Guidelines for Evaluating Account and Services Requests, 12957-12962 [2022-04897]

Download as PDF Federal Register / Vol. 87, No. 45 / Tuesday, March 8, 2022 / Notices 12957 CALENDAR OF REPORTING DATES FOR MINNESOTA SPECIAL ELECTIONS—Continued Reg./cert. & overnight mailing deadline Close of books 1 Report October Quarterly ...................................................................................................... 09/30/2022 10/15/2022 Filing deadline 2 10/15/2022 1 The reporting period always begins the day after the closing date of the last report filed. If the committee is new and has not previously filed a report, the first report must cover all activity that occurred before the committee registered as a political committee up through the close of books for the first report due. 2 Notice that this filing deadline falls on a weekend or federal holiday. Filing deadlines are not extended when they fall on nonworking days. Accordingly, reports filed by methods other than registered, certified or overnight mail, or electronically, must be received before the Commission’s close of business on the last business day before the deadline. Dated: March 1, 2022. On behalf of the Commission. Allen Dickerson, Chairman, Federal Election Commission. Comments can also be sent electronically to Comments.applications@stls.frb.org: 1. Southern Bancorp, Inc., Arkadelphia, Arkansas; to merge with FCB Financial Services, Inc., Marion, Arkansas, and thereby indirectly acquire Premier Bank of Arkansas, Jonesboro, Arkansas. [FR Doc. 2022–04898 Filed 3–7–22; 8:45 am] BILLING CODE 6715–01–P FEDERAL RESERVE SYSTEM lotter on DSK11XQN23PROD with NOTICES1 Formations of, Acquisitions by, and Mergers of Bank Holding Companies The companies listed in this notice have applied to the Board for approval, pursuant to the Bank Holding Company Act of 1956 (12 U.S.C. 1841 et seq.) (BHC Act), Regulation Y (12 CFR part 225), and all other applicable statutes and regulations to become a bank holding company and/or to acquire the assets or the ownership of, control of, or the power to vote shares of a bank or bank holding company and all of the banks and nonbanking companies owned by the bank holding company, including the companies listed below. The public portions of the applications listed below, as well as other related filings required by the Board, if any, are available for immediate inspection at the Federal Reserve Bank(s) indicated below and at the offices of the Board of Governors. This information may also be obtained on an expedited basis, upon request, by contacting the appropriate Federal Reserve Bank and from the Board’s Freedom of Information Office at https://www.federalreserve.gov/foia/ request.htm. Interested persons may express their views in writing on the standards enumerated in the BHC Act (12 U.S.C. 1842(c)). Comments regarding each of these applications must be received at the Reserve Bank indicated or the offices of the Board of Governors, Ann E. Misback, Secretary of the Board, 20th Street and Constitution Avenue NW, Washington, DC 20551–0001, not later than April 7, 2022. A. Federal Reserve Bank of St. Louis (Holly A. Rieser, Manager) P.O. Box 442, St. Louis, Missouri 63166–2034. VerDate Sep<11>2014 17:25 Mar 07, 2022 Jkt 256001 Board of Governors of the Federal Reserve System, March 3, 2022. Michele Taylor Fennell, Deputy Associate Secretary of the Board. [FR Doc. 2022–04896 Filed 3–7–22; 8:45 am] BILLING CODE P FEDERAL RESERVE SYSTEM [Docket No. OP–1747] Guidelines for Evaluating Account and Services Requests Board of Governors of the Federal Reserve System. ACTION: Supplemental notice and request for comment. AGENCY: The Board of Governors of the Federal Reserve System (Board) is issuing a supplemental notice and request for comment on updates to its proposed guidelines (Account Access Guidelines) for Federal Reserve Banks (Reserve Banks) to utilize in evaluating requests for access to Reserve Bank master accounts and services (accounts and services). The supplemental notice includes a new section of the proposed Account Access Guidelines that would establish a tiered-review framework to provide additional clarity on the level of due diligence and scrutiny to be applied to requests for Reserve Bank accounts and services. DATES: Comments must be received on or before April 22, 2022. FOR FURTHER INFORMATION CONTACT: Jason Hinkle, Assistant Director (202– 912–7805), Division of Reserve Bank Operations and Payment Systems, or Sophia H. Allison, Senior Special Counsel (202–452–3565) or Gavin Smith, Senior Counsel (202–872–7578), SUMMARY: PO 00000 Frm 00034 Fmt 4703 Sfmt 4703 Legal Division, Board of Governors of the Federal Reserve System. For users of TTY–TRS, please call 711 from any telephone, anywhere in the United States. ADDRESSES: You may submit comments, identified by Docket No. OP–1765, by any of the following methods: Agency Website: https://www.federal reserve.gov. Follow the instructions for submitting comments at https:// www.federalreserve.gov/apps/foia/ proposedregs.aspx. Email: regs.comments@ federalreserve.gov. Include docket number in the subject line of the message. Fax: (202) 452–3819 or (202) 452– 3102. Mail: Ann E. Misback, Secretary, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue NW, Washington, DC 20551. All public comments are available from the Board’s website at https:// www.federalreserve.gov/generalinfo/ foia/ProposedRegs.cfm as submitted, unless modified for technical reasons or to remove personally identifiable information at the commenter’s request. Accordingly, comments will not be edited to remove any identifying or contact information. Public comments may also be viewed in-person in Room M–4365A, 2001 C St. NW, Washington, DC 20551, between 9:00 a.m. and 5:00 p.m. during federal business weekdays. SUPPLEMENTARY INFORMATION: I. Background On May 5, 2021, the Board requested comment on proposed guidelines to be used by Reserve Banks in evaluating requests for accounts and services (Original Proposal).1 The Original Proposal reflected the Board’s policy goals of (1) ensuring the safety and soundness of the banking system, (2) effectively implementing monetary policy, (3) promoting financial stability, (4) protecting consumers, and (5) promoting a safe, efficient, inclusive, 1 86 FR 25865 (May 11, 2021). E:\FR\FM\08MRN1.SGM 08MRN1 12958 Federal Register / Vol. 87, No. 45 / Tuesday, March 8, 2022 / Notices lotter on DSK11XQN23PROD with NOTICES1 and innovative payment system. The Original Proposal was also intended to ensure that Reserve Banks apply a transparent and consistent set of factors when reviewing requests for accounts and services (access requests). The Original Proposal consisted of six principles. The first principle specified that only institutions that are legally eligible for access to Reserve Bank accounts and services would be considered for access. The remaining five principles addressed specific risks, ranging from narrow risks (such as risk to an individual Reserve Bank) to broader risks (such as risk to the U.S. financial system).2 For each of these five principles, the Original Proposal set forth factors that Reserve Banks should consider when evaluating an institution’s access request against the specific risk targeted by the principle. The identified factors are commonly used in the regulation and supervision of federally-insured institutions. The Board notes that, when applying the proposed Account Access Guidelines, the Reserve Bank would integrate to the extent possible the assessments of an institution by its state and/or federal supervisors into the Reserve Bank’s own independent assessment of the institution’s risk profile. The Original Proposal noted that the application of the Guidelines to requests by federally-insured institutions should be fairly straightforward, while requests from non-federally insured institutions may require more extensive due diligence. This supplemental notice (Updated Proposal) includes the Original Proposal substantially as proposed but includes a new section 2 of the Account Access Guidelines that would incorporate a tiering framework based on an institution’s characteristics. The three tiers would provide additional clarity on how the Reserve Banks would apply the principles in section 1 of the Account Access Guidelines to different types of institutions. 2 The Account Access Guidelines were designed primarily as a risk management framework and, as such, focus on risks an institution’s access could pose. The Board notes, however, that granting an access request could also have net benefits to the financial system, although these are not a focus of the Account Access Guidelines. VerDate Sep<11>2014 17:25 Mar 07, 2022 Jkt 256001 II. Overview of Comments on Original Proposal The Board received 46 individual comment letters and 281 duplicate form letters in response to the Original Proposal. Nearly all the comment letters expressed general support for the proposed Account Access Guidelines, and most letters also made recommendations for improvements. Commenters represented several types of institutions, including (1) institutions with traditional charters, such as banks and credit unions, and their trade associations; (2) institutions with novel charters, such as cryptocurrency custody banks, and their trade associations; and (3) think tanks and non-profit advocacy groups. The views expressed by the first category of commenters often conflicted with the views expressed by the second category of commenters.3 The duplicate form letters included recommendations that mirrored those submitted by trade associations for institutions with traditional charters. III. Updated Proposal The Account Access Guidelines listed in this Updated Proposal consist of two sections. Proposed section 1—which describes the six principles that the Reserve Banks would use in evaluating requests for accounts and services—is substantially the same as the Account Access Guidelines described in the Original Proposal.4 The Original Proposal noted that the application of the Account Access Guidelines to requests by federallyinsured institutions should be fairly straightforward, while requests from non-federally insured institutions may require more extensive due diligence. The Updated Proposal includes a new section 2 of the Account Access Guidelines, which would establish a three-tiered review framework to provide additional clarity regarding the 3 For example, many commenters in the first category suggested that institutions with novel charters should face a more challenging path to access accounts and services, while many commenters in the second category suggested that institutions with novel charters should face an easier path to access accounts and service. 