Skip to Content

Notice

Bank Holding Company Rating System

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

Board of Governors of the Federal Reserve System.

ACTION:

Notice and request for comment.

SUMMARY:

The increased complexity of the U.S. banking industry has necessitated over time a shift in the focus of the Federal Reserve's supervisory practices for bank holding companies (BHCs), including financial holding companies (FHCs), away from historical analyses of financial condition toward more forward looking assessments of risk management and financial factors. While the emphasis on risk management has been well established in the Federal Reserve's supervisory processes for BHCs of all sizes, this emphasis is not reflected in the primary components of the current BHC supervisory rating system, BOPEC (Bank subsidiaries, Other subsidiaries, Parent, Earnings, Capital). This document proposes a revised BHC rating system that emphasizes risk management; introduces a more comprehensive and adaptable framework for analyzing and rating financial factors; and provides a framework for assessing and rating the potential impact of the nondepository entities of a holding company on the subsidiary depository institution(s). After reviewing public comments, the Federal Reserve intends to make any necessary changes to the proposal and adopt a final BHC rating system.

DATES:

Comments must be received by September 21, 2004.

ADDRESSES:

You may submit comments, identified by Docket No. OP-1207, by any of the following methods:

Board's Web Site: http://www.federalreserve.gov. Follow the instructions for submitting comments at http://www.federalreserve.gov/​generalinfo/​foia/​ProposedRegs.cfm.

Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.

E-mail: regs.comments@federalreserve.gov. Include docket number in the subject line of the message.

Fax: (202) 452-3819 or (202) 452-3102.

Mail: Jennifer J. Johnson, Secretary, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551.

All public comments are available from the Board's Web site at http://www.federalreserve.gov/​generalinfo/​foia/​ProposedRegs.cfm as submitted, except as necessary for technical reasons. Accordingly, your comments will not be edited to remove any identifying or contact information. Public comments also may be viewed electronically or in paper form in Room MP-500 of the Board's Martin Building (C and 20th Streets, NW.) between 9 a.m. and 5 p.m. on weekdays.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Deborah Bailey, Associate Director, (202-452-2634), Barbara Bouchard, Deputy Associate Director, (202-452-3072), Molly Mahar, Senior Supervisory Financial Analyst, (202-452-2568), or Anna Lee Hewko, Supervisory Financial Analyst, (202-530-6260). For users of Telecommunications Device for the Deaf (“TDD”) only, contact (202) 263-4869.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

Background

The BHC rating system is a management information and supervisory tool that defines the condition of BHCs in a systematic way. It serves three primary purposes in the supervisory process. First and foremost, the BHC rating provides a summary evaluation of the BHC's condition for use by the supervisory community. Second, the BHC ratings form the basis of supervisory responses and actions. Third, the BHC rating system provides the basis for supervisors' discussion of the firm's condition with BHC management. The current BHC rating system was implemented in 1979. Known as BOPEC/F-M, the rating system components are defined as follows:

  • The B rating represents the Federal Reserve's view of the condition of the banking subsidiary(ies).
  • The O rating represents the Federal Reserve's view of the condition of the nonbank subsidiary(ies).
  • The P rating represents the Federal Reserve's view of the condition of the parent company.
  • The E and C represent the Federal Reserve's view of the consolidated capital and earnings position of the BHC, respectively.
  • The F rating represents the financial composite rating, whereas the M represents the management composite rating.

During the almost 25 years since the BOPEC/F-M rating system was introduced, the banking industry has become increasingly concentrated and complex. BHCs with assets exceeding $10 billion, as of year-end 2003, accounted for over 83 percent of total company assets, up from 66 percent, as of year-end 1992. In addition, the growing depth and sophistication of financial markets in the United States and around the world has introduced a wider range of activities undertaken by banking institutions. The Gramm-Leach-Bliley Act of 1999 further raised the complexity of the U.S. banking industry by expanding the range of Start Printed Page 43997acceptable activities for FHCs, a subset of BHCs. This upsurge in BHC complexity prompted a fundamental shift in supervisory focus away from historical financial analyses toward more forward-looking assessments of risk management and financial factors.

In response to these developments, commencing in 1996 with the implementation of SR 95-51[1] , the Federal Reserve's safety and soundness supervisory staff have assigned a formal supervisory rating to the adequacy of risk management processes at all BHCs, although that rating remains separate from the BOPEC/F-M rating system. As the banking industry has continued to evolve over the past eight years, the focus of the Federal Reserve's examination program for BHCs has increasingly centered on a comprehensive review of financial risk and the adequacy of risk management. However, the BOPEC/F-M rating system has not been updated to facilitate a broader assessment of financial risk or to emphasize risk management, reducing the significance of supervisory information conveyed by the rating.

To better align the assessment process for BHCs with current supervisory practices, the Federal Reserve identified the following key objectives for a new BHC rating system:

  • Elevate the prominence of risk management in the rating system in order to align the emphasis of the rating system with that of our supervisory process;
  • Provide a more comprehensive framework for assessing risk management;
  • Define the financial strength components of the rating system in a more comprehensive and flexible manner, to ensure that the unique structure of each BHC is recognized, and that the related impact of that structure on the depository institution subsidiaries is evaluated; and
  • Require an explicit determination as to the likelihood that the BHC and its nondepository subsidiaries (nondepository entities) will have a significant negative impact on the depository subsidiaries, considering the effectiveness of risk management systems and the financial strength of the nondepository entities.

The Federal Reserve believes that the BHC rating system proposed below satisfies these objectives. It also believes that the proposed rating system is flexible enough to remain relevant as the banking industry continues to evolve.

As under the current BHC rating system, all BHCs would be assigned a rating, although they would be subject to differing degrees of supervisory scrutiny depending on their size and complexity, the significance of their depository subsidiary(ies), and other factors. For example, the small shell BHC inspection program would remain in place. Certain noncomplex BHCs with consolidated assets of less than $1 billion in which all subsidiary depository institutions have satisfactory composite and management ratings would receive only a composite rating and a risk management rating, which would be based on the composite and management ratings of the lead depository institution. Further details are provided in the implementation guidance section of the proposal.

The Federal Reserve recognizes that certain regulations and administrative processes, such as expedited application processing, currently use a BHC's composite or BOPEC component rating in determining the BHC's status under those regulations. It would expect to conform those regulations and processes to incorporate any changes made to the BHC rating system.

Proposed Text of the Bank Holding Company Rating System

Bank Holding Company Rating System

Introduction and Overview

The bank holding company (BHC) rating system takes into consideration certain financial, managerial, and compliance factors that are common to all BHCs. Under this system, the Federal Reserve endeavors to ensure that all BHCs are evaluated in a comprehensive and uniform manner, and that supervisory attention is appropriately focused on the BHCs exhibiting financial and operational weaknesses or adverse trends. The rating system serves as a useful vehicle for identifying problem or deteriorating BHCs, as well as for categorizing BHCs with deficiencies in particular areas. Further, the rating system assists the Federal Reserve in following safety and soundness trends and in assessing the aggregate strength and soundness of the financial industry.

