OCC Guidelines Establishing Standards for Recovery Planning by Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches
Supporting Statement
1557-NEW
A. Justification.
1. Circumstances that make the collection of information necessary.
The OCC has issued proposed guidelines, to be codified in 12 CFR part 30, Appendix E, to establish standards for recovery planning that would apply to insured national banks, insured Federal savings associations, and insured Federal branches of foreign banks (Banks) with average total consolidated assets equal to or greater than $50 billion (Covered Banks).
The standards contained in the guidelines would be enforceable under section 39 of the Federal Deposit Insurance Act (FDIA)1, which authorizes the OCC to prescribe operational and managerial standards for Banks.
2. Use of the information.
An important component of a Bank’s risk management and corporate governance practices is how the Bank plans to respond to severe stress in a manner that preserves its financial and operational strength and viability. In the aftermath of the crisis, it became clear that many Banks had insufficient plans for identifying and responding rapidly to significant stress events. As a result, many Banks were forced to take significant actions quickly without the benefit of a well-developed plan. In addition, recent large-scale operational events, such as destructive cyber attacks, demonstrate the need for institutions to plan how to respond to such occurrences.
To address this, the OCC has proposed standards for recovery planning to complement a Covered Bank’s risk management and corporate governance functions and to support its safe and sound operation. These proposed standards would enhance the focus of Covered Banks’ management and boards of directors on risk management and corporate governance with a view toward lessening the financial or operational impact of future unforeseen events.
The standards, which contain collections of information, are set forth below.
Recovery Plan
A. Recovery Plan. Each Covered Bank should develop and maintain a recovery plan appropriate for its individual risk profile, size, activities, and complexity, including the complexity of its organizational and legal entity structure.
B. Elements of a recovery plan. A recovery plan should include the following elements:
Overview of Covered Bank . It is important that a recovery plan provide a detailed description of the Covered Bank’s overall organizational and legal structure, including its material entities, critical operations, core business lines, and core management information systems. The description should explain interconnections and interdependencies.
Triggers. A trigger is a quantitative or qualitative indicator of the risk or existence of severe stress that requires escalation to management or the board of directors for purposes of initiating a response. A recovery plan should include both quantitative and qualitative triggers.
Options for recovery. A recovery plan should identify a wide range of credible options that a Covered Bank could undertake to restore its financial and operational strength and viability, thereby allowing the Covered Bank to continue to operate as a going concern and to avoid liquidation or resolution. A recovery plan should explain how the Covered Bank would carry out each option. It should include a description of the decision-making process for implementing each option, including the steps to be followed and timing.
Impact assessments. For each recovery option, a Covered Bank should assess and describe how the option would affect the Covered Bank. This impact assessment and description should specify the procedures the Covered Bank would use to maintain the financial and operational strength and viability of its material entities, critical operations, and core business lines, for each recovery option.
For each recovery option, a Covered Bank also should identify any impediments or regulatory requirements that must be addressed to execute the option, including how to overcome those impediments or satisfy those requirements. This assessment should address the impact on the Covered Bank’s capital, liquidity, funding, and profitability, as well as the effect on the Covered Bank’s material entities, critical operations, and core business lines, including reputational impact.
Escalation procedures. A recovery plan should clearly outline the process for escalating decision-making to senior management or the board of directors in response to the breach of a trigger. The recovery plan should also identify the departments or persons responsible for making and executing these decisions.
6. Management reports. A recovery plan should require reports that provide management or
the board with sufficient data and information to make timely decisions regarding appropriate actions necessary to respond to the breach of a trigger. A recovery plan should identify the types of reports that the Covered Bank will provide to allow management or the board to monitor progress with respect to the actions taken under the recovery plan.
7. Communication procedures. A recovery plan should provide that the Covered
Bank notify the OCC of any significant breach of a trigger and any action taken or
to be taken in response to such breach and should explain the process for deciding when
a breach of a trigger is significant. The recovery plan should specifically identify how
the Covered Bank will obtain the required regulatory or legal approvals.
