Skip to Content

Proposed Rule

Prudential Management and Operations Standards

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

Federal Housing Finance Agency.

ACTION:

Proposed rule.

SUMMARY:

Section 1108 of the Housing and Economic Recovery Act of 2008 (HERA) amended the Federal Housing Enterprises Financial Safety and Soundness Act of 1992 (Safety and Soundness Act) to require the Federal Housing Finance Agency (FHFA) to establish prudential standards relating to the management and operations of the Federal National Mortgage Association (Fannie Mae), Federal Home Loan Mortgage Corporation (Freddie Mac), and Federal Home Loan Banks (Banks) (collectively, regulated entities). FHFA is proposing to implement those HERA amendments by providing for the establishment of the prudential standards in the form of guidelines, which initially would be set out in an appendix to the rule. The proposal also would include other provisions relating to the possible consequences for a regulated entity that fails to operate in accordance with the prudential standards.

DATES:

Written comments on the proposed rule must be received on or before August 19, 2011. For additional information, see SUPPLEMENTARY INFORMATION.

ADDRESSES:

You may submit your comments on the proposed rule, identified by regulatory information number “RIN 2590-AA13,” by any of the following methods:

  • E-mail: Comments to Alfred M. Pollard, General Counsel, may be sent by e-mail to RegComments@FHFA.gov. Please include “RIN 2590-AA13” in the subject line of the message.
  • Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments. If you submit your comment to the Federal eRulemaking Portal, please also send it by e-mail to FHFA at RegComments@fhfa.gov to ensure timely receipt by the agency. Include the following information in the subject line of your submission: Comments/RIN 2590-AA13.
  • U.S. Mail, United Parcel Post, Federal Express, or Other Mail Service: The mailing address for comments is: Alfred M. Pollard, General Counsel, Attention: Comments/RIN 2590-AA13, Federal Housing Finance Agency, Fourth Floor, 1700 G Street, NW., Washington, DC 20552.
  • Hand Delivered/Courier: The hand delivery address is: Alfred M. Pollard, General Counsel; Attention: Comments/RIN 2590-AA13, Federal Housing Finance Agency, Fourth Floor, 1700 G Street, NW., Washington, DC 20552. The package should be logged at the Guard Desk, First Floor, on business days between 9 a.m. and 5 p.m.
Start Further Info

FOR FURTHER INFORMATION CONTACT:

Amy Bogdon, Associate Director, Division of Federal Home Loan Bank Regulation, Federal Housing Finance Agency, 1625 Eye Street, NW., Washington, DC 20006, amy.bogdon@fhfa.gov, (202) 408-2546; Carol Connelly, Principal Supervision Specialist, Division of Examination Programs and Support, carol.connelly@fhfa.gov, (202) 414-8910; or Neil R. Crowley, Deputy General Counsel, neil.crowley@fhfa.gov, (202) 343-1316, Federal Housing Finance Agency, 1700 G Street, NW., Washington, DC 20552 (not toll free numbers). The telephone number for the Start Printed Page 35792Telecommunications Device for the Deaf is (800) 877-8339.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

I. Comments

FHFA invites comments on all aspects of the proposed rule and will take all comments into consideration before issuing a final rule. Copies of all comments will be posted without change, including any personal information you provide, such as your name and address, on the FHFA Web site at http://www.fhfa.gov. In addition, copies of all comments will be available for examination by the public on business days between the hours of 10 a.m. and 3 p.m., at the Federal Housing Finance Agency, Fourth Floor, 1700 G Street, NW., Washington, DC 20552. To make an appointment to inspect comments, please call the Office of General Counsel at (202) 414-3751.

II. Background

Effective July 30, 2008, HERA, Public Law No. 110-289, 122 Stat. 2654 (2008), created FHFA as an independent agency of the Federal Government and transferred to it the supervisory and oversight responsibilities over the regulated entities formerly vested with the Office of Federal Housing Enterprise Oversight (OFHEO) and the Federal Housing Finance Board (FHFB). Section 1108 of HERA also added a new section 1313B to the Safety and Soundness Act, which requires the FHFA Director to establish standards that address 10 separate areas relating to the management and operation of the regulated entities, and authorizes the Director to establish the standards by regulation or by guideline. 12 U.S.C. 4513b. Those 10 areas relate to: Adequacy of internal controls and information systems; adequacy and independence of the internal audit systems; management of interest rate risk; management of market risk; adequacy of liquidity and reserves; management of growth in assets and in the investment portfolio; management of investments and acquisition of assets to ensure that they are consistent with the purposes of the Safety and Soundness Act and the regulated entities' authorizing statutes; [1] adequacy of overall risk management processes; adequacy of credit and counterparty risk management practices; and maintenance of records that allow an accurate assessment of the institution's financial condition. 12 U.S.C. 4513b(a)(1)-(10). Section 1313B(a) also specifically authorizes the Director to establish other appropriate management and operations standards. 12 U.S.C. 4513b(a)(11). The HERA amendments require that the prudential standards be established with respect to the regulated entities, which term does not include the Banks' Office of Finance (OF), although HERA would not necessarily preclude FHFA from extending the prudential standards (or comparable standards) to the OF. FHFA is not proposing to subject the OF to the prudential standards regime, in large part because several of the standards address matters that are not relevant to the OF, such as those relating to interest rate, market and credit risks, and investment portfolio growth. The same is true with respect to the statutory sanctions for noncompliance with the standards, which include limits on asset growth and increases in capital. FHFA welcomes any comments on this issue.

Section 1313B(b)(1) addresses the possible consequences for a regulated entity that fails to meet any of the prudential standards, and provides that the Director “shall require” the regulated entity to submit a corrective plan if the standards have been adopted by regulation and “may require” the regulated entity to submit a corrective plan if the standards have been adopted as guidelines. 12 U.S.C. 4513b(b)(1)(A). If a regulated entity is required to submit a corrective plan to FHFA, it must do so within thirty (30) days after the Director determines that it has failed to meet any standard. That plan must specify the actions that the regulated entity will take to conform its practices to the requirements of the prudential standards. 12 U.S.C. 4513b(b)(1). FHFA generally must act on such plans within thirty (30) days after receipt. 12 U.S.C. 4513b(b)(1)(C)(ii).

