Financial Institutions Executive Briefing – May 23, 2014
The Financial Institutions Executive Briefing offers updates on financial reporting, governance, and risk management topics from Crowe Horwath LLP. In each issue of this electronic newsletter, you will find abstracts of recent standard-setting activities and regulatory developments affecting financial institutions.
From the Federal Financial Institution Regulators
Volcker Rule: CLO Prohibition to Be Delayed
The Federal Reserve (Fed) announced
on April 7, 2014, that it plans to give banks two additional years to conform their ownership interests in certain collateralized loan obligations (CLOs) with Section 619 of the Dodd-Frank Wall Street Reform and Consumer Protection Act
(Dodd-Frank) (commonly referred to as the Volcker rule). The Fed previously extended the conformance period until July 21, 2015, and intends to grant two additional one-year extensions. Banks then will have until July 2017 to divest interests in prohibited CLOs, provided the CLOs were in place as of Dec. 31, 2013. Until the end of the extended compliance period, banks will not have to include ownership interests in CLOs to determine investment limits under the Volcker rule, and CLOs will not have to be deducted from tier one capital.
The Fed noted that it had consulted with other agencies overseeing banking entities, and those agencies also will recognize the extension of the conformance period applicable to CLOs in the agencies’ oversight of banking entities.
Supplementary Leverage Ratio Rule Issued for Large Banks
The Fed, the Federal Deposit Insurance Corp. (FDIC), and the Office of the Comptroller of the Currency (OCC) announced
on April 8, 2014, the adoption of a final rule, “Regulatory Capital Rules: Regulatory Capital, Enhanced Supplementary Leverage Ratio Standards for Certain Bank Holding Companies and Their Subsidiary Insured Depository Institutions
,” designed to strengthen the leverage ratio standards for the largest banks.
Covered bank holding companies (BHCs) must maintain a leverage buffer greater than 2 percentage points above the minimum supplementary leverage ratio requirement of 3 percent, for a total of more than 5 percent, to avoid restrictions on capital distributions and discretionary bonus payments. To be considered “well capitalized” under the agencies’ prompt corrective action framework, insured depository institution subsidiaries of covered BHCs must maintain at least a 6 percent supplementary leverage ratio. The final rule, which will be effective Jan. 1, 2018, currently applies to eight large U.S. banking organizations.
The agencies also published two notices of proposed rulemaking. The first
would modify the denominator calculation for the supplementary leverage ratio for all internationally active banking organizations. The second
proposes a technical correction to the definition of “eligible guarantee” in the risk-based capital rules. Comments on each of the notices of proposed rulemaking are due June 13, 2014.
Small-Bank Issues Discussed by Comptroller of the Currency
In an April 10, 2014, speech
at the ABA Risk Management Forum, Comptroller of the Currency Thomas J. Curry reassured small banks that the OCC’s proposed “heightened expectations” guidelines
are “focused only on large and complex institutions.” Curry noted that feedback on the proposal from community bankers expressed concerns the guidelines will be used to impose onerous new requirements on small banks, and he emphasized that the proposed rules would apply to a bank with total assets under $50 billion “if and only if we determined that such a bank’s operations were highly complex or presented such a heightened risk as to require compliance with the guidelines. This is a high threshold that only will be crossed in extraordinary circumstances.”
Curry warned in an April 16, 2014, speech
at the Consumer Electronics Show Government conference that “it is very likely that hackers will turn their attention to community banks. ... Smaller institutions can provide a point of entry into larger networks, and they may have less sophisticated defenses than large banks.” Noting that many small banks depend on third-party providers for their IT services, including security, Curry told the group that the OCC is particularly focused on controls and risk management practices employed by vendors and discussed the OCC’s authority under the Bank Service Company Act
to examine vendors designated as “technology service providers” (TSPs) and issue enforcement actions against TSPs when necessary. Curry went on to discuss the OCC’s concerns about community banks’ exposure to a single vendor, their use of foreign-based vendors, and the degree of vendor access to sensitive bank and customer data.
Cybersecurity: From the FFIEC and the FDIC
During a May 7, 2014, webinar, the Federal Financial Institutions Examination Council (FFIEC) highlighted efforts to enhance financial institutions’ cybersecurity. According to the press release
, approximately 5,000 CEOs and senior managers from community financial institutions participated in the webinar, which was offered to raise awareness about cyberthreats, discuss the executive leadership’s role in managing these risks, and share information about FFIEC actions.