Each BHC[2] is assigned a composite rating (C) based on an evaluation and rating of three essential components and eight subcomponents of an institution's financial condition and operations. The main components represent: R - risk management; F - financial condition; I - impact of the parent company and nondepository subsidiaries (collectively nondepository entities) on the subsidiary depository institutions. A fourth rating, (D), will generally mirror the primary regulator's assessment of the subsidiary depository institutions. Thus, the component and composite ratings are displayed:

R F I / C (D)

In order to provide a consistent framework for assessing risk management, the R component is supported by four qualitatively rated subcomponents that reflect the effectiveness of the banking organization's risk management and controls. The subcomponents are: Competence of Board and Senior Management; Policies, Procedures, and Limits; Risk Monitoring and Management Information Systems; and, Internal Controls. The F component is supported by four numerically rated subcomponents reflecting an assessment of the quality of the banking organization's C - capital; A - asset quality; E - earnings; and L - liquidity.

With the exception of the risk management subcomponents, composite, component, and subcomponent ratings are assigned based on a 1 to 5 numerical scale. A 1 indicates the highest rating, strongest performance and practices, and least degree of supervisory concern, whereas a 5 indicates the lowest rating, weakest performance, and the highest degree of supervisory concern. Given that the level of detail in the analysis of the risk management subcomponents does not lend itself to rating on a five-point scale, the subcomponents will be assigned a qualitative rating of Strong, Adequate, or Weak.

The composite rating generally bears a close relationship to the component ratings assigned. Each component rating is based on a qualitative analysis of the factors comprising that component and its interrelationship with the other components. When assigning a composite rating, some components may be given more weight than others depending on the situation of the BHC. In general, assignment of a composite rating may incorporate any factor that bears significantly on the overall condition and soundness of the BHC. Therefore, the composite rating is not derived by computing the arithmetic average of the component ratings.

The following three sections contain detailed descriptions of the composite, component, and subcomponent ratings, definitions of the ratings, and implementation guidance by BHC type.

Start Printed Page 43998

I. Description of the Rating System Elements

The “R” (Risk Management) Component

  • R represents an evaluation of the ability of the board of directors and senior management to identify, measure, monitor, and control risk. The R rating will underscore the importance of the control environment, taking into consideration the financial complexity and strength of the organization and the risk inherent in its activities.
  • The R rating is supported by four subcomponents that are each assigned a separate qualitative rating (strong, adequate, or weak[3] ). The four subcomponents are as follows: 1) Competence of the Board and Senior Management; 2) Policies, Procedures and Limits; 3) Risk Monitoring and Management Information Systems; and 4) Internal Controls.[4] The subcomponents will be evaluated in the context of the risks undertaken by and inherent to a banking organization and the overall level of complexity of the firm's operations.
  • The subcomponents provide the Federal Reserve System with a consistent framework for evaluating risk management and the control environment. Moreover, the subcomponents provide a clear structure and basis for discussion of the R rating with BHC management.
  • The subcomponents reflect the principles of SR 95-51, are familiar to examiners, and parallel the existing risk assessment process.

“R” Component Subcomponents[5]

Competence of the Board and Senior Management

This subcomponent evaluates the adequacy and effectiveness of board and senior management oversight, and the general capabilities of management. This analysis will include a review of management's ability to identify and understand the risks undertaken by the institution, to hire competent staff, and to respond to changes in the institution's risk profile or innovations in the banking sector.

Policies, Procedures and Limits

This subcomponent evaluates the adequacy of a BHC's policies, procedures, and limits given the risks inherent in the activities of the consolidated BHC and the organization's stated goals and objectives. This analysis will include consideration of the adequacy of the institution's accounting and risk disclosure policies and procedures.

Risk Monitoring and Management Information Systems

This subcomponent assesses the adequacy of a BHC's risk measurement and monitoring, and the adequacy of its management reports and information systems. This analysis will include a review of the assumptions, data and procedures used to measure risk and the consistency of these tools with the level of complexity of the organization's activities.

Internal Controls

This subcomponent evaluates the adequacy of a BHC's internal controls and audit procedures, including the accuracy of financial reporting and disclosure and the strength and influence, within the organization, of the audit team. This analysis will also include a review of the independence of control areas from business lines and the consistency of the scope coverage of the audit team with the complexity of the organization.

The “F” (Financial Condition) Component

  • F represents an evaluation of the consolidated organization's financial strength. The F rating focuses on the ability of the BHC's resources to support the level of risk associated with its activities, while taking into consideration the ability of management to identify, measure, monitor and control those risks.
  • The analysis of the F component will encompass a review of financial issues at the parent company and nondepository subsidiaries and an assessment of the financial impact of those nondepository entities on the depository institution subsidiaries. This review should include discussions with management, an examination of internal documents and procedures, and all relevant public information, including market indicators.
  • Any significant difference between the Federal Reserve's view of the financial condition of the consolidated BHC, based on public and nonpublic information, and the market's view of the consolidated company should be thoroughly assessed to determine the cause of the disparity. If the Federal Reserve's view of the BHC is significantly more positive than the market's view of the BHC, then examination staff should review the factors that influenced the market's assessment of the company, and include those influences in their assessment of the financial condition of the BHC, as appropriate. Alternatively, if the Federal Reserve's view of the BHC is more negative than the market's view of the company, then examination staff should assess the effectiveness of the policies, procedures and controls around the BHC's public disclosures. Any deficiencies in those controls should be factored into the overall risk management (R) rating and the appropriate risk management subcomponent ratings.
  • The F rating is supported by four subcomponents that consist of the following: C (capital), A (asset quality), E (earnings), and L (liquidity). The CAEL subcomponents can be evaluated along individual business lines, product lines, or on a legal entity basis, depending on what is most appropriate given the structure of the organization. The assessment of the CAEL components should utilize benchmarks and metrics appropriate to the business activity being evaluated.
  • The weight afforded to each of the CAEL subcomponents in developing the overall F component rating will depend on the relative importance of each subcomponent to the consolidated organization, as well as the severity of the rating assigned to each subcomponent.

“F” Component (CAEL) Subcomponents

In evaluating each of the CAEL subcomponents, examination staff should include a review of relevant market indicators, such as equity and debt prices, debt ratings, credit spreads, and qualitative rating agency assessments.

“C” Capital Adequacy

C reflects the adequacy of an organization's consolidated capital position, from a regulatory perspective and an economic capital perspective, as appropriate to the BHC. The evaluation of capital adequacy should consider the risk inherent in an organization's activities, the distribution of capital across legal entities, and the transferability of capital among legal entities.

“A” Asset Quality

A reflects the quality of an organization's consolidated assets. The evaluation should include, as Start Printed Page 43999appropriate, on-balance sheet and off-balance sheet exposures and the attendant risks, the level of criticized and nonperforming assets, the adequacy of underwriting standards, the level of concentration risk, the adequacy of credit administration policies and procedures, and the adequacy of management information systems for credit risk.

“E” Earnings

E reflects the quality of consolidated earnings. The evaluation considers the level, trend, and sources of earnings, as well as the ability of earnings to augment capital as necessary, to provide ongoing support for a BHC's activities. The earnings analysis should also consider the generation of earnings across legal entities and the implications of that distribution.

“L” Liquidity

L reflects the organization's ability to attract and maintain the sources of funds necessary to support its operations and meet its obligations, both on a consolidated basis and across legal entities. The L assessment requires an analysis of parent company cash flow, as well as an analysis of liquidity on a legal entity basis. The funding conditions for each of the legal entities in the holding company structure should be evaluated to determine if any weaknesses exist that could affect the funding profile of the consolidated organization or the subsidiary depository institution(s).

The “I” (Impact) Component

  • The I component is rated on a five point numerical scale. Ratings will be assigned in ascending order of supervisory concern as follows:

1 - low likelihood of significant negative impact;

2 - limited likelihood of significant negative impact;

3 - moderate likelihood of significant negative impact;

4 - considerable likelihood of significant negative impact; and

5 - high likelihood of significant negative impact.

