Home > First Issue 2021 > Regulation O Revisited

Regulation O Revisited
by Robert Crepinsek, Examiner, Supervision, Regulation & Credit, Federal Reserve Bank of Boston, and William Mark, Lead Examiner, Supervision & Regulation, Federal Reserve Bank of Chicago

As part of bank examinations and holding company inspections, examiners assess institutions’ processes and controls designed to ensure compliance with all banking laws, rules, regulations, and supervisory requirements. One of those regulations is Regulation O, or Reg O, which governs extensions of credit by banks to certain bank employees, or insiders.1 Reg O was designed to ensure insiders are not given preferential treatment and to safeguard against insider abuse. This article provides a general overview of Reg O and touches on the adjusting of certain Reg O restrictions as a result of the pandemic.

Definition of Insiders

So, who is considered an insider? Insiders include executive officers, directors,2 and principal shareholders (and the related interests of these individuals) of the bank and its affiliates. Reg O defines executive officer as any person who participates (or has the authority to participate) in major policymaking functions, regardless of title or compensation, though it specifically lists the chairman of the board, the president, every vice president, the cashier, the secretary, and the treasurer as executive officers, unless excluded through bylaws or by a resolution of the board of directors and in practice the individual does not participate in major policymaking functions.3 Principal shareholder is anyone who directly or indirectly, or acting in concert with one or more persons, owns, controls, or has the power to vote more than 10 percent of the shares of the bank or its holding company. Shares owned or controlled by immediate family members are attributed to the individual; for purposes of Reg O, immediate family members are limited to spouse, minor children, and adult children living with the individual.

As related interests of the insider include any company controlled by the insider, there should be a clear understanding of what constitutes control. For purposes of Reg O, it results from directly or indirectly (individually or with others) owning, controlling, or having the power to vote 25 percent or more of any class of voting securities of a company. It also includes controlling the election of a majority of the directors of a company, or having the power to exercise a controlling influence over the management or polices of a company. Further, there is a presumption of control for any director or officer of a company who directly or indirectly owns, controls, or has the power to vote more than 10 percent of any class of voting securities of that company, or for any person who directly or indirectly owns, controls, or has the power to vote more than 10 percent of any class of voting securities if no other person owns a greater percentage. Presumptions of control do not apply simply by virtue of holding the position as a director or officer of an unaffiliated company. So first, management needs to have an accurate accounting of all loans made by the bank to its insiders and their related interests. The next consideration is loans made to insiders of any bank affiliates. In a typical bank holding company structure, affiliates of the bank include the parent holding company and all its subsidiaries.

Limits and Restrictions on Loans to Insiders

Loans to insiders have limits on an individual as well as an aggregate basis. The lending limit to an individual, including related interests, is 15 percent of the bank’s unimpaired capital and surplus for loans that are not fully secured, and an additional 10 percent for loans that are fully secured by readily marketable collateral.4 Loans fully secured by obligations of the U.S. government or agencies or loans secured by deposits held at the bank do not apply toward the limit. On an aggregate basis, loans to insiders are limited to the equivalent of the bank’s unimpaired capital and surplus, or up to two times unimpaired capital and surplus for banks with less than $100 million in deposits, as long as a signed resolution by the board of directors justifies the higher limit. The higher limit for smaller banks is also conditioned on the bank meeting applicable capital requirements and having a satisfactory CAMELS5 composite rating in its most recent report of examination.

In addition to the quantifiable limits, Reg O includes general prohibitions based on terms and creditworthiness. In general, loans made to insiders must be on substantially the same terms, such as interest rates and collateral, as loans made to non-insiders, with the same underwriting standards applied at origination.6 In addition, the loan must not involve more than the normal risk of repayment or present other unfavorable features. Further, any loan to an insider of an amount more than $25,000 or 5 percent of unimpaired capital and surplus, whichever is higher, must be preapproved by a majority vote of the board of directors, and the insider must abstain from the approval process.7 Prior approval is also required when an extension of credit, regardless of the amount, results in aggregate debt to the individual and their related interests exceeding $500,000.8


In general, banks should maintain the necessary records for ensuring compliance with Reg O. Although Reg O does not prescribe a specific recordkeeping methodology, the regulation does provide detail on the types of records required, as well as two suggested methodologies for collecting relevant data on extensions of credit to insiders of affiliates. Required records include an accounting of (1) all insiders, (2) all extensions of credit to these insiders, and (3) all extensions of credit to insiders of bank affiliates. For the third category, the regulation identifies two potential methodologies for use: the survey and the borrower inquiry methods.

As the name suggests, the survey method involves conducting an annual survey of the bank’s affiliates to identify each insider at those affiliates. From the resulting list, the bank would then have to maintain a listing of the amount and terms of every extension of credit to each identified insider. The borrower inquiry method requires the borrower to indicate whether the borrower is an insider of an affiliate when applying for a loan. Once again, the onus is on the bank to maintain accurate records of all extensions of credit to those self-identified insiders. It is permissible for a bank to have an alternative method for identifying and maintaining records on all extensions of credit to insiders of the bank’s affiliates, as long as the bank’s primary federal regulator deems it effective.


