Transitioning to Regional Supervision
by Miles Green, Advanced Examiner, Community and Regional Safety and Soundness, Supervision, Regulation, and Credit, Federal Reserve Bank of Richmond
In the Federal Reserve System, financial institutions that have less than $10 billion in consolidated assets generally fall under the community bank organization (CBO) supervision program, while those that have between $10 billion and $100 billion are included in the regional bank organization (RBO) supervision program. As of June 30, 2022, the Federal Reserve supervised 99 RBOs (most of which are holding companies) with aggregate assets approximating $2.7 trillion.1 From June 30, 2021, to June 30, 2022, the RBO supervision program experienced a net increase of 12 organizations, making it the fastest-growing portfolio of institutions supervised by the Federal Reserve.2 CBOs transitioning to the RBO supervision program will encounter a new supervisory process, increased audit function expectations, and an expanding scope of risk management and governance considerations. To aid CBOs in transitioning to the RBO supervision program, the Federal Reserve established the Regional Banking Supervision Outreach Group to highlight guidance and industry best practices that RBOs should consider. This article provides an overview of the RBO supervisory program to aid CBOs that are experiencing asset growth and may soon become a regional institution.
The RBO Supervisory Process
The transition to the Federal Reserve’s regional supervision is often a significant change for a CBO management team. Each Reserve Bank assigns a dedicated central point of contact (CPC) to both serve as a resource to the institution and oversee the execution of the Federal Reserve’s supervisory plan for the institution. While community banks in satisfactory condition can expect a full-scope, risk-focused examination every 12 to 18 months, regional supervision involves more frequent touchpoints between the Reserve Bank and the supervised institution. Federal Reserve examiners develop a detailed supervisory risk assessment and tailored supervisory plan for each RBO. The supervisory plan weighs the complexity and financial condition of an RBO holding company and its subsidiary banks and nonbank subsidiaries. Further, the plan serves to establish the annual supervisory objectives and schedule for targeted and full-scope supervisory events, considering the primary bank regulator’s examination schedule and results.
Because the bank subsidiary of the holding company generally contains most of the assets of the consolidated organization, the extent of supervisory activities at an RBO depends on its lead bank subsidiary. In scenarios in which the lead bank subsidiary of the RBO holding company is a state member bank, an annual supervisory cycle typically contains two asset quality targets, specialty target examinations such as information technology and Bank Secrecy Act compliance, and a full-scope holding company inspection. When the lead bank is not a state member bank — for example, a national bank, nonmember bank, or savings bank — the Federal Reserve’s CPC coordinates with the primary bank regulator to leverage pertinent information about the lead bank to streamline the examination process. The Federal Reserve may participate in target supervisory events with the primary federal bank regulator when the bank’s material business functions and activities are related to activities conducted at the holding company.
Beyond a more robust examination schedule, Federal Reserve examiners perform continuous monitoring of the institution throughout the year, which increases the interaction between the institution’s management and the designated CPC. To aid in these monitoring efforts, an RBO provides Federal Reserve examiners with information such as the institution’s board of directors and committee meeting packages. The sharing of information is handled by the Federal Reserve’s Supervision Central platform. Other examples of continuous supervisory monitoring activities include examiners conducting quarterly meetings with management and other regulators, analyzing the Federal Reserve’s internal risk monitoring reports, and reviewing the institution’s audit committee meeting packages and reports.
These supervisory activities may identify changes in the institution’s risk profile, resulting in examiners contacting the institution’s management outside of a scheduled supervisory event to discuss the institution’s ability to manage and control risks. Therefore, the Federal Reserve suggests that an RBO institution assign an individual to manage this process and direct potential ad hoc inquiries from examiners to the correct stakeholders. Usually, this individual is also responsible for coordinating the process for delivering continuous document submissions to the Federal Reserve.
Asset Quality Reviews
Another key difference between CBO and RBO examinations is the loan coverage expectations for supervisory asset quality reviews. For CBOs, examiner loan coverage is generally a sample ranging from 20 percent to 40 percent coverage of total commercial and industrial and commercial real estate loans. Loan file review is normally performed at one full-scope supervisory event. In contrast, the Federal Reserve regional supervision program includes two asset quality targets per annual supervisory cycle for holding companies with lead bank subsidiaries that are state member banks. Further, Federal Reserve examiners are expected to perform loan sampling that includes at least 10 percent coverage of the four largest commercial loan segments. Therefore, each credit target examination will often focus on one or two material commercial loan segments, as well as a material retail loan segment of the RBO’s loan portfolio or areas of emerging credit risk. In performing their loan reviews, Federal Reserve examiners expect that an RBO has a comprehensive internal loan review program to aid in assessing the accuracy of the institution’s credit risk rating process and the adequacy of its risk management practices. For institutions with a satisfactory to strong internal loan review function, examiners will typically leverage the RBO’s internal loan review work and conclusions to perform the supervisory asset quality review. Supervision and Regulation (SR) letter 14-4, “Examiner Loan Sampling Requirements for State Member Bank and Credit Extending Nonbank Subsidiaries of Bank Holding Companies in the Regional Organization Supervision Portfolio,” outlines expectations for an RBO’s asset quality review.3
Heightened Internal Audit Expectations
Once an organization is assigned to the RBO supervision program, the policies outlined in SR letter 13-1/Consumer Affairs (CA) letter 13-1, “Supplemental Policy Statement on the Internal Audit Function and Its Outsourcing,” become applicable.4 This policy statement sets the supervisory expectation for several enhanced audit practices. These practices include additional risk analysis, thematic control issues identification, a process for challenging management and policy actions, infrastructure change reviews, assessment of the firm’s established risk tolerance, and evaluation of governance and strategic objectives. Institutions commonly experience challenges with adjusting to these internal audit expectations when transitioning to the RBO portfolio.