4 The Updated Proposal incorporates certain technical changes to Section 1. For example, some commenters read Principle 6 to suggest that Reserve Banks, rather than the Board, have the authority to establish the interest on reserve balances (IORB) rate. The Updated Proposal deletes the language that commenters read to suggest that Reserve Banks have the authority to establish the IORB rate. PO 00000 Frm 00035 Fmt 4703 Sfmt 4703 review process for different types of institutions. Tier 1 would consist of eligible institutions that are federally-insured. These institutions are already subject to a comprehensive set of federal banking regulations, and, in most cases, detailed regulatory and financial information about these firms would be readily available. Accordingly, access requests by Tier 1 institutions would generally be subject to a less intensive and more streamlined review. In cases where the application of the Guidelines to Tier 1 institutions identifies potentially higher risk profiles, the institutions would receive additional attention. Tier 2 would consist of eligible institutions that are not federallyinsured but (i) are subject (by statute) to prudential supervision by a federal banking agency; and (ii) any holding company of which would be subject to Federal Reserve oversight (by statute or by commitments).5 Tier 2 institutions would be subject to similar but not identical regulations as federallyinsured institutions, and as a result, may present greater risks than Tier 1 institutions. Additionally, detailed regulatory and financial information regarding Tier 2 institutions is less likely to be available and may not be available in public form. Accordingly, access requests by Tier 2 institutions would generally receive an intermediate level of review. Tier 3 would consist of eligible institutions that are not federally insured and not subject to prudential supervision by a federal banking agency at the institution or holding company level. Tier 3 institutions may be subject to a supervisory or regulatory framework that is substantially different from, and possibly weaker than, the supervisory and regulatory framework that applies to federally-insured institutions, and as a result may pose the highest level of risk. Detailed regulatory and financial information regarding Tier 3 institutions may not exist or may be unavailable. Accordingly, access requests by Tier 3 institutions would generally receive the strictest level of review. The Board seeks comment on all aspects of the Updated Proposal. 5 The Board would expect holding companies of Tier 2 entities to comply with similar requirements as holding companies subject to the Bank Holding Company Act. E:\FR\FM\08MRN1.SGM 08MRN1 Federal Register / Vol. 87, No. 45 / Tuesday, March 8, 2022 / Notices IV. Updated Account Access Guidelines Guidelines Covering Access to Accounts and Services at Federal Reserve Banks (Account Access Guidelines) lotter on DSK11XQN23PROD with NOTICES1 Section 1: Principles The Board of Governors of the Federal Reserve System (Board) is adopting account access guidelines comprised of six principles to be used by Federal Reserve Banks (Reserve Banks) in evaluating requests for master accounts and access to Federal Reserve Bank financial services (access requests).1 2 The account access guidelines apply to requests from all institutions that are legally eligible to receive an account or services, as discussed in more detail in the first principle.3 The Board expects the Reserve Banks to collaborate on reviews of account and service requests, as well as ongoing monitoring of accountholders, to ensure that the guidelines are implemented in a consistent and timely manner. The Federal Reserve System’s (Federal Reserve) approach to providing institutions with accounts and services depends on, among other things, whether the institution is legally eligible to obtain an account and on the Federal Reserve’s policy goals of ensuring the safety and soundness of the banking system, effectively implementing monetary policy, promoting financial stability, protecting consumers, and promoting a safe, effective, efficient, accessible, and innovative payment system. The Board believes it is important to make clear that legal eligibility does not bestow a right to obtain an account and services. While decisions regarding individual access requests remain at the discretion of the individual Reserve Banks, the Board believes it is important that the Reserve Banks apply a consistent set of guidelines when reviewing such access requests to promote consistent outcomes 1 As discussed in the Federal Reserve’s Operating Circular No. 1, an institution has the option to settle its Federal Reserve financial services transactions in its master account with a Reserve Bank or in the master account of another institution that has agreed to act as its correspondent. These principles apply to requests for either arrangement. 2 Reserve Bank financial services mean all services subject to Federal Reserve Act, section 11A (‘‘priced services’’) and Reserve Bank cash services. Financial services do not include transactions conducted as part of the Federal Reserve’s open market operations or administration of the Reserve Banks’ Discount Window. 3 These principles would not apply to accounts provided under fiscal agency authority or to accounts authorized pursuant to the Board’s Regulation N (12 CFR 214), joint account requests, or account requests from designated financial market utilities, since existing rules or policies already set out the considerations involved in granting these types of accounts. VerDate Sep<11>2014 17:25 Mar 07, 2022 Jkt 256001 across Reserve Banks and to facilitate equitable treatment across institutions.4 These account access guidelines also serve to inform requestors of the factors that a Reserve Bank will review in any access request and thereby allow a requestor to make any enhancements to its risk management, documentation, or other practices to attempt to demonstrate how it meets each of the principles. These guidelines broadly outline considerations for evaluating access requests but are not intended to provide assurance that any specific institution will be granted an account and services. The individual Reserve Bank will evaluate each access request on a caseby-case basis. When applying these account access guidelines, the Reserve Bank should consider, to the extent possible, the assessments of an institution by state and/or federal supervisors into its independent analysis of the institution’s risk profile. The evaluation of an institution’s access request should also consider whether the request has the potential to set a precedent that could affect the Federal Reserve’s ability to achieve its policy goals now or in the future. If the Reserve Bank decides to grant an access request, it may impose (at the time of account opening, granting access to service, or any time thereafter) obligations relating to, or conditions or limitations on, use of the account or services as necessary to limit operational, credit, legal, or other risks posed to the Reserve Banks, the payment system, financial stability or the implementation of monetary policy or to address other considerations.5 The account-holding Reserve Bank may, at its discretion, decide to place additional risk management controls on the account and services, such as real-time monitoring of account balances, as it may deem necessary to mitigate risks. If the obligations, limitations, or controls are ineffective in mitigating the risks identified or if the obligations, limitations, or controls are breached, the account-holding Reserve Bank may further restrict the institution’s use of accounts and services or may close the account. Establishment of an account 4 The Board has issued these account access guidelines under its general supervision authority over the operations of the Reserve Banks, 12 U.S.C 248(j). Decisions on access to accounts and services are made by the Reserve Bank in whose District the requestor is located. 5 The conditions imposed could include, for example, establishing a cap on the amount of balances held in the account. In addition, the Board may authorize a Reserve Bank to pay a different rate of interest on balances held in the account or may limit the amount of balances in the account that receive interest. PO 00000 Frm 00036 Fmt 4703 Sfmt 4703 12959 and provision of services by a Reserve Bank under these guidelines is not an endorsement or approval by the Federal Reserve of the institution. Nothing in the Board’s guidelines relieves any institution from compliance with obligations imposed by the institution’s supervisors and regulators. Accordingly, Reserve Banks should evaluate how each institution requesting access to an account and services will meet the following principles.6 Each principle identifies factors that Reserve Banks should consider when evaluating an institution against the specific risk targeted by the principle (several factors are pertinent to more than one principle). The identified factors are commonly used in the regulation and supervision of federally-insured institutions. As a result, the Board anticipates the application of the account access guidelines to access requests by federally-insured institutions will be fairly straightforward in most cases. However, Reserve Bank assessments of access requests from non-federally insured institutions may require more extensive due diligence. Reserve Banks monitor and analyze the condition of institutions with access to accounts and services on an ongoing basis. Reserve Banks should use the guidelines to re-evaluate the risks posed by an institution in cases where its condition monitoring and analysis indicate potential changes in the risk profile of an institution, including a significant change to the institution’s business model. 1. Each institution requesting an account or services must be eligible under the Federal Reserve Act or other federal statute to maintain an account at a Federal Reserve Bank (Reserve Bank) and receive Federal Reserve services and should have a well-founded, clear, transparent, and enforceable legal basis for its operations.7 a. Unless otherwise specified by federal statute, only those entities that are member banks or meet the definition of a depository institution under section 6 The principles are designed to address risks posed by an institution having access to an account and services, ranging from narrow risks (e.g., to an individual Reserve Bank) to broader risks (e.g., to the overall economy). Review activities performed by the Reserve Bank may address several principles at once. 7 These principles do not apply to accounts and services provided by a Reserve Bank (i) as depository and fiscal agent, such as those provided for the Treasury and for certain governmentsponsored entities (12 U.S.C. 391, 393–95, 1823, 1435), (ii) to certain international organizations (22 U.S.C. 285d, 286d, 290o–3, 290i–5, 290l–3), (iii) to designated financial market utilities (12 U.S.C. 5465), (iv) pursuant to the Board’s Regulation N (12 CFR 214), or (v) pursuant to the Board’s Guidelines for Evaluating Joint Account Requests. E:\FR\FM\08MRN1.SGM 08MRN1 12960 Federal Register / Vol. 87, No. 45 / Tuesday, March 8, 2022 / Notices lotter on DSK11XQN23PROD with NOTICES1 19(b) of the Federal Reserve Act are legally eligible to obtain Federal Reserve accounts and financial services.8 b. The Reserve Bank should assess the consistency of the institution’s activities and services with applicable laws and regulations, such as Article 4A of the Uniform Commercial Code and the Electronic Fund Transfer Act. The Reserve Bank should also consider whether the design of the institution’s services would impede compliance by the institution’s customers with U.S. sanctions programs, Bank Secrecy Act (BSA) and anti-money-laundering (AML) requirements or regulations, or consumer protection laws and regulations. 