An extension of credit is “a making of or renewal of a loan, a granting of a line of credit, or an extending of credit in any manner whatsoever.”9 Of the seven specific examples of extensions of credit detailed in Reg O,10 anecdotal evidence suggests that overdraft activity results in the most common contraventions of Reg O. This is likely in part due to their temporary nature and the set of additional restrictions that apply to overdrafts. Overdrafts of $5,000 or less are not considered extensions of credit if made pursuant to a written, preauthorized, interest-bearing extension of credit plan, or a written, preauthorized transfer of funds from another account.11

In addition, banks are prohibited from paying overdrafts to executive officers and directors. The prohibition on overdrafts, however, does not apply to the payment of inadvertent overdrafts if the aggregate amount of overdrafts on an account does not exceed $1,000, the account is not overdrawn for more than five business days, and the executive officer or director is charged the same fee as any other customer. The prohibition on the payment of overdrafts does not apply to principal shareholders who are not also an executive officer or director, or to the related interests of insiders.

Executive Officers

Some additional restrictions apply to executive officers of the bank (but not to the executive officers of the bank’s affiliates). Extensions of credit for the education of an executive officer’s children or for the purchase, construction, maintenance, improvement, or refinancing of a residence are permissible without limitation (for the residence, provided the extension of credit is secured by a first lien and the residence is owned by the executive). Loans fully secured by deposits held at the bank or by U.S. government obligations also have no limits. Loans for any other purpose are permissible as long as aggregate loans to that executive officer do not exceed the higher of 2.5 percent of the bank’s unimpaired capital and surplus or $25,000, but in no event more than $100,000.12 In addition, any extension of credit to the executive officer must be:

  • promptly reported to the board of directors;
  • on the same terms and conditions available to the general public;
  • preceded by the submission of a detailed current financial statement of the executive officer; and
  • made subject to the condition in writing that the extension of credit will, at the option of the bank, become due and payable should the executive officer have debt with an unaffiliated bank in excess of the limit.

Risk Management

Noncompliance with Reg O subjects the bank to compliance, operational, and legal risks, which together could translate into increased reputational risk. Further, inadvertent violations could result in examination findings requiring the board to improve risk management practices for the identified risk associated with extensions of credit to insiders. Significant, repeat, or willful contraventions of Reg O could escalate to civil money penalties. Therefore, if lending to insiders is a standard bank practice, the bank should have risk management processes commensurate with the level of activity. Determining the level of risk should start with a risk assessment, either internally or by the bank’s outsourced internal audit function. The level of risk assigned would justify the extent and frequency of prescribed internal audit reviews for compliance with Reg O, as well as with related internal policies and procedures.

From an examination perspective, the most important considerations are that:

  • management has established a process for proactively identifying and quantifying all extensions of credit to insiders of the bank and its affiliates;
  • such extensions do not give preference to any insider and remain below regulatory limits for individual insiders as well as in aggregate for all insiders; and
  • associated risk management practices are in place to prevent, recognize, and correct potential Reg O violations.

Extensions of credit to an insider include loans made to any company controlled by the insider. To ensure an accurate accounting of loans to insiders, management also needs to identify all companies owned or controlled by officers, directors, and principal shareholders. For a small community bank, even one owned by a shell bank holding company, this could be a relatively simple task; however, for a large bank holding company with multiple nonbank subsidiaries, the task is more substantial.13 As with all risk management processes, internal controls should be scaled to the size and complexity of the institution.

Management could take action to reduce, or at least control, the risk of a Reg O violation by including detail in loan approval documents that the board reviewed the loan to an insider and confirmed compliance with Reg O. Such documentation could include an affirmation that the loan is consistent with similar loans made to the general public. Maintaining a master list of insiders at the bank also facilitates Reg O compliance, demonstrating management’s commitment to an accurate accounting of applicable loans. A running total of aggregate loans to executive officers, directors, and principal shareholders (and their related interests) relative to the bank’s unimpaired capital and surplus can also be included in standard reporting packages prepared by bank management for review by directors or trustees prior to regularly scheduled board meetings. In addition, while not solely for Reg O compliance purposes, periodic review of employee checking account activity by the internal audit function for irregularities, such as overdrafts, could identify potential Reg O violations. Lastly, a consistent, disciplined practice of making loans to insiders that are no more favorable than those to the general public will provide the most assurance that the bank will remain in regulatory compliance.

Adjustment to Certain Reg O Restrictions in Light of COVID-19

On April 17, 2020, the Federal Reserve Board announced a temporary rule change in support of the Paycheck Protection Program (PPP), which was created in connection with the Coronavirus Aid, Relief, and Economic Security (CARES) Act. The PPP was designed to facilitate lending to small businesses affected by COVID-19.14 In order not to restrict access to PPP loans to certain insiders of banks, particularly in rural areas, the Board’s interim final rule excluded certain PPP loans from being considered extensions of credit. On July 4, 2020, the President signed into law the Prioritized Paycheck Protection Program Act (PPPP Act), which extended the PPP to August 8, 2020. Consequently, the Board extended the exclusion of PPP loans originated by that date from the quantitative limits on loans to insiders contained in Reg O.

