98-27328. Uniform Interagency Trust Rating System  

  • [Federal Register Volume 63, Number 197 (Tuesday, October 13, 1998)]
    [Notices]
    [Pages 54704-54711]
    From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
    [FR Doc No: 98-27328]
    
    
    =======================================================================
    -----------------------------------------------------------------------
    
    FEDERAL FINANCIAL INSTITUTIONS EXAMINATION COUNCIL
    
    
    Uniform Interagency Trust Rating System
    
    AGENCY: Federal Financial Institutions Examination Council.
    
    ACTION: Notice.
    
    -----------------------------------------------------------------------
    
    SUMMARY: The Federal Financial Institutions Examination Council (FFIEC) 
    is revising the Uniform Interagency Trust Rating System (UITRS), 
    commonly referred to as the trust rating system. The revisions update 
    the rating system to reflect changes that have occurred in the 
    fiduciary services industry and in supervisory policies and procedures 
    since the rating system was first adopted in 1978. The changes revise 
    the definitions for the numerical ratings to conform to the language 
    and tone of the Uniform Financial Institutions Rating System (UFIRS) 
    rating definitions, commonly referred to as the CAMELS rating system; 
    reformat and clarify the component rating descriptions; reorganize the 
    account administration and conflicts of interest components into a new 
    component addressing compliance; emphasize the quality of risk 
    management processes in each of the rating components, particularly in 
    the management component; add language in composite rating definitions 
    to parallel the changes in the component rating descriptions; and 
    explicitly identify the types of risk that are considered in assigning 
    component ratings.
        The term ``financial institution'' refers to those FDIC insured 
    depository institutions whose primary Federal supervisory agency is 
    represented on the FFIEC. Uninsured trust companies that are chartered 
    by the OCC, members of the Federal Reserve System, or subsidiaries of 
    registered bank holding companies or insured depository institutions 
    are also covered by this notice. The Federal supervisory agencies 
    participating in this notice are: the Board of Governors of the Federal 
    Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), 
    the Office of the Comptroller of the Currency (OCC), and the Office of 
    Thrift Supervision (OTS).
    
    DATES: Effective October 13, 1998.
    
    FOR FURTHER INFORMATION CONTACT:
    FRB: William R. Stanley, Supervisory Trust Analyst, Specialized 
    Activities, (202) 452-2744, Division of Banking Supervision and 
    Regulation, Board of Governors of the Federal Reserve System, Mail Stop 
    175, 20th and C Streets, NW, Washington, D.C. 20551
    FDIC: John F. Harvey, Trust Review Examiner, (202) 898-6762, Division 
    of Supervision, Federal Deposit Insurance Corporation, Room F2078, 550 
    17th Street, NW, Washington, D.C. 20429.
    OCC: Laurie A. Edlund, National Bank Examiner, (202) 874-3828, Division 
    of Asset Management, Office of the Comptroller of the Currency, 250 E 
    Street, SW, Mail Stop 7-7, Washington, D.C., 20219.
    OTS: Larry A. Clark, Senior Manager, Compliance and Trust Programs, 
    (202) 906-5628, Gary C. Jackson, Program Analyst, (202) 906-5653, 
    Compliance Policy, Office of Thrift Supervision, 1700 G Street, NW, 
    Washington, D.C. 20552.
    
    SUPPLEMENTARY INFORMATION:
    