2. Provision of an account and services to an institution should not present or create undue credit, operational, settlement, cyber or other risks to the Reserve Bank. a. The Reserve Bank should incorporate, to the extent possible, the assessments of an institution by state and/or federal supervisors into its independent assessment of the institution’s risk profile. b. The Reserve Bank should confirm that the institution has an effective risk management framework and governance arrangements to ensure that the institution operates in a safe and sound manner, during both normal conditions and periods of idiosyncratic and market stress. i. For these purposes, effective risk management includes having a robust framework, including policies, procedures, systems, and qualified staff, to manage applicable risks. The framework should at a minimum identify, measure, and control the particular risks posed by the institution’s business lines, products and services. The effectiveness of the framework should be further supported by internal testing and internal audit reviews. ii. The framework should be subject to oversight by a board of directors (or similar body) as well as oversight by state and/or federal banking supervisor(s). iii. The framework should clearly identify all risks that may arise related to the institution’s business (e.g., legal, credit, liquidity, operational, custody, investment) as well as objectives 8 Unless otherwise expressly excluded under the previous footnote, these principles apply to account requests from all institutions, including member banks or other entities that meet the definition of a depository institution under section 19(b), as well as Edge and Agreement corporations (12 U.S.C. 601–604a, 611–631), and U.S. branches and agencies of foreign banks (12 U.S.C. 347d). VerDate Sep<11>2014 17:25 Mar 07, 2022 Jkt 256001 regarding the risk tolerances for the management of such risks. c. The Reserve Bank should confirm that the institution is in substantial compliance with its supervisory agency’s regulatory and supervisory requirements. d. The institution must, in the Reserve Bank’s judgment: i. Demonstrate an ability to comply, were it to obtain a master account, with Board orders and policies, Reserve Bank agreements and operating circulars, and other applicable Federal Reserve requirements. ii. Be in sound financial condition, including maintaining adequate capital to continue as a going concern and to meet its current and projected operating expenses under a range of scenarios. iii. Demonstrate the ability, on an ongoing basis (including during periods of idiosyncratic or market stress), to meet all of its obligations in order to remain a going concern and comply with its agreement for a Reserve Bank account and services, including by maintaining: A. Sufficient liquid resources to meet its obligations to the Reserve Bank under applicable agreements, operating circulars, and Board policies; B. The operational capacity to ensure that such liquid resources are available to satisfy all such obligations to the Reserve Bank on a timely basis; and C. Settlement processes designed to appropriately monitor balances in its Reserve Bank account on an intraday basis, to process transactions through its account in an orderly manner and maintain/achieve a positive account balance before the end of the business day. iv. Have in place an operational risk framework designed to ensure operational resiliency against events associated with processes, people, and systems that may impair the institution’s use and settlement of Reserve Bank services. This framework should consider internal and external factors, including operational risks inherent in the institution’s business model, risks that might arise in connection with its use of any Reserve Bank account and services, and cyberrelated risks. At a minimum, the operational risk framework should: A. Identify the range of operational risks presented by the institution’s business model (e.g., cyber vulnerability, operational failure, resiliency of service providers), and establish sound operational risk management objectives to address such risks; B. Establish sound governance arrangements, rules, and procedures to PO 00000 Frm 00037 Fmt 4703 Sfmt 4703 oversee and implement the operational risk management framework; C. Establish clear and appropriate rules and procedures to carry out the risk management objectives; D. Employ the resources necessary to achieve its risk management objectives and implement effectively its rules and procedures, including, but not limited to, sound processes for physical and information security, internal controls, compliance, program management, incident management, business continuity, audit, and well-qualified personnel; and E. Support compliance with the electronic access requirements, including security measures, outlined in the Reserve Banks’ Operating Circular 5 and its supporting documentation. 3. Provision of an account and services to an institution should not present or create undue credit, liquidity, operational, settlement, cyber or other risks to the overall payment system. a. The Reserve Bank should incorporate, to the extent possible, the assessments of an institution by state and/or federal supervisors into its independent assessment of the institution’s risk profile. b. The Reserve Bank should confirm that the institution has an effective risk management framework and governance arrangements to limit the impact that idiosyncratic stress, disruptions, outages, cyber incidents, or other incidents at the institution might have on other institutions and the payment system broadly. The framework should include: i. Clearly defined operational reliability objectives and policies and procedures in place to achieve those objectives. ii. A business continuity plan that addresses events that have the potential to disrupt operations and a resiliency objective to ensure the institution can resume services in a reasonable timeframe. iii. Policies and procedures for identifying risks that external parties may pose to sound operations, including interdependencies with affiliates, service providers, and others. c. The Reserve Bank should identify actual and potential interactions between the institution’s use of a Reserve Bank account and services and (other parts of) the payment system. i. The extent to which the institution’s use of a Reserve Bank account and services might restrict funds from being available to support the liquidity needs of other institutions should also be considered. d. The institution must, in the Reserve Bank’s judgment: E:\FR\FM\08MRN1.SGM 08MRN1 lotter on DSK11XQN23PROD with NOTICES1 Federal Register / Vol. 87, No. 45 / Tuesday, March 8, 2022 / Notices i. Be in sound financial condition, including maintaining adequate capital to continue as a going concern and to meet its current and projected operating expenses under a range of scenarios. ii. Demonstrate the ability, on an ongoing basis (including during periods of idiosyncratic or market stress), to meet all of its obligations in order to remain a going concern and comply with its agreement for a Reserve Bank account and services, including by maintaining: A. Sufficient liquid resources to meet its obligations to the Reserve Bank under applicable agreements, Operating Circulars, and Board policies; B. The operational capacity to ensure that such liquid resources are available to satisfy all such obligations to the Reserve Bank on a timely basis; and C. Settlement processes designed to appropriately monitor balances in its Reserve Bank account on an intraday basis, to process transactions through its account in an orderly manner and maintain/achieve a positive account balance before the end of the business day. iii. Have in place an operational risk framework designed to ensure operational resiliency against events associated with processes, people, and systems that may impair the institution’s payment system activities. This framework should consider internal and external factors, including operational risk inherent in the institution’s business model, risk that might arise in connection with its use of the payment system, and cyber-related risks. At a minimum, the framework should: A. Identify the range of operational risks presented by the institution’s business model (e.g., cyber vulnerability, operational failure, resiliency of service providers), and establish sound operational riskmanagement objectives; B. Establish sound governance arrangements, rules, and procedures to oversee the operational risk management framework; C. Establish clear and appropriate rules and procedures to carry out the risk management objectives; D. Employ the resources necessary to achieve its risk management objectives and implement effectively its rules and procedures, including, but not limited to, sound processes for physical and information security, internal controls, compliance, program management, incident management, business continuity, audit, and well-qualified personnel. 