[Federal Register Volume 84, Number 201 (Thursday, October 17, 2019)]
[Notices]
[Pages 55679-55684]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2019-22656]
-----------------------------------------------------------------------
DEPARTMENT OF TREASURY
Office of the Comptroller of the Currency
[Docket ID OCC-2019-0018]
FEDERAL RESERVE SYSTEM
[Docket ID OP-1679]
FEDERAL DEPOSIT INSURANCE CORPORATION
RIN 3064-ZA09
NATIONAL CREDIT UNION ADMINISTRATION
RIN 3133-AF05
Interagency Guidance on Credit Risk Review Systems
AGENCY: Office of the Comptroller of the Currency (OCC), Treasury;
Board of Governors of the Federal Reserve System (Board); Federal
Deposit Insurance Corporation (FDIC); and National Credit Union
Administration (NCUA).
ACTION: Proposed guidance.
-----------------------------------------------------------------------
SUMMARY: The OCC, the Board, the FDIC, and the NCUA (collectively, the
agencies) are inviting comment on proposed guidance for credit risk
review systems. This proposed guidance is relevant to all institutions
supervised by the agencies. The proposed guidance discusses sound
management of credit risk, a system of independent, ongoing credit
review, and appropriate communication regarding the performance of the
institution's loan portfolio to its management and board of directors.
DATES: Comments must be received by December 16, 2019.
ADDRESSES: Interested parties are encouraged to submit written comments
to any or all of the agencies listed below. The agencies will share
comments with each other.
Comments should be directed to:
OCC: You may submit comments to the OCC by any of the methods set
forth below. Commenters are encouraged to submit comments through the
Federal eRulemaking Portal or email, if possible. Please use the title
``Interagency Guidance on Credit Risk Review Systems'' to facilitate
the organization and distribution of the comments. You may submit
comments by any of the following methods:
Federal eRulemaking Portal--``Regulations.gov'': Go to
www.regulations.gov. Enter ``Docket ID OCC-2019-0018'' in the Search
Box and click ``Search.'' Click on ``Comment
[[Page 55680]]
Now'' to submit public comments. Click on the ``Help'' tab on the
Regulations.gov home page to get information on using Regulations.gov,
including instructions for submitting public comments.
Email: [email protected].
Mail: Chief Counsel's Office, Attn: Comment Processing,
Office of the Comptroller of the Currency, 400 7th Street SW, Suite 3E-
218, Washington, DC 20219.
Hand Delivery/Courier: 400 7th Street SW, Suite 3E-218,
Washington, DC 20219.
Instructions: You must include ``OCC'' as the agency name and
``Docket ID OCC-2019-0018'' in your comment. In general, the OCC will
enter all comments received into the docket and publish the comments on
the Regulations.gov website without change, including any business or
personal information provided such as name and address information,
email addresses, or phone numbers. Comments received, including
attachments and other supporting materials, are part of the public
record and subject to public disclosure. Do not include any information
in your comment or supporting materials that you consider confidential
or inappropriate for public disclosure.
You may review comments and other related materials that pertain to
this rulemaking action by any of the following methods:
Viewing Comments Electronically: Go to
www.regulations.gov. Enter ``Docket ID OCC-2019-0018'' in the Search
box and click ``Search.'' Click on ``Open Docket Folder'' on the right
side of the screen. Comments and supporting materials can be viewed and
filtered by clicking on ``View all documents and comments in this
docket'' and then using the filtering tools on the left side of the
screen. Click on the ``Help'' tab on the Regulations.gov home page to
get information on using Regulations.gov. The docket may be viewed
after the close of the comment period in the same manner as during the
comment period.
Viewing Comments Personally: You may personally inspect
comments at the OCC, 400 7th Street SW, Washington, DC 20219. For
security reasons, the OCC requires that visitors make an appointment to
inspect comments. You may do so by calling (202) 649-6700 or, for
persons who are deaf or hearing impaired, TTY, (202) 649-5597. Upon
arrival, visitors will be required to present valid government-issued
photo identification and submit to security screening in order to
inspect comments.
Board: When submitting comments, please consider submitting your
comments by email or fax because paper mail in the Washington, DC area
and at the Board may be subject to delay.
