Articles from Winter 2010
Regulators are scrutinizing community banks like never before. One of their biggest concerns is whether banks have adequate capital to withstand potential losses associated with high concentrations of commercial real estate (CRE) loans. Banks with a dangerously high level of CRE risk may be required to raise additional capital; no easy task in today’s environment. Undercapitalized banks also may be subject to FDIC-imposed rate caps. (See the sidebar “Be aware of the ‘national rate’ safe harbor.”)
To protect yourself, develop a capital defense plan as part of your preparation for regulatory exams. By taking a proactive approach, you can manage risk more effectively and make examiners more comfortable with your strategies for facing today’s challenges.
Commercial is the new residential
Home foreclosures and delinquencies may have triggered the current economic crisis, but CRE loans are receiving increasing attention. Recently, U.S. Comptroller of the Currency John Dugan observed that “the greatest challenge facing many banks . . . is the continued deterioration in commercial real estate loans.”
Over the last few years, construction and development loans have accounted for a significant portion of loan growth, particularly among community banks. As demand for these properties dries up and existing buildings struggle to attract tenants, the number of delinquencies and defaults is climbing rapidly.
Despite recent improvements in the banking industry, FDIC chair Sheila Bair recently told lawmakers that “there will be more failures.” Expressing concern about high concentrations of CRE loans, Bair suggested that as many as 100 banks could fail in 2010.
Preparation matters
Thorough preparation can make the difference between a positive and negative regulatory exam. Here are several best practices to consider:
Review regulatory guidance. Be familiar with the interagency guidance Concentrations in Commercial Real Estate Lending, Sound Risk Management Practices. The guidance, issued in 2006, outlines the elements of a solid risk management program, including board and management oversight, credit underwriting standards and stress testing. Be prepared to demonstrate that you’re following the guidance or have a strategy for moving in that direction.
Also review the banking agencies’ recent Policy Statement on Prudent Commercial Real Estate Loan Workouts. According to the Federal Reserve, banks that follow these guidelines will “not be subject to criticism . . . even if the restructured loans have weaknesses that result in adverse credit classifications.” In addition, reasonably restructured or renewed loans will not be subject to adverse classification solely because underlying collateral values have declined.
Review and classify your loan portfolio. Take a proactive approach to identifying problem loans and weaknesses, rather than waiting for examiners to uncover them. This will give you an opportunity to present the situation in the most favorable light and to explain the steps you’re taking to address any problems.
Also, classify your loans into relevant categories, such as industry, geography, property type or borrower type. This will allow you to present examiners with a more meaningful picture of your bank’s CRE risk. Commercial office buildings, for example, may be less risky than retail malls.
Examiners may assume that certain types of loans — such as those that have resulted in significant losses at other banks in your region — are highly risky unless you can demonstrate a borrower’s capacity to continue servicing the debt over the long term. Be sure that you’re able to document global cash-flow analyses and other steps you’ve taken to evaluate a borrower’s ability to repay a loan.
Revisit your ALLL methodologies. Review and document the methodologies you use to determine the allowance for loan and lease losses (ALLL). It’s particularly important to ensure that your assumptions — including historical loss rates — reflect current market conditions. Many banks look back three to five years in establishing their loss histories, but some examiners are limiting historical losses to as little as one year. Given the current state of affairs in the financial industry, such a policy can be devastating to a bank’s capital position.
To protect yourself, be prepared to explain to examiners why a longer loss period provides a more accurate assessment of your bank’s potential future losses.
Make good value judgments. Be sure you have effective policies and procedures for monitoring and adjusting collateral values. Assess the reasonableness of key assumptions on which the original valuation was based, and obtain new appraisals when existing appraisals are no longer meaningful.
Familiarize yourself with the latest developments in fair value accounting and work with your advisors to ensure that your securities holdings are classified and valued properly.
Test for stress. Stress testing is a highly effective technique for modeling the impact of fluctuating interest rates, changing economic conditions and other factors on asset quality, earnings and capital. Examiners expect banks to conduct periodic stress testing — at both the portfolio and the individual loan level — of their high-risk portfolios.
The best defense is a good offense
No one understands your business better than you. The best way to defend your capital in a regulatory exam is to prepare a presentation that accurately portrays your bank’s strengths and weaknesses and outlines your strategies for meeting the challenges ahead.
Sidebar: Be aware of the “national rate” safe harbor
The FDIC has amended its regulations regarding limits on deposit interest rates offered by institutions that are less than “well capitalized” according to FDIC standards. Under the new rule, issued in May 2009, interest rates paid by undercapitalized banks generally are capped at 75 basis points over a redefined “national rate.”
Under the new rule, the national rate, which the FDIC publishes weekly, is “a simple average of rates paid by all insured depository institutions and branches for which data are available.” Previously, the national rate was tied to yields on U.S. Treasury securities, which have been significantly lower than actual deposit rates, resulting in artificially low interest rate caps.
Keep in mind that the new rate caps merely establish a safe harbor: The national rate is presumed to be the prevailing rate in a market, but this presumption can be rebutted with evidence that prevailing rates in a bank’s market are higher.
Comprehensive Reg Z and UDAP changes take effect July 1
Banks that issue credit cards have until July 1, 2010, to line up their compliance strategies for a massively changed set of UDAP (unfair or deceptive acts or practices) and Regulation Z (truth in lending) rules. The Federal Reserve Board, the Office of Thrift Supervision and the National Credit Union Administration issued the rules in December 2008. Here’s a brief summary of the revisions.
The UDAP rule
The UDAP changes cover a wide spectrum of issues affecting consumers, including:
Reasonable time to make payments. The rule prohibits a credit card issuer from treating a payment as late unless the consumer has been given a “reasonable length of time” to pay his or her bill. The rule doesn’t define what’s “reasonable,” but provides a safe harbor for the issuer.
Payment allocation. The rule sets new requirements for the methods an issuer may use when allocating a consumer’s payment to outstanding balances.
Interest rate increases on new and outstanding balances. The rule requires issuers to disclose the specific rates that will apply to each category of transactions, with certain restrictions. The rule also limits the ability of issuers to increase credit card rates, but identifies several exemptions relating to account-opening disclosure, variable rates, advance notes, delinquency and workout arrangements.
Double-cycle billing. The rule prohibits double-cycle billing but is limited to circumstances in which the two-cycle method results in interest charges due to the loss of the grace period.
Fee-based accounts. The rule prohibits an issuer from financing security deposits or fees for the issuance or availability of credit during the first year in certain situations. Plus, security deposits and fees exceeding 25% of the initial credit limit must be spread over six months.
Reg Z amendments
The amendments to Regulation Z are aimed at improving the effectiveness of disclosures for open-end accounts. They cover these major issues:
Credit advertising. Advertisements must 1) disclose the periodic payment amount on a plan offered to finance the purchase of goods or services in a specified manner and 2) refer to a rate as “fixed” only if it specifies the time period for the fixed rate and if the rate won’t increase for any reason during that time.
Credit account disclosures. The rule revises the form, terminology and format for all of the open-end credit disclosures governed by Reg Z.
Change in terms/45-day notice. Creditors must provide at least 45 days’ (rather than the existing 15 days’) notice to increase rates on new account transactions or to increase key fees.
Billing error resolution. In some situations, creditors will be prohibited from reversing funds that were previously credited to the consumer’s account if the creditor determines there was no error.
Due dates for mailed payments. The rule provides a safe harbor for mailed payments that are treated as timely if received by 5 p.m. on the payment due date. Also, a creditor must treat a payment received by mail the next business day as a timely payment in certain situations.
Right to reject card and fees. Creditors can’t collect any fee before providing account-opening disclosures, with some exceptions.
Getting help
If your bank is involved in credit card issuance, begin the change process now while keeping an eye on other amendments that are in the pipeline. Your CPA can help you with compliance and training issues relating to these changes or refer you to a qualified source.
Over the last year or so, the financial world has focused a great deal of attention on fair value accounting and the Financial Accounting Standards Board’s (FASB’s) guidance on the subject. Much of that guidance has been designed to reassure companies that they need not value financial assets at fire-sale prices when markets for those assets are inactive or illiquid.
Another important accounting issue, particularly for banks, is the treatment of other-than-temporary impairment (OTTI) for investments. In mid-2009, FASB issued guidance that changes the way these impairments are recorded for certain securities. OTTI can have a significant impact on bank earnings and regulatory capital, so it’s important to have policies and procedures in place to deal with OTTI and to document your assessments carefully.
What is OTTI?
A debt or equity investment is impaired if its fair value is less than its amortized cost basis. If that happens, a bank must determine whether the impairment is other than temporary. Factors to consider in making this determination include:
Under previous rules, assets that experienced OTTI were written down to fair value, with a corresponding charge to earnings. Many banks felt that this treatment was unfair, particularly for securities they had no intention of selling.
In a depressed market, for example, a debt security’s fair value may decline even though there’s little or no change in the underlying cash flows. Arguably, a requirement that the holder write down the security to fair value, even if it intends to hold it to maturity, doesn’t fairly represent the underlying economics.
How does the new guidance work?
The new rules treat equity securities in essentially the same way as before, but they make significant changes to the treatment of debt securities classified as available-for-sale or held-to-maturity. If a bank determines that a debt security is other-than-temporarily impaired, it must then determine whether it intends to sell the security — or it’s more likely than not that it will be required to sell the security — before its anticipated recovery.
If the security is likely to be sold, the total amount of OTTI is written down and recognized in earnings. If it’s not likely to be sold, however, only the credit component of OTTI — that is, the loss attributable to the issuer’s inability or unwillingness to pay — is recognized in earnings. The noncredit component — which reflects losses caused by illiquidity, fluctuating interest rates or other factors — is recognized as other comprehensive income (OCI).
There’s no prescribed method for estimating the credit component of OTTI, although FASB’s guidance notes that one acceptable methodology is the same method used to account for the impairment of a loan. That method generally involves calculating the present value of expected future cash flows discounted at the effective interest rate.
Why does it matter?
Properly allocating OTTI between its credit and noncredit components is important for two reasons. First, by flowing through OCI, the noncredit component won’t reduce your bank’s earnings. And second, the noncredit component won’t affect your bank’s Tier 1 capital.
To minimize the impact of OTTI on earnings and regulatory capital, be sure that your bank has policies and procedures in place for classifying securities, determining fair value, assessing securities for OTTI and measuring the credit and noncredit components.
Many banks outsource a variety of activities, from office cleaning to data processing to anti-money-laundering compliance. The advantage of outsourcing is that it allows you to shift day-to-day performance of a function to a third party, freeing up your time to concentrate on your bank’s core functions. But that doesn’t mean you can sign the contract and forget about it. You can’t absolve yourself of the responsibility.
Federal regulations require banks to develop and maintain a vendor management program designed to protect customer information. And while these requirements may seem daunting, especially for smaller community banks, a risk-based approach can minimize the burden.
What the law requires
The Gramm-Leach-Bliley Act (GLBA) and its regulations require financial institutions to take various steps to provide administrative, technical and physical safeguards for customer records and information, including vendor oversight. To comply, your bank must:
Monitoring involves reviewing audits, summaries of test results and other equivalent evaluations of a service provider. For high-risk vendors, the bank should monitor and validate controls through periodic self-assessments or other means. High-risk vendors would include outsourced core processors, Internet-banking providers and vendors with information on customers that would be a risk if someone else had access to it.
Risk assessment
The GLBA emphasizes a risk-based approach to compliance. The appropriate scope of your vendor management program depends on your bank’s size and risk profile. The first step in designing a program, therefore, is to conduct a risk assessment. First, take inventory of all of your vendors that have access to or control of customer information. Next, list the type of access each vendor has, such as physical access, remote or on-site electronic access, and so on.
Finally, prioritize your vendors according to their level of access and the potential impact a breach would have on your bank and its customers. Keep in mind that access is not necessarily defined by job function. A janitorial service may not deal with customer information, but it may have physical access to such information if, for example, it’s allowed to work unsupervised in a room with unlocked filing cabinets.
Planning ahead
Based on your risk assessment and available resources, you can establish appropriate policies and procedures for selecting vendors, reviewing service contracts and overseeing vendor operations.
Articles from Summer 2010
Bankers on overdraft fees
Amendments to Regulation E now require customers to opt in to overdraft programs that assess a fee for ATM or one-time debit card transactions when there are insufficient funds in the account. A survey conducted by the Financial Managers Society on April 13, before the new requirement’s July 1 effective date, asked financial institutions how they planned to respond.
More than 75% of respondents said they already offered a courtesy pay program for ATM and/or debit transactions that includes overdraft fees. Of those, 94% said they would continue their programs after the new rules took effect, and the majority (86% for debit transactions and 85% for ATM transactions) said they wouldn’t change their (corresponding) fees.
TAG extends to 2011
The FDIC has extended its Transaction Account Guarantee (TAG) program through Dec. 31, 2010. The program had been set to expire at the end of June.
TAG provides depositors with unlimited coverage for noninterest-bearing transaction accounts — such as demand deposit accounts and other accounts that allow unlimited withdrawals and can’t earn interest. The TAG assessment reporting will be based on average daily account balances. And the FDIC reduced the maximum rate that can be paid for qualifying NOW accounts to 0.25% from 0.50%.
Weighing in on funding, liquidity risk
The federal banking agencies recently issued joint guidance on identifying, measuring, monitoring, and controlling their funding and liquidity risks. The guidance re-emphasizes the importance of cash flow projections, diversified funding sources, stress testing, a cushion of liquid assets, and a formal, well-developed contingency funding plan.
The agencies issued the guidance on March 17. See Letter SR 10-6, “Interagency Policy Statement on Funding and Liquidity Risk Management,” at http://www.federalreserve.gov/boarddocs/srletters.
Overtime pay for mortgage lenders
In a reversal of its previous opinion, the U.S. Department of Labor on March 24 issued Administrator’s Interpretation No. 2010-1, concluding that typical mortgage loan officers aren’t exempt from overtime requirements, as administrative employees are. As a result, banks should carefully review the job descriptions of their mortgage loan officers and employees who perform similar duties to be sure they’re classified properly.
UBPR modernized
The federal banking agencies have modernized the Uniform Bank Performance Report (UBPR), allowing for faster, more accurate delivery, more frequent updates and other enhancements. In addition to providing expanded content, the modernized system uses eXtensible Business Reporting Language to deliver bank financial information in a format that’s easier for banks to download and manipulate.
Mortgage fraud is among the fastest growing white-collar crimes in the United States. According to the Financial Crimes Enforcement Network, the number of Suspicious Activity Reports (SARs) reporting mortgage fraud ballooned from around 3,500 in 2000 to nearly 65,000 in 2008. And the first six months of 2009 were on pace with 2008, according to the latest information available from The SAR Activity Review (January 2010).