4. Provision of an account and services to an institution should not VerDate Sep<11>2014 17:25 Mar 07, 2022 Jkt 256001 create undue risk to the stability of the U.S. financial system. a. The Reserve Bank should incorporate, to the extent possible, the assessments of an institution by state and/or federal supervisors into its independent assessment of the institution’s risk profile. b. The Reserve Bank should determine, in coordination with the other Reserve Banks and Board, whether the access to an account and services by an institution itself or a group of like institutions could introduce financial stability risk to the U.S. financial system. c. The Reserve Bank should confirm that the institution has an effective risk management framework and governance arrangements for managing liquidity, credit, and other risks that may arise in times of financial or economic stress. d. The Reserve Bank should consider the extent to which, especially in times of financial or economic stress, liquidity or other strains at the institution may be transmitted to other segments of the financial system. e. The Reserve Bank should consider the extent to which, especially during times of financial or economic stress, access to an account and services by an institution itself (or a group of like institutions) could affect deposit balances across U.S. financial institutions more broadly and whether any resulting movements in deposit balances could have a deleterious effect on U.S. financial stability. i. Balances held in Reserve Bank accounts are high-quality liquid assets, making them very attractive in times of financial or economic stress. For example, in times of stress, investors that would otherwise provide short-term funding to nonfinancial firms, financial firms, and state and local governments could rapidly withdraw that funding and instead deposit their funds with an institution holding mostly central bank balances. If the institution is not subject to capital requirements similar to a federally-insured institution, it can more easily expand its balance sheet during times of stress; as a result, the potential for sudden and significant deposit inflows into that institution is particularly large, which could disintermediate other parts of the financial system, greatly amplifying stress. 5. Provision of an account and services to an institution should not create undue risk to the overall economy by facilitating activities such as money laundering, terrorism financing, fraud, cybercrimes, economic or trade sanctions violations, or other illicit activity. PO 00000 Frm 00038 Fmt 4703 Sfmt 4703 12961 a. The Reserve Bank should incorporate, to the extent possible, the assessments of an institution by state and/or federal supervisors into its independent assessment of the institution’s risk profile. b. The Reserve Bank should confirm that the institution has a BSA/AML compliance program consisting of the components set out below and in relevant regulations.9 i. For these purposes, the Reserve Bank should confirm that the institution’s BSA/AML compliance program contains the following elements: 10 A. A system of internal controls, including policies and procedures, to ensure ongoing BSA/AML compliance; B. Independent audit and testing of BSA/AML compliance to be conducted by bank personnel or by an outside party; C. Designation of an individual or individuals responsible for coordinating and monitoring day-to-day compliance (BSA compliance officer); D. Ongoing training for appropriate personnel, tailored to each individual’s specific responsibilities, as appropriate; E. Appropriate risk-based procedures for conducting ongoing customer due diligence to include, but not limited to, understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile and conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information; c. The Reserve Bank should confirm that the institution has a compliance program designed to support its compliance with the Office of Foreign Assets Control (OFAC) regulations at 31 CFR Chapter V.11 i. For these purposes, the Reserve Bank may review the institution’s written OFAC compliance program, provided one has been created, and confirm that it is commensurate with the institution’s OFAC risk profile. An OFAC compliance program should identify higher-risk areas, provide for appropriate internal controls for 9 Refer to 12 CFR 208.62 and 63, 12 CFR 211.5(k), 5(m), 24(f), and 24(j), and 12 CFR 225.4(f) (Federal Reserve); 12 CFR 326.8 and 12 CFR part 353 (FDIC); 12 CFR 748.1–2 (NCUA); 12 CFR 21.11, and 21, and 12 CFR 163.180 (OCC); and 31 CFR 1020.210(a) and (b), and 31 CFR 1020.320 (FinCEN), which are controlling. 10 Reserve Banks may reference the FFIEC BSA/ AML Manual. These guidelines may be updated to reflect any changes to relevant regulations. 11 Reserve Banks may reference the OFAC section of the FFIEC BSA/AML Manual. These guidelines may be updated to reflect any changes to relevant regulations. E:\FR\FM\08MRN1.SGM 08MRN1 12962 Federal Register / Vol. 87, No. 45 / Tuesday, March 8, 2022 / Notices screening and reporting, establish independent testing for compliance, designate a bank employee or employees as responsible for OFAC compliance, and create a training program for appropriate personnel in all relevant areas of the institution. 6. Provision of an account and services to an institution should not adversely affect the Federal Reserve’s ability to implement monetary policy. a. The Reserve Bank should incorporate, to the extent possible, the assessments of an institution by state and/or federal supervisors into its independent assessment of the institution’s risk profile. b. The Reserve Bank should determine, in coordination with the other Reserve Banks and the Board, whether access to an account and services by an institution itself or a group of like institutions could have an effect on the implementation of monetary policy. c. The Reserve Bank should consider, among other things, whether access to a Reserve Bank account and services by the institution could affect the level and variability of the demand for and supply of reserves, the level and volatility of key policy interest rates, the structure of key short-term funding markets, and on the overall size of the consolidated balance sheet of the Reserve Banks. The Reserve Bank should consider the implications of providing an account to the institution in normal times as well as in times of stress. This consideration should occur regardless of the current monetary policy implementation framework in place. lotter on DSK11XQN23PROD with NOTICES1 Section 2: Tiered Review Framework The tiered review framework in this section is meant to serve as a guide to the level of due diligence and scrutiny to be applied by Reserve Banks to different types of institutions. Although institutions in a higher tier will face greater due diligence and scrutiny than institutions in a lower tier, a Reserve Bank has the authority to grant or deny an access request by an institution in any of the three proposed tiers, based on the Reserve Bank’s application of the Guidelines in Section 1 to that particular institution. 1. Tier 1: Eligible institutions that are federally insured. a. As federally-insured depository institutions, Tier 1 institutions are already subject to a standard, strict, and comprehensive set of federal banking regulations. b. In addition, for most Tier 1 institutions, detailed regulatory and financial information would in most VerDate Sep<11>2014 17:25 Mar 07, 2022 Jkt 256001 cases be readily available, often in public form. c. Accordingly, access requests by Tier 1 institutions will generally be subject to a less intensive and more streamlined review. d. In cases where the application of the Guidelines to Tier 1 institutions identifies potentially higher risk profiles, the institutions will receive additional attention. 2. Tier 2: Eligible institutions that are not federally insured, but that are subject to federal prudential supervision at the institution and, if applicable, at the holding company level. a. Although not federally insured, Tier 2 institutions are subject to prudential supervision at the institution level by a federal banking agency (by statute). In addition, any holding company of a Tier 2 institution would be subject to Federal Reserve oversight (by statute or by commitments). b. Tier 2 institutions are subject to a similar, but not identical, set of regulations as federally-insured institutions. As a result, Tier 2 institutions may still present greater risks than Tier 1 institutions. c. In addition, detailed regulatory and financial information regarding such institutions may be less available or may not be available in public form. d. Accordingly, account access requests by Tier 2 institutions will generally receive an intermediate level of review. 3. Tier 3: Eligible institutions that are not federally insured and that are not subject to federal prudential supervision at the institution and holding company level. a. Tier 3 institutions may be subject to a supervisory or regulatory framework that is substantially different from, and less rigorous than, the supervisory and regulatory framework that applies to federally-insured institutions. b. In addition, detailed regulatory and financial information regarding Tier 3 institutions may not exist or may be unavailable. c. Accordingly, Tier 3 institutions will generally receive the strictest level of review. By order of the Board of Governors of the Federal Reserve System. Ann Misback, Secretary of the Board. [FR Doc. 2022–04897 Filed 3–7–22; 8:45 am] BILLING CODE 6210–01–P PO 00000 Frm 00039 Fmt 4703 Sfmt 4703 DEPARTMENT OF HEALTH AND HUMAN SERVICES Centers for Disease Control and Prevention Notice of Award of a Single-Source Cooperative Agreement To Fund the National AIDS and STDs Control Program (NASCP) Within the Federal Ministry of Health (FMOH), Nigeria Centers for Disease Control and Prevention (CDC), Department of Health and Human Services (HHS). ACTION: Notice. AGENCY: The Centers for Disease Control and Prevention (CDC), located within the Department of Health and Human Services (HHS), announces the award of approximately $3,000,000, for Year 1 funding to the National AIDS and STDs Control Program (NASCP) within the Federal Ministry of Health (FMOH). The award will involve substantial engagement with CDC-supported states with the objective of establishing HIV/ AIDS programmatic sustainability including the achievement and maintenance of HIV/AIDS epidemic control at national and sub-national levels and across all sub-populations. Funding amounts for years 2–5 will be set at continuation. DATES: The period for this award will be September 30, 2022 through September 29, 2027. FOR FURTHER INFORMATION CONTACT: Andrew Abutu, Center for Global Health, Centers for Disease Control and Prevention, National AIDS and STDs Control Program (NASCP), Plot 1075, Diplomatic Drive, Central Business District, Abuja, Nigeria, Telephone: 800–232–6348, Email: kdy7@cdc.gov. SUPPLEMENTARY INFORMATION: The single-source award will implement a capacity building and government engagement initiative that progressively increases the managerial, technical, and financial investments of the Government of Nigeria (GON) in the HIV response at national and subnational levels. NASCP is a division of the Department of Public Health within the FMOH. NASCP is in a unique position to conduct this work, as it is the lead GON organization in Nigeria for leading and coordinating the national HIV/AIDS health sector response. Given its role as the lead GON organization for developing HIV/AIDS policy and program implementation across all states in Nigeria, NASCP is the sole authority qualified to perform essential programmatic activities and to implement a capacity building and SUMMARY: E:\FR\FM\08MRN1.SGM 08MRN1