You may submit comments, identified by OP-1679, by any of the
following methods:
Agency website: http://www.federalreserve.gov. Follow the
instructions for submitting comments at http://www.federalreserve.gov/generalinfo/foia/RevisedRegs.cfm.
Email: [email protected]. Include docket
and RIN numbers in the subject line of the message.
Fax: (202) 452-3819 or (202) 452-3102.
Mail: Ann E. Misback, Secretary, Board of Governors of the
Federal Reserve System, 20th Street and Constitution Avenue NW,
Washington, DC 20551.
All public comments will be made available on the Board's website
at: http://www.federalreserve.gov/generalinfo/foia/RevisedRegs.cfm as
submitted, unless modified for technical reasons or to remove
personally identifiable information at the commenter's request.
Accordingly, comments will not be edited to remove any identifying or
contact information. Public comments may also be viewed electronically
or in paper in Room 3515, 1801 K Street NW (between 18th and 19th
Streets NW), between 9:00 a.m. and 5:00 p.m. on weekdays.
FDIC: You may submit comments, identified by FDIC RIN 3064-ZA09, by
any of the following methods:
Agency website: https://www.fdic.gov/regulations/laws/federal/. Follow instructions for submitting comments on the Agency
website.
Mail: Robert E. Feldman, Executive Secretary, Attention:
Comments/Legal ESS, Federal Deposit Insurance Corporation, 550 17th
Street NW, Washington, DC 20429.
Hand Delivery/Courier: Comments may be hand-delivered to
the guard station at the rear of the 550 17th Street NW building
(located on F Street) on business days between 7:00 a.m. and 5:00 p.m.
Email: [email protected]. Comments submitted must include
``FDIC'' and ``RIN 3064-ZA09'' on the subject line of the message.
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Public Inspection: All comments received must include
``FDIC'' and ``RIN 3064-ZA09'' for this rulemaking. All comments
received will be posted without change to http://www.fdic.gov/regulations/laws/federal/, including any personal information provided.
NCUA: You may submit comments by any one of the following methods
(please send comments by one method only):
Federal rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Email: Address to [email protected]. Include ``[Your
name]--Comments on ``Interagency Guidance on Credit Risk Review
Systems'' in the email subject line.
Fax: (703) 518-6319. Use the subject line described above
for email.
Mail: Address to Gerard Poliquin, Secretary of the Board,
National Credit Union Administration, 1775 Duke Street, Alexandria,
Virginia 22314-3428.
Hand Delivery/Courier: Same as mail address.
Public Inspection: You can view all public comments on NCUA's
website at https://www.ncua.gov/regulation-supervision/rules-regulations/proposed-pending-and-recently-final-regulations as
submitted, except for those we cannot post for technical reasons. NCUA
will not edit or remove any identifying or contact information from the
public comments submitted. You may inspect paper copies of comments in
NCUA's law library at 1775 Duke Street, Alexandria, Virginia 22314, by
appointment weekdays between 9:00 a.m. and 3:00 p.m. To make an
appointment, call (703) 518-6546 or send an email to [email protected].
FOR FURTHER INFORMATION CONTACT:
OCC: Beth Nalyvayko, Bank Examiner, or Lou Ann Francis, Director,
Commercial Credit Risk, (202) 649-6670; or Kevin Korzeniewski, Counsel,
Chief Counsel's Office, (202) 649-5490. For persons who are hearing
impaired, TTY, (202) 649-5597.
Board: Constance Horsley, Deputy Associate Director, (202) 452-
5239; Virginia Gibbs, Manager, (202) 452-2521; or Carmen Holly, Lead
Financial Institution Policy Analyst (202) 973-6122, the Division of
Supervision and Regulation; or Alyssa O'Connor, Attorney, Legal
Division, (202) 452-3886, Board of Governors of the Federal Reserve
System, 20th and C Streets NW, Washington, DC 20551.
FDIC: Thomas F. Lyons, Chief, Policy & Program Development,
fdic.gov">tlyons@fdic.gov (202) 898-6850; George J. Small, Senior Examination
Specialist, Risk Management Policy, fdic.gov">gsmall@fdic.gov (917) 320-2750,
Risk Management Supervision; Ann M. Adams, Senior Examination
Specialist, Risk Management Policy,
[[Page 55681]]
annadams@fdic.gov (347) 751-2469, Risk Management Supervision; or
Andrew B. Williams II, Counsel, fdic.gov">andwilliams@fdic.gov; (202) 898-3581,
Supervision and Legislation Branch, Legal Division, Federal Deposit
Insurance Corporation; 550 17th Street NW, Washington, DC 20429.