Preventing and detecting mortgage fraud may seem like a daunting task. But while there’s no foolproof method for fending off fraudsters, it’s critical for your bank to have an antifraud program. A solid program will help you: 1) deter fraud, 2) detect fraud early so you can respond quickly, and 3) satisfy regulators that any frauds that do occur aren’t the result of a systemic failure.
Fraud school
One of the most important things you can do to combat mortgage fraud is to teach employees to understand the mechanics of common fraud schemes and to recognize the red flags. A good place to start is by reading the FFIEC’s February 2010 report, “The Detection and Deterrence of Mortgage Fraud Against Financial Institutions: A White Paper.”
The 97-page report provides a comprehensive look at mortgage fraud and outlines best practices for preventing fraud and red flags for detecting it. The report details older fraud schemes as well as newer ones and describes the most common mechanisms used to perpetrate these schemes, including asset “rental,” fake down payments, fraudulent appraisals and documentation, and identity theft.
Buy and bail schemes
One fairly new scheme is called “buy and bail.” Here’s how it works: Suppose that Sara lives in a house she purchased in 2007 for $500,000, but its value has declined to $350,000. She’s current on her adjustable rate mortgage, but she’s concerned that she won’t be able to afford the payments when the rate adjusts upward in a few months.
Sara finds a comparable house selling for $275,000 and obtains a loan to purchase it by falsely claiming to rent out her existing property. She moves into the new house and then defaults (or “bails”) on her mortgage on the first house.
The FFIEC recommends several best practices that can help prevent this type of fraud, including reviewing the borrower’s credit report for recent deficiencies, verifying rental agreements and evaluating the reasonableness of rental cash flows. Red flags that may indicate a buy and bail scheme include second homes with substantially lower values or loan amounts, borrowers with minimal or no equity, purported tenants who have a pre-existing relationship with the borrower, and borrowers who default on the original mortgage shortly after purchasing a second property.
Best practices
The FFIEC report contains a comprehensive list of best practices and red flags on a scheme-by-scheme and mechanism-by-mechanism basis. Best practices that are common to many fraud schemes and mechanisms include establishing an employee training program and providing employees with regular fraud updates.
Your bank also should establish prudent customer due diligence and identification procedures, scrutinize borrowers’ financial information for unusual items or trends, establish independent verification procedures to ensure the accuracy of submitted information, and conduct prefunding and postclosing reviews to look for inconsistencies. Other core best practices include:
The appropriate best practices depend on factors such as your bank’s size, location, product and service offerings, and risk profile.
Get with the program
Mortgage fraud is a costly problem for banks, and it’s likely to get worse. To minimize your bank’s losses, be sure you have a plan for preventing, detecting and mitigating it.
How to assess if a customer will fail
The economy is on the mend, but businesses of all kinds continue to shut their doors. To protect your bank from being left holding the proverbial bag, you need to identify borrowers that can’t turn themselves around. Spotting borrowers that have likely reached the point of no return — vs. those able to rebound — can be accomplished if you diligently search for warning signs.
Recognizing severity
Universal warning signs recognized by lenders include problems with working capital, operating cash flow, credit lines and collateral values. These problems may be severe — or not.
For example, a working capital problem involving one large bill that’s 60 days outstanding due to an invoicing mistake is probably collectible. But several invoices that are over 120 days are probably not. The first scenario is something a customer likely could overcome, although the company might temporarily max out its line of credit. The second scenario looks like a critical situation that, if severe enough, could foretell a bankruptcy.
Minor problems materialize as, say, a few late bills, occasional cash overdrafts or subtle changes in gross margin on financial statements. But irreparable damages show up as payables over 90 days old, vendor demands for cash on delivery, unpaid payroll and recurring net losses.
Answering wake-up calls
Because most borrowers prepare only annual financial statements, the numbers often reveal too little, too late. To avoid financial statement surprises at year end, consider asking borrowers to submit monthly or quarterly reports. Strong borrowers likely will comply, but weaker ones may have something to hide and resist your request.
Other wake-up calls are missed loan payments, lapsed insurance coverage and late financial statements. For closely held companies, keep an eye on personal credit card accounts that might be tapped to fund corporate cash shortfalls. A qualified audit opinion — when the auditor disagrees with the treatment or disclosure of information in the financial statements — also is cause for alarm.
Spotting non-numeric red flags
Also keep your eyes open for the non-numeric indicators of distress. For example, when you visit a retailer, do its stores appear understocked or understaffed? Does the borrower fail to return phone calls? Are leasehold improvements and signage up-to-date? Does the company advertise liquidation sales or steep discounts?
Other telltale signs of impending bankruptcy include heavy layoffs and high turnover among employees, especially key managers and directors. These insiders often see the writing on the wall, and then make tracks for greener pastures. Major events — such as technological innovations by your customers’ competitors, uninsured losses or the bankruptcy of a major customer — also can have devastating effects on future operations.
Unveiling inside problems
Recession is an external factor that interrupts business operations. But irreparable financial distress often is rooted in internal problems. For example, poor management can be a leading indicator of financial distress. Watch out for gridlock among owners, lack of management depth, frivolous spending habits and personal problems, such as contentious divorces or gambling addictions.
The key to recovery is conceding that there is a problem. Distressed business owners must be able to ditch denial and implement stopgap measures, such as selling off underused equipment, liquidating inventory, asking employees to forgo raises and bonuses, renegotiating debt terms and converting fixed costs to variable.
Pinpointing strengths
An established track record is the best indicator of management strength. Investigate how a company performed during the 1992 and 2001 downturns. Then consider how market conditions have changed since the previous downturns. Of course, startups and new management teams require additional oversight to ensure continued viability.
Strong managers focus on core operations; veering off course, especially during a recession, can prove disastrous. Management also should know how to anticipate cash flow needs and to build a cash safety net in case of unforeseen events, such as a strike, a cost increase or a large warranty claim. Strong accounting systems identify which customers and products are most profitable — and which low-margin ones are disposable.
Your customers’ health
Identifying strengths will help you predict which of your business-loan customers likely will emerge from the down economy in good shape. And spotting warning signs will help ensure that your bank makes the correct lending decisions, even when it means pulling the plug.
Articles from Spring 2010
Community banks with high concentrations of commercial real estate (CRE) loans face a dilemma: Even though it may be in the best interest of both bank and borrower to modify or restructure a troubled CRE loan, workouts may also create a risk that the loan will be adversely classified by bank examiners, which can have a negative impact on the bank’s earnings, liquidity and capital.
Understanding federal guidance
Guidance issued last October from the federal banking agencies can help your bank resolve the CRE loan dilemma. The agencies’ joint Policy Statement on Prudent Commercial Real Estate Loan Workouts recognizes that loan workouts sometimes result in adverse classifications. But the statement provides assurance that your bank won’t be criticized for engaging in workout arrangements that follow statement guidelines. The statement also provides that a restructured CRE loan won’t be adversely classified solely because the value of the real estate has declined or because the borrower is in a distressed industry. This allows you to rework CRE loans to accommodate creditworthy borrowers without hurting your bank’s bottom line.
Reviewing borrower finances
To ensure your bank meets regulatory standards for CRE loan workouts, you should:
The policy statement provides detailed guidance on analyzing a borrower’s repayment capacity, evaluating guarantees and assessing collateral values. The guidance not only helps your bank meet regulators’ expectations for loan workouts, but it’s also a valuable tool for evaluating risks case-by-case.
Classifying loans
Regulators generally classify loans in one of five categories:
Depending on the severity of any recognized weaknesses, an adversely classified loan may require the bank to increase its reserves, place the loan on nonaccrual status or even recognize a loss. (See the sidebar “Troubled debt workouts.”)
Addressing sound borrowers
Naturally, banks are reluctant to approve loan workouts when doing so would have a negative impact on their financial statements. The policy statement provides banks with greater flexibility to rework loans to borrowers that are essentially sound without taking a financial hit.
One area where the new policy will be particularly valuable is extensions of maturing loans. Consider a loan made to finance a CRE construction project. If the value of the collateral has deteriorated, the borrower may have trouble obtaining long-term financing, even though it has the ability to continue servicing the debt. A reasonable extension of the maturity date won’t result in adverse classification absent some distinct weakness that jeopardizes repayment.
The statement also identifies the benefits of splitting a distressed loan into two separate loans: a “good” loan, for which the borrower has demonstrated a capacity to repay, and a “bad” loan, which is adversely classified and charged off as appropriate. Under the right circumstances, the good loan may be classified “pass” and remain on (or be returned to) accrual status. This strategy allows the bank to maintain at least a portion of the loan as a performing asset.
Developing a workout regimen
You should review your loan portfolio and set policies for dealing with distressed CRE loans. By following the policy statement’s guidelines, you can develop prudent workout strategies that will minimize the financial impact on your bank.
Sidebar: Troubled debt workouts
According to the banking regulators’ joint policy statement (see main article), modified CRE loans should be evaluated to determine whether they should be placed on nonaccrual status, whether they require adjustments to the bank’s reserves and whether they should be reported as a “troubled debt restructuring” (TDR).
Under Generally Accepted Accounting Principles, a workout is a TDR if the bank, for economic or legal reasons related to the borrower’s financial difficulties, grants a concession it wouldn’t otherwise consider. To determine whether a workout is a TDR, you must assess: 1) whether the borrower is experiencing financial difficulties, and 2) whether you’ve granted a concession.
Factors reflecting financial difficulties may include default on debts, bankruptcy and inadequate projected cash flow. Concessions may include renewing a loan at a below-market interest rate or adding contingent payment provisions. Loans reported as TDRs must be evaluated for impairment, which can cause the bank to recognize a loss.
Last year’s so-called bailout of some of the nation’s largest banks created an excess of taxpayer ill will. To avoid similar misgivings among your customers, now’s an optimal time to review your directors & officers (D&O) liability protection. Here are four points to keep in mind:
1. A typical policy contains three parts. The first part protects individual directors and officers against personal liability to the extent they’re not indemnified by the bank. That may happen if the bank is legally prohibited from indemnifying them (for instance, in a derivative action) or is financially unable to do so. The second part reimburses the bank for indemnification payments made to directors and officers. And the third covers the bank for its own liabilities in connection with claims against directors and officers.
2. Broad coverage is desirable. Lawsuits against directors and officers almost always name the bank, too. Most new D&O policies — but not all of them — include entity coverage. But even if your policy includes this coverage, recoveries could be limited. “Named-peril” policies cover only specific types of exposure. “Bankers professional liability” policies, for example, may limit entity coverage to claims involving specific fee-based services. And some policies are limited to claims brought by certain individuals, such as customers. That means coverage would be excluded for claims by regulators, employees, shareholders and other third parties. If possible, negotiate a policy with “broad form company liability” coverage.
3. Limits should reflect your bank’s needs. Policy limits should be in line with your bank’s structure, activities, risk profile and risk tolerance. Bear in mind that, unlike a typical general liability policy, a D&O policy’s limits include defense costs. For example, if your policy has a $5 million aggregate limit and you incur $5 million in attorneys’ fees and court costs defending a claim, there will be nothing left to satisfy a judgment or settlement.
You’ll also want your policy to advance defense costs. Even if the policy will ultimately reimburse these costs, requiring individual directors and officers to cover them as they’re billed can be an enormous hardship. Sometimes claims against the bank can “erode” the limits available for individual directors and officers. Consider buying a separate “A-side” policy or negotiating nonerosion language to ensure that claims against your bank won’t deprive individual directors and officers of personal-liability protection.
Also, look for “order of payments” language providing that claims against individual directors and officers will be paid before claims against the bank. This provides an extra layer of protection for directors and officers, and can help prevent D&O proceeds from being treated as bank assets if bankruptcy should occur.
4. Your application should be accurate. Most D&O policies allow the insurance company to rescind the policy in the event of any “material misstatements or omissions” in the application. Although the rescission is generally limited to directors and officers who knew about misstatements or omissions at the time the application was filed, this knowledge can be imputed to others. In other words, the insurer can cancel coverage even for directors and officers who weren’t involved in the application process and were unaware of any alleged misrepresentations.
Is your ALM model capturing your bank’s risks?
Asset-liability management (ALM) is a critical activity for banks — not just for meeting regulators’ expectations, but also as a strategic tool for controlling risk and enhancing performance. In today’s high-risk environment, it’s critical for a bank’s board of directors or asset and liability committee to take a proactive approach to ALM.
There are a variety of ALM modeling software programs available, ranging from simple spreadsheets to outsourced solutions and sophisticated, highly customized in-house systems. Here are some questions to ask as you evaluate your bank’s program.
What’s your bank’s risk profile?
The right ALM system for your bank depends on the complexity of your balance sheet and the degree of risk to which it’s exposed. Nearly every balance sheet includes some level of complex financial products and instruments where simulation modeling is needed. These products and instruments typically contain embedded options — such as prepayment rights for loans or securities and early withdrawal options on deposits.
There might also be put or call provisions, caps and floors, or conversion rights on investments or alternative funding sources. Evaluating the risks these options present requires detailed assumptions about future interest rates, economic conditions and customer and investor behavior.
Is your model dynamic?
Static simulation models are simpler but of limited value because they assume a constant balance sheet without new growth. More sophisticated dynamic models incorporate assumptions about potential new business and changes in business lines. Again, the level of sophistication your bank requires depends on its risk profile.
A model is only as good as its assumptions. A dynamic model will include assumptions about the behavior of your bank’s current business as well as assumptions about future business. Where does this data come from? Some models incorporate actual details about your portfolio, while others rely on aggregate data. Actual details should be imported directly into the program to avoid errors.
What about liquidity risk?
Traditionally, ALM models have focused on interest rate risk, but in recent years liquidity risk has emerged as a significant financial risk. Much of the data captured by ALM models can be useful in managing liquidity risk, but few banks take full advantage of these capabilities. Check to see if your ALM software can measure liquidity risk or export the necessary data to a liquidity modeling program.
Managing risk
ALM modeling allows you to measure your bank’s risks and to take action — such as reducing your exposure or increasing your capital — if those risks are unacceptably high. The type of model and level of sophistication that’s right for your bank depends on its size, complexity, business model, risk profile and other characteristics.
Banks are governed by a wide array of regulatory bodies, including the federal banking agencies, the IRS, the SEC and various state agencies. These regulators can have a significant impact — both positive and negative — on your bank’s bottom line, so it’s important to monitor their activities. Here are a few suggestions based on recent regulatory developments.
Review securities activities
Regulation R, which was issued jointly by the SEC and the Federal Reserve, defines the extent to which a bank’s securities activities are subject to SEC oversight. If your bank’s activities go beyond those permitted by Regulation R, you must either register as a broker with the SEC or “push out” these activities to a registered broker. Failure to comply can result in hefty fines as well as potential criminal penalties.
As you review your bank’s securities activities for compliance with Regulation R, consider whether it would be advantageous to expand these activities and register as a broker with the SEC. For some banks, the cost of registration will be more than justified by the additional fee income it will generate.
