Guidelines Establishing Standards for Recovery Planning by Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches, 78681-78689 [2015-31658]

Download as PDF Lhorne on DSK5TPTVN1PROD with PROPOSALS Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules revenues their tart cherries would generate. Growers and handlers, regardless of size, would benefit from the stabilizing effects of this restriction. In addition, the increased carry-out should provide processors enough supply to meet market needs going into the next season. The Board considered some alternatives in its preliminary restriction discussions that affected this recommended action. The first alternative concerned the average sales in estimating demand for the coming season, and the second alternative regarded the recommended carry-out figure. Regarding demand, the Board began with the actual sales average of 188 million pounds. There was concern, however that this value, which incorporated the weather-related crop failure of 2012, would result in an overrestrictive calculation. After considering options in the range of 40 to 62 million pounds, the Board determined that an adjustment of 43 million pounds, would best meet the industry’s sales needs. Thus the other alternatives were rejected and the Board recommended the 43 million pound economic adjustment. Regarding the carry-out value, the Board previously considered a one-year increase above the 20 million pounds specified in the order to 50 million pounds. However, this season, Board members indicated the carry-out should be even higher to facilitate processing at the end of the crop year. Board members suggested a series of options from 35 million to 60 million pounds of carryout. Some feel the additional fruit is necessary while others were more cautious about having additional fruit on the market at the time of harvest, which may put downward pressure on prices. In conjunction with the demand adjustment, the Board reached a consensus and recommended the Secretary increase the maximum carryout to 55 million pounds for the 2015– 2016 season. In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. Chapter 35), the order’s information collection requirements have been previously approved by the Office of Management and Budget (OMB) and assigned OMB No. 0581–0177, Tart Cherries Grown in the States of MI, NY, PA, OR, UT, WA, and WI. No changes in those requirements as a result of this action are necessary. Should any changes become necessary, they would be submitted to OMB for approval. This proposal would not impose any additional reporting or recordkeeping requirements on either small or large VerDate Sep<11>2014 15:08 Dec 16, 2015 Jkt 238001 tart cherry handlers. As with all Federal marketing order programs, reports and forms are periodically reviewed to reduce information requirements and duplication by industry and public sector agencies. AMS is committed to complying with the E-Government Act, to promote the use of the Internet and other information technologies to provide increased opportunities for citizen access to Government information and services, and for other purposes. USDA has not identified any relevant Federal rules that duplicate, overlap or conflict with this proposed rule. In addition, the Board’s meeting was widely publicized throughout the tart cherry industry and all interested persons were invited to attend the meeting and participate in Board deliberations on all issues. Like all Board meetings, the June 25, 2015, and September 10, 2015, meetings were public meetings and all entities, both large and small, were able to express views on this issue. Finally, interested persons are invited to submit comments on this proposed rule, including the regulatory and informational impacts of this proposal on small businesses. A small business guide on complying with fruit, vegetable, and specialty crop marketing agreements and orders may be viewed at: http://www.ams.usda.gov/ rules-regulations/moa/small-businesses. Any questions about the compliance guide should be sent to Jeffrey Smutny at the previously mentioned address in the FOR FURTHER INFORMATION CONTACT section. A 30-day comment period is provided to allow interested persons to respond to this proposal. Thirty days is deemed appropriate because this proposed rule would need to be in place as soon as possible since handlers are already shipping tart cherries from the 2015–16 crop. All written comments timely received will be considered before a final determination is made on this matter. List of Subjects in 7 CFR Part 930 Marketing agreements, Reporting and recordkeeping requirements, Tart cherries. For the reasons set forth in the preamble, 7 CFR part 930 is proposed to be amended as follows: PART 930—TART CHERRIES GROWN IN THE STATES OF MICHIGAN, NEW YORK, PENNSYLVANIA, OREGON, UTAH, WASHINGTON, AND WISCONSIN 1. The authority citation for 7 CFR part 930 continues to read as follows: ■ PO 00000 Frm 00005 Fmt 4702 Sfmt 4702 78681 Authority: 7 U.S.C. 601–674. ■ 2. Revise § 930.151 to read as follows: § 930.151 Desirable carry-out inventory. For the crop year beginning on July 1, 2015, the desirable carry-out inventory, for the purposes of determining an optimum supply volume, will be 55 million pounds. ■ 3. Revise § 930.256 to read as follows: § 930.256 Free and restricted percentages for the 2015–16 crop year. The percentages for tart cherries handled by handlers during the crop year beginning on July 1, 2015, which shall be free and restricted, respectively, are designated as follows: Free percentage, 80 percent and restricted percentage, 20 percent. Dated: December 14, 2015. Rex A. Barnes, Associate Administrator, Agricultural Marketing Service. [FR Doc. 2015–31777 Filed 12–16–15; 8:45 am] BILLING CODE 3410–02–P DEPARTMENT OF THE TREASURY Office of the Comptroller of the Currency 12 CFR Part 30 [Docket ID OCC–2015–0017] RIN 1557–AD96 Guidelines Establishing Standards for Recovery Planning by Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches Office of the Comptroller of the Currency, Treasury. ACTION: Proposed guidelines. AGENCY: The Office of the Comptroller of the Currency (OCC) is requesting comment on proposed enforceable guidelines establishing standards for recovery planning by insured national banks, insured Federal savings associations, and insured Federal branches of foreign banks with average total consolidated assets of $50 billion or more (Guidelines). The OCC would issue the Guidelines as an appendix to its safety and soundness standards regulations, and the Guidelines would be enforceable by the terms of the Federal statute that authorizes the OCC to prescribe operational and managerial standards for national banks and Federal savings associations. DATES: Comments must be submitted by February 16, 2016. SUMMARY: E:\FR\FM\17DEP1.SGM 17DEP1 78682 Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules Because paper mail in the Washington, DC area and at the OCC is subject to delay, commenters are encouraged to submit comments through the Federal eRulemaking Portal or email, if possible. Please use the title ‘‘Guidelines Establishing Standards for Recovery Planning by Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches’’ to facilitate the organization and distribution of the comments. You may submit comments by any of the following methods: • Federal eRulemaking Portal— ‘‘Regulations.gov’’: Go to http:// www.regulations.gov. Enter ‘‘Docket ID OCC–2015–0017’’ in the Search Box and click ‘‘Search’’. Results can be filtered using the filtering tools on the left side of the screen. Click on ‘‘Comment Now’’ to submit public comments. • Click on the ‘‘Help’’ tab on the Regulations.gov home page to get information on using Regulations.gov, including instructions for submitting public comments. • Email: regs.comments@ occ.treas.gov. • Mail: Legislative and Regulatory Activities Division, Office of the Comptroller of the Currency, 400 7th Street SW., Suite 3E–218, Mail Stop 9W–11, Washington, DC 20219. • Hand Delivery/Courier: 400 7th Street SW., Suite 3E–218, Mail Stop 9W–11, Washington, DC 20219. • Fax: (571) 465–4326. Instructions: You must include ‘‘OCC’’ as the agency name and ‘‘Docket ID OCC–2015–0017’’ in your comment. In general, the OCC will enter all comments received into the docket and publish them on the Regulations.gov Web site without change, including any business or personal information that you provide such as name and address, email addresses, or phone numbers. Comments received, including attachments and other supporting materials, are part of the public record and subject to public disclosure. Do not enclose any information in your comment or supporting materials that you consider confidential or inappropriate for public disclosure. You may review comments and other related materials that pertain to this rulemaking action by any of the following methods: • Viewing Comments Electronically: Go to http://www.regulations.gov. Enter ‘‘Docket ID OCC–2015–0017’’ in the Search box and click ‘‘Search’’. Comments can be filtered by agency name using the filtering tools on the left side of the screen. • Click on the ‘‘Help’’ tab on the Regulations.gov home page to get Lhorne on DSK5TPTVN1PROD with PROPOSALS ADDRESSES: VerDate Sep<11>2014 15:08 Dec 16, 2015 Jkt 238001 information on using Regulations.gov, including instructions for viewing public comments, viewing other supporting and related materials, and viewing the docket after the close of the comment period. • Viewing Comments Personally: You may personally inspect and photocopy comments at the OCC, 400 7th Street SW., Washington, DC. For security reasons, the OCC requires that visitors make an appointment to inspect comments. You may do so by calling (202) 649–6700 or, for persons who are deaf or hard of hearing, TTY, (202) 649– 5597. Upon arrival, visitors will be required to present valid governmentissued photo identification and to submit to a security screening in order to inspect and photocopy comments. • Docket: You may also view or request available background documents and project summaries using the methods described above. FOR FURTHER INFORMATION CONTACT: For questions concerning the Guidelines, contact Lori Bittner, Large Bank Supervision—Resolution and Recovery, (202) 649–6093; Stuart Feldstein, Director, Andra Shuster, Senior Counsel, or Karen McSweeney, Counsel, Legislative & Regulatory Activities Division, (202) 649–5490 or, for persons who are deaf or hard of hearing, TTY, (202) 649–5597; or Valerie Song, Assistant Director, Bank Activities and Structure Division, (202) 649–5500, 400 7th Street SW., Washington, DC 20219. SUPPLEMENTARY INFORMATION: Background The recent financial crisis demonstrated the destabilizing effect that severe stress at large, complex, interconnected financial companies can have on the national economy, capital markets, and the overall financial stability of the banking system. Following the crisis, Congress passed the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act); among other purposes, the DoddFrank Act was intended to strengthen the framework for the supervision and regulation of large U.S. financial companies in order to address the significant impact that these institutions can have on capital markets and the economy. One lesson learned from the crisis is the importance—especially in large or complex financial institutions—of strong risk management and corporate governance practices. In 2014, the OCC adopted heightened standards guidelines that address the risk management and corporate governance PO 00000 Frm 00006 Fmt 4702 Sfmt 4702 of large or complex banks.1 These guidelines establish minimum standards for the design and implementation of a corporate governance framework and for a bank’s board of directors in overseeing the framework’s design and implementation. The OCC believes that these heightened standards further the goals of the Dodd-Frank Act by clarifying the OCC’s expectation that banks have robust practices in areas where the crisis revealed substantial weaknesses. Another important component of an institution’s risk management and corporate governance practices is how an institution plans to respond to severe stress in a manner that preserves its financial and operational strength and viability. In the aftermath of the crisis, it became clear that many financial institutions had insufficient plans for identifying and responding rapidly to significant stress events. As a result, many institutions were forced to take significant actions quickly without the benefit of a well-developed plan. In addition, recent large-scale operational events, such as destructive cyber attacks, demonstrate the need for institutions to plan how to respond to such occurrences. The OCC believes that large, complex institutions should have a recovery plan that describes options for responding to stress events. Accordingly, the OCC is proposing to establish standards for recovery planning that would apply to insured national banks, insured Federal savings associations, and insured Federal branches of foreign banks (together, banks and each, a bank) with average total consolidated assets of $50 billion or more (together, covered banks and each, a covered bank).2 An institution’s recovery planning should be a dynamic, ongoing process. This process should complement the institution’s risk management and corporate governance functions and support its safe and sound operation. The process of developing and maintaining a recovery plan also should cause covered banks’ management and boards of directors to enhance their focus on risk management and corporate governance with a view toward lessening the financial or operational impact of future unforeseen events. The OCC recognizes that many covered banks already engage in 1 79 FR 54518 (Sept. 11, 2014) (OCC Guidelines Establishing Heightened Standards for Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches; Integration of Regulations). 