Agencies

[Federal Register Volume 87, Number 45 (Tuesday, March 8, 2022)]
[Notices]
[Pages 12957-12962]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-04897]


-----------------------------------------------------------------------

FEDERAL RESERVE SYSTEM

[Docket No. OP-1747]


Guidelines for Evaluating Account and Services Requests

AGENCY: Board of Governors of the Federal Reserve System.

ACTION: Supplemental notice and request for comment.

-----------------------------------------------------------------------

SUMMARY: The Board of Governors of the Federal Reserve System (Board) 
is issuing a supplemental notice and request for comment on updates to 
its proposed guidelines (Account Access Guidelines) for Federal Reserve 
Banks (Reserve Banks) to utilize in evaluating requests for access to 
Reserve Bank master accounts and services (accounts and services). The 
supplemental notice includes a new section of the proposed Account 
Access Guidelines that would establish a tiered-review framework to 
provide additional clarity on the level of due diligence and scrutiny 
to be applied to requests for Reserve Bank accounts and services.

DATES: Comments must be received on or before April 22, 2022.

FOR FURTHER INFORMATION CONTACT: Jason Hinkle, Assistant Director (202-
912-7805), Division of Reserve Bank Operations and Payment Systems, or 
Sophia H. Allison, Senior Special Counsel (202-452-3565) or Gavin 
Smith, Senior Counsel (202-872-7578), Legal Division, Board of 
Governors of the Federal Reserve System. For users of TTY-TRS, please 
call 711 from any telephone, anywhere in the United States.

ADDRESSES: You may submit comments, identified by Docket No. OP-1765, 
by any of the following methods:
    Agency Website: https://www.federalreserve.gov. Follow the 
instructions for submitting comments at https://www.federalreserve.gov/apps/foia/proposedregs.aspx.
    Email: [email protected]. Include docket number in 
the subject line of the message.
    Fax: (202) 452-3819 or (202) 452-3102.
    Mail: Ann E. Misback, Secretary, Board of Governors of the Federal 
Reserve System, 20th Street and Constitution Avenue NW, Washington, DC 
20551.
    All public comments are available from the Board's website at 
https://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm as 
submitted, unless modified for technical reasons or to remove 
personally identifiable information at the commenter's request. 
Accordingly, comments will not be edited to remove any identifying or 
contact information. Public comments may also be viewed in-person in 
Room M-4365A, 2001 C St. NW, Washington, DC 20551, between 9:00 a.m. 
and 5:00 p.m. during federal business weekdays.

SUPPLEMENTARY INFORMATION:

I. Background

    On May 5, 2021, the Board requested comment on proposed guidelines 
to be used by Reserve Banks in evaluating requests for accounts and 
services (Original Proposal).\1\ The Original Proposal reflected the 
Board's policy goals of (1) ensuring the safety and soundness of the 
banking system, (2) effectively implementing monetary policy, (3) 
promoting financial stability, (4) protecting consumers, and (5) 
promoting a safe, efficient, inclusive,

[[Page 12958]]

and innovative payment system. The Original Proposal was also intended 
to ensure that Reserve Banks apply a transparent and consistent set of 
factors when reviewing requests for accounts and services (access 
requests).
---------------------------------------------------------------------------

    \1\ 86 FR 25865 (May 11, 2021).
---------------------------------------------------------------------------

    The Original Proposal consisted of six principles. The first 
principle specified that only institutions that are legally eligible 
for access to Reserve Bank accounts and services would be considered 
for access. The remaining five principles addressed specific risks, 
ranging from narrow risks (such as risk to an individual Reserve Bank) 
to broader risks (such as risk to the U.S. financial system).\2\ For 
each of these five principles, the Original Proposal set forth factors 
that Reserve Banks should consider when evaluating an institution's 
access request against the specific risk targeted by the principle. The 
identified factors are commonly used in the regulation and supervision 
of federally-insured institutions. The Board notes that, when applying 
the proposed Account Access Guidelines, the Reserve Bank would 
integrate to the extent possible the assessments of an institution by 
its state and/or federal supervisors into the Reserve Bank's own 
independent assessment of the institution's risk profile.
---------------------------------------------------------------------------

    \2\ The Account Access Guidelines were designed primarily as a 
risk management framework and, as such, focus on risks an 
institution's access could pose. The Board notes, however, that 
granting an access request could also have net benefits to the 
financial system, although these are not a focus of the Account 
Access Guidelines.
---------------------------------------------------------------------------

    The Original Proposal noted that the application of the Guidelines 
to requests by federally-insured institutions should be fairly 
straightforward, while requests from non-federally insured institutions 
may require more extensive due diligence. This supplemental notice 
(Updated Proposal) includes the Original Proposal substantially as 
proposed but includes a new section 2 of the Account Access Guidelines 
that would incorporate a tiering framework based on an institution's 
characteristics. The three tiers would provide additional clarity on 
how the Reserve Banks would apply the principles in section 1 of the 
Account Access Guidelines to different types of institutions.

II. Overview of Comments on Original Proposal

    The Board received 46 individual comment letters and 281 duplicate 
form letters in response to the Original Proposal. Nearly all the 
comment letters expressed general support for the proposed Account 
Access Guidelines, and most letters also made recommendations for 
improvements. Commenters represented several types of institutions, 
including (1) institutions with traditional charters, such as banks and 
credit unions, and their trade associations; (2) institutions with 
novel charters, such as cryptocurrency custody banks, and their trade 
associations; and (3) think tanks and non-profit advocacy groups. The 
views expressed by the first category of commenters often conflicted 
with the views expressed by the second category of commenters.\3\ The 
duplicate form letters included recommendations that mirrored those 
submitted by trade associations for institutions with traditional 
charters.
---------------------------------------------------------------------------

    \3\ For example, many commenters in the first category suggested 
that institutions with novel charters should face a more challenging 
path to access accounts and services, while many commenters in the 
second category suggested that institutions with novel charters 
should face an easier path to access accounts and service.
---------------------------------------------------------------------------

III. Updated Proposal

    The Account Access Guidelines listed in this Updated Proposal 
consist of two sections. Proposed section 1--which describes the six 
principles that the Reserve Banks would use in evaluating requests for 
accounts and services--is substantially the same as the Account Access 
Guidelines described in the Original Proposal.\4\
---------------------------------------------------------------------------

    \4\ The Updated Proposal incorporates certain technical changes 
to Section 1. For example, some commenters read Principle 6 to 
suggest that Reserve Banks, rather than the Board, have the 
authority to establish the interest on reserve balances (IORB) rate. 
The Updated Proposal deletes the language that commenters read to 
suggest that Reserve Banks have the authority to establish the IORB 
rate.
---------------------------------------------------------------------------