    Background information
    
        On February 17, 1998, the FFIEC published a notice in the Federal 
    Register (February Notice), 63 FR 7802, requesting comment on proposed 
    revisions to the Uniform Interagency Trust Rating System (UITRS). The 
    UITRS is an internal supervisory examination rating system used by the 
    Federal supervisory agencies for evaluating the administration of 
    fiduciary activities of financial institutions and uninsured trust 
    companies on a uniform basis and for identifying those institutions 
    requiring special supervisory attention. The UITRS was adopted on 
    September 21, 1978 by the Office of the Comptroller of the Currency 
    (OCC), the Federal Deposit Insurance Corporation (FDIC), and the Board 
    of Governors of the Federal Reserve System (FRB), and in 1988 by the 
    Federal Home Loan Bank Board, predecessor agency to the Office of 
    Thrift Supervision (OTS).
        Under the UITRS, each institution is assigned a composite rating 
    based on an evaluation and rating of essential components of an 
    institution's fiduciary activities. The composite rating reflects the 
    overall condition of an institution's fiduciary activities and is used 
    by the Federal supervisory agencies to monitor aggregate trends in the 
    overall administration of fiduciary activities. Under the former UITRS, 
    each financial institution or trust company was assigned a composite 
    rating based on an evaluation and rating of six essential components of 
    an institution's fiduciary activities. These components addressed: the 
    capability of management; the adequacy of operations, controls and 
    audits; the management of fiduciary assets; the adequacy of account 
    administration practices; the adequacy of practices relating to self-
    dealing and conflicts of interest; and the quality and level of 
    earnings. Both the composite and component ratings are assigned on a 1 
    to 5 numerical scale. A 1 indicates the strongest performance and 
    management practices, and the least degree of supervisory concern, 
    while a 5 indicates the weakest performance and management practices 
    and,
    
    [[Page 54705]]
    
    therefore, the highest degree of supervisory concern.
        The UITRS has proven to be an effective way for the Federal 
    supervisory agencies to determine the condition of an institution's 
    fiduciary activities. A number of changes, however, have occurred in 
    the fiduciary industry and in supervisory policies and procedures since 
    the rating system was first adopted. As a result, the FFIEC is making 
    certain enhancements to the rating system, but is retaining its basic 
    framework. The UITRS enhancements:
         Realign the UITRS rating definitions to bring them in line 
    with UFIRS.
         Reduce the component rating categories from six to five, 
    combining the Account Administration and Conflicts of Interest 
    components into a new Compliance component.
         Require Earnings to be rated only in institutions with 
    more than $100 million in total trust assets, and in all non-deposit 
    trust companies. An earnings rating is not required for the remaining 
    institutions (those institutions not required to file Schedule E 
    1); however, each Federal supervisory agency has the option 
    of requiring the earnings of these institutions to be rated using the 
    alternate rating definitions where applicable.
    ---------------------------------------------------------------------------
    
        \1\ Schedule E is the Trust Income Statement of the FFIEC Annual 
    Report of Trust Assets (FFIEC 001). Schedule E is required to be 
    filed by each financial institution with total trust assets of more 
    than $100 million as reported on line 18, column F of Schedule A, 
    and by all non-deposit trust companies, whether or not they report 
    any assets on Schedule A.
    ---------------------------------------------------------------------------
    
         Explicitly refer to the quality of risk management 
    processes in the management component, and the identification of risk 
    elements within the composite and component rating definitions.
    
    Comments Received and Changes Made
    
        The FFIEC received two public comments from industry trade 
    associations regarding the proposed revisions to the UITRS. Both 
    commenters generally favored the changes made, in particular the 
    emphasis on risk management, the changes to the UITRS to conform to the 
    language and tone of the UFIRS, and the considerations given to the 
    earnings component when evaluating a small trust department.
        Examiners field tested the revised rating system during 61 bank and 
    thrift fiduciary examinations conducted between February and May 1998. 
    The examiners provided comments regarding the revised rating system. 
    Examiner response was generally favorable, and no significant problems 
    or unanticipated rating differences were encountered between the former 
    and updated UITRS. Some of the examiner comments recommended clarifying 
    changes to various aspects of the revised rating system.
        The FFIEC carefully considered each comment and examiner response 
    and made certain changes. The following discussion describes the 
    comments received (both through public comment and agency field 
    testing) and changes made to the UITRS in response to those comments. 
    The updated UITRS is included at the end of this Notice.
    