Importantly, the Small Business Administration (SBA) explicitly prohibited banks from favoring, in processing time or prioritization, a PPP loan application from a director or equity holder, and the Board announced that it would administer both rule changes accordingly.

The Board’s temporary rule changes are consistent with interim final rules made by the SBA, administrator of the PPP and PPPP Act. The SBA’s interim final rule applied to outside directors or holders of less than 30 percent equity interest in a PPP lender, provided that the director or equity holder is not given preferential treatment in PPP loan processing. The interim final rule also stated that SBA lending restrictions would continue to apply to officers and key employees of a PPP lender.15 The temporary rule changes adjusted certain Reg O restrictions by permitting directors and principal shareholders to access PPP funding without impacting aggregate loans to insiders reportable under Reg O.


Reg O provides guidance on extensions of credit to insiders. The bank examination process typically involves substantiating that a bank is operating in accordance with the regulatory quantitative and qualitative limits and restrictions on loans to insiders. Even inadvertent violations have the potential to adversely impact an organization’s reputation. To avoid any such contravention, management and the board must maintain a system of internal controls supported by active board and senior management oversight, policies and procedures, diligent risk monitoring and reporting, and regular independent reviews to ensure ongoing Reg O compliance.

  • 1 Transactions with insiders are also governed by general standards of safety and soundness, prohibitions against fraud and abuse, and corporate fiduciary duties, as well as, in some circumstances, other provisions of federal banking law such as section 23A of the Federal Reserve Act (12 U.S.C. § 371c).
  • 2 According to the U.S. Code of Federal Regulations, 12 CFR 215.2(d)(1), a “director of a company or bank means any director of the company or bank, whether or not receiving compensation.” See www.federalreserve.gov/supervisionreg/regocg.htm.
  • 3 For affiliated companies, a signed resolution by the board of directors could remove an executive officer from the list of insiders, as long as the individual does not participate in major policymaking functions and the affiliate is not the parent bank holding company or does not represent more than 10 percent of consolidated assets.
  • 4 In situations in which state law establishes a lower limit for loans to one borrower, the lending limit established by the state applies.
  • 5 “CAMELS” refers to the supervisory rating framework that federal and state bank regulators use in communicating an assessment of a bank’s condition. On a 1 to 5 rating scale, examiners assign a composite rating and six component ratings: Capital (C), Asset Quality (A), Management (M), Earnings (E), Liquidity (L), and Sensitivity to market risk (S). To be deemed satisfactory, a bank must receive a CAMELS composite rating of no less than 2.
  • 6 From the Commercial Bank Examination Manual, “preferential terms include lower interest rates than those offered on similar types of loans, lower collateral requirements (or unsecured), longer maturities, no personal guarantee (if required from the general public), made for purposes not available to the general public, or lacking financial or other information generally required.”
  • 7 As described in 12 CFR 215.4(b)(1).
  • 8 As outlined in 12 CFR 215.4(b)(2).
  • 9 As defined in 12 CFR 215.3(a).
  • 10 12 CFR 215.3(a) lists seven examples of extensions of credit: repurchase agreement; overdraft; standby letter of credit; acquisition of any indebtedness upon which the insider may be liable as maker, drawer, endorser, guarantor, or surety; increase in existing indebtedness; advance on unearned salary greater than 30 days; and any other obligation to pay money or its equivalent whatsoever. Section 215.3(b) provides examples of items not considered extensions of credit, including balances of less than $15,000 on a bank-issued credit card.
  • 11 According to 12 CFR 215.3(b)(6).
  • 12 Based on a tier 1 leverage ratio of 10 percent, only banks with less than approximately $40 million in assets would have a limit of less than $100,000.
  • 13 Supervision and Regulation (SR) letter 19-16, “Status of Certain Investment Funds and Their Portfolio Investments for Purposes of Regulation O and Reporting Requirements Under Part 363 of FDIC Regulations,” discusses the application of examiner discretion to temporarily address the treatment of portfolio companies of mutual fund complexes that may have become principal shareholders of specific banks or bank holding companies. While SR letter 19-16 has limited ramifications for small community banking organizations, it does reflect the intricacies of applying the definition of insiders under Reg O. The SR letter is available at www.federalreserve.gov/supervisionreg/srletters/sr1916.htm.
  • 14 See the July 15, 2020, Board press release at www.federalreserve.gov/newsevents/pressreleases/bcreg20200715a.htm.
  • 15 See https://home.treasury.gov/system/files/136/Interim-Final-Rule-Additional-Eligibility-Criteria-and-Requirements-for-Certain-Pledges-of-Loans.pdf.
Back to top

System Outreach

The Federal Reserve System provides various resources for training, services, and more.

Learn more »

Policy and Guidance

Connect to various Federal Reserve resources, including SR and CA Letters, regulations, request for comment on rulemaking proposals, the latest Federal Reserve System speeches, and more.

Learn more ยป


Community Banking Connections is a quarterly Federal Reserve System publication available electronically or in print.

Learn more »


We want to hear from you! Please share with us any comments, suggestions, or topics that you would like to see on our website or in our publications.

Learn more »