Section 1313B(b)(2) also addresses the possible consequences for a regulated entity that fails to submit an acceptable plan within the required time period or that fails in any material respect to implement a corrective plan that the Director has approved. In those cases, the Director must order the regulated entity to correct the deficiency. 12 U.S.C. 4513b(b)(2)(A). The Director also has the discretionary authority to order further sanctions, including limits on asset growth, increases in capital, or any other action the Director believes appropriate until the regulated entity comes into compliance with the prudential standard. 12 U.S.C. 4513b(b)(2)(B). Although the imposition of those additional sanctions generally is a matter of discretion for the Director, if a regulated entity that has failed to submit or implement a corrective plan also has experienced “extraordinary growth” within the preceding 18 months, the Director is then required to impose at least one of those additional sanctions. The concept of “extraordinary growth” comes into play only in those narrow circumstances and thus is not a statutory factor when the Director is considering whether a regulated entity has failed to comply with a prudential standard, whether the Director should require the submission of a corrective plan, or whether the Director should impose discretionary sanctions. All of the remedial powers that the Director may invoke under the prudential standards provisions are not exclusive, and section 1313B(c) expressly preserves the Director's right to exercise any other supervisory or enforcement authority under the Safety and Soundness Act. 12 U.S.C. 4513b(c).

Because Congress preserved all of the existing rules, regulations, orders, resolutions, and determinations of OFHEO and the FHFB,[2] any such existing provisions that pertain to the prudential management and operations of the regulated entities remain in full force and effect until FHFA has modified, cancelled, or repealed them. Unless any of the existing provisions are incorporated into the guidelines, a regulated entity's failure to comply with the existing provisions will not trigger the remedial provisions of section 1313B of the Safety and Soundness Act, although it would allow FHFA to pursue other supervisory remedies. After this rule is adopted, FHFA anticipates undertaking a systematic review of existing regulatory requirements that may overlap with these standards. Commenters are invited to identify areas of potential overlap or conflict between existing requirements or guidance and the proposed standards.

III. Analysis of the Proposed Rule

Purpose and Definitions: §§ 1236.1 and 1236.2

Proposed § 1236.1 explains that the purposes of the new part 1236 are to establish the prudential management and operations standards regulated entities must meet and the consequences if a regulated entity fails to meet the standards or fails to comply with this part. Proposed § 1236.2 Start Printed Page 35793defines certain key terms used in the prudential management and operations standards regulation. The only term unique to this part is “extraordinary growth,” which is defined differently for the Banks, by excluding advances growth, because rapid growth in advances does not present the same supervisory concerns that may result from rapid growth of other assets and because such growth may be central to the purpose of the Federal Home Loan Bank System as was seen in 2007 and 2008. Thus, for the Banks the proposed rule would define “extraordinary growth” to mean, for a given calendar quarter, quarterly non-annualized growth of non-advance assets in excess of 7.5 percent. With respect to the Enterprises, the proposed rule defines “extraordinary growth” to mean, for a given calendar quarter, quarterly non-annualized growth of assets in excess of 7.5 percent. With respect to both the Banks and the Enterprises, the extraordinary growth must have occurred within the 18-month period preceding the date on which FHFA notifies the entity that it has failed to meet a prudential standard and must therefore submit a corrective plan.

Defining “extraordinary growth” in this manner recognizes that the Banks' primary mission is providing secured credit to their members and that rapid growth in advances does not necessarily raise supervisory concerns. Advances differ from other assets in that they are self-capitalizing, i.e., a member must buy and hold a certain amount of Bank stock in order to obtain an advance, and are fully secured, principally by first mortgage loans or securities representing interest in such loans. The credit risk associated with advances is minimal, as shown by the fact that the Banks have never sustained a credit loss on an advance to their members. Moreover, the public mission of the Banks is to provide secured credit, as needed by their members for both housing finance and liquidity purposes. The significant growth in advances balances during the recent financial crisis demonstrated the extent to which the Banks provided financial support to the banking industry and the importance of allowing the Banks to expand and contract their advances portfolios in response to the needs of their members. In contrast, rapid growth of non-advance assets by a Bank may present supervisory concerns, and for that reason the proposed rule would use the same standard—7.5 percent growth over any calendar quarter—for non-advance growth for the Banks as it uses for growth in total assets for an Enterprise. The proposed definition provides a straightforward standard that should be easy for the regulated entities to understand and to calculate. Moreover, basing the definition on the concept of quarterly asset growth is consistent with that aspect of the definition of extraordinary growth used by the federal banking agencies for implementing their own prudential standards statute. See 12 CFR § 30.4(d)(2). For purposes of calculating an increase in assets, FHFA proposes to exclude assets that a regulated entity acquires through merger or acquisition with another regulated entity that FHFA has approved.

As noted above, the concept of “extraordinary growth” becomes relevant only if a regulated entity has either failed to submit an acceptable corrective plan or has failed to implement an approved plan. The presence of “extraordinary growth” by itself does not trigger any of the supervisory sanctions under the prudential standards statute or this proposed rule, although FHFA may invoke its other supervisory authorities if necessary to address asset growth that it believes poses other safety and soundness concerns.

Prudential Management and Operations Standards: § 1236.3

Proposed § 1236.3 would implement section 1313B(a) of the Safety and Soundness Act (12 U.S.C. 4513b(a)), which requires the Director to establish prudential management and operations standards relating to the 10 categories described above. The HERA amendments authorize the Director to adopt the standards either as regulations or as guidelines, and the Director is proposing to adopt the standards as guidelines, which initially would be set forth in an Appendix to part 1236. Section 1236.3(b) of the proposed rule further provides that, because the standards set forth in the Appendix would be adopted as guidelines, the Director may modify, revoke or add to them at any time by order, rather than through a notice and comment rulemaking. This approach will allow FHFA to timely update the standards to conform them to changes in best practices, as well as to address particular supervisory concerns. It also maintains the flexibility to seek public comment on changes to the guidance, as appropriate. Section 1236.3(c) of the proposal further provides that a failure to meet any standard also may constitute an unsafe and unsound practice for purposes of 12 U.S.C. chapter 46, subchapter III, which would allow FHFA to initiate an administrative enforcement action, in addition to any sanctions that may be imposed under the prudential standards authorized by HERA.

