FR4022_20160627_omb

Supporting Statement for the
Recordkeeping Requirements Associated with the
Interagency Statement on Complex Structured Finance Activities
(FR 4022; OMB No. 7100-0311)
Summary
The Board of Governors of the Federal Reserve System (Board) proposes to extend for
three years, without revision, the voluntary Recordkeeping Requirements Associated with the
Interagency Statement on Complex Structured Finance Activities (FR 4022; OMB No. 71000311).1 The Paperwork Reduction Act (PRA) classifies reporting, recordkeeping, or disclosure
requirements of agency guidance as an “information collection.”2 The PRA requires the Board
to renew authority for information collections every three years.
The guidance provides that state member banks, bank holding companies, and U.S.
branches and agencies of foreign banks supervised by the Board should establish and maintain
policies and procedures for identifying, evaluating, assessing, documenting, and controlling risks
associated with certain complex structured finance transactions (CSFTs). The guidance requires
supervised entities to provide sufficient information and convey reports to the institution’s
management and board of directors concerning elevated risks from CSFTs. Such required
internally generated reports constitutes recordkeeping under the PRA. The Board’s total annual
burden is estimated to be 10 hours for each of the 18 financial institutions that are likely to be
subject to the guidance. There are no required reporting forms associated with the guidance.
Background and Justification
Financial markets have grown rapidly over recent decades and innovations in financial
instruments have facilitated the structuring of cash flows and allocation of risk among creditors,
borrowers, and investors in more efficient ways. Financial derivatives for market and credit risk,
asset-backed securities with customized cash flow features, specialized financial conduits that
manage pools of assets, and other types of structured finance transactions serve important
purposes, such as diversifying risks, allocating cash flows, and reducing cost of capital. As a
result, structured finance transactions, including the more complex variations of these
transactions, now are an essential part of U.S. and international capital markets.
When a financial institution participates in a CSFT, it bears the usual market, credit, and
operational risks associated with the transaction. In some circumstances, a financial institution
also may face heightened legal or reputational risks due to its involvement in a CSFT. For
example, a financial institution involved in a CSFT may face heightened risk if the customer’s
regulatory, tax, or accounting treatment for the CSFT, or disclosures concerning the CSFT in its
public filings or financial statements, do not comply with applicable laws, regulations, or
accounting principles.

1
2

Refer to (Supervision and Regulation) SR letter 07-5 for the interagency statement.
See 44 U.S.C. § 3501 et seq.

In some cases, certain CSFTs appear to have been used in illegal schemes that
misrepresented the financial condition of public companies to investors and regulatory
authorities. Those cases highlight the substantial legal and reputational risks that financial
institutions may face when they participate in a CSFT that is used by the institutions’ customers
to circumvent regulatory or financial reporting requirements or further other illegal behaviors.
After conducting investigations, the Office of the Comptroller of the Currency (OCC), the Board,
and the Securities and Exchange Commission (SEC) took strong and coordinated civil and
administrative enforcement actions in July 2003 against certain financial institutions that
engaged in CSFTs that appeared to have been designed or used to shield their customers’ true
financial health from the public. These actions involved significant financial penalties on the
institutions and required the institutions to take several measures to strengthen their risk
management procedures for CSFTs. The complex structured finance relationships involving
these financial institutions also sparked an investigation by the Permanent Subcommittee on
Governmental Affairs of the United States Senate, as well as numerous lawsuits by private
litigants.
Following these investigations from 2003 to 2004, the OCC, the Board, and SEC
conducted special reviews of several large banking and securities firms that are significant
participants in the market for CSFTs. These reviews were designed to evaluate the new product
approval, transaction approval, and other internal controls and processes used by these
institutions to identify and manage the legal, reputational, and other risks associated with CSFTs.
These assessments indicated that many of the large financial institutions engaged in CSFTs
already had taken meaningful steps to improve their control infrastructure relating to CSFTs.
Further, the agencies’ supervisory staffs continue to monitor the complex structured finance
activities of financial institutions during the normal course of the supervisory process.
To further assist financial institutions in identifying, managing, and addressing the risks
that may be associated with CSFTs, the agencies developed the interagency guidance titled,
“Interagency Statement on Sound Practices Concerning Elevated Risk Complex Structured
Finance Activities” (the Statement).
Description of Information Collection
The Statement provides that state member banks, bank holding companies, and U.S.
branches and agencies of foreign banks supervised by the Board should establish and maintain
policies and procedures for identifying, evaluating, assessing, documenting, and controlling risks
associated with CSFTs. This guidance requires supervised entities to provide sufficient
information and convey reports to the institution’s management and board of directors
concerning elevated risks from CSFTs. Such required internally generated reports constitute
recordkeeping under the PRA.
Specific provisions of the Statement are described as follows:
A financial institution engaged in CSFTs should maintain a set of formal, firm-wide
policies and procedures that are designed to allow the institution to identify, evaluate, assess,
document, and control the full range of credit, market, operational, legal, and reputational risks