NCUA: Vincent H. Vieten, Senior Credit Specialist (703) 518-6618;
Uduak Essien, Director (703) 518-6399, Division of Credit Markets; or
Ian Marenna, Associate General Counsel (703) 518-6554, Office of
General Counsel.
SUPPLEMENTARY INFORMATION:
I. Background
The agencies' current credit risk review guidance is contained in
Attachment 1--Loan Review Systems--of the Interagency Policy Statement
on the Allowance for Loan and Lease Losses (ALLL) (2006 attachment
1).\1\ The agencies are proposing to update that guidance to reflect
the current expected credit losses methodology (CECL).\2\ Further, the
agencies recognize that credit risk review systems have a broader
application in risk management programs than just providing information
on the collectibility of an institution's loan portfolio for
determining an appropriate level for the ACLs or Allowance for Loan and
Lease Losses (ALLL), as applicable. Therefore, the agencies are
proposing to issue guidance on credit risk review systems as a
standalone guidance document and accordingly rescind the 2006
attachment 1. The proposed guidance on credit risk review will continue
to be applicable to all supervised institutions.
---------------------------------------------------------------------------
\1\ See OCC Bulletin 2006-47 (December 13, 2006); FDIC Financial
Institution Letter FIL-105-2006 (December 13, 2006); Federal Reserve
Supervision and Regulation (SR) letter 06-17 (December 13, 2006);
NCUA Accounting Bulletin No. 06-01 (December 2006).
\2\ The Financial Accounting Standards Board's (FASB's)
Accounting Standards Update 2016-13, Financial Instruments--Credit
Losses (Topic 326): Measurement of Credit Losses on Financial
Instruments and subsequent amendments issued since June 2016 are
codified in Accounting Standards Codification (ASC) Topic 326,
Financial Instruments--Credit Losses (FASB ASC Topic 326). FASB ASC
Topic 326 revises the accounting for the allowances for credit
losses (ACLs) and introduces CECL. The proposed guidance on CECL is
contained in a separate notice published in today's Federal
Register.
---------------------------------------------------------------------------
II. Overview of the Proposed Interagency Guidance on Credit Risk Review
Systems
The proposed guidance aligns with the Interagency Guidelines
Establishing Standards for Safety and Soundness (Guidelines) \3\ which
sets out safety and soundness standards for insured depository
institutions to establish a system for independent, ongoing credit risk
review, and including regular communication to its management and board
of directors regarding the institution's loan portfolio performance.\4\
This guidance is appropriate for all institutions \5\ and describes a
broad set of practices that can occur either within a dedicated unit or
multiple units throughout an institution to form a credit risk review
system consistent with safe-and-sound lending practices and the
Guidelines. This guidance outlines principles for use in developing and
maintaining an effective credit risk review system. The nature of
credit risk review systems typically varies based on an institution's
size, complexity, loan types, risk profile, and risk management
practices. Therefore, the proposed guidance attempts to highlight
principles that can be scaled to an institution's loan activity.
---------------------------------------------------------------------------
\3\ 12 CFR part 30, Appendix A (OCC); 12 CFR part 208 Appendix
D-1 (Board); and 12 CFR part 364 Appendix A (FDIC). See Part 723 of
the NCUA Rules and Regulations.
\4\ For foreign banking organization branches, agencies, or
subsidiaries not operating under single governance in the United
States, the U.S. risk committee would serve in the role of the board
of directors for purposes of this guidance.
\5\ For purposes of this guidance, regulated institutions are
those supervised by the following agencies: The Board of Governors
of the Federal Reserve System (Board), the Federal Deposit Insurance
Corporation (FDIC), the National Credit Union Administration (NCUA),
and the Office of the Comptroller of the Currency (OCC).