Failure To Meet the Prudential Standards: § 1236.4

Proposed § 1236.4 implements section 1313B(b) of the Safety and Soundness Act, which provides specific remedies that FHFA may use if a regulated entity fails to meet a prudential management and operations standard. 12 U.S.C. 4513b(b)(1). Proposed § 1236.4(a) provides that FHFA has the discretion to determine if a regulated entity has failed to operate in accordance with one or more of the prudential management and operations standards set forth in the Appendix, and may base that determination on any information available to it, such as information obtained through the examination process or other supervisory processes. Proposed § 1236.4(b) further provides that if FHFA makes such a determination, it may require the regulated entity to submit a corrective plan to address those deficiencies. Because the prudential standards would be established as guidelines, FHFA is not mandated to require the submission of a corrective plan, as would be the case if the standards were to be established as regulations.

Proposed § 1236.4(c) addresses the contents and filing requirements relating to a corrective plan. Each corrective plan must specify the actions that the regulated entity will take to correct the deficiencies and the time within which each action will be taken. The corrective plan is due not later than thirty (30) calendar days after FHFA has notified the regulated entity that it has failed to meet one or more of the prudential standards, unless FHFA sets a different time period. With the permission of FHFA, a regulated entity that must file, or currently is operating under, a capital restoration plan submitted pursuant to 12 U.S.C. 4622, a cease-and-desist order entered into pursuant to 12 U.S.C. 4631 or 4632, a formal or informal agreement, or a response to a report of examination or report of inspection, may submit the corrective plan as part of that other plan, order, agreement or response.

Proposed § 1236.4(d) allows a regulated entity that is operating under an approved corrective plan to submit a written request to FHFA to amend the existing plan to reflect any changes in circumstance. Until such time as FHFA approves a proposed amendment, the regulated entity must implement and abide by the previously approved corrective plan.Start Printed Page 35794

Proposed § 1236.4(e) addresses the period of time within which FHFA must act in response to the submission of a corrective plan. Generally speaking, within thirty (30) calendar days of its receipt of a corrective plan, FHFA must notify the regulated entity of its decision on the plan (i.e., approval or denial), or of its need for additional information, or of its decision to extend the review period beyond thirty (30) calendar days.

Failure To Submit or To Implement a Corrective Plan: § 1236.5

Proposed § 1236.5(a) sets forth the actions FHFA may take if a regulated entity has failed to timely submit an acceptable corrective plan or has failed to implement or otherwise comply with an approved corrective plan in any material respect. At a minimum, the Director must order the regulated entity to correct that deficiency, as is required by statute. The proposal further lists the other actions that the Director, in his discretion, may take with respect to the deficiency. Those discretionary actions are consistent with those listed in section 1313B(b)(2)(B) of the Safety and Soundness Act and include limits on asset growth and requirements to increase capital, which are described in the statute, as well as limits on dividends and stock redemptions or repurchases, and/or a minimum level of retained earnings. 12 U.S.C. 4513b(b)(2)(B). The latter set of limits are not explicitly mentioned in the statute, but FHFA has included them in the regulation under its authority to require a regulated entity to take any other actions it deems necessary to carry out these provisions of the statute. In addition, § 1236.5(b) provides that if a regulated entity that has failed to submit or implement a corrective plan also has experienced “extraordinary growth” the Director shall impose at least one of the sanctions listed above, which action also is required by statute.

Under proposed § 1236.5(c)(1), FHFA generally will notify a regulated entity that has failed to submit or implement a corrective plan of its intent to issue an order requiring the regulated entity to take corrective action. The notice will include: (1) A statement that the regulated entity has failed to submit a corrective plan under § 1236.4, or has not implemented or otherwise complied with an approved plan; (2) a description of any discretionary sanctions that FHFA proposes to impose and, if the regulated entity has experienced “extraordinary growth,” a description of any mandatory restrictions that FHFA intends to impose under 12 U.S.C. 4513b(b)(3); and (3) the proposed date when any restriction or prohibition would become effective or the proposed date for completion of any required action. Under proposed § 1236.5(c)(2), a regulated entity generally has fourteen (14) calendar days to respond to a notice unless otherwise specified by FHFA. The proposal identifies the minimum contents that a regulated entity's response should include, which are an explanation why the regulated entity believes that the action proposed by FHFA is not an appropriate exercise of discretion; recommend modifications, if any, to the proposed order; and any additional relevant information. FHFA will deem a failure to respond to constitute a waiver of the opportunity to respond and consent to issuance of the order.

If the circumstances so require, proposed § 1236.5(c)(4) provides that FHFA need not provide advance notice and may instead require a regulated entity immediately to take or refrain from taking actions to correct its failure to meet one or more of the prudential management and operations standards. Within fourteen (14) calendar days of the issuance of such an immediately effective order, unless otherwise specified by FHFA, a regulated entity may appeal the order in writing. FHFA will act on an appeal within sixty (60) days, during which time the order will remain in effect unless FHFA stays its effectiveness.

Under proposed § 1236.5(d), a regulated entity that is subject to an order may submit a written request to FHFA for an amendment to reflect a change in circumstances. Until such time as FHFA approves a proposed amendment, any such order would remain in effect.

Proposed § 1236.5(e) requires FHFA to act on a response to a notice or a request to amend a plan not later than thirty (30) days after a regulated entity submits the plan or amendment unless FHFA specifies a different time period in writing. After considering a regulated entity's response or amendment request, FHFA may: (1) Issue the order as proposed or in modified form; (2) determine not to issue the order and instead issue a different order; or (3) seek additional information or clarification of the response from the regulated entity, or any other relevant source.

When promulgating regulations that relate to the Banks under section 1313(f) of the Safety and Soundness Act (as amended by section 1201 of HERA), the Director must consider the differences between the Banks and the Enterprises with respect to the Banks' cooperative ownership structure; mission of providing liquidity to members; affordable housing and community development mission; capital structure; and joint and several liability. The Director also may consider any other differences deemed appropriate. 12 U.S.C. 4513(f). In preparing the proposed rule, the Director considered the differences between the Banks and the Enterprises as they relate to the above factors. The Director is requesting comments from the public about whether differences related to these factors should result in a revision of the proposed rule or the standards as they relate to the Banks.

IV. Paperwork Reduction Act

The proposed regulation does not contain any information collection requirement that requires the approval of the Office of Management and Budget under the Paperwork Reduction Act (44 U.S.C. 3501 et seq.).

V. Regulatory Flexibility Act

The Regulatory Flexibility Act (5 U.S.C. 601 et seq.) requires an agency to analyze a proposed regulation's impact on small entities if the final rule is expected to have a significant economic impact on a substantial number of small entities. 5 U.S.C. 605(b). FHFA has considered the impact of this regulation and determined that it is not likely to have a significant economic impact on a substantial number of small entities because it applies only to the Regulated Entities, which are not small entities for purposes of the Regulatory Flexibility Act.

Start List of Subjects

List of Subjects in 12 CFR Part 1236

End List of Subjects

For the reasons stated in the preamble, FHFA proposes to amend chapter XII of title 12 of the Code of Federal Regulations by adding part 1236 to subchapter B to read as follows:

Start Part

PART 1236—PRUDENTIAL MANAGEMENT AND OPERATIONS STANDARDS

1236.1
Purpose.
1236.2
Definitions.
1236.3
Prudential standards as guidelines.
1236.4
Failure to meet a standard; Corrective plans.
1236.5
Failure to submit a corrective plan; Noncompliance.

Appendix to Part 1236—Prudential Management and Operations Standards

Start Authority

Authority: 12 U.S.C. 4511, 4513(a) and (f), 4513b, and 4526.

End Authority
Start Printed Page 35795
Purpose.

This part establishes the prudential management and operations standards that are required by 12 U.S.C. 4513b, and specifies the possible consequences for any regulated entity that fails to operate in accordance with the standards or otherwise fails to comply with this part.

Definitions.

Unless otherwise indicated, terms used in this part have the meanings that they have in the Federal Housing Enterprises Financial Safety and Soundness Act, 12 U.S.C. 4501 et seq., or the Federal Home Loan Bank Act, 12 U.S.C. 1421 et seq.

Extraordinary growth, for purposes of 12 U.S.C. 4513b(b)(3)(C), means, with respect to the Banks, for a given calendar quarter, quarterly non-annualized growth of non-advance assets in excess of 7.5 percent, and with respect to the Enterprises, for a given calendar quarter, quarterly non-annualized growth of assets in excess of 7.5 percent, in both cases with such growth occurring within the 18-month period preceding the issuance of a written notice requiring the entity to submit a corrective plan. For purposes of calculating an increase in assets, assets acquired through merger or acquisition approved by FHFA are not to be included.

FHFA means the Federal Housing Finance Agency.

Standard means any one or more of the prudential management and operations standards set out in the Appendix to this part, as modified from time to time pursuant to § 1236.3(b).

Prudential standards as guidelines.

(a) The Standards constitute the prudential management and operations standards required by 12 U.S.C. 4513b.

(b) The Standards are adopted as guidelines, as authorized by 12 U.S.C. 4513b(a), and the Director may modify, revoke or add to the Standards, or any one or more of them, at any time by order.

(c) Failure to meet any Standard may constitute an unsafe and unsound practice for purposes of the enforcement provisions of 12 U.S.C. chapter 46, subchapter III.

Failure to meet a standard; Corrective plans.

(a) Determination. FHFA may, based upon an examination, inspection or any other information, determine that a regulated entity has failed to meet one or more of the Standards.

(b) Submission of corrective plan. If a regulated entity has failed to meet any Standard, FHFA may, by written notice, require the regulated entity to submit a corrective plan.

(c) Corrective plans.—(1) Contents of plan. A corrective plan shall describe the actions the regulated entity will take to correct its failure to meet any one or more of the Standards, and the time within which each action will be taken.

(2) Filing deadline.—(i) In general. A regulated entity must file a written corrective plan with FHFA within thirty (30) calendar days of being notified of its failure to meet a Standard, unless FHFA notifies the regulated entity in writing that the plan must be filed within a different time period.

(ii) Other plans. If a regulated entity must file, or currently is operating under, a capital restoration plan submitted pursuant to 12 U.S.C. 4622, a cease-and-desist order entered into pursuant to 12 U.S.C. 4631 or 4632, a formal or informal agreement, or a response to a report of examination or report of inspection, it may, with the permission of FHFA, submit the corrective plan required under this section as part of that other plan, order, agreement or response, subject to the deadline in paragraph (c)(2)(i) of this section.

(d) Amendment of corrective plan. A regulated entity that is operating in accordance with an approved corrective plan may submit a written request to FHFA to amend the plan as necessary to reflect any changes in circumstance. Until such time that FHFA approves a proposed amendment, the regulated entity must continue to operate in accordance with the terms of the corrective plan as previously approved.

(e) Review of corrective plans and amendments. Within thirty (30) calendar days of receiving a corrective plan or proposed amendment to a plan, FHFA will notify the regulated entity in writing of its decision on the plan, will direct the regulated entity to submit additional information, or will notify the regulated entity that FHFA has established a different deadline.

Failure to submit a corrective plan; Noncompliance.

(a) Remedies. If a regulated entity fails to submit an acceptable corrective plan under § 1236.4(b), or fails to implement or otherwise comply with an approved corrective plan, FHFA shall order the regulated entity to correct that deficiency, and may:

(1) Prohibit the regulated entity from increasing its average total assets, as defined in 12 U.S.C. 4516(b)(4), for any calendar quarter over its average total assets for the preceding calendar quarter, or may otherwise restrict the rate at which the average total assets of the regulated entity may increase from one calendar quarter to another;

(2) Prohibit the regulated entity from paying dividends;

(3) Prohibit the regulated entity from redeeming or repurchasing capital stock;

(4) Require the regulated entity to maintain or increase its level of retained earnings;

(5) Require an Enterprise to increase its ratio of core capital to assets, or require a Bank to increase its ratio of total capital, as defined in 12 U.S.C. 1426(a)(5) to assets; or

(6) Require the regulated entity to take any other action that the Director determines will contribute to bringing the regulated entity into compliance with the Standards.