  • The I component is an assessment of the impact of the nondepository entities on the subsidiary depository institution(s). The I assessment will consider an evaluation of both the risk management practices and financial condition of the nondepository entities--an analysis that will borrow heavily from the analysis conducted for the R and F components. Further, in rating the I component, examination staff is required to evaluate the degree to which current or potential issues within those entities present a threat to the safety and soundness of the subsidiary depository institution(s). In this regard, the I component will give a clearer indication of the degree of risk posed by the nondepository entity(ies) to the federal safety net than the current rating system.
  • The I component focuses on the aggregate impact of the nondepository entities on the subsidiary depository institution(s). In this regard, the I rating does not include individual subcomponent ratings for the parent company and nondepository subsidiaries. Any risk management and financial issues at the parent company and/or nondepository subsidiaries that potentially impact the safety and soundness of the subsidiary depository institution(s) should be identified in the written comments under the I rating. This approach is consistent with the Federal Reserve's objective not to extend bank-like supervision to nondepository entities.
  • The analysis of the parent company for the purpose of assigning an I rating should emphasize weaknesses that impair the parent company's ability to provide support to its subsidiary depository institution(s) and weaknesses that directly impact the risk management or financial condition of the subsidiary depository institution(s).
  • Similarly, the analysis of the nondepository subsidiaries for the purpose of assigning an I rating should emphasize weaknesses that impact the ability of the parent company to support the subsidiary depository institution(s) and weaknesses that have a direct impact on the risk management practices or financial condition of the subsidiary depository institution(s).
  • The analysis under the I component should consider existing as well as potential issues and risks that may impact the subsidiary depository institution(s) now or in the future.

The Reserve Bank should pay particular attention to the following risk management and financial factors in assigning the I rating:

Risk Management Factors

  • Strategic Considerations: The potential risks posed to the subsidiary depository institution(s) by the parent company and/or nondepository subsidiaries' strategic plans for growth in existing activities and expansion into new products and services;
  • Operational Considerations: The spillover impact on the subsidiary depository institution(s) from actual losses, a poor control environment, or an operational loss history of the nondepository entities; and,
  • Legal and Reputational Considerations: The spillover effect on the subsidiary depository institution(s) of complaints and litigation that name the parent company and/or nondepository subsidiaries as defendants, or violations of laws or regulations, especially pertaining to intercompany transactions where the subsidiary depository institution(s) is involved.
  • Concentration Considerations: The potential risks posed to the subsidiary depository institution(s) by concentrations within the nondepository entities in business lines, geographic areas, industries, customers, or other factors.

Financial Factors

  • Capital Distribution: The distribution of capital across the organization, given that, in general, the Federal Reserve cannot unilaterally require the capital of a functionally regulated entity to be transferred to the subsidiary depository institution(s);
  • Intra-Group Exposures: The extent to which intra-group exposures, including servicing agreements, credit concentrations, and derivative and payment system exposures, have the potential to undermine the condition of subsidiary depository institution(s); and,
  • Parent Company Cash Flow and Leverage: The extent to which the parent company is dependent on dividend payments, from both the nondepository subsidiaries and the subsidiary depository institution(s), to service debt and cover fixed charges. Also, the effect that these upstreamed cash flows have had, or can be expected to have, on the financial condition of the BHC's nondepository subsidiaries and subsidiary depository institution(s).

The “C” (Composite) Rating

  • C represents the overall composite assessment of the organization based on the quality and effectiveness of consolidated risk management, the BHC's consolidated financial strength, and the impact of the parent company and nondepository subsidiaries on the subsidiary depository institution(s). The composite rating encompasses both a forward-looking and static assessment of the consolidated organization, and incorporates an assessment of issues related to the ability of the parent company and nondepository subsidiaries to act as a source of support to the subsidiary depository institution(s). The C rating is not derived as a simple average of the R, F, I and (D) components, but instead, reflects examiner judgement with respect to the relative importance of Start Printed Page 44000each of the components to the overall safety and soundness of the institution's operations.

The “(D)” (Depository Institutions) Component

  • The (D) component will generally reflect the composite CAMELS rating assigned by the subsidiary depository institution's primary regulator. In a multi-bank BHC, the (D) rating will reflect the combined CAMELS composite ratings of the individual subsidiary depository institutions, and will consider both asset size and the relative importance of each depository institution within the holding company structure. In this regard, the CAMELS composite rating for a subsidiary depository institution that dominates the corporate culture may figure more prominently in the assignment of the (D) rating than normally dictated by asset size, particularly when problems exist within that depository institution.
  • If in the process of analyzing the financial condition and risk management programs of the consolidated organization, a major difference of opinion relative to the safety and soundness of the depository institution emerges between the Federal Reserve and the depository institution's primary regulator, then the (D) rating should reflect the Federal Reserve's evaluation.

II. Rating Definitions for the RFI/C (D) Rating System

“R” (Risk Management) Component and Subcomponents

The R component is rated on a five point numerical scale. Ratings will be assigned in ascending order of supervisory concern as follows:

1 - Strong; 2 - Satisfactory; 3 - Fair; 4 - Marginal; and 5 - Unsatisfactory.

Rating 1 (Strong). A rating of 1 indicates that management effectively identifies and controls all major types of risk posed by the BHC's activities, including those emanating from new products and changing market conditions. The board and management are active participants in managing risk. Management ensures that appropriate policies and limits exist and are understood, reviewed, and approved by the board. Policies and limits are supported by risk monitoring procedures, reports, and management information systems that provide management and the board with the information and analysis that is necessary to make timely and appropriate decisions in response to changing conditions. Risk management practices and the organization's infrastructure are flexible and are adjusted appropriately in response to changing industry practices and current regulatory guidance. Staff has sufficient experience, expertise and depth to manage the risks assumed by the institution.

Internal controls and audit procedures are sufficiently comprehensive and appropriate to the size and activities of the institution. There are few noted exceptions to the institution's established policies and procedures, and none is material. Management effectively and accurately monitors the condition of the institution consistent with the standards of safety and soundness, and in accordance with internal and supervisory policies and practices. Risk management processes are fully effective in identifying, monitoring, and controlling the risks to the institution.

Rating 2 (Satisfactory). A rating of 2 indicates that the institution's management of risk is largely effective, but lacking in some modest degree. Management demonstrates a responsiveness and ability to cope successfully with existing and foreseeable risks that may arise in carrying out the institution's business plan. While the institution may have some minor risk management weaknesses, these problems have been recognized and are in the process of being resolved. Overall, board and senior management oversight, policies and limits, risk monitoring procedures, reports, and management information systems are considered satisfactory and effective in maintaining a safe and sound institution. Generally, risks are controlled in a manner that does not require more than normal supervisory attention.

Internal controls may display modest weaknesses or deficiencies, but they are correctable in the normal course of business. The examiner may have recommendations for improvement, but the weaknesses noted should not have a significant effect on the safety and soundness of the institution.