Most banks are involved with securities transactions to some extent. The goal of Regulation R is to strike a balance between a bank’s need to accommodate its customers and the SEC’s interest in protecting consumers. Unless your bank falls within one of the regulation’s narrowly defined exceptions, it may be subject to the SEC’s broker-dealer registration requirements.
Key exceptions relate to third-party networking arrangements, trust and fiduciary activities, deposit “sweep” activities, and custody and safekeeping activities. For example, the second exception permits banks to effect securities transactions for trust and fiduciary customers provided their compensation is limited to certain types of fees, such as an annual fee or a percentage of assets under management. The sweep account exception permits banks to sweep funds into qualifying “no-load” money market funds.
Look into enterprise zones
Many states offer tax incentives for banks that loan money to businesses in economically distressed “enterprise zones.” Some states allow lenders to take a “net interest deduction” — in other words, net interest income on qualifying loans is tax free. Others offer tax credits equal to a percentage of a bank’s interest income from enterprise-zone loans.
Recently, California’s Franchise Tax Board announced that it was expanding its net interest deduction to include loans made to not-for-profit organizations operating in enterprise zones. The board recognized nonprofits as being “engaged in a trade or business” for purposes of the deduction.
If you haven’t already done so, it pays to research enterprise-zone benefits and similar tax breaks in the states where your bank does business.
Watch for FDIC premium deductions
FDIC-insured financial institutions were required to prepay more than three years’ worth of estimated quarterly risk-based assessments by Dec. 30, 2009. The prepayment covered the fourth quarter of 2009 up to and including the fourth quarter of 2012. Many banks hoped that this additional financial burden would be eased somewhat by an accelerated income tax deduction. But the IRS has announced that it won’t permit such a deduction.
Generally, prepaid expenses are capitalized and deducted over the period during which the benefits are received. There’s an exception, however, for prepaid expenses whose benefits don’t extend beyond the earlier of 12 months after the benefits begin or the end of the following taxable year. Banking groups argued that, because the FDIC’s invoices clearly separated prepayments attributable to 2010, the “12-month rule” permits banks to deduct these amounts on their 2009 returns.
In an oral conversation with the American Bankers Association, an IRS representative said that the agency will treat the prepayments as a single lump sum that relates to the entire 13-quarter period, so the 12-month rule won’t apply. Still, banks should monitor developments in this area. Should a court rule against the IRS on this issue, banks might be entitled to amend their returns and claim an accelerated deduction.
Explore opportunities, face challenges
It’s tempting to view banking and tax regulations as nothing more than a compliance headache. But paying close attention to regulatory developments can also reveal opportunities to boost — or situations that shrink — your bottom line.
Articles from Winter 2009
Financial crisis creates opportunities
The financial crisis has severely damaged many large banks — as well as economies around the globe. But for many community banks, this dark cloud may have a silver lining.
Weathering the storm
The subprime mortgage market’s collapse led to some of the largest bank failures in U.S. history and forced several venerable investment banking and mortgage companies to shut their doors. Many of the institutions that have survived have severely curtailed or eliminated lending secured by single-family homes. Your community bank may be positioned to fill the void.
If, like most community banks, yours steered clear of the subprime mortgage market, it’s likely that your residential mortgage business remains relatively healthy. The key term here, of course, is “relatively.” Your bank certainly isn’t immune to declining housing prices, tightening credit and a struggling economy that’s affecting all financial institutions. The good news is that you managed to stay in the eye of the subprime storm, giving you an edge over many of your larger competitors and putting you in a good position to grab market share as the economy recovers.
Forecast hazy
Although the economy’s precarious state should concern all businesses, community bankers may have reason to be optimistic, as indicated by the American Bankers Association’s 15th Annual Real Estate Lending Survey Report, published in February 2008. Keep in mind that the survey was conducted after the subprime mortgage collapse, but before the events that led to the government bailout.
At that time, 39% of community bankers expected single-family lending to increase, while another 39% expected it to stay the same. As the ABA observed, “This forecast is consistent with the often expressed view that community banks are well positioned to gain market share as other lenders falter.”
Indeed, the nature of community banking gives you a decided advantage. As larger players exit the market, local banks are increasingly viewed as the best alternative. And despite an overall decline in residential mortgage applications, some community banks have seen increased application numbers. What’s more, without large banks underbidding you, your bank may even enjoy a more favorable pricing environment.
The potential benefits for your bank extend beyond residential lending. In the wake of the subprime collapse, many large financial institutions also are re-evaluating their commercial lending programs, especially for small businesses. This is likely to open up new opportunities for local banks. The industry also may see growth in bank deposits as weary investors seek shelter from the volatile stock market.
Bring an umbrella
The forecast for community banks seems relatively clear, but conditions can change quickly, so it’s important to exercise caution. Your bank shouldn’t abandon the conservative lending standards that helped shelter it from the subprime mess in the first place. Much of the new lending business created by the withdrawal of large banks from local markets involves greater credit risk. So although these borrowers aren’t considered subprime, many of them have credit issues or would have been candidates for low-documentation loans at larger institutions.
As you take advantage of opportunities to increase your market share and boost pricing, don’t lose sight of credit quality. Maintain your credit standards, pay attention to risk management and look out for business and economic trends that may harm your customers. These days, seemingly strong customers can become problem borrowers overnight. Closely track loan quality statistics and other data that can signal borrower trouble.
If your bank isn’t currently involved in residential lending, these opportunities may be attractive. But keep in mind that residential lending involves relatively complex underwriting methodologies and a rigorous regulatory framework. The cost of noncompliance can easily wipe out any potential earnings. If you lack the in-house expertise to manage compliance with residential lending regulations, be sure to engage qualified outside consultants to assist you.
Enjoy the weather
Despite the gloomy economy, your community bank has a unique opportunity to build its business. To take advantage of the chance, ramp up your marketing efforts and renew relationships with realtors, appraisers, homebuilders and other referral sources. So long as you continue to follow sound lending practices, your bank will be prepared to weather this and future economic storms.
Use KPIs to monitor your bank’s financial health
Most prudent people see their doctors for regular checkups even if they feel fine. A physical exam can provide an early warning of potential problems before they become more serious.
For similar reasons, banks should continually monitor their vital signs — also known as key performance indicators (KPIs). KPIs can alert you to dangerous conditions while there’s still time to react, providing you with invaluable information you can use to boost profits.
Custom treatment
There are many KPIs that you can use to measure your bank’s performance and compare it with the competition’s. (See the sidebar “Running a few tests” on page 4 for examples.) In addition, tying compensation to KPIs can be an effective way to motivate employees to improve your bank’s performance.
KPIs include a variety of financial ratios and other metrics, many of which can be pulled from your bank’s financial statements or Uniform Bank Performance Reports (UBPRs). Consider benchmarking your bank’s KPIs against industry or regional averages or against the top-performing banks in your area or the nation. If your numbers are significantly out of line, find out why and take action if necessary.
Although benchmarking against competitors and other industry players is a valuable exercise, it’s even more important to tailor your analysis to your bank’s particular characteristics. Just as “normal” vital signs vary from person to person, a particular KPI may deviate from industry norms even when the bank is in good financial health.
A healthy dose of liquidity
To give you an idea of how important liquidity is to bank performance, the UBPR contains 12 different liquidity ratios that can be used as KPIs. But each bank is unique and may derive liquidity from different sources on both sides of the balance sheet — or even from off-balance-sheet activities.
Financial ratios can help you quantify liquidity, but many other qualitative factors influence your bank’s liquidity risk, such as borrowing capacity and deposit structure. Two banks may have identical liquidity ratios, but if one is more likely to experience early withdrawals, for example, its liquidity risk is much higher.
In a discussion of liquidity in its Comptroller’s Handbook, the OCC illustrates this point: “[A] well-capitalized bank may have a loan to deposit ratio of 90% and not have any liquidity problems, while another bank with the same ratio may be sapped of liquidity and nearly insolvent because it relied heavily on a concentration of short-term credit-sensitive deposits for day-to-day funding and on the Federal Reserve discount window for emergency funding.”
Apples compared to apples
When working with KPIs, be aware of the varying methods of calculating them. For any given ratio, there may be several alternatives for the information that goes in the numerator, the denominator or both.
Take, for instance, the efficiency ratio, which measures how effectively a bank generates revenue. The standard formula for computing the ratio is noninterest expense/(total income – interest expense). But some banks use the “gross income” approach: Efficiency ratio = noninterest expense/total income. The lower the resulting number, the more efficient the bank.
Unless you understand the components that make up a particular KPI, comparisons of your bank to other institutions, or even internal comparisons of different time periods at your own bank, can be misleading.
Symptoms to spot
For KPIs to have real value, you need to analyze them in light of your bank’s unique structure, size, location, product mix, risk profile and other attributes. Once you understand what a KPI means for your institution and have determined an appropriate range of values, you can monitor it over time for negative trends and act before they become financial disasters.
For example, if your efficiency ratio is rising, you may be suffering from “overhead creep” — a progressive, almost imperceptible growth in overhead costs that can gradually eat away your profits. Alternatively, something may be happening on the revenue side, such as declining fee-based services or excessive fee waivers, that’s hurting your efficiency.
A report on the top-performing community banks in the June 2008 issue of ABA Banking Journal sheds some light on the strategies banks use to maintain their financial health. It notes that top performers in all categories “were more efficient than their counterparts, posting average efficiency ratios of between 47% and 52%.”
The key to greater efficiency, however, wasn’t lower expenses, but higher revenues. Banks boosted revenue by selling branches, selling loan portfolios, and exiting markets or lines of business to focus their resources on more profitable activities.
To your health
Like dangerous health conditions, problems with your bank’s performance are easier to fix if they’re caught early on. By identifying your bank’s KPIs, monitoring them and reporting the results to management on a monthly, weekly or even daily basis, you can keep your finger on your bank’s pulse and react quickly to any potential threats.
Sidebar: Running a few tests
You have dozens of key performance indicators (KPIs) — both financial and nonfinancial — to monitor your bank’s performance. Besides the efficiency ratio discussed in the main article, the more common ones are:
Liquidity ratios and limits. These include balance sheet ratios, such as total loans/total deposits or total loans/total equity capital. Other indicators try to quantify a bank’s ability to meet its funding needs, such as total and net overnight funding volume/total assets and liquid assets minus short-dated liabilities. The key is finding two or three liquidity indicators that reflect your bank’s particular liquidity needs and issues.
Uninvested funds. Tracking total uninvested funds (less reserve requirements) shows how well you’re keeping the bank’s funds invested and generating income.
Loan activity. Another valuable indicator is the amount of loan commitments at the beginning and end of each period. You also might track outstanding loans, new loans, ending total loans and the amount of principal reduction during each period.
Deposit activity. The total value and number of new deposit accounts, as well as closed deposit accounts during each period, provide a measure of your bank’s growth. Also, substantial increases or decreases in your bank’s largest deposit accounts may be significant.
Profitability ratios. Return on equity (net income/owners’ equity) can show how well management is providing a return for the bank’s owners. Return on assets (net income/total assets) measures operational performance.
Nonfinancial indicators. Measures — such as customer satisfaction or number of customer visits — also can represent insight into your bank’s performance.
Proposed changes to FDIC regulations would tighten annual independent auditing and reporting requirements for community bankers. The FDIC says the proposed amendments to Part 363 of its regulations reflect “changes in the industry” and include certain “sound audit, reporting, and audit committee practices” from the Sarbanes-Oxley Act of 2002 (SOX).
The changes would apply to FDIC-insured institutions with $500 million or more in total assets. The public comment period ended on Jan. 31, 2008 — nearly a year ago — but at press time the FDIC had not yet finalized its proposed changes. Regardless of the outcome, the proposal reflects banking regulators’ interest in extending at least some of SOX’s requirements to privately held banks.
What’s required now?
Until it was amended in 2005, Part 363 required banks with $500 million or more in total assets to file an annual report with the FDIC and other federal and state banking regulators. Reports were required to contain:
The regulations also required covered banks to establish an independent audit committee comprising outside directors who are independent of bank management.
In November 2005, the FDIC amended the regulations to raise the asset threshold to $1 billion for requirements 3 and 4. And for banks with total assets between $500 million and $1 billion, the 2005 amendments provided that only a majority of the audit committee must be independent.
What would the proposal change?
The FDIC’s proposed amendments would, among other things:
The FDIC received a number of comments on its proposal, many of which objected that the amendments would needlessly increase the regulatory and administrative burden on privately held community banks. (Public banks are already subject to SOX.) The Independent Community Bankers of America (ICBA), for example, argued that when Congress passed SOX it “did not intend the PCAOB to become the accounting standard setter for auditors that perform audits of private companies.”
The ICBA also expressed concern that tighter independence requirements for auditors would create challenges for banks in locations with limited access to accounting firms. Similarly, stricter criteria for audit committee independence may make it more difficult for some community banks to find directors who meet the criteria to serve on their audit committees.
Finally, the ICBA felt that the new management report requirements would significantly complicate the preparation of the report. It worried that the new auditor communications rules would inappropriately diminish the role of management in privately held banks.
Stay tuned
If adopted, the proposed FDIC amendments would have a significant impact on your bank’s audit and reporting requirements. Be sure to monitor further developments, and consult your advisors to discuss the implications for your institution.
Is your online information protected?
As online banking continues to grow in popularity, even small banks are offering customers Web access to at least some of their products and services. But with this convenience comes an unwelcome byproduct: the threat of unauthorized access by hackers and identity thieves.
Information security is critical to maintaining customer relationships. Unless they’re confident that their money and personal data are safe, customers may take their business elsewhere. So it’s critical that you do everything possible to prevent online thieves from breaching your security.
What’s your risk profile?
Despite the importance of information security, throwing money at the problem isn’t the answer. And while there’s virtually no limit to the security measures you can put into place, no community bank has unlimited financial or staffing resources to dedicate to the project.
The first step, therefore, is to conduct a risk assessment to identify the areas where your institution is most vulnerable and to focus your resources in those areas. Every bank is different, so an appropriate allocation of resources depends on a variety of factors, including the types of online services you offer and your bank’s size, location and operational complexity.
Although not required, it’s a good idea to hire an independent third party to conduct the risk assessment. Your own staff could view the bank’s risks in terms of particular individuals rather than the activities themselves.
What type of security do you need?
Once you understand your bank’s risk profile, you can design an information security plan tailored to meet its needs. Security measures you might consider include:
These are only a few examples of the security measures you can take to protect customer information. The key is to identify the places where you’re most vulnerable and to adopt measures that target those spots.
A good investment
In the end, the time and expense you put into an assessment of your security risks — and controls to minimize them — will be a rock-solid step toward protecting your customers and your relationship with them. Technology as revolutionary as what the banking industry has experienced in the last decade demands nothing less.
Sidebar: Should you outsource it?