2 While the Dodd-Frank Act addresses resolution planning, it does not specifically address recovery planning. E:\FR\FM\17DEP1.SGM 17DEP1 Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules Lhorne on DSK5TPTVN1PROD with PROPOSALS significant planning to respond to events such as cyber attacks, business interruptions, and leadership vacancies. They undertake strategic, operational, contingency, capital (including stress testing), liquidity, and resolution planning. We do not intend for the recovery planning required by these Guidelines to duplicate these efforts, and we encourage covered banks to leverage their existing planning. Rather, the purpose of the Guidelines is to provide a comprehensive framework for evaluating how severe stress may affect the covered bank as a whole and the options that will allow it to remain viable even under severe stress. As described below, a covered bank should develop and maintain a recovery plan that identifies triggers based on severe stress scenarios. These scenarios should range from those that cause significant financial and operational hardship to those that bring the covered bank close to default, but no further; scenarios should not go so far as to push the covered bank into resolution. The plan should identify the credible options a covered bank could take to restore financial and operational strength and viability in a timely manner, while maintaining market confidence. Neither the plan nor the options may assume or rely on any extraordinary government support. As part of the OCC’s regular supervisory activities, OCC examiners will assess the appropriateness and adequacy of the covered bank’s recovery planning process and the integration of that process into the covered bank’s overall risk management and corporate governance functions. Examiners will also assess the quality and reasonableness of a covered bank’s recovery plan, including its triggers and the stress scenarios upon which the triggers are based, recovery options, impact assessments, and execution strategies, as well as the covered bank’s management and board responsibilities. Enforcement of the Guidelines The OCC is proposing these Guidelines pursuant to section 39 of the Federal Deposit Insurance Act (FDIA).3 Section 39 authorizes the OCC to prescribe safety and soundness standards in the form of a regulation or guidelines. The OCC currently has four sets of these guidelines, issued as appendices to part 30 of the OCC’s regulations. Appendix A contains operational and managerial standards 3 12 U.S.C. 1831p–1. Section 39 was enacted as part of the Federal Deposit Insurance Corporation Improvement Act of 1991, Public Law 102–242, section 132(a), 105 Stat. 2236, 2267–70 (Dec. 19, 1991). VerDate Sep<11>2014 15:08 Dec 16, 2015 Jkt 238001 that relate to internal controls, information systems, internal audit systems, loan documentation, credit underwriting, interest rate exposure, asset growth, asset quality, earnings, compensation, fees, and benefits. Appendix B contains standards on information security, and Appendix C contains standards that address residential mortgage lending practices. Appendix D contains standards for the design and implementation of a risk governance framework. Section 39 prescribes different consequences depending on whether the standards are issued by regulation or guidelines. Pursuant to section 39, if a national bank or Federal savings association 4 fails to meet a standard prescribed by regulation, the OCC must require it to submit a plan specifying the steps it will take to comply with the standard. If a national bank or Federal savings association fails to meet a standard prescribed by a guideline, the OCC has the discretion to decide whether to require the submission of a plan.5 Issuing these standards as guidelines rather than as a regulation provides the OCC with the flexibility to pursue the course of action that is most appropriate given the specific circumstances of a covered bank’s noncompliance with one or more standards and the covered bank’s selfcorrective and remedial responses. The procedural rules implementing the supervisory and enforcement remedies prescribed by section 39 are contained in part 30 of the OCC’s rules. Under these provisions, the OCC may initiate a supervisory or enforcement process when it determines, by examination or otherwise, that a national bank or Federal savings association has failed to meet the standards set forth in the Guidelines.6 Upon making that determination, the OCC may request, in writing, that the national bank or Federal savings association submit a compliance plan to the OCC detailing the steps the institution will take to correct the deficiencies and the time within which it will take those steps. This request is termed a Notice of Deficiency. Upon 4 Section 39 of the FDIA applies to ‘‘insured depository institutions,’’ which includes insured Federal branches of foreign banks. While we do not specifically refer to these entities in this discussion, it should be read to include them. However, section 39 does not apply to uninsured depository institutions. 5 See 12 U.S.C. 1831p–1(e)(1)(A)(i) and (ii). 6 The procedures governing the determination and notification of failure to satisfy a standard prescribed pursuant to section 39, the filing and review of compliance plans, and the issuance, if necessary, of orders currently are set forth in the OCC’s regulations at 12 CFR 30.3, 30.4, and 30.5. PO 00000 Frm 00007 Fmt 4702 Sfmt 4702 78683 receiving a Notice of Deficiency from the OCC, the national bank or Federal savings association must submit a compliance plan to the OCC for approval within 30 days. If a national bank or Federal savings association fails to submit an acceptable compliance plan or fails in any material respect to implement a compliance plan approved by the OCC, the OCC may issue a Notice of Intent to Issue an Order pursuant to section 39 (Notice of Intent). The bank or savings association then has 14 days to respond to the Notice of Intent. After considering the bank’s or savings association’s response, the OCC may issue the order, decide not to issue the order, or seek additional information from the bank or savings association before making a final decision. Alternatively, the OCC may issue an order without providing the bank or savings association with a Notice of Intent. In such a case, the bank or savings association may appeal afterthe-fact to the OCC, and the OCC has 60 days to consider the appeal. Upon the issuance of an order, a bank or savings association is deemed to be in noncompliance with part 30. Orders are formal, public documents, and they may be enforced by the OCC in district court. The OCC may also assess a civil money penalty, pursuant to 12 U.S.C. 1818, against any bank or savings association that violates or otherwise fails to comply with any final order and against any institution-affiliated party who participates in such violation or noncompliance. Description of the OCC’s Guidelines for Recovery Planning The proposed Guidelines consist of three sections. Section I provides an introduction to the Guidelines, explains the scope of the Guidelines, and defines key terms. Section II sets forth the standards for the design and execution of a covered bank’s recovery plan. Section III provides the standards for management’s and the board of directors’ responsibilities in connection with the recovery plan. Section I: Introduction Scope. The Guidelines would apply to a bank with average total consolidated assets equal to or greater than $50 billion as of the effective date of the Guidelines (calculated by averaging the covered bank’s total consolidated assets, as reported on the bank’s Consolidated Reports of Condition and Income (Call Reports), for the four most recent consecutive quarters). This threshold is consistent with the scope of the regulations of the Federal Deposit Insurance Corporation (FDIC) and Board E:\FR\FM\17DEP1.SGM 17DEP1 78684 Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules Lhorne on DSK5TPTVN1PROD with PROPOSALS of Governors of the Federal Reserve System (Board) that require certain entities to prepare resolution plans.7 For those banks that have average total consolidated assets less than $50 billion as of the effective date of the Guidelines, but subsequently have average total consolidated assets of $50 billion or greater, the date on which the Guidelines would apply is the as-of date of the most recent Call Report used in the calculation of the average.8 Once a bank becomes subject to the Guidelines because its average total consolidated assets reach or exceed the $50 billion threshold, it would be required to continue to comply with the Guidelines, unless the OCC specifically determines that compliance is not required. In order to maintain supervisory flexibility, the proposed Guidelines would reserve the OCC’s authority to apply the Guidelines to a bank whose average total consolidated assets are less than $50 billion if the OCC determines such entity’s operations are highly complex or otherwise present a heightened risk that warrants application of the Guidelines. The OCC expects to use this authority infrequently; it does not intend to apply the Guidelines to community banks. In determining whether a bank’s operations are highly complex or present a heightened risk, the OCC will consider the bank’s risk profile, size, activities, and complexity, including the complexity of its organizational and legal entity structure. Additionally, as noted above, the OCC may determine that a covered bank is no longer required to comply with the Guidelines. The OCC would generally make this determination if a covered bank’s operations are no longer highly complex or no longer present a heightened risk. When exercising any of these reservations of authority, the OCC would apply notice and response procedures consistent with those set out in 12 CFR 3.404. In accordance with these procedures, the OCC would provide a bank or covered bank, as appropriate, with written notice of its proposed determination under this paragraph of the Guidelines, and the bank or covered bank would have 30 days to respond in writing. The OCC would consider failure to respond within this time frame a waiver of any 7 See 12 CFR 381.2(f) and 243.2(f), respectively. See also 12 CFR 360.10. 8 While the Guidelines would apply as of the date of the most recent Call Report used in the calculation of the average total consolidated assets of the covered bank, we understand that a newly covered bank will need time to formulate a recovery plan and expect the bank to work with its OCC examiners during this period. VerDate Sep<11>2014 15:08 Dec 16, 2015 Jkt 238001 objections. At the conclusion of the 30 days, the OCC would issue a written notice of its final determination. As discussed above, the Guidelines would be enforceable pursuant to section 39 of the FDIA and part 30 of the OCC’s rules. Section I of the Guidelines provides that nothing in section 39 or the Guidelines in any way limits the authority of the OCC to address unsafe or unsound practices or conditions or other violations of law.9 Definitions. Paragraph D of Section I defines certain terms used throughout the Guidelines, including ‘‘average total consolidated assets,’’ ‘‘bank,’’ ‘‘covered bank,’’ ‘‘recovery,’’ ‘‘recovery plan,’’ and ‘‘trigger.’’ The term ‘‘recovery’’ means timely and appropriate action that a covered bank takes to remain a going concern when it is experiencing or is likely to experience considerable financial or operational distress. A covered bank in recovery has not yet deteriorated to the point where liquidation or resolution is imminent. A ‘‘recovery plan’’ is a plan that identifies triggers and options for responding to a wide range of severe internal and external stress scenarios and for restoring a covered bank to financial and operational strength and viability in a timely manner, while maintaining the confidence of market participants. Neither the plan nor the options may assume or rely on any extraordinary government support. ‘‘Trigger’’ means a quantitative or qualitative indicator of the risk or existence of severe stress that should always be escalated to management or the board of directors, as appropriate, for purposes of initiating a response. The breach of any trigger should result in timely notice accompanied by sufficient information to enable management of the covered bank to take corrective action. Section II: Recovery Plan Each covered bank should develop and maintain a recovery plan appropriate for its individual risk profile, size, activities, and complexity, including the complexity of its organizational and legal entity structure. Section II sets forth the elements that the covered bank should include in a recovery plan.10 1. Overview of covered bank. It is important that a recovery plan provide a detailed description of the covered bank’s overall organizational and legal 9 Section 39 preserves all authority otherwise available to the OCC, stating, ‘‘The authority granted by this section is in addition to any other authority of the Federal banking agencies.’’ See 12 U.S.C. 1831p–1(g). 10 A covered bank can use information included in its resolution plan to prepare its recovery plan. PO 00000 Frm 00008 Fmt 4702 Sfmt 4702 structure, including its material entities, critical operations, core business lines, and core management information systems. The description should explain interconnections and interdependencies 11 (i) across business lines within the covered bank, (ii) with affiliates in a bank holding company structure, (iii) between a covered bank and its foreign subsidiaries, and (iv) with critical third parties. The description should address whether a disruption of these interconnections or interdependencies would materially affect the funding or operations of the covered bank and, if so, how. Examples include relationships with respect to credit exposures, investments, or funding commitments; guarantees including an acceptance, endorsement, or letter of credit issued for the benefit of an affiliate during normal periods, as opposed to during a crisis; and payment services, treasury operations, collateral management, information technology (IT), human resources (HR), or other operational functions. This overview is an essential part of the recovery plan. 2. Triggers. As defined above, a trigger is a quantitative or qualitative indicator of the risk or existence of severe stress that should always be escalated to management or the board of directors, as appropriate, for purposes of initiating a response. In order to identify triggers that appropriately reflect the particular vulnerabilities of each covered bank, the bank should begin by designing severe stress scenarios that would threaten the covered bank’s critical operations or cause it to fail if one or more recovery options were not implemented in a timely manner. Because a recovery plan should demonstrate the ability of the covered bank to restore its financial and operational strength and viability, these scenarios should range from those that cause significant financial and operational hardship to those that bring the covered bank close to default, but not into resolution.12 The covered bank should consider a range of bank-specific and market-wide stress scenarios, individually and in the aggregate, that are immediate and prolonged. The stress scenarios should be designed to result in capital shortfalls, liquidity pressures, or other significant financial losses. Examples of 11 We are using the terms ‘‘interconnections’’ and ‘‘interdependencies’’ in a manner consistent with FDIC and Board resolution plan regulations. See supra note 7. 12 Separate from these Guidelines, covered banks are required to conduct supervisory stress tests. While the scenarios used to conduct those tests may be appropriate for purposes of identifying triggers under these Guidelines, a covered bank should evaluate the appropriateness of those scenarios on a case-by-case basis. E:\FR\FM\17DEP1.SGM 17DEP1 Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules bank-specific stress scenarios include fraud; portfolio shocks; a significant cyber attack 13 or other wide-scale operational event; accounting and tax issues; events that cause a reputational crisis that degrades customer or market confidence; and other key stresses that management identifies. Examples of market-wide stress scenarios include the disruption of domestic or global financial markets; the failure or impairment of systemically important financial industry participants, critical financial market infrastructure firms, and critical third-party relationships; significant changes in debt or equity valuations, currency rates, or interest rates; the widespread interruption of critical infrastructure that may degrade operational capability; 14 and general economic conditions. As provided in the definition of ‘‘trigger,’’ the breach of a trigger should always be escalated to management or the board of directors, as appropriate, for its consideration of an appropriate response. The breach of any trigger should result in timely notice accompanied by sufficient information to enable management of the covered bank to take corrective action. A covered bank should select triggers that address a continuum of increasingly severe stress, ranging from those that provide a warning of the likely occurrence of severe stress to those that indicate the actual existence of severe stress. The number and nature of triggers should be appropriate for the covered bank’s business and risk profile. The nature of the trigger informs the nature of the response. For example, in some situations, the appropriate response to the breach of a trigger may be enhanced monitoring; in other situations, the breach of a trigger should result in activating a specific recovery option set forth in the plan or taking other corrective action. It should be noted, however, that the breach of a particular trigger does not necessarily correspond to a single recovery option; instead, more than one option may be appropriate when a particular trigger is breached. A recovery plan should include both quantitative and qualitative triggers. Quantitative triggers include changes in covered bank-specific indicators that reflect the covered bank’s capital or liquidity position. While capital or liquidity triggers may be the most critical, a covered bank should also consider other quantitative triggers that may have an impact on its condition, such as a rating downgrade; access to credit and borrowing lines; equity ratios; profitability; asset quality; or other macroeconomic indicators. Of course, a covered bank should be prepared to act to preserve the financial and operational strength and viability of the bank if it is at risk, regardless of whether a trigger has been breached or the recovery plan includes options to specifically address the problems the bank faces. Qualitative triggers include the unexpected departure of senior leadership; the erosion of reputation or market standing; the impact of an adverse legal ruling; and a material operational event that affects the covered bank’s ability to access critical services or to deliver products or services to its customers for a material period of time. It is important to note that the covered bank should review and update both qualitative and quantitative triggers, as necessary, to take into account changes in laws and regulations and other material events. In addition, a covered bank should consider the regulatory or legal Possible triggers Idiosyncratic stress: Trading losses caused by a rogue trader. Lhorne on DSK5TPTVN1PROD with PROPOSALS consequences that may be associated with the breach of a particular trigger. 