Rating 3 (Fair). A rating of 3 signifies that risk management practices are lacking in some important ways and, therefore, are a cause for more than normal supervisory attention. One or more of the four elements of sound risk management[6] (active board and senior management oversight; adequate policies, procedures, and limits; adequate risk management monitoring, and management information systems; comprehensive internal controls) is considered less than acceptable, and has precluded the institution from fully addressing one or more significant risks to its operations. Certain risk management practices are in need of improvement to ensure that management and the board are able to identify, monitor, and control all significant risks to the institution. Weaknesses may include continued control exceptions or failures to adhere to written policies and procedures that could have adverse effects on the institution. Also, the risk management structure may need to be improved in areas of significant business activity, or staff expertise may not be commensurate with the scope and complexity of business activities. In addition, management's response to changing industry practices and regulatory guidance may need to improve.

The internal control system may be lacking in some important aspects, particularly as indicated by continued control exceptions or by a failure to adhere to written policies and procedures. The risks associated with the internal control system could have adverse effects on the safety and soundness of the institution if corrective action is not taken by management.

Rating 4 (Marginal). A rating of 4 represents marginal risk management practices that generally fail to identify, monitor, and control significant risk exposures in many material respects. Generally, such a situation reflects a lack of adequate guidance and supervision by management and the board. One or more of the four elements of sound risk management is deficient and requires immediate and concerted corrective action by the board and management. A number of significant risks to the institution have not been adequately addressed, and the risk management deficiencies warrant a high degree of supervisory attention.

The institution may have serious identified weaknesses, such as an inadequate separation of duties, that require substantial improvement in internal control or accounting procedures, or improved adherence to supervisory standards or requirements. Unless properly addressed, these conditions may result in unreliable financial records or reports, or operating losses that could seriously affect the safety and soundness of the institution.

Rating 5 (Unsatisfactory). A rating of 5 indicates a critical absence of effective risk management practices with respect to the identification, monitoring, or control over significant risk exposures. One or more of the four elements of Start Printed Page 44001sound risk management is considered wholly deficient, and management and the board have not demonstrated the capability to address these deficiencies.

Internal controls are critically weak and, as such, could seriously jeopardize the continued viability of the institution. If not already evident, there is an immediate concern as to the reliability of accounting records and regulatory reports and the potential for losses if corrective measures are not taken immediately. Deficiencies in the institution's risk management procedures and internal controls require immediate and close supervisory attention.

“R” (Risk Management) Subcategories

The four R subcomponents are each assigned a qualitative rating of Strong, Acceptable or Weak. The following are the descriptions of the ratings as they apply to each of the subcategories.

Competence of Board and Senior Management

Strong Assessment. An assessment of Strong signifies that the board and senior management clearly understand the types of risk inherent in the BHC's activities and actively participate in managing those risks. Policies, limits, and tracking reports are appropriate and understood, reviewed, and approved by the board. Board and senior management are informed about changes in market conditions and respond appropriately. Oversight of risk management practices is strong and the organization's overall business strategy is effective. Risk management practices are appropriately adjusted in accordance with enhancements to industry practices and regulatory guidance, and exposure limits are adjusted as necessary to reflect the institution's changing risk profile.

Staff possesses the experience and expertise consistent with the scope and complexity of the organization's business activities. There is a sufficient depth of staff to ensure sound operations. Management provides adequate supervision of the day-to-day activities of all officers and employees, including the supervision of the senior officers and the heads of business lines. Management ensures that employees have the integrity, ethical values, and competence that are consistent with a prudent management philosophy and operating style.

Management is able to respond to changes in competition or innovations in the marketplace and proactively identifies all risks associated with proposed new activities or products and ensures that the appropriate infrastructure and internal controls are established.

Acceptable Assessment. An assessment of Acceptable indicates that board and senior management oversight is satisfactory. In this regard, the board and senior management have a good understanding of the organization's risk profile, provide adequate oversight of risk management practices, effectively utilize risk management reporting, set appropriate policies and limits, appropriately adapt to changes in market conditions, and develop and executes reasonable business strategies, although these practices may be lacking in some modest degree. The level of staffing, and its experience, expertise, and depth, is sufficient to operate the business lines in a safe and sound manner. Day-to-day supervision of management and staff at all levels is generally effective. Management responds in a timely fashion to changes in competition, innovations in the marketplace, evolving industry practices, and current regulatory guidance, and has in place an effective process for reviewing new activities and products. Minor weaknesses may exist in the staffing, infrastructure, and risk management processes for individual business lines or products, but these weaknesses have been recognized and are in the process of being addressed.

Weak Assessment. An assessment of Weak signifies that deficiencies exist in board and management oversight that require more than normal supervisory attention. The deficiencies may involve a broad range of activities or be material to a major business line or activity. Board and senior management may not be adequately informed as to the type and severity of the deficiencies or have not demonstrated an ability to provide corrective action in a timely manner. The deficiencies may include a lack of knowledge with respect to the organization's risk profile, insufficient oversight of risk management practices, ineffective policies or limits, inadequate or under-utilized management reporting, an inability to respond to industry enhancements and changes in regulatory guidance, or failure to execute appropriate business strategies. Staffing may not be adequate or staff may not possess the experience and expertise needed for the scope and complexity of the organization's business activities, and the day-to-day supervision of officer and staff activities, including the management of senior officers or heads of business lines, may be lacking.

Policies, Procedures and Limits

Strong Assessment. An assessment of Strong indicates that the policies, procedures, and limits provide for effective identification, measurement, monitoring, and control of the risks posed by the lending, investing, trading, trust, fiduciary, and other significant activities. Policies, procedures, and limits are consistent with the institution's goals and objectives and its overall financial strength. The policies clearly delineate accountability and lines of authority across the institution's activities. The policies also provide for the review of new activities to ensure that the infrastructure necessary to identify, monitor, and control the risks is in place before the activities are initiated.

Acceptable Assessment. An assessment of Acceptable indicates that the policies, procedures and limits cover all major business areas, are thorough and substantially up-to-date, and provide a clear delineation of accountability and lines of authority across the institution's activities. Policies, procedures, and limits are generally consistent with the institution's goals and objectives and its overall financial strength. Any deficiencies or gaps that have been identified are minor in nature and in the process of being addressed.

Weak Assessment. An assessment of Weak signifies that deficiencies exist in policies, procedures, and limits that require more than normal supervisory attention. The deficiencies may involve a broad range of activities or be material to a major business line or activity. Board and senior management may not be adequately informed as to the type and severity of the deficiencies or have not demonstrated an ability to provide corrective action in a timely manner. The deficiencies may include policies, procedures, or limits (or the lack thereof) that do not adequately identify, measure, monitor, or control the risks posed by significant activities; are not consistent with the experience of staff, the organization's strategic goals and objectives, or the financial strength of the institution; or do not clearly delineate accountability or lines of authority. Also, the policies may not provide for adequate due-diligence before engaging in new activities or products.

Risk Monitoring and MIS

Strong Assessment. An assessment of Strong indicates that risk monitoring practices and MIS reports address all material risks. The key assumptions, data sources, and procedures used in measuring and monitoring risk are Start Printed Page 44002appropriate, adequately documented, and tested for reliability on an ongoing basis. Reports and other forms of communication are consistent with activities, are structured to monitor exposures and compliance with established limits, goals, or objectives, and compare actual versus expected performance when appropriate. Management and board reports are accurate and timely and contain sufficient information to identify adverse trends and to adequately evaluate the level of risk faced by the institution.

Acceptable Assessment. An assessment of Acceptable indicates that risk monitoring practices and MIS reports cover major risks and business areas. In general, the reports contain valid assumptions that are periodically tested for accuracy and reliability and are properly documented and distributed to the appropriate decision-makers. Reports and other forms of communication generally are consistent with activities, are structured to monitor exposures and compliance with established limits, goals, or objectives, and compare actual versus expected performance when appropriate. Management and board reports are accurate and timely, although they may be lacking in some modest degree. Any weaknesses or deficiencies that have been identified are in the process of being addressed.