As security threats become more sophisticated and customer information harder to protect, many banks are turning to managed security service providers (MSSPs) for help. These companies can provide greater security measures than you might generate internally because they monitor the latest hacker strategies and typically offer cutting-edge technology solutions.
Many MSSPs provide around-the-clock monitoring to detect suspicious activities and repel any actual attacks. If you use an MSSP, however, you still need to dedicate internal resources to information security — although external threats are a serious concern, many of the most damaging attacks come from within.
Articles from Fall 2009
One byproduct of the financial crisis is an unprecedented number of failed or failing banks for sale. In recent months, troubled banks have been sold for substantial discounts, with little or no premium on core deposits.
For a healthy community bank, acquiring a failed or failing institution can provide a valuable strategic opportunity: It can be a cost-effective way to enter new geographical or demographic markets, build core deposits and take advantage of net operating losses and other tax benefits.
Keep in mind, however, that just because the price is low doesn’t mean you’re getting a bargain. Here are some tips for buying a troubled bank the right way:
Develop a strategy first. Rather than waiting for an opportunity to present itself, start thinking now about whether an acquisition could make sense for your bank. Is acquiring a troubled bank compatible with your institution’s strategic plan? Outline the benefits you hope to achieve and create a profile of the ideal acquisition target. Having a strategy in place will help you make the right decisions under the time constraints of a distressed sale.
Don’t skimp on due diligence. The only way to determine whether you’re getting a good deal is to determine how the target got into trouble and what you’ll need to do to correct it. Is the problem declining asset quality? Lack of capital? Securities losses? Fraud? Are there pending lawsuits or other contingent liabilities? Whatever the problem, will you be able to fix it?
Focus on valuation issues. In the current economic environment, valuing financial assets is extremely challenging. Taking the time to price the transaction appropriately can make the difference between a good deal and a disaster.
Determine the right structure. Work with your advisors to structure the deal in a way that will maximize your benefits and minimize your risks. For example, you might consider an asset-only deal or some sort of contingent pricing mechanism.
Many community banks are under enormous pressure to improve their earnings. And in a weak economy, like it or not, cost-cutting is an integral part of their strategy.
There’s no one right way to cut costs, but as you review your options, consider their potential impact on internal controls. For banks, like many companies, salaries represent a major fixed expense and are an obvious target for cost-reduction. But eliminating jobs can heighten a bank’s risk if affected employees are integral to internal control processes.
Why internal controls matter
Internal controls form the foundation of a bank’s risk management system. Weak or ineffective controls can lead to operational losses and often contribute to bank failures as well as create a higher risk of fraud.
The Association of Certified Fraud Examiners 2008 Report to the Nation on Occupational Fraud and Abuse demonstrates the importance of internal controls in preventing and detecting fraud. Survey participants said that the three most important factors that allowed fraud to occur were: lack of internal controls (35.2%), lack of management review (17.4%) and override of existing controls (17.4%). The survey also showed that median fraud losses were significantly lower in organizations that had implemented anti-fraud controls, such as surprise audits and job rotation.
How layoffs affect controls
Segregation of duties, for example, is a key control, especially for banks. Assigning different people responsibility for authorizing transactions, recording them and maintaining custody of assets makes it more unlikely that any one employee could both perpetrate a fraud or error and conceal it. To the extent that job elimination reduces the segregation of duties, it can significantly weaken a bank’s internal controls.
Another important concern is the internal audit function. Reducing IA staff — or cutting spending on an outsourced or co-sourced IA function, can severely diminish a bank’s ability to uncover accounting irregularities and fraud.
How to protect yourself
Ironically, internal controls are even more important now than they were when the economy was flourishing. The same economic forces that are causing banks to tighten their belts also are putting pressure on employees’ personal finances, so sacrificing internal controls may be an invitation for fraud. So it’s critical to protect yourself.
The first step is to review your internal control policies and procedures so you can anticipate the impact of contemplated cost-cutting measures. If a staff reduction is unavoidable, try to eliminate jobs that have little or no impact on internal controls.
If you must eliminate employees who perform internal control procedures, a risk assessment can help you identify the areas within the bank where job elimination will present the least amount of risk.
Finally, consider whether beefing up other types of controls — such as surprise audits, management or director oversight, job rotation, mandatory vacations, employee support programs or fraud training — can help compensate for weaknesses caused by cost-cutting.
Think long-term
In today’s economy, cost-cutting may be unavoidable. But as you take out your red pen, be sure to consider the risk-management implications. Don’t sacrifice your bank’s long-term strength and stability for the sake of short-term gains.
In times when cost-cutting is king, outsourcing some functions can be more appealing than ever to community banks. First and foremost, it can be more feasible than hiring full-time staff. But that’s not all.
Outsourcing also can shift the burden of keeping up with technological changes or compliance requirements to a responsible party outside of your institution.
And it can allow your bank to offer products and services you normally might be unable to afford — with outsourcing, the costs will be incremental rather than upfront. Additionally, it can give banks in small communities more access to a qualified workforce. The key to success is finding the areas of your bank’s operation that are right for outsourcing and carefully selecting and monitoring the service provider.
Should you outsource auditing?
A bank should have an internal audit function appropriate for its size and scope of activities. But some banks may have the same firm handle internal and external auditing functions when splitting audit activities poses a significant cost or burden. It also may be appropriate when people with the appropriate specialized knowledge and skills are difficult to locate and hire, the bank is closely held, or outsourced internal audit services are limited in scope or frequency.
If your bank uses the same firm for internal and external auditing, the audit committee should document its consideration of independence issues to and pre-approve the outsourced services to satisfy AICPA and regulatory guidance, which require independence.
Keep in mind that while the FDIC encourages nonpublic institutions with less than $500 million in assets to refrain from outsourcing internal audit activities to their external auditor it is allowed.
What about human resources?
It can be difficult to outsource HR because of the high interpersonal contact required, but many banks have determined that outsourcing specific aspects of HR will save them money and resources in the long run. For instance, it can be costly to keep up with payroll process software upgrades. By outsourcing payroll, you can reduce the administration costs and benefit from an improved process.
Benefits management also is commonly outsourced. This can provide workers with quick and easy access to information about their medical plans, flexible spending accounts, 401(k)s and more. Just be sure that you can guide your staff through the self-service process and respond to questions in a timely manner — it’s frustrating for employees if they have to ask multiple people to obtain information.
Keep in mind that your HR needs will change as your community bank grows. So you’ll want a provider that has the capability to meet new objectives, which may include recruitment, performance management, strategic growth and employment related compliance.
Any other functions?
Some community banks are farming out basic processes that underlie consumer products such as first and second mortgages, home equity lines of credit, auto loans, and credit cards. This allows your employees to focus more on underwriting risk with customers and prospects than on handling mortgage fulfillment.
Another outsourced service is proof of deposit, especially by banks that use an external data processor. This means no more proof machines and proof operators in-house. All of that work is handled by individuals who focus only on that function.
Where to start?
Before you sign a contract for an outsourcing arrangement, there’s groundwork to be done. First determine your objectives for outsourcing. Then develop an implementation plan, and be sure to include details on how you’ll evaluate the service provider’s performance.
Also, consider launching the outsourcing as a pilot program related to one product or service and then slowly expanding to other areas as your bank’s comfort level increases. With proper planning and monitoring, outsourcing can improve efficiency and save your bank money.
###
[Sidebar]
Over there
A growing number of Day 2 processing functions — capturing data, handling checks, and processing documents for loans and new account openings — is now being handled by via offshore outsourcing. But how much of a risk is this for community banks that pride themselves in knowing their customers better than their larger counterparts do?
Offshore outsourcing has challenges that you might not encounter with domestic outsourcing. You must become familiar with the political, cultural and regulatory environments into which your bank is entering in order to avoid possible interruptions in business due to unstable environments.
Your bank also should also anticipate public relations repercussions — especially in a downturned economy. So be prepared to assure customers that their information will be kept private and secure, and explain to your community why some products and services are being outsourced.
Articles from Summer 2009
For the first time in years, banks face significant numbers of troubled loans, so it’s important to be diligent in identifying, monitoring and, if appropriate, restructuring these loans.
Reworking a problem loan can be a viable alternative to foreclosure. Not only does it allow you to avoid the cost and stress of foreclosure proceedings, but in many cases it enables you to recover more of the loan principal than you would through a foreclosure sale. It also may help you retain a potentially profitable banking relationship.
As you review your loan portfolio and make decisions about how to handle troubled borrowers, it’s a good idea to familiarize yourself with the accounting issues surrounding “troubled debt restructurings” (TDRs).
Develop an early warning system
The earlier you identify potentially troubled loans, the better your chances of minimizing your losses, whether by restructuring loans or foreclosing. You should have systems in place to spot and monitor signs of increased credit risk in your portfolio, such as high concentrations of loans in particular geographical areas or loan types.
Other warning signs of credit risk include transactions with high loan-to-value ratios and borrowers with elevated debt-to-income ratios or large unsecured debt limits.
You also should look for signs that borrowers are experiencing financial difficulties, such as defaulting on one or more debts or lacking sufficient cash flow to service their debts.
The decision whether to restructure a loan or foreclose depends on your assessment of the borrower’s ability to repay the loan (as modified), the amount you could recover through foreclosure and the continued value of the banking relationship. A credit analysis can help you evaluate these factors and, as discussed below, can help you determine whether a modified loan would be considered a TDR for accounting purposes.
Know the difference between TDRs and other restructurings
Before you restructure a loan, it’s important to understand how it will affect your financial statements. The key issue is whether a restructuring constitutes a TDR. The criteria are found in FASB’s Statement of Financial Accounting Standards (FAS) No. 15, Accounting by Debtors and Creditors for Troubled Debt Restructurings.
Under FAS 15, a restructuring is a TDR if the bank “for economic or legal reasons related to the debtor’s financial difficulties grants a concession to the debtor that it would not otherwise consider.” Not every reworked loan is a TDR, though. Determining whether a restructuring is a TDR involves a two-part test:
Generally, the following factors indicate that a borrower is experiencing financial difficulty:
Concessions include assets transferred or equity interests granted in full or partial satisfaction of the loan (unless their fair value is equal to the loan’s book value). But the most common type of concession is a modification of loan terms.
Loan modifications might include reducing the interest rate, the principal or accrued interest; extending the maturity date at a below-market interest rate; adding contingent payment provisions (based on meeting profitability goals, for example); or substituting or adding a new borrower or guarantor.
It’s very important to understand, however, that not every loan modification is a TDR. A bank that renews or extends a loan at the same or a lower interest rate does not trigger TDR accounting if the rate is equal to the market rate for a new loan with similar risk. A lower rate may reflect declining market rates or the borrower’s increased creditworthiness, for example, rather than a troubled loan situation.
Understand the accounting implications
If a loan modification constitutes a TDR, then it must be evaluated for impairment in accordance with FAS 114, Accounting by Creditors for Impairment of a Loan. Generally, the amount of impairment is based on the difference between the loan balance and the present value of the loan’s expected future cash flows (discounted at the loan’s original interest rate). In some cases, however, impairment may be based on the loan’s observable market price or, if the loan is “collateral-dependent,” on the collateral’s fair value (less selling costs).
If the resulting amount is less than the loan’s book value, then the difference is the amount of impairment, which should be recognized as a valuation allowance or, if the impairment is determined to be uncollectible, as a loss. (See “TDR example” on page ___.)
Special rules apply when the bank receives assets or equity. But in general, if assets or equity are accepted in full satisfaction of a loan, impairment is based on their fair value (less selling costs in the case of certain long-lived assets).
Perform a credit analysis
Whenever you restructure, renew or extend a loan under modified terms, it’s important to conduct a thorough credit analysis. As explained above, a loan modification is not considered a TDR if the new terms are consistent with market rates for new loans with similar risks.
A credit analysis evaluates the risk associated with a restructured loan and helps support the bank’s classification of the restructuring as TDR or non-TDR.
Looking for trouble
This article touches on just a few of the accounting issues involved with restructured loans. Others issues include the accrual or nonaccrual status of TDRs, treatment of TDRs on call reports and the accounting treatment of loan modifications that are not TDRs.
In today’s struggling economy, banks need to be proactive in looking for signs of troubled loans and taking appropriate steps to minimize their losses. If a bank determines that restructuring a loan is the best course, then it’s important to understand and apply the relevant accounting standards.
[Sidebar]
An example of troubled debt restructuring (TDR)
John is unable to make the payments on a $300,000 loan from his bank. The loan is secured and bears interest at 5%, which also is the current market rate. The bank agrees to restructure the loan, with interest-only payments of 3% for two years and a final payment of $309,000 (the principal plus 3% interest) at the end of year three.
Assuming that the loan is neither collateral-dependent nor readily marketable, impairment is measured by the present value of expected future cash flows, discounted at the loan’s original interest rate. In this case, the present value of John’s expected payments under the restructured terms, discounted at 5%, is $283,661.
The impairment — that is, the difference between the loan’s recorded value ($300,000) and the present value of the payments ($283,661) — is recognized through a $16,339 valuation allowance.
Maintain adequate capital in today’s economy
The current financial crisis has most banks focusing on liquidity issues and credit risk. But they can’t afford to neglect capital adequacy. Not only is capital essential to a safe and sound financial institution, but without adequate capital, it’s difficult for banks to make new loans and engage in other activities that drive future growth.
Liquidity risk may be the most immediate threat, but a bank’s long-term survival depends on having enough capital to provide a cushion against unanticipated losses and future market volatility. Recent events have weakened many banks’ capital positions and created the need for strategies to deal with the problem.
How banks got into trouble
Banks are required to maintain levels of capital that are commensurate with their risk profiles. In other words, the greater the risk of losses associated with a bank’s activities and investments, the greater amount of capital it needs to absorb those potential losses.
In most cases, banks whose capital is dangerously low got into trouble not because they lost capital, but because their risk levels suddenly increased. Virtually everyone underestimated the risk associated with certain assets, and when the value of those assets plummeted, the capital buffer many banks thought they had disappeared.
Consider the Federal Home Loan Bank (FHLB) of Seattle. Earlier this year, the bank announced that it no longer met regulatory capital requirements. Although the bank’s capital-to-assets and leverage ratios were in compliance in December 2008, by the end of February 2009 it was suffering a risk-based capital deficiency, primarily caused by the declining value of certain mortgage-backed securities. In one year, the Seattle FHLB plunged from a $19 million profit to a $240 million loss.
Capital ideas
There are two basic approaches banks can use to address capital deficiencies. One is to raise new capital. The other is to eliminate risk to reduce their capital needs.
Raising capital. There are several ways to raise new capital, including:
One variation on the “borrowing at the holding company” strategy involves issuing trust-preferred securities (TPS). Bank holding companies can issue these securities, which possess characteristics of both equity and debt, and use the proceeds to provide capital for their subsidiary banks. TPS is an expensive way to raise capital, however, especially today. Opportunities to reduce costs by participating in pooled TPS funds have all but dried up, although some banker’s banks continue to offer TPS programs to their members.