(b) Extraordinary growth. If a regulated entity that has failed to submit an acceptable corrective plan or has failed to implement or otherwise comply with an approved corrective plan, also has experienced extraordinary growth within the 18 months prior to being notified by FHFA that it has failed to meet any of the Standards, FHFA shall impose at least one of the sanctions listed in paragraph (a) of this section.

(c) Orders.—(1) Notice. Except as provided in paragraph (c)(4) of this section, FHFA will notify a regulated entity in writing of its intent to issue an order requiring the regulated entity to correct a deficiency under the Standards. Any such notice will include:

(i) A statement that the regulated entity has failed to submit a corrective plan under § 1236.4, or has not implemented or otherwise has not complied with an approved plan;

(ii) A description of any sanctions that FHFA intends to impose and, in the case of the mandatory sanctions required by 12 U.S.C. 4513b(b)(3), a statement that FHFA believes that the regulated entity has experienced extraordinary growth; and

(iii) The proposed date when any sanctions would become effective or the proposed date for completion of any required actions.

(2) Response to notice. A regulated entity may file a written response to a notice of intent to issue an order, which must be delivered to FHFA within fourteen (14) calendar days of the date of the notice, unless FHFA determines that a different time period is appropriate in light of the safety and soundness of the regulated entity or other relevant circumstances. The response should include:

(i) An explanation why the regulated entity believes that the action proposed Start Printed Page 35796by FHFA is not an appropriate exercise of discretion;

(ii) Any recommended modification of the proposed order; and

(iii) Any other relevant information, mitigating circumstances, documentation or other evidence in support of the position of the regulated entity regarding the proposed order.

(3) Failure to file response. A regulated entity's failure to file a written response within the specified time period will constitute a waiver of the opportunity to respond and will constitute consent to issuance of the order.

(4) Immediate issuance of final order. FHFA may issue an order requiring a regulated entity immediately to take actions to correct a prudential management and operations standards deficiency or take or refrain from taking other actions pursuant to paragraph (a) of this section. Within fourteen (14) calendar days of the issuance of an order under this paragraph, or other time period specified by FHFA, a regulated entity may submit a written appeal of the order to FHFA. FHFA will respond in writing to a timely filed appeal within sixty (60) days after receiving the appeal. During this period, the order will remain in effect unless FHFA stays the effectiveness of the order.

(d) Request for modification or rescission of order. A regulated entity subject to an order under this part may submit a written request to FHFA for an amendment to the order to reflect a change in circumstance. Unless otherwise ordered by FHFA, the order shall continue in place while such a request is pending before FHFA.

(e) Agency review and determination. FHFA will respond in writing within thirty (30) days after receiving a response or amendment request, unless FHFA notifies the regulated entity in writing that it will respond within a different time period. After considering a regulated entity's response or amendment request, FHFA may:

(1) Issue the order as proposed or in modified form;

(2) Determine not to issue the order and instead issue a different order; or

(3) Seek additional information or clarification of the response from the regulated entity, or any other relevant source.

Appendix to Part 1236—Prudential Management and Operations Standards

Standard 1—Internal Controls and Information Systems

Responsibilities of the Board of Directors

1. The board of directors of each regulated entity is responsible for ensuring that an adequate and effective system of internal controls is established and maintained, and that management includes personnel who are appropriately trained and competent to oversee this function.

2. The board of directors should approve and periodically review the regulated entity's overall business strategies and significant policies.

3. The board of directors should approve the regulated entity's organizational structure.

4. The board of directors should ensure that senior management monitors the effectiveness of the regulated entity's internal controls and information systems.

Responsibilities of Senior Management

5. Senior management should implement strategies and policies approved by the board of directors, and should ensure that the regulated entity has personnel who are appropriately trained and competent to carry out this function.

6. Senior management should establish and maintain an organizational structure that clearly assigns responsibility, authority, and reporting relationships.

7. Senior management should ensure an appropriate segregation of duties.

8. Senior management should ensure that personnel are not assigned conflicting responsibilities.

9. Senior management should ensure that staff carries out delegated responsibilities.

10. Senior management should establish appropriate internal control policies.

11. Senior management should monitor the adequacy and effectiveness of the regulated entity's internal controls and information systems.

12. Senior management should ensure that the regulated entity's internal controls are monitored on an ongoing basis through a formal self-assessment process.

Responsibilities of the Board of Directors and Senior Management

13. The board of directors and senior management should promote high ethical standards.

14. The board of directors and senior management should establish a culture within the organization that emphasizes and demonstrates to personnel at all levels the importance of internal controls.

15. The board of directors and senior management should address promptly any violations, findings, weaknesses, deficiencies, and other issues in need of remediation.

Risk Recognition and Assessment

16. A regulated entity should have an effective risk assessment process.

17. A regulated entity's risk assessment process should ensure that management recognizes and continually assesses all material risks, including credit risk, market risk, interest rate risk, liquidity risk, and operational risk.

Control Activities and Segregation of Duties

18. A regulated entity should have an effective internal control system that defines control activities at every business level.

19. A regulated entity's control activities should include:

a. Board of directors and senior management reviews of progress toward goals and objectives;

b. Appropriate activity controls for each business unit;

c. Physical controls to protect property and other assets and limit access to property and systems;

d. Procedures for monitoring compliance with exposure limits and follow-up on non-compliance;

e. A system of approvals and authorizations for transactions over certain limits; and

f. A system for verification and reconciliation of transactions.

Information and Communication

20. A regulated entity should have information systems that provide relevant, accurate and timely information and data.

21. A regulated entity should have secure information systems that are supported by adequate contingency arrangements.

22. A regulated entity should have effective channels of communication to ensure that all personnel understand and adhere to policies and procedures affecting their duties and responsibilities.

Monitoring Activities and Correcting Deficiencies

23. A regulated entity should monitor the overall effectiveness of its internal controls and key risks on an ongoing basis and ensure that business units and internal and external audit conduct periodic evaluations.

24. Internal control deficiencies should be reported to senior management and the board of directors on a timely basis and addressed promptly.

Applicable Laws, Regulations, and Policies

25. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing internal controls and information systems.