The FFIEC highlighted focus areas for senior management and boards of directors of community institutions as they assess their institutions’ policies and processes for identifying and mitigating cybersecurity risks, including:
- Building a security culture based on setting a tone from the top
- Identifying, measuring, mitigating, and monitoring risks
- Developing risk management processes to match the institutions’ risks and complexity
- Aligning cybersecurity strategy with business strategy and accounting for how risks are and will be managed
- Ensuring ongoing awareness and accountability by creating a governance process
- Addressing the institutions’ vulnerability to cyberrisks in timely reports to senior management that include meaningful information
The presentation slides are available on the FFIEC website.
In an April 10, 2014, press release, the FDIC urged banks to use available resources to identify and help mitigate potential cybersecurity risks. According to the FDIC, “financial institutions should ensure that their Information Security staff are aware of and subscribe to reliable and recognized resources that can help quickly identify cyber risks as they emerge.” According to the press release, financial institutions should consider these resources:
Final Stress-Testing Rule for Largest Credit Unions Approved by NCUA Board
At its April 24, 2014, meeting, the National Credit Union Administration (NCUA) board approved
a final rule, “Capital Planning and Stress Testing
,” to require federally insured credit unions with assets of $10 billion or more to develop and maintain a capital plan. In addition, the rule provides for comprehensive, independent stress testing on all covered credit unions.
Dodd-Frank requires certain financial institutions with assets of more than $10 billion to conduct annual stress tests. The NCUA board determined that federally insured credit unions of comparable size also should undergo stress testing.
Under the new rule, covered credit unions will submit an annual capital plan to the NCUA for approval. The NCUA will conduct the supervisory stress tests beginning in 2014, and covered credit unions will be able to conduct their own stress tests after three years if they meet certain benchmarks. During the first three years results will remain confidential.
The rule will become effective 30 days after publication in the Federal Register.
2013 Annual Report Released by NCUA
On May 12, 2014, the NCUA released its 2013 Annual Report
highlighting the agency’s activities, policy initiatives, and accomplishments. Those initiatives and accomplishments can be grouped into six broad categories. The goals were to:
- Implement an effective supervision program to ensure the continued safety and soundness of federally insured credit unions
- Adopt safe, targeted, and flexible regulations to maintain a strong and independent National Credit Union Share Insurance Fund and protect the credit union system
- Modernize NCUA operations
- Minimize Temporary Corporate Credit Union Stabilization Fund assessments
- Engage and provide assistance to important stakeholders
- Serve as a responsible steward of the public’s trust
The report also assesses how the NCUA performed in meeting its strategic and priority goals. In addition, the audited financial statements of each of NCUA’s four permanent funds as well as historical data and statistics are included.
From the Financial Stability Board (FSB)
Risk Culture and Enhanced Supervision Addressed by FSB
The FSB on April 7, 2014, announced the publication of two documents intended to strengthen risk management supervision. The first document, “Guidance on Supervisory Interaction With Financial Institutions on Risk Culture: A Framework for Assessing Risk Culture
,” offers a framework to assist regulators in their assessment of a bank’s risk culture. It does not define a "target" culture but does identify some foundational elements that contribute to the soundness of a financial institution’s risk culture. In addition, it aims to help supervisors identify practices, behaviors, and attitudes that might influence the risk culture.
The second document, “Supervisory Intensity and Effectiveness: Progress Report on Enhanced Supervision
,” describes changes in supervisory practices, particularly those for systemically important financial institutions, since the global financial crisis and identifies areas where more work is needed. It discusses the tools and methods that regulators increasingly use to intensify supervision.
The FSB, based in Basel, Switzerland, was established to coordinate the work of national financial authorities. Members from the United States include the Fed, the Securities and Exchange Commission (SEC), and the Department of the Treasury.
From the Financial Accounting Standards Board (FASB)
Pushdown Accounting Guidance Proposed
The FASB published an exposure draft of a proposed Accounting Standards Update (ASU), “Business Combinations (Topic 805): Pushdown Accounting
,” on April 28, 2014. Amendments would give an acquired entity an option to apply pushdown accounting in the acquired entity’s separate financial statements when an acquirer obtains control of the acquired entity.
An acquired entity electing to apply pushdown accounting would reflect in separate financial statements the new basis of accounting established by the acquirer for the individual assets and liabilities of the acquired entity. Any goodwill resulting from the acquisition would be recognized in the separate financial statements of the acquired entity, but it would not recognize a bargain purchase gain in its separate income statement.
Any acquisition-related debt incurred by the acquirer would be recognized by the acquired entity only if other standards (for example, the guidance on obligations from joint and several liability arrangements) require the debt to be recognized by the acquired entity. Requirements would include disclosures allowing financial statement users to evaluate the effect of pushdown accounting on the current reporting period.
If an acquired entity elects not to apply pushdown accounting in the entity’s separate financial statements, it would have to disclose that it had undergone a change-in-control event and elected to prepare its financial statements using its historical basis that existed before the acquirer obtained control of it.