---------------------------------------------------------------------------
The proposed guidance incorporates and updates the principles
enumerated in 2006 attachment 1 and reaffirms the key elements of an
effective credit risk review system, including qualifications and
independence of credit risk review personnel; the frequency, scope and
depth of reviews; and the review of findings and follow-up;
communication, and distribution of results. The proposed guidance
includes updates to reflect current industry credit review practices
and examples of credit risk review procedures and methods to help
ensure a proper degree of independence for small institutions. The
proposed guidance also outlines characteristics of an effective credit
risk rating framework, including the factors used to assign ratings to
promote an effective risk review by qualified, independent parties. As
described in the proposed guidance, independence from the lending
function is an important characteristic for personnel who assess credit
risks, develop the credit review plan, and follow-up on review
findings.
The proposed guidance discusses various criteria for consideration
in determining the scope of a risk-based loan review, including factors
such as loan size, credit information, borrower relationship,
concentration levels, performance, and other risk indicators. Further,
it articulates expectations for communicating review results. The
proposed guidance also discusses resolving risk rating differences
between loan officers and credit risk review personnel; conducting
discussions with appropriate loan officers and department managers; and
obtaining management responses for corrective action to address credit
risk review findings.
III. Request for Comment
The agencies request comments on all aspects of this proposed
guidance, including, but not limited to, those set forth below.
Question 1: To what extent does the proposed credit review guidance
reflect current sound practices for an institution's credit risk review
activities? What elements should be added or removed, and why?
Question 2: To what extent is the proposed credit review guidance
appropriate for institutions of all asset sizes? What elements should
be added or removed for institutions of differing sizes, and why?
Question 3: What if any additional factors should the agencies
consider incorporating into the guidance to help achieve a sufficient
degree of independence and why? To what extent does the approach
described for small or rural institutions with fewer resources or
employees provide for an appropriate degree of independence in the
credit review function? What if any modifications should the agencies
consider and why?
IV. The Paperwork Reduction Act
In accordance with the requirements of the Paperwork Reduction Act
of 1995 (PRA),\6\ the agencies may not conduct or sponsor, and the
respondent is not required to respond to, an information collection
unless it displays a currently valid Office of Management and Budget
(OMB) control number.
---------------------------------------------------------------------------
\6\ 44 U.S.C. 3501-3521.
---------------------------------------------------------------------------
The proposed guidance will not create any new or revise any
existing collections of information under the PRA. Therefore, no
information collection request will be submitted to the OMB for review.
V. Proposed Guidance
The text of the proposed guidance is as follows:
[[Page 55682]]
INTERAGENCY GUIDANCE ON CREDIT RISK REVIEW SYSTEMS
Introduction
The Interagency Guidelines Establishing Standards for Safety and
Soundness (Guidelines) \1\ underscore the critical importance of credit
risk review and set safety and soundness standards for insured
depository institutions to establish a system for independent, ongoing
credit risk review, and for appropriate communication to its management
and board of directors.\2\ This guidance, which aligns with the
Guidelines, is appropriate for all institutions \3\ and describes a
broad set of practices that can be used either within a dedicated unit
or across multiple units throughout an institution to form a credit
risk review system that is consistent with safe-and-sound lending
practices. This guidance outlines principles that an institution should
consider in developing and maintaining an effective credit risk review
system.
---------------------------------------------------------------------------
\1\ 12 CFR part 30, Appendix A (OCC); 12 CFR part 208 Appendix
D-1 (Board); and 12 CFR part 364 Appendix A (FDIC). Part 723 of NCUA
Rules and Regulations.
\2\ For foreign banking organization branches, agencies, or
subsidiaries not operating under single governance in the United
States, the U.S. risk committee would serve in the role of the board
of directors for purposes of this guidance.
\3\ For purposes of this guidance, regulated institutions are
those supervised by the following agencies: The Board of Governors
of the Federal Reserve System (Board), the Federal Deposit Insurance
Corporation (FDIC), the National Credit Union Administration (NCUA),
and the Office of the Comptroller of the Currency (OCC) hereafter
referred to as the ``agencies.''
