FDIC Releases Information Technology Functional Guide Version 2.0 to Assist Covered Institutions With Part 370 Compliance | Deloitte US has been added to your bookmarks.
FDIC releases Information Technology Functional Guide Version 2.0 to assist Covered Institutions with Part 370 compliance
On Friday, June 29, the Federal Deposit Insurance Corporation (“FDIC”) released the Information Technology Functional Guide (“Tech Guide”) draft Guide Version 2.0 to assist Covered Institutions (“CIs”) with the implementation of information technology systems capabilities required for Part 370.¹
July 31, 2018 | Financial services
The following provides some context to the provisions that were materially changed from the original guide. Since the Tech Guide is in draft form with comments due August 1st, CIs should be informed by its contents, but cannot make material changes until the Tech Guide is final or having discussed those changes with the FDIC.
New sections: Recordkeeping
Deposit account information
The deposit account information includes clarification, such as examples of acceptable signature card documentation. This is an expansion on requiring just a signature card, thus CIs should be encouraged to add to potential options that include a signature when they meet with the FDIC. The data related requirements pull significantly from what was previously included in summary report requirements.
Alternative recordkeeping: Fiduciary accounts
There is a discussion of an “optional” alternative to the existing Brokered Deposit Processing Guide that, if applied, should be looked upon as an added process. This alternative covers pass-through accounts where information is held outside the CI. The concern is the ability to access the information quickly enough, especially with transaction accounts, to make the required deposit insurance determinations. It includes ten additional fields that would be provided by the outside entity that are outlined in Appendix C. This means the CI would need to get agreement from these pass-through entities to use the form when providing information. If all CIs adopt the form, then the pass-through entities would have the benefit of using one format and one set of information.
It should be noted that there is a level of complexity on behalf of the pass-through fiduciary account holders that could make application of the alternative recordkeeping a challenge. In many cases, they may pass-through the deposit insurance relationship to a second- or third-tier fiduciary entity, such as a deposit broker or other bank, meaning they would need to acquire the information from those entities in the proposed electronic format. There is incentive for the pass-through entities to provide the information in that it is the only way to receive deposit insurance pass-through treatment. Also, the FDIC processes information as it is received so insurance coverage will be afforded to the pass-through entities information in the order it is received. While the uninsured loss exposure does not change, the loss exposure will be with the brokers that file the latest.
Alternative recordkeeping entity report
This report is not required under Part 370 and would be used to notify pass-through account holders of their status and record the status of payments to beneficial owners. It would be derived from Part 370 output files, with some of the information not available until failure of the bank. Since this is optional, an assessment should likely be made as to the utility of such a report. With banks that have large pass-through relationships and, as a result, large pending files, the utility of being able to produce such a report could be of value at failure.
While timing for compliance testing has not been specified, it should be similar to what was performed under Part 360.9. Part 370 CIs should be aware that Part 360.9 compliance testing examinations currently are being deferred until that regulation is implemented in 2020.
The Tech Guide includes a list of areas to be tested. Banks should anticipate applying their normal closing process as applied for Part 370 purposes for FDIC testing the closing process. Since treatment of cash items have been removed from the Tech Guide, for testing purposes CIs should expect that the FDIC may discuss with them the related system processes, where processes reside, the nature of items, potential impact and variability.
It should be noted that FDIC compliance procedures listed in the Tech Guide include processes that will not necessarily just be applied for purpose of annual reporting. In addition to verification of processes used to produce the output reports, CIs should expect as part of compliance testing the FDIC to validate the ability to perform subsequent deposit insurance determination iterations and the ability to process test data regarding pass-through accounts.
There have been some significant changes regarding the deposit insurance determination process, including the removal of control reports since there is not adequate time to perform the reconciliations at a failure of a large CI in the first 24 hours. The process was refined to reflect more how the process actually flows at closure of a CI. The claims agent allocation process was removed since it is the FDIC’s responsibility to deal with manual determinations It is noted that the FDIC will utilize the CI’s systems to execute the end-of-day processes to ensure that all pending transactions are applied to the deposit systems and all balances reconcile to the general ledger. This shifts the balancing to the general ledger to the FDIC, while stressing the need to maintain deposit account records at time of failure that are pertinent to the beginning balances. This is important as this is the statement that will separate a bridge bank or acquiring bank balances from the receivership.