Eliminating risk. These days, raising new capital can be a challenge. Many investors are justifiably circumspect, particularly when it comes to financial institutions. It may be more effective to look at strategies for reducing the need for capital. Here are a few possibilities:
Before you can identify capital planning strategies, you must evaluate your capital needs, and to do that you need to conduct a risk assessment. By understanding your risks, you can determine how much capital is required and, if appropriate, develop strategies for reducing your risks.
Assess risk in context
Your risk assessment should consider the six major risk areas outlined by the Federal Reserve’s banking risk framework: Credit, market, operational, liquidity, legal and reputational. You should evaluate these factors in the context of your current and planned business lines, products and services, banking functions and activities, and legal structure.
Regulators are also placing greater emphasis on stress testing and sensitivity analysis, which can help you predict the impact of potential economic changes on your bank’s financial condition.
Explore your options
This article lists several potential strategies for improving your bank’s capital position. The right strategies for your bank will depend on your particular circumstances. One thing is certain, though: Inaction is not an option. The banks that survive and thrive in the coming years will be those with a solid strategic plan that addresses their current and future capital needs.
As a byproduct of the current financial crisis, more people are keeping their money in savings accounts and other investments they consider “safe.” This presents an opportunity for financially sound banks to attract new deposits. And one way to spur deposit growth is to take advantage of the Internet and other technologies that encourage people to save and make it easier for them to make deposits with your bank.
But although online banking can be a great way to generate new business, it can also increase your bank’s exposure to fraud, identity theft, money laundering and other risks. Before you introduce online banking or add new services to your Web site, it’s critical to address security issues and to be sure that you have appropriate internal controls in place to minimize and monitor online risks.
Online tools to consider
There are many tools you can offer existing and new customers that make it easier for them to save. Examples include:
The key to all of these tools, of course, is convenience. The easier you make it to do business with your bank, the more likely you are to attract new business. But remember, when you make it easier for legitimate customers to do business with you, you also make it easier for fraudsters, identity thieves, money launderers and other criminals.
Risks to guard against
If you’re contemplating offering online banking or adding new features to your existing site, be sure to plan carefully and take steps to minimize security risks. According to a University of Michigan survey conducted last year, more than 75% of bank Web sites surveyed (including some of the country’s largest banks) had at least one design flaw that made customers vulnerable to cyber theft.
Common flaws included:
Most of these problems are easily solved by using the secure socket layer (SSL) protocol on pages that ask for sensitive information and making other relatively simple changes to a bank’s Web site.
If you offer online account opening, it’s critical to ensure that your customer identification procedures comply with BSA/AML requirements. Many banks have opted not to allow online account opening because of risk of noncompliance. Others permit customers to begin the process online but still require them to visit a branch or send in documents by mail to complete the transaction.
With the advent of digital signatures and other technologies for authenticating a customer’s identity online, online account opening is becoming safer and more prevalent.
Handle with care
In today’s competitive environment, banks need any edge they can get in the battle for customers. The convenience of online banking can provide a competitive advantage, but it’s important to take your time and be sure that you have the appropriate procedures, internal controls and security measures in place. Just one incident of fraud or identity theft can do irreparable damage to your bank’s reputation.
Articles from Spring 2009
The economic downturn has been hard on all businesses, including many community banks, so it’s important to explore all of the options available to improve your cash flow. One tool you should consider using is the cost segregation study — particularly if you plan to acquire new branches or other banking facilities, or if you’ve done so in the last few years.
Benefits of accelerated depreciation
Using engineering and tax accounting principles, a cost segregation study identifies building components that qualify for accelerated depreciation. This enables you to slash your tax bill or claim a refund for missed depreciation deductions in previous years.
Cost segregation studies are particularly valuable in the banking industry and yield a relatively high percentage of cost reallocations. That’s because bank buildings typically contain many components that could be properly classified as personal rather than real property. In addition to acquired buildings, these benefits also may be available for new construction or for substantial improvements to existing facilities.
Deconstructing your property
Generally, commercial real estate is depreciated over 39 years. The 39-year recovery period applies to real property, which includes buildings as well as structural components, such as walls, windows, ceilings and HVAC systems. The 39-year recovery period doesn’t apply, however, to personal property, such as furniture, computers, ATMs, copiers and communications equipment, which are generally depreciated over five or seven years.
Cost segregation studies focus on building components that appear, at first glance, to be real property, but are more accurately classified as personal property depreciable over five or seven years or as land improvements depreciable over 15 years. The IRS and the courts examine several factors to determine the proper classification of an item, including whether it’s affixed to the building or land and whether it’s intended to remain in place permanently. They also consider whether the item can be removed easily without damage and whether its function is more closely related to the operation of the building or the owner’s business activities.
The last factor is particularly relevant to banks. Bank buildings contain specialized structures and building components that are unique to providing banking services and, therefore, can often be classified as personal property. Examples include bank vault doors, bank record doors, night depository facilities, walk-up and drive-up teller’s windows, and pneumatic tube systems.
Other items that banks may be able to classify as personal property, but that aren’t limited to the banking industry, include:
Land improvements depreciable over 15 years might include items such as parking lots, sidewalks, exterior lighting, fences, gates and signs affixed to the land.
Capturing the benefits
The benefits of a cost segregation study can be substantial. Although every bank is different, an often-cited rule of thumb says that for each $100,000 of assets reclassified from 39-year property to five-year property, your bank could enjoy a net present value savings of about $22,000 (assuming an 8% discount rate and a 40% marginal tax rate). For an example of the potential benefits, see “Savings you can depreciate,” on page ___.
If you conduct a cost segregation study in connection with the acquisition of a branch or other property, you can claim the benefits of accelerated depreciation beginning with your tax return for the year you acquire the property. If you use a cost segregation study to support accelerated depreciation for prior years, you’ll need to apply for a change in accounting method under the IRS’s automatic consent procedures. In most cases, you can claim the missed depreciation deductions on the current year’s income tax return without the need to amend your previous returns.
Boosting your cash flow
Any time your bank acquires, constructs or substantially renovates a building, consider conducting a cost segregation study. By allocating the maximum cost permissible to assets with shorter useful lives, you can increase your depreciation deductions, reduce your tax bill and give your cash flow a much-needed boost.
[Sidebar]
Savings you can depreciate
Suppose a bank acquires a branch for $10 million in June 2009. The bank conducts a cost segregation study on the facility and, as a result, allocates $1.5 million of the purchase price to five-year property, $500,000 to seven-year property and $1 million to 15-year property.
The chart below shows how shifting costs to assets with shorter recovery periods generates almost $380,000 in additional depreciation deductions in the first year alone.
Without cost segregation With cost segregation
Asset class |
Cost |
1st-year depr. |
Cost |
1st-year depr. |
39 years |
$10,000,000 |
$139,100 |
$7,000,000 |
$97,370 |
15 years |
$0 |
$0 |
$1,000,000 |
$50,000 |
7 years |
$0 |
$0 |
$500,000 |
$71,450 |
5 years |
$0 |
$0 |
$1,500,000 |
$300,000 |
Total |
$10,000,000 |
$139,100 |
$10,000,000 |
$518,820 |
Source: IRS Publication 946, How to Depreciate Property, Tables A-1 and A-7a
By conducting a cost segregation study, the bank generates an additional $379,720 in first-year depreciation deductions ($518,820 - $139,100). Assuming a combined marginal tax rate of 40%, this translates into first-year tax savings of $151,888 ($379,720 x .40).
The economic downturn has been hard on all businesses, including many community banks, so it’s important to explore all of the options available to improve your cash flow. One tool you should consider using is the cost segregation study — particularly if you plan to acquire new branches or other banking facilities, or if you’ve done so in the last few years.
Benefits of accelerated depreciation
Using engineering and tax accounting principles, a cost segregation study identifies building components that qualify for accelerated depreciation. This enables you to slash your tax bill or claim a refund for missed depreciation deductions in previous years.
Cost segregation studies are particularly valuable in the banking industry and yield a relatively high percentage of cost reallocations. That’s because bank buildings typically contain many components that could be properly classified as personal rather than real property. In addition to acquired buildings, these benefits also may be available for new construction or for substantial improvements to existing facilities.
Deconstructing your property
Generally, commercial real estate is depreciated over 39 years. The 39-year recovery period applies to real property, which includes buildings as well as structural components, such as walls, windows, ceilings and HVAC systems. The 39-year recovery period doesn’t apply, however, to personal property, such as furniture, computers, ATMs, copiers and communications equipment, which are generally depreciated over five or seven years.
Cost segregation studies focus on building components that appear, at first glance, to be real property, but are more accurately classified as personal property depreciable over five or seven years or as land improvements depreciable over 15 years. The IRS and the courts examine several factors to determine the proper classification of an item, including whether it’s affixed to the building or land and whether it’s intended to remain in place permanently. They also consider whether the item can be removed easily without damage and whether its function is more closely related to the operation of the building or the owner’s business activities.
The last factor is particularly relevant to banks. Bank buildings contain specialized structures and building components that are unique to providing banking services and, therefore, can often be classified as personal property. Examples include bank vault doors, bank record doors, night depository facilities, walk-up and drive-up teller’s windows, and pneumatic tube systems.
Other items that banks may be able to classify as personal property, but that aren’t limited to the banking industry, include:
Land improvements depreciable over 15 years might include items such as parking lots, sidewalks, exterior lighting, fences, gates and signs affixed to the land.
Capturing the benefits
The benefits of a cost segregation study can be substantial. Although every bank is different, as a rule of thumb, for each $100,000 of assets reclassified from 39-year property to five-year property, your bank could enjoy a net present value savings of about $17,000 (assuming a 4% discount rate and a 40% marginal tax rate). For an example of the potential benefits, see “Savings you can depreciate,” on page ___.
If you conduct a cost segregation study in connection with the acquisition of a branch or other property, you can claim the benefits of accelerated depreciation beginning with your tax return for the year you acquire the property. If you use a cost segregation study to support accelerated depreciation for prior years, you’ll need to apply for a change in accounting method under the IRS’s automatic consent procedures. In most cases, you can claim the missed depreciation deductions on the current year’s income tax return without the need to amend your previous returns.
Boosting your cash flow
Any time your bank acquires, constructs or substantially renovates a building, consider conducting a cost segregation study. By allocating the maximum cost permissible to assets with shorter useful lives, you can increase your depreciation deductions, reduce your tax bill and give your cash flow a much-needed boost.
[Sidebar]
Savings you can depreciate
Suppose a bank acquires a branch for $10 million in June 2009. The bank conducts a cost segregation study on the facility and, as a result, allocates $1.5 million of the purchase price to five-year property, $500,000 to seven-year property and $1 million to 15-year property.
The chart below shows how shifting costs to assets with shorter recovery periods generates almost $380,000 in additional depreciation deductions in the first year alone.
Without cost segregation With cost segregation
Asset class |
Cost |
1st-year depr. |
Cost |
1st-year depr. |
39 years |
$10,000,000 |
$139,100 |
$7,000,000 |
$97,370 |
15 years |
$0 |
$0 |
$1,000,000 |
$50,000 |
7 years |
$0 |
$0 |
$500,000 |
$71,450 |
5 years |
$0 |
$0 |
$1,500,000 |
$300,000 |
Total |
$10,000,000 |
$139,100 |
$10,000,000 |
$518,820 |
Source: IRS Publication 946, How to Depreciate Property, Tables A-1 and A-7a
By conducting a cost segregation study, the bank generates an additional $379,720 in first-year depreciation deductions ($518,820 - $139,100). Assuming a combined marginal tax rate of 40%, this translates into first-year tax savings of $151,888 ($379,720 x .40).
Headlines about the financial crisis tend to focus on the subprime mortgage collapse, but the impact of the crisis on the banking industry has spread well beyond residential lending. The biggest area of concern is commercial real estate (CRE) lending.
Many community banks have high concentrations of CRE loans in their portfolios, so it’s critical that you assess your risk exposure in connection with these loans and take steps to manage that risk.
The next crisis?
The next crisis in the banking industry is likely to involve CRE lending. Although construction and development loans for residential housing projects present the biggest risks, the current economic recession and credit crunch are affecting all types of commercial real estate.
Ironically, the very trend that shielded most community banks from the subprime meltdown also increased their exposure to CRE risk. When large financial institutions began to corner the market on residential loans, community banks turned their attention to CRE lending. As a result, according to the Office of the Comptroller of the Currency (OCC), by 2008, the average concentration of CRE loans at community banks reached approximately 285% of capital, nearly twice as high as it was only six years earlier.
Regulatory concern
Even before the subprime mortgage meltdown, banking regulators had expressed concern about the risks associated with high CRE concentrations. In 2006, for example, the FDIC, OCC and Federal Reserve published interagency guidance on Concentrations in Commercial Real Estate Lending, Sound Risk Management Practices.
Regulators were concerned not only with banks’ heightened risk exposure in the event of an economic downturn, but also with the fact that many banks had relaxed their underwriting standards to compete for CRE loans. The guidance focused on banks in which:
1. Total reported loans for construction, land development and other land represent 100% or more of total capital, or
2. Total CRE loans represent 300% or more of total capital and the outstanding balance of their CRE loan portfolio has increased by 50% or more during the previous 36 months.
Regulatory scrutiny isn’t limited to banks that exceed these thresholds, though. Any institution that has experienced rapid growth in CRE lending, or exhibits “notable exposure” to certain types of CRE, may be targeted.
What’s your stress level?
Recently, the OCC broke down community banks into three groups according to their level of exposure to weak CRE loans, and is closely watching the group with the greatest perceived CRE risk. Banks in this group are expected to establish a solid plan for assessing and managing their risk. Regulators also want to see banks stress test their portfolios and make necessary adjustments, such as reducing their concentration of CRE loans, tightening underwriting standards for new loans, increasing loan loss reserves, or boosting capital.
The interagency guidance urges banks to develop risk management programs that include these key elements:
Regulators are particularly concerned about the last element. Stress testing uses financial modeling and other techniques to estimate the impact on a bank of certain stresses or “shocks.” What would happen, for example, if interest rates go up (or down) by 2%? What would happen if vacancy rates rise or construction costs increase by various amounts? For more information on regulatory concerns, see the FDIC Web site at http://www.fdic.gov/news/news/financial/2008/fil08022.html#body.
What works
The key to effective stress testing is to create models that go beyond individual stress factors and examine the potential impact of various combinations of influences. Once you understand your portfolio’s ability to withstand these stresses, you can identify risk mitigation strategies that will help cushion the blow. These include adjusting capital allocation levels, reducing your concentration of high-risk loans and beefing up your underwriting standards.