---------------------------------------------------------------------------
Overview of Credit Risk Review Systems
The nature of credit risk review systems \4\ varies based on an
institution's size, complexity, loan types, risk profile, and risk
management practices. For example, in smaller or less complex
institutions, a credit risk review system may include qualified members
of the staff, including loan officers, other officers, or directors,
who are independent of the credits being assessed. In larger or more
complex institutions, a credit risk review system may include
components of a dedicated credit risk review function that are
independent of the institution's lending function. A credit risk review
system may also include various responsibilities assigned to credit
underwriting, loan administration, a problem loan workout group, or
other organizational units of an institution. Among other
responsibilities, these groups may administer the internal problem loan
reporting process, maintain the integrity of the credit risk rating
process, confirm that timely and appropriate changes are made to loan
risk ratings, and support the quality of information used to estimate
the Allowance for Credit Losses (ACL) or the Allowance for Loan and
Lease Losses, (ALLL), as applicable.\5\ Additionally, some or all of
the credit risk review function may be outsourced to a qualified third
party.
---------------------------------------------------------------------------
\4\ The credit risk review function is not intended to be
performed by an institutions' internal audit function. However, as
discussed in the agencies' March 2003 Interagency Policy Statement
on the Internal Audit Function and its Outsourcing (2003 policy
statement), some institutions coordinate the internal audit function
with several risk monitoring functions, such as the credit risk
review function. The 2003 policy statement states that coordination
of credit risk review with the internal audit function can
facilitate the reporting of material risk and control issues to the
audit committee, increase the overall effectiveness of these
monitoring functions, better utilize available resources, and
enhance the institution's ability to comprehensively manage risk.
However, an effective internal audit function maintains the ability
to independently audit the credit risk review function. (The NCUA
was not an issuing agency of the 2003 policy statement.)
\5\ Credit risk review may be referred to as loan review, credit
review, asset quality review, or another name as chosen by an
institution. The role of and expectations for credit risk review as
discussed in this document are distinct from the roles and
expectations for other groups within an institution that are also
responsible for monitoring, managing and reporting credit risk.
Examples may be those involved with lending functions, independent
risk management, loan work outs, and accounting. Each institution
indicates in its own policies and procedures the specific roles and
responsibilities of these different groups, including separation of
duties. A credit risk review unit, or individuals serving in that
role, can rely on information provided by other units in developing
its own independent assessment of credit risk in loan portfolios,
but should critically evaluate such information to maintain its own
view, and not rely exclusively on such information.
---------------------------------------------------------------------------
Regardless of the structure, an effective credit risk review system
accomplishes the following objectives:
Promptly identifies loans with actual and potential credit
weaknesses so that timely action can be taken to strengthen credit
quality and minimize losses.
Appropriately validates and, if necessary, adjusts risk
ratings, especially for those loans with potential or well-defined
credit weaknesses that may jeopardize repayment.
Identifies relevant trends that affect the quality of the
loan portfolio and highlights segments of the loan portfolio that are
potential problem areas.
Assesses the adequacy of and adherence to internal credit
policies and loan administration procedures and monitors compliance
with applicable laws and regulations.
Evaluates the activities of lending personnel, including
their compliance with lending policies and the quality of their loan
approval, monitoring, and risk assessment.
Provides management and the board of directors with an
objective, independent, and timely assessment of the overall quality of
the loan portfolio.
Provides management with accurate and timely credit
quality information for financial and regulatory reporting purposes,
including the determination of appropriate ACL or ALLL, as applicable.
Credit Risk Rating (or Grading) Framework
The foundation for any effective credit risk review system is
accurate and timely risk ratings to assess credit quality and identify
or confirm problem loans. An effective credit risk rating framework
includes the monitoring of individual loans and retail portfolios, or
segments thereof, with similar risk characteristics. An effective
framework also provides important information on the collectibility of
the portfolio for use in the determination of an appropriate ACL or
ALLL, as applicable. Further, an effective framework generally places
primary reliance on the lending staff to assign accurate and timely
risk ratings and identify emerging loan problems. However, given the
importance of the credit risk rating framework, the lending personnel's
assignment of particular risk ratings is typically subject to review by
qualified and independent: (i) Peers, managers, or loan committee(s);
(ii) part-time or full-time employee(s); (iii) internal departments
staffed with credit review specialists; or (iv) external credit review
consultants. A risk rating review that is independent of the lending
function and approval process can provide a more objective assessment
of credit quality.\6\
---------------------------------------------------------------------------
\6\ Small or rural institutions that have few resources or
employees may adopt modified credit risk review procedures and
methods to achieve a proper degree of independence. For example, in
the review process, such an institution may use qualified members of
the staff, including loan officers, other officers, or directors,
who are not involved with originating or approving the specific
credits being assessed and whose compensation is not influenced by
the assigned risk ratings. It is appropriate to employ such modified
procedures when more robust procedures and methods are impractical.