    The Original Proposal noted that the application of the Account 
Access Guidelines to requests by federally-insured institutions should 
be fairly straightforward, while requests from non-federally insured 
institutions may require more extensive due diligence. The Updated 
Proposal includes a new section 2 of the Account Access Guidelines, 
which would establish a three-tiered review framework to provide 
additional clarity regarding the review process for different types of 
institutions.
    Tier 1 would consist of eligible institutions that are federally-
insured. These institutions are already subject to a comprehensive set 
of federal banking regulations, and, in most cases, detailed regulatory 
and financial information about these firms would be readily available. 
Accordingly, access requests by Tier 1 institutions would generally be 
subject to a less intensive and more streamlined review. In cases where 
the application of the Guidelines to Tier 1 institutions identifies 
potentially higher risk profiles, the institutions would receive 
additional attention.
    Tier 2 would consist of eligible institutions that are not 
federally-insured but (i) are subject (by statute) to prudential 
supervision by a federal banking agency; and (ii) any holding company 
of which would be subject to Federal Reserve oversight (by statute or 
by commitments).\5\ Tier 2 institutions would be subject to similar but 
not identical regulations as federally-insured institutions, and as a 
result, may present greater risks than Tier 1 institutions. 
Additionally, detailed regulatory and financial information regarding 
Tier 2 institutions is less likely to be available and may not be 
available in public form. Accordingly, access requests by Tier 2 
institutions would generally receive an intermediate level of review.
---------------------------------------------------------------------------

    \5\ The Board would expect holding companies of Tier 2 entities 
to comply with similar requirements as holding companies subject to 
the Bank Holding Company Act.
---------------------------------------------------------------------------

    Tier 3 would consist of eligible institutions that are not 
federally insured and not subject to prudential supervision by a 
federal banking agency at the institution or holding company level. 
Tier 3 institutions may be subject to a supervisory or regulatory 
framework that is substantially different from, and possibly weaker 
than, the supervisory and regulatory framework that applies to 
federally-insured institutions, and as a result may pose the highest 
level of risk. Detailed regulatory and financial information regarding 
Tier 3 institutions may not exist or may be unavailable. Accordingly, 
access requests by Tier 3 institutions would generally receive the 
strictest level of review.
    The Board seeks comment on all aspects of the Updated Proposal.

[[Page 12959]]

IV. Updated Account Access Guidelines

Guidelines Covering Access to Accounts and Services at Federal Reserve 
Banks (Account Access Guidelines)

Section 1: Principles
    The Board of Governors of the Federal Reserve System (Board) is 
adopting account access guidelines comprised of six principles to be 
used by Federal Reserve Banks (Reserve Banks) in evaluating requests 
for master accounts and access to Federal Reserve Bank financial 
services (access requests).1 2 The account access guidelines 
apply to requests from all institutions that are legally eligible to 
receive an account or services, as discussed in more detail in the 
first principle.\3\ The Board expects the Reserve Banks to collaborate 
on reviews of account and service requests, as well as ongoing 
monitoring of accountholders, to ensure that the guidelines are 
implemented in a consistent and timely manner.
---------------------------------------------------------------------------

    \1\ As discussed in the Federal Reserve's Operating Circular No. 
1, an institution has the option to settle its Federal Reserve 
financial services transactions in its master account with a Reserve 
Bank or in the master account of another institution that has agreed 
to act as its correspondent. These principles apply to requests for 
either arrangement.
    \2\ Reserve Bank financial services mean all services subject to 
Federal Reserve Act, section 11A (``priced services'') and Reserve 
Bank cash services. Financial services do not include transactions 
conducted as part of the Federal Reserve's open market operations or 
administration of the Reserve Banks' Discount Window.
    \3\ These principles would not apply to accounts provided under 
fiscal agency authority or to accounts authorized pursuant to the 
Board's Regulation N (12 CFR 214), joint account requests, or 
account requests from designated financial market utilities, since 
existing rules or policies already set out the considerations 
involved in granting these types of accounts.
---------------------------------------------------------------------------

    The Federal Reserve System's (Federal Reserve) approach to 
providing institutions with accounts and services depends on, among 
other things, whether the institution is legally eligible to obtain an 
account and on the Federal Reserve's policy goals of ensuring the 
safety and soundness of the banking system, effectively implementing 
monetary policy, promoting financial stability, protecting consumers, 
and promoting a safe, effective, efficient, accessible, and innovative 
payment system. The Board believes it is important to make clear that 
legal eligibility does not bestow a right to obtain an account and 
services. While decisions regarding individual access requests remain 
at the discretion of the individual Reserve Banks, the Board believes 
it is important that the Reserve Banks apply a consistent set of 
guidelines when reviewing such access requests to promote consistent 
outcomes across Reserve Banks and to facilitate equitable treatment 
across institutions.\4\
---------------------------------------------------------------------------

    \4\ The Board has issued these account access guidelines under 
its general supervision authority over the operations of the Reserve 
Banks, 12 U.S.C 248(j). Decisions on access to accounts and services 
are made by the Reserve Bank in whose District the requestor is 
located.
---------------------------------------------------------------------------

    These account access guidelines also serve to inform requestors of 
the factors that a Reserve Bank will review in any access request and 
thereby allow a requestor to make any enhancements to its risk 
management, documentation, or other practices to attempt to demonstrate 
how it meets each of the principles.
    These guidelines broadly outline considerations for evaluating 
access requests but are not intended to provide assurance that any 
specific institution will be granted an account and services. The 
individual Reserve Bank will evaluate each access request on a case-by-
case basis. When applying these account access guidelines, the Reserve 
Bank should consider, to the extent possible, the assessments of an 
institution by state and/or federal supervisors into its independent 
analysis of the institution's risk profile. The evaluation of an 
institution's access request should also consider whether the request 
has the potential to set a precedent that could affect the Federal 
Reserve's ability to achieve its policy goals now or in the future.
    If the Reserve Bank decides to grant an access request, it may 
impose (at the time of account opening, granting access to service, or 
any time thereafter) obligations relating to, or conditions or 
limitations on, use of the account or services as necessary to limit 
operational, credit, legal, or other risks posed to the Reserve Banks, 
the payment system, financial stability or the implementation of 
monetary policy or to address other considerations.\5\ The account-
holding Reserve Bank may, at its discretion, decide to place additional 
risk management controls on the account and services, such as real-time 
monitoring of account balances, as it may deem necessary to mitigate 
risks. If the obligations, limitations, or controls are ineffective in 
mitigating the risks identified or if the obligations, limitations, or 
controls are breached, the account-holding Reserve Bank may further 
restrict the institution's use of accounts and services or may close 
the account. Establishment of an account and provision of services by a 
Reserve Bank under these guidelines is not an endorsement or approval 
by the Federal Reserve of the institution. Nothing in the Board's 
guidelines relieves any institution from compliance with obligations 
imposed by the institution's supervisors and regulators.
---------------------------------------------------------------------------

    \5\ The conditions imposed could include, for example, 
establishing a cap on the amount of balances held in the account. In 
addition, the Board may authorize a Reserve Bank to pay a different 
rate of interest on balances held in the account or may limit the 
amount of balances in the account that receive interest.
---------------------------------------------------------------------------

    Accordingly, Reserve Banks should evaluate how each institution 
requesting access to an account and services will meet the following 
principles.\6\ Each principle identifies factors that Reserve Banks 
should consider when evaluating an institution against the specific 
risk targeted by the principle (several factors are pertinent to more 
than one principle). The identified factors are commonly used in the 
regulation and supervision of federally-insured institutions. As a 
result, the Board anticipates the application of the account access 
guidelines to access requests by federally-insured institutions will be 
fairly straightforward in most cases. However, Reserve Bank assessments 
of access requests from non-federally insured institutions may require 
more extensive due diligence. Reserve Banks monitor and analyze the 
condition of institutions with access to accounts and services on an 
ongoing basis. Reserve Banks should use the guidelines to re-evaluate 
the risks posed by an institution in cases where its condition 
monitoring and analysis indicate potential changes in the risk profile 
of an institution, including a significant change to the institution's 
business model.
---------------------------------------------------------------------------

    \6\ The principles are designed to address risks posed by an 
institution having access to an account and services, ranging from 
narrow risks (e.g., to an individual Reserve Bank) to broader risks 
(e.g., to the overall economy). Review activities performed by the 
Reserve Bank may address several principles at once.
---------------------------------------------------------------------------

    1. Each institution requesting an account or services must be 
eligible under the Federal Reserve Act or other federal statute to 
maintain an account at a Federal Reserve Bank (Reserve Bank) and 
receive Federal Reserve services and should have a well-founded, clear, 
transparent, and enforceable legal basis for its operations.\7\
---------------------------------------------------------------------------