Weak Assessment. An assessment of Weak signifies that deficiencies exist in the risk monitoring practices or the MIS reports that require more than normal supervisory attention. The deficiencies may involve a broad range of activities or be material to a major business line or activity. Board and senior management may not be adequately informed as to the type and severity of the deficiencies or have not demonstrated an ability to provide corrective action in a timely manner. The deficiencies contribute to ineffective risk identification through inappropriate assumptions, incorrect data, poor documentation, or the lack of timely testing. In addition, MIS reports may not be distributed to the appropriate decision-makers, adequately monitor significant risks, or properly identify adverse trends and the level of risk faced by the institution.

Internal Controls

Strong Assessment. An assessment of Strong indicates that the system of internal controls is appropriate for the type and level of risks posed by the nature and scope of the organization's activities. The organizational structure establishes clear lines of authority and responsibility for monitoring adherence to policies, procedures, and limits. Reporting lines provide sufficient independence of the control areas from the business lines and adequate separation of duties throughout the organization-including areas relating to trading, custodial, and back-office activities. The organizational structure reflects actual operating practices. Financial, operational, and regulatory reports are reliable, accurate, and timely, and wherever applicable, exceptions are noted and promptly investigated. Adequate procedures exist for ensuring compliance with applicable laws and regulations, including consumer laws and regulations. Internal audit or other control review practices provide for independence and objectivity. Internal controls and information systems are adequately tested and reviewed; the coverage, procedures, findings, and responses to audits and review tests are adequately documented; identified material weaknesses are given appropriate and timely high level attention; and management's actions to address material weaknesses are objectively reviewed and verified. The board or its audit committee regularly reviews the effectiveness of internal audits and other control review activities.

Acceptable Assessment. An assessment of Acceptable indicates that the system of internal controls adequately covers major risks and business areas. In general, the system is independent, establishes appropriate separation of duties, supports accuracy in record-keeping practices and reporting systems, is adequately documented, and verifies compliance with laws and regulations, including consumer laws and regulations. In most cases identified material weaknesses are given appropriate and timely attention and management's actions to address material weaknesses are objectively reviewed and verified. The board or its audit committee have reviewed the effectiveness of internal audits and other control review activities. Any weaknesses or deficiencies that have been identified are modest in nature and in the process of being addressed.

Weak Assessment. An assessment of Weak signifies that deficiencies exist in the system of internal controls that require more than normal supervisory attention. The deficiencies may involve a broad range of activities or be material to a major business line or activity. Board and senior management may not be adequately informed as to the type and severity of the deficiencies or have not demonstrated an ability to provide corrective action in a timely manner. The deficiencies may include insufficient oversight by the board or its committee; unclear lines of authority and responsibility; a lack of independence; ineffective separation of duties; inadequate or untimely risk coverage and verification, including monitoring compliance with both safety and soundness and consumer laws and regulations; inaccurate records or regulatory reporting; a lack of documentation for work performed; or a lack of timeliness in the correction of identified weaknesses.

“F” (Financial Condition) Component and CAEL Subcomponents

The F (Financial Condition) rating is supported by four subcomponents: “C”(Capital), “A” (Asset Quality), “E” (Earnings) and “L” (Liquidity). The F component and the CAEL subcomponents are rated on a five point numerical scale in ascending order of supervisory concern as follows:

1 - Strong; 2 - Satisfactory; 3 - Fair; 4 - Marginal; and 5 - Unsatisfactory.

The “F” (Financial Condition) Component

Rating 1 (Strong). A rating of 1 indicates that the consolidated BHC is financially sound in almost every respect; any negative findings are basically of a minor nature and can be handled in a routine manner. The capital adequacy, asset quality, earnings, and liquidity of the consolidated BHC are more than adequate to protect the company from external economic and financial disturbances. The company generates more than sufficient cash flow to service its debt and fixed obligations with no harm to subsidiaries of the organization.

Rating 2 (Satisfactory). A rating of 2 indicates that the consolidated BHC is fundamentally financially sound, but may reflect modest weaknesses correctable in the normal course of business. The capital adequacy, asset quality, earnings and liquidity of the consolidated BHC are adequate to protect the company from external economic and financial disturbances. The company also generates sufficient cash flow to service their obligations; however, areas of weakness could develop into areas of greater concern. To the extent minor adjustments are handled in the normal course of business, the supervisory response is limited.

Rating 3 (Fair). A rating of 3 indicates that the consolidated BHC exhibits a combination of weaknesses ranging from fair to moderately severe. The company has less than adequate financial strength stemming from one or more of the following: modest capital Start Printed Page 44003deficiencies, poor asset quality, weak earnings, or liquidity problems. As a result, the BHC and its subsidiaries are less resistant to adverse business conditions. The financial condition of the BHC will likely deteriorate if concerted action is not taken to correct areas of weakness. The company's cash flow is sufficient to meet immediate obligations, but may not remain adequate if action is not taken to correct weaknesses. Consequently, the BHC is vulnerable and requires more than normal supervision. Overall financial strength and capacity are still such as to pose only a remote threat to the viability of the company.

Rating 4 (Marginal). A rating of 4 indicates that the consolidated BHC has either inadequate capital, an immoderate volume of problem assets, very weak earnings, serious liquidity issues, or a combination of factors that are less than satisfactory. An additional weakness may be that the BHC's cash flow needs are met only by upstreaming imprudent dividends and/or fees from subsidiaries. Unless prompt action is taken to correct these conditions, they could impair future viability. BHCs in this category require close supervisory attention and increased financial surveillance.

Rating 5 (Unsatisfactory). A rating of 5 indicates that the volume and character of financial weaknesses of the BHC are so critical as to require urgent aid from shareholders or other sources to prevent insolvency. The imminent inability of such a company to service its fixed obligations and/or prevent capital depletion due to severe operating losses places its viability in serious doubt. Such companies require immediate corrective action and constant supervisory attention.

The “CAEL” (Capital, Asset Quality, Earnings, and Liquidity) Subcategories

The CAEL subcategories can be evaluated along business lines, product lines, or legal entity lines--depending on which type of review is most appropriate for the holding company structure. The weight afforded to each subcategory in the overall F rating will depend on the severity of the condition of that subcategory and the relative importance of that subcategory to the consolidated organization. The following is a description of rating definitions for the CAEL subcategories.

“C” Capital Adequacy

Rating 1 (Strong). A rating of 1 indicates that the consolidated BHC maintains more than adequate capital to: 1) support the volume and risk characteristics of all parent and subsidiary business lines and products; 2) provide a sufficient cushion to absorb unanticipated losses arising from holding company and subsidiary activities; and, 3) support the level and composition of corporate and subsidiary borrowing. In addition, a company assigned a rating of 1 has more than sufficient capital to provide a base for the growth of risk assets and the entry into capital markets as the need arises for the parent company and subsidiaries.

Rating 2 (Satisfactory). A rating of 2 indicates that the consolidated BHC maintains adequate capital to: 1) support the volume and risk characteristics of all parent and subsidiary business lines and products; 2) provide a sufficient cushion to absorb unanticipated losses arising from holding company and subsidiary activities; and, 3) support the level and composition of corporate and subsidiary borrowing. In addition, a company assigned a rating of 2 has sufficient capital to provide a base for the growth of risk assets and the entry into capital markets as the need arises for the parent company and subsidiaries.