3. Options for recovery. The recovery plan should identify a wide range of credible options that a covered bank could undertake to restore financial and operational strength and viability, thereby allowing the bank to continue to operate as a going concern and to avoid liquidation or resolution. A covered bank should be able to execute the identified options within time frames that allow those options to be effective during periods of stress. Neither the plan nor the options may assume or rely on any extraordinary government support. A recovery plan should explain how the covered bank would carry out each option. It should include a description of the decision-making process for implementing each option, including the steps to be followed and any timing considerations. It should also identify the critical parties needed to carry out each option. Options may include the conservation or restoration of liquidity and capital; the sale, transfer, or disposal of significant assets, portfolios, or business lines; the reduction of risk profile; the restructuring of liabilities; the activation of emergency protocols; and succession planning. Options may also include organizational restructuring, including divesting legal entities in order to simplify the covered bank’s structure. The recovery plan should also identify obstacles that could impede the execution of an option and set out mitigation strategies for addressing these obstacles. The recovery plan should specifically identify recovery options that require regulatory or legal approval. Set forth below are examples of how stress scenarios, triggers, and options relate to each other: Possible options in response to triggers Example of a severe stress scenario • Tier 1 capital falls below 6% ........................ • Liquidity falls below internal bank policy requirements. • Short-term credit rating falls below A–3 ....... • Nonperforming loans rise above a specified percentage. • Market capitalization falls below a specific limit for a certain period of time. Systemic stress: Significant decline in U.S. gross domestic product, coupled with an increase in the U.S. unemployment rate and a deterioration in U.S. residential housing market. 78685 • • • • • Issue new capital. Sell nonstrategic assets or businesses. Reduce loan originations or commitments. Sell strategic assets or businesses. Reduce expenses (e.g., business contractions). • Access the Board’s Discount Window. 4. Impact assessments. For each recovery option, a covered bank should assess and describe how the option would affect the covered bank. This impact assessment and description should specify the procedures the covered bank would use to maintain the financial and operational strength and viability of its material entities, critical 13 An example of a significant cyber attack includes an event that has an impact on a bank’s computer network(s) or the computer network(s) of one of its third-party providers and that undermines the covered bank’s data or processes. 14 An example of this type of interruption includes a disruption to a payment, clearing, or settlement system that affects the covered bank’s ability to access that system. VerDate Sep<11>2014 17:10 Dec 16, 2015 Jkt 238001 PO 00000 Frm 00009 Fmt 4702 Sfmt 4702 E:\FR\FM\17DEP1.SGM 17DEP1 Lhorne on DSK5TPTVN1PROD with PROPOSALS 78686 Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules operations, and core business lines for each recovery option. This assessment should include an analysis of both its internal operations (e.g., IT systems, suppliers, HR operations) and its access to market infrastructure (e.g., clearing and settlement facilities, payment systems, additional collateral requirements). A recovery plan should also specify actions a firm can take to sell entities, assets, or business lines to restore the financial condition of the covered bank. For each recovery option, a covered bank should identify any impediments or regulatory requirements that must be addressed to execute the option, including how to overcome those impediments or satisfy those requirements. Each recovery option also should address potential consequences, including the benefits and risks of that particular option. The assessment should address the impact on the covered bank’s capital, liquidity, funding and profitability; and the effect on the covered bank’s material entities, critical operations, and core business lines, including reputational impact. 5. Escalation procedures. A recovery plan should clearly outline the process for escalating decision-making to senior management or the board of directors, as appropriate, in response to the breach of a trigger. The recovery plan should also identify the departments and persons responsible for making and executing these decisions, including the process for informing necessary stakeholders (e.g., shareholders, counsel, accountants, regulators) to effect the action. At a minimum, the escalation procedures should result in the covered bank taking action before remedial supervisory action is necessary. 6. Management reports. A recovery plan should require reports that provide management or the board of directors with sufficient data and information to make timely decisions regarding the appropriate actions necessary to respond to the breach of a trigger. A recovery plan should identify the types of reports that the covered bank will provide to allow management or the board to monitor progress with respect to the actions taken under the recovery plan. 7. Communication procedures. A recovery plan should provide that the covered bank notify the OCC of any significant breach of a trigger and any action taken or to be taken in response to such breach and should explain the process for deciding when a breach of a trigger is significant. A covered bank should work closely with the OCC when executing a recovery plan. A recovery plan also should address when and how the covered bank will VerDate Sep<11>2014 15:08 Dec 16, 2015 Jkt 238001 notify persons within the organization and other external parties of its actions under the recovery plan. These elements will ensure that all stakeholders are informed in a timely manner of how the covered bank responds to a breach of a trigger. In addition, the recovery plan should specifically identify how the covered bank will obtain required regulatory or legal approvals in order to ensure that the covered bank receives such approval in a timely manner. 8. Other information. A recovery plan should include any other information that the OCC communicates in writing directly to the covered bank regarding the covered bank’s recovery plan. A well-developed recovery plan should also consider relevant information included in other written OCC or Federal Financial Institutions Examination Council material. C. Relationship to other processes; coordination with other plans. The covered bank should integrate its recovery plan into its corporate governance and risk management functions. The covered bank also should coordinate its recovery plan with its strategic; operational (including business continuity); contingency; capital (including stress testing); liquidity; and resolution planning. In many cases, these plans may be interconnected and would require the covered bank to coordinate among them. In addition, to the extent possible, a covered bank should align its recovery plan with any recovery and resolution planning efforts by the covered bank’s holding company so that the plans are consistent with and do not contradict each other. We recognize that some inconsistency may be unavoidable because recovery planning and resolution planning differ in that recovery planning addresses a bank’s ongoing financial and operational strength and viability while resolution planning starts from the point of nonviability. The OCC notes that covered banks are an integral part of bank holding company recovery and resolution plans. As a result, a covered bank may be able to leverage certain elements in these other plans. For example, resolution plans typically require a bank to map its critical operations. A covered bank may find this resolution planning mapping exercise to be useful in describing its interconnections and interdependencies as set out in its recovery plan overview. Section III: Management’s and Board of Directors’ Responsibilities Section III of the proposed Guidelines addresses the responsibilities of both PO 00000 Frm 00010 Fmt 4702 Sfmt 4702 management and the board of directors with respect to the recovery plan. Management of the covered bank should review the recovery plan at least annually and in response to a material event. It should revise the plan as necessary to reflect material changes in the covered bank’s risk profile, complexity, size, and activities, as well as changes in external threats. During this review, management should consider the ongoing relevance and applicability of the stress scenarios and triggers and revise the recovery plan as needed. This review should evaluate the covered bank’s organizational structure and its effectiveness in facilitating a recovery. The assessment should consider the legal structures, number of entities, geographical footprint, booking practices (e.g., guarantees, exposures), and servicing arrangements necessary to enable flexible operations. The board and management should provide justification for the covered bank’s organizational and legal structures and outline changes that would enhance the board’s and management’s ability to oversee the covered bank in times of stress. A more rational legal structure can provide a clearer path to recovery and the operational flexibility to implement the recovery plan. The board is responsible for overseeing the covered bank’s recovery planning process. As part of the board’s oversight of a covered bank’s safe and sound operations, the board also should work closely with the bank’s senior management in developing and executing the recovery plan. Accordingly, the Guidelines provide that a covered bank’s board of directors, or an appropriate committee of the board, should review and approve the recovery plan at least annually and as needed to address any changes made by management. Request for Comments The OCC requests comment on all aspects of the proposed Guidelines. Regulatory Analysis Paperwork Reduction Act The OCC has determined that this proposal involves collections of information pursuant to the provisions of the Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501 et seq.). The OCC may not conduct or sponsor, and an organization is not required to respond to, these information collection requirements unless the information collection displays a currently valid Office of Management and Budget (OMB) control number. The OCC is seeking a control number for this E:\FR\FM\17DEP1.SGM 17DEP1 Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules Lhorne on DSK5TPTVN1PROD with PROPOSALS collection from OMB and has submitted this collection to OMB. The collections of information that are subject to the PRA in this proposal are found in 12 CFR part 30, appendix E, sections II.B., II.C., and III. Section II.B. specifies the elements of the recovery plan, including an overview of the covered bank; triggers; options for recovery; impact assessments; escalation procedures; management reports; and communication procedures. Section II.C. addresses the relationship of the plan to other covered bank processes and plans, as well as those of its bank holding company. Section III outlines management’s and board of directors’ responsibilities. Title: OCC Guidelines Establishing Standards for Recovery Planning by Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches. OMB Control No.: To be assigned by OMB. Frequency of Response: On occasion. Affected Public: Businesses or other for-profit organizations. Burden Estimates: Total Number of Respondents: 23. Total Burden per Respondent: 7,543 hours. Total Burden for Collection: 173,489 hours. Comments should be submitted as provided in the ADDRESSES section and are invited on: (1) Whether the proposed collection of information is necessary for the proper performance of the OCC’s functions; including whether the information has practical utility; (2) the accuracy of the OCC’s estimate of the burden of the proposed information collection, including the cost of compliance; (3) ways to enhance the quality, utility, and clarity of the information to be collected; and (4) ways to minimize the burden of information collection on respondents, including through the use of automated collection techniques or other forms of IT. Regulatory Flexibility Analysis Pursuant to section 605(b) of the Regulatory Flexibility Act, 5 U.S.C. 605(b) (RFA), the regulatory flexibility analysis otherwise required under section 603 of the RFA is not required if the agency certifies that the proposal will not, if promulgated, have a significant economic impact on a substantial number of small entities (defined for purposes of the RFA to include commercial banks and savings institutions with assets less than or equal to $550 million and trust companies with assets less than or equal to $38.5 million) and publishes its VerDate Sep<11>2014 15:08 Dec 16, 2015 Jkt 238001 certification and a short, explanatory statement in the Federal Register along with its proposal. The proposed Guidelines would have no impact on any small entities. The proposed Guidelines would apply only to insured national banks, insured Federal savings associations, and insured Federal branches of foreign banks with $50 billion or more in average total consolidated assets. The proposed Guidelines reserve the OCC’s authority to apply them to an insured national bank, insured Federal savings association, or insured Federal branch of a foreign bank with less than $50 billion in average total consolidated assets if the OCC determines such entity’s operations are highly complex or otherwise present a heightened risk. We do not expect any small entities will be determined to have highly complex operations or present heightened risk by the OCC. Therefore, the OCC certifies that the proposed Guidelines would not, if issued, have a significant economic impact on a substantial number of small entities. Unfunded Mandates Reform Act Analysis Section 202 of the Unfunded Mandates Reform Act of 1995 (2 U.S.C. 1532), requires the OCC to prepare a budgetary impact statement before promulgating a rule that includes a Federal mandate that may result in the expenditure by State, local, and tribal governments, in the aggregate, or by the private sector, of $100 million or more in any one year (adjusted annually for inflation). The OCC has determined that this proposal will not result in expenditures by State, local, and tribal governments, or the private sector, of $100 million or more in any one year. Accordingly, the OCC has not prepared a budgetary impact statement. List of Subjects in 12 CFR Part 30 Banks, Banking, Consumer protection, National banks, Privacy, Safety and soundness, Reporting and recordkeeping requirements. For the reasons set forth in the preamble, and under the authority of 12 U.S.C. 93a, chapter I of title 12 of the Code of Federal Regulations is proposed to be amended as follows: PART 30—SAFETY AND SOUNDNESS STANDARDS 1. The authority citation for part 30 continues to read as follows: ■ Authority: 12 U.S.C. 1, 93a, 371, 1462a, 1463, 1464, 1467a, 1818, 1828, 1831p–1, 1881–1884. 