    February Notice Specific Questions
    
        In addition to requesting general comments regarding the proposed 
    system, the FFIEC invited comments on four specific questions:
        (1) Does the proposal capture the essential risk areas of the 
    fiduciary services industry?
        The majority of the responses to this question were positive, and 
    no changes were made.
        (2) Does the proposed management component adequately assess the 
    quality of the board of directors' and management's oversight regarding 
    its fiduciary responsibility and its ability to identify and manage all 
    areas of risk involved in the exercise of its fiduciary powers?
        The majority of the responses to this question were positive, and 
    no changes were made.
        (3) Are there any components which should be added to or deleted 
    from the proposal?
        The majority of the responses received regarding the components 
    were favorable. A number of examiners recommended strengthening the 
    conflict of interest section of the Compliance component. Several 
    examiners also requested clarification of the application of the 
    optional earnings rating to the Earnings component. These concerns are 
    addressed later in this Notice.
        (4) Are the definitions for the individual components and the 
    composite numerical ratings in the proposal consistent with the 
    language and tone of the UFIRS definitions?
        The majority of the responses to this question were positive. The 
    agencies received several examiner comments recommending changes to 
    address minor inconsistencies in wording throughout the UITRS. Many of 
    these minor wording changes were made to improve the consistency of the 
    rating system.
    
    Compliance Component
    
        The February notice combined the former Account Administration and 
    Conflicts of Interest components into a new Compliance component. The 
    new component assesses the institution's compliance with the terms of 
    governing instruments, applicable laws and regulations, sound fiduciary 
    principles, and internal policies and procedures. In addition, the new 
    component addresses compliance with applicable laws, regulations, and 
    internal policies and procedures on a broader, institution-wide basis 
    by focusing on compliance and strategic risk.
        Several examiners expressed concern that the new rating component 
    de-emphasizes the seriousness of self-dealing and conflicts of 
    interest. The FFIEC emphasizes that self-dealing and other conflicts of 
    interest, and the associated risks to the institution, continue to be 
    areas of great importance and concern. The intent of the new Compliance 
    component was not to de-emphasize the seriousness or importance of 
    self-dealing or other conflicts of interest. Accordingly, the 
    description of the new component and its rating definitions has been 
    revised and expanded to clarify the importance of these issues.
    
    Earnings Component
    
        Under the former UITRS, an Earnings rating was required for all 
    institutions. The February notice proposed several changes to the 
    Earnings component. An earnings rating would be required for 
    institutions with more than $100 million in total trust assets (as 
    reported on FFIEC 001 Schedule A, line 18, column F) and for non-
    deposit trust companies. An earnings rating would not be required for 
    the remaining institutions (those institutions not required to file 
    Schedule E of FFIEC 001); however, each Federal supervisory agency 
    would have the option of requiring the earnings of these institutions 
    to be rated using either the rating definitions designated for Schedule 
    E filers or, in accordance with the agency's implementing guidelines, 
    the definitions for the alternate ratings.
        The majority of the comments received on the Earnings component 
    changes were positive; however, several examiners requested that the 
    FFIEC clarify various aspects of this component. In response, the FFIEC 
    added an evaluation factor section for the alternate earnings rating, 
    and separated the two rating definitions. In addition, each agency will 
    issue implementing guidance addressing the
    
    [[Page 54706]]
    
    applicability of the Earnings rating to its supervised institutions.
    
    Implementation Date
    
        The FFIEC recommends that the Federal supervisory agencies 
    implement the updated UITRS January 1, 1999. This date ensures that 
    institutions with examinations commenced in 1999 will be assessed under 
    the updated UITRS.
    
    Text of the Revised Uniform Interagency Trust Rating System
    
    Uniform Interagency Trust Rating System
    
    Introduction
        The Uniform Interagency Trust Rating System (UITRS) was adopted on 
    September 21, 1978 by the Office of the Comptroller of the Currency 
    (OCC), the Federal Deposit Insurance Corporation (FDIC), and the Board 
    of Governors of the Federal Reserve System (FRB), and in 1988 by the 
    Federal Home Loan Bank Board, predecessor agency to the Office of 
    Thrift Supervision (OTS). Over the years, the UITRS has proven to be an 
    effective internal supervisory tool for evaluating the fiduciary 
    activities of financial institutions on a uniform basis and for 
    identifying those institutions requiring special attention.
        A number of changes have occurred in both the banking industry and 
    the Federal supervisory agencies' policies and procedures which 
    prompted a review and revision of the 1978 rating system. The revisions 
    to the UITRS:
         Realign the UITRS rating definitions to bring them in line 
    with the Uniform Financial Institutions Rating System (UFIRS).
         Reduce the component rating categories from six to five, 
    combining the Account Administration and Conflicts of Interest 
    components into a new Compliance component.
         Require Earnings to be rated only in institutions with 
    more than $100 million in total trust assets, and in all non-deposit 
    trust companies. An earnings rating is not required for the remaining 
    institutions (those institutions not required to file FFIEC 001 
    Schedule E); 2 however, each Federal supervisory agency has 
    the option of requiring the earnings of these institutions to be rated 
    using the alternate rating definitions where applicable.
    ---------------------------------------------------------------------------
    
