July 21, 2014 will mark the passage of another year in the life of the Dodd-Frank Act (DFA). As we approach this fourth anniversary of the law’s enactment, the percentage of rules finalized remains essentially unchanged from last year at this time. True, there were some notable developments over the past 12 months, such as the finalization of the Volcker Rule and a number of new and updated rules issued by the Consumer Financial Protection Bureau. Yet nearly half of the required rules still are not final. Debate continues about the impact of the law on community banks, the opportunities for regulatory arbitrage, the extraterritorial application of the regulations, which nonbanks should be deemed to be systemically important, and whether “too big to fail” has been resolved, among other issues.
Maybe it just doesn’t matter anymore whether all the rules are ever finalized. Maybe it never mattered. Maybe all we ever needed were eight pages, not 2,000-plus pages, to shore up the financial services industry. Maybe Section 165 alone would have been enough.
The Federal Reserve’s Enhanced Prudential Supervision
For U.S. BHCs, the final rule requires all publicly traded BHCs with at least $10 billion in total assets to have a board-level risk committee and U.S. BHCs with more than $10 billion in total assets to perform an annual company-run stress test.
U.S. BHCs with $50 billion or more in total assets must have a board-level risk committee, whether or not they are publicly traded, and must also designate a chief risk officer with relevant experience who will be responsible for overseeing the establishment and monitoring of risk limits across the enterprise, the implementation and adherence to risk policies and procedures, and the management and testing of risk controls. These larger U.S. BHCs will also be subject to a series of liquidity-related requirements, including:
- Producing comprehensive cash flow projections
- Maintaining and updating a contingency funding plan on at least an annual basis
- Establishing a set of appropriate liquidity risk limits
- Implementing procedures for monitoring liquidity risk
- Performing liquidity stress testing
- Maintaining a liquidity buffer
The board of directors and/or the board’s risk committee, at intervals established by the final regulation, must review the BHC’s liquidity risk tolerances and adherence to these tolerances. Additionally, the board and/or the board’s risk committee must approve liquidity risk management strategies, policies and procedures and the company’s contingency funding plan and ensure that liquidity risk management practices are subject to independent review. The final rule also subjects these larger U.S. BHCs to any applicable capital planning and supervisory and company-run capital stress-testing requirements adopted by the Federal Reserve.
The application of enhanced prudential supervision standards for FBOs is also based on total assets, but considers both global and U.S. assets. FBOs with more than $10 billion and less than $50 billion in global assets, regardless of total U.S. assets, must meet home country annual capital stress-testing requirements, comply with a 105 percent asset maintenance test for U.S. branches and agencies, conduct an annual stress test of its U.S. subsidiaries, and, if publicly traded, have a risk committee of its global board. FBOs with greater than $50 billion in total global assets and less than $50 billion in U.S. assets must also meet home country capital standards that are consistent with Basel III and perform an annual company-run liquidity stress test for either the consolidated FBO or its combined U.S. operations. FBOs with more than $50 billion in global assets and more than $50 billion in U.S. assets must have a U.S. chief risk officer, must comply with liquidity risk management obligations similar to U.S. BHCs, and must report to the Federal Reserve on the results of home country capital stress testing. FBOs in this last category that have non-branch U.S. assets greater than $50 billion must also establish a U.S. intermediate holding company (IHC) subject to U.S. BHC capital requirements, capital planning, and capital and liquidity stress testing, and must have a risk committee at the IHC level.
The OCC’s Heightened Governance Standards
The guidelines set forth the OCC’s expectations of the separate responsibilities for a bank’s board of directors (board), chief executive officer (CEO), so-called “front-line” units, and independent risk management and internal audit functions. They also emphasize the importance of risk management and internal audit functions having access to a bank’s board or appropriate board committee to be able to curb excessive risk-taking by management and front-line business units.
Admittedly, the proposed OCC guidelines apply only to large national banks, federally chartered thrifts and insured federal branches of foreign banking organizations, and deal only with matters of governance and not explicit capital and liquidity requirements. However, as was clear with the final Section 165 rule, a new rule was not required to impose capital requirements on the banking industry, and federal regulators likely could conclude they have the authority to impose liquidity standards without the DFA.
The Missing Piece of the Puzzle
Was the DFA Unnecessary?
To be fair, the DFA had multiple goals as outlined by then Secretary of the Treasury, Timothy Geithner, in his March 2009 testimony to the House Financial Services Committee:
- Reduce systemic risk in the financial system
- Protect customers and investors
- Eliminate gaps in regulatory oversight
- Foster international coordination
Maybe we did need the DFA to address the alleged consumer abuses that stemmed from the mortgage crisis and the investor abuses. However, while the earliest spark for the crisis may have been predatory mortgage loans, the ultimate powder keg explosion resulted from excessive leverage, poorly understood counterparty exposures, and lack of liquidity – all matters of safety and soundness, not consumer protection. Maybe we did need the DFA to eliminate some of the gaps in regulatory oversight, although the DFA arguably increased the regulatory overlap and further confused the roles and responsibilities of the regulatory agencies, making the regulatory burden on the industry worse. Whether the DFA was a catalyst for fostering international coordination, or had the opposite effect, is certainly subject to debate. And whether existing regulatory authority, or maybe the eight pages in the DFA that address enhanced prudential standards, would have been enough to address systemic risk remains a question. It’s difficult, though, to think of a financial institution with strong risk management, capital and liquidity that failed.
For More Information…
Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit.
Protiviti’s dedicated Financial Services practice includes professionals with deep industry experience in banking, insurance, brokerage and investment companies. These financial services professionals can work with you to find approaches to help improve and establish strategies for your business as changes in the industry and regulatory environment impact your organization. Their guidance on regulatory reform can be found at www.protiviti.com/regulatoryreform.
For additional information about the issues reviewed in FS Insights or about Protiviti’s services, please contact: