategy

    6. A regulated entity should have a clearly defined and well-
documented strategy for managing market risk, which must be 
consistent with its overall business plan, must enable the regulated 
entity to identify, manage, monitor, and control the regulated 
entity's risk exposures on a business unit and an enterprise-wide 
basis, and must ensure that the lines of authority and 
responsibility for managing market risk and monitoring market risk 
limits are clearly identified. The strategy should specify a target 
account, or target accounts, for managing market risk (e.g., specify 
whether the objective is to control risk to earnings, net portfolio 
value, or some other target, or some combination of targets), and, 
if a market risk limit is breached, should require that the breach 
be reported to the board of directors, or the appropriate board 
committee, and that appropriate remedial action, including any 
ordered by the board of directors, should be taken.
    7. Management should ensure that the board of directors is made 
aware of the advantages and disadvantages of the regulated entity's 
chosen market risk management strategy, as well as those of 
alternative strategies, so that the board of directors can make an 
informed judgment about the relative efficacy of the different 
strategies.
    8. A Bank's strategy for managing market risk should take into 
account the importance of maintaining the market value of equity of 
member stock commensurate with the par value of that stock so that 
the Bank is able to redeem and repurchase member stock at par value.
    9. A regulated entity should comply with all applicable laws, 
regulations, and supervisory guidance, (e.g., advisory bulletins) 
governing the independence and adequacy of the management of market 
risk exposure.

Standard 4--Management of Market Risk--Measurement Systems, Risk 
Limits, Stress Testing, and Monitoring and Reporting

 Risk Measurement Systems

    1. A regulated entity should have a risk measurement system (a 
model or models) that capture(s) all material sources of market risk 
and provide(s) meaningful and timely measures of the regulated 
entity's risk exposures, as well as personnel who are appropriately 
trained and competent to operate and oversee the risk measurement 
system.
    2. The risk measurement system should be capable of estimating 
the effect of changes in interest rates and other key risk factors 
on the regulated entity's earnings and market value of equity over a 
range of scenarios.
    3. The measurement system should be capable of valuing all 
financial assets and liabilities in the regulated entity's 
portfolio.
    4. The measurement system should address all material sources of 
market risk including repricing risk, yield curve risk, basis risk, 
and options risk.
    5. Management should ensure the integrity and timeliness of the 
data inputs used to measure the regulated entity's market risk 
exposures, and should ensure that assumptions and parameters are 
reasonable and properly documented.
    6. The measurement system's methodologies, assumptions, and 
parameters should be thoroughly documented, understood by 
management, and reviewed on a regular basis.
    7. A regulated entity's market risk model should be upgraded 
periodically to incorporate advances in risk modeling technology.
    8. A regulated entity should have a documented approval process 
for model changes that requires model changes to be authorized by a 
party independent of the party making the change.
    9. A regulated entity should ensure that its models are 
independently validated on a regular basis.

Risk Limits

    10. Risk limits should be consistent with the regulated entity's 
strategy for managing interest rate risk and should take into 
account the financial condition of the regulated entity, including 
its capital position.
    11. Risk limits should address the potential impact of changes 
in market interest rates on net interest income, net income, and the 
regulated entity's market value of equity.

Stress Testing

    12. A regulated entity should conduct stress tests on a regular 
basis for a variety of institution-specific and market-wide stress 
scenarios to identify potential vulnerabilities and to ensure that 
exposures are consistent with the regulated entity's tolerance for 
risk.
    13. A regulated entity should use stress test outcomes to adjust 
its market risk management strategies, policies, and positions and 
to develop effective contingency plans.
    14. Special consideration should be given to ensuring that 
complex financial instruments, including instruments with complex 
option features, are properly valued under stress scenarios and that 
the risks associated with options exposures are properly understood.
    15. Management should ensure that the regulated entity's board 
of directors or a committee thereof considers the results of stress 
tests when establishing and reviewing its strategies, policies, and 
limits for managing and controlling interest rate risk.
    16. The board of directors and senior management should review 
periodically the design of stress tests to ensure that they 
encompass the kinds of market conditions under which the regulated 
entity's positions and strategies would be most vulnerable.

Monitoring and Reporting

    17. A regulated entity should have an adequate management 
information system for reporting market risk exposures.
    18. The board of directors, senior management, and the 
appropriate line managers should be provided with regular, accurate, 
informative, and timely market risk reports.

Applicable Laws, Regulations, and Policies

    19. A regulated entity should comply with all applicable laws, 
regulations, and supervisory guidance (e.g., advisory bulletins) 
governing the management of market risk.

Standard 5--Adequacy and Maintenance of Liquidity and Reserves

Responsibilities of the Board of Directors

    1. Regarding the adequacy and maintenance of liquidity and 
reserves, the board of directors should review (at least annually) 
all major strategies and policies governing this area, approve 
appropriate revisions to such strategies and policies, and ensure 
senior management are appropriately trained to effectively manage 
liquidity.