    \7\ These principles do not apply to accounts and services 
provided by a Reserve Bank (i) as depository and fiscal agent, such 
as those provided for the Treasury and for certain government-
sponsored entities (12 U.S.C. 391, 393-95, 1823, 1435), (ii) to 
certain international organizations (22 U.S.C. 285d, 286d, 290o-3, 
290i-5, 290l-3), (iii) to designated financial market utilities (12 
U.S.C. 5465), (iv) pursuant to the Board's Regulation N (12 CFR 
214), or (v) pursuant to the Board's Guidelines for Evaluating Joint 
Account Requests.
---------------------------------------------------------------------------

    a. Unless otherwise specified by federal statute, only those 
entities that are member banks or meet the definition of a depository 
institution under section

[[Page 12960]]

19(b) of the Federal Reserve Act are legally eligible to obtain Federal 
Reserve accounts and financial services.\8\
---------------------------------------------------------------------------

    \8\ Unless otherwise expressly excluded under the previous 
footnote, these principles apply to account requests from all 
institutions, including member banks or other entities that meet the 
definition of a depository institution under section 19(b), as well 
as Edge and Agreement corporations (12 U.S.C. 601-604a, 611-631), 
and U.S. branches and agencies of foreign banks (12 U.S.C. 347d).
---------------------------------------------------------------------------

    b. The Reserve Bank should assess the consistency of the 
institution's activities and services with applicable laws and 
regulations, such as Article 4A of the Uniform Commercial Code and the 
Electronic Fund Transfer Act. The Reserve Bank should also consider 
whether the design of the institution's services would impede 
compliance by the institution's customers with U.S. sanctions programs, 
Bank Secrecy Act (BSA) and anti-money-laundering (AML) requirements or 
regulations, or consumer protection laws and regulations.
    2. Provision of an account and services to an institution should 
not present or create undue credit, operational, settlement, cyber or 
other risks to the Reserve Bank.
    a. The Reserve Bank should incorporate, to the extent possible, the 
assessments of an institution by state and/or federal supervisors into 
its independent assessment of the institution's risk profile.
    b. The Reserve Bank should confirm that the institution has an 
effective risk management framework and governance arrangements to 
ensure that the institution operates in a safe and sound manner, during 
both normal conditions and periods of idiosyncratic and market stress.
    i. For these purposes, effective risk management includes having a 
robust framework, including policies, procedures, systems, and 
qualified staff, to manage applicable risks. The framework should at a 
minimum identify, measure, and control the particular risks posed by 
the institution's business lines, products and services. The 
effectiveness of the framework should be further supported by internal 
testing and internal audit reviews.
    ii. The framework should be subject to oversight by a board of 
directors (or similar body) as well as oversight by state and/or 
federal banking supervisor(s).
    iii. The framework should clearly identify all risks that may arise 
related to the institution's business (e.g., legal, credit, liquidity, 
operational, custody, investment) as well as objectives regarding the 
risk tolerances for the management of such risks.
    c. The Reserve Bank should confirm that the institution is in 
substantial compliance with its supervisory agency's regulatory and 
supervisory requirements.
    d. The institution must, in the Reserve Bank's judgment:
    i. Demonstrate an ability to comply, were it to obtain a master 
account, with Board orders and policies, Reserve Bank agreements and 
operating circulars, and other applicable Federal Reserve requirements.
    ii. Be in sound financial condition, including maintaining adequate 
capital to continue as a going concern and to meet its current and 
projected operating expenses under a range of scenarios.
    iii. Demonstrate the ability, on an ongoing basis (including during 
periods of idiosyncratic or market stress), to meet all of its 
obligations in order to remain a going concern and comply with its 
agreement for a Reserve Bank account and services, including by 
maintaining:
    A. Sufficient liquid resources to meet its obligations to the 
Reserve Bank under applicable agreements, operating circulars, and 
Board policies;
    B. The operational capacity to ensure that such liquid resources 
are available to satisfy all such obligations to the Reserve Bank on a 
timely basis; and
    C. Settlement processes designed to appropriately monitor balances 
in its Reserve Bank account on an intraday basis, to process 
transactions through its account in an orderly manner and maintain/
achieve a positive account balance before the end of the business day.
    iv. Have in place an operational risk framework designed to ensure 
operational resiliency against events associated with processes, 
people, and systems that may impair the institution's use and 
settlement of Reserve Bank services. This framework should consider 
internal and external factors, including operational risks inherent in 
the institution's business model, risks that might arise in connection 
with its use of any Reserve Bank account and services, and cyber-
related risks. At a minimum, the operational risk framework should:
    A. Identify the range of operational risks presented by the 
institution's business model (e.g., cyber vulnerability, operational 
failure, resiliency of service providers), and establish sound 
operational risk management objectives to address such risks;
    B. Establish sound governance arrangements, rules, and procedures 
to oversee and implement the operational risk management framework;
    C. Establish clear and appropriate rules and procedures to carry 
out the risk management objectives;
    D. Employ the resources necessary to achieve its risk management 
objectives and implement effectively its rules and procedures, 
including, but not limited to, sound processes for physical and 
information security, internal controls, compliance, program 
management, incident management, business continuity, audit, and well-
qualified personnel; and
    E. Support compliance with the electronic access requirements, 
including security measures, outlined in the Reserve Banks' Operating 
Circular 5 and its supporting documentation.
    3. Provision of an account and services to an institution should 
not present or create undue credit, liquidity, operational, settlement, 
cyber or other risks to the overall payment system.
    a. The Reserve Bank should incorporate, to the extent possible, the 
assessments of an institution by state and/or federal supervisors into 
its independent assessment of the institution's risk profile.
    b. The Reserve Bank should confirm that the institution has an 
effective risk management framework and governance arrangements to 
limit the impact that idiosyncratic stress, disruptions, outages, cyber 
incidents, or other incidents at the institution might have on other 
institutions and the payment system broadly. The framework should 
include:
    i. Clearly defined operational reliability objectives and policies 
and procedures in place to achieve those objectives.
    ii. A business continuity plan that addresses events that have the 
potential to disrupt operations and a resiliency objective to ensure 
the institution can resume services in a reasonable timeframe.
    iii. Policies and procedures for identifying risks that external 
parties may pose to sound operations, including interdependencies with 
affiliates, service providers, and others.
    c. The Reserve Bank should identify actual and potential 
interactions between the institution's use of a Reserve Bank account 
and services and (other parts of) the payment system.
    i. The extent to which the institution's use of a Reserve Bank 
account and services might restrict funds from being available to 
support the liquidity needs of other institutions should also be 
considered.
    d. The institution must, in the Reserve Bank's judgment:

[[Page 12961]]