The process includes a description of the closing cutoff point as captured in Part 360.8 describing how checks and other processes are addressed at close. While Part 360.8 provides more detail, CIs for Part 370 compliance purposes should stick to their normal end-of-day closing procedures.
One of the more significant points addressed in this section is the concept of aggregation iterations, which involves only matching depositor name without regard to Owner Rights and Capacity (ORC). In the original guide this was referred to as the pre-insurance determination but did not provide any detail how it was to be applied. The benefit with this aggregation is that there need not be any ORC qualification. Individual accounts are treated as single accounts and if under $250,000, they can be passed. In most retail Cis, this may potentially eliminate nearly 90 percent of accounts which do not have to go through the insurance determination calculation process.
At the same time the Tech Guide was released, a response to a Frequently Asked Question (“FAQ”) on accounts with transactional features was provided on the FDIC website. The response provides detail regarding the need to honor checks after a CI failure meaning that accounts that can be drawn upon need to have access. Pre-paid cards are included in this group. While no definition was provided, the attributes discussed include a broad array of deposit types. Special attention was devoted to accounts outside the CI since these accounts need to be identified and addressed within the first 24 hours. The FDIC’s FAQs were updated and note that relief would need to be requested if the account holder information would not be available. This will need to be an area of focus and for larger outside relationships, the alternative recordkeeping process could be applied.
Right and capacity codes
With the removal of the original Tech Guide’s Appendix A (Explanation of Output File Generation Capabilities) and Appendix C (Use Cases), the new Tech Guide provides a link to Insurance Determination Rules, which contain more detail on the requirements and process. This should provide more clarity regarding understanding what elements are necessary to make a deposit insurance determination and the logic utilized in calculating insurance coverage under individual ORCs.
Other changes in the individual ORC categories focus on technical corrections, such as under Irrevocable Trusts, or clarifications. The link to the Insurance Determination Rules and the Financial Institution Employee’s Guide to Deposit Insurance (the “Gold Book”) can be used to assist in addressing ORC related questions.
Allocation of uninsured funds—Optional
The deposit insurance determination process involves allocation of funds by account type. Time deposits are allocated to uninsured deposits first and demand deposits are last, with the complete process described in the Tech Guide. Official items have been removed since they are too complicated to quickly match and as a result go to pending status. The allocation process is optional since it will be handled by the FDIC. Most CIs are able to identify account types used in the allocation process, such as demand deposits versus savings accounts, so there is the capacity to provide the information; however, it is not needed to be included as part of the Part 370 compliance process.
Process of failure
There is a short description of the process of failure that is new to the Tech Guide. The only point of note is that the FDIC, or an acquiring institution, will calculate the accrued interest based on the CI’s records and generate 1099-INT forms, if applicable. This is more of a clarification point so CIs are made aware they don’t need to include this process.
Output file generation
Output file generation has some refinements. The government ID, generally a social security number or tax identification number is noted as the preferred linking field for alternative record keeping files. This is important to understand matching capabilities with these numbers, especially with pass-through accounts.
An example of a certification of compliance was provided along with a summary report. This provides an example of language that would be acceptable to the FDIC. It is likely that if a CI has exemptions or any other special circumstance that were approved by the FDIC they would be noted in this certification.
Firms subject to FDIC Part 370 requirement for timely insurance deposit recordkeeping should understand the new changes in the recent Tech Guide and must prepare for future compliance testing requirements. Organizations may contact Deloitte with questions about the changes and activities to support planning, preparation, and compliance.
As further developments occur, Deloitte will issue additional updates as appropriate.
1 Federal Deposit Insurance Corporation, Law, Regulations, Related Acts, Part 370, https://www.fdic.gov/regulations/laws/rules/2000-9200.html.
This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor.
Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.