The proposal is significantly different from the current SEC guidance on pushdown accounting. In general, the SEC requires pushdown accounting when 95 percent or more of an entity’s ownership is acquired, permits it when 80 percent to 95 percent is acquired, and prohibits it when less than 80 percent is acquired. For insured depository institutions, the call report instructions incorporate the SEC guidance. If the ASU is finalized, the SEC and federal banking agencies would presumably evaluate implications to their existing guidance.
Comments on the proposed ASU are due July 31, 2014.
From the Securities and Exchange Commission (SEC)
SEC Chief Accountant Departure Announced
On May 15, 2014, the SEC announced
that Paul Beswick, who has served as the SEC’s chief accountant since 2012, will leave the SEC to return to the private sector. To help ensure continuity in the agency’s Office of the Chief Accountant, he will remain for a transitional period.
Compliance and Disclosure Interpretations Updated
The staff of the SEC Division of Corporation Finance (Corp Fin) has updated several Compliance and Disclosure Interpretations (C&DIs). Published in Q&A format, C&DIs reflect the views of Corp Fin staff about various SEC rules and regulations. C&DIs are intended as general rather than definitive guidance; due to their informal nature, they are not binding. C&DIs in the Securities Act Rules
section updated in April 2014, all providing guidance relating to electronic communications, include:
- Section 110 – Communications Not Deemed a Prospectus
- Section 164 – Offers Made in Connection With a Business Combination Transaction
- Section 232 – Conditions to Permissible Post-Filing Free Writing Prospectuses
New Rule Proposed for Security-Based Swap Dealers
On May 2, 2014, the SEC published a proposed rule, “Recordkeeping and Reporting Requirements for Security-Based Swap Dealers, Major Security-Based Swap Participants, and Broker-Dealers; Capital Rule for Certain Security-Based Swap Dealers
.” The proposal includes a new Financial and Operational Combined Uniform Single Report Form SBS to be used by security-based swap dealers and major participants to report financial and operational information. The form also would establish additional record-keeping requirements for broker-dealers to account for their security-based swap activities.
Comments on the proposed rule are due July 1, 2014.
Disclosure Effectiveness Discussed by Corp Fin Director
Keith F. Higgins, director of CorpFin, addressed disclosure effectiveness in a speech
April 11, 2014, at the American Bar Association’s business law section spring meeting. He said that Corp Fin’s goal is to “review specific sections of Regulation S-K and S-X to determine if the requirements can be updated to reduce the costs and burdens on companies while continuing to provide material information and eliminate duplicative disclosures. At the same time, while always mindful of the costs and burdens of our regulation, we will ask whether there is information that is not part of our current requirements but that ought to be.”
Discussing how information is disclosed, Higgins told the audience that Corp Fin will “explore whether the focus and navigability of disclosure documents can be improved using structured data, hyperlinks or topical indexes” and will consider whether certain information that does not change as frequently, such as the business description and certain other company information, could be disclosed in a core document and then supplemented by periodic and current reports.
He directed attention to the spotlight page on disclosure effectiveness on the SEC website
and asked for public input on how disclosures can be made more effective.
From the Public Company Accounting Oversight Board (PCAOB)
Final Auditing and Attestation Standards on Broker-Dealer Audits Published
The PCAOB updated its website on May 12, 2014, with its final auditing and attestation standards and conforming amendments under Dodd-Frank for broker-dealer audits. The standards include:
From the American Institute of Certified Public Accountants (AICPA)
Alert Issued on Broker-Dealers and Futures Commission Merchants Engagements
The Center for Audit Quality (CAQ) and the AICPA issued on May 12, 2014, a member alert
outlining regulatory changes that apply to audits and attestation engagements of broker-dealers and futures commission merchants (FCMs), including dually registered entities.
The alert highlights certain auditing considerations in response to SEC and Commodity Futures Trading Commission (CFTC) regulatory changes, as well as related PCAOB guidance and standards.
The alert addresses:
In addition, the alert highlights related resources and programs, including: (a) the PCAOB’s inspection program and forums on auditing smaller broker-dealers; (b) the AICPA’s peer review program; and (c) the AICPA’s Stockbrokerage and Investment Banking Expert Panel, which addresses regulatory matters from the perspective of the broker-dealer industry.
Amendments discussed in the alert represent significant areas of change to the annual reporting requirements of broker-dealers and FCMs. The new rules are generally effective for audits and attestation engagements of broker-dealers and FCMs with fiscal years ending on or after June 1, 2014. Other changes in the rules have effective dates prior or subsequent to June 1, 2014; however, the alert is intended to address the major changes effective on June 1, 2014.