2

associated with these transactions. These policies may be developed specifically for CSFTs or
included in the set of broader policies governing the institution generally. A financial institution
operating in foreign jurisdictions may tailor its policies and procedures as appropriate to account
for, and comply with, the applicable laws, regulations, and standards of those jurisdictions.
A financial institution’s policies and procedures should establish a clear framework for
the review and approval of individual CSFTs. These policies and procedures should set forth the
responsibilities of the personnel involved in the origination, structuring, trading, review,
approval, documentation, verification, and execution of CSFTs. A financial institution should
define what constitutes a new complex structured finance product and establish a control process
for the approval of such new product. An institution’s policies also should provide for new
complex structured finance products to receive the approval of all relevant control areas that are
independent of the profit center before the products are offered to customers.
Identifying Elevated Risk CSFTs
As part of its transaction and new product approval controls, a financial institution should
establish and maintain policies, procedures, and systems to identify elevated risk CSFTs.
Because of the potential risks they present to the institution, transactions or new products
identified as elevated risk CSFTs should be subject to heightened reviews during the institution’s
transaction or new product approval processes. The goal of each institution’s policies and
procedures should be to identify those CSFTs that warrant additional scrutiny in the transaction
or new product approval process due to concerns regarding legal or reputational risks.
Due Diligence, Approval, and Documentation Process for Elevated Risk CSFTs
Having developed a process to identify elevated risk CSFTs, a financial institution should
implement policies and procedures to conduct a heightened level of due diligence for these
transactions. The financial institution should design these policies and procedures to allow
personnel at an appropriate level to understand and evaluate the potential legal or reputational
risks presented by the transaction to the institution and to manage and address any heightened
legal or reputational risks ultimately found to exist with the transaction.
If a CSFT is identified as an elevated risk CSFT, the institution should carefully evaluate
and take appropriate steps to address the risks presented by the transaction with a particular focus
on those issues identified as potentially creating heightened levels of legal or reputational risk for
the institution. In general, a financial institution should conduct the level and amount of due
diligence for an elevated risk CSFT that is commensurate with the level of risks identified.
To appropriately understand and evaluate the potential legal and reputational risks
associated with an elevated risk CSFT that a financial institution has identified, the institution
may find it useful or necessary to obtain additional information from the customer or to obtain
specialized advice from qualified in-house or outside accounting, tax, legal, or other
professionals. As with any transaction, an institution should obtain satisfactory responses to its
material questions and concerns prior to consummation of a transaction.

3

In conducting its due diligence for an elevated risk CSFT, a financial institution should
independently analyze the potential risks to the institution from both the transaction and the
institution’s overall relationship with the customer. Moreover, a financial institution should
carefully consider whether it would be appropriate to rely on opinions or analyses prepared by or
for the customer concerning any significant accounting, tax, or legal issues associated with an
elevated risk CSFT.
A financial institution’s policies and procedures must provide that CSFTs identified as
having elevated legal or reputational risk are reviewed and approved by appropriate levels of
control and management personnel. The institution’s control framework should have procedures
to deliver the necessary or appropriate information to the personnel responsible for reviewing or
approving an elevated risk CSFT to allow them to properly perform their duties. Such
information may include, for example, the material terms of the transaction, a summary of the
institution’s relationship with the customer, and a discussion of the significant legal, reputational,
credit, market, and operational risks presented by the transaction.
The documentation that financial institutions use to support CSFTs is often highly
customized for individual transactions and negotiated with the customer. A financial institution
should create and collect sufficient documentation to allow the institution to:





document the material terms of the transaction,
enforce the material obligations of the counterparties,
confirm that customers have received all required disclosures concerning the transaction,
and
verify that the institution’s policies and procedures are being followed and allow the
internal audit function to monitor compliance with those policies and procedures.

When an institution’s policies and procedures require an elevated risk CSFT to be
submitted for approval to senior management, the institution should maintain the transactionrelated documentation provided to senior management as well as other documentation that reflect
management’s approval (or disapproval) of the transaction, any conditions imposed by senior
management, and the reasons for such action. The institution should retain documents created
for elevated risk CSFTs in accordance with its record retention policies and procedures as well as
applicable statutes and regulations.
Other Risk Management Principles for Elevated Risk CSFTs
The board and senior management of a financial institution also should, through both
actions and formalized policies, send a strong message throughout the financial institution about
the importance of compliance with the law and overall good business ethics. In appropriate
circumstances, a financial institution may also wish to consider implementing mechanisms
allowing personnel to confidentially submit concerns about the institution’s CSFT activities to
senior management. As in other areas of financial institution management, compensation and
incentive plans should be structured, in the context of elevated risk CSFTs, so that they provide
personnel with appropriate incentives to have due regard for the legal, ethical, and reputational
risk interests of the institution.