3102(b) and 5412(b)(2)(B); 15 U.S.C. 1681s, 1681w, 6801, and 6805(b)(1). PO 00000 Frm 00011 Fmt 4702 Sfmt 4702 78687 2. Add Appendix E to part 30 to read as follows: ■ Appendix E to Part 30—OCC Guidelines Establishing Standards for Recovery Planning by Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches Table of Contents I. Introduction A. Scope B. Reservation of Authority C. Preservation of Existing Authority D. Definitions II. Recovery Plan A. Recovery Plan B. Elements of Recovery Plan 1. Overview of Covered Bank 2. Triggers 3. Options for Recovery 4. Impact Assessments 5. Escalation Procedures 6. Management Reports 7. Communication Procedures 8. Other Information C. Relationship to Other Processes; Coordination With Other Plans III. Management’s and Board of Directors’ Responsibilities A. Management B. Board of Directors I. Introduction A. Scope. This appendix applies to a covered bank, as defined in paragraph I.D.3. B. Reservation of authority. 1. The OCC reserves the authority: a. To apply this appendix, in whole or in part, to a bank that has average total consolidated assets of less than $50 billion, if the OCC determines such bank is highly complex or otherwise presents a heightened risk that warrants the application of this appendix; or b. To determine that compliance with this appendix should not be required for a covered bank. The OCC will generally make the determination under this paragraph I.B.1.b. if a covered bank’s operations are no longer highly complex or no longer present a heightened risk. 2. In determining whether a covered bank is highly complex or presents a heightened risk, the OCC will consider the bank’s risk profile, size, activities, and complexity, including the complexity of its organizational and legal entity structure. Before exercising the authority reserved by this paragraph I.B, the OCC will apply notice and response procedures in the same manner and to the same extent as the notice and response procedures in 12 CFR 3.404. C. Preservation of existing authority. Neither section 39 of the Federal Deposit Insurance Act (12 U.S.C. 1831p–1) nor this appendix in any way limits the authority of the OCC to E:\FR\FM\17DEP1.SGM 17DEP1 78688 Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules Lhorne on DSK5TPTVN1PROD with PROPOSALS address unsafe or unsound practices or conditions or other violations of law. The OCC may take action under section 39 and this appendix independently of, in conjunction with, or in addition to any other enforcement action available to the OCC. D. Definitions. 1. Average total consolidated assets means the average total consolidated assets of the bank or the covered bank, as reported on the bank’s or covered bank’s Call Reports for the four most recent consecutive quarters. 2. Bank means any insured national bank, insured Federal savings association, or insured Federal branch of a foreign bank. 3. Covered bank means any bank— (a) With average total consolidated assets equal to or greater than $50 billion; or (b) With average total consolidated assets less than $50 billion, if the OCC determines that such bank is highly complex or otherwise presents a heightened risk as to warrant the application of this appendix pursuant to paragraph I.B.1.a. 4. Recovery means timely and appropriate action that a covered bank takes to remain a going concern when it is experiencing or is likely to experience considerable financial or operational distress. A covered bank in recovery has not yet deteriorated to the point where liquidation or resolution is imminent. 5. Recovery plan means a plan that identifies triggers and options for responding to a wide range of severe internal and external stress scenarios and to restore a covered bank that is in recovery to financial and operational strength and viability in a timely manner. The options should maintain the confidence of market participants, and neither the plan nor the options may assume or rely on any extraordinary government support. 6. Trigger means a quantitative or qualitative indicator of the risk or existence of severe stress that should always be escalated to management or the board of directors, as appropriate, for purposes of initiating a response. The breach of any trigger should result in timely notice accompanied by sufficient information to enable management of the covered bank to take corrective action. II. Recovery Plan A. Recovery plan. Each covered bank should develop and maintain a recovery plan that is appropriate for its individual risk profile, size, activities, and complexity, including the complexity of its organizational and legal entity structure. VerDate Sep<11>2014 15:08 Dec 16, 2015 Jkt 238001 B. Elements of recovery plan. A recovery plan under paragraph II.A. should include the following elements: 1. Overview of covered bank. A recovery plan should describe the covered bank’s overall organizational and legal structure, including its material entities, critical operations, core business lines, and core management informational systems. The plan should describe interconnections and interdependencies (i) across business lines within the covered bank, (ii) with affiliates in a bank holding company structure, (iii) between a covered bank and its foreign subsidiaries, and (iv) with critical third parties. 2. Triggers. A recovery plan should identify triggers that appropriately reflect the covered bank’s particular vulnerabilities. 3. Options for recovery. A recovery plan should identify a wide range of credible options that a covered bank could undertake to restore financial and operational strength and viability, thereby allowing the bank to continue to operate as a going concern and to avoid liquidation or resolution. A recovery plan should explain how the covered bank would carry out each option and describe the timing required for carrying out each option. The recovery plan should specifically identify the recovery options that require regulatory or legal approval. 4. Impact assessments. For each recovery option, a covered bank should assess and describe how the option would affect the covered bank. This impact assessment and description should specify the procedures the covered bank would use to maintain the financial and operational strength and viability of its material entities, critical operations, and core business lines for each recovery option. For each option, the recovery plan should address the following: a. The effect on the covered bank’s capital, liquidity, funding and profitability; b. The effect on the covered bank’s material entities, critical operations and core business lines, including reputational impact; and c. Any legal or market impediment or regulatory requirement that must be addressed or satisfied in order to implement the option. 5. Escalation procedures. A recovery plan should clearly outline the process for escalating decision-making to senior management or the board of directors, as appropriate, in response to the breach of a trigger. The recovery plan should also identify the departments and persons PO 00000 Frm 00012 Fmt 4702 Sfmt 4702 responsible for making and executing these decisions. 6. Management reports. A recovery plan should require reports that provide management or the board of directors with sufficient data and information to make timely decisions regarding the appropriate actions necessary to respond to the breach of a trigger. 7. Communication procedures. A recovery plan should provide that the covered bank notify the OCC of any significant breach of a trigger and any action taken or to be taken in response to such breach and should explain the process for deciding when a breach of a trigger is significant. A recovery plan also should address when and how the covered bank will notify persons within the organization and other external parties of its action under the recovery plan. The recovery plan should specifically identify how the covered bank will obtain required regulatory or legal approvals. 8. Other information. A recovery plan should include any other information that the OCC communicates in writing directly to the covered bank regarding the covered bank’s recovery plan. C. Relationship to other processes; coordination with other plans. The covered bank should integrate its recovery plan into its risk management and corporate governance functions. The covered bank also should coordinate its recovery plan with its strategic; operational (including business continuity); contingency; capital (including stress testing); liquidity; and resolution planning. To the extent possible, the covered bank also should align its recovery plan with any recovery and resolution planning efforts by the covered bank’s holding company, so that the plans are consistent with and do not contradict each other. III. Management’s and Board of Directors’ Responsibilities The recovery plan should address the following management and board responsibilities: A. Management. Management should review the recovery plan at least annually and in response to a material event. It should revise the plan as necessary to reflect material changes in the covered bank’s risk profile, complexity, size, and activities, as well as changes in external threats. This review should evaluate the organizational structure and its effectiveness in facilitating a recovery. B. Board of directors. The board is responsible for overseeing the covered bank’s recovery planning process. The board of directors or an appropriate E:\FR\FM\17DEP1.SGM 17DEP1 Federal Register / Vol. 80, No. 242 / Thursday, December 17, 2015 / Proposed Rules committee of the board of directors of a covered bank should review and approve the recovery plan at least annually and as needed to address any changes made by management. Dated: December 10, 2015. Thomas J. Curry, Comptroller of the Currency. [FR Doc. 2015–31658 Filed 12–16–15; 8:45 am] BILLING CODE 4810–33–P FEDERAL HOUSING FINANCE BOARD 12 CFR Part 955 FEDERAL HOUSING FINANCE AGENCY 12 CFR Parts 1201 and 1268 RIN 2590–AA69 Acquired Member Assets Federal Housing Finance Board; Federal Housing Finance Agency. ACTION: Notice of proposed rulemaking; request for comment. AGENCY: The Federal Housing Finance Agency (FHFA) is proposing amendments to the existing Acquired Member Assets (AMA) regulation, which applies to the Federal Home Loan Banks (Banks). In particular, FHFA proposes to remove from the regulation requirements based on ratings issued by a Nationally Recognized Statistical Ratings Organization (NRSRO), as required by the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act). Additionally, FHFA proposes to transfer the AMA regulation from the former Federal Housing Finance Board (Finance Board) regulations to FHFA’s regulations. FHFA also proposes to reorganize the current regulation and to modify and clarify a number of provisions in the regulation. SUMMARY: FHFA must receive written comments on or before April 15, 2016. ADDRESSES: You may submit your comments, identified by Regulatory Information Number (RIN) 2590–AA69, by any of the following methods: • Agency Web site: www.fhfa.gov/ open-for-comment-or-input. • Federal eRulemaking Portal: http:// www.regulations.gov. Follow the instructions for submitting comments. If you submit your comment to the Federal eRulemaking Portal, please also send it by email to FHFA at RegComments@fhfa.gov to ensure timely receipt by the agency. Please Lhorne on DSK5TPTVN1PROD with PROPOSALS DATES: VerDate Sep<11>2014 15:08 Dec 16, 2015 Jkt 238001 include Comments/RIN 2590–AA69 in the subject line of the message. • Courier/Hand Delivery: The hand delivery address is: Alfred M. Pollard, General Counsel, Attention: Comments/ RIN 2590–AA69, Federal Housing Finance Agency, 400 Seventh Street SW., Eighth Floor, Washington, DC 20219. Deliver the package to the Seventh Street entrance Guard Desk, First Floor, on business days between 9 a.m. and 5 p.m. • U.S. Mail, United Parcel Service, Federal Express or Other Mail Service: The mailing address for comments is: Alfred M. Pollard, General Counsel, Attention: Comments/RIN 2590–AA69, Federal Housing Finance Agency, 400 Seventh Street SW., Eighth Floor, Washington, DC 20219. FOR FURTHER INFORMATION CONTACT: Christina Muradian, Principal Financial Analyst, Christina.Muradian@fhfa.gov, 202–649–3323, Division of Bank Regulation; or Thomas E. Joseph, Associate General Counsel, Thomas.Joseph@fhfa.gov, 202–649– 3076 (these are not toll-free numbers), Office of General Counsel, Federal Housing Finance Agency, 400 Seventh Street SW., Washington, DC 20219. The telephone number for the Telecommunications Device for the Hearing Impaired is 800–877–8339. SUPPLEMENTARY INFORMATION: I. Comments FHFA invites comments on all aspects of the proposed regulation. After considering all comments, FHFA will develop a final regulation. FHFA will post without change copies of all comments received on the FHFA Web site at http://www.fhfa.gov, and will include any personal information you provide, such as your name, address, email address, and telephone number. FHFA will make copies of all comments timely received available for examination by the public on business days between the hours of 10 a.m. and 3 p.m., at the Federal Housing Finance Agency, 400 Seventh Street SW., Eighth Floor, Washington, DC 20219. To make an appointment to inspect comments, please call the Office of General Counsel at 202–649–3804. II. Background A. Creation of the Federal Housing Finance Agency Effective July 30, 2008, the Housing and Economic Recovery Act of 2008 (HERA) 1 created FHFA as a new independent agency of the federal government. HERA transferred to FHFA 1 Public PO 00000 Law 110–289, 122 Stat. 2654 Frm 00013 Fmt 4702 Sfmt 4702 78689 the supervisory and oversight responsibilities of the Office of Federal Housing Enterprise Oversight (OFHEO) over the Federal National Mortgage Association (Fannie Mae), the Federal Home Loan Mortgage Corporation (Freddie Mac) (collectively, Enterprises), and of the Finance Board over the Banks and the Bank System’s Office of Finance. Under the legislation, the Enterprises, the Banks, and the Office of Finance continue to operate under regulations promulgated by OFHEO and the Finance Board until such regulations are superseded by regulations issued by FHFA.2 B. Dodd-Frank Act Provisions Section 939A of the Dodd-Frank Act requires federal agencies to: (i) Review regulations that require the use of an assessment of the creditworthiness of a security or money market instrument; and (ii) to the extent those regulations contain any references to, or requirements regarding credit ratings, remove such references or requirements.3 In place of such creditrating based requirements, the DoddFrank Act instructs agencies to substitute appropriate standards for determining creditworthiness. The new law further provides that, to the extent feasible, an agency should adopt a uniform standard of creditworthiness for use in its regulations, taking into account the entities regulated by it and the purposes for which such regulated entities would rely on the creditworthiness standard. On November 8, 2013, FHFA promulgated a final rule removing references to credit ratings in certain regulations governing the Banks; this rule became effective on May 7, 2014.4 That rulemaking removed references to credit ratings in FHFA regulations related to Bank investments, standby letters of credit, and liabilities.5 When those rule amendments were proposed, FHFA stated that it would undertake separate rulemakings to remove NRSRO references and requirements contained in the Banks’ capital regulations and in the regulations governing the Banks’ AMA programs.6 In this rulemaking, FHFA is proposing to remove the references to NRSRO credit ratings in 2 See 12 U.S.C. 4511, note. 15 U.S.C. 78o–7 note. 4 See Final Rule, Removal of References to Credit Ratings in Certain Regulations Governing the Federal Home Loan Banks, 78 FR 67004 (Nov. 8, 2013). 5 See 12 CFR parts 1267, 1269, and 1270. 6 See Proposed Rule, Removal of References to Credit Ratings in Certain Regulations Governing the Federal Home Loan Banks, 78 FR 30784, 30786 (May 23, 2013). 3 See E:\FR\FM\17DEP1.SGM 17DEP1