Unfortunately, many community banks fail to give stress testing the attention it deserves. In testimony last year before the Senate Committee on Banking, Housing and Urban Affairs, Comptroller of the Currency John Dugan expressed concern about inadequate stress testing by banks. Dugan observed that “despite our previous guidance, a number of banks with CRE concentrations have not extended their stress testing of income-producing properties beyond interest rates to other business variables that affect risk, such as vacancy rates, lease rates, and expense scenarios.” [The following sentence can cut for space.] He also emphasized that stress testing should be done periodically throughout the loan’s life — not just at the time the loan is made — because the potential for rapid deterioration is so great.
Why banks shy away
One possible reason that community banks have been slow to implement stress testing is the misconception that it requires highly sophisticated — and, therefore, expensive — financial models. But depending on your bank’s particular risk profile, it may be sufficient to develop a few simple “what if” scenarios that stress two or three variables. You can use these scenarios to test individual loans or groups of loans.
The right strategy for your bank depends on its size, resources, and the nature and complexity of its CRE activities. The prescribed level of stress testing is driven by a variety of factors, including the extent to which your CRE portfolio is diversified and the level of exposure, in terms of dollars, of various portfolio segments.
As you review your CRE activities, ask what factors might cause borrowers to default on their loans. Then design a stress-testing program that focuses on those factors. Keep in mind that in evaluating your stress-testing program, regulators will consider your bank’s resources. If your resources are limited, it may be acceptable to concentrate your efforts on the areas where you’re most vulnerable.
Averting a crisis
One reason that the residential mortgage crisis has been so severe is that many financial institutions, lawmakers and even regulators ignored or at least downplayed the warning signs until it was too late. By evaluating and managing their risks, community banks have an opportunity to avert — or at least mitigate — a similar crisis in the CRE industry.
Articles from Fall 2008
Concerned that rising concentrations of commercial real estate (CRE) loans exposed banks to unanticipated earnings and capital volatility in the event of an economic downturn, several banking agencies took note. They also observed that some institutions had relaxed their underwriting standards to compete for CRE loans.
So late last year, the FDIC, the Office of the Comptroller of the Currency (OCC) and Federal Reserve issued interagency guidance: Concentrations in Commercial Real Estate Lending, Sound Risk Management Practices. The Office of Thrift Supervision (OTS) published similar guidance with slightly less restrictive criteria. [Tim: Do we need to spell OCC and OTS out or can we use the acronym only?]
In light of the new guidance, all community banks involved in this type of lending should conduct a risk assessment to identify CRE concentrations and evaluate the adequacy of their risk management practices and capital levels.
Lending criteria
Under the guidance, CRE loans include:
• Land development and construction loans (including one- and four-family residential and commercial construction loans) and other land loans,
• Loans secured by multifamily property and nonfarm, nonresidential property where the primary source of repayment is rental income, and
• Loans to real estate investment trusts (REITs) and unsecured loans to developers, if their performance is closely linked to the performance of the CRE market.
Loans secured by nonfarm, nonresidential properties, where the primary source of repayment is cash flow from operations, do not apply.
The guidance sets out certain criteria for identifying institutions that may be exposed to significant CRE risk. They include banks that have experienced rapid growth in CRE lending or have a “notable exposure” to specific types of CRE. They also include institutions whose CRE concentrations are approaching or exceed the following levels:
1. Total reported loans for construction, land development and other land represent 100% or more of total capital, or
2. Total CRE loans represent 300% or more of total capital and the outstanding balance of the institution’s CRE loan portfolio has increased by 50% or more during the previous 36 months.
In a departure from the other agencies’ guidelines, the OTS didn’t include percentage-of-capital criteria. Thrifts, however, are already legally prohibited from maintaining a CRE portfolio that exceeds 400% of capital.
No cap on CRE lending
When the banking agencies issued their proposed guidance in early 2006, many in the banking industry feared that the guidance would impose a cap on CRE lending activity. The final guidance, recognizing that different types of CRE lending involve different levels of risk, emphasizes that the “criteria do not constitute limits on an institution’s lending activity but rather serve as high-level indicators to identify institutions potentially exposed to CRE concentration risk.”
At the same time, the criteria do not establish a safe harbor. Institutions that fall within the levels specified in the guidance may still be subject to heightened regulatory scrutiny if other risk factors are present. [Dan: Please mention a couple of the “other risk factors” mentioned here.]
What you should do
The guidance advises banks to conduct ongoing assessments of their CRE concentration risk and to develop risk management procedures and controls that are appropriate for their risk profiles. [Dan: What are a couple of risk management procedures and controls that all community banks should be implementing?]
The guidance also outlines key elements of a risk management program, which include:
• Board and management oversight,
• Portfolio management,
• Management information systems,
• Market analysis,
• Credit underwriting standards, and
• Portfolio stress testing and sensitivity analysis.
Your community bank should be prepared to demonstrate to regulators that it has sufficient capital in light of the level and nature of the risks to which it’s exposed. If your institution’s capital is inadequate to “serve as a buffer against unexpected losses from a CRE concentration,” you should develop a plan for reducing your CRE concentrations or maintaining appropriate capital levels.
Regular assessment always key
No matter what type of loans your community bank offers, it should regularly conduct a risk assessment. By doing so, you can help ensure that your bank is operating with as little risk and as profitability as possible.
SIDEBAR
OCC sheds light on predatory lending practices
In recent years, rising foreclosure rates for subprime mortgages have led many groups [Dan: Which groups?] to call for increased regulation of so-called “predatory” lending practices. Examples include:
• Excessively high interest rates, points or fees,
• Balloon payments,
• Long prepayment penalty periods, and
• Loans based on a borrower’s asset values rather than ability to repay.
Last year, the Office of the Comptroller of the Currency (OCC) published the economics working paper “Foreclosures of Subprime Mortgages in Chicago: Analyzing the Role of Predatory Lending Practices.” The paper examined the impact of two of these practices — long prepayment penalty periods and balloon payments — on the probability of foreclosure on subprime mortgages. It also looked at how foreclosure rates were affected by low- and no-documentation [Dan: Should “loans” be added here?] combined with a long prepayment-penalty period and balloon payments.
The OCC’s findings indicated “the relationship between predatory lending practices and foreclosure rates is more complicated than the arguments for restricting their use suggest.” For example, the effect of a particular loan feature varies dramatically depending on the type of mortgage, the characteristics of the lender and borrower, and other factors.
Rather than prohibiting specific lending practices, the report suggested it may be more effective for lenders to “review and tighten loan underwriting and pricing procedures to ensure that borrowers’ abilities to repay their loans are fully reflected in lending decisions and terms.”
Online banking has exploded over the last several years. Not only does it offer customers the convenience of managing their finances from virtually anywhere in the world, but it also enables community banks to extend their marketing efforts well beyond the geographical reach of their brick-and-mortar locations.
Although an increasing number of community banks are letting customers access and manage their accounts via the Internet, they have been slower to embrace online account opening. But allowing a customer to open an account online reduces a bank’s costs by $50 over the traditional, paper-based approach, according to the Aite Group, a financial services consultant. [Dan: Please provide the source for this. Andrea: Is mentioning this group going to be problematic for our customers?]
Suppose that your community bank has a total of 500,000 accounts and opens 50,000 new accounts each year. If just 3% of those new accounts were opened online, your bank would save $75,000 per year. Increase the conversion rate to 20% and the savings jumps to $500,000 annually.
Unfortunately, there’s a downside: “As banks venture into opening accounts online and providing online account access, it becomes increasingly difficult to verify customer identification. The move away from face-to-face account opening and account access creates opportunities for fraud and identity theft,” according to the Treasury Department’s U.S. Money Laundering Threat Assessment, released last year.
As you evaluate the potential cost savings and other benefits of allowing customers to open accounts online, consider the potential cost and risk on your customer identification program (CIP). Some community banks continue to require online applicants to print, sign and mail account documents. Others are minimizing their risks by limiting online account opening to money market certificates and CDs — but not offering it for checking accounts.
As digital signatures and other technologies make it easier and less expensive to identify customers in cyberspace, community banks will become more comfortable with the process and online account opening should take off. [Will delete this paragraph if work count is high.]
In keeping with its move toward fair value accounting, The Financial Accounting Standards Board’s (FASB) purpose in issuing Statement of Financial Accounting Standards (FAS) 159, The Fair Value Option for Financial Assets and Financial Liabilities was to give companies the option to measure certain financial instruments at fair value. The new standard takes effect for fiscal years beginning after Nov. 15, 2007, but early adoption was permitted.
But some banks and other businesses believe that the standard also provides an opportunity to restructure their investment portfolios without an adverse impact on their earnings. Is this appropriate for your community bank? It may not be, according to the SEC and the Center for Audit Quality.
No free pass
FAS 159’s stated objective is to “improve financial reporting by providing entities with the opportunity to mitigate volatility in reported earnings caused by measuring related assets and liabilities differently without having to apply complex hedge accounting provisions.” Eligible financial instruments include held-to-maturity (HTM) and available-for-sale (AFS) investment securities and certain debt obligations.
The statement’s transition rules provide institutions with a one-time opportunity, upon adoption of the standard, to elect the fair value option for eligible items that exist on that date. When these assets or liabilities are remeasured at fair value, the resulting gain or loss does not affect the institution’s earnings. Rather, it’s recorded in the equity section of the financial statements as a cumulative-effect adjustment to the opening balance of retained earnings.
When FAS 159 was first announced, some institutions viewed the transition rule as a “free pass” to restructure their investment portfolios without taking an earnings hit. In April, however, the Center for Audit Quality, after consulting with the SEC, circulated CAQ Alert 2007-14, which addressed the free-pass strategy. Although the Alert focuses on early adoption of the standard (for which the deadline has now passed), its reasoning applies to adoptions on or after the effective date as well.
The Alert notes that FAS 159 “clearly articulates the principles and objectives of the standard” and that “[p]rinciples-based standards should be applied in a good faith manner consistent with those objectives and principles.”
The CAQ offers the example of an entity that adopts FAS 159 and elects the fair value option for certain “underwater” HTM and AFS investment securities and certain financial liabilities. Shortly thereafter, the entity disposes of the investment securities and settles the liabilities, but it does not elect the fair value option for newly purchased securities and newly issued liability instruments.
According to the Alert, “[T]he totality of these actions appears to indicate that the entity has little or no intent to utilize the fair value option as a measurement attribute with respect to these classes of financial assets and liabilities on a go forward basis, contrary to the principles and objectives outlined in FAS 159.” Under these circumstances, the company’s strategy would not be considered a proper application of the standard.
In less obvious situations, your community bank and auditors should “use professional
judgment when considering whether a purported adoption of FAS 159 is substantive based on the specific facts and circumstances.” The Alert outlines several factors to consider in making this determination. [Dan: Let’s discuss a few of the factors here.]
Principles rule
The fair value option may offer legitimate financial benefits for many institutions, including your community bank. But before adopting FAS 159, carefully consider whether your proposed application of its provisions is consistent with the standard’s principles and objectives.
Over the last several years, there’s been a significant upswing in the number of start-up banks, commonly known as “de novo” banks. Between 2001 and 2005, 600 new banks opened their doors, with 185 new charters in 2006, the most since 2000, according to America’s Community Bankers. [Dan: Do we need to mention in the ACB stat that we’re including special purpose charters and new banks formed by established bank holding companies?]
Forming a de novo bank can be a profitable endeavor. but successful start-ups also involve some challenges. To ensure your de novo bank is profitable, you’ll need to understand the competitive pressures and best practices.
Follow the market
There are several explanations for the recent de novo boom. For one thing, consolidation in the banking industry has left behind talented, experienced bank executives looking for new opportunities. For those with an entrepreneurial bent, starting a new bank may have a certain romantic appeal.
Also, in many parts of the country, big bank mergers have created a void for small business owners and other customers who may find it more difficult to obtain credit from a larger institution or who are simply looking for banking services with a more personal touch.
At the same time, an abundance of capital has been available from private equity funds and other investors attracted by the banking industry’s strong performance. Industry data shows that very few de novo banks fail and most enjoy rapid growth. On average, they become profitable in their second year of operation, though profit levels tend to be lower than established banks. [Dan: What’s your source here?]
Consider competitive pressure
Despite the ready supply of capital and the strong track record of de novo banks during the first part of this decade, the decision to start a new bank is a difficult one. Current economic conditions, including a languishing real estate market, are making it tougher for all banks — mature and new — to compete. And the flattening yield curve has a bigger impact on de novo banks, which typically derive a significant portion of their income from the interest-rate spread.
Several other factors are also intensifying the competitive pressure on de novo banks. For example, many large banks have improved customer service by implementing sophisticated customer relationship management (CRM) systems and by giving their branches more local decision-making authority. Both of these strategies cut into the competitive edge community banks have traditionally enjoyed in the customer service area.
Plus, soaring regulatory costs and a shortage of qualified employees are making it more difficult to get a new bank off the ground.
Plan for success
Starting a de novo bank can be a good opportunity. But, like any business venture, thorough planning is critical. Here are several tips to help you improve your chance of success when opening a new bank:
Have a solid business plan. A well-thought-out business plan not only helps define your objectives and strategies, but it also expedites the charter application process. Federal banking regulators, for example, want to see a three-year plan that demonstrates the bank “has a reasonable chance for success, will operate in a safe and sound manner, and will have adequate capital to support the risk profile.” [Dan: Please provide source for this quote.]
Set yourself apart. One of the keys to a de novo bank’s success is to take advantage of the opportunities created by the big bank mergers. To attract customers who are seeking an alternative to the megabanks, a de novo bank must differentiate itself from the competition.
Strategies for achieving this objective include delivering superior customer service, giving customers personal access to decision makers and providing added value by catering to the needs of specific customer segments, such as small businesses or underserved ethnic or community groups. [Dan: Isn’t this pretty much the same way that community banks differentiate themselves from the rest?] At the same time, it’s important not to target a particular niche at the expense of other customers.
Involve the right people. The success of a de novo bank hinges on recruiting a talented board and management team that can turn the bank’s business plan into reality, attract investors and inspire confidence in banking regulators.
It’s also important to choose your investors carefully. A local investor base can be an invaluable asset because shareholders typically become customers as well.
Get help. Securing a state or federal charter is a complex, time-consuming process. Choosing advisors with banking experience and established relationships with regulators can expedite the application process, allowing the bank to open its doors more quickly.
Don’t overlook technology. Part of delivering exceptional customer service is providing the sophisticated technology that banking customers have grown to expect, such as ATMs, remote deposit capture systems, online banking and bill-paying services. Technology issues should be addressed early and incorporated into the business plan.
Take your time
Forming a de novo bank can be rewarding — both personally and financially. But in the competitive, highly regulated banking industry, the path to success could take time to achieve. But with the right plan and advisors, you can expedite the process and improve your chances of success.
Is your bank’s board of directors active in compliance? [Dan: Please provide a brief sentence on why it’s important for the board to be active in compliance?]