Standard 2—Independence and Adequacy of Internal Audit Systems

Responsibilities of the Board of Directors and Senior Management

1. A regulated entity's board of directors should have an audit committee that ensures the independence of the internal audit function, and ensures that the internal audit department includes personnel who are appropriately trained and competent to oversee the internal audit function.

2. The board of directors should review and approve the audit committee charter at least every three years.

3. The audit committee of the board of directors is responsible for monitoring and evaluating the effectiveness of the regulated entity's internal audit function.

4. Issues reported by the internal audit department to the audit committee should be promptly addressed and satisfactorily resolved.

Internal Audit Function

5. A regulated entity should have an internal audit system that provides for Start Printed Page 35797adequate monitoring of the system of internal controls.

6. A regulated entity should have an independent and objective internal audit department that reports directly to the audit committee of the board of directors.

7. A regulated entity's internal audit department should be adequately staffed with properly trained and competent personnel.

8. The internal audit department should conduct risk-based audits.

9. The internal audit department should conduct adequate testing and review of internal control and information systems.

10. The internal audit department should ensure that violations, findings, weaknesses and other issues reported by regulators, external auditors, and others are promptly addressed and satisfactorily resolved.

Applicable Laws, Regulations, and Policies

11. A regulated entity should comply with applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the independence and adequacy of internal audit systems.

Standard 3—Management of Market Risk Exposure

Responsibilities of the Board of Directors

1. The board of directors has ultimate responsibility for understanding the nature and level of the regulated entity's market risk exposures and should understand the possible short- and long-term effects of those exposures on the financial health of the regulated entity, including the possible short- and long-term consequences to earnings, liquidity, and economic value.

2. The board of directors should approve all major strategies and policies relating to the management of market risk and should ensure that the regulated entity's market risk strategy is consistent with its overall business plan and that senior management includes personnel who are appropriately trained and competent to oversee the management of the regulated entity's market risk exposure.

3. The board of directors should establish the regulated entity's tolerance for market risk and provide management with clear guidance regarding the level of acceptable market risk.

4. The board of directors should review the regulated entity's entire market risk management framework, including policies and entity-wide risk limits at least annually, and more frequently in the event of significant changes in market or financial conditions. The review should also include an assessment of compliance with the risk limits.

5. The board of directors or a committee thereof should ensure that senior management has taken the steps necessary to identify, measure, manage, and control the regulated entity's market risk exposures.

6. The board of directors or a committee thereof should ensure that the regulated entity's market risk policies establish lines of authority and responsibility for managing market risk.

7. The board or a committee thereof should review the regulated entity's risk exposures on a periodic basis. The board of directors should ensure that management takes appropriate corrective measures when market risk limit violations or breaches occur.

Responsibilities of Senior Management

8. Senior management should ensure that market risk policies and procedures are clearly written, sufficiently detailed, and followed, and should ensure that the regulated entity has personnel who are appropriately trained and competent to implement the policies and procedures related to market risk exposure.

9. Senior management should ensure that the regulated entity has adequate systems and resources available to manage and control the regulated entity's market risk. Senior management should ensure that policies and procedures assign responsibility for managing the regulated entity's market risk limits.

10. Senior management should ensure that the lines of authority and responsibility for managing market risk and monitoring market risk limits are clearly identified.

11. Senior management should ensure that policies and procedures identify remedial actions to be taken when market risk limit violations occur.

12. Senior management should regularly review and discuss with the board of directors information regarding the regulated entity's market risk exposures that is sufficient in detail and timeliness to permit the board of directors to understand and assess the performance of management with respect to the management of market risk.

Market Risk Strategy

13. A regulated entity should have a clearly defined and well-documented strategy for managing market risk. The strategy should specify a target account, or target accounts, for managing market risk (e.g., specify whether the objective is to control risk to earnings, net portfolio value, or some other target, or some combination of targets).

14. Management should ensure that the board of directors is made aware of the advantages and disadvantages of the regulated entity's chosen market risk management strategy as well as those of alternative strategies so that the board of directors can make an informed judgment about the relative efficacy of the different strategies.

15. A Bank's strategy for managing market risk should take into account the importance of maintaining the market value of equity of member stock commensurate with the par value of that stock so that the Bank is able to redeem and repurchase member stock at par value.

16. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance, (e.g., advisory bulletins) governing the independence and adequacy of the management of market risk exposure.

Standard 4—Management of Market Risk—Measurement Systems, Risk Limits, Stress Testing, and Monitoring and Reporting

Risk Measurement Systems

1. A regulated entity should have a risk measurement system (a model or models) that capture(s) all material sources of market risk and provide(s) meaningful and timely measures of the regulated entity's risk exposures, as well as personnel who are appropriately trained and competent to operate and oversee the risk measurement system.

2. The risk measurement system should be capable of estimating the effect of changes in interest rates and other key risk factors on the regulated entity's earnings and market value of equity over a range of scenarios.

3. The measurement system should be capable of valuing all financial assets and liabilities in the regulated entity's portfolio.

4. The measurement system should address all material sources of market risk including repricing risk, yield curve risk, basis risk, and options risk.

5. Management should ensure the integrity and timeliness of the data inputs used to measure the regulated entity's market risk exposures, and should ensure that assumptions and parameters are reasonable and properly documented.

6. The measurement system's methodologies, assumptions, and parameters should be thoroughly documented, understood by management, and reviewed on a regular basis.

7. A regulated entity's market risk model should be upgraded periodically to incorporate advances in risk modeling technology.

8. A regulated entity should have a documented approval process for model changes that requires model changes to be authorized by a party independent of the party making the change.

9. A regulated entity should ensure that its models are independently validated on a regular basis.

Risk Limits

10. Risk limits should be consistent with the regulated entity's strategy for managing interest rate risk and should take into account the financial condition of the regulated entity, including its capital position.

11. Risk limits should address the potential impact of changes in market interest rates on net interest income, net income, and the regulated entity's market value of equity.

Stress Testing

12. A regulated entity should conduct stress tests on a regular basis for a variety of institution-specific and market-wide stress scenarios to identify potential vulnerabilities and to ensure that exposures are consistent with the regulated entity's tolerance for risk.