Agencies

[Federal Register Volume 80, Number 242 (Thursday, December 17, 2015)]
[Proposed Rules]
[Pages 78681-78689]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-31658]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

Office of the Comptroller of the Currency

12 CFR Part 30

[Docket ID OCC-2015-0017]
RIN 1557-AD96


Guidelines Establishing Standards for Recovery Planning by 
Certain Large Insured National Banks, Insured Federal Savings 
Associations, and Insured Federal Branches

AGENCY: Office of the Comptroller of the Currency, Treasury.

ACTION: Proposed guidelines.

-----------------------------------------------------------------------

SUMMARY: The Office of the Comptroller of the Currency (OCC) is 
requesting comment on proposed enforceable guidelines establishing 
standards for recovery planning by insured national banks, insured 
Federal savings associations, and insured Federal branches of foreign 
banks with average total consolidated assets of $50 billion or more 
(Guidelines). The OCC would issue the Guidelines as an appendix to its 
safety and soundness standards regulations, and the Guidelines would be 
enforceable by the terms of the Federal statute that authorizes the OCC 
to prescribe operational and managerial standards for national banks 
and Federal savings associations.

DATES: Comments must be submitted by February 16, 2016.

[[Page 78682]]


ADDRESSES: Because paper mail in the Washington, DC area and at the OCC 
is subject to delay, commenters are encouraged to submit comments 
through the Federal eRulemaking Portal or email, if possible. Please 
use the title ``Guidelines Establishing Standards for Recovery Planning 
by Certain Large Insured National Banks, Insured Federal Savings 
Associations, and Insured Federal Branches'' to facilitate the 
organization and distribution of the comments. You may submit comments 
by any of the following methods:
     Federal eRulemaking Portal--``Regulations.gov'': Go to 
http://www.regulations.gov. Enter ``Docket ID OCC-2015-0017'' in the 
Search Box and click ``Search''. Results can be filtered using the 
filtering tools on the left side of the screen. Click on ``Comment 
Now'' to submit public comments.
     Click on the ``Help'' tab on the Regulations.gov home page 
to get information on using Regulations.gov, including instructions for 
submitting public comments.
     Email: regs.comments@occ.treas.gov.
     Mail: Legislative and Regulatory Activities Division, 
Office of the Comptroller of the Currency, 400 7th Street SW., Suite 
3E-218, Mail Stop 9W-11, Washington, DC 20219.
     Hand Delivery/Courier: 400 7th Street SW., Suite 3E-218, 
Mail Stop 9W-11, Washington, DC 20219.
     Fax: (571) 465-4326.
    Instructions: You must include ``OCC'' as the agency name and 
``Docket ID OCC-2015-0017'' in your comment. In general, the OCC will 
enter all comments received into the docket and publish them on the 
Regulations.gov Web site without change, including any business or 
personal information that you provide such as name and address, email 
addresses, or phone numbers. Comments received, including attachments 
and other supporting materials, are part of the public record and 
subject to public disclosure. Do not enclose any information in your 
comment or supporting materials that you consider confidential or 
inappropriate for public disclosure.
    You may review comments and other related materials that pertain to 
this rulemaking action by any of the following methods:
     Viewing Comments Electronically: Go to http://www.regulations.gov. Enter ``Docket ID OCC-2015-0017'' in the Search 
box and click ``Search''. Comments can be filtered by agency name using 
the filtering tools on the left side of the screen.
     Click on the ``Help'' tab on the Regulations.gov home page 
to get information on using Regulations.gov, including instructions for 
viewing public comments, viewing other supporting and related 
materials, and viewing the docket after the close of the comment 
period.
     Viewing Comments Personally: You may personally inspect 
and photocopy comments at the OCC, 400 7th Street SW., Washington, DC. 
For security reasons, the OCC requires that visitors make an 
appointment to inspect comments. You may do so by calling (202) 649-
6700 or, for persons who are deaf or hard of hearing, TTY, (202) 649-
5597. Upon arrival, visitors will be required to present valid 
government-issued photo identification and to submit to a security 
screening in order to inspect and photocopy comments.
     Docket: You may also view or request available background 
documents and project summaries using the methods described above.

FOR FURTHER INFORMATION CONTACT: For questions concerning the 
Guidelines, contact Lori Bittner, Large Bank Supervision--Resolution 
and Recovery, (202) 649-6093; Stuart Feldstein, Director, Andra 
Shuster, Senior Counsel, or Karen McSweeney, Counsel, Legislative & 
Regulatory Activities Division, (202) 649-5490 or, for persons who are 
deaf or hard of hearing, TTY, (202) 649-5597; or Valerie Song, 
Assistant Director, Bank Activities and Structure Division, (202) 649-
5500, 400 7th Street SW., Washington, DC 20219.

SUPPLEMENTARY INFORMATION:

Background

    The recent financial crisis demonstrated the destabilizing effect 
that severe stress at large, complex, interconnected financial 
companies can have on the national economy, capital markets, and the 
overall financial stability of the banking system. Following the 
crisis, Congress passed the Dodd-Frank Wall Street Reform and Consumer 
Protection Act (Dodd-Frank Act); among other purposes, the Dodd-Frank 
Act was intended to strengthen the framework for the supervision and 
regulation of large U.S. financial companies in order to address the 
significant impact that these institutions can have on capital markets 
and the economy.
    One lesson learned from the crisis is the importance--especially in 
large or complex financial institutions--of strong risk management and 
corporate governance practices. In 2014, the OCC adopted heightened 
standards guidelines that address the risk management and corporate 
governance of large or complex banks.\1\ These guidelines establish 
minimum standards for the design and implementation of a corporate 
governance framework and for a bank's board of directors in overseeing 
the framework's design and implementation. The OCC believes that these 
heightened standards further the goals of the Dodd-Frank Act by 
clarifying the OCC's expectation that banks have robust practices in 
areas where the crisis revealed substantial weaknesses.
---------------------------------------------------------------------------

    \1\ 79 FR 54518 (Sept. 11, 2014) (OCC Guidelines Establishing 
Heightened Standards for Certain Large Insured National Banks, 
Insured Federal Savings Associations, and Insured Federal Branches; 
Integration of Regulations).
---------------------------------------------------------------------------

    Another important component of an institution's risk management and 
corporate governance practices is how an institution plans to respond 
to severe stress in a manner that preserves its financial and 
operational strength and viability. In the aftermath of the crisis, it 
became clear that many financial institutions had insufficient plans 
for identifying and responding rapidly to significant stress events. As 
a result, many institutions were forced to take significant actions 
quickly without the benefit of a well-developed plan. In addition, 
recent large-scale operational events, such as destructive cyber 
attacks, demonstrate the need for institutions to plan how to respond 
to such occurrences.
    The OCC believes that large, complex institutions should have a 
recovery plan that describes options for responding to stress events. 
Accordingly, the OCC is proposing to establish standards for recovery 
planning that would apply to insured national banks, insured Federal 
savings associations, and insured Federal branches of foreign banks 
(together, banks and each, a bank) with average total consolidated 
assets of $50 billion or more (together, covered banks and each, a 
covered bank).\2\ An institution's recovery planning should be a 
dynamic, ongoing process. This process should complement the 
institution's risk management and corporate governance functions and 
support its safe and sound operation. The process of developing and 
maintaining a recovery plan also should cause covered banks' management 
and boards of directors to enhance their focus on risk management and 
corporate governance with a view toward lessening the financial or 
operational impact of future unforeseen events.
---------------------------------------------------------------------------

    \2\ While the Dodd-Frank Act addresses resolution planning, it 
does not specifically address recovery planning.
---------------------------------------------------------------------------

    The OCC recognizes that many covered banks already engage in

[[Page 78683]]

significant planning to respond to events such as cyber attacks, 
business interruptions, and leadership vacancies. They undertake 
strategic, operational, contingency, capital (including stress 
testing), liquidity, and resolution planning. We do not intend for the 
recovery planning required by these Guidelines to duplicate these 
efforts, and we encourage covered banks to leverage their existing 
planning. Rather, the purpose of the Guidelines is to provide a 
comprehensive framework for evaluating how severe stress may affect the 
covered bank as a whole and the options that will allow it to remain 
viable even under severe stress.
    As described below, a covered bank should develop and maintain a 
recovery plan that identifies triggers based on severe stress 
scenarios. These scenarios should range from those that cause 
significant financial and operational hardship to those that bring the 
covered bank close to default, but no further; scenarios should not go 
so far as to push the covered bank into resolution. The plan should 
identify the credible options a covered bank could take to restore 
financial and operational strength and viability in a timely manner, 
while maintaining market confidence. Neither the plan nor the options 
may assume or rely on any extraordinary government support.
    As part of the OCC's regular supervisory activities, OCC examiners 
will assess the appropriateness and adequacy of the covered bank's 
recovery planning process and the integration of that process into the 
covered bank's overall risk management and corporate governance 
functions. Examiners will also assess the quality and reasonableness of 
a covered bank's recovery plan, including its triggers and the stress 
scenarios upon which the triggers are based, recovery options, impact 
assessments, and execution strategies, as well as the covered bank's 
management and board responsibilities.