To help officers and directors understand their respective compliance responsibilities, the Office of Thrift Supervision (OTS) updated its Directors’ Responsibility Guide late last year. Other federal banking agencies have also published guidance for bank directors, but the OTS guide is the most up-to-date. The FDIC’s Pocket Guide for Directors was last updated in 2003 and the most recent version of the Office of the Comptroller of the Currency (OCC) Director’s Book dates back to 1997.
All financial institutions — regardless of their regulatory agencies — should review the OTS guide because it reveals regulators’ current thinking on the board’s role.
Personal liability
One of the most important features in the updated OTS guide is a new section on statutory and regulatory liability, which states that directors must ensure that the organization complies with all applicable laws. A director may be held personally liable or exposed to monetary penalties if he or she “violates any banking law or regulation, engages in an unsafe or unsound banking practice, breaches a fiduciary duty, or knowingly allows another to do so ... ”
An appendix to the guide lists key statutes, regulations and policies, and outlines the directors’ responsibilities for each. With real estate lending standards, for example, the guide states that “Directors must, at least annually, review and approve lending policies for extensions of credit secured by real estate. Such lending policies should reflect risk levels that are acceptable to the board and provide clear and measurable underwriting standards.”
Compliance procedures
The board of directors must also approve a Bank Secrecy Act (BSA) compliance program. One of the policies listed in the guide is the OTS’s SMAART compliance examination procedures, which evaluate the following components of a good compliance program: Systems, Monitoring, Assessment, Accountability, Response, and Training.
The policy requires directors to “adopt and maintain a comprehensive compliance management program predicated on systems, real-time monitoring, periodic self-assessment, organizational accountability, responsiveness to needed improvements, and effective training.”
Red flags
The OTS also updated its Directors’ Guide to Management Reports, which provides a nonexclusive list of reports that may assist directors in making informed decisions regarding the institution’s performance and compliance with applicable laws. For each type of report, the guide also lists potential red flags that may signal a problem or call for further inquiry.
For example, in regulatory compliance reports dealing with BSA and anti-money laundering (AML) requirements, warning signs include:
• Lack of an independent audit to test for BSA/AML compliance,
• No individual is responsible for coordinating and monitoring compliance with BSA, AML and Office of Foreign Assets Control (OFAC) regulations,
• No written BSA compliance program,
• No written policies and procedures on customer identification,
• A number of identified high-risk customers or products, and
• Frequent international wire transfers.
Inadequate training of personnel on BSA/AML/OFAC is another key indicator.
[Dan: Great examples to include here! Please remember to have a closing sentence. We don’t like to leave bullets hanging if they are the last text before a new section.]
Get directors involved
The updated OTS guide is a valuable resource that community banks can use to clarify the respective roles and responsibilities of officers and directors. Be sure to review it to help protect your directors against personal liability.
Articles for Summer 2008
Paper is so last century. The days when businesses worried about where they would store their records are over. Today, it’s estimated that more than 90% of all business records are created in electronic form, and most of those are never printed at all. The truly “paperless” office is not yet a reality, but we certainly seem to be heading in that direction. A comprehensive records management policy, therefore, is more important than ever before.
Do you know where your records are?
Banks are subject to complex record retention requirements imposed by regulators and federal and state laws. Under the E-SIGN Act of 2000, electronic records now satisfy most of these requirements, provided they are:
• Retained in a form that accurately reflects the information they contain,
• Accessible to anyone entitled to access for the legally prescribed period, and
• In a form that allows the records to be accurately reproduced.
As the Office of the Comptroller of the Currency (OCC) noted in a 2004 advisory letter, “banks will need to carefully plan their implementation and operation of these electronic record retention systems to ensure they meet functional and regulatory requirements.” According to the OCC, a system should serve for potential use in litigation, internal and external audits and controls, bank supervision, and compliance with regulatory requirements.
Why is a record management policy essential?
An electronic records management policy is essential to ensure that records supporting these functions are accurate and readily accessible. In addition, recent amendments to the Federal Rules of Civil Procedure (the “Federal Rules”) enhance management’s responsibility for handling electronic records properly (see “Are you ready for e-discovery?” on page X).
One of the most important issues your policy should address is where records should — and should not — be stored. Electronic documents can be copied easily and kept in many places, including network servers, individual hard drives, employees’ personal computers and a variety of portable media, such as CD-ROMs, DVDs, and finger-size flash drives.
Today, an estimated 80% of business communications are conducted by e-mail. Your bank’s policy should address not only storage and archiving of important business e-mails, but also the creation of their content. It should provide employees with guidance on appropriate and inappropriate uses of business e-mail. The policy should also advise on the risks involved with potentially offensive or embarrassing communications.
Your policy should require employees to save documents on shared servers and prohibit them from saving or archiving documents on individual hard drives or portable media. These requirements enable you to retrieve documents quickly, facilitate the backup process and secure documents against unauthorized access and tampering.
What’s your retention span?
Your bank should have a comprehensive record retention policy that encompasses both electronic and paper documents. The length of time you’re required to keep various documents is based on their content, not their format. A policy of deleting all e-mails after 60 days, for example, is likely to violate your record retention obligations. Software is available that enables employees to categorize electronic records when they’re created or received.
Some organizations simply keep everything forever (or at least indefinitely). That way, there’s no risk of deleting something important. But this “pack rat” approach carries its own risks. As your servers become cluttered with irrelevant or unneeded documents, it becomes more difficult, time-consuming and expensive to locate and retrieve the documents you need.
The better approach is to delete irrelevant records immediately and to purge other records, according to your retention schedule, when they’re no longer required for legal or business purposes.
What about litigation?
Your policy should set procedures for placing a “litigation hold” on the destruction of documents likely to be discoverable in pending or imminent litigation. Failure to preserve relevant documents can result in sanctions or, worse, an “adverse inference” instruction by the court that allows the jury to assume that missing documents contained damaging evidence.
It’s critical to put your document retention and destruction policies into practice and follow them diligently. The Federal Rules protect parties against sanctions if a document is “lost as a result of the routine, good-faith operation of an electronic information system.” But it’s difficult to claim this protection if you delete documents selectively or haphazardly.
What’s the role of backup?
Every bank should have a backup system in place to restore vital electronic records and other data in the event of a disaster. But the system should only be used for disaster recovery, and you should retain backup tapes or other media only as long as they’re needed for that purpose.
Retrieving individual records from backup media is expensive. The Federal Rules recognize this, providing parties with limited protection against discovery of documents that aren’t “readily accessible.” But it’s difficult to argue that information on backup media isn’t readily accessible if your bank routinely uses it to retrieve inadvertently deleted documents.
Put it on the record
Developing a policy for electronic records management provides your bank with many benefits. Not only does it help you comply with record retention requirements, but it also ensures that critical documents are readily available for decision-making or for use in an examination or in litigation.
Of course, a policy by itself isn’t worth the paper it’s printed on — if it’s printed at all. It must also be communicated to everyone in the organization, and employees should receive regular training on handling electronic records.
[Sidebar]
Are you ready for e-discovery?
The electronic discovery or “e-discovery” amendments to the Federal Rules of Civil Procedure took effect in late 2006. Recognizing the widespread use of electronic records, the amendments create a framework for dealing with the discovery and production of electronic records.
The amendments apply to electronically stored information (ESI) — virtually any information stored in an electronic rather than paper format. Examples include e-mails, word processing files, spreadsheets, databases, image files and even voice-mail messages or other audio files.
Among other things, the amendments:
• Provide for e-discovery issues to be addressed early in the litigation.
• Protect parties against automatic disclosure of electronic records that aren’t readily accessible (on backup tapes, for example) or would be unduly burdensome or expensive to produce. A court may compel production for good cause, but may impose limits or require the requesting party to bear some of the expense.
• Address the format in which electronic records should be produced —typically, the format in which they’re ordinarily maintained or some other “reasonably usable” format.
• Establish procedures for dealing with inadvertent disclosure of privileged information.
• Protect parties against court sanctions.
As part of its march toward fair value accounting, the Financial Accounting Standards Board (FASB) recently finalized two important standards — FAS 157 (Fair Value Measurements) and FAS 159 (The Fair Value Option for Financial Assets and Financial Liabilities). Both apply to fiscal years starting after Nov. 15, 2007.
FAS 157 deals with the “how” of fair value accounting, creating a uniform definition of fair value and expanding disclosures of fair value measurements. FAS 159, the focus of this article, addresses the “what,” giving organizations the option to measure certain financial instruments at fair value.
The new rules
The FASB’s objective in adopting FAS 159 was to improve financial reporting by giving entities an opportunity to mitigate the earnings volatility that can result when related assets and liabilities are measured differently. By allowing organizations to elect fair value treatment for certain financial instruments, FAS 159 provides some of the benefits of hedge accounting without the complexity.
A bank, for example, might match the accounting treatment of mortgage loans held for sale (measured at the lower of cost or market under current standards) with related commitments to sell those loans (currently measured at fair value).
FASB stopped short of requiring fair value accounting. Not only is fair value treatment optional, but entities have the discretion to elect it on an instrument-by instrument basis (with certain exceptions). As with other principles-based accounting standards, however, organizations are expected to use FAS 159 to improve their financial reporting and not merely to achieve a particular accounting result.
Standard applications
FAS 159 applies to a variety of items, including loans receivable and payable, investments in equity securities, written loan commitments, rights and obligations under insurance and warranty contracts, and firm commitments involving financial instruments It also lists several items that are ineligible for the fair value option, including demand deposit liabilities, investments in subsidiaries an entity is required to consolidate, financial assets and liabilities recognized under leases, and obligations related to pensions and other retirement benefit plans.
A transitional rule allows organizations to elect the fair value option for eligible items that exist on the date the standard is adopted without affecting earnings (changes are reported in stockholders’ equity). Once the election is made for a particular instrument, however, it is irrevocable. In future reporting periods, the organization marks the instrument to fair value and records adjustments in the income statement.
Reading between the lines
FAS 159’s objectives of improved reporting and increased flexibility come at the expense of consistency. Some organizations will adopt the fair value option; others won’t. And some organizations will apply the standard inconsistently within their own financial statements.
To help financial statement users read between the lines, FAS 159 requires several detailed financial statement disclosures. The purpose of the disclosures is to:
• Spell out the reasons for electing or partially electing the fair value option,
• Show how changes in fair value affect earnings, and
• Provide the same information about certain items (such as equity investments and nonperforming loans) that would have been disclosed absent the election.
Finally, disclosures must explain the differences between fair values and contractual cash flows for certain items.
Weigh your options
It’s important to become familiar with FAS 159 for a couple reasons. It may provide an opportunity to improve your bank’s financial reporting. Also, an understanding of FAS 159’s requirements will help you interpret and compare the financial statements you receive from your customers.
Community banks are exposed to a variety of risks, including credit, market, liquidity, trading and operational. A key responsibility of bank directors and senior management is to understand, monitor and manage this quintet of financial dangers. One component of market risk in particular can have a profound impact on a bank’s financial condition and performance: interest rate risk.
Going to the source
Interest rate risk (IRR) can be defined as the degree to which changes in interest rates can adversely affect an institution’s earnings or economic capital. The primary sources of IRR are:
Repricing risk. Floating-rate instruments are “repriced” — that is, their interest rates are adjusted — at specified frequencies. Fixed-rate instruments, by definition, do not reprice until they mature or are called. Repricing risk results when a bank’s assets and liabilities reprice or mature at different times.
Suppose a bank funds a five-year fixed-rate loan at 7% with a one-year CD at 3%. If the CD rate goes up to 4% in year two, the bank’s net interest margin shrinks from 4% to 3%. On the other hand, if CD interest drops to 2%, the net interest margin jumps to 5%. This example illustrates how increased risk also boosts potential rewards.
Option risk. Many bank assets and liabilities contain embedded options, such as the right to prepay a loan or withdraw deposits early with little or no penalty. The bank is compensated for this flexibility in the form of higher interest rates on loans or lower interest rates on deposits. But these options also create risk.
If interest rates go up, deposit holders will likely want to move their funds into higher-yielding investments. If rates go down, borrowers will have an incentive to refinance their loans at a lower rate.
Basis risk. Even when assets and liabilities reprice or mature at similar intervals, changes in their interest rates don’t necessarily correlate to market rate changes. For example, if an asset and related liability are tied to different short-term market indexes that react differently to market changes, the spread between the two may fluctuate, creating basis risk.
Yield curve risk. This risk is derived from the relative impact of market rate changes from yields on similar instruments with different maturities. In a “normal” yield curve, yields increase as maturities rise. If a bank funds long-term loans with short-term deposits, its net interest income can be measured by the spread between the two ends of the yield curve. But if market changes cause the yield curve to flatten or become inverted, a bank’s margins can shrink or even turn into losses.
Assessing your exposure
Most banks use financial modeling to measure and monitor their exposure to IRR. One modeling technique is gap analysis, which looks at the “gap” between the value of assets that mature or reprice during a particular time period and the value of the liabilities that mature or reprice during the same period.
A positive gap (asset values exceed liability values) means the bank’s net interest income moves in the same direction as interest rates, while a negative gap means the opposite. Gap analysis provides a simple tool for measuring repricing risk, but it doesn’t measure other types of IRR.
Earnings at risk (EAR) is another type of modeling for analyzing IRR risk. These models, which can be complex, project the impact of various interest rate scenarios on earnings over a relatively short time horizon (typically one or two years). They reflect repricing, yield curve and basis risk, over a short time horizon.
Finally, economic value of equity (EVE) models are based on the present value of expected cash flows from a bank’s assets and liabilities. Unlike the above models, EVE measures long-term IRR and looks at the impact of interest rate changes on capital rather than earnings. Also, it measures all four types of IRR.
Each model has its strengths and weaknesses. A blended approach using several models can be the most effective way to develop a complete picture of your bank’s risk.
Managing your risk
Once you understand the sources and magnitude of your bank’s IRR, you can take steps to reduce risks that are unacceptably high. Possible strategies include:
• Restructuring your investment portfolio,
• Fine-tuning your assets and liabilities to ensure the right mix of rates and maturities,
• Alleviating option risk by controlling the terms of loans and deposits, and
• Hedging strategies, such as derivatives or interest rate swaps.
The right approach depends on your bank’s capital structure, risk tolerance and other characteristics.
Risk is right
Risk isn’t a bad thing; without it there would be no rewards. Your objective in managing IRR and other types of risk is to maintain a level of risk that your bank’s capital and earnings can support.
Articles from Spring 2008
To compete, consider the punch of remote deposit capture
To stand up in the ring against heavier competitors, community banks must take seriously a new technology that is body punching the industry’s deposit side. Even smaller businesses — perhaps enticed by ads from bigger banks — are now starting to request Remote Deposit Capture (RDC), the process that allows a business to post and clear checks electronically with its bank. With demand for this breakthrough technology likely to increase, it may be time to adjust your fight plan to include RDC.
What RDC is
RDC is a service that allows a business to make a deposit without every going to a bank. This is done by scanning a check and transmitting its image to the bank.