As an institution grows and its risk profile changes, a strong chief audit executive becomes even more critical for an effective internal audit function. The chief audit executive conventionally discontinues direct audit work and instead focuses on developing and overseeing a framework and processes that enable audit work to be delegated across the internal audit function’s staff. Further, the chief audit executive should have the knowledge and expertise to determine which audit work should be conducted in-house versus co-sourced with an outside audit firm. In making this determination, the chief audit executive should balance the benefits and challenges of both approaches to identify the mix that best meets the institution’s needs.
Many institutions have found value in employing a gap assessment of their internal audit function, as discussed in SR letter 13-1, that provides an objective and robust assessment of existing practices against the guidance. Once gaps in the function have been identified, audit management should develop plans and timelines for addressing each of the identified gaps, share the remediation plan with the institution’s audit committee, and provide regular process updates to the audit committee. This gap assessment often identifies the need for the RBO to enhance the skill and training of its internal audit department’s staff. Common gaps include technical expertise in areas such as information technology and compliance, as well as soft skills like leadership and communication. A skilled audit staff will enable the audit function to promote effective control functions across the entire organization and to raise concerns and control weaknesses to the RBO’s audit committee when necessary.
Risk Management and Corporate Governance
In the RBO supervision program, examination work focuses on the quality of the institution’s risk management, control functions, and governance structure. When transitioning to the regional portfolio, a bank needs to consider a variety of governance and management considerations such as organizational structure, the corporate risk management program, the qualifications and skills of the board of directors and senior management, and strategic planning.
Organic asset growth may drive a CBO’s transition into the RBO supervision program, but the transition is often accelerated by acquisition or merger activity that involves a significant jump in asset size. In such scenarios, an institution’s management needs to consider whether the organization’s management structure is appropriate for achieving its strategic goals and business plans. The institution’s revenue and risk functions need to share a clear overall strategic direction, maintain effective cross-functional communication, and collectively cultivate a strong risk management culture. The corporate risk management program will benefit from clear distinctions between first and second lines of defense that uphold effective challenge practices and hold management accountable for its actions.
The skills and expertise of the board of directors and senior management should keep pace with the institution’s strategic direction and growth. As organizations grow, executive management may have less bandwidth to directly oversee certain elements of the bank’s activities and risk management functions. Therefore, an institution’s executives need to develop another layer of management, delegate responsibility, and implement accountability for corporate goals and effective risk management. Further, new business functions can become necessary as a bank expands its size and complexity. Examples include data governance, model risk management, and enterprise risk management. Executives need to carefully consider whether these functions need to be implemented or expanded and plan and budget for these resources accordingly.
Lastly, an institution’s strategic plan is an important steering and governance tool for complex organizations, setting forth common objectives and aligning management expectations across business lines. Further, the strategic plan enables an institution’s board of directors to develop and communicate its risk appetite to senior management. Senior management should develop business line action plans that reflect the board of directors’ risk appetite and communicate these risk expectations throughout the organization.
Supervisory Outreach and Support
The transition of a CBO to the RBO supervision program represents a significant change in supervisory expectations for the institution’s governance and risk management. The Federal Reserve is committed to supporting supervised firms going through this transition by providing technical assistance, spotlighting common challenges, and sharing industry best practices. Supervised institutions are encouraged to reach out to their local Federal Reserve Bank’s examination staff for answers to questions regarding the possibility of a CBO moving to the RBO supervision program.
For up-to-date information and support on this topic, register with Ask the Fed5 and follow the industry outreach series titled “Regional Banking: Beyond Examinations.” The April 27, 2022, episode of this series includes coverage of a variety of common RBO transition pitfalls and corresponding keys to success.6 The most recent episode in this series, “Maturing Your IT Risk Management and Governance Framework,” addresses data management and managing third-party vendors.7
- 1 See Board of Governors of the Federal Reserve System, Supervision and Regulation Report, November 2022, available at www.federalreserve.gov/publications/files/202211-supervision-and-regulation-report.pdf.
- 2 See Board of Governors of the Federal Reserve System, Supervision and Regulation Report, November 2021, available at www.federalreserve.gov/publications/files/202111-supervision-and-regulation-report.pdf.
- 3 SR letter 14-4 is available at www.federalreserve.gov/supervisionreg/srletters/sr1404.htm.
- 4 SR letter 13-1/CA letter 13-1 is available at www.federalreserve.gov/supervisionreg/srletters/sr1301.htm.
- 5 Ask the Fed is available at https://bsr.stlouisfed.org/askthefed/Auth/Logon.
- 6 See the Ask the Fed session “Regional Banking: Beyond Examinations – Transitioning to RBO Supervision,” which was presented by Matthew Turner, Elizabeth Keenan, and Richard Perisie on April 27, 2022, and is available at https://bsr.stlouisfed.org/askthefed/Home/ArchiveCall/319.
- 7 This Ask the Fed session is available at https://bsr.stlouisfed.org/askthefed/Home/ArchiveCall/335.