Rating 3 (Fair). A rating of 3 indicates that the consolidated BHC may not maintain sufficient capital to ensure support for one or more of the following: 1) the volume and risk characteristics of all parent and subsidiary business lines and products; 2) the unanticipated losses arising from holding company and subsidiary activities; or, 3) the level and composition of corporate and subsidiary borrowing. In addition, a company assigned a rating of 3 may not maintain a sufficient capital position to provide a base for the growth of risk assets and the entry into capital markets as the need arises for the parent company and subsidiaries. The capital position of the consolidated BHC could quickly become inadequate in the event of further asset deterioration or other negative factors and therefore requires more than normal supervisory attention.

Rating 4 (Marginal). A rating of 4 indicates that the capital level of the consolidated BHC is significantly below the amount needed to ensure support for one or more of the following: 1) the volume and risk characteristics of all parent and subsidiary business lines and products; 2) the unanticipated losses arising from holding company and subsidiary activities; and, 3) the level and composition of corporate and subsidiary borrowing. In addition, a company assigned a rating of 4 does not maintain a sufficient capital position to provide a base for the growth of risk assets and the entry into capital markets as the need arises for the parent company and subsidiaries. If left unchecked, the consolidated capital position of the company might evolve into weaknesses or conditions that could threaten the viability of the institution. The capital position of the consolidated BHC requires immediate supervisory attention.

Rating 5 (Unsatisfactory). A rating of 5 indicates that the level of capital of the consolidated BHC is critically deficient and in needed of immediate corrective action. The consolidated capital position threatens the viability of the institution and requires constant supervisory attention.

“A” Asset Quality

Rating 1 (Strong). A rating of 1 indicates that the BHC maintains strong asset quality and credit administration practices across all parts of the organization. Any identified weaknesses in asset quality are minor in nature. Credit risk across the organization for a 1 rated company is commensurate with management's abilities and modest in relation to credit risk management practices.

Rating 2 (Satisfactory). A rating of 2 indicates that the BHC maintains satisfactory asset quality and credit administration practices across all parts of the organization. Any identified weaknesses in asset quality are correctable in the normal course of business. Credit risk across the organization for a 2 rated company is commensurate with management's abilities and generally modest in relation to credit risk management practices.

Rating 3 (Fair). A rating of 3 indicates that the asset quality or credit administration across all or part of the consolidated BHC is less than satisfactory. The BHC may be experiencing an increase in credit risk exposure that has not been met with an appropriate improvement in risk management practices. It may also be facing a decrease in the overall quality of assets currently maintained on and off balance sheet. BHCs assigned a rating of 3 require more than normal supervisory attention.

Rating 4 (Marginal). A rating of 4 indicates that the BHC's asset quality or credit administration practices are deficient. The level of problem assets and/or unmitigated credit risk subjects the holding company to potential losses that, if left unchecked, may threaten its viability. BHCs assigned a rating of 4 require immediate supervisory attention.

Rating 5 (Unsatisfactory). A rating of 5 indicates that the BHC's asset quality or Start Printed Page 44004credit administration practices are critically deficient and present an imminent threat to the institution's viability. BHCs assigned a rating of 5 require immediate remedial action and constant supervisory attention.

“E” Earnings

Rating 1 (Strong). A rating of 1 indicates that the quantity and quality of the BHC's consolidated earnings are more than sufficient to make full provision for the absorption of losses and accretion of capital when due consideration is given to asset quality and BHC growth. Generally, BHCs with a 1 rating have earnings well above peer-group averages.

Rating 2 (Satisfactory). A rating of 2 indicates that the quantity and quality of the BHC's consolidated earnings are generally adequate to make provision for the absorption of losses and accretion of capital when due consideration is given to asset quality and BHC growth. BHCs with a 2 earnings rating have earnings that are in line with or slightly above peer-group averages.

Rating 3 (Fair). A rating of 3 indicates that the BHC's consolidated earnings are not fully adequate to make provisions for the absorption of losses and the accretion of capital in relation to company growth. The consolidated earnings of companies rated 3 may be further clouded by static or inconsistent earnings trends, chronically insufficient earnings, or less than satisfactory asset quality. BHCs with a 3 rating for earnings generally have earnings below peer-group averages. Such BHCs require more than normal supervisory attention.

Rating 4 (Marginal). A rating of 4 indicates that the BHC's earnings, while generally positive, are clearly not sufficient to make full provision for losses and the necessary accretion of capital. BHCs with earnings rated 4 may be characterized by erratic fluctuations in net income, poor earnings (and the likelihood of the development of a further downward trend), intermittent losses, chronically depressed earnings, or a substantial drop from the previous year. The earnings of such companies are ordinarily substantially below peer-group averages. Such BHCs require immediate supervisory attention.

Rating 5 (Unsatisfactory). A rating of 5 indicates that the BHC is experiencing losses or reflecting a level of earnings that is worse than that described for the 4 rating. Such losses, if not reversed, represent a distinct threat to the BHC's solvency through erosion of capital. Such BHCs require immediate and constant supervisory attention.

“L” Liquidity

Rating 1 (Strong). A rating of 1 indicates that the BHC maintains strong liquidity levels and well developed funds management practices. The parent company and subsidiaries have reliable access to sufficient sources of funds on favorable terms to meet present and anticipated liquidity needs.

Rating 2 (Satisfactory). A rating of 2 indicates that the BHC maintains satisfactory liquidity levels and funds management practices. The parent company and subsidiaries have access to sufficient sources of funds on acceptable terms to meet present and anticipated liquidity needs. Modest weaknesses in funds management practices may be evident, but those weaknesses are correctable in the normal course of business.

Rating 3 (Fair). A rating of 3 indicates that the BHC's liquidity levels or funds management practices are in need of improvement. BHCs rated 3 may lack ready access to funds on reasonable terms or may evidence significant weaknesses in funds management practices at the parent company and/or subsidiary levels. However, these deficiencies are considered correctable in the normal course of business. Such BHCs require more than normal supervisory attention.

Rating 4 (Marginal). A rating of 4 indicates that the BHC's liquidity levels or funds management practices are deficient. Institutions rated 4 may not have or be able to obtain a sufficient volume of funds on reasonable terms to meet liquidity needs at the parent company and/or subsidiary levels and require immediate supervisory attention.

Rating 5 (Unsatisfactory). A rating of 5 indicates that the BHC's liquidity levels or funds management practices are critically deficient and may threaten the continued viability of the institution. Institutions rated 5 require immediate external financial assistance to meet maturing obligations or other liquidity needs and constant supervisory attention.

“I” (Impact) Component

The I component rating reflects the aggregate impact of the parent company and nonbank subsidiaries on the subsidiary depository institution(s).

The I component is rated on a five point numerical scale. Ratings will be assigned in ascending order of supervisory concern as follows:

1 - low likelihood of significant negative impact;

2 - limited likelihood of significant negative impact;

3 - moderate likelihood of significant negative impact;

4 - considerable likelihood of significant negative impact; and

5 - high likelihood of significant negative impact.