Enforcement of the Guidelines

    The OCC is proposing these Guidelines pursuant to section 39 of the 
Federal Deposit Insurance Act (FDIA).\3\ Section 39 authorizes the OCC 
to prescribe safety and soundness standards in the form of a regulation 
or guidelines. The OCC currently has four sets of these guidelines, 
issued as appendices to part 30 of the OCC's regulations. Appendix A 
contains operational and managerial standards that relate to internal 
controls, information systems, internal audit systems, loan 
documentation, credit underwriting, interest rate exposure, asset 
growth, asset quality, earnings, compensation, fees, and benefits. 
Appendix B contains standards on information security, and Appendix C 
contains standards that address residential mortgage lending practices. 
Appendix D contains standards for the design and implementation of a 
risk governance framework.
---------------------------------------------------------------------------

    \3\ 12 U.S.C. 1831p-1. Section 39 was enacted as part of the 
Federal Deposit Insurance Corporation Improvement Act of 1991, 
Public Law 102-242, section 132(a), 105 Stat. 2236, 2267-70 (Dec. 
19, 1991).
---------------------------------------------------------------------------

    Section 39 prescribes different consequences depending on whether 
the standards are issued by regulation or guidelines. Pursuant to 
section 39, if a national bank or Federal savings association \4\ fails 
to meet a standard prescribed by regulation, the OCC must require it to 
submit a plan specifying the steps it will take to comply with the 
standard. If a national bank or Federal savings association fails to 
meet a standard prescribed by a guideline, the OCC has the discretion 
to decide whether to require the submission of a plan.\5\ Issuing these 
standards as guidelines rather than as a regulation provides the OCC 
with the flexibility to pursue the course of action that is most 
appropriate given the specific circumstances of a covered bank's 
noncompliance with one or more standards and the covered bank's self-
corrective and remedial responses.
---------------------------------------------------------------------------

    \4\ Section 39 of the FDIA applies to ``insured depository 
institutions,'' which includes insured Federal branches of foreign 
banks. While we do not specifically refer to these entities in this 
discussion, it should be read to include them. However, section 39 
does not apply to uninsured depository institutions.
    \5\ See 12 U.S.C. 1831p-1(e)(1)(A)(i) and (ii).
---------------------------------------------------------------------------

    The procedural rules implementing the supervisory and enforcement 
remedies prescribed by section 39 are contained in part 30 of the OCC's 
rules. Under these provisions, the OCC may initiate a supervisory or 
enforcement process when it determines, by examination or otherwise, 
that a national bank or Federal savings association has failed to meet 
the standards set forth in the Guidelines.\6\ Upon making that 
determination, the OCC may request, in writing, that the national bank 
or Federal savings association submit a compliance plan to the OCC 
detailing the steps the institution will take to correct the 
deficiencies and the time within which it will take those steps. This 
request is termed a Notice of Deficiency. Upon receiving a Notice of 
Deficiency from the OCC, the national bank or Federal savings 
association must submit a compliance plan to the OCC for approval 
within 30 days.
---------------------------------------------------------------------------

    \6\ The procedures governing the determination and notification 
of failure to satisfy a standard prescribed pursuant to section 39, 
the filing and review of compliance plans, and the issuance, if 
necessary, of orders currently are set forth in the OCC's 
regulations at 12 CFR 30.3, 30.4, and 30.5.
---------------------------------------------------------------------------

    If a national bank or Federal savings association fails to submit 
an acceptable compliance plan or fails in any material respect to 
implement a compliance plan approved by the OCC, the OCC may issue a 
Notice of Intent to Issue an Order pursuant to section 39 (Notice of 
Intent). The bank or savings association then has 14 days to respond to 
the Notice of Intent. After considering the bank's or savings 
association's response, the OCC may issue the order, decide not to 
issue the order, or seek additional information from the bank or 
savings association before making a final decision. Alternatively, the 
OCC may issue an order without providing the bank or savings 
association with a Notice of Intent. In such a case, the bank or 
savings association may appeal after-the-fact to the OCC, and the OCC 
has 60 days to consider the appeal. Upon the issuance of an order, a 
bank or savings association is deemed to be in noncompliance with part 
30. Orders are formal, public documents, and they may be enforced by 
the OCC in district court. The OCC may also assess a civil money 
penalty, pursuant to 12 U.S.C. 1818, against any bank or savings 
association that violates or otherwise fails to comply with any final 
order and against any institution-affiliated party who participates in 
such violation or noncompliance.

Description of the OCC's Guidelines for Recovery Planning

    The proposed Guidelines consist of three sections. Section I 
provides an introduction to the Guidelines, explains the scope of the 
Guidelines, and defines key terms. Section II sets forth the standards 
for the design and execution of a covered bank's recovery plan. Section 
III provides the standards for management's and the board of directors' 
responsibilities in connection with the recovery plan.

Section I: Introduction

    Scope. The Guidelines would apply to a bank with average total 
consolidated assets equal to or greater than $50 billion as of the 
effective date of the Guidelines (calculated by averaging the covered 
bank's total consolidated assets, as reported on the bank's 
Consolidated Reports of Condition and Income (Call Reports), for the 
four most recent consecutive quarters). This threshold is consistent 
with the scope of the regulations of the Federal Deposit Insurance 
Corporation (FDIC) and Board

[[Page 78684]]

of Governors of the Federal Reserve System (Board) that require certain 
entities to prepare resolution plans.\7\ For those banks that have 
average total consolidated assets less than $50 billion as of the 
effective date of the Guidelines, but subsequently have average total 
consolidated assets of $50 billion or greater, the date on which the 
Guidelines would apply is the as-of date of the most recent Call Report 
used in the calculation of the average.\8\ Once a bank becomes subject 
to the Guidelines because its average total consolidated assets reach 
or exceed the $50 billion threshold, it would be required to continue 
to comply with the Guidelines, unless the OCC specifically determines 
that compliance is not required.
---------------------------------------------------------------------------

    \7\ See 12 CFR 381.2(f) and 243.2(f), respectively. See also 12 
CFR 360.10.
    \8\ While the Guidelines would apply as of the date of the most 
recent Call Report used in the calculation of the average total 
consolidated assets of the covered bank, we understand that a newly 
covered bank will need time to formulate a recovery plan and expect 
the bank to work with its OCC examiners during this period.
---------------------------------------------------------------------------

    In order to maintain supervisory flexibility, the proposed 
Guidelines would reserve the OCC's authority to apply the Guidelines to 
a bank whose average total consolidated assets are less than $50 
billion if the OCC determines such entity's operations are highly 
complex or otherwise present a heightened risk that warrants 
application of the Guidelines. The OCC expects to use this authority 
infrequently; it does not intend to apply the Guidelines to community 
banks.
    In determining whether a bank's operations are highly complex or 
present a heightened risk, the OCC will consider the bank's risk 
profile, size, activities, and complexity, including the complexity of 
its organizational and legal entity structure. Additionally, as noted 
above, the OCC may determine that a covered bank is no longer required 
to comply with the Guidelines. The OCC would generally make this 
determination if a covered bank's operations are no longer highly 
complex or no longer present a heightened risk.
    When exercising any of these reservations of authority, the OCC 
would apply notice and response procedures consistent with those set 
out in 12 CFR 3.404. In accordance with these procedures, the OCC would 
provide a bank or covered bank, as appropriate, with written notice of 
its proposed determination under this paragraph of the Guidelines, and 
the bank or covered bank would have 30 days to respond in writing. The 
OCC would consider failure to respond within this time frame a waiver 
of any objections. At the conclusion of the 30 days, the OCC would 
issue a written notice of its final determination.
    As discussed above, the Guidelines would be enforceable pursuant to 
section 39 of the FDIA and part 30 of the OCC's rules. Section I of the 
Guidelines provides that nothing in section 39 or the Guidelines in any 
way limits the authority of the OCC to address unsafe or unsound 
practices or conditions or other violations of law.\9\
---------------------------------------------------------------------------

    \9\ Section 39 preserves all authority otherwise available to 
the OCC, stating, ``The authority granted by this section is in 
addition to any other authority of the Federal banking agencies.'' 
See 12 U.S.C. 1831p-1(g).
---------------------------------------------------------------------------

    Definitions. Paragraph D of Section I defines certain terms used 
throughout the Guidelines, including ``average total consolidated 
assets,'' ``bank,'' ``covered bank,'' ``recovery,'' ``recovery plan,'' 
and ``trigger.'' The term ``recovery'' means timely and appropriate 
action that a covered bank takes to remain a going concern when it is 
experiencing or is likely to experience considerable financial or 
operational distress. A covered bank in recovery has not yet 
deteriorated to the point where liquidation or resolution is imminent. 
A ``recovery plan'' is a plan that identifies triggers and options for 
responding to a wide range of severe internal and external stress 
scenarios and for restoring a covered bank to financial and operational 
strength and viability in a timely manner, while maintaining the 
confidence of market participants. Neither the plan nor the options may 
assume or rely on any extraordinary government support. ``Trigger'' 
means a quantitative or qualitative indicator of the risk or existence 
of severe stress that should always be escalated to management or the 
board of directors, as appropriate, for purposes of initiating a 
response. The breach of any trigger should result in timely notice 
accompanied by sufficient information to enable management of the 
covered bank to take corrective action.

Section II: Recovery Plan

    Each covered bank should develop and maintain a recovery plan 
appropriate for its individual risk profile, size, activities, and 
complexity, including the complexity of its organizational and legal 
entity structure. Section II sets forth the elements that the covered 
bank should include in a recovery plan.\10\
---------------------------------------------------------------------------

    \10\ A covered bank can use information included in its 
resolution plan to prepare its recovery plan.
---------------------------------------------------------------------------

    1. Overview of covered bank. It is important that a recovery plan 
provide a detailed description of the covered bank's overall 
organizational and legal structure, including its material entities, 
critical operations, core business lines, and core management 
information systems. The description should explain interconnections 
and interdependencies \11\ (i) across business lines within the covered 
bank, (ii) with affiliates in a bank holding company structure, (iii) 
between a covered bank and its foreign subsidiaries, and (iv) with 
critical third parties. The description should address whether a 
disruption of these interconnections or interdependencies would 
materially affect the funding or operations of the covered bank and, if 
so, how. Examples include relationships with respect to credit 
exposures, investments, or funding commitments; guarantees including an 
acceptance, endorsement, or letter of credit issued for the benefit of 
an affiliate during normal periods, as opposed to during a crisis; and 
payment services, treasury operations, collateral management, 
information technology (IT), human resources (HR), or other operational 
functions. This overview is an essential part of the recovery plan.
---------------------------------------------------------------------------

    \11\ We are using the terms ``interconnections'' and 
``interdependencies'' in a manner consistent with FDIC and Board 
resolution plan regulations. See supra note 7.
---------------------------------------------------------------------------

    2. Triggers. As defined above, a trigger is a quantitative or 
qualitative indicator of the risk or existence of severe stress that 
should always be escalated to management or the board of directors, as 
appropriate, for purposes of initiating a response. In order to 
identify triggers that appropriately reflect the particular 
vulnerabilities of each covered bank, the bank should begin by 
designing severe stress scenarios that would threaten the covered 
bank's critical operations or cause it to fail if one or more recovery 
options were not implemented in a timely manner. Because a recovery 
plan should demonstrate the ability of the covered bank to restore its 
financial and operational strength and viability, these scenarios 
should range from those that cause significant financial and 
operational hardship to those that bring the covered bank close to 
default, but not into resolution.\12\
---------------------------------------------------------------------------