Institution management should have reasonable confidence that the
personnel chosen will be able to conduct reviews with the needed
independence despite their position within the loan function.
---------------------------------------------------------------------------
An effective credit risk rating framework includes the following
attributes:
A formal credit risk rating system in which the ratings
reflect the risk of default and credit losses, and for which a written
description of the credit risk framework is maintained, including a
[[Page 55683]]
discussion of the factors used to assign appropriate risk ratings to
individual loans and retail portfolios, or segments thereof, with
similar risk characteristics.\7\
---------------------------------------------------------------------------
\7\ A bank or savings association may have a credit risk rating
framework that differs from the framework for loan classifications
used by the federal banking agencies. Such banks and savings
associations should maintain documentation that translates their
risk ratings into the regulatory classification framework used by
the federal banking agencies. This documentation will enable
examiners to reconcile the totals for the various loan
classifications or risk ratings under the institution's system to
the federal banking agencies' categories contained in the Uniform
Agreement on the Classification and Appraisal of Securities Held by
Depository Institutions Attachment 1--Classification Definitions
(OCC: OCC Bulletin 2013-28; Board: SR Letter 13-18; and FDIC: FIL-
51-2013). The NCUA does not require credit unions to adopt a uniform
regulatory classification system. Risk rating guidance for credit
unions is set forth in NCUA letters to credit unions 10-CU-02,
``Current Risks in Business Lending and Sound Risk Management
Practices,'' issued January 2010 and 10-CU-03, ``Concentration
Risk,'' issued March 2010. See also the Commercial and Member
Business Loans section of the NCUA Examiner's Guide (Commercial and
Member Business Loans > Credit Risk Rating Systems).
---------------------------------------------------------------------------
Identification or grouping of loans that warrant the
special attention of management or other designated ``watch lists'' of
loans that management is more closely monitoring.\8\
---------------------------------------------------------------------------
\8\ In addition to loans designated as ``watch list,'' this
identification typically includes loans rated special mention,
substandard, doubtful or loss.
---------------------------------------------------------------------------
Clear explanation of why particular loans warrant the
special attention of management or have received an adverse risk
rating.
Evaluation of the effectiveness of approved workout plans.
A method for communicating direct, periodic, and timely
information to the institution's senior management and the board of
directors or appropriate board committee on the status of loans
identified as warranting special attention or adverse classification,
and the actions taken by management to strengthen the credit quality of
those loans.
Information on the institution's historical loss
experience for each segment of the loan portfolio.\9\
---------------------------------------------------------------------------
\9\ In particular, institutions with large and complex loan
portfolios typically maintain records of their historical loss
experience for credits in each of the categories in their risk
rating framework. For banks and savings associations, these
categories are either those used by, or those that can be translated
into those used by, the federal banking agencies.
---------------------------------------------------------------------------
Elements of an Effective Credit Risk Review System
An effective credit risk review system starts with a written credit
risk review policy \10\ that is reviewed and approved at least annually
by the institution's board of directors or appropriate board committee
to evidence its support of, and commitment to, maintaining an effective
system. Effective policies include a description of the overall risk
rating framework, and establish responsibilities for loan review based
on the portfolio being assessed. An effective credit risk review policy
addresses the following elements, described in more detail below: The
qualifications and independence of credit risk review personnel; the
frequency, scope, and depth of reviews; the review of findings and
follow-up; and communication and distribution of results.
---------------------------------------------------------------------------
\10\ See the Guidelines.
---------------------------------------------------------------------------
Qualifications of Credit Risk Review Personnel
An effective credit risk review function is staffed with personnel
who are qualified based on their level of education, experience, and
extent of formal credit training. Qualified personnel are knowledgeable
in both sound lending practices and the institution's lending
guidelines for the types of loans offered by the institution. The level
of experience and expertise for all personnel involved in the credit
risk review process is expected to be commensurate with the nature of
the risk and complexity of the portfolios. In addition, qualified
credit risk review personnel possess knowledge of relevant laws,
regulations, and supervisory guidance.