4

Financial institutions should conduct periodic independent reviews of their CSFT
activities to verify that their policies and controls relating to elevated risk CSFTs are being
implemented effectively and that elevated risk CSFTs are accurately identified and receive
proper approvals. Such monitoring may include more frequent assessments of the risk arising
from elevated risk CSFTs, both individually and within the context of the overall customer
relationship, and the results of this monitoring should be provided to an appropriate level of
management in the financial institution.
An institution should identify relevant personnel who may need specialized training
regarding CSFTs to be able to effectively perform their oversight and review responsibilities.
Appropriate training on the financial institution’s policies and procedures for handling elevated
risk CSFTs is critical. Financial institution personnel involved in CSFTs should be familiar with
the institution’s policies and procedures concerning elevated risk CSFTs, including the processes
established by the institution for identification and approval of elevated risk CSFTs and new
complex structured finance products and for the elevation of concerns regarding transactions or
products to appropriate levels of management. Financial institution personnel should be trained
to identify and properly handle elevated risk CSFTs that may result in a violation of law.
The internal audit department of a financial institution should regularly audit the financial
institution’s adherence to its own control procedures relating to elevated risk CSFTs and further
assess the adequacy of its policies and procedures related to elevated risk CSFTs. Internal audit
should periodically validate that business lines and individual employees are complying with the
financial institution’s standards for elevated risk CSFTs and appropriately identifying any
exceptions. This validation should include transaction testing for elevated risk CSFTs.
Time Schedule for Information Collection
The Statement includes the provisions discussed above and acknowledges that this
activity is one in which only large banking organizations engage and that few, if any, new
institutions would enter into this business activity. Therefore, the estimate of burden reflects the
time to revisit CSFT policies and procedures on a periodic basis to ensure that an institution’s
risk management systems continue to address the CSFT guidance.
Legal Status
The Board’s Legal Division has determined that sections 11(a), 11(i), 21, and 25 of the
Federal Reserve Act (12 U.S.C. §§ 248(a), 248(i), 483, and 602) authorize the Board to issue the
information collection and recordkeeping guidance associated with the Interagency Statement.
In addition, section 5(c) of the Bank Holding Company Act (12 U.S.C § 1844(c)), section 10(b)
of the Home Owners’ Loan Act (12 U.S.C. § 1467a (b)(2)), and section 13(a) of the International
Banking Act (12 U.S.C. § 3108(a)) provide further authority for the Board to issue such rules
and guidance. As a guidance document, the Interagency Statement is voluntary, although
conformance with the guidance may be the subject of review during examinations of institutions
engaged in CSFTs. No information is collected by the Board in connection with the Interagency
Statement, so the issue of confidentiality does not ordinarily arise. Should an institution’s
policies or procedures adopted pursuant to the Interagency Statement be retained as part of the

5

record of an institution’s examination, the records would be exempt from disclosure under
exemption (b)(8) of the Freedom of Information Act (5 U.S.C. 552(b)(8)).
Consultation Outside of the Agency
On April 4, 2016, the Board published a notice in the Federal Register (81 FR 19178)
requesting public comment for 60 days on the extension, without revision, of the FR 4022. The
comment period for this notice expired on June 3, 2016. The Board did not receive any
comments. On June 17, 2016, the Board published a final notice in the Federal Register
(81 FR 39641) for the FR 4022.
Estimate of Respondent Burden
The total annual burden for the guidance is 180 hours, as shown in the table below. Since
CSFTs are typically conducted by a limited number of large financial institutions, the Board
estimates that only 18 of the institutions it supervises are affected by the guidance. The Board
estimates that it will take the 18 respondents 10 hours each year to comply with the Statement.
Based on the Board’s experience in supervising the CSFT activities of financial institutions, the
Board believes that the recordkeeping requirements included in the Statement are generally
consistent with the types of policies and procedures that large financial institutions actively
involved in CSFTs already have developed and implemented as part of their usual and customary
business practices. The burden estimate for the recordkeeping requirements reflects the time to
revisit CSFT policies and procedures on a periodic basis to ensure that an institution’s risk
management systems continue to address the CSFT guidance. These recordkeeping
requirements represent less than 1 percent of the total Federal Reserve System paperwork
burden.

FR 4022
Maintain records
associated with the
compliance program

Number of
Annual
3
respondents frequency

18

1

Estimated
average hours
per response

Estimated
annual burden
hours

10

180

The total cost to the public for this information collection is estimated to be $9,567.4

3

Of these respondents, none are small entities as defined by the Small Business Administration (i.e., entities with
less than $550 million in total assets) www.sba.gov/contracting/getting-started-contractor/make-sure-you-meet-sbasize-standards/table-small-business-size-standards.
4
Total cost to the public was estimated using the following formula: percent of staff time, multiplied by annual
burden hours, multiplied by hourly rates (30% Office & Administrative Support at $17, 45% Financial Managers at
$65, 15% Lawyers at $66, and 10% Chief Executives at $89). Hourly rates for each occupational group are the
(rounded) mean hourly wages from the Bureau of Labor and Statistics (BLS), Occupational Employment and Wages
May 2015, published March 30, 2016 www.bls.gov/news.release/ocwage.t01.htm. Occupations are defined using
the BLS Occupational Classification System, www.bls.gov/soc/.

6

Sensitive Questions
This collection of information contains no questions of a sensitive nature, as defined by
OMB guidelines.
Estimate of Cost to the Federal Reserve System
Since the Board does not collect any information, the cost to the Federal Reserve System
is negligible.

7