    \12\ Separate from these Guidelines, covered banks are required 
to conduct supervisory stress tests. While the scenarios used to 
conduct those tests may be appropriate for purposes of identifying 
triggers under these Guidelines, a covered bank should evaluate the 
appropriateness of those scenarios on a case-by-case basis.
---------------------------------------------------------------------------

    The covered bank should consider a range of bank-specific and 
market-wide stress scenarios, individually and in the aggregate, that 
are immediate and prolonged. The stress scenarios should be designed to 
result in capital shortfalls, liquidity pressures, or other significant 
financial losses. Examples of

[[Page 78685]]

bank-specific stress scenarios include fraud; portfolio shocks; a 
significant cyber attack \13\ or other wide-scale operational event; 
accounting and tax issues; events that cause a reputational crisis that 
degrades customer or market confidence; and other key stresses that 
management identifies. Examples of market-wide stress scenarios include 
the disruption of domestic or global financial markets; the failure or 
impairment of systemically important financial industry participants, 
critical financial market infrastructure firms, and critical third-
party relationships; significant changes in debt or equity valuations, 
currency rates, or interest rates; the widespread interruption of 
critical infrastructure that may degrade operational capability; \14\ 
and general economic conditions.
---------------------------------------------------------------------------

    \13\ An example of a significant cyber attack includes an event 
that has an impact on a bank's computer network(s) or the computer 
network(s) of one of its third-party providers and that undermines 
the covered bank's data or processes.
    \14\ An example of this type of interruption includes a 
disruption to a payment, clearing, or settlement system that affects 
the covered bank's ability to access that system.
---------------------------------------------------------------------------

    As provided in the definition of ``trigger,'' the breach of a 
trigger should always be escalated to management or the board of 
directors, as appropriate, for its consideration of an appropriate 
response. The breach of any trigger should result in timely notice 
accompanied by sufficient information to enable management of the 
covered bank to take corrective action. A covered bank should select 
triggers that address a continuum of increasingly severe stress, 
ranging from those that provide a warning of the likely occurrence of 
severe stress to those that indicate the actual existence of severe 
stress. The number and nature of triggers should be appropriate for the 
covered bank's business and risk profile.
    The nature of the trigger informs the nature of the response. For 
example, in some situations, the appropriate response to the breach of 
a trigger may be enhanced monitoring; in other situations, the breach 
of a trigger should result in activating a specific recovery option set 
forth in the plan or taking other corrective action. It should be 
noted, however, that the breach of a particular trigger does not 
necessarily correspond to a single recovery option; instead, more than 
one option may be appropriate when a particular trigger is breached.
    A recovery plan should include both quantitative and qualitative 
triggers. Quantitative triggers include changes in covered bank-
specific indicators that reflect the covered bank's capital or 
liquidity position. While capital or liquidity triggers may be the most 
critical, a covered bank should also consider other quantitative 
triggers that may have an impact on its condition, such as a rating 
downgrade; access to credit and borrowing lines; equity ratios; 
profitability; asset quality; or other macroeconomic indicators. Of 
course, a covered bank should be prepared to act to preserve the 
financial and operational strength and viability of the bank if it is 
at risk, regardless of whether a trigger has been breached or the 
recovery plan includes options to specifically address the problems the 
bank faces.
    Qualitative triggers include the unexpected departure of senior 
leadership; the erosion of reputation or market standing; the impact of 
an adverse legal ruling; and a material operational event that affects 
the covered bank's ability to access critical services or to deliver 
products or services to its customers for a material period of time. It 
is important to note that the covered bank should review and update 
both qualitative and quantitative triggers, as necessary, to take into 
account changes in laws and regulations and other material events. In 
addition, a covered bank should consider the regulatory or legal 
consequences that may be associated with the breach of a particular 
trigger.
    3. Options for recovery. The recovery plan should identify a wide 
range of credible options that a covered bank could undertake to 
restore financial and operational strength and viability, thereby 
allowing the bank to continue to operate as a going concern and to 
avoid liquidation or resolution. A covered bank should be able to 
execute the identified options within time frames that allow those 
options to be effective during periods of stress. Neither the plan nor 
the options may assume or rely on any extraordinary government support.
    A recovery plan should explain how the covered bank would carry out 
each option. It should include a description of the decision-making 
process for implementing each option, including the steps to be 
followed and any timing considerations. It should also identify the 
critical parties needed to carry out each option. Options may include 
the conservation or restoration of liquidity and capital; the sale, 
transfer, or disposal of significant assets, portfolios, or business 
lines; the reduction of risk profile; the restructuring of liabilities; 
the activation of emergency protocols; and succession planning. Options 
may also include organizational restructuring, including divesting 
legal entities in order to simplify the covered bank's structure. The 
recovery plan should also identify obstacles that could impede the 
execution of an option and set out mitigation strategies for addressing 
these obstacles. The recovery plan should specifically identify 
recovery options that require regulatory or legal approval.
    Set forth below are examples of how stress scenarios, triggers, and 
options relate to each other:

------------------------------------------------------------------------
 Example of a severe stress                          Possible options in
          scenario              Possible triggers   response to triggers
------------------------------------------------------------------------
Idiosyncratic stress:          Tier 1        Issue new
 Trading losses caused by a    capital falls below   capital.
 rogue trader.                 6%.                   Sell
                               Liquidity     nonstrategic assets
                               falls below           or businesses.
                               internal bank         Reduce loan
                               policy requirements.  originations or
                                                     commitments.
Systemic stress: Significant   Short-term    Sell
 decline in U.S. gross         credit rating falls   strategic assets or
 domestic product, coupled     below A-3.            businesses.
 with an increase in the                     Reduce
 U.S. unemployment rate and    Nonperforming loans   expenses (e.g.,
 a deterioration in U.S.       rise above a          business
 residential housing market.   specified             contractions).
                               percentage.           Access the
                               Market        Board's Discount
                               capitalization        Window.
                               falls below a
                               specific limit for
                               a certain period of
                               time.
------------------------------------------------------------------------

    4. Impact assessments. For each recovery option, a covered bank 
should assess and describe how the option would affect the covered 
bank. This impact assessment and description should specify the 
procedures the covered bank would use to maintain the financial and 
operational strength and viability of its material entities, critical

[[Page 78686]]

operations, and core business lines for each recovery option. This 
assessment should include an analysis of both its internal operations 
(e.g., IT systems, suppliers, HR operations) and its access to market 
infrastructure (e.g., clearing and settlement facilities, payment 
systems, additional collateral requirements). A recovery plan should 
also specify actions a firm can take to sell entities, assets, or 
business lines to restore the financial condition of the covered bank. 
For each recovery option, a covered bank should identify any 
impediments or regulatory requirements that must be addressed to 
execute the option, including how to overcome those impediments or 
satisfy those requirements. Each recovery option also should address 
potential consequences, including the benefits and risks of that 
particular option. The assessment should address the impact on the 
covered bank's capital, liquidity, funding and profitability; and the 
effect on the covered bank's material entities, critical operations, 
and core business lines, including reputational impact.
    5. Escalation procedures. A recovery plan should clearly outline 
the process for escalating decision-making to senior management or the 
board of directors, as appropriate, in response to the breach of a 
trigger. The recovery plan should also identify the departments and 
persons responsible for making and executing these decisions, including 
the process for informing necessary stakeholders (e.g., shareholders, 
counsel, accountants, regulators) to effect the action. At a minimum, 
the escalation procedures should result in the covered bank taking 
action before remedial supervisory action is necessary.
    6. Management reports. A recovery plan should require reports that 
provide management or the board of directors with sufficient data and 
information to make timely decisions regarding the appropriate actions 
necessary to respond to the breach of a trigger. A recovery plan should 
identify the types of reports that the covered bank will provide to 
allow management or the board to monitor progress with respect to the 
actions taken under the recovery plan.
    7. Communication procedures. A recovery plan should provide that 
the covered bank notify the OCC of any significant breach of a trigger 
and any action taken or to be taken in response to such breach and 
should explain the process for deciding when a breach of a trigger is 
significant. A covered bank should work closely with the OCC when 
executing a recovery plan.
    A recovery plan also should address when and how the covered bank 
will notify persons within the organization and other external parties 
of its actions under the recovery plan. These elements will ensure that 
all stakeholders are informed in a timely manner of how the covered 
bank responds to a breach of a trigger. In addition, the recovery plan 
should specifically identify how the covered bank will obtain required 
regulatory or legal approvals in order to ensure that the covered bank 
receives such approval in a timely manner.
    8. Other information. A recovery plan should include any other 
information that the OCC communicates in writing directly to the 
covered bank regarding the covered bank's recovery plan. A well-
developed recovery plan should also consider relevant information 
included in other written OCC or Federal Financial Institutions 
Examination Council material.
    C. Relationship to other processes; coordination with other plans. 
The covered bank should integrate its recovery plan into its corporate 
governance and risk management functions. The covered bank also should 
coordinate its recovery plan with its strategic; operational (including 
business continuity); contingency; capital (including stress testing); 
liquidity; and resolution planning. In many cases, these plans may be 
interconnected and would require the covered bank to coordinate among 
them. In addition, to the extent possible, a covered bank should align 
its recovery plan with any recovery and resolution planning efforts by 
the covered bank's holding company so that the plans are consistent 
with and do not contradict each other. We recognize that some 
inconsistency may be unavoidable because recovery planning and 
resolution planning differ in that recovery planning addresses a bank's 
ongoing financial and operational strength and viability while 
resolution planning starts from the point of non-viability.
    The OCC notes that covered banks are an integral part of bank 
holding company recovery and resolution plans. As a result, a covered 
bank may be able to leverage certain elements in these other plans. For 
example, resolution plans typically require a bank to map its critical 
operations. A covered bank may find this resolution planning mapping 
exercise to be useful in describing its interconnections and 
interdependencies as set out in its recovery plan overview.

Section III: Management's and Board of Directors' Responsibilities

    Section III of the proposed Guidelines addresses the 
responsibilities of both management and the board of directors with 
respect to the recovery plan.
    Management of the covered bank should review the recovery plan at 
least annually and in response to a material event. It should revise 
the plan as necessary to reflect material changes in the covered bank's 
risk profile, complexity, size, and activities, as well as changes in 
external threats. During this review, management should consider the 
ongoing relevance and applicability of the stress scenarios and 
triggers and revise the recovery plan as needed. This review should 
evaluate the covered bank's organizational structure and its 
effectiveness in facilitating a recovery. The assessment should 
consider the legal structures, number of entities, geographical 
footprint, booking practices (e.g., guarantees, exposures), and 
servicing arrangements necessary to enable flexible operations. The 
board and management should provide justification for the covered 
bank's organizational and legal structures and outline changes that 
would enhance the board's and management's ability to oversee the 
covered bank in times of stress. A more rational legal structure can 
provide a clearer path to recovery and the operational flexibility to 
implement the recovery plan.
    The board is responsible for overseeing the covered bank's recovery 
planning process. As part of the board's oversight of a covered bank's 
safe and sound operations, the board also should work closely with the 
bank's senior management in developing and executing the recovery plan. 
Accordingly, the Guidelines provide that a covered bank's board of 
directors, or an appropriate committee of the board, should review and 
approve the recovery plan at least annually and as needed to address 
any changes made by management.

Request for Comments

    The OCC requests comment on all aspects of the proposed Guidelines.