Independence of Credit Risk Review Personnel
An effective credit risk review system uses both the initial
identification of emerging problem loans by loan officers and other
line staff, and an assessment of loans by personnel independent of the
credit approval process. Placing primary responsibility on loan
officers, risk officers, and line staff is important for continuous
portfolio analysis and prompt identification and reporting of problem
loans. Because of frequent contact with borrowers, loan officers and
line staff can usually identify potential problems before they become
apparent to others. However, institutions should be careful to avoid
over-reliance on loan officers and line staff for identification of
problem loans. An independent assessment of risk is achieved when
personnel who perform the loan review do not have control over the loan
and are not part of, or influenced by individuals associated with, the
loan approval process.
While a larger institution may establish a separate department
staffed with credit review specialists, cost and volume considerations
may not justify such a system in a smaller institution. For example, in
the review process, smaller institutions may use an independent
committee of outside directors or qualified members of the staff,
including loan officers, other officers, or directors, who are not
involved with originating or approving the specific credits being
assessed and whose compensation is not influenced by the assigned risk
ratings. Whether or not the institution has a dedicated credit risk
review department, it is prudent for the credit risk review function to
report directly to the institution's board of directors or a committee
thereof, consistent with safety and soundness standards. Senior
management may be responsible for appropriate administrative functions
provided such an arrangement does not compromise the independence of
the credit risk review function.
The institution's board of directors, or a committee thereof, may
outsource the credit risk review function to an independent third
party.\11\ However, the responsibility for maintaining a sound credit
risk review process remains with the institution's board of directors.
In any case, institution personnel who are independent from the lending
function typically assess risks, develop the credit risk review plan,
and verify appropriate follow-up of findings. Outsourcing of the credit
risk review function to the institution's external auditor requires
additional independence considerations.\12\
---------------------------------------------------------------------------
\11\ For a discussion of the expectations for institutions that
use outside service providers, refer to SR letter 13-19/CA letter
13-21, ``Guidance on Managing Outsourcing Risk,'' issued by the
Board on December 5, 2013; FIL-44-2008, ``Guidance for Managing
Third-Party Risk,'' issued by the FDIC on June 6, 2008; and OCC
Bulletin 2013-29, ``Third-Party Relationships: Risk Management
Guidance,'' issued by the OCC on October 30, 2013. For credit
unions, refer to NCUA letters to credit unions 01-CU-20 ``Due
Diligence over Third Party Service Providers,'' issued November 2001
and 07-CU-13 ``Evaluating Third Party Relationships'' issued
December 2007.
\12\ For further information with respect to restrictions for
external auditors performing internal bank functions, refer to the
Interagency Policy Statement on the Internal Audit Function and its
Outsourcing, Part III Independence of the Independent Public
Accountant.
---------------------------------------------------------------------------
Frequency of Reviews
An effective credit risk review system provides for review and
evaluation of an institution's significant loans, loan products, or
groups of loans at least annually, on renewal, or more frequently when
internal or external factors indicate a potential for deteriorating
credit quality or the existence of one or more other risk factors. The
credit risk review function can also provide useful continual feedback
on the effectiveness of the
[[Page 55684]]
lending process in order to identify any emerging problems. Ongoing or
periodic review of an institution's loan portfolio is particularly
important to the estimation of ACLs or the ALLL because loss
expectations may change as the credit quality of a loan changes. Use of
key risk indicators or performance metrics by credit risk review
management can support adjustments to the frequency and scope of
reviews.
Scope of Reviews
Comprehensive and effective reviews cover all segments of the loan
portfolio that pose significant credit risk or concentrations, and
other loans that meet certain institution-specific criteria. A properly
designed scope considers the current market conditions or other
external factors that may affect a borrower's current or future ability
to repay the loan. Establishment of an appropriate review scope also
helps ensure that the sample of loans selected for review is
representative of the portfolio as a whole and provides reasonable
assurance that any credit quality deterioration or unfavorable trends
are identified. An effective credit risk review function also considers
industry standards for credit risk review coverage consistent with the
institution's size, complexity, loan types, risk profile, and risk
management practices and helps to verify whether the review scope is
appropriate. The institution's board of directors or appropriate board
committee typically approves the scope of the credit risk review on an
annual basis or whenever significant interim changes are made in order
to adequately assess the quality of the current portfolio. An effective
scope of credit risk review is generally risk-based and typically
includes:
Loans over a predetermined size.
