Responsibilities of Boards of Directors, Corporate Practices and Corporate Governance Matters, 72327-72341 [2015-29367]
Download as PDF
72327
Rules and Regulations
Federal Register
Vol. 80, No. 223
Thursday, November 19, 2015
This section of the FEDERAL REGISTER
contains regulatory documents having general
applicability and legal effect, most of which
are keyed to and codified in the Code of
Federal Regulations, which is published under
50 titles pursuant to 44 U.S.C. 1510.
The Code of Federal Regulations is sold by
the Superintendent of Documents. Prices of
new books are listed in the first FEDERAL
REGISTER issue of each week.
DEPARTMENT OF AGRICULTURE
Animal and Plant Health Inspection
Service
7 CFR Part 301
[Docket No. APHIS–2015–0016]
Amendment of Asian Longhorned
Beetle Quarantine Areas in
Massachusetts and New York
Animal and Plant Health
Inspection Service, USDA.
AGENCY:
Affirmation of interim rule as
final rule.
ACTION:
We are adopting as a final
rule, without change, an interim rule
that amended the Asian longhorned
beetle (ALB) regulations by removing
the boroughs of Manhattan and Staten
Island in New York City, as well as the
counties of Suffolk and Norfolk in the
State of Massachusetts, from the list of
quarantined areas for ALB. The interim
rule was necessary to relieve restrictions
on the movement of regulated articles
from areas no longer under ALB
quarantine. As a result of the interim
rule, movement of such articles from
areas no longer under quarantine can
proceed while preventing the artificial
spread of ALB from infested areas to
noninfested areas of the United States.
SUMMARY:
Effective on November 19, 2015,
we are adopting as a final rule the
interim rule published at 80 FR 48001–
48002 on August 11, 2015.
DATES:
Ms.
Claudia Ferguson, Senior Regulatory
Policy Specialist, Regulatory
Coordination and Compliance, Imports,
Regulations, and Manuals, PPQ, APHIS,
4700 River Road Unit 133, Riverdale,
MD 20737–1231; (301) 851–2352;
Claudia.Ferguson@aphis.usda.gov.
wgreen on DSK2VPTVN1PROD with RULES
FOR FURTHER INFORMATION CONTACT:
SUPPLEMENTARY INFORMATION:
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
Background
FEDERAL HOUSING FINANCE BOARD
rule 1
In an interim
effective and
published in the Federal Register on
August 11, 2015 (80 FR 48001–48002,
Docket No. APHIS–2015–0016), we
amended the Asian longhorned beetle
(ALB) regulations in 7 CFR part 301 by
removing the boroughs of Manhattan
and Staten Island in New York City, as
well as the counties of Suffolk and
Norfolk in the State of Massachusetts,
from the list of quarantined areas for
ALB.
Comments on the interim rule were
required to be received on or before
September 10, 2015. We did not receive
any comments. Therefore, for the
reasons given in the interim rule, we are
adopting the interim rule as a final rule
without change.
This action also affirms the
information contained in the interim
rule concerning Executive Order 12866
and the Regulatory Flexibility Act,
Executive Orders 12372 and 12988, and
the Paperwork Reduction Act.
Further, for this action, the Office of
Management and Budget has waived its
review under Executive Order 12866.
List of Subjects in 7 CFR Part 301
Agricultural commodities, Plant
diseases and pests, Quarantine,
Reporting and recordkeeping
requirements, Transportation.
PART 301—DOMESTIC QUARANTINE
NOTICES
Accordingly, we are adopting as a
final rule, without change, the interim
rule that amended 7 CFR part 301 and
that was published at 80 FR 48001–
48002 on August 11, 2015.
Done in Washington, DC, this 12th day of
November 2015.
Kevin Shea,
Administrator, Animal and Plant Health
Inspection Service.
[FR Doc. 2015–29542 Filed 11–18–15; 8:45 am]
BILLING CODE 3410–34–P
1 To view the interim rule, go to https://
www.regulations.gov/#!docketDetail;D=APHIS2015-0016.
PO 00000
Frm 00001
Fmt 4700
Sfmt 4700
12 CFR Parts 914 and 917
FEDERAL HOUSING FINANCE
AGENCY
12 CFR Parts 1236 and 1239
DEPARTMENT OF HOUSING AND
URBAN DEVELOPMENT
Office of Federal Housing Enterprise
Oversight
12 CFR Parts 1710 and 1720
RIN 2590–AA59
Responsibilities of Boards of
Directors, Corporate Practices and
Corporate Governance Matters
Federal Housing Finance
Board; Federal Housing Finance
Agency; Office of Federal Housing
Enterprise Oversight.
ACTION: Final rule.
AGENCY:
The Federal Housing Finance
Agency (FHFA) is amending its
regulations by relocating and
consolidating certain regulations of its
predecessor agencies—the Federal
Housing Finance Board (Finance Board)
and Office of Federal Housing
Enterprise Oversight (OFHEO)—that
pertain to the responsibilities of boards
of directors, corporate practices, and
corporate governance matters. The
OFHEO regulations addressed corporate
governance matters at the Federal
National Mortgage Association (Fannie
Mae) and the Federal Home Loan
Mortgage Corporation (Freddie Mac)
(collectively, the Enterprises), while the
Finance Board regulations addressed the
powers and responsibilities of the
boards of directors and management of
the Federal Home Loan Banks (Banks).
The final rule consolidates most of those
regulations into a new FHFA regulation,
parts of which will apply to both the
Banks and the Enterprises (together,
regulated entities), and parts of which
will apply only to the Banks or only to
the Enterprises. Most of the content of
the new regulations has been derived
from the regulations of the predecessor
agencies, with such modifications as are
necessary to apply the regulations to all
of the regulated entities, to respond to
issues raised by the commenters, or to
clarify the regulatory text. The final rule
SUMMARY:
E:\FR\FM\19NOR1.SGM
19NOR1
72328
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
also amends the Prudential Management
and Operations Standards (Prudential
Standards) provisions by designating
certain introductory language—which
pertains to the general responsibilities
of senior management and boards of
directors—as a separate Prudential
Standard. The final rule also repeals a
provision of the OFHEO regulations that
related to minimum safety and
soundness requirements for the
Enterprises.
DATES: The final rule is effective on
December 21, 2015.
FOR FURTHER INFORMATION CONTACT:
Amy Bogdon, Associate Director,
Division of Federal Home Loan Bank
Regulation, at Amy.Bogdon@fhfa.gov or
(202) 649–3320, or Neil R. Crowley,
Deputy General Counsel, Office of
General Counsel, at Neil.Crowley@
fhfa.gov or (202) 649–3055 (not toll-free
numbers), Federal Housing Finance
Agency, Constitution Center, 400 7th
Street SW., Washington, DC 20024. The
telephone number for the
Telecommunications Device for the
Hearing Impaired is (800) 877–8339.
SUPPLEMENTARY INFORMATION:
wgreen on DSK2VPTVN1PROD with RULES
I. Background
A. Proposed Rule
On January 28, 2014, FHFA published
a proposed rule that would relocate,
revise, and consolidate into a new
FHFA regulation certain of the rules of
the predecessor agencies that dealt with
corporate practices and governance at
the Banks and the Enterprises.1 The
proposed rule was one phase of FHFA’s
ongoing project to repeal or relocate
remaining OFHEO and Finance Board
regulations. Both predecessor agencies
had regulations addressing director
responsibilities, corporate practices, and
corporate governance matters. Pursuant
to the Housing and Economic Recovery
Act of 2008 (HERA), Public Law 110–
289, 122 Stat. 2654, those regulations
remain in effect until they are
superseded by regulations issued by
FHFA. See id. at sections 1302, 1312,
122 Stat. 2795, 2798. The intent of the
proposed rule was to consolidate certain
of those regulations into a new set of
FHFA regulations that would address
those same matters, and to repeal any
predecessor regulations that were not
adopted as FHFA regulations. The
proposed rule was not intended to
address conservatorship matters, but
rather to address matters of corporate
practice and governance that currently
are addressed by OFHEO regulations, to
which the Enterprises remain subject.
The applicable regulations of the
1 See
79 FR 4414 (January 28, 2014).
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
predecessor agencies addressed by this
rulemaking currently are located at parts
914, 917, 1710, and 1720 of title 12 of
the Code of Federal Regulations. All of
the relocated portions of these
regulations would be codified as a new
part 1239 of the FHFA regulations.
The proposed rule included a number
of provisions that would apply to all of
the regulated entities because they
addressed matters of general
applicability, but also included other
provisions that would apply only to the
Banks or only to the Enterprises because
they addressed topics that are unique to
the particular type of entity. The
substance of most of the provisions of
the proposed rule was unchanged from
that of the predecessor regulations,
except for the provision on risk
management, which was new. The
proposed rule would also have carried
over a Finance Board regulation on
regulatory reporting and applied that
provision to all of the regulated entities.
In conjunction with the relocation of
the predecessor regulations, the
proposed rule also would have revised
certain provisions of FHFA’s Prudential
Standards. Specifically, the proposal
would have redesignated the
introductory section to the Prudential
Standards—which recites general
concepts of corporate governance and
responsibilities of the board of directors
and senior management—as a separate
standard. Doing so would clarify
FHFA’s authority to enforce those
provisions in the same manner as any of
the other ten enumerated standards.
Lastly, the proposal would have
repealed a provision of the OFHEO
regulations, 12 CFR part 1720, which
had established certain safety and
soundness standards for the Enterprises,
because many of the matters addressed
by those regulations are also addressed
by the Prudential Standards or by the
proposed rule.
B. Considerations of Differences
Between the Banks and the Enterprises
When promulgating regulations or
taking other actions that relate to the
Banks, section 1313(f) of the Federal
Housing Enterprises Financial Safety
and Soundness Act of 1992 (Safety and
Soundness Act) requires the Director of
FHFA (Director) to consider the
differences between the Banks and the
Enterprises with respect to the Banks’
cooperative ownership structure;
mission of providing liquidity to
members; affordable housing and
community development mission;
capital structure; and joint and several
liability. 12 U.S.C. 4513(f). In preparing
the proposed and final rules, the
Director has considered those
PO 00000
Frm 00002
Fmt 4700
Sfmt 4700
differences as they relate to the above
factors and has determined that none of
the statutory factors would be adversely
affected by the final rule. None of the
comment letters addressed this
requirement.
II. Response to Comment Letters
In response to the proposed rule,
FHFA received three substantive
comment letters, one each from Fannie
Mae and Freddie Mac, and a joint letter
from the Banks. Each letter generally
supported the proposed rule, but also
recommended different ways in which
FHFA should revise certain aspects of
the rule. In response to these
recommendations, FHFA has
incorporated a number of revisions into
the final rule. The following sections of
this document describe the issues raised
by the commenters, along with FHFA’s
responses, which are included as part of
FHFA’s descriptions of the particular
provisions of the final rule for which the
commenters had suggested revisions.
For other provisions of the proposed
rule about which the commenters raised
no issues, FHFA has adopted them
without change.
III. Final Rule
A. Overview
The organizational structure of the
final rule is the same as that of the
proposed rule, meaning that it includes
one subpart for definitions and four
subparts for the substantive provisions.
Subpart A defines terms used within the
final rule. Subpart B includes provisions
relating to certain core corporate
governance principles and applies to
both the Banks and the Enterprises.
Subpart C addresses codes of conduct
for the entities, risk management,
compliance programs, and regulatory
reports, and also applies to all regulated
entities. Subparts D and E include
regulations from the predecessor
agencies that address matters specific to
the Banks (such as those relating to a
Bank’s member products policy) or to
the Enterprises (such as those relating to
the Enterprise boards), respectively.
None of these provisions is intended to
address conservatorship matters at the
Enterprises. Instead, they are intended
to address matters of corporate practice
and governance for regulated entities
that are not in conservatorship by
replacing the existing OFHEO
regulations on those same topics.2 The
2 FHFA as conservator has exercised its authority
under 12 U.S.C. 4617(b)(2)(C) to provide for the
Enterprises’ management to be overseen by the
boards of directors under their charter acts, 12
U.S.C. 1452(a), 1723(b), and those boards have been
operating under the OFHEO regulations, which are
being replaced by this regulation.
E:\FR\FM\19NOR1.SGM
19NOR1
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
following paragraphs describe the
manner in which each of the subparts of
the final rule differs from those of the
proposed rule and, as applicable,
describes the material issues raised by
the commenters and FHFA’s responses
to them.
wgreen on DSK2VPTVN1PROD with RULES
B. Subpart A—General
Definitions (1239.2)
The proposed rule included seventeen
defined terms, most of which were
derived from the predecessor agencies’
regulations and were to be incorporated
into the FHFA’s regulations without
change. The final rule revises one of the
proposed definitions, deletes two
proposed definitions, and adds one new
definition.
The proposed rule would have
defined ‘‘executive officer’’ to include
the chairperson and vice-chairperson of
an Enterprise, along with a number of
other specified senior executive
positions at any Bank or Enterprise.
Both Enterprises commented that
defining ‘‘executive officer’’ to include
the chairperson and vice-chairperson
created a conflict with another
provision of the proposed rule, 12 CFR
1239.20(a)(3), which requires the
chairperson of an Enterprise to be a
person other than the chief executive
officer, who also must be independent,
as defined by the rules of the New York
Stock Exchange (NYSE). The applicable
NYSE rule provides that a company’s
chairperson is not ‘‘independent’’ if the
person is, or has been within the past
three years, an executive officer of the
company. In order to resolve this
conflict, FHFA agrees with the
commenters and has amended the
definition of ‘‘executive officer’’ to
delete the references to an Enterprise’s
chairperson and vice-chairperson.
The proposed rule had used the term
‘‘risk profile’’ in several places within
the risk management section of the rule,
but did not define that term. In
considering how to define that term for
the final rule, FHFA determined that a
similar term—‘‘risk appetite’’—as
defined by the Office of the Comptroller
of the Currency in its guidelines
establishing heightened standards for
national banks, better described the
concept that FHFA had intended with
its use of the term ‘‘risk profile’’ in the
proposed rule. Accordingly, the final
rule replaces the references to ‘‘risk
profile’’ with the new term ‘‘risk
appetite’’ and defines that term to mean
the aggregate level and types of risk the
board of directors and management are
willing to assume to achieve the
regulated entity’s strategic objectives
and business plan, consistent with
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
applicable capital, liquidity, and other
regulatory requirements.
The final rule deletes the defined term
‘‘authorizing statutes’’ because FHFA
has recently defined that term within its
general definitions section, at 12 CFR
1201, which definitions apply to all of
FHFA’s regulations. FHFA has also
deleted the definition of the SarbanesOxley Act from the final rule, because
that term is only used once within the
regulatory text, which now refers to that
act by its name, rather than the
acronym.
The proposed rule defined credit risk
as ‘‘the potential that a borrower or
counterparty will fail to meet its
financial obligations in accordance with
agreed terms.’’ Credit risk is one of the
several specified risks that the rule
requires a regulated entity’s risk
management program to address.
Freddie Mac contended that the
proposed definition was both too broad
and too narrow and also suggested that
FHFA replace ‘‘financial obligations’’
with ‘‘contractual obligations.’’ Freddie
Mac also suggested that FHFA define
‘‘credit risk’’ in terms of an actual
failure of a counterparty to perform, i.e.,
as the risk that the counterparty will fail
to perform. FHFA declines to accept
either of those suggestions, and notes
that its definition is consistent with
those of other banking regulators, which
also focus on the potential that a
borrower or counterparty will fail to
meet its obligations.3 FHFA also
believes that using the term ‘‘contractual
obligations’’ in the definition would
make it overly broad, in that such
language would include other types of
contractual obligations that may not
have any relevance to credit risk.
C. Subpart B—Corporate Practices and
Procedures Applicable to All Regulated
Entities
Subpart B of the proposed rule
included three provisions that
addressed certain core principles of
corporate practices or governance that
3 See e.g., Principles for the Management of Credit
Risk—Consultative Document, Bank for
International Settlements, July 1999 (‘‘Credit risk is
most simply defined as the potential that a bank
borrower or counterparty will fail to meet its
obligations in accordance with agreed terms.’’). See
also, Interagency Counterparty Risk Management
Guidance, Board of Governors of the Federal
Reserve System, SR 11–10, July 5, 2011
(‘‘Counterparty credit risk is the risk that the
counterparty to a transaction could default.’’) and
Supervisory Policy Statement on Investment
Securities and End-User Derivatives Activities,
Federal Financial Institutions Examination Council,
Oct. 3, 1997 (A component of credit risk is
settlement and pre-settlement credit risk. ‘‘These
risks are the possibility that a counterparty will fail
to honor its obligation at or before the time of
settlement.’’ (emphasis added)).
PO 00000
Frm 00003
Fmt 4700
Sfmt 4700
72329
were to apply to both the Enterprises
and the Banks. Those provisions
addressed choice of law for governance
and indemnification matters, duties of
directors, and committees of the boards
of directors. Nearly all of the content of
those provisions was derived from the
Finance Board or OFHEO regulations.
Choice of Law and Indemnification
(1239.3)
Choice of Law
Proposed § 1239.3(a) and (b) generally
would have required that a regulated
entity’s corporate governance and
indemnification practices comply with
any applicable federal law, but also
would have required each regulated
entity to designate in its bylaws a body
of law to follow with respect to those
practices. The proposed rule would
have allowed a regulated entity to
follow: (1) The law of the jurisdiction in
which the entity maintains its principal
office; (2) the Delaware General
Corporation Law; or (3) the Revised
Model Business Corporation Act. This
choice of law provision would be new
only for the Banks because the OFHEO
regulations had previously imposed this
requirement on the Enterprises.
The Banks expressed concern that by
choosing a particular body of state law
to follow they could subject themselves
to the jurisdiction of those states’ courts
and would allow their members to
assert all of the rights available to
stockholders of corporations organized
under those state laws. Although FHFA
does not believe that its regulations
would cause either of those possibilities
to occur, it agrees that for the sake of
clarity the final rule should be revised
to state explicitly that the regulation
does not create any rights in the
members or other third parties and that
it does not otherwise cause the
regulated entities to become subject to
the jurisdiction of state courts on
matters of corporate governance and
indemnification. In addition, FHFA has
determined that it would be appropriate
to allow the Banks an additional period
of time within which to compare the
relative merits of the three bodies of law
from which they may choose.
Accordingly, the final rule allows the
Banks a period of 90 days after the
effective date of the rule by which to
designate in their bylaws their chosen
body of law.
The Banks also suggested that the
regulation should allow them to model
their bylaw provisions after certain
specific state law provisions, rather than
on an entire body of state corporate law.
FHFA has declined to make that
revision for the final rule because it
E:\FR\FM\19NOR1.SGM
19NOR1
72330
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
wgreen on DSK2VPTVN1PROD with RULES
does not believe that the selective
designation of various state corporate
law provisions would result in an
effective or uniform source of guidance
for the entities.
Indemnification
The proposed rule would have
required the regulated entities to
indemnify their directors, officers, and
employees under terms and conditions
to be determined by the entities’ boards
of directors. Section 1239.3(c)(2) further
would have required that each regulated
entity adopt policies and procedures for
indemnifying its personnel, which had
to address how the board would make
decisions on indemnification requests
and what standards the board would use
for indemnification requests, as well as
for board investigations and review by
outside counsel. These provisions were
modeled on FHFA’s regulations
governing the Office of Finance, 12 CFR
1273.7(i)(3), and the OFHEO
indemnification provisions at 12 CFR
1710.20.
The Banks’ comment letter questioned
FHFA’s authority to subject the Banks to
regulations relating to indemnification,
citing a provision of the Federal Home
Loan Bank Act (Bank Act), 12 U.S.C.
1427(k), which they believed committed
matters of indemnification exclusively
to the discretion of the Bank’s board of
directors. FHFA believes that the
language of the proposed rule is fully
consistent with the authority granted to
the Banks’ boards of directors by section
1427(k) because the rule largely restates
and elaborates on the statutory
requirement that the boards of directors
are to determine the terms and
conditions on which the regulated
entities are to provide indemnification
to their personnel.
The one aspect of the proposed rule
that differed from the statute pertained
to the provisions requiring the entities
to adopt policies describing the manner
in which they would exercise their
indemnification authority. In effect,
those provisions would have required
the entities to commit to writing the
decisions that their boards of directors
make with respect to the circumstances
under which they intend to provide
indemnification to their officers and
employees and the manner in which
they will make those decisions.
Requiring the entities to document the
policies, procedures, and standards that
the board of directors will use when
considering requests for indemnification
does not diminish the authority of the
boards of directors to set the terms and
conditions on which the entity will
indemnify its personnel. In such cases,
the boards would still decide the terms
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
and conditions for indemnification, and
the written policies, procedures, and
standards would reflect and implement
those board decisions. Requiring a
regulated entity to have in place
procedural safeguards, such as policies,
procedures, and standards for
indemnification, benefits the board of
directors by helping to ensure that they
make their indemnification decisions on
a consistent basis, which in turn
increases the likelihood that the entities
will make these decisions in a safe and
sound manner. FHFA has explicit
authority to adopt regulations to ensure
that the purposes of the Bank Act are
carried out.4 For those reasons, FHFA
has retained this requirement in the
final rule.