Put another way, the check received at a business or deposited at a bank location is scanned to create a digital deposit. The digital deposit is then transmitted (usually over an encrypted Internet connection) to an RDC bank or an RDC service provider that accepts the deposit, posts it to the business’s account and assigns clearing availability.
The RDC process has been stepping up in popularity, particularly among the largest banks, since October 2004. That was when “Check 21” legislation was implemented, allowing banks to clear checks based on images of the original checks. This speeds up processing because the original checks needn’t be physically transported all the way to the paying bank for clearing.
What technology is needed
The basic requirements for RDC service — what your customer needs to get started — include a PC, an Internet connection, a check scanner and a service provider. Scanning equipment ranges from about $600 to $1,200 or more per location.
Banks getting into RDC services can draw from a plethora of suppliers for the scanners and add-ons (such as document hoppers and output pockets) it needs. More than 30 companies, for example, are currently advertising RDC products on http://remotedepositcapture.com/, an industry clearinghouse. You can purchase either a highly integrated system from one vendor, or an open system, mixing “best in breed” hardware and software from several vendors.
Benefits to be gained
Accelerated deposit time for customers is considered a top RDC benefit. So are reduced transportation costs, time and risks. Customers who live in remote locations clearly benefit from eliminating deposit trips to the bank. But even businesses near their banks report the joys of depositing from their desk rather than after a drive through traffic.
If your bank uses (and pays for) courier service for certain clients, you can save time and money by using RDC instead. RDC also can help you reduce your processing and clearing costs — and develop new revenue streams, including:
• New clients attracted to the new service
• A larger wallet share with existing customers (because the service can enable them to consolidate their deposits with your bank, regardless of their geographic location); and
• Liquidity services — if a firm is able to consolidate its deposit accounts with your bank, it would likely have a need for your liquidity services, too.
In the dog-eat-dog world of banking, offering RDC to business customers may be a better competitive weapon than any single new product your organization cooks up.
Avoiding knockouts
RDC was listed as one of the top five litigation risks currently facing bankers in the July 2007 ABA Journal. Metropolitan areas, colored by their anonymity, give thieves a chance to work/misuse the system. Industry watchers, in general, see RDC as ripe with fraud potential, akin to Internet, e-mail and credit card fraud.
To protect against these risks, banks are having customers sign documents that shift the liability from the bank to the customer. This means the customer is responsible for figuring out what to do with the checks that potentially could be fraudulently deposited in other banks. (Some experts advise keeping checks in a secure place, with access to only a few accountable employees, for seven days and then destroying them.)
There’s another kind of risk as well: risk to customer relationships. Personal relationships give your community bank an edge over bigger banks, and you don’t want any technology to hurt that. RDC should be viewed only as a tool that benefits your customers — you still want to get to know them!
Not leading with your chin
Setting up an RDC service for your business clients should be done carefully, or problems can negate the benefits. Don’t let these considerations fall through the ropes:
1. Make sure RDC is something you really want. Conduct thorough financial and market analyses; forecast your savings and added revenue conservatively.
2. Shop around. The vendor who currently archives your checks, physically or electronically, may be a convenient choice, but not necessarily the best. Also, be wary lightweights jumping into the market.
3. Research the reputation and financial viability of vendor candidates.
4. Investigate what kind of support you and your customers will receive.
5. Figure into your financial projections the cost of scanners if you’re going to give, or lease them at a reduced rate, to your customers.
6. Target, as your first customers, businesses located at least two hours from your bank’s base.
7. Test the technology thoroughly before implementing the system.
Winning the fight
Pound for pound, offering RDC to your business clients might be a smart move in the fight for customer draw and loyalty. But be sure to do your research before making an RDC decision and keep up customer contact after converting to it — or you may be down for the count.
Costing consumers more than $1 billion a year, identity theft continues to head the list of consumer complaints heard by the Federal Trade Commission, according to a 2007 FTC report. And in the United States a crime of this nature happens every 79 seconds, the agency reports.
Identity theft also can drive away bank customers. The CMO Council, a California-based think tank for corporate marketing decision makers, found that of the 2,000 customers surveyed for a September 2006 CMO Council Report, more than half would either strongly consider, or definitely take, their business elsewhere if their personal information were breached.
Now comes a full-fledged response to the problem, the Identity Theft Red Flags and Address Discrepancies final rules. The rules and accompanying guidance require compliance by Nov. 1. of this year.
Know the new rules
Issued jointly by the OCC, Federal Reserve System, FDIC, OTS, FTC and National Credit Union Administration, the extensive rules implemented Section 114 of the Fair and Accurate Credit Transactions Act of 2003. They require all financial institutions with consumer accounts to develop and launch a written identity theft prevention program.
The rules pinpoint patterns, practices and specific forms of activity that signal possible identity theft. They include 26 identifiers, dubbed “red flags,” that banks should consider when developing their programs.
After a contentious comment period, the agencies chose not to make mandatory any specific controls for particular red flags. Instead, they’ve directed banks to tailor their programs to their operations’ size and nature. While the regulators have said they won’t fault a bank for lacking controls for a particular red flag it considers nonapplicable, they are ready and able to criticize the overall adequacy of your compliance program.
See if the red flag fits
The first step in creating your identity theft prevention program is to review the list of red flags to determine which ones apply to your bank. Keep in mind that the rules apply to the opening of new accounts as well as to existing accounts covered by the rules. While there are 26 flags listed in the final rules, many of them are multi-faceted, making the number climb to well over 40. The flags are grouped under four categories:
1. Consumer reporting agencies. The red flags under this umbrella are linked to notifications from consumer reporting agencies (Equifax, Transunion, Experian and others), for example, a fraud or active duty alert included in a customer report.
A notice of an address discrepancy or a credit freeze is another type of red flag. So is a report showing a recent activity pattern that’s inconsistent with your customer’s history, such as a significant increase in the volume of inquiries, an unusual number of recently established credit relationships, or a material change in the use of credit (especially in respect to established credit relationships)
2. Suspicious documents. Some of these red flags are:
• Identification that appears to have been altered or forged,
• A photograph or physical description on identification that’s inconsistent with the appearance of the person presenting the identification,
• Other information on the identification that’s inconsistent with the person presenting the identification, other information he or she provides or readily accessible information on file, such as a signature card or a recent check, and
• An application that appears to have been altered, forged, or destroyed and reassembled.
3. Personal identifying information. Some red flags in this area relate to the inconsistency of identifying information a customer provides with that from external information sources. Examples include an address that doesn’t match any address in the consumer report, a Social Security number (SSN) that hasn’t been issued or an SSN that’s listed on the Social Security Administration’s Death Master File. Pieces of identifying information a customer provides that are inconsistent with each other — for example, that no correlation between the SSN range and the person’s date of birth — are also red flags.
Another red flag is information associated with known fraudulent activity, as indicated by internal or third-party sources. For example, addresses or phone numbers on an application that are the same as those provided on a known fraudulent application are a red flag.
Some other red flags related to personal identifying information include:
• An address on an application that is fictitious, a mail drop or a prison,
• A phone number that’s invalid or associated with a pager or answering service,
• An SSN that’s the same as that submitted by other people opening an account or other customers,
• An address or telephone number that’s the same as, or similar to, the account number or telephone number submitted by an unusually large number of other people opening accounts or other customers,
• A person opening an account who fails to provide all required information, and
• Information that’s inconsistent with other identifying information on file with your bank.
Additionally, if your bank uses challenge questions, a red flag would wave when a person opening an account can’t provide authenticating information beyond what generally would be available from a wallet or consumer report.
4. Unusual activity. Red flags in this category relate to activity that is commonly associated with fraud or simply atypical. It’s a red flag, for example, if shortly after a change of address, a customer requests a new, additional or replacement debit or credit card or the addition of authorized users on the account.
It’s also a red flag if a new revolving credit account is used in a manner commonly associated with fraud patterns, for example, most of the available credit is used for cash advances or merchandise that is easily convertible to cash (such as electronics equipment or jewelry), or the customer fails to make the first payment, or makes an initial payment but no subsequent payments.
Red flags also occur when an account used in a way that strays from its history, such as nonpayment when there is no history of late or missed payments or a material increase in the use of available credit. Other examples include a material change in:
• Purchasing or spending patterns,
• Electronic fund transfer patterns in connection with a deposit account, or
• Telephone call patterns in connection with a cellular phone account.
Other activity-related red flags include the use of an account that has been inactive for a reasonably lengthy period of time, mail sent to the customer that is returned repeatedly as undeliverable even though transactions continue to be conducted, notification that the customer is not receiving paper account statements, or notification that unauthorized charges or transactions are being made.
Create your plan
Once you’ve pinned down which red flags are applicable to your institution, you can develop your identity theft prevention program, which should contain policies and procedures to:
Detect the red flags that you’ve determined are relevant to your consumer accounts,
Respond appropriately to any red flags you spot, to prevent and mitigate identity theft, and
Updated the program periodically to reflect changes in risks to customers or to the safety and soundness of your financial institution.
Some flexibility exists in deciding how to handle the development of the new identity theft prevention controls you determine you need. You can incorporate them into the controls you already have in place to comply with Bank Secrecy Act customer identification process requirements or the Safeguarding Customer Information program. Or you can establish a new set of stand-alone controls.
Approve and implement
Once you’ve developed all the components of your identity theft prevention program, you’ll need to get your board of directors (or the appropriate board committees) to approve it. The rules allow you to decide to what extent the board gets involved in the program’s oversight, and whether your board, or management, will approve program changes.
You’ll then need to oversee the program’s implementation, staff training and any arrangements you might have with service providers. Remember, at any point along the way (including program development), consulting a compliance expert will help make sure your eggs — or, in this case, flags — line up in a row.
And when they do, you can feel confident that your bank has done its job in putting the lid on identity theft. Your customers are likely to appreciate it, too.
Bankers will be busy measuring the fair value of instruments on their next financial statement as they realize the widespread impact of a new accounting standard. Follows are highlights of some of the key issues.
Bracing for the challenge
Financial statements for fiscal years beginning after Nov. 15, 2007, must comply with Financial Accounting Standard 157, Fair Value Measurements (FAS 157) If you haven’t started familiarizing yourself with the new rule, it’s time to do your homework on how it will affect you.
FAS 157 defines fair value, sets a framework for measuring fair value in accordance with Generally Accepted Accounting Principles (GAAP), and expands disclosures of fair-value measurements. (For a full explanation of the standard and how it will affect you, see your accounting professional.)
Understanding Levels 1–3
Before FAS 157, there were different definitions of fair value and limited guidance for applying them. The result was inconsistencies that added to the complexity in applying GAAP. Under FAS 157, there is a three-level hierarchy for fair value measurement:
Level 1, quoted prices in active markets for identical assets or liabilities,
Level 2, quoted prices for similar assets or liabilities in active markets; quoted prices for identical assets or liabilities in inactive markets, or other observable inputs, and
Level 3, unobservable inputs using the reporting entity’s own assumptions about what market participants would use in pricing the asset or liability.
In December, the Public Company Accounting Oversight Board (PCAOB) issued Audit Practice Alert No. 2: Three-level Hierarchy and Third Party Pricing, to assist auditors in interpreting issues involved in the hierarchy.
Making it all consistent
For reporting purposes, new disclosures are necessary. They apply to any assets or liabilities that would be measured at fair value. The disclosures include:
The fair value as of the reporting date,
Which of the levels were used for determining the fair value,
For Level 3 values, a reconciliation of the beginning and ending balances including purchases, sales, gains, losses
The amount of the gains and losses included in earnings from changes in unrealized gains or losses for assets or liabilities still held at the reporting date, and
The valuation techniques used to measure fair value, with an explanation of changes in techniques if any.
So while applying FAS 157 the first time is expected to be challenging, the end result may mean greater consistency and less confusion when you prepare subsequent financial statements.
Bankers setting allowances for loan and lease losses are paying special attention to the documentation that supports the decisions they make.
For the past year or so, financial institutions have been grappling with the new accounting requirements in Interagency Policy Statement on the Allowance for Loan and Lease Losses (ALLL). The statement was issued jointly by the five financial institution regulatory agencies in late December 2006. It replaces a similar 1993 policy.
GAAP is in, benchmarks out
Gone are the model calculations for banks to follow when setting loan and lease loss allowances. Auditors had formally complained that these examples were being used in the field as benchmarks that sometimes contradicted Generally Accepted Accounting Principles (GAAP).
The new policy follows GAAP while allowing bank management decisions to include judgments involving qualitative or environmental factors affecting the loss allowance, as long as these judgments are reasonable, documented and explained.
Based on the guidance, here are some key directives to keep in mind for your bank’s own ALLL policy and methodology:
Make double-counting taboo. A loan is either impaired or not impaired. You can’t use SFAS No. 114 and SFAS No. 5 measurements for the same loan. If a loan is impaired but without a specific reserve, don’t allocate a general reserve to it.
Consider history just the beginning. Use historical losses as the starting point for general reserves and then adjust for qualitative factors, avoiding arbitrary percentages.
Stay in the here and now. Assess and evaluate risk within your portfolio as of the reporting date. Don’t factor in potential future events.
Back it up. Document all factors and data in your ALLL analysis and computation. Don’t maintain unallocated reserves that can’t be supported.
Toss budgeted amounts. Adjust the quarterly provision based on SFAS 5 and SFAS 114 analysis of the total portfolio. Don’t record a provision for loan losses based on budgeted amounts.
Keep it consistent. The variance between calculated and recorded reserves shouldn’t be significant. Set a tolerable margin for imprecision in your ALLL policy. Don’t carry unallocated amounts that can’t be explained.
Consider your uniqueness. Your ALLL should address risks unique to your bank’s’ portfolio, for example, whether it’s heavy in consumer loans, 1- to 4- family mortgages or construction lending. Using peer group information alone isn’t satisfactory.
Remember OREO. Include write-down on loans prior to their transfer to other real estate owned (OREO) within the ALLL. Include those losses in the appropriate loan segment to determine historical losses. Don’t ignore losses on loans being transferred to OREO.
Skip unfunded commitments. Report estimated losses on unfunded commitment as other liabilities. Don’t include estimated losses on unfunded commitments within the ALLL.
Know when to accrue. When a loan is deemed impaired, put it on non-accrual status. Refer to the policy for other situations when the accrual of interest should stop.
[subhead]Review your individual policy regularly
The best way to make sure you following these dos and don’ts — and other directives in the guidance — is to establish a written ALLL policy and methodology that is approved by your board annually. Use your accounting advisors in creating a policy that best serves your bank’s unique loan portfolio.
The general information in this publication is not intended to be nor should it be treated as tax, legal, or accounting advice. Additional issues could exist that would affect the tax treatment of a specific transaction and, therefore, taxpayers should seek advice from an independent tax advisor based on their particular circumstances before acting on any information presented. This information is not intended to be nor can it be used by any taxpayer for the purpose of avoiding tax penalties.