13. A regulated entity should use stress test outcomes to adjust its market risk management strategies, policies, and positions and to develop effective contingency plans.

14. Special consideration should be given to ensuring that complex financial instruments, including instruments with complex option features, are properly valued under stress scenarios and that the risks associated with options exposures are properly understood.

15. Management should ensure that the regulated entity's board of directors or a Start Printed Page 35798committee thereof considers the results of stress tests when establishing and reviewing its strategies, policies, and limits for managing and controlling interest rate risk.

16. The board of directors and senior management should review periodically the design of stress tests to ensure that they encompass the kinds of market conditions under which the regulated entity's positions and strategies would be most vulnerable.

Monitoring and Reporting

17. A regulated entity should have an adequate management information system for reporting market risk exposures.

18. The board of directors, senior management, and the appropriate line managers should be provided with regular, accurate, informative, and timely market risk reports.

Applicable Laws, Regulations, and Policies

19. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the management of market risk.

Standard 5—Adequacy and Maintenance of Liquidity and Reserves

Responsibilities of the Board of Directors

1. The board of directors should approve, at least annually, all major strategies and policies governing the adequacy, maintenance, and management of liquidity and reserves, and should ensure that senior management includes persons who are appropriately trained and competent to oversee the management of the regulated entity's liquidity and reserves.

2. The board of directors should ensure that the regulated entity's liquidity is managed in accordance with approved strategies, policies, and procedures.

Responsibilities of Senior Management

3. Senior management should develop strategies, policies, and practices to manage liquidity risk to ensure that the regulated entity maintains sufficient liquidity, and should ensure that the regulated entity has personnel who are appropriately trained and competent to oversee the management of the regulated entity's liquidity and reserves.

4. Senior management should provide the board of directors with periodic reports on the regulated entity's liquidity position.

Policies, Practices, and Procedures

5. A regulated entity should establish a liquidity management framework that ensures it maintains sufficient liquidity to withstand a range of stressful events.

6. A regulated entity should articulate a liquidity risk tolerance that is appropriate for its business strategy and its mission goals and objectives.

7. A regulated entity should have a sound process for identifying, measuring, monitoring, controlling, and reporting its liquidity position and its liquidity risk exposures.

8. A regulated entity should establish a funding strategy that provides effective diversification in the sources and tenor of funding.

9. A regulated entity should conduct stress tests on a regular basis for a variety of institution-specific and market-wide stress scenarios to identify sources of potential liquidity strain and to ensure that current exposures remain in accordance with each regulated entity's established liquidity risk tolerance.

10. A regulated entity should use stress test outcomes to adjust its liquidity management strategies, policies, and positions and to develop effective contingency plans.

11. A regulated entity should have a formal contingency funding plan that clearly sets out the strategies for addressing liquidity shortfalls in emergencies. Where practical, contingent funding sources should be tested or drawn on periodically to assess their reliability and operational soundness.

12. A regulated entity should maintain adequate reserves of liquid assets, including adequate reserves of unencumbered, marketable securities that can be liquidated to meet unexpected needs.

Applicable Laws, Regulations, and Policies

13. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the adequacy and maintenance of liquidity and reserves.

Standard 6—Management of Asset and Investment Portfolio Growth

Responsibilities of the Board of Directors and Senior Management

1. The board of directors is ultimately responsible for ensuring that each regulated entity manages its asset growth and investment portfolio growth in a prudent manner, and ensuring that senior management includes persons who are appropriately trained and competent to oversee the management of the regulated entity's growth in those areas.

2. The board of directors of each regulated entity should establish policies governing the regulated entity's assets and investment growth, including policies that establish prudential limits on the growth of mortgages and mortgage-backed securities. The board of directors should review such policies at least annually.

3. Senior management should adhere to board-approved policies governing asset growth and investment portfolio growth, and should ensure that the regulated entity includes personnel who are appropriately trained and competent to manage the growth of the assets and investment portfolio.

4. A regulated entity should manage asset growth and investment growth in a manner that is consistent with the regulated entity's business strategy, board-approved policies and risk tolerances, and safe and sound operations.

5. A regulated entity should manage asset growth and investment growth in a way that is compatible with mission goals and objectives.

Applicable Laws, Regulations, and Policies

6. A regulated entity should manage investments and acquisition of assets in a way that complies with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins).

Standard 7—Investments and Acquisitions of Assets

Responsibilities of the Board of Directors and Senior Management

1. The board of directors is ultimately responsible for ensuring that the regulated entity manages its investments and acquisitions in a prudent manner, and for ensuring that senior management includes persons who are appropriately trained and competent to oversee the regulated entity's investments and acquisitions.

2. The board of directors should approve and periodically review the regulated entity's policies governing investments and acquisitions of other assets.

3. A regulated entity should have an investment policy that establishes clear and explicit guidelines that are appropriate to the regulated entity's mission and objectives. The investment policy should establish the regulated entity's investment objectives, risk tolerances, investment constraints, and policies and procedures for selecting investments.

4. A regulated entity should have a board-approved policy governing acquisitions of other assets (i.e., assets other than investments). The policy should establish clear and explicit guidelines for asset acquisitions that are appropriate to the regulated entity's mission and objectives.

5. A regulated entity should manage investments and acquisitions of assets in a manner that is consistent with mission goals and objectives.

6. The board of directors of each Bank should ensure that the Bank's investment policies and acquisition of assets take into account the importance of maintaining the market value of member stock commensurate with the par value of that stock so that the Bank is able to redeem and repurchase member stock at par value at all times.

Applicable Laws, Regulations, and Policies

7. A regulated entity should manage investments and acquisitions of assets in a way that complies with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins).

Standard 8—Overall Risk Management Processes

Responsibilities of the Board of Directors

1. The board of directors is ultimately responsible for the regulated entity's risk management processes, and for ensuring that senior management includes persons who are appropriately trained and competent to oversee the regulated entity's risk management process.

2. The board of directors, or a risk committee of the board, should ensure that the requisite processes are in place to identify, manage, monitor, and control the regulated entity's risk exposures on a business unit and an enterprise-wide basis.