The proposed rule also included a
provision carried over from the OFHEO
regulations that authorized FHFA to
review an entity’s indemnification
policies, procedures, and practices and
to limit or prohibit an entity from
making indemnification payments based
on FHFA’s safety and soundness
authority. The commenters questioned
whether FHFA has the legal authority to
prohibit indemnification payments
based solely on its safety and soundness
authority, particularly in light of a 2008
statutory amendment that explicitly
authorized FHFA to prohibit
indemnification payments only in cases
where FHFA has initiated the action
against an officer or director of a
regulated entity. 12 U.S.C. 4518(e).
Fannie Mae also objected to certain
language in the supplementary
information to the proposed rule, which
described this provision as allowing
FHFA to prohibit indemnification
payment to ‘‘any person found to have
violated any law or regulation,’’ as going
beyond the language of the regulatory
text.
To address these comments, FHFA
has revised § 1239.3(c)(4) of the final
rule in two respects. First, the final rule
no longer asserts the authority of FHFA
to limit or prohibit indemnification
payments based solely on safety and
soundness grounds. To the extent that
FHFA deems it necessary to limit or
prohibit indemnification payments by a
regulated entity, it will act under the
authority conferred by 12 U.S.C.
4518(e), which applies only to instances
in which FHFA has initiated the
underlying civil or administrative
action. Second, the final rule revises the
regulatory language to provide that
FHFA may review a regulated entity’s
indemnification policies, procedures,
and practices to ensure that they are
4 Safety and Soundness Act section 1319G, 12
U.S.C. 4526.
PO 00000
Frm 00004
Fmt 4700
Sfmt 4700
consistent with law and with safety and
soundness, and that they are carried out
in a safe and sound manner. FHFA
anticipates that this type of review
could focus on issues such as whether
a regulated entity has been consistent in
how it acts on indemnification requests
from different persons, and whether it
has documented that it has made its
decisions in accordance with the body
of state law that the entity has chosen
to follow for indemnification purposes.
Lastly, the Banks asked that FHFA
clarify the circumstances in which it
would exercise its statutory authority
under the factors enumerated in 12
U.S.C. 4518(e)(2), which authorizes
FHFA to limit or prohibit
indemnification payments in
connection with civil or administrative
actions brought by FHFA. Because the
proposed rule did not include any
provisions relating to section 4518(e)(2),
FHFA cannot address that provision for
the first time as part of this final rule.
That statutory provision is the subject of
a separate rulemaking.5
Duties and Responsibilities of Directors
(1239.4)
Proposed § 1239.4 set forth certain
duties and responsibilities of directors
of a regulated entity. The text of the
proposed regulation consisted mostly of
provisions carried over from Finance
Board regulations § 917.2, § 917.10, and,
to a lesser extent, OFHEO regulation
§ 1710.15. This section of the proposed
rule generally stated that the
responsibility for managing a regulated
entity is vested in the board of directors.
The provision also included a list of
duties for the directors, which included
a duty to act with the degree of care of
an ordinarily prudent person, and a
duty to have a working familiarity with
basic finance and accounting matters.
The proposed rule also included a set of
director responsibilities, which
included having in place policies and
procedures to relating to the board’s
oversight of risk management,
compensation, financial reporting, and
regulatory reporting. Commenters raised
four questions about these provisions.
The Enterprises expressed concern
about the language of the proposed rule
that stated that the management of a
regulated entity ‘‘shall be vested in its
board of directors.’’ The Enterprises
believed this language could be read as
expanding the traditional role of
corporate directors and imposing on
them some responsibility for becoming
involved in the day-to-day operations of
the entity. As a general proposition,
FHFA agrees that the role of the board
5 See
E:\FR\FM\19NOR1.SGM
74 FR 30975 (June 29, 2009).
19NOR1
wgreen on DSK2VPTVN1PROD with RULES
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
is one of oversight, and that it is
management who is to be responsible
for the day-to-day operations of the
entities. The language used in the
proposed rule was derived from the
Bank Act and the Finance Board
regulations. In order to address the
concerns raised by the Enterprises about
how the rule should describe the role of
the board of directors, FHFA looked to
Delaware corporate law for guidance.
The relevant provision of the Delaware
statutes provides that ‘‘the business and
affairs of every corporation organized
under this chapter shall be managed by
or under the direction of a board of
directors.’’ Delaware General
Corporation Law, § 141(a). FHFA
believes that this language accurately
describes the roles of corporate directors
generally, and is consistent with the
language of the Bank Act, which
provides that the management of the
Banks is to be ‘‘vested in’’ the board of
directors. Accordingly, FHFA has
revised § 1239.4(a) of the final rule by
replacing the proposed language with
language stating that the management of
a regulated entity is to be ‘‘by or under
the direction of’’ its board of directors.
FHFA intends this revision to make
clear that the final rule should not be
construed as requiring the directors of a
regulated entity to become responsible
for the day-to-day operational functions
of the entity.
The Enterprises also expressed
concern about language of § 1239.4(b)(1)
of the proposed rule relating to the
directors’ duty of care, which provided,
in part, that a director should carry out
his or her duties ‘‘with such care,
including reasonable inquiry, as an
ordinarily prudent person in a like
position would use under similar
circumstances.’’ Freddie Mac believed
that the use of the ‘‘ordinarily prudent
person’’ standard of care for how a
director must discharge his or her duties
could conflict with the body of state law
that the Enterprises have chosen for
corporate governance purposes, which
would not use an ‘‘ordinarily prudent
person’’ standard of care. Fannie Mae
believed that the proposed language
went beyond the fiduciary duties
imposed on board members under
Delaware law. FHFA has decided not to
establish a separately defined standard
of care for the directors of the regulated
entities, but instead to rely on
§ 1239.3(b)(1) of the proposed rule,
which would require each entity to
designate a body of state law for its
corporate governance practices. As the
Enterprises noted, neither Virginia law,
which Freddie Mac has designated, nor
Delaware law, which Fannie Mae has
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
designated, uses a standard of care for
corporate directors that is based on an
‘‘ordinarily prudent person’’ concept.
Indeed, both of those states, as well as
all other states, have adopted some
version of the business judgment rule
for corporate directors. The Delaware
courts have construed that state’s
business judgment rule as establishing a
standard of gross negligence as the basis
on which a corporate director could be
held liable for breach of his or her duty
of care to the corporation.6 In order to
ensure that the directors of the regulated
entities are not held to a standard of
care different from the standard likely to
be applicable to directors of other
financial institutions, which could
affect the availability of director
candidates, FHFA is amending
§ 1239.4(b)(1) of the final rule by
deleting the reference to an ‘‘ordinarily
prudent person’’ and replacing it with
language requiring directors of a
regulated entity to exercise the degree of
care that is required under the Revised
Model Business Corporation Act or the
other body of state law that the
regulated entity has chosen to follow for
its corporate governance and
indemnification practices. Under the
revised provision, Fannie Mae and
Freddie Mac could continue to look to
their chosen bodies of law, Delaware
and Virginia, respectively, to determine
the standard of care owed by their
directors to the entities. Likewise, the
Banks could look to whatever body of
law they choose to govern their
corporate governance practices,
including the standard of care for their
directors.
The proposed rule would have carried
over and applied to all of the regulated
entities a Finance Board provision that
requires directors of Banks to
‘‘administer the affairs of the regulated
entity fairly and impartially.’’ The
Enterprises contended that that
provision, which is derived from the
Bank Act and reflects the cooperative
structure of the Banks, was not wellsuited for the Enterprises because they
are not cooperatives. They also
contended that the proposed provision
was unnecessary because general
concepts of fairness are inherent in the
fiduciary duties of their directors to act
in the best interest of the corporation. In
response to the Enterprises’ concerns,
FHFA has amended the final rule so that
this language will apply only to the
Banks.
The proposed rule also included a
provision derived from the Finance
Board regulations that provided that all
6 Aronson v. Lewis, 473 A.2d 805 (1984)
(Supreme Court of Delaware).
PO 00000
Frm 00005
Fmt 4700
Sfmt 4700
72331
directors have a duty to have a ‘‘working
familiarity with basic finance and
accounting practices,’’ so that they are
able to ask substantive questions of
management and the auditors. The
provision would allow a director to
acquire that level of knowledge either
prior to becoming an entity’s director or
within a reasonable time thereafter,
such as through appropriate training.
Both Fannie Mae and Freddie Mac
expressed concern about this provision,
believing that it could be read to require
all directors to become ‘‘audit
committee financial experts’’ and that it
could effectively preclude them from
recruiting directors who have
specialized expertise outside of the
realms of finance and accounting. FHFA
does not believe that the language of the
proposed rule, which uses the terms
‘‘working familiarity’’ and ‘‘basic
finance and accounting’’ can reasonably
be construed as being equivalent to
requiring the same level of knowledge
as is required to be an ‘‘audit committee
financial expert.’’ The knowledge and
experience required under the
regulations of the Securities and
Exchange Commission (SEC) to be
deemed an ‘‘audit committee financial
expert’’ are quite detailed and go far
beyond concepts of basic finance and
accounting. For example, an audit
committee financial expert must have
an understanding of generally accepted
accounting principles and financial
statements, the ability to assess the
application of those principles,
experience in preparing, auditing, or
analyzing financial statements, an
understanding of internal controls over
financial reporting, and an
understanding of audit committee
functions. The expert also must have
acquired those attributes through
education and experience as a principal
financial officer, principal accounting
officer, controller, public accountant, or
auditor, or by supervising persons
performing those functions.7 FHFA also
does not believe that requiring directors
of the regulated entities to have or
develop an understanding of basic
concepts of finance and accounting will
preclude them from recruiting persons
whose expertise lies in other areas.
Although FHFA has not defined the
terms ‘‘working familiarity’’ or ‘‘basic
finance and accounting practices,’’ they
should be read in the context of the
remainder of the provision, which
indicates that the level of understanding
has to be sufficient to allow the persons
to read and understand the entity’s
financial statements (which the
Enterprise directors already certify
7 17
CFR 229.407(d)(5)(ii).
E:\FR\FM\19NOR1.SGM
19NOR1
72332
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
wgreen on DSK2VPTVN1PROD with RULES
when filing their Form 10–K with the
SEC) and to engage in a dialogue with
management and the auditors about the
operations and financial condition of
the entity. Moreover, the Banks, which
also have a minority of their directors
chosen from outside of the financial
services industry, have been able to
recruit and retain capable directors
notwithstanding this requirement,
which has applied to Bank directors
since 2000. Accordingly, FHFA is
adopting § 1239.4(b)(3) of the final rule
with no changes from the proposed rule.
Lastly, Freddie Mac objected to
§ 1239.4(c) of the proposed rule that
required the board of directors to have
in place policies and procedures to
address certain matters, such as risk
management, compensation programs,
financial reporting, and regulatory
reporting. Freddie Mac suggested that
FHFA revise this provision to make
clear that it does not require the board
of directors to establish the required
policies and procedures, which can be
developed by management. Because
FHFA agrees that the development and
implementation of procedures is a
management responsibility, the final
rule removes the reference to
‘‘procedures’’ from this section. The
final rule retains, however, the
requirement that the board must have in
place adequate ‘‘policies’’ to assure its
oversight of risk management,
compensation, and financial reporting.
As revised, this provision allows the
board of directors to delegate to
management the responsibility to
develop, implement, and monitor
compliance with the procedures used to
implement board policies, but also
requires the board of directors to review
and approve those policies, as
appropriate, as part of its responsibility
to oversee management of the regulated
entity.
Board Committees (1239.5)
The proposed rule would have
required each regulated entity to have
four specified committees of the board
of directors, which are to address risk
management, audit, compensation, and
governance. The proposal also
authorized the regulated entities to
establish any other committees they
deemed appropriate and prohibited the
entities from combining their risk
management committee or the audit
committee with any other committee.
The proposal further required that each
committee have a formal written charter
and that it meet with sufficient
frequency to carry out its
responsibilities.
FHFA is revising this provision of the
final rule in two respects, both of which
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
respond to comments from Freddie Mac.
Apart from those revisions, FHFA is
adopting this section as proposed. First,
the final rule revises § 1239.5(c) to
require that the full board of directors
adopt a formal written charter for each
committee. This replaces a provision of
the proposed rule that would have
allowed a committee to adopt its own
charter. Second, the final rule revises
§ 1239.5(d) by adding language to the
effect that a committee that is designed
to meet only on an as-needed basis,
rather than on a fixed schedule, such as
an executive committee, which may
meet regularly or only as necessary to
address matters arising between
meetings of the full board, shall meet in
the manner specified in that
committee’s charter, rather than
‘‘regularly,’’ as the proposed rule had
provided.
The Banks objected to the proposed
rule’s prohibition on combining the
audit and risk committees with other
committees, citing the need for
flexibility in determining committee
structure. While FHFA understands that
the entities may need some flexibility
when staffing their committees, FHFA
also believes that the responsibilities of
the audit committee and risk
management committee are sufficiently
important that each should be
structured as a stand-alone committee,
without any competing responsibilities.
D. Subpart C—Other Requirements
Applicable to All Regulated Entities
Subpart C of the proposed rule
included four other provisions that
would have applied to all of the
regulated entities. These provisions
addressed: (1) Code of conduct; (2) risk
management; (3) compliance programs;
and (4) regulatory reports. The final rule
revises portions of the provisions
dealing with the code of conduct and
risk management, which revisions are
described below. FHFA is adopting the
provisions relating to compliance
programs and regulatory reports as
proposed, and the discussion below also
addresses suggested revisions to the
compliance program, which FHFA has
declined to adopt.
Code of Conduct and Ethics (1239.10)
Proposed § 1239.10 carried over the
substance of an OFHEO regulation that
required each regulated entity to
establish a written code of conduct for
directors, executive officers, and
employees that is reasonably designed
to ensure that they discharge their
duties in an objective and impartial
manner and that includes the standards
required under section 406 of the
Sarbanes-Oxley Act. Neither the OFHEO
PO 00000
Frm 00006
Fmt 4700
Sfmt 4700
regulation nor the proposed rule
described the substance of those
standards, but simply incorporated
them by cross-reference. The section
406 standards pertain to promoting
honest and ethical conduct, accurate
financial disclosures, and compliance
with applicable laws. The Banks
expressed two concerns about this
provision of the proposed rule. First,
they believed that it was unnecessary
and duplicative because, as SEC
registrants, they already must disclose
whether they have adopted such a code
of conduct. Second, they believed that
the scope of the provision was too broad
because it covered all employees, not
just those involved with preparing the
financial statements.
FHFA agrees that the scope of the
proposed rule was broader than it
needed to be insofar as it would have
applied to employees that are not
involved in the preparation of the
entity’s financial statements. To address
these concerns about overbreadth,
FHFA revised the final rule so that it
imposes general requirements on all
employees of a regulated entity and
separately imposes other requirements
on those officers that are responsible for
preparing the financial statements. As
part of that approach, the final rule no
longer cross-references section 406 of
the Sarbanes-Oxley Act, but instead
incorporates the essential language of
section 406 into the FHFA regulation.
Accordingly, the final rule first provides
that each entity must adopt a code of
conduct that is reasonably designed to
assure that its directors, officers, and
employees discharge their duties in an
objective and impartial manner and that
promotes honest and ethical conduct,
compliance with applicable laws and
regulations, accountability for adhering
to the code, and prompt internal
reporting of violations of the code. Each
of those elements is derived from
section 406 of the Sarbanes-Oxley Act.
The final rule separately provides that
the code of conduct must include
provisions that apply only to the
entities’ principal executive officer,
principal financial officer, and principal
accounting officer or controller. Those
provisions must be reasonably designed
to promote full, fair, and accurate
disclosures in an entity’s reports filed
with the SEC and other public
communications pertaining to the
entity’s financial condition. Those
provisions also are derived from section
406, but will not apply to the officers
and employees who have no role in
preparing the financial statements or
other disclosures.
FHFA appreciates that the Banks, as
SEC registrants, are already required to
E:\FR\FM\19NOR1.SGM
19NOR1
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
disclose whether they have a code of
conduct that satisfies the requirements
of section 406 of the Sarbanes-Oxley
Act. That requirement, however, is
simply a disclosure requirement and
does not require the Banks to actually
adopt a code of ethics. Because FHFA
believes that a code of conduct as
described above is an important tool in
assuring that the entities operate in a
safe and sound manner, the final rule
continues to require that the entities
actually adopt the code of conduct.
Accordingly, FHFA declines to adopt
the Banks’ suggestion that this matter be
addressed solely through the existing
disclosure mechanism.
Risk Management (1239.11)
wgreen on DSK2VPTVN1PROD with RULES
The proposed rule contained a new
risk management section that was based
in large part on a recent proposal of the
Federal Reserve Board relating to its
supervision of large banking
institutions.8 The proposed risk
management section included little
content from the regulations of the
predecessor agencies, which had
become somewhat dated. Among other
things, proposed § 1239.11 would have
required each entity to establish an
enterprise-wide risk management
program and specified certain
requirements for that program, as well
as the responsibilities of the risk
committee. The proposal also would
have required each entity to appoint a
chief risk officer to oversee the risk
management function, and specified the
responsibilities of the chief risk officer.
In the final rule, FHFA retained most of
the content of the proposed rule, but
reorganized certain provisions of the
regulatory text to improve its
readability. The final rule retains the
three core elements of the proposed
rule, which require the establishment of
an enterprise-wide risk management
program, the establishment of a risk
committee with specified structure and
responsibilities, and the establishment
of a chief risk officer with specified
responsibilities. FHFA also made
certain revisions to the regulatory text in
8 See Enhanced Prudential Standards and Early
Remediation Requirements for Covered Companies,
Board of Governors of the Federal Reserve System,
77 FR 594 (Jan. 5, 2012). The commenters asked
that to the extent that FHFA had looked to these
standards for guidance, it should look to the final
rule adopted by the Federal Reserve Board instead
of its proposed rule, especially as it relates to
distinguishing between the respective roles of
directors and management. FHFA has reviewed that
final rule document and made conforming revisions
to this final rule, as appropriate. See Enhanced
Prudential Standards and Early Remediation
Requirements for Covered Companies, Board of
Governors of the Federal Reserve System, 79 FR
17240 (Mar. 27, 2014).
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
response to the comment letters. All of
those revisions are described below.
Establishment of the Risk Management
Program
Section 1239.11(a) of the proposed
rule would have required the
establishment of a risk management
program that aligns with the entity’s
overall risk profile and mission
objectives, while § 1239.11(c)(1) had
specified several required elements for
the risk management program. In the
final rule, FHFA combined those
provisions into a revised § 1239.11(a),
which deals only with the risk
management program. FHFA also
revised the regulatory text, which
formerly provided that the board of
directors must have a risk management
program ‘‘in effect at all times,’’ to
clarify that the board must approve and
periodically review the risk
management program, as well as having
it in effect. As noted previously, the
final rule also replaces all references to
the term ‘‘risk profile’’ with the newly
defined term ‘‘risk appetite.’’ The final
rule also makes some revisions to the
provisions that specified the minimum
requirements for the risk management
program, principally to address
concerns expressed by the commenters.
The final rule now provides that the
board of directors must ensure that the
risk management program aligns with
the entity’s risk appetite, and it deletes
a reference to this being a joint
responsibility of the board and senior
management. These provisions of the
final rule are not intended to require
that the board of directors actually
develop or implement the risk
management program, which tasks may
be delegated to management, but the
board is responsible for approving the
program, as well as the entity’s risk
appetite, and ensuring that the two are
consistent with each other. In the
paragraphs describing the requirements
of the risk management program, the
final rule deletes certain references that
the commenters believed could be read
to impose management level
responsibilities on the board or its
committee. Thus, the final rule deletes
from proposed § 1239.11(c)(ii), (iii), and
(iv) references to ‘‘risk management
practices and risk control structure,’’
‘‘procedures . . . practices, risk
controls,’’ and ‘‘control objectives,’’
respectively.
Establishment and Duties of the Risk
Committee
Section 1239.11(b) of the proposed
rule would have required the board of
each regulated entity to establish a risk
committee that oversees the entity’s risk
PO 00000
Frm 00007
Fmt 4700
Sfmt 4700
72333
management practices, while
§ 1239.11(c) and (d) had addressed the
risk committee structure and
responsibilities, respectively. The final
rule combines all of those provisions
into a revised § 1239.11(b), which deals
only with risk committee matters. FHFA
also revised certain of these provisions
in response to concerns of the
commenters that the proposed rule
could be read to assign management
type responsibilities on the board of
directors or the risk committee. Thus,
the final rule has deleted language from
proposed § 1239.11(b) that stated that
the committee was ‘‘responsible for
oversight of . . . risk management
practices’’ and replaced it with language
saying that the committee is to assist the
board of directors in carrying out its
duties to oversee the ‘‘risk management
program,’’ rather than the ‘‘practices’’ of
the entity.