[[Page 33963]]

Responsibilities of Senior Management

    2. Regarding the adequacy and maintenance of liquidity and 
reserves, senior management should develop strategies, policies, and 
practices to manage liquidity risk, ensure personnel are 
appropriately trained and competent, and provide the board of 
directors with periodic reports on the regulated entity's liquidity 
position.

Policies, Practices, and Procedures

    3. A regulated entity should establish a liquidity management 
framework that ensures it maintains sufficient liquidity to 
withstand a range of stressful events.
    4. A regulated entity should articulate a liquidity risk 
tolerance that is appropriate for its business strategy and its 
mission goals and objectives.
    5. A regulated entity should have a sound process for 
identifying, measuring, monitoring, controlling, and reporting its 
liquidity position and its liquidity risk exposures.
    6. A regulated entity should establish a funding strategy that 
provides effective diversification in the sources and tenor of 
funding.
    7. A regulated entity should conduct stress tests on a regular 
basis for a variety of institution-specific and market-wide stress 
scenarios to identify sources of potential liquidity strain and to 
ensure that current exposures remain in accordance with each 
regulated entity's established liquidity risk tolerance.
    8. A regulated entity should use stress test outcomes to adjust 
its liquidity management strategies, policies, and positions and to 
develop effective contingency plans.
    9. A regulated entity should have a formal contingency funding 
plan that clearly sets out the strategies for addressing liquidity 
shortfalls in emergencies. Where practical, contingent funding 
sources should be tested or drawn on periodically to assess their 
reliability and operational soundness.
    10. A regulated entity should maintain adequate reserves of 
liquid assets, including adequate reserves of unencumbered, 
marketable securities that can be liquidated to meet unexpected 
needs.

Applicable Laws, Regulations, and Policies

    11. A regulated entity should comply with all applicable laws, 
regulations, and supervisory guidance (e.g., advisory bulletins) 
governing the adequacy and maintenance of liquidity and reserves.

Standard 6--Management of Asset and Investment Portfolio Growth

Responsibilities of the Board of Directors and Senior Management

    1. Regarding the management of asset and investment portfolio 
growth, the board of directors is responsible for overseeing the 
management of growth in these areas, ensuring senior management are 
appropriately trained and competent, establishing policies governing 
the regulated entity's assets and investment growth, with prudential 
limits on the growth of mortgages and mortgage-backed securities, 
and reviewing policies at least annually.
    2. Regarding the management of asset and investment portfolio 
growth, senior management should adhere to board-approved policies 
governing growth in these areas, and ensure personnel are 
appropriately trained and competent to manage the growth.

Risk Measurement, Monitoring, and Control

    3. A regulated entity should manage its asset growth and 
investment growth in a prudent manner that is consistent with the 
regulated entity's business strategy, board-approved policies, risk 
tolerances, and safe and sound operations, and should establish 
prudential limits on the growth of its portfolios of mortgage loans 
and mortgage backed securities.
    4. A regulated entity should manage asset growth and investment 
growth in a way that is compatible with mission goals and 
objectives.
    5. A regulated entity should manage investments and acquisition 
of assets in a way that complies with all applicable laws, 
regulations, and supervisory guidance (e.g., advisory bulletins).

Standard 7--Investments and Acquisitions of Assets

Responsibilities of the Board of Directors and Senior Management

    1. The board of directors is responsible for overseeing the 
regulated entity's investments and acquisition of other assets, 
ensuring senior management are appropriately trained and competent, 
and establishing, approving and periodically reviewing policies and 
procedures governing investments and acquisitions of other assets.

Policies, Practices, and Procedures

    2. A regulated entity should have a board-approved investment 
policy that establishes clear and explicit guidelines that are 
appropriate to the regulated entity's mission and objectives. The 
investment policy should establish the regulated entity's investment 
objectives, risk tolerances, investment constraints, and policies 
and procedures for selecting investments.
    3. A regulated entity should have a board-approved policy 
governing acquisitions of major categories of assets other than 
investments. The policy should establish clear and explicit 
guidelines for asset acquisitions that are appropriate to the 
regulated entity's mission and objectives.
    4. A regulated entity should manage investments and acquisitions 
of assets prudently and in a manner that is consistent with mission 
goals and objectives.
    5. Each Bank's investment policies and acquisition of assets 
should take into account the importance of maintaining the market 
value of member stock commensurate with the par value of that stock 
so that the Bank is able to redeem and repurchase member stock at 
par value at all times.
    6. A regulated entity should manage investments and acquisitions 
of assets in a way that complies with all applicable laws, 
regulations, and supervisory guidance (e.g., advisory bulletins).

Standard 8--Overall Risk Management Processes

Responsibilities of the Board of Directors

    1. Regarding overall risk management processes, the board of 
directors is responsible for overseeing the process, ensuring senior 
management are appropriately trained and competent, ensuring 
processes are in place to identify, manage, monitor and control risk 
exposures (this function may be delegated to a board appointed 
committee), approving all major risk limits, and ensuring incentive 
compensation measures for senior management capture a full range of 
risks.