3. The board of directors should approve all major risk limits of the regulated entity.

4. The board of directors should ensure incentive compensation measures for senior management capture a full range of risks to which the regulated entity is exposed, and compensation is not tied solely to operating Start Printed Page 35799efficiency measures, such as profits, dividends, or costs in isolation.

Responsibilities of the Board and Senior Management

5. The board of directors and senior management should take an active role in establishing and sustaining an organizational awareness and culture that promotes effective enterprise risk management.

6. The board of directors and senior management should be provided with accurate, timely, and informative risk reports on a regular basis that provide an overview of the regulated entity's overall risk profile, including its exposures to market, credit, liquidity, and operational risks and any concentration of risk.

7. The board of directors and senior management should ensure that the regulated entity's overall risk profile is aligned with its mission objectives.

8. The board of directors and senior management should ensure that the regulated entity performs a comprehensive risk self-assessment, on an annual basis, to identify and evaluate all material risks.

Independent Risk Management Function

9. A regulated entity should have an independent risk management function, or unit, with responsibility for risk measurement and risk monitoring, including monitoring and enforcement of risk limits.

10. The chief risk officer should head the risk management function.

11. The chief risk officer should report directly to the chief executive officer or the risk committee of the board of directors. If the chief risk officer reports to the chief executive officer, he/she should also have a direct and independent reporting relationship with the risk committee of the board of directors.

12. The risk management function should have adequate resources, including a well-trained and capable staff.

Risk Measurement, Monitoring, and Control

13. A regulated entity should measure, monitor, and control its overall risk exposures, reviewing market, credit, liquidity, and operational risk exposures on both a business unit (or business segment) and enterprise-wide basis.

14. A regulated entity should have the risk management systems to generate, at an appropriate frequency, the information needed to manage risk. Such systems should include systems for market, credit, operational, and liquidity risk analysis, asset and liability management, regulatory reporting, and performance measurement.

15. A regulated entity should have a comprehensive set of risk limits and monitoring procedures to ensure that risk exposures remain within established risk limits, and a mechanism for reporting violations and breaches of risk limits to senior management and the board of directors.

16. A regulated entity should ensure that it has sufficient controls around risk measurement models to ensure the completeness, accuracy, and timeliness of risk information.

17. A regulated entity should have adequate and well-tested disaster recovery and business resumption plans for all major systems and have remote facilitates to limit the impact of disruptive events.

Applicable Laws, Regulations, and Policies

18. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the management of risk.

Standard 9—Management of Credit and Counterparty Risk

Responsibilities of the Board of Directors and Senior Management

1. The board of directors and senior management are responsible for ensuring that the regulated entity has credit risk management policies, procedures, and systems that are appropriate to its business model and that cover all aspects of credit administration including credit pricing, underwriting, credit limits, collateral standards, and collateral valuation procedures.

2. The board of directors and senior management should ensure that the regulated entity has appropriate policies and procedures governing derivatives and the use of clearinghouses and exchanges for derivatives trades.

3. The board of director and senior management should ensure that the regulated entity has personnel that are appropriately trained and competent to manage credit and counterparty risk, and that they have the necessary tools, procedures, and systems for assessing credit and counterparty risk.

4. Senior management should provide its board of directors with regular briefings and reports on the regulated entity's credit exposures, including information on concentrations of credit, the level and trends in delinquencies and problem credits, and management efforts to address problem credits. Such briefings and reports should include the results of scenario analysis and stress tests and their effects on delinquencies and other key financial ratios.

Policies, Procedures, Controls, and Systems

5. A regulated entity should have policies that limit concentrations of credit risk and systems to identify concentrations of credit risk.

6. A regulated entity should establish prudential limits to restrict exposures to a single counterparty that are appropriate to its business model.

7. A regulated entity should establish prudential limits to restrict exposures to groups of related counterparties that are appropriate to its business model.

8. A regulated entity should have policies, procedures, and systems for evaluating credit risk that will enable it to make informed credit decisions.

9. A regulated entity should have policies, procedures, and systems for evaluating credit risk that will enable it to ensure that claims are legally enforceable.

10. A regulated entity should have policies and procedures for addressing problem credits.

11. A regulated entity should have a system of independent, ongoing credit review, including stress testing and scenario analysis to identify possible unfavorable events.

Applicable Laws, Regulations, and Policies

12. A regulated entity should manage credit and counterparty risk in a way that complies with applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins).

Standard 10—Maintenance of Adequate Records

1. A regulated entity should maintain financial records in compliance with Generally Accepted Accounting Principles (GAAP), FHFA guidelines, and applicable laws and regulations.

2. A regulated entity should ensure that assets are safeguarded and financial and operational information is timely and reliable.

3. A regulated entity should have a records management plan consistent with laws and corporate policies, including accounting policies, as well as personnel that are appropriately trained and competent to oversee and implement the records management plan.

4. A regulated entity should conduct a review and approval of the records management plan and records retention schedule for all types of records by the board of directors at least once every two years.

5. A regulated entity should ensure that reporting errors or irregularities are detected and corrected in a timely manner.

Applicable Laws, Regulations, and Policies

6. A regulated entity should comply with all applicable laws, regulations, and supervisory guidance (e.g., advisory bulletins) governing the maintenance of adequate records.

Start Signature

Dated: June 14, 2011.

Edward J. DeMarco,

Acting Director, Federal Housing Finance Agency.

End Signature
End Part End Supplemental Information

Footnotes

1.  The authorizing statute for Fannie Mae is the Federal National Mortgage Association Charter Act (12 U.S.C. 1716-1723i), for Freddie Mac, the Federal Home Loan Mortgage Corporation Act (12 U.S.C. 1451-1459), and for the Banks, the Federal Home Loan Bank Act (12 U.S.C. 1421-1449) (Bank Act). 12 U.S.C. 4502(3).

Back to Citation

2.  Sections 1302 and 1312 of HERA (codified at 12 U.S.C. 4511 note) provide that all regulations, orders, determinations, and resolutions issued or prescribed by OFHEO and the FHFB remain in effect until modified, terminated, set aside, or superseded by FHFA.

Back to Citation

[FR Doc. 2011-15100 Filed 6-17-11; 8:45 am]

BILLING CODE 8070-01-P