The final rule revises certain of the
provisions relating to the qualifications
of the risk committee members that had
been located in § 1239.11(c)(2) of the
proposed rule, also in response to
suggestions from the commenters. The
proposed rule would have required that
the committee have at least one member
with ‘‘risk management expertise’’ that
is commensurate with the business of
the regulated entity, and further that the
other committee members have
‘‘experience developing and applying
risk management practices and
procedures measuring and identifying
risks.’’ The Banks and the Enterprises
contended that such levels of expertise
would likely be found only in a person
who was serving, or had previously
served, as a chief risk officer at a
financial institution and that it would
be difficult to find persons who are
eligible for board positions who also
have such expertise. FHFA believes that
this is a valid concern and has revised
the rule to require that the risk
committee have at least one member
with risk management ‘‘experience’’
rather than ‘‘expertise,’’ and that the
other committee members have, or
acquire through training, a practical
understanding of risk management
principles and practices. FHFA also
deleted in its entirety the provision of
the proposed rule that would have
required risk committee members to
also have had experience developing
and applying risk management practices
and procedures. Notwithstanding those
revisions, FHFA believes that it is
appropriate and reasonable to retain
some language in the final rule requiring
that the persons charged with assisting
the board in its oversight of the risk
management program have had some
E:\FR\FM\19NOR1.SGM
19NOR1
72334
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
wgreen on DSK2VPTVN1PROD with RULES
opportunity, either through prior
experience or education or other
training while on the board, to gain
sufficient understanding of risk
management principles to meaningfully
engage with management on risk
management matters.
Freddie Mac objected to the
requirements in proposed
§ 1239.11(c)(2)(v) and (d)(1) that the risk
committee fully document and maintain
records of its meetings, including its
risk management decisions and
recommendations, and that it be
responsible for documenting and
overseeing the entity’s risk management
‘‘policies and practices.’’ It believed that
these requirements go beyond the
existing obligation on board committees
to prepare minutes of meetings. FHFA
disagrees with the first of those
suggestions and has retained the
requirement that the committee
document and maintain records of its
meetings and decisions because risk
management is a vital function and
decisions of the risk committee and the
justification for those actions need to be
well documented. FHFA agrees with the
second suggestion and removed from
the final rule the language stating that
that the committee is to be responsible
for documenting and overseeing the risk
management ‘‘policies and practices’’ of
the entity because ‘‘practices’’ are more
appropriately characterized as a
management function than as a function
for the risk committee. In its place,
FHFA included an alternative provision,
to be located in § 1239.111(b)(2)(i) of the
final rule, providing that the risk
committee must periodically review the
entity’s risk management program and
make recommendations to the board of
directors for any appropriate revisions
to the program to ensure that the
program remains aligned to the risks
associated with the entity’s business
activities. The final rule also includes a
parallel provision requiring the
committee to periodically review the
capabilities of, and the adequacy of the
resources allocated to, the risk
management program.
Chief Risk Officer
The proposed rule would require each
entity to appoint a chief risk officer and
described both the organizational
structure of the risk management
program and the responsibilities of the
chief risk officer. The final rule makes
some modest revisions to these
provisions, stating that the chief risk
officer shall ‘‘head’’ (rather than
‘‘oversee’’) an independent risk
management function and be
responsible for the entity’s risk
management function. Both the
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
proposed and final rules require that the
head of the risk management function
must be ‘‘independent.’’ FHFA
construes that term to mean that the
chief risk officer may not have dual
responsibilities within the organization,
such as also serving as the chief
financial officer or as any other senior
executive officer.
Compliance Program (1239.12)
The proposed rule would require that
regulated entities establish a compliance
program to be headed by a chief
compliance officer and set forth criteria
for the program. Proposed § 1239.12
would require the program to be
reasonably designed to ensure that the
regulated entity complies with
applicable laws, rules, regulations, and
internal controls. In addition, the
proposal would require the compliance
officer to report directly to the chief
executive officer, to report regularly to
the board of directors (or a committee
thereof) on the adequacy of the entity’s
compliance policies and procedures,
and to make recommendations to the
board for any adjustments to those
policies or procedures, as appropriate.
The final rule adopts this provision as
it was proposed.
The Banks expressed concern that
these provisions were too prescriptive
and believed that oversight of the
compliance program need not reside
solely with a single chief compliance
officer, so long as the Banks have
established clear lines of responsibilities
for compliance matters with other
executives. The Banks also objected to
requiring the compliance officer to
report to the chief executive and asked
that the final rule allow for reporting
lines to other senior executives. The
Banks also suggested replacing the
words ‘‘internal controls’’ with
‘‘policies’’ in the provision that requires
that the compliance program ensure
compliance with ‘‘laws, rules,
regulations, and internal controls.’’ The
Banks believe that internal controls
themselves are designed to achieve
compliance with laws, rules,
regulations, and policies and therefore it
did not make sense to require
compliance with internal controls.
FHFA does not believe that this
provision can be characterized as being
overly prescriptive, as the Banks
contend. The regulation is short, only
three sentences, which require the
establishment of a compliance program,
the designation of a compliance officer,
and the establishment of reporting
requirements. As to the concern about
reporting lines, FHFA believes that the
compliance function is sufficiently
important that it should be headed by a
PO 00000
Frm 00008
Fmt 4700
Sfmt 4700
person holding an executive level
position, who would be a peer of the
executives taking the business risks, and
who would have direct access to the
CEO. Lastly, although internal controls
are designed to ensure compliance with
laws, regulations, and policies, this can
only be achieved if the regulated entity
complies with the internal control
procedures themselves. Therefore,
FHFA believes that it is appropriate to
retain the term ‘‘internal controls’’ in
the first sentence of the provision.
Regulatory Reports (1239.13)
Proposed § 1239.13 required each
regulated entity to provide FHFA with
such regulatory reports as are necessary
for it to evaluate the condition of a
regulated entity, or compliance with
applicable law, and to do so in
accordance with the forms and
instructions issued by FHFA from time
to time. It was derived from the Finance
Board regulations at 12 CFR 914.1 and
914.2. FHFA received no comments on
this provision and the final rule adopts
this provision as proposed.
E. Subpart D—Enterprise Specific
Requirements
Subpart D of the proposed rule
included two provisions that were to
apply only to the Enterprises. FHFA
received no comments on these
provisions from the Enterprises.
Accordingly, with the exception of the
one matter noted below, FHFA adopted
both provisions as proposed. The first
provision, § 1239.20, addresses age and
term limits for Enterprise directors and
requires that a majority of the directors
be independent, as defined under the
rules of the NYSE. It also addresses the
frequency of Enterprise board meetings,
quorum requirements, and voting by
directors. The rule carries over these
provisions from the OFHEO regulation
without substantive change. Proposed
§ 1239.20(a)(3) included a new
provision that would prohibit the chief
executive officer of an Enterprise from
also serving as the chairperson of the
board of directors.
In the final rule, FHFA also revised
the language of § 1239.20(b)(5), which
requires the Enterprise boards of
directors annually to review the
requirements of applicable laws, rules,
regulations, and guidelines. FHFA has
been asked whether this provision
requires a board of directors to review
all laws that apply to the Enterprises or
only on those that have been revised
during the past year. FHFA believes that
going forward this provision should be
read to require that the boards of
directors be kept informed of any
significant changes to the applicable
E:\FR\FM\19NOR1.SGM
19NOR1
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
laws and regulations. Accordingly, the
final rule revises this provision to state
that at least annually the boards of the
Enterprises shall be informed of any
significant changes that have been made
to the laws, rules, regulations, and
guidelines to which the Enterprises are
subject since the prior year’s annual
review. The second provision,
§ 1239.21, requires that the Enterprises
pay their directors reasonable and
appropriate compensation for the time
required for the performance of their
duties.
wgreen on DSK2VPTVN1PROD with RULES
F. Subpart E—Bank Specific
Requirements
Subpart E of the proposed rule
included five provisions that were to
apply only to the Banks. For three of
those provisions, those relating to a
Bank’s member products policy
(§ 1239.30), its strategic business plan
(§ 1239.31), and its dividends
(§ 1239.33), FHFA received no
comments and the final rule adopts
those provisions as proposed. The final
rule deletes the proposed provision on
internal controls in its entirety, for the
reasons described below, and makes
some modest revisions to the provision
on Bank audit committees, also as
described below.
Internal Control System
The proposed rule would have carried
over without substantive change a
Finance Board regulation dealing with
Bank internal control systems. The
proposed regulation set forth detailed
responsibilities of senior management
and the board of directors with respect
to internal controls and solicited
comments on whether the internal
controls regulation should be expanded
to apply to the Enterprises, as well as to
the Banks. Freddie Mac urged FHFA not
to extend the internal controls
regulation to the Enterprises because
they are already subject to numerous
requirements related to internal
controls. The Banks generally favored
the adoption of a principles-based
approach for the rules relating to
internal controls, rather than the more
prescriptive approach of the existing
Finance Board regulations, and asked
that FHFA revise the rule accordingly.
FHFA initially decided to adopt the
Banks’ suggestion and revise this
provision to make it more principlesbased. When making those revisions,
however, FHFA determined that
creating a more principles-based
regulation would result in the revised
regulation overlapping considerably
with the provisions of FHFA’s existing
Prudential Standards that deal with
internal controls. In order to avoid that
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
result, and the potential confusion that
having two separate provisions
addressing internal controls could
cause, FHFA decided a better approach
would be to delete the provision on
internal controls from the final rule and
rely instead on the internal controls
provisions of the Prudential Standards.
Accordingly, the final rule does not
include a separate regulation on internal
controls for the Banks. In making this
change, FHFA emphasizes that a strong
system of internal controls is a critical
first line defense for all of the regulated
entities. FHFA expects that all of the
regulated entities will devote the
necessary resources and attention to this
area.
Audit Committee (1239.32)
The proposed rule would have carried
over without substantive change
Finance Board regulations that required
the establishment of an audit committee
and established requirements for the
composition, independence, charter,
duties, and meetings of Bank audit
committees. FHFA requested comment
on whether it should adopt a single
regulation addressing the audit
committees for all regulated entities,
whether the independence requirements
for Bank audit committees should
consider the amount of Bank stock or
advances held by a member that has a
representative on the committee, and
whether Bank audit committees should
have a majority of members who are not
affiliated with the Bank’s members. No
commenters supported any of those
revisions, and FHFA has not made any
such changes to the final rule.
FHFA made three revisions to
§ 1239.32 of the final rule in response to
comments from the Banks. The Banks
asked that FHFA modify the
requirement relating to representation
on the audit committee of directors from
the various types of members and of
both member directors and independent
directors by providing that the
committee should be required have such
a balance ‘‘to the extent that it is
practicable to do so.’’ The Banks
contended that the skill sets of the
individual directors, particularly the
member directors, will vary. As a result,
there may be times when the persons
whose experience is most suited to
having them serve on the audit
committee will not necessarily result in
a committee composition that includes
persons from all segments of the
membership base. FHFA agrees with
that statement and added the language
requested by the Banks to the final rule.
The Banks also asked that FHFA clarify
that a reference to ‘‘independent
directors’’ in this section refers to those
PO 00000
Frm 00009
Fmt 4700
Sfmt 4700
72335
directors who are not affiliated with a
member institution, as defined in the
Bank Act, so as not to suggest that it
relates to the ‘‘independence’’
requirement for audit committee
members. FHFA made that revision. The
final rule also revises a provision that
requires the audit committee to review
‘‘the policies and procedures used by
senior management’’ by deleting the
reference to ‘‘procedures’’ because
FHFA agrees with the Banks that the
development and review of particular
procedures is more properly considered
a management function. The final rule
also makes one conforming change by
revising the language of the existing rule
to state that the board of directors, not
the audit committee, is responsible for
amending and periodically reapproving
the audit committee charter. This
change conforms this provision to an
earlier provision of the rule that vests in
the board of directors the sole authority
to adopt committee charters.
G. Provisions To Be Repealed
As was proposed, the final rule will
repeal several portions of the
predecessor agency regulations that are
not being carried over into the FHFA
regulations. No commenters objected to
the proposed repeal of these provisions,
which included several OFHEO
regulations that essentially repeated
certain statutory requirements, certain
provisions of the OFHEO regulations
relating to the responsibilities of boards
of directors that address matters now
covered by the Prudential Standards, a
Finance Board regulation requiring the
preparation of annual budgets, and 12
CFR part 1720 of the OFHEO
regulations, which established certain
safety and soundness standards for the
Enterprises.
Freddie Mac sought clarification as to
the effect of the repeal of these
provisions on specific regulatory
guidance, such as the 2006 OFHEO
Corporate Governance Examination
Guidance. FHFA continues to evaluate
the various types of guidance issued by
the predecessor agencies to determine
whether to retain, revise, or repeal the
guidance. Those efforts are being done
independently of this rulemaking. On
March 26, 2015, FHFA issued Advisory
Bulletin AB 2015–03, which rescinded
five examination guidance documents
that had been issued by OFHEO because
they have been superseded by FHFA
guidance, simply restated the text of
regulations, or are no longer relevant or
applicable in the current environment.9
9 The Advisory Bulletin rescinded the following
OFHEO examination guidance documents: PG–00–
E:\FR\FM\19NOR1.SGM
Continued
19NOR1
72336
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
IV. Prudential Standards
List of Subjects
The Prudential Standards include an
introductory section, which recites
general responsibilities of the boards of
directors and senior management, as
well as ten enumerated standards that
address the topics required by statute. In
the proposed rule, FHFA proposed to
designate this introductory section as an
additional Prudential Standard. Doing
so would clarify that the introductory
provisions have the same effect and
could be enforced in the same manner
as the ten enumerated standards. The
Banks commented that this action
would create some uncertainty about
the role of the boards of directors
because the introductory section
currently includes references to the
board of directors being responsible for
adopting and implementing
‘‘procedures,’’ which the Banks contend
is a management function. FHFA agrees
that the development and
implementation of procedures is a
management responsibility, and has
revised the first three paragraphs of the
Prudential Standards introductory
section by deleting the four references to
‘‘procedures’’ as responsibilities of the
board of directors. FHFA received no
other comments on this aspect of the
proposal and the final rule otherwise
adopts the final rule as proposed.
12 CFR Part 914
V. Paperwork Reduction Act
The final rule does not contain any
information collection requirement that
requires the approval of the Office of
Management and Budget under the
Paperwork Reduction Act (44 U.S.C.
3501 et seq.).
wgreen on DSK2VPTVN1PROD with RULES
The Regulatory Flexibility Act (5
U.S.C. 601 et seq.) requires an agency to
analyze a regulation’s impact on small
entities if the regulation is expected to
have a significant economic impact on
a substantial number of small entities. 5
U.S.C. 605(b). FHFA has considered the
impact of this final rule and determined
that it is not likely to have a significant
economic impact on a substantial
number of small entities because it
applies only to the regulated entities,
which are not small entities for
purposes of the Regulatory Flexibility
Act.
001 (regarding minimum safety and soundness
requirements); PG–00–002 (regarding non-mortgage
liquidity investments); PG–06–001 (regarding
corporate governance examinations); PG–06–003
(regarding accounting practices examinations); and
PG–08–002 (regarding standards for use of fair
value options).
15:39 Nov 18, 2015
Jkt 238001
12 CFR Part 917
4. Amend the Appendix to part 1236
as follows:
■ a. By redesignating the phrase ‘‘The
following provisions constitute the
prudential management and operations
standards established pursuant to 12
U.S.C. 4513b(a).’’ following paragraph
10 under ‘‘Responsibilities of the Board
of Directors and Senior Management’’ as
introductory text to the appendix; and
■ b. By revising paragraphs 1., 2., and 3.
under ‘‘Responsibilities of the Board of
Directors and Senior Management’’ to
read as follows:
■
Federal Home Loan Banks.
12 CFR Part 1236
Administrative practice and
procedure, Federal Home Loan Banks,
Government-Sponsored Enterprises,
Reporting and recordkeeping
requirements.
12 CFR Part 1239
Administrative practice and
procedure, Federal Home Loan Banks,
Government-Sponsored Enterprises,
Reporting and recordkeeping
requirements.
Appendix to Part 1236—Prudential
Management and Operations Standards
12 CFR Part 1710
Administrative practice and
procedure, Mortgages.
*
*
*
*
*
12 CFR Part 1720
Administrative practice and
procedure, Mortgages.
Responsibilities of the Board of Directors and
Senior Management
1. With respect to the subject matter
addressed by each Standard, the board of
directors is responsible for adopting business
strategies and policies that are appropriate
for the particular subject matter. The board
should review all such strategies and policies
periodically. It should review and approve
all major strategies and policies at least
annually and make any revisions that are
necessary to ensure that such strategies and
policies remain consistent with the entity’s
overall business plan.
2. The board of directors is responsible for
overseeing management of the regulated
entity, which includes ensuring that
management includes personnel who are
appropriately trained and competent to
oversee the operation of the regulated entity
as it relates to the functions and requirements
addressed by each Standard, and that
management implements the policies set
forth by the board.
3. The board of directors is responsible for
remaining informed about the operations and
condition of the regulated entity, including
operating consistently with the Standards,
and senior management’s implementation of
the strategies and policies established by the
board of directors.
Accordingly, for reasons stated in the
Supplementary Information and under
the authority of 12 U.S.C. 1426, 1427,
1432(a), 1436(a), 1440, 4511(b), 4513(a),
4513(b), and 4526, FHFA hereby
amends subchapter C of chapter IX,
subchapter B of chapter XII, and
subchapter C of chapter XVII of title 12
of the Code of Federal Regulations as
follows:
CHAPTER IX—FEDERAL HOUSING
FINANCE BOARD
Subchapter C—[Removed and Reserved]
1. Subchapter C, consisting of parts
914 and 917 is removed and reserved.
■
VI. Regulatory Flexibility Act
VerDate Sep<11>2014
Federal Home Loan Banks, Reporting
and recordkeeping requirements.
as modified from time to time pursuant
to § 1236.3(b), including the
introductory statement of general
responsibilities of boards of directors
and senior management of the regulated
entities.
CHAPTER XII—FEDERAL HOUSING
FINANCE AGENCY
Subchapter B—Entity Regulations
PART 1236—PRUDENTIAL
MANAGEMENT AND OPERATIONS
STANDARDS
2. The authority citation for part 1236
continues to read as follows:
■
Authority: 12 U.S.C. 4511, 4513(a) and (f),
4513b, and 4526.
3. Amend § 1236.2 by revising the
definition of ‘‘Standards’’ to read as
follows:
*
*
*
*
*
5. Part 1239 is added to subchapter C
to read as follows:
■
■
§ 1236.2
Definitions.
*
*
*
*
*
Standards means any one or more of
the prudential management and
operations standards established by the
Director pursuant to 12 U.S.C. 4513b(a),
PO 00000
Frm 00010
Fmt 4700
Sfmt 4700
PART 1239—RESPONSIBILITIES OF
BOARDS OF DIRECTORS,
CORPORATE PRACTICES, AND
CORPORATE GOVERNANCE
Subpart A—General
Sec.
1239.1
1239.2
E:\FR\FM\19NOR1.SGM
Purpose.
Definitions.
19NOR1
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
Subpart B—Corporate Practices and
Procedures Applicable to All Regulated
Entities
1239.3 Law applicable to corporate
governance and indemnification
practices.
1239.4 Duties and responsibilities of
directors.
1239.5 Board committees.
Subpart C—Other Requirements Applicable
to All Regulated Entities
1239.10 Code of conduct and ethics.
1239.11 Risk management.
1239.12 Compliance program.
1239.13 Regulatory reports.
Subpart D—Enterprise Specific
Requirements
1239.20 Board of directors of the
Enterprises.
1239.21 Compensation of Enterprise board
members.
Subpart E—Bank Specific Requirements
1239.30 Bank member products policy.
1239.31 Strategic business plan.
1239.32 Audit committee.
1239.33 Dividends.
Authority: 12 U.S.C. 1426, 1427, 1432(a),
1436(a), 1440, 4511(b), 4513(a), 4513(b), and
4526.
Subpart A—General
§ 1239.1
Purpose.
FHFA is responsible for supervising
and ensuring the safety and soundness
of the regulated entities. In furtherance
of those responsibilities, this part sets
forth minimum standards with respect
to responsibilities of boards of directors,
corporate practices, and corporate
governance matters of the regulated
entities.
wgreen on DSK2VPTVN1PROD with RULES
§ 1239.2
Definitions.
As used in this part, (unless otherwise
noted):
Board member means a member of the
board of directors of a regulated entity.
Board of directors means the board of
directors of a regulated entity.
Business risk means the risk of an
adverse impact on a regulated entity’s
profitability resulting from external
factors as may occur in both the short
and long run.
Community financial institution has
the meaning set forth in § 1263.1 of this
chapter.
Compensation means any payment of
money or the provision of any other
thing of current or potential value in
connection with employment or in
connection with service as a director.
Credit risk is the potential that a
borrower or counterparty will fail to
meet its financial obligations in
accordance with agreed terms.
Employee means an individual, other
than an executive officer, who works
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
part-time, full-time, or temporarily for a
regulated entity.
Executive officer means the chief
executive officer, chief financial officer,
chief operating officer, president, any
executive vice president, any senior vice
president, and any individual with
similar responsibilities, without regard
to title, who is in charge of a principal
business unit, division, or function, or
who reports directly to the chairperson,
vice chairperson, chief operating officer,
or chief executive officer or president of
a regulated entity.
Immediate family member means a
parent, sibling, spouse, child,
dependent, or any relative sharing the
same residence.
Internal auditor means the individual
responsible for the internal audit
function at a regulated entity.
Liquidity risk means the risk that a
regulated entity will be unable to meet
its financial obligations as they come
due or meet the credit needs of its
members and associates in a timely and
cost-efficient manner.
Market risk means the risk that the
market value, or estimated fair value if
market value is not available, of a
regulated entity’s portfolio will decline
as a result of changes in interest rates,
foreign exchange rates, or equity or
commodity prices.