Rating 1 (Low Likelihood of Significant Negative Impact). A rating of 1 indicates that the aggregate impact of the parent company and nonbank subsidiaries of the BHC on the subsidiary depository institution(s) is positive due to factors that include the: 1) sound financial condition of the parent company and nondepository subsidiaries, and 2) strong risk management practices within the parent company and nondepository subsidiaries. A 1 rated BHC maintains an appropriate capital position across all legal entities in line with the risks undertaken by those entities. Intra-group exposures, including servicing agreements and derivative and payment system exposures of a 1 rated BHC do not have the potential to undermine the financial condition of the subsidiary depository institution(s). Parent company cash flow is not dependent on excessive dividend payments from subsidiaries which can potentially undermine the financial condition of the subsidiary depository institution(s). The potential risks posed to the subsidiary depository institution(s) by plans for growth, a poor control environment, and/or complaints and litigation within or facing the parent company or nondepository subsidiaries can be corrected in a routine manner.

Rating 2 (Limited Likelihood of Significant Negative Impact). A rating of 2 indicates that the aggregate impact of the parent company and nonbank subsidiaries of the BHC on the subsidiary depository institution(s) is neutral due to factors that include the: 1) adequate financial condition of the parent company and nondepository subsidiaries, and 2) satisfactory risk management practices within the parent company and nondepository subsidiaries. A 2 rated BHC maintains an adequate capital position across all legal entities in line with the risks undertaken by those entities. Intra-group exposures, including servicing agreements and derivative and payment system exposures, of a 2 rated BHC generally do not have the potential to undermine the financial condition of the subsidiary depository institution(s). Parent company cash flow generally is not dependent on excessive dividend payments from subsidiaries which can potentially undermine the financial condition of the subsidiary depository institution(s). The potential risks posed to the subsidiary depository institution(s) by strategic growth plans Start Printed Page 44005or a poor control environment within the parent company or nondepository subsidiaries are minor in nature and can be corrected in the normal course of business.

Rating 3 (Moderate Likelihood of Significant Negative Impact). A rating of 3 indicates that the aggregate impact of the parent company and nonbank subsidiaries of the BHC on the subsidiary depository institution(s) is potentially negative due to weaknesses in the financial condition and/or risk management practices of the parent company and nondepository subsidiaries. A 3 rated BHC may have only marginally sufficient capital within the parent company and/or nondepository subsidiary(ies) to support its activities. Intra-group exposures, including servicing agreements and derivative and payment system exposures, of a 3 rated BHC may have the potential to undermine the financial condition of the subsidiary depository institution(s). Parent company cash flow may be partially dependent on excessive dividend payments from subsidiaries, potentially undermining the financial condition of the subsidiary depository institution(s). The potential risks posed to the subsidiary depository institution(s) by strategic growth plans or a poor control environment within the parent company or nondepository subsidiaries may be significant. A BHC assigned a 3 impact rating requires more than normal supervisory attention.

Rating 4 (Considerable Likelihood of Significant Negative Impact). A rating of 4 indicates that the aggregate impact of the parent company and nonbank subsidiaries of the BHC on the subsidiary depository institution(s) is negative due to weaknesses in the financial condition and/or risk management practices of the parent company and nondepository subsidiaries. A 4 rated BHC may have insufficient capital within the parent company and/or nondepository subsidiary(ies) to support its activities. Intra-group exposures, including servicing agreements and derivative and payment system exposures, of a 4 rated BHC may also have the potential to undermine the financial condition of the subsidiary depository institution(s). Parent company cash flow may be dependent on excessive dividend payments from subsidiaries, potentially undermining the financial condition of the subsidiary depository institution(s). The potential risks posed to the subsidiary depository institution(s) by strategic growth plans or a poor control environment within the parent company or nondepository subsidiaries may also be significant. A BHC assigned a 4 impact rating requires immediate remedial action and close supervisory attention.

Rating 5 (High Likelihood of Significant Negative Impact). A rating of 5 indicates that the aggregate impact of the parent company and nonbank subsidiaries of the BHC on the subsidiary depository institution(s) is extremely negative due to significant weaknesses in the financial condition and/or risk management practices of the parent company or nondepository subsidiaries. Critical deficiencies in the parent company or nondepository subsidiaries pose an immediate threat to the viability of the subsidiary depository institution(s). The parent company also may be unable to meet its obligations without support from the subsidiary depository institution(s). The BHC requires immediate remedial action and constant supervisory attention.

“C” (Composite) Component

C is the overall composite assessment of the BHC as reflected by consolidated risk management, consolidated financial strength, and the impact of the parent company and nonbank subsidiaries on the depository institutions. The composite rating encompasses both a forward-looking and static assessment of the consolidated organization, as well as an assessment of issues related to the parent company and nonbank subsidiaries acting as a source of strength to the depository institutions. The C rating is not derived as a simple numeric average of the rating system components; rather, it reflects examiner judgement with respect to the relative importance of each component to the safe and sound operation of the BHC.

Rating 1 (Strong). BHCs in this group are sound in almost every respect; any negative findings are basically of a minor nature and can be handled in a routine manner. Risk management practices and financial stability provide resistance to external economic and monetary disturbances. The parent company and nondepository subsidiaries are a source of financial strength to the depository institutions.

Rating 2 (Satisfactory). BHCs in this group are also fundamentally sound but may have modest weaknesses in risk management practices or financial stability. The weaknesses could develop into conditions of greater concern but are believed correctable in the normal course of business. As such, the supervisory response is limited. The parent company and nondepository subsidiaries are not a source of financial weakness to the depository institutions.

Rating 3 (Fair). BHCs in this group exhibit a combination of weaknesses in risk management practices and financial stability that range from fair to moderately severe. These companies are less resistant to the onset of adverse business conditions and could likely deteriorate if concerted action is not effective in correcting the areas of weakness. Consequently, these companies are vulnerable and require more than normal supervisory attention and financial surveillance. However, the strength and financial capacity of the company, including the ability of the parent company and nondepository subsidiaries to provide financial support, if necessary, pose only a remote threat to its continued viability.

Rating 4 (Marginal). BHCs in this group have an immoderate volume of risk management and financial weaknesses. The parent company and nonbank subsidiaries' combined ability to provide financial support to the depository institutions has been limited by these weaknesses. Unless prompt action is taken to correct these conditions, the organization's future viability could be impaired. These companies require close supervisory attention and increased financial surveillance.

Rating 5 (Unsatisfactory). The critical volume and character of the risk management and financial weaknesses of BHCs in this category, and concerns about the parent company and nondepository subsidiaries acting as a source of weaknesses to the subsidiary depository institution(s), could lead to insolvency without urgent aid from shareholders or other sources. The imminent inability to prevent liquidity and/or capital depletion places the BHC's continued viability in serious doubt. These companies require immediate corrective action and constant supervisory attention.

(D) (Depository Institutions) Component

The (D) component is intended to identify the overall condition of the subsidiary depository institution or the combined condition of the depository subsidiaries. For BHCs with only one depository institution, the (D) component rating will mirror the CAMELS composite rating for that depository institution. To arrive at a (D) component rating for BHCs with multi-bank subsidiaries, the CAMELS composite ratings for each of the depository institutions should be weighted, giving consideration to asset size and the relative importance of each depository institution within the overall structure of the organization. In general, it is expected that the resulting (D) component rating will reflect the lead Start Printed Page 44006depository institution's CAMELS composite rating.

If in the process of analyzing the financial condition and risk management programs of the consolidated organization, a major difference of opinion relative to the safety and soundness of the depository institution emerges between the Federal Reserve and the depository institution's primary regulator, then the (D) rating should reflect the Federal Reserve's evaluation.