        \2\ Schedule E is the Trust Income Statement of the FFIEC Annual 
    Report of Trust Assets (FFIEC 001). Schedule E is required to be 
    filed by each financial institution with total trust assets of more 
    than $100 million as reported on line 18, column F of Schedule A, 
    and by all non-deposit trust companies, whether or not they report 
    any assets on Schedule A.
    ---------------------------------------------------------------------------
    
         Explicitly refer to the quality of risk management 
    processes in the management component, and the identification of risk 
    elements within the composite and component rating definitions.
        These revisions are intended to promote and complement efficient 
    examination processes. The revisions update the rating system but 
    retain its basic framework. Consequently, the revised rating system 
    will not result in additional regulatory burden to institutions or 
    require additional policies or processes.
        The UITRS considers certain managerial, operational, financial and 
    compliance factors that are common to all institutions with fiduciary 
    activities. Under this system, the supervisory agencies endeavor to 
    ensure that all institutions with fiduciary activities are evaluated in 
    a comprehensive and uniform manner, and that supervisory attention is 
    appropriately focused on those institutions exhibiting weaknesses in 
    their fiduciary operations.
    Overview
        Under the UITRS, the fiduciary activities of financial institutions 
    are assigned a composite rating based on an evaluation and rating of 
    five essential components of an institution's fiduciary activities. 
    These components address the following: the capability of management; 
    the adequacy of operations, controls and audits; the quality and level 
    of earnings; compliance with governing instruments, applicable law 
    (including self-dealing and conflicts of interest laws and 
    regulations), and sound fiduciary principles; and the management of 
    fiduciary assets.
        Composite and component ratings are assigned based on a 1 to 5 
    numerical scale. A 1 is the highest rating and indicates the strongest 
    performance and risk management practices and the least degree of 
    supervisory concern. A 5 is the lowest rating and indicates the weakest 
    performance and risk management practices and, therefore, the highest 
    degree of supervisory concern. Evaluation of the composite and 
    components considers the size and sophistication, the nature and 
    complexity, and the risk profile of the institution's fiduciary 
    activities.
        The composite rating generally bears a close relationship to the 
    component ratings assigned. However, the composite rating is not 
    derived by computing an arithmetic average of the component ratings. 
    Each component rating is based on a qualitative analysis of the factors 
    comprising that component and its interrelationship with the other 
    components. When assigning a composite rating, some components may be 
    given more weight than others depending on the situation at the 
    institution. In general, assignment of a composite rating may 
    incorporate any factor that bears significantly on the overall 
    administration of the financial institution's fiduciary activities. 
    Assigned composite and component ratings are disclosed to the 
    institution's board of directors and senior management.
        The ability of management to respond to changing circumstances and 
    to address the risks that may arise from changing business conditions, 
    or the initiation of new fiduciary activities or products, is an 
    important factor in evaluating an institution's overall fiduciary risk 
    profile and the level of supervisory attention warranted. For this 
    reason, the management component is given special consideration when 
    assigning a composite rating.
        The ability of management to identify, measure, monitor, and 
    control the risks of its fiduciary operations is also taken into 
    account when assigning each component rating. It is recognized, 
    however, that appropriate management practices may vary considerably 
    among financial institutions, depending on the size, complexity and 
    risk profiles of their fiduciary activities. For less complex 
    institutions engaged solely in traditional fiduciary activities and 
    whose directors and senior managers are actively involved in the 
    oversight and management of day-to-day operations, relatively basic 
    management systems and controls may be adequate. On the other hand, at 
    more complex institutions, detailed and formal management systems and 
    controls are needed to address a broader range of activities and to 
    provide senior managers and directors with the information they need to 
    supervise day-to-day activities.
        All institutions are expected to properly manage their risks. For 
    less complex institutions engaging in less risky activities, detailed 
    or highly formalized management systems and controls are not required 
    to receive strong or satisfactory component or composite ratings.
        The following two sections contain the composite rating 
    definitions, and the descriptions and definitions for the five 
    component ratings.
    Composite Ratings
        Composite ratings are based on a careful evaluation of how an 
    institution conducts its fiduciary activities. The
    