Regulatory Analysis

Paperwork Reduction Act

    The OCC has determined that this proposal involves collections of 
information pursuant to the provisions of the Paperwork Reduction Act 
of 1995 (PRA) (44 U.S.C. 3501 et seq.). The OCC may not conduct or 
sponsor, and an organization is not required to respond to, these 
information collection requirements unless the information collection 
displays a currently valid Office of Management and Budget (OMB) 
control number. The OCC is seeking a control number for this

[[Page 78687]]

collection from OMB and has submitted this collection to OMB.
    The collections of information that are subject to the PRA in this 
proposal are found in 12 CFR part 30, appendix E, sections II.B., 
II.C., and III. Section II.B. specifies the elements of the recovery 
plan, including an overview of the covered bank; triggers; options for 
recovery; impact assessments; escalation procedures; management 
reports; and communication procedures. Section II.C. addresses the 
relationship of the plan to other covered bank processes and plans, as 
well as those of its bank holding company. Section III outlines 
management's and board of directors' responsibilities.
    Title: OCC Guidelines Establishing Standards for Recovery Planning 
by Certain Large Insured National Banks, Insured Federal Savings 
Associations, and Insured Federal Branches.
    OMB Control No.: To be assigned by OMB.
    Frequency of Response: On occasion.
    Affected Public: Businesses or other for-profit organizations.
    Burden Estimates:
    Total Number of Respondents: 23.
    Total Burden per Respondent: 7,543 hours.
    Total Burden for Collection: 173,489 hours.
    Comments should be submitted as provided in the ADDRESSES section 
and are invited on: (1) Whether the proposed collection of information 
is necessary for the proper performance of the OCC's functions; 
including whether the information has practical utility; (2) the 
accuracy of the OCC's estimate of the burden of the proposed 
information collection, including the cost of compliance; (3) ways to 
enhance the quality, utility, and clarity of the information to be 
collected; and (4) ways to minimize the burden of information 
collection on respondents, including through the use of automated 
collection techniques or other forms of IT.

Regulatory Flexibility Analysis

    Pursuant to section 605(b) of the Regulatory Flexibility Act, 5 
U.S.C. 605(b) (RFA), the regulatory flexibility analysis otherwise 
required under section 603 of the RFA is not required if the agency 
certifies that the proposal will not, if promulgated, have a 
significant economic impact on a substantial number of small entities 
(defined for purposes of the RFA to include commercial banks and 
savings institutions with assets less than or equal to $550 million and 
trust companies with assets less than or equal to $38.5 million) and 
publishes its certification and a short, explanatory statement in the 
Federal Register along with its proposal.
    The proposed Guidelines would have no impact on any small entities. 
The proposed Guidelines would apply only to insured national banks, 
insured Federal savings associations, and insured Federal branches of 
foreign banks with $50 billion or more in average total consolidated 
assets. The proposed Guidelines reserve the OCC's authority to apply 
them to an insured national bank, insured Federal savings association, 
or insured Federal branch of a foreign bank with less than $50 billion 
in average total consolidated assets if the OCC determines such 
entity's operations are highly complex or otherwise present a 
heightened risk. We do not expect any small entities will be determined 
to have highly complex operations or present heightened risk by the 
OCC. Therefore, the OCC certifies that the proposed Guidelines would 
not, if issued, have a significant economic impact on a substantial 
number of small entities.

Unfunded Mandates Reform Act Analysis

    Section 202 of the Unfunded Mandates Reform Act of 1995 (2 U.S.C. 
1532), requires the OCC to prepare a budgetary impact statement before 
promulgating a rule that includes a Federal mandate that may result in 
the expenditure by State, local, and tribal governments, in the 
aggregate, or by the private sector, of $100 million or more in any one 
year (adjusted annually for inflation). The OCC has determined that 
this proposal will not result in expenditures by State, local, and 
tribal governments, or the private sector, of $100 million or more in 
any one year. Accordingly, the OCC has not prepared a budgetary impact 
statement.

List of Subjects in 12 CFR Part 30

    Banks, Banking, Consumer protection, National banks, Privacy, 
Safety and soundness, Reporting and recordkeeping requirements.

    For the reasons set forth in the preamble, and under the authority 
of 12 U.S.C. 93a, chapter I of title 12 of the Code of Federal 
Regulations is proposed to be amended as follows:

PART 30--SAFETY AND SOUNDNESS STANDARDS

0
1. The authority citation for part 30 continues to read as follows:

    Authority: 12 U.S.C. 1, 93a, 371, 1462a, 1463, 1464, 1467a, 
1818, 1828, 1831p-1, 1881-1884. 3102(b) and 5412(b)(2)(B); 15 U.S.C. 
1681s, 1681w, 6801, and 6805(b)(1).

0
2. Add Appendix E to part 30 to read as follows:

Appendix E to Part 30--OCC Guidelines Establishing Standards for 
Recovery Planning by Certain Large Insured National Banks, Insured 
Federal Savings Associations, and Insured Federal Branches

Table of Contents

I. Introduction
    A. Scope
    B. Reservation of Authority
    C. Preservation of Existing Authority
    D. Definitions
II. Recovery Plan
    A. Recovery Plan
    B. Elements of Recovery Plan
    1. Overview of Covered Bank
    2. Triggers
    3. Options for Recovery
     4. Impact Assessments
     5. Escalation Procedures
     6. Management Reports
     7. Communication Procedures
     8. Other Information
     C. Relationship to Other Processes; Coordination With Other 
Plans
 III. Management's and Board of Directors' Responsibilities
     A. Management
     B. Board of Directors

I. Introduction

    A. Scope. This appendix applies to a covered bank, as defined in 
paragraph I.D.3.
    B. Reservation of authority.
    1. The OCC reserves the authority:
    a. To apply this appendix, in whole or in part, to a bank that has 
average total consolidated assets of less than $50 billion, if the OCC 
determines such bank is highly complex or otherwise presents a 
heightened risk that warrants the application of this appendix; or
    b. To determine that compliance with this appendix should not be 
required for a covered bank. The OCC will generally make the 
determination under this paragraph I.B.1.b. if a covered bank's 
operations are no longer highly complex or no longer present a 
heightened risk.
    2. In determining whether a covered bank is highly complex or 
presents a heightened risk, the OCC will consider the bank's risk 
profile, size, activities, and complexity, including the complexity of 
its organizational and legal entity structure. Before exercising the 
authority reserved by this paragraph I.B, the OCC will apply notice and 
response procedures in the same manner and to the same extent as the 
notice and response procedures in 12 CFR 3.404.
    C. Preservation of existing authority. Neither section 39 of the 
Federal Deposit Insurance Act (12 U.S.C. 1831p-1) nor this appendix in 
any way limits the authority of the OCC to

[[Page 78688]]

address unsafe or unsound practices or conditions or other violations 
of law. The OCC may take action under section 39 and this appendix 
independently of, in conjunction with, or in addition to any other 
enforcement action available to the OCC.
    D. Definitions.
    1. Average total consolidated assets means the average total 
consolidated assets of the bank or the covered bank, as reported on the 
bank's or covered bank's Call Reports for the four most recent 
consecutive quarters.
    2. Bank means any insured national bank, insured Federal savings 
association, or insured Federal branch of a foreign bank.
    3. Covered bank means any bank--
    (a) With average total consolidated assets equal to or greater than 
$50 billion; or
    (b) With average total consolidated assets less than $50 billion, 
if the OCC determines that such bank is highly complex or otherwise 
presents a heightened risk as to warrant the application of this 
appendix pursuant to paragraph I.B.1.a.
    4. Recovery means timely and appropriate action that a covered bank 
takes to remain a going concern when it is experiencing or is likely to 
experience considerable financial or operational distress. A covered 
bank in recovery has not yet deteriorated to the point where 
liquidation or resolution is imminent.
    5. Recovery plan means a plan that identifies triggers and options 
for responding to a wide range of severe internal and external stress 
scenarios and to restore a covered bank that is in recovery to 
financial and operational strength and viability in a timely manner. 
The options should maintain the confidence of market participants, and 
neither the plan nor the options may assume or rely on any 
extraordinary government support.
    6. Trigger means a quantitative or qualitative indicator of the 
risk or existence of severe stress that should always be escalated to 
management or the board of directors, as appropriate, for purposes of 
initiating a response. The breach of any trigger should result in 
timely notice accompanied by sufficient information to enable 
management of the covered bank to take corrective action.

II. Recovery Plan

    A. Recovery plan. Each covered bank should develop and maintain a 
recovery plan that is appropriate for its individual risk profile, 
size, activities, and complexity, including the complexity of its 
organizational and legal entity structure.
    B. Elements of recovery plan. A recovery plan under paragraph II.A. 
should include the following elements:
    1. Overview of covered bank. A recovery plan should describe the 
covered bank's overall organizational and legal structure, including 
its material entities, critical operations, core business lines, and 
core management informational systems. The plan should describe 
interconnections and interdependencies (i) across business lines within 
the covered bank, (ii) with affiliates in a bank holding company 
structure, (iii) between a covered bank and its foreign subsidiaries, 
and (iv) with critical third parties.
    2. Triggers. A recovery plan should identify triggers that 
appropriately reflect the covered bank's particular vulnerabilities.
    3. Options for recovery. A recovery plan should identify a wide 
range of credible options that a covered bank could undertake to 
restore financial and operational strength and viability, thereby 
allowing the bank to continue to operate as a going concern and to 
avoid liquidation or resolution. A recovery plan should explain how the 
covered bank would carry out each option and describe the timing 
required for carrying out each option. The recovery plan should 
specifically identify the recovery options that require regulatory or 
legal approval.
    4. Impact assessments. For each recovery option, a covered bank 
should assess and describe how the option would affect the covered 
bank. This impact assessment and description should specify the 
procedures the covered bank would use to maintain the financial and 
operational strength and viability of its material entities, critical 
operations, and core business lines for each recovery option. For each 
option, the recovery plan should address the following:
    a. The effect on the covered bank's capital, liquidity, funding and 
profitability;
    b. The effect on the covered bank's material entities, critical 
operations and core business lines, including reputational impact; and
    c. Any legal or market impediment or regulatory requirement that 
must be addressed or satisfied in order to implement the option.
    5. Escalation procedures. A recovery plan should clearly outline 
the process for escalating decision-making to senior management or the 
board of directors, as appropriate, in response to the breach of a 
trigger. The recovery plan should also identify the departments and 
persons responsible for making and executing these decisions.
    6. Management reports. A recovery plan should require reports that 
provide management or the board of directors with sufficient data and 
information to make timely decisions regarding the appropriate actions 
necessary to respond to the breach of a trigger.
    7. Communication procedures. A recovery plan should provide that 
the covered bank notify the OCC of any significant breach of a trigger 
and any action taken or to be taken in response to such breach and 
should explain the process for deciding when a breach of a trigger is 
significant. A recovery plan also should address when and how the 
covered bank will notify persons within the organization and other 
external parties of its action under the recovery plan. The recovery 
plan should specifically identify how the covered bank will obtain 
required regulatory or legal approvals.
    8. Other information. A recovery plan should include any other 
information that the OCC communicates in writing directly to the 
covered bank regarding the covered bank's recovery plan.
    C. Relationship to other processes; coordination with other plans. 
The covered bank should integrate its recovery plan into its risk 
management and corporate governance functions. The covered bank also 
should coordinate its recovery plan with its strategic; operational 
(including business continuity); contingency; capital (including stress 
testing); liquidity; and resolution planning. To the extent possible, 
the covered bank also should align its recovery plan with any recovery 
and resolution planning efforts by the covered bank's holding company, 
so that the plans are consistent with and do not contradict each other.

III. Management's and Board of Directors' Responsibilities

    The recovery plan should address the following management and board 
responsibilities:
    A. Management. Management should review the recovery plan at least 
annually and in response to a material event. It should revise the plan 
as necessary to reflect material changes in the covered bank's risk 
profile, complexity, size, and activities, as well as changes in 
external threats. This review should evaluate the organizational 
structure and its effectiveness in facilitating a recovery.
    B. Board of directors. The board is responsible for overseeing the 
covered bank's recovery planning process. The board of directors or an 
appropriate

[[Page 78689]]

committee of the board of directors of a covered bank should review and 
approve the recovery plan at least annually and as needed to address 
any changes made by management.

    Dated: December 10, 2015.
Thomas J. Curry,
Comptroller of the Currency.
[FR Doc. 2015-31658 Filed 12-16-15; 8:45 am]
 BILLING CODE 4810-33-P