A sufficient sample of smaller loans, new loans, and new
loan products.
Loans with higher risk indicators, such as low credit
scores, high credit lines, or those credits approved as exceptions to
policy.
Segments of the loan portfolio experiencing rapid growth.
Exposures from non-lending activities that also pose
credit risk.
Past due, nonaccrual, renewed, and restructured loans.
Loans previously adversely classified and loans designated
as warranting the special attention of the institution's
management.\13\
---------------------------------------------------------------------------
\13\ See footnote 8.
---------------------------------------------------------------------------
Loans to insiders or related parties.
Loans to affiliates.
Loans constituting concentrations of credit risk and other
loans affected by common repayment factors.
Depth of Transaction Reviews
Loans selected for review are typically evaluated for:
Credit quality, soundness of underwriting and risk
identification, borrower performance, and adequacy of the sources of
repayment.
Validity of assumptions.
Creditworthiness of guarantors or sponsors.
Sufficiency of credit and collateral documentation.
Proper lien perfection.
Proper approvals consistent with internal policies.
Adherence to any loan agreement covenants.
Compliance with internal policies and procedures (such as
nonaccrual, and classification or risk rating policies), laws, and
regulations.
Quality of the information used in the credit loss
estimation process, including the reasonableness of assumptions used
and the timeliness of charge-offs.
The accuracy of risk ratings and the appropriateness and
timeliness of the identification of problem loans by loan officers.
Review of Findings and Follow-Up
An important activity of an effective credit risk review system is
the discussion of the review findings, including all noted
deficiencies, identified weaknesses, and any existing or planned
corrective actions (including time frames for correction) with
appropriate loan officers, department managers, and senior management.
An effective system includes processes for all noted deficiencies and
weaknesses that remain unresolved beyond the scheduled time frames for
correction to be promptly reported to senior management and the board
of directors or appropriate board committee.
It is important to resolve risk rating differences between loan
officers and loan review personnel according to a pre-arranged process.
That process may include formal appeals procedures and arbitration by
an independent party or may require default to the assigned
classification or grade that indicates lower credit quality. If credit
risk review personnel conclude that a borrower is less creditworthy
than is perceived by the institution, the lower credit quality
classification or grade typically prevails unless internal parties
identify additional information sufficient to obtain the concurrence of
the independent reviewer or arbiter on the higher credit quality
classification or grade.
Communication and Distribution of Results
Personnel involved in the credit risk review process typically
prepare a list of all loans reviewed, the date of review, and a summary
analysis that substantiates the risk ratings assigned to the loans
reviewed. Effective communication involves providing results of the
credit risk reviews to the board of directors or appropriate board
committee at least quarterly.\14\ Comprehensive reporting includes
comparative trends that identify significant changes in the overall
quality of the loan portfolio, the adequacy of, and adherence to,
internal policies and procedures, the quality of underwriting and risk
identification, compliance with laws and regulations, and management's
response to substantive criticisms or recommendations. Such
comprehensive reporting provides the board of directors or appropriate
board committee with insight into the portfolio and the responsiveness
of management and facilitates timely corrective action of deficiencies.
---------------------------------------------------------------------------
\14\ A board of directors or appropriate board committee should
be informed more frequently than quarterly when material adverse
trends are noted. When an institution conducts loan file reviews
less frequently than quarterly, the board or appropriate board
committee will typically receive results on other credit risk review
activities quarterly.
Dated: October 1, 2019
Joseph M. Otting,
Comptroller of the Currency.
By order of the Board of Governors of the Federal Reserve
System, October 3, 2019.
Ann E. Misback,
Secretary of the Board.
Federal Deposit Insurance Corporation.
Dated at Washington, DC, on September 20, 2019.
Robert E. Feldman,
Executive Secretary.
By the National Credit Union Administration Board on September
20, 2019.
Gerard Poliquin,
Secretary of the Board.
[FR Doc. 2019-22656 Filed 10-16-19; 8:45 am]
BILLING CODE 4810-33-P; 6210-01-P; 6714-01-P; 7535-01-P