8. Other information. A recovery plan should include any other information that the OCC communicates in writing directly to the Covered Bank regarding the Covered Bank’s recovery plan.
C. Relationship to other processes; coordination with other plans. The Covered Bank should integrate its recovery plan into its corporate governance and risk management functions. The Covered Bank also should coordinate its recovery plan with its strategic, operational (including business continuity), contingency, capital (including stress testing), liquidity, and resolution planning. To the extent possible, the Covered Bank also should align its recovery plan with any recovery and resolution planning efforts by the Covered Bank’s holding company so that the plans are consistent with and do not contradict each other.
Management and Board Responsibilities
The recovery plan should address the following management and board responsibilities:
Management. Management should review the recovery plan at least annually and in response to a material event. It should revise the plan as necessary to reflect material changes in the Covered Bank’s risk profile, complexity, size, and activities, as well as changes in external threats. This review should evaluate the organizational structure and its effectiveness in facilitating a recovery.
Board of Directors. The board of directors or an appropriate committee of the board should review and approve the recovery plan at least annually and as needed to address any changes made by management.
3. Describe whether, and to what extent, the collection of information involves the use of automated, electronic, mechanical, or other technological collection techniques or other forms of information technology. Describe any consideration of using information technology to reduce burden.
Respondents may use any method of improved technology that meets the requirements of the regulation.
4. Efforts to identify duplication.
The required information is unique and is not duplicative of any other information already collected.
5. Methods used to minimize burden if the collection has a significant impact on a substantial under of small entities.
The information collection does not have a significant impact on a substantial number of small businesses or other small entities.
6. Consequence to Federal program if the collection were conducted less frequently, as well as any technical or legal obstacles to reducing burden.
The consequences of collecting the information less frequently would be to prevent the OCC from developing a set of guidelines that strengthen the governance and risk management practices of large, complex institutions.
7. Special circumstances that would cause an information collection to be conducted in a manner inconsistent with 5 CFR par 1320.
The information collection would be conducted in a manner consistent with 5 CFR Part 1320.5(d)(2).
8. Efforts to consult with persons outside the agency.
As part of a notice of proposed rulemaking, the OCC published the information collection for 60 days of comment.
9. Payment or gift to respondents.
The OCC has not provided and has no intention to provide any payment or gift to respondents under this information collection.
10. Any assurance of confidentiality.
The information collection request will be kept private to the extent permissible by law.
11. Justification for questions of a sensitive nature.
None.
12. Burden estimate.
The OCC estimates the burden of this collection of information as follows:
Frequency of Response: On occasion.
Affected Public: Businesses or other for-profit organizations.
Burden Estimates:
Total Number of Respondents: 23
Total Burden per Respondent: 7,543 hours
Total Burden for Collection: 173,489 hours
13. Estimate of total annual costs to respondents (excluding cost of hour burden in Item #12.
None.
14. Estimate of annualized cost to the Federal government.
None.
15. Change in burden.
This is a new information collection request.
16. Information regarding collections whose results are to be published for statistical use.
There are no publications.
17. Reasons for not displaying OMB approval expiration date.
The agency is not seeking to not display the expiration date of OMB approval of the information collection.
18. Exceptions to the certification statement.
There are no exceptions to the certification.
B. Collections of Information Employing Statistical Methods
The collection of this information does not employ statistical methods. Statistical methods are not appropriate for the type of information collected and would not reduce burden or improve accuracy of results.
1 12 U.S.C. 1831p-1. Section 39 was enacted as part of the Federal Deposit Insurance Corporation Improvement Act of 1991, P.L. 102-242, section 132(a), 105 Stat. 2236, 2267-70 (Dec. 19, 1991).
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| Author | shaquita.merritt |
| File Modified | 0000-00-00 |
| File Created | 2021-01-24 |