NYSE means the New York Stock
Exchange.
Operational risk means the risk of loss
resulting from inadequate or failed
internal processes, people, or systems,
or from external events (including legal
risk but excluding strategic and
reputational risk).
Risk appetite means the aggregate
level and types of risk the board of
directors and management are willing to
assume to achieve the regulated entity’s
strategic objectives and business plan,
consistent with applicable capital,
liquidity, and other regulatory
requirements.
Significant deficiency means a
deficiency, or a combination of
deficiencies, in internal control that is
less severe than a material weakness, yet
important enough to merit attention by
those charged with governance.
Subpart B—Corporate Practices and
Procedures Applicable to All
Regulated Entities
§ 1239.3 Law applicable to corporate
governance and indemnification practices.
(a) General. The corporate governance
practices and procedures of each
regulated entity, and practices and
procedures relating to indemnification
(including advancement of expenses),
shall comply with and be subject to the
PO 00000
Frm 00011
Fmt 4700
Sfmt 4700
72337
applicable authorizing statutes and
other Federal law, rules, and
regulations, and shall be consistent with
the safe and sound operations of the
regulated entities.
(b) Election and designation of body
of law. (1) To the extent not inconsistent
with paragraph (a) of this section, each
regulated entity shall elect to follow the
corporate governance and
indemnification practices and
procedures set forth in one of the
following:
(i) The law of the jurisdiction in
which the principal office of the
regulated entity is located;
(ii) The Delaware General Corporation
Law (Del. Code Ann. Title 8); or
(iii) The Revised Model Business
Corporation Act.
(2) Each regulated entity shall
designate in its bylaws the body of law
elected for its corporate governance and
indemnification practices and
procedures pursuant to this paragraph,
and shall do so by no later than March
18, 2016.
(c) Indemnification. (1) Subject to
paragraphs (a) and (b) of this section, to
the extent applicable, a regulated entity
shall indemnify (and advance the
expenses of) its directors, officers, and
employees under such terms and
conditions as are determined by its
board of directors. The regulated entity
is authorized to maintain insurance for
its directors and any other officer or
employee.
(2) Each regulated entity shall have in
place policies and procedures consistent
with this section for indemnification of
its directors, officers, and employees.
Such policies and procedures shall
address how the board of directors is to
approve or deny requests for
indemnification from current and
former directors, officers, and
employees, and shall include standards
relating to indemnification,
investigations by the board of directors,
and review by independent counsel.
(3) Nothing in this paragraph (c) shall
affect any rights to indemnification
(including the advancement of
expenses) that a director or any other
officer or employee had with respect to
any actions, omissions, transactions, or
facts occurring prior to the effective date
of this paragraph.
(4) FHFA has the authority under the
Safety and Soundness Act to review a
regulated entity’s indemnification
policies, procedures, and practices to
ensure that they are conducted in a safe
and sound manner, and that they are
consistent with the body of law adopted
by the board of directors under
paragraph (b) of this section.
E:\FR\FM\19NOR1.SGM
19NOR1
72338
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
(d) No rights created. Nothing in this
part shall create or be deemed to create
any rights in any third party, including
in any member of a Bank, nor shall it
cause or be deemed to cause any
regulated entity to become subject to the
jurisdiction of any state court with
respect to the entity’s corporate
governance or indemnification practices
or procedures.
wgreen on DSK2VPTVN1PROD with RULES
§ 1239.4 Duties and responsibilities of
directors.
(a) Management of a regulated entity.
The management of each regulated
entity shall be by or under the direction
of its board of directors. While a board
of directors may delegate the execution
of operational functions to officers and
employees of the regulated entity, the
ultimate responsibility of each entity’s
board of directors for that entity’s
oversight is non-delegable. The board of
directors of a regulated entity is
responsible for directing the conduct
and affairs of the entity in furtherance
of the safe and sound operation of the
entity and shall remain reasonably
informed of the condition, activities,
and operations of the entity.
(b) Duties of directors. Each director
of a regulated entity shall have the duty
to:
(1) Carry out his or her duties as
director in good faith, in a manner such
director believes to be in the best
interests of the regulated entity, and
with such care, including reasonable
inquiry, as is required under the
Revised Model Business Corporation
Act or the other body of law that the
entity’s board of directors has chosen to
follow for its corporate governance and
indemnification practices and
procedures in accordance with
§ 1239.3(b);
(2) For Bank directors, administer the
affairs of the regulated entity fairly and
impartially and without discrimination
in favor of or against any member
institution;
(3) At the time of election, or within
a reasonable time thereafter, have a
working familiarity with basic finance
and accounting practices, including the
ability to read and understand the
regulated entity’s balance sheet and
income statement and to ask substantive
questions of management and the
internal and external auditors;
(4) Direct the operations of the
regulated entity in conformity with the
requirements set forth in the authorizing
statutes, the Safety and Soundness Act,
and this chapter; and
(5) Adopt and maintain in effect at all
times bylaws governing the manner in
which the regulated entity administers
its affairs. Such bylaws shall be
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
consistent with applicable laws and
regulations administered by FHFA, and
with the body of law designated for the
entity’s corporate governance practices
and procedures in accordance with
§ 1239.3(b).
(c) Director responsibilities. The
responsibilities of the board of directors
include having in place adequate
policies to assure its oversight of, among
other matters, the following:
(1) The risk management and
compensation programs of the regulated
entity;
(2) The processes for providing
accurate financial reporting and other
disclosures, and communications with
stockholders; and
(3) The responsiveness of executive
officers in providing accurate and
timely reports to FHFA and in
addressing all supervisory concerns of
FHFA in a timely and appropriate
manner.
(d) Authority regarding staff and
outside consultants. (1) In carrying out
its duties and responsibilities under the
authorizing statutes, the Safety and
Soundness Act, and this chapter, each
regulated entity’s board of directors and
all committees thereof shall have
authority to retain staff and outside
counsel, independent accountants, or
other outside consultants at the expense
of the regulated entity.
(2) The board of directors and its
committees may require that staff of the
regulated entity that provides services to
the board or any committee under
paragraph (d)(1) of this section report
directly to the board or such committee,
as appropriate.
§ 1239.5
Board committees.
(a) General. The board of directors
may rely, in directing a regulated entity,
on reports from committees of the board
of directors, provided, however, that no
committee of the board of directors shall
have the authority of the board of
directors to amend the bylaws and no
committee shall operate to relieve the
board of directors or any board member
of a responsibility imposed by
applicable law, rule, or regulation.
(b) Required committees. The board of
directors of each regulated entity shall
have committees, however styled, that
address each of the following areas of
responsibility: Risk management; audit;
compensation; and corporate
governance (in the case of the Banks,
including the nomination of
independent board of director
candidates, and, in the case of the
Enterprises, including the nomination of
all board of director candidates). The
risk management committee and the
audit committee shall not be combined
PO 00000
Frm 00012
Fmt 4700
Sfmt 4700
with any other committees. The board of
directors may establish any other
committees that it deems necessary or
useful to carrying out its
responsibilities, subject to the
provisions of this section. In the case of
the Enterprises, board committees shall
comply with the charter, independence,
composition, expertise, duties,
responsibilities, and other requirements
set forth under rules issued by the
NYSE, and the audit committees shall
also comply with the requirements set
forth under section 301 of the SarbanesOxley Act of 2002, Public Law 107–204.
(c) Charter. The board of directors
shall adopt a formal written charter for
each committee that specifies the scope
of a committee’s powers and
responsibilities, as well as the
committee’s structure, processes, and
membership requirements.
(d) Frequency of meetings. Each
committee of the board of directors shall
meet regularly and with sufficient
frequency to carry out its obligations
and duties under applicable laws, rules,
regulations, and guidelines. Committees
that are structured to meet only on an
as-needed basis shall meet in the
manner specified by their charter. All
such committees shall also meet with
sufficient timeliness as necessary in
light of relevant conditions and
circumstances to fulfill their obligations
and duties.
Subpart C—Other Requirements
Applicable to All Regulated Entities
§ 1239.10
Code of conduct and ethics.
(a) General. A regulated entity shall
establish and administer a written code
of conduct and ethics that is reasonably
designed to assure that its directors,
officers, and employees discharge their
duties and responsibilities in an
objective and impartial manner that
promotes honest and ethical conduct,
compliance with applicable laws, rules,
and regulations, accountability for
adherence to the code, and prompt
internal reporting of violations of the
code to appropriate persons identified
in the code. The code also shall include
provisions applicable to the regulated
entity’s principal executive officer,
principal financial officer, principal
accounting officer or controller, or
persons performing similar functions,
that are reasonably designed to promote
full, fair, accurate, and understandable
disclosure in reports and other
documents filed with the Securities and
Exchange Commission and in other
public communications reporting on the
entity’s financial condition.
(b) Review. Not less often than once
every three years, a regulated entity
E:\FR\FM\19NOR1.SGM
19NOR1
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
shall review the adequacy of its code of
conduct and ethics for consistency with
practices appropriate to the entity and
make any appropriate revisions to such
code.
wgreen on DSK2VPTVN1PROD with RULES
§ 1239.11
Risk management.
(a) Risk management program—(1)
Adoption. Each regulated entity’s board
of directors shall approve, have in effect
at all times, and periodically review an
enterprise-wide risk management
program that establishes the regulated
entity’s risk appetite, aligns the risk
appetite with the regulated entity’s
strategies and objectives, addresses the
regulated entity’s exposure to credit
risk, market risk, liquidity risk, business
risk and operational risk, and complies
with the requirements of this part and
with all applicable FHFA regulations
and policies.
(2) Risk appetite. The board of
directors shall ensure that the risk
management program aligns with the
regulated entity’s risk appetite.
(3) Risk management program
requirements. The risk management
program shall include:
(i) Risk limitations appropriate to
each business line of the regulated
entity;
(ii) Appropriate policies and
procedures relating to risk management
governance, risk oversight
infrastructure, and processes and
systems for identifying and reporting
risks, including emerging risks;
(iii) Provisions for monitoring
compliance with the regulated entity’s
risk limit structure and policies relating
to risk management governance, risk
oversight, and effective and timely
implementation of corrective actions;
and
(iv) Provisions specifying
management’s authority and
independence to carry out risk
management responsibilities, and the
integration of risk management with
management’s goals and compensation
structure.
(b) Risk committee. The board of each
regulated entity shall establish and
maintain a risk committee of the board
of directors that assists the board in
carrying out its duties to oversee the
enterprise-wide risk management
program at the regulated entity.
(1) Committee structure. The risk
committee shall:
(i) Be chaired by a director not serving
in a management capacity of the
regulated entity;
(ii) Have at least one member with
risk management experience that is
commensurate with the regulated
entity’s capital structure, risk appetite,
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
complexity, activities, size, and other
appropriate risk-related factors;
(iii) Have committee members that
have, or that will acquire within a
reasonable time after being elected to
the committee, a practical
understanding of risk management
principles and practices relevant to the
regulated entity;
(iv) Fully document and maintain
records of its meetings, including its
risk management decisions and
recommendations; and
(v) Report directly to the board and
not as part of, or combined with,
another committee.
(2) Committee responsibilities. The
risk committee shall:
(i) Periodically review and
recommend for board approval an
appropriate enterprise-wide risk
management program that is
commensurate with the regulated
entity’s capital structure, risk appetite,
complexity, activities, size, and other
appropriate risk-related factors;
(ii) Receive and review regular reports
from the regulated entity’s chief risk
officer, as required under paragraph
(c)(5) of this section ; and
(iii) Periodically review the
capabilities for, and adequacy of
resources allocated to, enterprise-wide
risk management.
(c) Chief Risk Officer.—(1)
Appointment of a chief risk officer
(CRO). Each regulated entity shall
appoint a CRO to implement and
maintain appropriate enterprise-wide
risk management practices for the
regulated entity.
(2) Organizational structure of the risk
management function. The CRO shall
head an independent enterprise-wide
risk management function, or unit, and
shall report directly to the risk
committee and to the chief executive
officer.
(3) Responsibilities of the CRO. The
CRO shall be responsible for the
enterprise-wide risk management
function, including:
(i) Allocating risk limits and
monitoring compliance with such
limits;
(ii) Establishing appropriate policies
and procedures relating to risk
management governance, practices, and
risk controls, and developing
appropriate processes and systems for
identifying and reporting risks,
including emerging risks;
(iii) Monitoring risk exposures,
including testing risk controls and
verifying risk measures; and
(iv) Communicating within the
organization about any risk management
issues and/or emerging risks, and
ensuring that risk management issues
PO 00000
Frm 00013
Fmt 4700
Sfmt 4700
72339
are effectively resolved in a timely
manner.
(4) The CRO should have risk
management expertise that is
commensurate with the regulated
entity’s capital structure, risk appetite,
complexity, activities, size, and other
appropriate risk related factors.
(5) The CRO shall report regularly to
the risk committee and to the chief
executive officer on significant risk
exposures and related controls, changes
to risk appetite, risk management
strategies, results of risk management
reviews, and emerging risks. The CRO
shall also report regularly on the
regulated entity’s compliance with, and
the adequacy of, its current risk
management policies and procedures,
and shall recommend any adjustments
to such policies and procedures that he
or she considers necessary or
appropriate.
(6) The compensation of a regulated
entity’s CRO shall be appropriately
structured to provide for an objective
and independent assessment of the risks
taken by the regulated entity.
§ 1239.12
Compliance program.
A regulated entity shall establish and
maintain a compliance program that is
reasonably designed to assure that the
regulated entity complies with
applicable laws, rules, regulations, and
internal controls. The compliance
program shall be headed by a
compliance officer, however styled, who
reports directly to the chief executive
officer. The compliance officer also
shall report regularly to the board of
directors, or an appropriate committee
thereof, on the adequacy of the entity’s
compliance policies and procedures,
including the entity’s compliance with
them, and shall recommend any
revisions to such policies and
procedures that he or she considers
necessary or appropriate.
§ 1239.13
Regulatory reports.
(a) Reports. Each regulated entity
shall file Regulatory Reports with FHFA
in accordance with the forms,
instructions, and schedules issued by
FHFA from time to time. If no regularly
scheduled reporting dates are
established, Regulatory Reports shall be
filed as requested by FHFA.
(b) Definition. For purposes of this
section, the term Regulatory Report
means any report to FHFA of
information or raw or summary data
needed to evaluate the safe and sound
condition or operations of a regulated
entity, or to determine compliance with
any:
E:\FR\FM\19NOR1.SGM
19NOR1
72340
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
(1) Provision in the Bank Act, Safety
and Soundness Act, or other law, order,
rule, or regulation;
(2) Condition imposed in writing by
FHFA in connection with the granting
of any application or other request by a
regulated entity; or
(3) Written agreement entered into
between FHFA and a regulated entity.
Subpart D—Enterprise Specific
Requirements
§ 1239.21 Compensation of Enterprise
board members.
wgreen on DSK2VPTVN1PROD with RULES
§ 1239.20 Board of directors of the
Enterprises.
(a) Membership—(1) Limits on service
of board members.—(i) General
requirement. No board member of an
Enterprise may serve on the board of
directors for more than 10 years or past
the age of 72, whichever comes first;
provided, however, a board member
may serve his or her full term if he or
she has served less than 10 years or is
72 years on the date of his or her
election or appointment to the board;
and
(ii) Waiver. Upon written request of
an Enterprise, the Director may waive,
in his or her sole discretion and for good
cause, the limits on the service of a
board member under paragraph (a)(1)(i)
of this section.
(2) Independence of board members.
A majority of seated members of the
board of directors of an Enterprise shall
be independent board members, as
defined under rules set forth by the
NYSE, as amended from time to time.
(3) Segregation of duties. The position
of chairperson of the board of directors
shall be filled by a person other than the
chief executive officer, who shall also be
a director of the Enterprise that is
independent, as defined under the rules
set forth by the NYSE, as amended from
time to time.
(b) Meetings, quorum and proxies,
information, and annual review—(1)
Frequency of meetings. The board of
directors of an Enterprise shall meet at
least eight times a year and no less than
once a calendar quarter to carry out its
obligations and duties under applicable
laws, rules, regulations, and guidelines.
(2) Non-management board member
meetings. Non-management directors of
an Enterprise shall meet at regularly
scheduled executive sessions without
management participation.
(3) Quorum of board of directors;
proxies not permissible. For the
transaction of business, a quorum of the
board of directors of an Enterprise is at
least a majority of the seated board of
directors and a board member may not
vote by proxy.
(4) Information. Management of an
Enterprise shall provide a board
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
member of the Enterprise with such
adequate and appropriate information
that a reasonable board member would
find important to the fulfillment of his
or her fiduciary duties and obligations.
(5) Annual review. At least annually,
the board of directors of an Enterprise
shall be informed of significant changes
to the requirements of laws, rules,
regulations, and guidelines that are
applicable to its activities and duties.
Each Enterprise may pay its directors
reasonable and appropriate
compensation for the time required of
them, and their necessary and
reasonable expenses, in the performance
of their duties.
§ 1239.31
Subpart E—Bank Specific
Requirements
§ 1239.30
Bank member products policy.
(a) Adoption and review of member
products policy—(1) Adoption. Each
Bank’s board of directors shall have in
effect at all times a policy that addresses
the Bank’s management of products
offered by the Bank to members and
housing associates, including but not
limited to advances, standby letters of
credit, and acquired member assets,
consistent with the requirements of the
Bank Act, paragraph (b) of this section,
and all applicable FHFA regulations and
policies.
(2) Review and compliance. Each
Bank’s board of directors shall:
(i) Review the Bank’s member
products policy annually;
(ii) Amend the member products
policy as appropriate; and
(iii) Re-adopt the member products
policy, including interim amendments,
not less often than every three years.
(b) Member products policy
requirements. In addition to meeting
any other requirements set forth in this
chapter, each Bank’s member products
policy shall:
(1) Address credit underwriting
criteria to be applied in evaluating
applications for advances, standby
letters of credit, and renewals;
(2) Address appropriate levels of
collateralization, valuation of collateral
and discounts applied to collateral
values for advances and standby letters
of credit;
(3) Address advances-related fees to
be charged by each Bank, including any
schedules or formulas pertaining to
such fees;
(4) Address standards and criteria for
pricing member products, including
differential pricing of advances
pursuant to § 1266.5(b)(2) of this
PO 00000
Frm 00014
Fmt 4700
Sfmt 4700
chapter, and criteria regarding the
pricing of standby letters of credit,
including any special pricing provisions
for standby letters of credit that
facilitate the financing of projects that
are eligible for any of the Banks’ CICA
programs under part 1292 of this
chapter;
(5) Provide that, for any draw made by
a beneficiary under a standby letter of
credit, the member will be charged a
processing fee calculated in accordance
with the requirements of § 1271.6(b) of
this chapter;
(6) Address the maintenance of
appropriate systems, procedures, and
internal controls; and
(7) Address the maintenance of
appropriate operational and personnel
capacity.
Strategic business plan.
(a) Adoption of strategic business
plan. Each Bank’s board of directors
shall have in effect at all times a
strategic business plan that describes
how the business activities of the Bank
will achieve the mission of the Bank
consistent with part 1265 of this
chapter. Specifically, each Bank’s
strategic business plan shall:
(1) Enumerate operating goals and
objectives for each major business
activity and for all new business
activities, which must include plans for
maximizing activities that further the
Bank’s housing finance and community
lending mission, consistent with part
1265 of this chapter;
(2) Discuss how the Bank will address
credit needs and market opportunities
identified through ongoing market
research and consultations with
members, associates, and public and
private organizations;
(3) Establish quantitative performance
goals for Bank products related to multifamily housing, small business, small
farm and small agri-business lending;
(4) Describe any proposed new
business activities or enhancements of
existing activities; and
(5) Be supported by appropriate and
timely research and analysis of relevant
market developments and member and
associate demand for Bank products and
services.
(b) Review and monitoring. Each
Bank’s board of directors shall:
(1) Review the Bank’s strategic
business plan at least annually;
(2) Re-adopt the Bank’s strategic
business plan, including interim
amendments, not less often than every
three years; and
(3) Establish management reporting
requirements and monitor
implementation of the strategic business
plan and the operating goals and
objectives contained therein.
E:\FR\FM\19NOR1.SGM
19NOR1
Federal Register / Vol. 80, No. 223 / Thursday, November 19, 2015 / Rules and Regulations
(c) Report to FHFA. Each Bank shall
submit to FHFA annually a report
analyzing and describing the Bank’s
performance in achieving the goals
described in paragraph (a)(3) of this
section.
wgreen on DSK2VPTVN1PROD with RULES
§ 1239.32
Audit committee.
(a) Establishment. The audit
committee of each Bank established as
required by § 1239.5(b) shall be
consistent with the requirements set
forth in this section.
(b) Composition. (1) The audit
committee shall comprise five or more
persons drawn from the Bank’s board of
directors, each of whom shall meet the
criteria of independence set forth in
paragraph (c) of this section.
(2) The audit committee shall include,
to the extent practicable, a balance of
representatives of:
(i) Community financial institutions
and other members; and
(ii) Independent directors and
member directors of the Bank, both as
defined in the Bank Act.
(3) The terms of audit committee
members shall be appropriately
staggered so as to provide for continuity
of service.
(4) At least one member of the audit
committee shall have extensive
accounting or related financial
management experience.
(c) Independence. Any member of the
Bank’s board of directors shall be
considered to be sufficiently
independent to serve as a member of the
audit committee if that director does not
have a disqualifying relationship with
the Bank or its management that would
interfere with the exercise of that
director’s independent judgment. Such
disqualifying relationships include, but
are not limited to:
(1) Being employed by the Bank in the
current year or any of the past five
years;
(2) Accepting any compensation from
the Bank other than compensation for
service as a board director;
(3) Serving or having served in any of
the past five years as a consultant,
advisor, promoter, underwriter, or legal
counsel of or to the Bank; or
(4) Being an immediate family
member of an individual who is, or has
been in any of the past five years,
employed by the Bank as an executive
officer.
(d) Charter. (1) The audit committee
of each Bank shall review and assess the
adequacy of the Bank’s audit committee
charter on an annual basis, and shall
recommend to the board of directors any
amendments that it believes to be
appropriate;
(2) The board of directors of each
Bank shall review and assess the
VerDate Sep<11>2014
15:39 Nov 18, 2015
Jkt 238001
adequacy of the audit committee charter
on an annual basis, shall amend the
audit committee charter whenever it
deems it appropriate to do so, and shall
reapprove the audit committee charter
not less often than every three years;
and
(3) Each Bank’s audit committee
charter shall:
(i) Provide that the audit committee
has the responsibility to select, evaluate
and, where appropriate, replace the
internal auditor and that the internal
auditor may be removed only with the
approval of the audit committee;
(ii) Provide that the internal auditor
shall report directly to the audit
committee on substantive matters and
that the internal auditor is ultimately
accountable to the audit committee and
board of directors; and
(iii) Provide that both the internal
auditor and the external auditor shall
have unrestricted access to the audit
committee without the need for any
prior management knowledge or
approval.
(e) Duties. Each Bank’s audit
committee shall have the duty to:
(1) Direct senior management to
maintain the reliability and integrity of
the accounting policies and financial
reporting and disclosure practices of the
Bank;
(2) Review the basis for the Bank’s
financial statements and the external
auditor’s opinion rendered with respect
to such financial statements (including
the nature and extent of any significant
changes in accounting principles or the
application thereof) and ensure that
policies are in place that are reasonably
designed to achieve disclosure and
transparency regarding the Bank’s true
financial performance and governance
practices;
(3) Oversee the internal audit function
by:
(i) Reviewing the scope of audit
services required, significant accounting
policies, significant risks and exposures,
audit activities, and audit findings;
(ii) Assessing the performance and
determining the compensation of the
internal auditor; and
(iii) Reviewing and approving the
internal auditor’s work plan.
(4) Oversee the external audit
function by:
(i) Approving the external auditor’s
annual engagement letter;
(ii) Reviewing the performance of the
external auditor; and
(iii) Making recommendations to the
Bank’s board of directors regarding the
appointment, renewal, or termination of
the external auditor.
(5) Provide an independent, direct
channel of communication between the
PO 00000
Frm 00015
Fmt 4700
Sfmt 9990
72341
Bank’s board of directors and the
internal and external auditors;
(6) Conduct or authorize
investigations into any matters within
the audit committee’s scope of
responsibilities;
(7) Ensure that senior management
has established and is maintaining an
adequate internal control system within
the Bank by:
(i) Reviewing the Bank’s internal
control system and the resolution of
identified material weaknesses and
significant deficiencies in the internal
control system, including the
prevention or detection of management
override or compromise of the internal
control system; and
(ii) Reviewing the programs and
policies of the Bank designed to ensure
compliance with applicable laws,
regulations and policies, and monitoring
the results of these compliance efforts;
(8) Review the policies established by
senior management to assess and
monitor implementation of the Bank’s
strategic business plan and the
operating goals and objectives contained
therein; and
(9) Report periodically its findings to
the Bank’s board of directors.
(f) Meetings. The audit committee
shall prepare written minutes of each
audit committee meeting.
§ 1239.33
Dividends.
A Bank’s board of directors may not
declare or pay a dividend based on
projected or anticipated earnings and
may not declare or pay a dividend if the
par value of the Bank’s stock is impaired
or is projected to become impaired after
paying such dividend.
CHAPTER XVII—OFFICE OF FEDERAL
HOUSING ENTERPRISE OVERSIGHT,
DEPARTMENT OF HOUSING AND URBAN
DEVELOPMENT
SUBCHAPTER C—SAFETY AND
SOUNDNESS
PART 1710—[REMOVED]
■
6. Remove part 1710.
PART 1720—[REMOVED]
■
7. Remove part 1720.
Dated: November 10, 2015.
Melvin L. Watt,
Director, Federal Housing Finance Agency.
[FR Doc. 2015–29367 Filed 11–18–15; 8:45 am]
BILLING CODE 8070–01–P
E:\FR\FM\19NOR1.SGM
19NOR1
Agencies
[Federal Register Volume 80, Number 223 (Thursday, November 19, 2015)]
[Rules and Regulations]
[Pages 72327-72341]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-29367]
=======================================================================
-----------------------------------------------------------------------
FEDERAL HOUSING FINANCE BOARD
12 CFR Parts 914 and 917
FEDERAL HOUSING FINANCE AGENCY
12 CFR Parts 1236 and 1239
DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT
Office of Federal Housing Enterprise Oversight
12 CFR Parts 1710 and 1720
RIN 2590-AA59
Responsibilities of Boards of Directors, Corporate Practices and
Corporate Governance Matters
AGENCY: Federal Housing Finance Board; Federal Housing Finance Agency;
Office of Federal Housing Enterprise Oversight.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Federal Housing Finance Agency (FHFA) is amending its
regulations by relocating and consolidating certain regulations of its
predecessor agencies--the Federal Housing Finance Board (Finance Board)
and Office of Federal Housing Enterprise Oversight (OFHEO)--that
pertain to the responsibilities of boards of directors, corporate
practices, and corporate governance matters. The OFHEO regulations
addressed corporate governance matters at the Federal National Mortgage
Association (Fannie Mae) and the Federal Home Loan Mortgage Corporation
(Freddie Mac) (collectively, the Enterprises), while the Finance Board
regulations addressed the powers and responsibilities of the boards of
directors and management of the Federal Home Loan Banks (Banks). The
final rule consolidates most of those regulations into a new FHFA
regulation, parts of which will apply to both the Banks and the
Enterprises (together, regulated entities), and parts of which will
apply only to the Banks or only to the Enterprises. Most of the content
of the new regulations has been derived from the regulations of the
predecessor agencies, with such modifications as are necessary to apply
the regulations to all of the regulated entities, to respond to issues
raised by the commenters, or to clarify the regulatory text. The final
rule
[[Page 72328]]
also amends the Prudential Management and Operations Standards
(Prudential Standards) provisions by designating certain introductory
language--which pertains to the general responsibilities of senior
management and boards of directors--as a separate Prudential Standard.
The final rule also repeals a provision of the OFHEO regulations that
related to minimum safety and soundness requirements for the
Enterprises.
DATES: The final rule is effective on December 21, 2015.
FOR FURTHER INFORMATION CONTACT: Amy Bogdon, Associate Director,
Division of Federal Home Loan Bank Regulation, at Amy.Bogdon@fhfa.gov
or (202) 649-3320, or Neil R. Crowley, Deputy General Counsel, Office
of General Counsel, at Neil.Crowley@fhfa.gov or (202) 649-3055 (not
toll-free numbers), Federal Housing Finance Agency, Constitution
Center, 400 7th Street SW., Washington, DC 20024. The telephone number
for the Telecommunications Device for the Hearing Impaired is (800)
877-8339.
SUPPLEMENTARY INFORMATION:
I. Background
A. Proposed Rule
On January 28, 2014, FHFA published a proposed rule that would
relocate, revise, and consolidate into a new FHFA regulation certain of
the rules of the predecessor agencies that dealt with corporate
practices and governance at the Banks and the Enterprises.\1\ The
proposed rule was one phase of FHFA's ongoing project to repeal or
relocate remaining OFHEO and Finance Board regulations. Both
predecessor agencies had regulations addressing director
responsibilities, corporate practices, and corporate governance
matters. Pursuant to the Housing and Economic Recovery Act of 2008
(HERA), Public Law 110-289, 122 Stat. 2654, those regulations remain in
effect until they are superseded by regulations issued by FHFA. See id.
at sections 1302, 1312, 122 Stat. 2795, 2798. The intent of the
proposed rule was to consolidate certain of those regulations into a
new set of FHFA regulations that would address those same matters, and
to repeal any predecessor regulations that were not adopted as FHFA
regulations. The proposed rule was not intended to address
conservatorship matters, but rather to address matters of corporate
practice and governance that currently are addressed by OFHEO
regulations, to which the Enterprises remain subject. The applicable
regulations of the predecessor agencies addressed by this rulemaking
currently are located at parts 914, 917, 1710, and 1720 of title 12 of
the Code of Federal Regulations. All of the relocated portions of these
regulations would be codified as a new part 1239 of the FHFA
regulations.
---------------------------------------------------------------------------
\1\ See 79 FR 4414 (January 28, 2014).
---------------------------------------------------------------------------
The proposed rule included a number of provisions that would apply
to all of the regulated entities because they addressed matters of
general applicability, but also included other provisions that would
apply only to the Banks or only to the Enterprises because they
addressed topics that are unique to the particular type of entity. The
substance of most of the provisions of the proposed rule was unchanged
from that of the predecessor regulations, except for the provision on
risk management, which was new. The proposed rule would also have
carried over a Finance Board regulation on regulatory reporting and
applied that provision to all of the regulated entities.
In conjunction with the relocation of the predecessor regulations,
the proposed rule also would have revised certain provisions of FHFA's
Prudential Standards. Specifically, the proposal would have
redesignated the introductory section to the Prudential Standards--
which recites general concepts of corporate governance and
responsibilities of the board of directors and senior management--as a
separate standard. Doing so would clarify FHFA's authority to enforce
those provisions in the same manner as any of the other ten enumerated
standards. Lastly, the proposal would have repealed a provision of the
OFHEO regulations, 12 CFR part 1720, which had established certain
safety and soundness standards for the Enterprises, because many of the
matters addressed by those regulations are also addressed by the
Prudential Standards or by the proposed rule.
B. Considerations of Differences Between the Banks and the Enterprises
When promulgating regulations or taking other actions that relate
to the Banks, section 1313(f) of the Federal Housing Enterprises
Financial Safety and Soundness Act of 1992 (Safety and Soundness Act)
requires the Director of FHFA (Director) to consider the differences
between the Banks and the Enterprises with respect to the Banks'
cooperative ownership structure; mission of providing liquidity to
members; affordable housing and community development mission; capital
structure; and joint and several liability. 12 U.S.C. 4513(f). In
preparing the proposed and final rules, the Director has considered
those differences as they relate to the above factors and has
determined that none of the statutory factors would be adversely
affected by the final rule. None of the comment letters addressed this
requirement.
II. Response to Comment Letters
In response to the proposed rule, FHFA received three substantive
comment letters, one each from Fannie Mae and Freddie Mac, and a joint
letter from the Banks. Each letter generally supported the proposed
rule, but also recommended different ways in which FHFA should revise
certain aspects of the rule. In response to these recommendations, FHFA
has incorporated a number of revisions into the final rule. The
following sections of this document describe the issues raised by the
commenters, along with FHFA's responses, which are included as part of
FHFA's descriptions of the particular provisions of the final rule for
which the commenters had suggested revisions. For other provisions of
the proposed rule about which the commenters raised no issues, FHFA has
adopted them without change.
III. Final Rule
A. Overview
The organizational structure of the final rule is the same as that
of the proposed rule, meaning that it includes one subpart for
definitions and four subparts for the substantive provisions. Subpart A
defines terms used within the final rule. Subpart B includes provisions
relating to certain core corporate governance principles and applies to
both the Banks and the Enterprises. Subpart C addresses codes of
conduct for the entities, risk management, compliance programs, and
regulatory reports, and also applies to all regulated entities.
Subparts D and E include regulations from the predecessor agencies that
address matters specific to the Banks (such as those relating to a
Bank's member products policy) or to the Enterprises (such as those
relating to the Enterprise boards), respectively. None of these
provisions is intended to address conservatorship matters at the
Enterprises. Instead, they are intended to address matters of corporate
practice and governance for regulated entities that are not in
conservatorship by replacing the existing OFHEO regulations on those
same topics.\2\ The
[[Page 72329]]
following paragraphs describe the manner in which each of the subparts
of the final rule differs from those of the proposed rule and, as
applicable, describes the material issues raised by the commenters and
FHFA's responses to them.
---------------------------------------------------------------------------
\2\ FHFA as conservator has exercised its authority under 12
U.S.C. 4617(b)(2)(C) to provide for the Enterprises' management to
be overseen by the boards of directors under their charter acts, 12
U.S.C. 1452(a), 1723(b), and those boards have been operating under
the OFHEO regulations, which are being replaced by this regulation.
---------------------------------------------------------------------------
B. Subpart A--General
Definitions (1239.2)
The proposed rule included seventeen defined terms, most of which
were derived from the predecessor agencies' regulations and were to be
incorporated into the FHFA's regulations without change. The final rule
revises one of the proposed definitions, deletes two proposed
definitions, and adds one new definition.
The proposed rule would have defined ``executive officer'' to
include the chairperson and vice-chairperson of an Enterprise, along
with a number of other specified senior executive positions at any Bank
or Enterprise. Both Enterprises commented that defining ``executive
officer'' to include the chairperson and vice-chairperson created a
conflict with another provision of the proposed rule, 12 CFR
1239.20(a)(3), which requires the chairperson of an Enterprise to be a
person other than the chief executive officer, who also must be
independent, as defined by the rules of the New York Stock Exchange
(NYSE). The applicable NYSE rule provides that a company's chairperson
is not ``independent'' if the person is, or has been within the past
three years, an executive officer of the company. In order to resolve
this conflict, FHFA agrees with the commenters and has amended the
definition of ``executive officer'' to delete the references to an
Enterprise's chairperson and vice-chairperson.
The proposed rule had used the term ``risk profile'' in several
places within the risk management section of the rule, but did not
define that term. In considering how to define that term for the final
rule, FHFA determined that a similar term--``risk appetite''--as
defined by the Office of the Comptroller of the Currency in its
guidelines establishing heightened standards for national banks, better
described the concept that FHFA had intended with its use of the term
``risk profile'' in the proposed rule. Accordingly, the final rule
replaces the references to ``risk profile'' with the new term ``risk
appetite'' and defines that term to mean the aggregate level and types
of risk the board of directors and management are willing to assume to
achieve the regulated entity's strategic objectives and business plan,
consistent with applicable capital, liquidity, and other regulatory
requirements.
The final rule deletes the defined term ``authorizing statutes''
because FHFA has recently defined that term within its general
definitions section, at 12 CFR 1201, which definitions apply to all of
FHFA's regulations. FHFA has also deleted the definition of the
Sarbanes-Oxley Act from the final rule, because that term is only used
once within the regulatory text, which now refers to that act by its
name, rather than the acronym.
The proposed rule defined credit risk as ``the potential that a
borrower or counterparty will fail to meet its financial obligations in
accordance with agreed terms.'' Credit risk is one of the several
specified risks that the rule requires a regulated entity's risk
management program to address. Freddie Mac contended that the proposed
definition was both too broad and too narrow and also suggested that
FHFA replace ``financial obligations'' with ``contractual
obligations.'' Freddie Mac also suggested that FHFA define ``credit
risk'' in terms of an actual failure of a counterparty to perform,
i.e., as the risk that the counterparty will fail to perform. FHFA
declines to accept either of those suggestions, and notes that its
definition is consistent with those of other banking regulators, which
also focus on the potential that a borrower or counterparty will fail
to meet its obligations.\3\ FHFA also believes that using the term
``contractual obligations'' in the definition would make it overly
broad, in that such language would include other types of contractual
obligations that may not have any relevance to credit risk.
---------------------------------------------------------------------------
\3\ See e.g., Principles for the Management of Credit Risk--
Consultative Document, Bank for International Settlements, July 1999
(``Credit risk is most simply defined as the potential that a bank
borrower or counterparty will fail to meet its obligations in
accordance with agreed terms.''). See also, Interagency Counterparty
Risk Management Guidance, Board of Governors of the Federal Reserve
System, SR 11-10, July 5, 2011 (``Counterparty credit risk is the
risk that the counterparty to a transaction could default.'') and
Supervisory Policy Statement on Investment Securities and End-User
Derivatives Activities, Federal Financial Institutions Examination
Council, Oct. 3, 1997 (A component of credit risk is settlement and
pre-settlement credit risk. ``These risks are the possibility that a
counterparty will fail to honor its obligation at or before the time
of settlement.'' (emphasis added)).
---------------------------------------------------------------------------
C. Subpart B--Corporate Practices and Procedures Applicable to All
Regulated Entities
Subpart B of the proposed rule included three provisions that
addressed certain core principles of corporate practices or governance
that were to apply to both the Enterprises and the Banks. Those
provisions addressed choice of law for governance and indemnification
matters, duties of directors, and committees of the boards of
directors. Nearly all of the content of those provisions was derived
from the Finance Board or OFHEO regulations.
Choice of Law and Indemnification (1239.3)
Choice of Law
Proposed Sec. 1239.3(a) and (b) generally would have required that
a regulated entity's corporate governance and indemnification practices
comply with any applicable federal law, but also would have required
each regulated entity to designate in its bylaws a body of law to
follow with respect to those practices. The proposed rule would have
allowed a regulated entity to follow: (1) The law of the jurisdiction
in which the entity maintains its principal office; (2) the Delaware
General Corporation Law; or (3) the Revised Model Business Corporation
Act. This choice of law provision would be new only for the Banks
because the OFHEO regulations had previously imposed this requirement
on the Enterprises.
The Banks expressed concern that by choosing a particular body of
state law to follow they could subject themselves to the jurisdiction
of those states' courts and would allow their members to assert all of
the rights available to stockholders of corporations organized under
those state laws. Although FHFA does not believe that its regulations
would cause either of those possibilities to occur, it agrees that for
the sake of clarity the final rule should be revised to state
explicitly that the regulation does not create any rights in the
members or other third parties and that it does not otherwise cause the
regulated entities to become subject to the jurisdiction of state
courts on matters of corporate governance and indemnification. In
addition, FHFA has determined that it would be appropriate to allow the
Banks an additional period of time within which to compare the relative
merits of the three bodies of law from which they may choose.
Accordingly, the final rule allows the Banks a period of 90 days after
the effective date of the rule by which to designate in their bylaws
their chosen body of law.
The Banks also suggested that the regulation should allow them to
model their bylaw provisions after certain specific state law
provisions, rather than on an entire body of state corporate law. FHFA
has declined to make that revision for the final rule because it
[[Page 72330]]
does not believe that the selective designation of various state
corporate law provisions would result in an effective or uniform source
of guidance for the entities.
Indemnification
The proposed rule would have required the regulated entities to
indemnify their directors, officers, and employees under terms and
conditions to be determined by the entities' boards of directors.
Section 1239.3(c)(2) further would have required that each regulated
entity adopt policies and procedures for indemnifying its personnel,
which had to address how the board would make decisions on
indemnification requests and what standards the board would use for
indemnification requests, as well as for board investigations and
review by outside counsel. These provisions were modeled on FHFA's
regulations governing the Office of Finance, 12 CFR 1273.7(i)(3), and
the OFHEO indemnification provisions at 12 CFR 1710.20.
The Banks' comment letter questioned FHFA's authority to subject
the Banks to regulations relating to indemnification, citing a
provision of the Federal Home Loan Bank Act (Bank Act), 12 U.S.C.
1427(k), which they believed committed matters of indemnification
exclusively to the discretion of the Bank's board of directors. FHFA
believes that the language of the proposed rule is fully consistent
with the authority granted to the Banks' boards of directors by section
1427(k) because the rule largely restates and elaborates on the
statutory requirement that the boards of directors are to determine the
terms and conditions on which the regulated entities are to provide
indemnification to their personnel.
The one aspect of the proposed rule that differed from the statute
pertained to the provisions requiring the entities to adopt policies
describing the manner in which they would exercise their
indemnification authority. In effect, those provisions would have
required the entities to commit to writing the decisions that their
boards of directors make with respect to the circumstances under which
they intend to provide indemnification to their officers and employees
and the manner in which they will make those decisions. Requiring the
entities to document the policies, procedures, and standards that the
board of directors will use when considering requests for
indemnification does not diminish the authority of the boards of
directors to set the terms and conditions on which the entity will
indemnify its personnel. In such cases, the boards would still decide
the terms and conditions for indemnification, and the written policies,
procedures, and standards would reflect and implement those board
decisions. Requiring a regulated entity to have in place procedural
safeguards, such as policies, procedures, and standards for
indemnification, benefits the board of directors by helping to ensure
that they make their indemnification decisions on a consistent basis,
which in turn increases the likelihood that the entities will make
these decisions in a safe and sound manner. FHFA has explicit authority
to adopt regulations to ensure that the purposes of the Bank Act are
carried out.\4\ For those reasons, FHFA has retained this requirement
in the final rule.
---------------------------------------------------------------------------
\4\ Safety and Soundness Act section 1319G, 12 U.S.C. 4526.