    i. Be in sound financial condition, including maintaining adequate 
capital to continue as a going concern and to meet its current and 
projected operating expenses under a range of scenarios.
    ii. Demonstrate the ability, on an ongoing basis (including during 
periods of idiosyncratic or market stress), to meet all of its 
obligations in order to remain a going concern and comply with its 
agreement for a Reserve Bank account and services, including by 
maintaining:
    A. Sufficient liquid resources to meet its obligations to the 
Reserve Bank under applicable agreements, Operating Circulars, and 
Board policies;
    B. The operational capacity to ensure that such liquid resources 
are available to satisfy all such obligations to the Reserve Bank on a 
timely basis; and
    C. Settlement processes designed to appropriately monitor balances 
in its Reserve Bank account on an intraday basis, to process 
transactions through its account in an orderly manner and maintain/
achieve a positive account balance before the end of the business day.
    iii. Have in place an operational risk framework designed to ensure 
operational resiliency against events associated with processes, 
people, and systems that may impair the institution's payment system 
activities. This framework should consider internal and external 
factors, including operational risk inherent in the institution's 
business model, risk that might arise in connection with its use of the 
payment system, and cyber-related risks. At a minimum, the framework 
should:
    A. Identify the range of operational risks presented by the 
institution's business model (e.g., cyber vulnerability, operational 
failure, resiliency of service providers), and establish sound 
operational risk-management objectives;
    B. Establish sound governance arrangements, rules, and procedures 
to oversee the operational risk management framework;
    C. Establish clear and appropriate rules and procedures to carry 
out the risk management objectives;
    D. Employ the resources necessary to achieve its risk management 
objectives and implement effectively its rules and procedures, 
including, but not limited to, sound processes for physical and 
information security, internal controls, compliance, program 
management, incident management, business continuity, audit, and well-
qualified personnel.
    4. Provision of an account and services to an institution should 
not create undue risk to the stability of the U.S. financial system.
    a. The Reserve Bank should incorporate, to the extent possible, the 
assessments of an institution by state and/or federal supervisors into 
its independent assessment of the institution's risk profile.
    b. The Reserve Bank should determine, in coordination with the 
other Reserve Banks and Board, whether the access to an account and 
services by an institution itself or a group of like institutions could 
introduce financial stability risk to the U.S. financial system.
    c. The Reserve Bank should confirm that the institution has an 
effective risk management framework and governance arrangements for 
managing liquidity, credit, and other risks that may arise in times of 
financial or economic stress.
    d. The Reserve Bank should consider the extent to which, especially 
in times of financial or economic stress, liquidity or other strains at 
the institution may be transmitted to other segments of the financial 
system.
    e. The Reserve Bank should consider the extent to which, especially 
during times of financial or economic stress, access to an account and 
services by an institution itself (or a group of like institutions) 
could affect deposit balances across U.S. financial institutions more 
broadly and whether any resulting movements in deposit balances could 
have a deleterious effect on U.S. financial stability.
    i. Balances held in Reserve Bank accounts are high-quality liquid 
assets, making them very attractive in times of financial or economic 
stress. For example, in times of stress, investors that would otherwise 
provide short-term funding to nonfinancial firms, financial firms, and 
state and local governments could rapidly withdraw that funding and 
instead deposit their funds with an institution holding mostly central 
bank balances. If the institution is not subject to capital 
requirements similar to a federally-insured institution, it can more 
easily expand its balance sheet during times of stress; as a result, 
the potential for sudden and significant deposit inflows into that 
institution is particularly large, which could disintermediate other 
parts of the financial system, greatly amplifying stress.
    5. Provision of an account and services to an institution should 
not create undue risk to the overall economy by facilitating activities 
such as money laundering, terrorism financing, fraud, cybercrimes, 
economic or trade sanctions violations, or other illicit activity.
    a. The Reserve Bank should incorporate, to the extent possible, the 
assessments of an institution by state and/or federal supervisors into 
its independent assessment of the institution's risk profile.
    b. The Reserve Bank should confirm that the institution has a BSA/
AML compliance program consisting of the components set out below and 
in relevant regulations.\9\
---------------------------------------------------------------------------

    \9\ Refer to 12 CFR 208.62 and 63, 12 CFR 211.5(k), 5(m), 24(f), 
and 24(j), and 12 CFR 225.4(f) (Federal Reserve); 12 CFR 326.8 and 
12 CFR part 353 (FDIC); 12 CFR 748.1-2 (NCUA); 12 CFR 21.11, and 21, 
and 12 CFR 163.180 (OCC); and 31 CFR 1020.210(a) and (b), and 31 CFR 
1020.320 (FinCEN), which are controlling.
---------------------------------------------------------------------------

    i. For these purposes, the Reserve Bank should confirm that the 
institution's BSA/AML compliance program contains the following 
elements: \10\
---------------------------------------------------------------------------

    \10\ Reserve Banks may reference the FFIEC BSA/AML Manual. These 
guidelines may be updated to reflect any changes to relevant 
regulations.
---------------------------------------------------------------------------

    A. A system of internal controls, including policies and 
procedures, to ensure ongoing BSA/AML compliance;
    B. Independent audit and testing of BSA/AML compliance to be 
conducted by bank personnel or by an outside party;
    C. Designation of an individual or individuals responsible for 
coordinating and monitoring day-to-day compliance (BSA compliance 
officer);
    D. Ongoing training for appropriate personnel, tailored to each 
individual's specific responsibilities, as appropriate;
    E. Appropriate risk-based procedures for conducting ongoing 
customer due diligence to include, but not limited to, understanding 
the nature and purpose of customer relationships for the purpose of 
developing a customer risk profile and conducting ongoing monitoring to 
identify and report suspicious transactions and, on a risk basis, to 
maintain and update customer information;
    c. The Reserve Bank should confirm that the institution has a 
compliance program designed to support its compliance with the Office 
of Foreign Assets Control (OFAC) regulations at 31 CFR Chapter V.\11\
---------------------------------------------------------------------------

    \11\ Reserve Banks may reference the OFAC section of the FFIEC 
BSA/AML Manual. These guidelines may be updated to reflect any 
changes to relevant regulations.
---------------------------------------------------------------------------

    i. For these purposes, the Reserve Bank may review the 
institution's written OFAC compliance program, provided one has been 
created, and confirm that it is commensurate with the institution's 
OFAC risk profile. An OFAC compliance program should identify higher-
risk areas, provide for appropriate internal controls for

[[Page 12962]]

screening and reporting, establish independent testing for compliance, 
designate a bank employee or employees as responsible for OFAC 
compliance, and create a training program for appropriate personnel in 
all relevant areas of the institution.
    6. Provision of an account and services to an institution should 
not adversely affect the Federal Reserve's ability to implement 
monetary policy.
    a. The Reserve Bank should incorporate, to the extent possible, the 
assessments of an institution by state and/or federal supervisors into 
its independent assessment of the institution's risk profile.
    b. The Reserve Bank should determine, in coordination with the 
other Reserve Banks and the Board, whether access to an account and 
services by an institution itself or a group of like institutions could 
have an effect on the implementation of monetary policy.
    c. The Reserve Bank should consider, among other things, whether 
access to a Reserve Bank account and services by the institution could 
affect the level and variability of the demand for and supply of 
reserves, the level and volatility of key policy interest rates, the 
structure of key short-term funding markets, and on the overall size of 
the consolidated balance sheet of the Reserve Banks. The Reserve Bank 
should consider the implications of providing an account to the 
institution in normal times as well as in times of stress. This 
consideration should occur regardless of the current monetary policy 
implementation framework in place.
Section 2: Tiered Review Framework
    The tiered review framework in this section is meant to serve as a 
guide to the level of due diligence and scrutiny to be applied by 
Reserve Banks to different types of institutions. Although institutions 
in a higher tier will face greater due diligence and scrutiny than 
institutions in a lower tier, a Reserve Bank has the authority to grant 
or deny an access request by an institution in any of the three 
proposed tiers, based on the Reserve Bank's application of the 
Guidelines in Section 1 to that particular institution.
    1. Tier 1: Eligible institutions that are federally insured.
    a. As federally-insured depository institutions, Tier 1 
institutions are already subject to a standard, strict, and 
comprehensive set of federal banking regulations.
    b. In addition, for most Tier 1 institutions, detailed regulatory 
and financial information would in most cases be readily available, 
often in public form.
    c. Accordingly, access requests by Tier 1 institutions will 
generally be subject to a less intensive and more streamlined review.
    d. In cases where the application of the Guidelines to Tier 1 
institutions identifies potentially higher risk profiles, the 
institutions will receive additional attention.
    2. Tier 2: Eligible institutions that are not federally insured, 
but that are subject to federal prudential supervision at the 
institution and, if applicable, at the holding company level.
    a. Although not federally insured, Tier 2 institutions are subject 
to prudential supervision at the institution level by a federal banking 
agency (by statute). In addition, any holding company of a Tier 2 
institution would be subject to Federal Reserve oversight (by statute 
or by commitments).
    b. Tier 2 institutions are subject to a similar, but not identical, 
set of regulations as federally-insured institutions. As a result, Tier 
2 institutions may still present greater risks than Tier 1 
institutions.
    c. In addition, detailed regulatory and financial information 
regarding such institutions may be less available or may not be 
available in public form.
    d. Accordingly, account access requests by Tier 2 institutions will 
generally receive an intermediate level of review.
    3. Tier 3: Eligible institutions that are not federally insured and 
that are not subject to federal prudential supervision at the 
institution and holding company level.
    a. Tier 3 institutions may be subject to a supervisory or 
regulatory framework that is substantially different from, and less 
rigorous than, the supervisory and regulatory framework that applies to 
federally-insured institutions.
    b. In addition, detailed regulatory and financial information 
regarding Tier 3 institutions may not exist or may be unavailable.
    c. Accordingly, Tier 3 institutions will generally receive the 
strictest level of review.

    By order of the Board of Governors of the Federal Reserve 
System.
Ann Misback,
Secretary of the Board.
[FR Doc. 2022-04897 Filed 3-7-22; 8:45 am]
BILLING CODE 6210-01-P