Responsibilities of the Board and Senior Management

    2. Regarding overall risk management processes, the board of 
directors and senior management should establish and sustain a 
culture that promotes effective risk management. This culture 
includes timely, accurate and informative risk reports, alignment of 
the regulated entity's overall risk profile with its mission 
objectives, and the annual review of comprehensive self-assessments 
of material risks.

Independent Risk Management Function

    3. A regulated entity should have an independent risk management 
function, or unit, with responsibility for risk measurement and risk 
monitoring, including monitoring and enforcement of risk limits.
    4. The chief risk officer should head the risk management 
function.
    5. The chief risk officer should report directly to the chief 
executive officer and the risk committee of the board of directors.
    6. The risk management function should have adequate resources, 
including a well-trained and capable staff.

Risk Measurement, Monitoring, and Control

    7. A regulated entity should measure, monitor, and control its 
overall risk exposures, reviewing market, credit, liquidity, and 
operational risk exposures on both a business unit (or business 
segment) and enterprise-wide basis.
    8. A regulated entity should have the risk management systems to 
generate, at an appropriate frequency, the information needed to 
manage risk. Such systems should include systems for market, credit, 
operational, and liquidity risk analysis, asset and liability 
management, regulatory reporting, and performance measurement.
    9. A regulated entity should have a comprehensive set of risk 
limits and monitoring procedures to ensure that risk exposures 
remain within established risk limits, and a mechanism for reporting 
violations and breaches of risk limits to senior management and the 
board of directors.
    10. A regulated entity should ensure that it has sufficient 
controls around risk measurement models to ensure the completeness, 
accuracy, and timeliness of risk information.
    11. A regulated entity should have adequate and well-tested 
disaster recovery and business resumption plans for all major

[[Page 33964]]

systems and have remote facilitates to limit the impact of 
disruptive events.

Applicable Laws, Regulations, and Policies

    12. A regulated entity should comply with all applicable laws, 
regulations, and supervisory guidance (e.g., advisory bulletins) 
governing the management of risk.

Standard 9--Management of Credit and Counterparty Risk

Responsibilities of the Board of Directors and Senior Management

    1. Regarding the management of credit and counterparty risk, the 
board of directors and senior management are responsible for 
ensuring that the regulated entity has appropriate policies, 
procedures, and systems that cover all aspects of credit 
administration, including credit pricing, underwriting, credit 
limits, collateral standards, and collateral valuation procedures. 
This should also include derivatives and the use of clearing houses. 
They are also responsible for ensuring personnel are appropriately 
trained, competent, and equipped with the necessary tools, 
procedures and systems to assess risk.
    2. Senior management should provide the board of directors with 
regular briefings and reports on credit exposures.

Policies, Procedures, Controls, and Systems

    3. A regulated entity should have policies that limit 
concentrations of credit risk and systems to identify concentrations 
of credit risk.
    4. A regulated entity should establish prudential limits to 
restrict exposures to a single counterparty that are appropriate to 
its business model.
    5. A regulated entity should establish prudential limits to 
restrict exposures to groups of related counterparties that are 
appropriate to its business model.
    6. A regulated entity should have policies, procedures, and 
systems for evaluating credit risk that will enable it to make 
informed credit decisions.
    7. A regulated entity should have policies, procedures, and 
systems for evaluating credit risk that will enable it to ensure 
that claims are legally enforceable.
    8. A regulated entity should have policies and procedures for 
addressing problem credits.
    9. A regulated entity should have an ongoing credit review 
program that includes stress testing and scenario analysis.

Applicable Laws, Regulations, and Policies

    10. A regulated entity should manage credit and counterparty 
risk in a way that complies with applicable laws, regulations, and 
supervisory guidance (e.g., advisory bulletins).

Standard 10--Maintenance of Adequate Records

    1. A regulated entity should maintain financial records in 
compliance with Generally Accepted Accounting Principles (GAAP), 
FHFA guidelines, and applicable laws and regulations.
    2. A regulated entity should ensure that assets are safeguarded 
and financial and operational information is timely and reliable.
    3. A regulated entity should have a records retention program 
consistent with laws and corporate policies, including accounting 
policies, as well as personnel that are appropriately trained and 
competent to oversee and implement the records management plan.
    4. A regulated entity, with oversight from the board of 
directors, should conduct a review and approval of the records 
retention program and records retention schedule for all types of 
records at least once every two years.
    5. A regulated entity should ensure that reporting errors are 
detected and corrected in a timely manner.
    6. A regulated entity should comply with all applicable laws, 
regulations, and supervisory guidance (e.g., advisory bulletins) 
governing the maintenance of adequate records.

    Dated: May 31, 2012.
Edward J. DeMarco,
Acting Director, Federal Housing Finance Agency.
[FR Doc. 2012-13997 Filed 6-7-12; 8:45 am]
BILLING CODE 8070-01-P

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.