---------------------------------------------------------------------------
The proposed rule also included a provision carried over from the
OFHEO regulations that authorized FHFA to review an entity's
indemnification policies, procedures, and practices and to limit or
prohibit an entity from making indemnification payments based on FHFA's
safety and soundness authority. The commenters questioned whether FHFA
has the legal authority to prohibit indemnification payments based
solely on its safety and soundness authority, particularly in light of
a 2008 statutory amendment that explicitly authorized FHFA to prohibit
indemnification payments only in cases where FHFA has initiated the
action against an officer or director of a regulated entity. 12 U.S.C.
4518(e). Fannie Mae also objected to certain language in the
supplementary information to the proposed rule, which described this
provision as allowing FHFA to prohibit indemnification payment to ``any
person found to have violated any law or regulation,'' as going beyond
the language of the regulatory text.
To address these comments, FHFA has revised Sec. 1239.3(c)(4) of
the final rule in two respects. First, the final rule no longer asserts
the authority of FHFA to limit or prohibit indemnification payments
based solely on safety and soundness grounds. To the extent that FHFA
deems it necessary to limit or prohibit indemnification payments by a
regulated entity, it will act under the authority conferred by 12
U.S.C. 4518(e), which applies only to instances in which FHFA has
initiated the underlying civil or administrative action. Second, the
final rule revises the regulatory language to provide that FHFA may
review a regulated entity's indemnification policies, procedures, and
practices to ensure that they are consistent with law and with safety
and soundness, and that they are carried out in a safe and sound
manner. FHFA anticipates that this type of review could focus on issues
such as whether a regulated entity has been consistent in how it acts
on indemnification requests from different persons, and whether it has
documented that it has made its decisions in accordance with the body
of state law that the entity has chosen to follow for indemnification
purposes.
Lastly, the Banks asked that FHFA clarify the circumstances in
which it would exercise its statutory authority under the factors
enumerated in 12 U.S.C. 4518(e)(2), which authorizes FHFA to limit or
prohibit indemnification payments in connection with civil or
administrative actions brought by FHFA. Because the proposed rule did
not include any provisions relating to section 4518(e)(2), FHFA cannot
address that provision for the first time as part of this final rule.
That statutory provision is the subject of a separate rulemaking.\5\
---------------------------------------------------------------------------
\5\ See 74 FR 30975 (June 29, 2009).
---------------------------------------------------------------------------
Duties and Responsibilities of Directors (1239.4)
Proposed Sec. 1239.4 set forth certain duties and responsibilities
of directors of a regulated entity. The text of the proposed regulation
consisted mostly of provisions carried over from Finance Board
regulations Sec. 917.2, Sec. 917.10, and, to a lesser extent, OFHEO
regulation Sec. 1710.15. This section of the proposed rule generally
stated that the responsibility for managing a regulated entity is
vested in the board of directors. The provision also included a list of
duties for the directors, which included a duty to act with the degree
of care of an ordinarily prudent person, and a duty to have a working
familiarity with basic finance and accounting matters. The proposed
rule also included a set of director responsibilities, which included
having in place policies and procedures to relating to the board's
oversight of risk management, compensation, financial reporting, and
regulatory reporting. Commenters raised four questions about these
provisions.
The Enterprises expressed concern about the language of the
proposed rule that stated that the management of a regulated entity
``shall be vested in its board of directors.'' The Enterprises believed
this language could be read as expanding the traditional role of
corporate directors and imposing on them some responsibility for
becoming involved in the day-to-day operations of the entity. As a
general proposition, FHFA agrees that the role of the board
[[Page 72331]]
is one of oversight, and that it is management who is to be responsible
for the day-to-day operations of the entities. The language used in the
proposed rule was derived from the Bank Act and the Finance Board
regulations. In order to address the concerns raised by the Enterprises
about how the rule should describe the role of the board of directors,
FHFA looked to Delaware corporate law for guidance. The relevant
provision of the Delaware statutes provides that ``the business and
affairs of every corporation organized under this chapter shall be
managed by or under the direction of a board of directors.'' Delaware
General Corporation Law, Sec. 141(a). FHFA believes that this language
accurately describes the roles of corporate directors generally, and is
consistent with the language of the Bank Act, which provides that the
management of the Banks is to be ``vested in'' the board of directors.
Accordingly, FHFA has revised Sec. 1239.4(a) of the final rule by
replacing the proposed language with language stating that the
management of a regulated entity is to be ``by or under the direction
of'' its board of directors. FHFA intends this revision to make clear
that the final rule should not be construed as requiring the directors
of a regulated entity to become responsible for the day-to-day
operational functions of the entity.
The Enterprises also expressed concern about language of Sec.
1239.4(b)(1) of the proposed rule relating to the directors' duty of
care, which provided, in part, that a director should carry out his or
her duties ``with such care, including reasonable inquiry, as an
ordinarily prudent person in a like position would use under similar
circumstances.'' Freddie Mac believed that the use of the ``ordinarily
prudent person'' standard of care for how a director must discharge his
or her duties could conflict with the body of state law that the
Enterprises have chosen for corporate governance purposes, which would
not use an ``ordinarily prudent person'' standard of care. Fannie Mae
believed that the proposed language went beyond the fiduciary duties
imposed on board members under Delaware law. FHFA has decided not to
establish a separately defined standard of care for the directors of
the regulated entities, but instead to rely on Sec. 1239.3(b)(1) of
the proposed rule, which would require each entity to designate a body
of state law for its corporate governance practices. As the Enterprises
noted, neither Virginia law, which Freddie Mac has designated, nor
Delaware law, which Fannie Mae has designated, uses a standard of care
for corporate directors that is based on an ``ordinarily prudent
person'' concept. Indeed, both of those states, as well as all other
states, have adopted some version of the business judgment rule for
corporate directors. The Delaware courts have construed that state's
business judgment rule as establishing a standard of gross negligence
as the basis on which a corporate director could be held liable for
breach of his or her duty of care to the corporation.\6\ In order to
ensure that the directors of the regulated entities are not held to a
standard of care different from the standard likely to be applicable to
directors of other financial institutions, which could affect the
availability of director candidates, FHFA is amending Sec.
1239.4(b)(1) of the final rule by deleting the reference to an
``ordinarily prudent person'' and replacing it with language requiring
directors of a regulated entity to exercise the degree of care that is
required under the Revised Model Business Corporation Act or the other
body of state law that the regulated entity has chosen to follow for
its corporate governance and indemnification practices. Under the
revised provision, Fannie Mae and Freddie Mac could continue to look to
their chosen bodies of law, Delaware and Virginia, respectively, to
determine the standard of care owed by their directors to the entities.
Likewise, the Banks could look to whatever body of law they choose to
govern their corporate governance practices, including the standard of
care for their directors.
---------------------------------------------------------------------------
\6\ Aronson v. Lewis, 473 A.2d 805 (1984) (Supreme Court of
Delaware).
---------------------------------------------------------------------------
The proposed rule would have carried over and applied to all of the
regulated entities a Finance Board provision that requires directors of
Banks to ``administer the affairs of the regulated entity fairly and
impartially.'' The Enterprises contended that that provision, which is
derived from the Bank Act and reflects the cooperative structure of the
Banks, was not well-suited for the Enterprises because they are not
cooperatives. They also contended that the proposed provision was
unnecessary because general concepts of fairness are inherent in the
fiduciary duties of their directors to act in the best interest of the
corporation. In response to the Enterprises' concerns, FHFA has amended
the final rule so that this language will apply only to the Banks.
The proposed rule also included a provision derived from the
Finance Board regulations that provided that all directors have a duty
to have a ``working familiarity with basic finance and accounting
practices,'' so that they are able to ask substantive questions of
management and the auditors. The provision would allow a director to
acquire that level of knowledge either prior to becoming an entity's
director or within a reasonable time thereafter, such as through
appropriate training. Both Fannie Mae and Freddie Mac expressed concern
about this provision, believing that it could be read to require all
directors to become ``audit committee financial experts'' and that it
could effectively preclude them from recruiting directors who have
specialized expertise outside of the realms of finance and accounting.
FHFA does not believe that the language of the proposed rule, which
uses the terms ``working familiarity'' and ``basic finance and
accounting'' can reasonably be construed as being equivalent to
requiring the same level of knowledge as is required to be an ``audit
committee financial expert.'' The knowledge and experience required
under the regulations of the Securities and Exchange Commission (SEC)
to be deemed an ``audit committee financial expert'' are quite detailed
and go far beyond concepts of basic finance and accounting. For
example, an audit committee financial expert must have an understanding
of generally accepted accounting principles and financial statements,
the ability to assess the application of those principles, experience
in preparing, auditing, or analyzing financial statements, an
understanding of internal controls over financial reporting, and an
understanding of audit committee functions. The expert also must have
acquired those attributes through education and experience as a
principal financial officer, principal accounting officer, controller,
public accountant, or auditor, or by supervising persons performing
those functions.\7\ FHFA also does not believe that requiring directors
of the regulated entities to have or develop an understanding of basic
concepts of finance and accounting will preclude them from recruiting
persons whose expertise lies in other areas. Although FHFA has not
defined the terms ``working familiarity'' or ``basic finance and
accounting practices,'' they should be read in the context of the
remainder of the provision, which indicates that the level of
understanding has to be sufficient to allow the persons to read and
understand the entity's financial statements (which the Enterprise
directors already certify
[[Page 72332]]
when filing their Form 10-K with the SEC) and to engage in a dialogue
with management and the auditors about the operations and financial
condition of the entity. Moreover, the Banks, which also have a
minority of their directors chosen from outside of the financial
services industry, have been able to recruit and retain capable
directors notwithstanding this requirement, which has applied to Bank
directors since 2000. Accordingly, FHFA is adopting Sec. 1239.4(b)(3)
of the final rule with no changes from the proposed rule. Lastly,
Freddie Mac objected to Sec. 1239.4(c) of the proposed rule that
required the board of directors to have in place policies and
procedures to address certain matters, such as risk management,
compensation programs, financial reporting, and regulatory reporting.
Freddie Mac suggested that FHFA revise this provision to make clear
that it does not require the board of directors to establish the
required policies and procedures, which can be developed by management.
Because FHFA agrees that the development and implementation of
procedures is a management responsibility, the final rule removes the
reference to ``procedures'' from this section. The final rule retains,
however, the requirement that the board must have in place adequate
``policies'' to assure its oversight of risk management, compensation,
and financial reporting. As revised, this provision allows the board of
directors to delegate to management the responsibility to develop,
implement, and monitor compliance with the procedures used to implement
board policies, but also requires the board of directors to review and
approve those policies, as appropriate, as part of its responsibility
to oversee management of the regulated entity.
---------------------------------------------------------------------------
\7\ 17 CFR 229.407(d)(5)(ii).
---------------------------------------------------------------------------
Board Committees (1239.5)
The proposed rule would have required each regulated entity to have
four specified committees of the board of directors, which are to
address risk management, audit, compensation, and governance. The
proposal also authorized the regulated entities to establish any other
committees they deemed appropriate and prohibited the entities from
combining their risk management committee or the audit committee with
any other committee. The proposal further required that each committee
have a formal written charter and that it meet with sufficient
frequency to carry out its responsibilities.
FHFA is revising this provision of the final rule in two respects,
both of which respond to comments from Freddie Mac. Apart from those
revisions, FHFA is adopting this section as proposed. First, the final
rule revises Sec. 1239.5(c) to require that the full board of
directors adopt a formal written charter for each committee. This
replaces a provision of the proposed rule that would have allowed a
committee to adopt its own charter. Second, the final rule revises
Sec. 1239.5(d) by adding language to the effect that a committee that
is designed to meet only on an as-needed basis, rather than on a fixed
schedule, such as an executive committee, which may meet regularly or
only as necessary to address matters arising between meetings of the
full board, shall meet in the manner specified in that committee's
charter, rather than ``regularly,'' as the proposed rule had provided.
The Banks objected to the proposed rule's prohibition on combining
the audit and risk committees with other committees, citing the need
for flexibility in determining committee structure. While FHFA
understands that the entities may need some flexibility when staffing
their committees, FHFA also believes that the responsibilities of the
audit committee and risk management committee are sufficiently
important that each should be structured as a stand-alone committee,
without any competing responsibilities.
D. Subpart C--Other Requirements Applicable to All Regulated Entities
Subpart C of the proposed rule included four other provisions that
would have applied to all of the regulated entities. These provisions
addressed: (1) Code of conduct; (2) risk management; (3) compliance
programs; and (4) regulatory reports. The final rule revises portions
of the provisions dealing with the code of conduct and risk management,
which revisions are described below. FHFA is adopting the provisions
relating to compliance programs and regulatory reports as proposed, and
the discussion below also addresses suggested revisions to the
compliance program, which FHFA has declined to adopt.
Code of Conduct and Ethics (1239.10)
Proposed Sec. 1239.10 carried over the substance of an OFHEO
regulation that required each regulated entity to establish a written
code of conduct for directors, executive officers, and employees that
is reasonably designed to ensure that they discharge their duties in an
objective and impartial manner and that includes the standards required
under section 406 of the Sarbanes-Oxley Act. Neither the OFHEO
regulation nor the proposed rule described the substance of those
standards, but simply incorporated them by cross-reference. The section
406 standards pertain to promoting honest and ethical conduct, accurate
financial disclosures, and compliance with applicable laws. The Banks
expressed two concerns about this provision of the proposed rule.
First, they believed that it was unnecessary and duplicative because,
as SEC registrants, they already must disclose whether they have
adopted such a code of conduct. Second, they believed that the scope of
the provision was too broad because it covered all employees, not just
those involved with preparing the financial statements.
FHFA agrees that the scope of the proposed rule was broader than it
needed to be insofar as it would have applied to employees that are not
involved in the preparation of the entity's financial statements. To
address these concerns about overbreadth, FHFA revised the final rule
so that it imposes general requirements on all employees of a regulated
entity and separately imposes other requirements on those officers that
are responsible for preparing the financial statements. As part of that
approach, the final rule no longer cross-references section 406 of the
Sarbanes-Oxley Act, but instead incorporates the essential language of
section 406 into the FHFA regulation. Accordingly, the final rule first
provides that each entity must adopt a code of conduct that is
reasonably designed to assure that its directors, officers, and
employees discharge their duties in an objective and impartial manner
and that promotes honest and ethical conduct, compliance with
applicable laws and regulations, accountability for adhering to the
code, and prompt internal reporting of violations of the code. Each of
those elements is derived from section 406 of the Sarbanes-Oxley Act.
The final rule separately provides that the code of conduct must
include provisions that apply only to the entities' principal executive
officer, principal financial officer, and principal accounting officer
or controller. Those provisions must be reasonably designed to promote
full, fair, and accurate disclosures in an entity's reports filed with
the SEC and other public communications pertaining to the entity's
financial condition. Those provisions also are derived from section
406, but will not apply to the officers and employees who have no role
in preparing the financial statements or other disclosures.
FHFA appreciates that the Banks, as SEC registrants, are already
required to
[[Page 72333]]
disclose whether they have a code of conduct that satisfies the
requirements of section 406 of the Sarbanes-Oxley Act. That
requirement, however, is simply a disclosure requirement and does not
require the Banks to actually adopt a code of ethics. Because FHFA
believes that a code of conduct as described above is an important tool
in assuring that the entities operate in a safe and sound manner, the
final rule continues to require that the entities actually adopt the
code of conduct. Accordingly, FHFA declines to adopt the Banks'
suggestion that this matter be addressed solely through the existing
disclosure mechanism.
Risk Management (1239.11)
The proposed rule contained a new risk management section that was
based in large part on a recent proposal of the Federal Reserve Board
relating to its supervision of large banking institutions.\8\ The
proposed risk management section included little content from the
regulations of the predecessor agencies, which had become somewhat
dated. Among other things, proposed Sec. 1239.11 would have required
each entity to establish an enterprise-wide risk management program and
specified certain requirements for that program, as well as the
responsibilities of the risk committee. The proposal also would have
required each entity to appoint a chief risk officer to oversee the
risk management function, and specified the responsibilities of the
chief risk officer. In the final rule, FHFA retained most of the
content of the proposed rule, but reorganized certain provisions of the
regulatory text to improve its readability. The final rule retains the
three core elements of the proposed rule, which require the
establishment of an enterprise-wide risk management program, the
establishment of a risk committee with specified structure and
responsibilities, and the establishment of a chief risk officer with
specified responsibilities. FHFA also made certain revisions to the
regulatory text in response to the comment letters. All of those
revisions are described below.
---------------------------------------------------------------------------
\8\ See Enhanced Prudential Standards and Early Remediation
Requirements for Covered Companies, Board of Governors of the
Federal Reserve System, 77 FR 594 (Jan. 5, 2012). The commenters
asked that to the extent that FHFA had looked to these standards for
guidance, it should look to the final rule adopted by the Federal
Reserve Board instead of its proposed rule, especially as it relates
to distinguishing between the respective roles of directors and
management. FHFA has reviewed that final rule document and made
conforming revisions to this final rule, as appropriate. See
Enhanced Prudential Standards and Early Remediation Requirements for
Covered Companies, Board of Governors of the Federal Reserve System,
79 FR 17240 (Mar. 27, 2014).
---------------------------------------------------------------------------
Establishment of the Risk Management Program
Section 1239.11(a) of the proposed rule would have required the
establishment of a risk management program that aligns with the
entity's overall risk profile and mission objectives, while Sec.
1239.11(c)(1) had specified several required elements for the risk
management program. In the final rule, FHFA combined those provisions
into a revised Sec. 1239.11(a), which deals only with the risk
management program. FHFA also revised the regulatory text, which
formerly provided that the board of directors must have a risk
management program ``in effect at all times,'' to clarify that the
board must approve and periodically review the risk management program,
as well as having it in effect. As noted previously, the final rule
also replaces all references to the term ``risk profile'' with the
newly defined term ``risk appetite.'' The final rule also makes some
revisions to the provisions that specified the minimum requirements for
the risk management program, principally to address concerns expressed
by the commenters. The final rule now provides that the board of
directors must ensure that the risk management program aligns with the
entity's risk appetite, and it deletes a reference to this being a
joint responsibility of the board and senior management. These
provisions of the final rule are not intended to require that the board
of directors actually develop or implement the risk management program,
which tasks may be delegated to management, but the board is
responsible for approving the program, as well as the entity's risk
appetite, and ensuring that the two are consistent with each other. In
the paragraphs describing the requirements of the risk management
program, the final rule deletes certain references that the commenters
believed could be read to impose management level responsibilities on
the board or its committee. Thus, the final rule deletes from proposed
Sec. 1239.11(c)(ii), (iii), and (iv) references to ``risk management
practices and risk control structure,'' ``procedures . . . practices,
risk controls,'' and ``control objectives,'' respectively.
Establishment and Duties of the Risk Committee
Section 1239.11(b) of the proposed rule would have required the
board of each regulated entity to establish a risk committee that
oversees the entity's risk management practices, while Sec. 1239.11(c)
and (d) had addressed the risk committee structure and
responsibilities, respectively. The final rule combines all of those
provisions into a revised Sec. 1239.11(b), which deals only with risk
committee matters. FHFA also revised certain of these provisions in
response to concerns of the commenters that the proposed rule could be
read to assign management type responsibilities on the board of
directors or the risk committee. Thus, the final rule has deleted
language from proposed Sec. 1239.11(b) that stated that the committee
was ``responsible for oversight of . . . risk management practices''
and replaced it with language saying that the committee is to assist
the board of directors in carrying out its duties to oversee the ``risk
management program,'' rather than the ``practices'' of the entity.
The final rule revises certain of the provisions relating to the
qualifications of the risk committee members that had been located in
Sec. 1239.11(c)(2) of the proposed rule, also in response to
suggestions from the commenters. The proposed rule would have required
that the committee have at least one member with ``risk management
expertise'' that is commensurate with the business of the regulated
entity, and further that the other committee members have ``experience
developing and applying risk management practices and procedures
measuring and identifying risks.'' The Banks and the Enterprises
contended that such levels of expertise would likely be found only in a
person who was serving, or had previously served, as a chief risk
officer at a financial institution and that it would be difficult to
find persons who are eligible for board positions who also have such
expertise. FHFA believes that this is a valid concern and has revised
the rule to require that the risk committee have at least one member
with risk management ``experience'' rather than ``expertise,'' and that
the other committee members have, or acquire through training, a
practical understanding of risk management principles and practices.
FHFA also deleted in its entirety the provision of the proposed rule
that would have required risk committee members to also have had
experience developing and applying risk management practices and
procedures. Notwithstanding those revisions, FHFA believes that it is
appropriate and reasonable to retain some language in the final rule
requiring that the persons charged with assisting the board in its
oversight of the risk management program have had some
[[Page 72334]]
opportunity, either through prior experience or education or other
training while on the board, to gain sufficient understanding of risk
management principles to meaningfully engage with management on risk
management matters.
Freddie Mac objected to the requirements in proposed Sec.