III. Implementation of Revised Rating System by Bank Holding Company Type

The proposal to change the BHC rating system was driven by the need to align the rating system with current Federal Reserve supervisory practices. The new rating system will require analysis and support similar to that required by current supervisory policy for institutions of all sizes.[7] As such, the level of analysis and support will vary based upon whether a BHC has been determined to be “complex” or “noncomplex.”[8] In addition, the resources dedicated to the inspection of each BHC will continue to be determined by the risk posed by the subsidiary depository institution(s) to the federal safety net[9] and the risk posed by the BHC to the subsidiary depository institution(s).

Noncomplex BHCs with Assets of $1 Billion or Less (Shell Holding Companies)

New Rating: R and C

Consistent with SR 02-1, examination staff will be required only to assign an R and C rating for all companies in the shell BHC program (noncomplex BHCs with assets under $1 billion). The R rating is the M rating from the subsidiary depository institution's CAMELS rating. The rating will be changed from the current M to an R to provide consistent terminology. The C rating is the subsidiary depository institution's composite CAMELS rating.

Noncomplex BHCs with Assets Greater than $1 Billion

One-Bank Holding Company

New Rating: RFI/C (D)

For all noncomplex, one-bank holding companies with assets of greater than $1 billion, examination staff will assign all component and subcomponent ratings in the new rating system; however, examination staff should continue to rely heavily on information and analysis contained in the report of examination for the subsidiary depository institution to assign the R and F ratings. If examination staff have reviewed the primary regulator's examination report and are comfortable with the analysis and conclusions contained in that report, then the BHC ratings should be supported with concise language that indicates that the conclusions are based on the analysis of the primary regulator. No additional analysis will be required.

Please note, however, in cases where the analysis and conclusions of the primary regulator are insufficient to assign the new ratings, the primary regulator should be contacted to ascertain whether additional analysis and support may be available. Further, if discussions with the primary regulator do not provide sufficient information to assign the ratings, discussions with BHC management may be warranted to obtain adequate information to assign the ratings. In most cases, additional information or support obtained through these steps will be sufficient to permit the assignment of the R and F ratings. To the extent that additional analysis is deemed necessary, the level of analysis and resources spent on this assessment should be in line with the level of risk the subsidiary depository institution poses to the federal safety net. In addition, any activities that involve information gathering with respect to the subsidiary depository institution should be coordinated with and, if possible, conducted by, the primary regulator of that institution.

Examination staff will be required to make an independent assessment in order to assign the I rating, which provides an evaluation of the impact of the BHC on the subsidiary depository institution. Analysis for the I rating in non-complex one-bank holding companies should place particular emphasis on issues related to parent company cash flow and compliance with 23A.

Multi-Bank Holding Company

New Rating: RFI/C (D)

For all noncomplex BHCs with assets of greater than $1 billion and having more than one subsidiary depository institution, examination staff will assign all component and subcomponent ratings of the new system, also relying, to the extent possible, on the work conducted by the primary bank regulators to assign the R and F ratings. However, any risk management or other important functions conducted by the parent company or any nondepository subsidiary of the BHC, or conducted across legal entity lines, should be subject to review by Federal Reserve examination staff. These reviews should be conducted in coordination with the primary regulator(s). The assessment for the I rating will require an independent assessment by Federal Reserve examination staff.

Complex BHCs

New Rating: RFI/C (D)

For complex BHCs, examination staff will assign all component and subcomponent ratings of the new rating system. The ratings analysis should be based on the primary regulator's assessment of the subsidiary depository institution(s), as well as on the examiners' assessment of the consolidated organization as determined through the BHC inspection process. The resources needed for the inspection and the level of support needed for developing a full rating will depend upon the complexity of the organization, including structure and activities (see footnote 7), and should be commensurate with the level of risk posed by the subsidiary depository institution(s) to the federal safety net and the level of risk posed by the BHC to the subsidiary depository institution(s).

Nontraditional BHCs

New Rating: RFI/C (D)

Examination staff will be required to assign the full rating system for nontraditional BHCs. Nontraditional BHCs include BHCs in which most or all nondepository operations are regulated by a functional regulator and in which the subsidiary depository institution(s) is small in relation to the nondepository operations. The new rating system is not intended to introduce significant additional work in the rating process for these organizations. As discussed above, the Start Printed Page 44007level of analysis conducted and resources needed to inspect the BHC and to assign the consolidated R and F ratings should be commensurate with the level of risk posed by the subsidiary depository institution(s) to the federal safety net and the level of risk posed by the BHC to the subsidiary depository institution(s). The report of examination by, and other information obtained from, the functional and primary bank regulators should provide the basis for the consolidated R and F ratings. On-site work, to the extent it involves areas that are the primary responsibility of the functional or primary bank regulator, should be coordinated with and, if possible, conducted by, those regulators. Examination staff should concentrate their independent analysis for the R and F ratings around activities and risk management conducted by the parent company and non-functionally regulated nondepository subsidiaries, as well as around activities and risk management functions that are related to the subsidiary depository institution(s), for example, audit functions for the depository institution(s) and compliance with 23A.

Examination staff will be required to make an independent assessment of the impact of the parent company and nondepository subsidiary(ies) on the subsidiary depository institution(s) in order to assign the I rating.

By order of the Board of Governors of the Federal Reserve System, July 20, 2004.

Start Signature

Jennifer J. Johnson

Secretary of the Board.

End Signature End Supplemental Information

Footnotes

1. See Supervisory Letter 95-51, Rating the Adequacy of Risk Management Processes and Internal Controls at State Member Banks and Bank Holding Companies.

Back to Citation

2. A simplified version of the rating system that includes only the R and C components will be applied to noncomplex bank holding companies with assets below $1 billion.

Back to Citation

3. The use of the three-point qualitative evaluation system (versus a five-point numerical rating system) will be evaluated during testing of the new rating system.

Back to Citation

4. Another subcomponent assessing the adequacy of disclosure for bank holding companies using the advanced internal ratings based approach to capital allocation may be added once the Basel II framework has been implemented in the United States.

Back to Citation

5. A detailed description of the four subcomponents is listed in SR 95-51.

Back to Citation

6. Framework for Risk-Focused Supervision of Large Complex Institutions, August 1997; SR Letter 95-51, Rating the Adequacy of Risk Management Processes and Internal Controls at State Member Banks and Bank Holding Companies.

Back to Citation

7. Including the BHC inspection manual, SR 95-51, SR 97-24, SR 97-25, SR 99-15, and SR 02-01.

Back to Citation

8. The determination of whether a holding company is “complex” versus “noncomplex” is made at least annually on a case-by-case basis taking into account and weighing a number of considerations, such as: the size and structure of the holding company; the extent of intercompany transactions between depository institution subsidiaries and the holding company or nondepository subsidiaries of the holding company; the nature and scale of any nondepository activities, including whether the activities are subject to review by another regulator and the extent to which the holding company is conducting Gramm-Leach-Bliley authorized activities (e.g., insurance, securities, merchant banking); whether risk management processes for the holding company are consolidated; and whether the holding company has material debt outstanding to the public. Size is less important determinant of complexity than many of the factors noted above, but generally companies of significant size (e.g., assets of $10 billion on balance sheet or managed) would be considered complex, irrespective of the other considerations.

Back to Citation

9. The federal safety net is defined as the deposit insurance fund, the payments system, and the Federal Reserve's discount window.

Back to Citation

[FR Doc. 04-16865 Filed 7-22-04; 8:45 am]

BILLING CODE 6210-01-S