1239.11(c)(2)(v) and (d)(1) that the risk committee fully document and
maintain records of its meetings, including its risk management
decisions and recommendations, and that it be responsible for
documenting and overseeing the entity's risk management ``policies and
practices.'' It believed that these requirements go beyond the existing
obligation on board committees to prepare minutes of meetings. FHFA
disagrees with the first of those suggestions and has retained the
requirement that the committee document and maintain records of its
meetings and decisions because risk management is a vital function and
decisions of the risk committee and the justification for those actions
need to be well documented. FHFA agrees with the second suggestion and
removed from the final rule the language stating that that the
committee is to be responsible for documenting and overseeing the risk
management ``policies and practices'' of the entity because
``practices'' are more appropriately characterized as a management
function than as a function for the risk committee. In its place, FHFA
included an alternative provision, to be located in Sec.
1239.111(b)(2)(i) of the final rule, providing that the risk committee
must periodically review the entity's risk management program and make
recommendations to the board of directors for any appropriate revisions
to the program to ensure that the program remains aligned to the risks
associated with the entity's business activities. The final rule also
includes a parallel provision requiring the committee to periodically
review the capabilities of, and the adequacy of the resources allocated
to, the risk management program.
Chief Risk Officer
The proposed rule would require each entity to appoint a chief risk
officer and described both the organizational structure of the risk
management program and the responsibilities of the chief risk officer.
The final rule makes some modest revisions to these provisions, stating
that the chief risk officer shall ``head'' (rather than ``oversee'') an
independent risk management function and be responsible for the
entity's risk management function. Both the proposed and final rules
require that the head of the risk management function must be
``independent.'' FHFA construes that term to mean that the chief risk
officer may not have dual responsibilities within the organization,
such as also serving as the chief financial officer or as any other
senior executive officer.
Compliance Program (1239.12)
The proposed rule would require that regulated entities establish a
compliance program to be headed by a chief compliance officer and set
forth criteria for the program. Proposed Sec. 1239.12 would require
the program to be reasonably designed to ensure that the regulated
entity complies with applicable laws, rules, regulations, and internal
controls. In addition, the proposal would require the compliance
officer to report directly to the chief executive officer, to report
regularly to the board of directors (or a committee thereof) on the
adequacy of the entity's compliance policies and procedures, and to
make recommendations to the board for any adjustments to those policies
or procedures, as appropriate. The final rule adopts this provision as
it was proposed.
The Banks expressed concern that these provisions were too
prescriptive and believed that oversight of the compliance program need
not reside solely with a single chief compliance officer, so long as
the Banks have established clear lines of responsibilities for
compliance matters with other executives. The Banks also objected to
requiring the compliance officer to report to the chief executive and
asked that the final rule allow for reporting lines to other senior
executives. The Banks also suggested replacing the words ``internal
controls'' with ``policies'' in the provision that requires that the
compliance program ensure compliance with ``laws, rules, regulations,
and internal controls.'' The Banks believe that internal controls
themselves are designed to achieve compliance with laws, rules,
regulations, and policies and therefore it did not make sense to
require compliance with internal controls.
FHFA does not believe that this provision can be characterized as
being overly prescriptive, as the Banks contend. The regulation is
short, only three sentences, which require the establishment of a
compliance program, the designation of a compliance officer, and the
establishment of reporting requirements. As to the concern about
reporting lines, FHFA believes that the compliance function is
sufficiently important that it should be headed by a person holding an
executive level position, who would be a peer of the executives taking
the business risks, and who would have direct access to the CEO.
Lastly, although internal controls are designed to ensure compliance
with laws, regulations, and policies, this can only be achieved if the
regulated entity complies with the internal control procedures
themselves. Therefore, FHFA believes that it is appropriate to retain
the term ``internal controls'' in the first sentence of the provision.
Regulatory Reports (1239.13)
Proposed Sec. 1239.13 required each regulated entity to provide
FHFA with such regulatory reports as are necessary for it to evaluate
the condition of a regulated entity, or compliance with applicable law,
and to do so in accordance with the forms and instructions issued by
FHFA from time to time. It was derived from the Finance Board
regulations at 12 CFR 914.1 and 914.2. FHFA received no comments on
this provision and the final rule adopts this provision as proposed.
E. Subpart D--Enterprise Specific Requirements
Subpart D of the proposed rule included two provisions that were to
apply only to the Enterprises. FHFA received no comments on these
provisions from the Enterprises. Accordingly, with the exception of the
one matter noted below, FHFA adopted both provisions as proposed. The
first provision, Sec. 1239.20, addresses age and term limits for
Enterprise directors and requires that a majority of the directors be
independent, as defined under the rules of the NYSE. It also addresses
the frequency of Enterprise board meetings, quorum requirements, and
voting by directors. The rule carries over these provisions from the
OFHEO regulation without substantive change. Proposed Sec.
1239.20(a)(3) included a new provision that would prohibit the chief
executive officer of an Enterprise from also serving as the chairperson
of the board of directors.
In the final rule, FHFA also revised the language of Sec.
1239.20(b)(5), which requires the Enterprise boards of directors
annually to review the requirements of applicable laws, rules,
regulations, and guidelines. FHFA has been asked whether this provision
requires a board of directors to review all laws that apply to the
Enterprises or only on those that have been revised during the past
year. FHFA believes that going forward this provision should be read to
require that the boards of directors be kept informed of any
significant changes to the applicable
[[Page 72335]]
laws and regulations. Accordingly, the final rule revises this
provision to state that at least annually the boards of the Enterprises
shall be informed of any significant changes that have been made to the
laws, rules, regulations, and guidelines to which the Enterprises are
subject since the prior year's annual review. The second provision,
Sec. 1239.21, requires that the Enterprises pay their directors
reasonable and appropriate compensation for the time required for the
performance of their duties.
F. Subpart E--Bank Specific Requirements
Subpart E of the proposed rule included five provisions that were
to apply only to the Banks. For three of those provisions, those
relating to a Bank's member products policy (Sec. 1239.30), its
strategic business plan (Sec. 1239.31), and its dividends (Sec.
1239.33), FHFA received no comments and the final rule adopts those
provisions as proposed. The final rule deletes the proposed provision
on internal controls in its entirety, for the reasons described below,
and makes some modest revisions to the provision on Bank audit
committees, also as described below.
Internal Control System
The proposed rule would have carried over without substantive
change a Finance Board regulation dealing with Bank internal control
systems. The proposed regulation set forth detailed responsibilities of
senior management and the board of directors with respect to internal
controls and solicited comments on whether the internal controls
regulation should be expanded to apply to the Enterprises, as well as
to the Banks. Freddie Mac urged FHFA not to extend the internal
controls regulation to the Enterprises because they are already subject
to numerous requirements related to internal controls. The Banks
generally favored the adoption of a principles-based approach for the
rules relating to internal controls, rather than the more prescriptive
approach of the existing Finance Board regulations, and asked that FHFA
revise the rule accordingly.
FHFA initially decided to adopt the Banks' suggestion and revise
this provision to make it more principles-based. When making those
revisions, however, FHFA determined that creating a more principles-
based regulation would result in the revised regulation overlapping
considerably with the provisions of FHFA's existing Prudential
Standards that deal with internal controls. In order to avoid that
result, and the potential confusion that having two separate provisions
addressing internal controls could cause, FHFA decided a better
approach would be to delete the provision on internal controls from the
final rule and rely instead on the internal controls provisions of the
Prudential Standards. Accordingly, the final rule does not include a
separate regulation on internal controls for the Banks. In making this
change, FHFA emphasizes that a strong system of internal controls is a
critical first line defense for all of the regulated entities. FHFA
expects that all of the regulated entities will devote the necessary
resources and attention to this area.
Audit Committee (1239.32)
The proposed rule would have carried over without substantive
change Finance Board regulations that required the establishment of an
audit committee and established requirements for the composition,
independence, charter, duties, and meetings of Bank audit committees.
FHFA requested comment on whether it should adopt a single regulation
addressing the audit committees for all regulated entities, whether the
independence requirements for Bank audit committees should consider the
amount of Bank stock or advances held by a member that has a
representative on the committee, and whether Bank audit committees
should have a majority of members who are not affiliated with the
Bank's members. No commenters supported any of those revisions, and
FHFA has not made any such changes to the final rule.
FHFA made three revisions to Sec. 1239.32 of the final rule in
response to comments from the Banks. The Banks asked that FHFA modify
the requirement relating to representation on the audit committee of
directors from the various types of members and of both member
directors and independent directors by providing that the committee
should be required have such a balance ``to the extent that it is
practicable to do so.'' The Banks contended that the skill sets of the
individual directors, particularly the member directors, will vary. As
a result, there may be times when the persons whose experience is most
suited to having them serve on the audit committee will not necessarily
result in a committee composition that includes persons from all
segments of the membership base. FHFA agrees with that statement and
added the language requested by the Banks to the final rule. The Banks
also asked that FHFA clarify that a reference to ``independent
directors'' in this section refers to those directors who are not
affiliated with a member institution, as defined in the Bank Act, so as
not to suggest that it relates to the ``independence'' requirement for
audit committee members. FHFA made that revision. The final rule also
revises a provision that requires the audit committee to review ``the
policies and procedures used by senior management'' by deleting the
reference to ``procedures'' because FHFA agrees with the Banks that the
development and review of particular procedures is more properly
considered a management function. The final rule also makes one
conforming change by revising the language of the existing rule to
state that the board of directors, not the audit committee, is
responsible for amending and periodically reapproving the audit
committee charter. This change conforms this provision to an earlier
provision of the rule that vests in the board of directors the sole
authority to adopt committee charters.
G. Provisions To Be Repealed
As was proposed, the final rule will repeal several portions of the
predecessor agency regulations that are not being carried over into the
FHFA regulations. No commenters objected to the proposed repeal of
these provisions, which included several OFHEO regulations that
essentially repeated certain statutory requirements, certain provisions
of the OFHEO regulations relating to the responsibilities of boards of
directors that address matters now covered by the Prudential Standards,
a Finance Board regulation requiring the preparation of annual budgets,
and 12 CFR part 1720 of the OFHEO regulations, which established
certain safety and soundness standards for the Enterprises.
Freddie Mac sought clarification as to the effect of the repeal of
these provisions on specific regulatory guidance, such as the 2006
OFHEO Corporate Governance Examination Guidance. FHFA continues to
evaluate the various types of guidance issued by the predecessor
agencies to determine whether to retain, revise, or repeal the
guidance. Those efforts are being done independently of this
rulemaking. On March 26, 2015, FHFA issued Advisory Bulletin AB 2015-
03, which rescinded five examination guidance documents that had been
issued by OFHEO because they have been superseded by FHFA guidance,
simply restated the text of regulations, or are no longer relevant or
applicable in the current environment.\9\
---------------------------------------------------------------------------
\9\ The Advisory Bulletin rescinded the following OFHEO
examination guidance documents: PG-00-001 (regarding minimum safety
and soundness requirements); PG-00-002 (regarding non-mortgage
liquidity investments); PG-06-001 (regarding corporate governance
examinations); PG-06-003 (regarding accounting practices
examinations); and PG-08-002 (regarding standards for use of fair
value options).
---------------------------------------------------------------------------
[[Page 72336]]
IV. Prudential Standards
The Prudential Standards include an introductory section, which
recites general responsibilities of the boards of directors and senior
management, as well as ten enumerated standards that address the topics
required by statute. In the proposed rule, FHFA proposed to designate
this introductory section as an additional Prudential Standard. Doing
so would clarify that the introductory provisions have the same effect
and could be enforced in the same manner as the ten enumerated
standards. The Banks commented that this action would create some
uncertainty about the role of the boards of directors because the
introductory section currently includes references to the board of
directors being responsible for adopting and implementing
``procedures,'' which the Banks contend is a management function. FHFA
agrees that the development and implementation of procedures is a
management responsibility, and has revised the first three paragraphs
of the Prudential Standards introductory section by deleting the four
references to ``procedures'' as responsibilities of the board of
directors. FHFA received no other comments on this aspect of the
proposal and the final rule otherwise adopts the final rule as
proposed.
V. Paperwork Reduction Act
The final rule does not contain any information collection
requirement that requires the approval of the Office of Management and
Budget under the Paperwork Reduction Act (44 U.S.C. 3501 et seq.).
VI. Regulatory Flexibility Act
The Regulatory Flexibility Act (5 U.S.C. 601 et seq.) requires an
agency to analyze a regulation's impact on small entities if the
regulation is expected to have a significant economic impact on a
substantial number of small entities. 5 U.S.C. 605(b). FHFA has
considered the impact of this final rule and determined that it is not
likely to have a significant economic impact on a substantial number of
small entities because it applies only to the regulated entities, which
are not small entities for purposes of the Regulatory Flexibility Act.
List of Subjects
12 CFR Part 914
Federal Home Loan Banks, Reporting and recordkeeping requirements.
12 CFR Part 917
Federal Home Loan Banks.
12 CFR Part 1236
Administrative practice and procedure, Federal Home Loan Banks,
Government-Sponsored Enterprises, Reporting and recordkeeping
requirements.
12 CFR Part 1239
Administrative practice and procedure, Federal Home Loan Banks,
Government-Sponsored Enterprises, Reporting and recordkeeping
requirements.
12 CFR Part 1710
Administrative practice and procedure, Mortgages.
12 CFR Part 1720
Administrative practice and procedure, Mortgages.
Accordingly, for reasons stated in the Supplementary Information
and under the authority of 12 U.S.C. 1426, 1427, 1432(a), 1436(a),
1440, 4511(b), 4513(a), 4513(b), and 4526, FHFA hereby amends
subchapter C of chapter IX, subchapter B of chapter XII, and subchapter
C of chapter XVII of title 12 of the Code of Federal Regulations as
follows:
CHAPTER IX--FEDERAL HOUSING FINANCE BOARD
Subchapter C--[Removed and Reserved]
0
1. Subchapter C, consisting of parts 914 and 917 is removed and
reserved.
CHAPTER XII--FEDERAL HOUSING FINANCE AGENCY
Subchapter B--Entity Regulations
PART 1236--PRUDENTIAL MANAGEMENT AND OPERATIONS STANDARDS
0
2. The authority citation for part 1236 continues to read as follows:
Authority: 12 U.S.C. 4511, 4513(a) and (f), 4513b, and 4526.
0
3. Amend Sec. 1236.2 by revising the definition of ``Standards'' to
read as follows:
Sec. 1236.2 Definitions.
* * * * *
Standards means any one or more of the prudential management and
operations standards established by the Director pursuant to 12 U.S.C.
4513b(a), as modified from time to time pursuant to Sec. 1236.3(b),
including the introductory statement of general responsibilities of
boards of directors and senior management of the regulated entities.
0
4. Amend the Appendix to part 1236 as follows:
0
a. By redesignating the phrase ``The following provisions constitute
the prudential management and operations standards established pursuant
to 12 U.S.C. 4513b(a).'' following paragraph 10 under
``Responsibilities of the Board of Directors and Senior Management'' as
introductory text to the appendix; and
0
b. By revising paragraphs 1., 2., and 3. under ``Responsibilities of
the Board of Directors and Senior Management'' to read as follows:
Appendix to Part 1236--Prudential Management and Operations Standards
* * * * *
Responsibilities of the Board of Directors and Senior Management
1. With respect to the subject matter addressed by each
Standard, the board of directors is responsible for adopting
business strategies and policies that are appropriate for the
particular subject matter. The board should review all such
strategies and policies periodically. It should review and approve
all major strategies and policies at least annually and make any
revisions that are necessary to ensure that such strategies and
policies remain consistent with the entity's overall business plan.
2. The board of directors is responsible for overseeing
management of the regulated entity, which includes ensuring that
management includes personnel who are appropriately trained and
competent to oversee the operation of the regulated entity as it
relates to the functions and requirements addressed by each
Standard, and that management implements the policies set forth by
the board.
3. The board of directors is responsible for remaining informed
about the operations and condition of the regulated entity,
including operating consistently with the Standards, and senior
management's implementation of the strategies and policies
established by the board of directors.
* * * * *
0
5. Part 1239 is added to subchapter C to read as follows:
PART 1239--RESPONSIBILITIES OF BOARDS OF DIRECTORS, CORPORATE
PRACTICES, AND CORPORATE GOVERNANCE
Subpart A--General
Sec.
1239.1 Purpose.
1239.2 Definitions.
[[Page 72337]]
Subpart B--Corporate Practices and Procedures Applicable to All
Regulated Entities
1239.3 Law applicable to corporate governance and indemnification
practices.
1239.4 Duties and responsibilities of directors.
1239.5 Board committees.
Subpart C--Other Requirements Applicable to All Regulated Entities
1239.10 Code of conduct and ethics.
1239.11 Risk management.
1239.12 Compliance program.
1239.13 Regulatory reports.
Subpart D--Enterprise Specific Requirements
1239.20 Board of directors of the Enterprises.
1239.21 Compensation of Enterprise board members.
Subpart E--Bank Specific Requirements
1239.30 Bank member products policy.
1239.31 Strategic business plan.
1239.32 Audit committee.
1239.33 Dividends.
Authority: 12 U.S.C. 1426, 1427, 1432(a), 1436(a), 1440,
4511(b), 4513(a), 4513(b), and 4526.
Subpart A--General
Sec. 1239.1 Purpose.
FHFA is responsible for supervising and ensuring the safety and
soundness of the regulated entities. In furtherance of those
responsibilities, this part sets forth minimum standards with respect
to responsibilities of boards of directors, corporate practices, and
corporate governance matters of the regulated entities.
Sec. 1239.2 Definitions.
As used in this part, (unless otherwise noted):
Board member means a member of the board of directors of a
regulated entity.
Board of directors means the board of directors of a regulated
entity.
Business risk means the risk of an adverse impact on a regulated
entity's profitability resulting from external factors as may occur in
both the short and long run.
Community financial institution has the meaning set forth in Sec.
1263.1 of this chapter.
Compensation means any payment of money or the provision of any
other thing of current or potential value in connection with employment
or in connection with service as a director.
Credit risk is the potential that a borrower or counterparty will
fail to meet its financial obligations in accordance with agreed terms.
Employee means an individual, other than an executive officer, who
works part-time, full-time, or temporarily for a regulated entity.
Executive officer means the chief executive officer, chief
financial officer, chief operating officer, president, any executive
vice president, any senior vice president, and any individual with
similar responsibilities, without regard to title, who is in charge of
a principal business unit, division, or function, or who reports
directly to the chairperson, vice chairperson, chief operating officer,
or chief executive officer or president of a regulated entity.
Immediate family member means a parent, sibling, spouse, child,
dependent, or any relative sharing the same residence.
Internal auditor means the individual responsible for the internal
audit function at a regulated entity.
Liquidity risk means the risk that a regulated entity will be
unable to meet its financial obligations as they come due or meet the
credit needs of its members and associates in a timely and cost-
efficient manner.
Market risk means the risk that the market value, or estimated fair
value if market value is not available, of a regulated entity's
portfolio will decline as a result of changes in interest rates,
foreign exchange rates, or equity or commodity prices.
NYSE means the New York Stock Exchange.
Operational risk means the risk of loss resulting from inadequate
or failed internal processes, people, or systems, or from external
events (including legal risk but excluding strategic and reputational
risk).
Risk appetite means the aggregate level and types of risk the board
of directors and management are willing to assume to achieve the
regulated entity's strategic objectives and business plan, consistent
with applicable capital, liquidity, and other regulatory requirements.
Significant deficiency means a deficiency, or a combination of
deficiencies, in internal control that is less severe than a material
weakness, yet important enough to merit attention by those charged with
governance.
Subpart B--Corporate Practices and Procedures Applicable to All
Regulated Entities
Sec. 1239.3 Law applicable to corporate governance and
indemnification practices.
(a) General. The corporate governance practices and procedures of
each regulated entity, and practices and procedures relating to
indemnification (including advancement of expenses), shall comply with
and be subject to the applicable authorizing statutes and other Federal
law, rules, and regulations, and shall be consistent with the safe and
sound operations of the regulated entities.
(b) Election and designation of body of law. (1) To the extent not
inconsistent with paragraph (a) of this section, each regulated entity
shall elect to follow the corporate governance and indemnification
practices and procedures set forth in one of the following:
(i) The law of the jurisdiction in which the principal office of
the regulated entity is located;
(ii) The Delaware General Corporation Law (Del. Code Ann. Title 8);
or
(iii) The Revised Model Business Corporation Act.
(2) Each regulated entity shall designate in its bylaws the body of
law elected for its corporate governance and indemnification practices
and procedures pursuant to this paragraph, and shall do so by no later
than March 18, 2016.
(c) Indemnification. (1) Subject to paragraphs (a) and (b) of this
section, to the extent applicable, a regulated entity shall indemnify
(and advance the expenses of) its directors, officers, and employees
under such terms and conditions as are determined by its board of
directors. The regulated entity is authorized to maintain insurance for
its directors and any other officer or employee.
(2) Each regulated entity shall have in place policies and
procedures consistent with this section for indemnification of its
directors, officers, and employees. Such policies and procedures shall
address how the board of directors is to approve or deny requests for
indemnification from current and former directors, officers, and
employees, and shall include standards relating to indemnification,
investigations by the board of directors, and review by independent
counsel.
(3) Nothing in this paragraph (c) shall affect any rights to
indemnification (including the advancement of expenses) that a director
or any other officer or employee had with respect to any actions,
omissions, transactions, or facts occurring prior to the effective date
of this paragraph.
(4) FHFA has the authority under the Safety and Soundness Act to
review a regulated entity's indemnification policies, procedures, and
practices to ensure that they are conducted in a safe and sound manner,
and that they are consistent with the body of law adopted by the board
of directors under paragraph (b) of this section.
[[Page 72338]]
(d) No rights created. Nothing in this part shall create or be
deemed to create any rights in any third party, including in any member
of a Bank, nor shall it cause or be deemed to cause any regulated
entity to become subject to the jurisdiction of any state court with
respect to the entity's corporate governance or indemnification
practices or procedures.
Sec. 1239.4 Duties and responsibilities of directors.
(a) Management of a regulated entity. The management of each
regulated entity shall be by or under the direction of its board of
directors. While a board of directors may delegate the execution of
operational functions to officers and employees of the regulated
entity, the ultimate responsibility of each entity's board of directors
for that entity's oversight is non-delegable. The board of directors of
a regulated entity is responsible for directing the conduct and affairs
of the entity in furtherance of the safe and sound operation of the
entity and shall remain reasonably informed of the condition,
activities, and operations of the entity.
(b) Duties of directors. Each director of a regulated entity shall
have the duty to:
(1) Carry out his or her duties as director in good faith, in a
manner such director believes to be in the best interests of the
regulated entity, and with such care, including reasonable inquiry, as
is required under the Revised Model Business Corporation Act or the
other body of law that the entity's board of directors has chosen to
follow for its corporate governance and indemnification practices and
procedures in accordance with Sec. 1239.3(b);
(2) For Bank directors, administer the affairs of the regulated
entity fairly and impartially and without discrimination in favor of or
against any member institution;
(3) At the time of election, or within a reasonable time
thereafter, have a working familiarity with basic finance and
accounting practices, including the ability to read and understand the
regulated entity's balance sheet and income statement and to ask
substantive questions of management and the internal and external
auditors;
(4) Direct the operations of the regulated entity in conformity
with the requirements set forth in the authorizing statutes, the Safety
and Soundness Act, and this chapter; and
(5) Adopt and maintain in effect at all times bylaws governing the
manner in which the regulated entity administers its affairs. Such
bylaws shall be consistent with applicable laws and regulations
administered by FHFA, and with the body of law designated for the
entity's corporate governance practices and procedures in accordance
with Sec. 1239.3(b).
(c) Director responsibilities. The responsibilities of the board of
directors include having in place adequate policies to assure its
oversight of, among other matters, the following:
(1) The risk management and compensation programs of the regulated
entity;
(2) The processes for providing accurate financial reporting and
other disclosures, and communications with stockholders; and
(3) The responsiveness of executive officers in providing accurate
and timely reports to FHFA and in addressing all supervisory concerns
of FHFA in a timely and appropriate manner.
(d) Authority regarding staff and outside consultants. (1) In
carrying out its duties and responsibilities under the authorizing
statutes, the Safety and Soundness Act, and this chapter, each
regulated entity's board of directors and all committees thereof shall
have authority to retain staff and outside counsel, independent
accountants, or other outside consultants at the expense of the
regulated entity.
(2) The board of directors and its committees may require that
staff of the regulated entity that provides services to the board or
any committee under paragraph (d)(1) of this section report directly to
the board or such committee, as appropriate.
Sec. 1239.5 Board committees.
(a) General. The board of directors may rely, in directing a
regulated entity, on reports from committees of the board of directors,
provided, however, that no committee of the board of directors shall
have the authority of the board of directors to amend the bylaws and no
committee shall operate to relieve the board of directors or any board
member of a responsibility imposed by applicable law, rule, or
regulation.
(b) Required committees. The board of directors of each regulated
entity shall have committees, however styled, that address each of the
following areas of responsibility: Risk management; audit;
compensation; and corporate governance (in the case of the Banks,
including the nomination of independent board of director candidates,
and, in the case of the Enterprises, including the nomination of all
board of director candidates). The risk management committee and the
audit committee shall not be combined with any other committees. The
board of directors may establish any other committees that it deems
necessary or useful to carrying out its responsibilities, subject to
the provisions of this section. In the case of the Enterprises, board
committees shall comply with the charter, independence, composition,
expertise, duties, responsibilities, and other requirements set forth
under rules issued by the NYSE, and the audit committees shall also
comply with the requirements set forth under section 301 of the
Sarbanes-Oxley Act of 2002, Public Law 107-204.
(c) Charter. The board of directors shall adopt a formal written
charter for each committee that specifies the scope of a committee's
powers and responsibilities, as well as the committee's structure,
processes, and membership requirements.
(d) Frequency of meetings. Each committee of the board of directors
shall meet regularly and with sufficient frequency to carry out its
obligations and duties under applicable laws, rules, regulations, and
guidelines. Committees that are structured to meet only on an as-needed
basis shall meet in the manner specified by their charter. All such
committees shall also meet with sufficient timeliness as necessary in
light of relevant conditions and circumstances to fulfill their
obligations and duties.
Subpart C--Other Requirements Applicable to All Regulated Entities
Sec. 1239.10 Code of conduct and ethics.
(a) General. A regulated entity shall establish and administer a
written code of conduct and ethics that is reasonably designed to
assure that its directors, officers, and employees discharge their
duties and responsibilities in an objective and impartial manner that
promotes honest and ethical conduct, compliance with applicable laws,
rules, and regulations, accountability for adherence to the code, and
prompt internal reporting of violations of the code to appropriate
persons identified in the code. The code also shall include provisions
applicable to the regulated entity's principal executive officer,
principal financial officer, principal accounting officer or
controller, or persons performing similar functions, that are
reasonably designed to promote full, fair, accurate, and understandable
disclosure in reports and other documents filed with the Securities and
Exchange Commission and in other public communications reporting on the
entity's financial condition.
(b) Review. Not less often than once every three years, a regulated
entity
[[Page 72339]]
shall review the adequacy of its code of conduct and ethics for
consistency with practices appropriate to the entity and make any
appropriate revisions to such code.
Sec. 1239.11 Risk management.
(a) Risk management program--(1) Adoption. Each regulated entity's
board of directors shall approve, have in effect at all times, and
periodically review an enterprise-wide risk management program that
establishes the regulated entity's risk appetite, aligns the risk
appetite with the regulated entity's strategies and objectives,
addresses the regulated entity's exposure to credit risk, market risk,
liquidity risk, business risk and operational risk, and complies with
the requirements of this part and with all applicable FHFA regulations
and policies.
(2) Risk appetite. The board of directors shall ensure that the
risk management program aligns with the regulated entity's risk
appetite.
(3) Risk management program requirements. The risk management
program shall include:
(i) Risk limitations appropriate to each business line of the
regulated entity;
(ii) Appropriate policies and procedures relating to risk
management governance, risk oversight infrastructure, and processes and
systems for identifying and reporting risks, including emerging risks;
(iii) Provisions for monitoring compliance with the regulated
entity's risk limit structure and policies relating to risk management
governance, risk oversight, and effective and timely implementation of
corrective actions; and
(iv) Provisions specifying management's authority and independence
to carry out risk management responsibilities, and the integration of
risk management with management's goals and compensation structure.
(b) Risk committee. The board of each regulated entity shall
establish and maintain a risk committee of the board of directors that
assists the board in carrying out its duties to oversee the enterprise-
wide risk management program at the regulated entity.
(1) Committee structure. The risk committee shall:
(i) Be chaired by a director not serving in a management capacity
of the regulated entity;
(ii) Have at least one member with risk management experience that
is commensurate with the regulated entity's capital structure, risk
appetite, complexity, activities, size, and other appropriate risk-
related factors;
(iii) Have committee members that have, or that will acquire within
a reasonable time after being elected to the committee, a practical
understanding of risk management principles and practices relevant to
the regulated entity;
(iv) Fully document and maintain records of its meetings, including
its risk management decisions and recommendations; and
(v) Report directly to the board and not as part of, or combined
with, another committee.
(2) Committee responsibilities. The risk committee shall:
(i) Periodically review and recommend for board approval an
appropriate enterprise-wide risk management program that is
commensurate with the regulated entity's capital structure, risk
appetite, complexity, activities, size, and other appropriate risk-
related factors;
(ii) Receive and review regular reports from the regulated entity's
chief risk officer, as required under paragraph (c)(5) of this section
; and
(iii) Periodically review the capabilities for, and adequacy of
resources allocated to, enterprise-wide risk management.
(c) Chief Risk Officer.--(1) Appointment of a chief risk officer
(CRO). Each regulated entity shall appoint a CRO to implement and
maintain appropriate enterprise-wide risk management practices for the
regulated entity.
(2) Organizational structure of the risk management function. The
CRO shall head an independent enterprise-wide risk management function,
or unit, and shall report directly to the risk committee and to the
chief executive officer.
(3) Responsibilities of the CRO. The CRO shall be responsible for
the enterprise-wide risk management function, including:
(i) Allocating risk limits and monitoring compliance with such
limits;
(ii) Establishing appropriate policies and procedures relating to
risk management governance, practices, and risk controls, and
developing appropriate processes and systems for identifying and
reporting risks, including emerging risks;
(iii) Monitoring risk exposures, including testing risk controls
and verifying risk measures; and
(iv) Communicating within the organization about any risk
management issues and/or emerging risks, and ensuring that risk
management issues are effectively resolved in a timely manner.
(4) The CRO should have risk management expertise that is
commensurate with the regulated entity's capital structure, risk
appetite, complexity, activities, size, and other appropriate risk
related factors.
(5) The CRO shall report regularly to the risk committee and to the
chief executive officer on significant risk exposures and related
controls, changes to risk appetite, risk management strategies, results
of risk management reviews, and emerging risks. The CRO shall also
report regularly on the regulated entity's compliance with, and the
adequacy of, its current risk management policies and procedures, and
shall recommend any adjustments to such policies and procedures that he
or she considers necessary or appropriate.
(6) The compensation of a regulated entity's CRO shall be
appropriately structured to provide for an objective and independent
assessment of the risks taken by the regulated entity.
Sec. 1239.12 Compliance program.
A regulated entity shall establish and maintain a compliance
program that is reasonably designed to assure that the regulated entity
complies with applicable laws, rules, regulations, and internal
controls. The compliance program shall be headed by a compliance
officer, however styled, who reports directly to the chief executive
officer. The compliance officer also shall report regularly to the
board of directors, or an appropriate committee thereof, on the
adequacy of the entity's compliance policies and procedures, including
the entity's compliance with them, and shall recommend any revisions to
such policies and procedures that he or she considers necessary or
appropriate.
Sec. 1239.13 Regulatory reports.
(a) Reports. Each regulated entity shall file Regulatory Reports
with FHFA in accordance with the forms, instructions, and schedules
issued by FHFA from time to time. If no regularly scheduled reporting
dates are established, Regulatory Reports shall be filed as requested
by FHFA.
(b) Definition. For purposes of this section, the term Regulatory
Report means any report to FHFA of information or raw or summary data
needed to evaluate the safe and sound condition or operations of a
regulated entity, or to determine compliance with any:
[[Page 72340]]
(1) Provision in the Bank Act, Safety and Soundness Act, or other
law, order, rule, or regulation;
(2) Condition imposed in writing by FHFA in connection with the
granting of any application or other request by a regulated entity; or
(3) Written agreement entered into between FHFA and a regulated
entity.
Subpart D--Enterprise Specific Requirements
Sec. 1239.20 Board of directors of the Enterprises.
(a) Membership--(1) Limits on service of board members.--(i)
General requirement. No board member of an Enterprise may serve on the
board of directors for more than 10 years or past the age of 72,
whichever comes first; provided, however, a board member may serve his
or her full term if he or she has served less than 10 years or is 72
years on the date of his or her election or appointment to the board;
and
(ii) Waiver. Upon written request of an Enterprise, the Director
may waive, in his or her sole discretion and for good cause, the limits
on the service of a board member under paragraph (a)(1)(i) of this
section.
(2) Independence of board members. A majority of seated members of
the board of directors of an Enterprise shall be independent board
members, as defined under rules set forth by the NYSE, as amended from
time to time.
(3) Segregation of duties. The position of chairperson of the board
of directors shall be filled by a person other than the chief executive
officer, who shall also be a director of the Enterprise that is
independent, as defined under the rules set forth by the NYSE, as
amended from time to time.
(b) Meetings, quorum and proxies, information, and annual review--
(1) Frequency of meetings. The board of directors of an Enterprise
shall meet at least eight times a year and no less than once a calendar
quarter to carry out its obligations and duties under applicable laws,
rules, regulations, and guidelines.
(2) Non-management board member meetings. Non-management directors
of an Enterprise shall meet at regularly scheduled executive sessions
without management participation.
(3) Quorum of board of directors; proxies not permissible. For the
transaction of business, a quorum of the board of directors of an
Enterprise is at least a majority of the seated board of directors and
a board member may not vote by proxy.
(4) Information. Management of an Enterprise shall provide a board
member of the Enterprise with such adequate and appropriate information
that a reasonable board member would find important to the fulfillment
of his or her fiduciary duties and obligations.
(5) Annual review. At least annually, the board of directors of an
Enterprise shall be informed of significant changes to the requirements
of laws, rules, regulations, and guidelines that are applicable to its
activities and duties.
Sec. 1239.21 Compensation of Enterprise board members.
Each Enterprise may pay its directors reasonable and appropriate
compensation for the time required of them, and their necessary and
reasonable expenses, in the performance of their duties.
Subpart E--Bank Specific Requirements
Sec. 1239.30 Bank member products policy.
(a) Adoption and review of member products policy--(1) Adoption.
Each Bank's board of directors shall have in effect at all times a
policy that addresses the Bank's management of products offered by the
Bank to members and housing associates, including but not limited to
advances, standby letters of credit, and acquired member assets,
consistent with the requirements of the Bank Act, paragraph (b) of this
section, and all applicable FHFA regulations and policies.
(2) Review and compliance. Each Bank's board of directors shall:
(i) Review the Bank's member products policy annually;
(ii) Amend the member products policy as appropriate; and
(iii) Re-adopt the member products policy, including interim
amendments, not less often than every three years.
(b) Member products policy requirements. In addition to meeting any
other requirements set forth in this chapter, each Bank's member
products policy shall:
(1) Address credit underwriting criteria to be applied in
evaluating applications for advances, standby letters of credit, and
renewals;
(2) Address appropriate levels of collateralization, valuation of
collateral and discounts applied to collateral values for advances and
standby letters of credit;
(3) Address advances-related fees to be charged by each Bank,
including any schedules or formulas pertaining to such fees;
(4) Address standards and criteria for pricing member products,
including differential pricing of advances pursuant to Sec.
1266.5(b)(2) of this chapter, and criteria regarding the pricing of
standby letters of credit, including any special pricing provisions for
standby letters of credit that facilitate the financing of projects
that are eligible for any of the Banks' CICA programs under part 1292
of this chapter;
(5) Provide that, for any draw made by a beneficiary under a
standby letter of credit, the member will be charged a processing fee
calculated in accordance with the requirements of Sec. 1271.6(b) of
this chapter;
(6) Address the maintenance of appropriate systems, procedures, and
internal controls; and
(7) Address the maintenance of appropriate operational and
personnel capacity.
Sec. 1239.31 Strategic business plan.
(a) Adoption of strategic business plan. Each Bank's board of
directors shall have in effect at all times a strategic business plan
that describes how the business activities of the Bank will achieve the
mission of the Bank consistent with part 1265 of this chapter.
Specifically, each Bank's strategic business plan shall:
(1) Enumerate operating goals and objectives for each major
business activity and for all new business activities, which must
include plans for maximizing activities that further the Bank's housing
finance and community lending mission, consistent with part 1265 of
this chapter;
(2) Discuss how the Bank will address credit needs and market
opportunities identified through ongoing market research and
consultations with members, associates, and public and private
organizations;
(3) Establish quantitative performance goals for Bank products
related to multi-family housing, small business, small farm and small
agri-business lending;
(4) Describe any proposed new business activities or enhancements
of existing activities; and
(5) Be supported by appropriate and timely research and analysis of
relevant market developments and member and associate demand for Bank
products and services.
(b) Review and monitoring. Each Bank's board of directors shall:
(1) Review the Bank's strategic business plan at least annually;
(2) Re-adopt the Bank's strategic business plan, including interim
amendments, not less often than every three years; and
(3) Establish management reporting requirements and monitor
implementation of the strategic business plan and the operating goals
and objectives contained therein.
[[Page 72341]]
(c) Report to FHFA. Each Bank shall submit to FHFA annually a
report analyzing and describing the Bank's performance in achieving the
goals described in paragraph (a)(3) of this section.
Sec. 1239.32 Audit committee.
(a) Establishment. The audit committee of each Bank established as
required by Sec. 1239.5(b) shall be consistent with the requirements
set forth in this section.
(b) Composition. (1) The audit committee shall comprise five or
more persons drawn from the Bank's board of directors, each of whom
shall meet the criteria of independence set forth in paragraph (c) of
this section.
(2) The audit committee shall include, to the extent practicable, a
balance of representatives of:
(i) Community financial institutions and other members; and
(ii) Independent directors and member directors of the Bank, both
as defined in the Bank Act.
(3) The terms of audit committee members shall be appropriately
staggered so as to provide for continuity of service.
(4) At least one member of the audit committee shall have extensive
accounting or related financial management experience.
(c) Independence. Any member of the Bank's board of directors shall
be considered to be sufficiently independent to serve as a member of
the audit committee if that director does not have a disqualifying
relationship with the Bank or its management that would interfere with
the exercise of that director's independent judgment. Such
disqualifying relationships include, but are not limited to:
(1) Being employed by the Bank in the current year or any of the
past five years;
(2) Accepting any compensation from the Bank other than
compensation for service as a board director;
(3) Serving or having served in any of the past five years as a
consultant, advisor, promoter, underwriter, or legal counsel of or to
the Bank; or
(4) Being an immediate family member of an individual who is, or
has been in any of the past five years, employed by the Bank as an
executive officer.
(d) Charter. (1) The audit committee of each Bank shall review and
assess the adequacy of the Bank's audit committee charter on an annual
basis, and shall recommend to the board of directors any amendments
that it believes to be appropriate;
(2) The board of directors of each Bank shall review and assess the
adequacy of the audit committee charter on an annual basis, shall amend
the audit committee charter whenever it deems it appropriate to do so,
and shall reapprove the audit committee charter not less often than
every three years; and
(3) Each Bank's audit committee charter shall:
(i) Provide that the audit committee has the responsibility to
select, evaluate and, where appropriate, replace the internal auditor
and that the internal auditor may be removed only with the approval of
the audit committee;
(ii) Provide that the internal auditor shall report directly to the
audit committee on substantive matters and that the internal auditor is
ultimately accountable to the audit committee and board of directors;
and
(iii) Provide that both the internal auditor and the external
auditor shall have unrestricted access to the audit committee without
the need for any prior management knowledge or approval.
(e) Duties. Each Bank's audit committee shall have the duty to:
(1) Direct senior management to maintain the reliability and
integrity of the accounting policies and financial reporting and
disclosure practices of the Bank;
(2) Review the basis for the Bank's financial statements and the
external auditor's opinion rendered with respect to such financial
statements (including the nature and extent of any significant changes
in accounting principles or the application thereof) and ensure that
policies are in place that are reasonably designed to achieve
disclosure and transparency regarding the Bank's true financial
performance and governance practices;
(3) Oversee the internal audit function by:
(i) Reviewing the scope of audit services required, significant
accounting policies, significant risks and exposures, audit activities,
and audit findings;
(ii) Assessing the performance and determining the compensation of
the internal auditor; and
(iii) Reviewing and approving the internal auditor's work plan.
(4) Oversee the external audit function by:
(i) Approving the external auditor's annual engagement letter;
(ii) Reviewing the performance of the external auditor; and
(iii) Making recommendations to the Bank's board of directors
regarding the appointment, renewal, or termination of the external
auditor.
(5) Provide an independent, direct channel of communication between
the Bank's board of directors and the internal and external auditors;
(6) Conduct or authorize investigations into any matters within the
audit committee's scope of responsibilities;
(7) Ensure that senior management has established and is
maintaining an adequate internal control system within the Bank by:
(i) Reviewing the Bank's internal control system and the resolution
of identified material weaknesses and significant deficiencies in the
internal control system, including the prevention or detection of
management override or compromise of the internal control system; and
(ii) Reviewing the programs and policies of the Bank designed to
ensure compliance with applicable laws, regulations and policies, and
monitoring the results of these compliance efforts;
(8) Review the policies established by senior management to assess
and monitor implementation of the Bank's strategic business plan and
the operating goals and objectives contained therein; and
(9) Report periodically its findings to the Bank's board of
directors.
(f) Meetings. The audit committee shall prepare written minutes of
each audit committee meeting.
Sec. 1239.33 Dividends.
A Bank's board of directors may not declare or pay a dividend based
on projected or anticipated earnings and may not declare or pay a
dividend if the par value of the Bank's stock is impaired or is
projected to become impaired after paying such dividend.
CHAPTER XVII--OFFICE OF FEDERAL HOUSING ENTERPRISE OVERSIGHT,
DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT
SUBCHAPTER C--SAFETY AND SOUNDNESS
PART 1710--[REMOVED]
0
6. Remove part 1710.
PART 1720--[REMOVED]
0
7. Remove part 1720.
Dated: November 10, 2015.
Melvin L. Watt,
Director, Federal Housing Finance Agency.
[FR Doc. 2015-29367 Filed 11-18-15; 8:45 am]
BILLING CODE 8070-01-P