    [[Page 54707]]
    
    review encompasses the capability of management, the soundness of 
    policies and practices, the quality of service rendered to the public, 
    and the effect of fiduciary activities upon the soundness of the 
    institution. The five key components used to assess an institution's 
    fiduciary activities are: the capability of management; the adequacy of 
    operations, controls and audits; the quality and level of earnings; 
    compliance with governing instruments, applicable law (including self-
    dealing and conflicts of interest laws and regulations), and sound 
    fiduciary principles; and the management of fiduciary assets. The 
    composite ratings are defined as follows:
        Composite 1. Administration of fiduciary activities is sound in 
    every respect. Generally all components are rated 1 or 2. Any 
    weaknesses are minor and can be handled in a routine manner by 
    management. The institution is in substantial compliance with fiduciary 
    laws and regulations. Risk management practices are strong relative to 
    the size, complexity, and risk profile of the institution's fiduciary 
    activities. Fiduciary activities are conducted in accordance with sound 
    fiduciary principles and give no cause for supervisory concern.
        Composite 2. Administration of fiduciary activities is 
    fundamentally sound. Generally no component rating should be more 
    severe than 3. Only moderate weaknesses are present and are well within 
    management's capabilities and willingness to correct. Fiduciary 
    activities are conducted in substantial compliance with laws and 
    regulations. Overall risk management practices are satisfactory 
    relative to the institution's size, complexity, and risk profile. There 
    are no material supervisory concerns and, as a result, the supervisory 
    response is informal and limited.
        Composite 3. Administration of fiduciary activities exhibits some 
    degree of supervisory concern in one or more of the component areas. A 
    combination of weaknesses exists that may range from moderate to 
    severe; however, the magnitude of the deficiencies generally does not 
    cause a component to be rated more severely than 4. Management may lack 
    the ability or willingness to effectively address weaknesses within 
    appropriate time frames. Additionally, fiduciary activities may reveal 
    some significant noncompliance with laws and regulations. Risk 
    management practices may be less than satisfactory relative to the 
    institution's size, complexity, and risk profile. While problems of 
    relative significance may exist, they are not of such importance as to 
    pose a threat to the trust beneficiaries generally, or to the soundness 
    of the institution. The institution's fiduciary activities require more 
    than normal supervision and may include formal or informal enforcement 
    actions.
        Composite 4. Fiduciary activities generally exhibit unsafe and 
    unsound practices or conditions, resulting in unsatisfactory 
    performance. The problems range from severe to critically deficient and 
    may be centered around inexperienced or inattentive management, weak or 
    dangerous operating practices, or an accumulation of unsatisfactory 
    features of lesser importance. The weaknesses and problems are not 
    being satisfactorily addressed or resolved by the board of directors 
    and management. There may be significant noncompliance with laws and 
    regulations. Risk management practices are generally unacceptable 
    relative to the size, complexity, and risk profile of fiduciary 
    activities. These problems pose a threat to the account beneficiaries 
    generally and, if left unchecked, could evolve into conditions that 
    could cause significant losses to the institution and ultimately 
    undermine the public confidence in the institution. Close supervisory 
    attention is required, which means, in most cases, formal enforcement 
    action is necessary to address the problems.
        Composite 5. Fiduciary activities are conducted in an extremely 
    unsafe and unsound manner. Administration of fiduciary activities is 
    critically deficient in numerous major respects, with problems 
    resulting from incompetent or neglectful administration, flagrant and/
    or repeated disregard for laws and regulations, or a willful departure 
    from sound fiduciary principles and practices. The volume and severity 
    of problems are beyond management's ability or willingness to control 
    or correct. Such conditions evidence a flagrant disregard for the 
    interests of the beneficiaries and may pose a serious threat to the 
    soundness of the institution. Continuous close supervisory attention is 
    warranted and may include termination of the institution's fiduciary 
    activities.
    Component Ratings
        Each of the component rating descriptions is divided into three 
    sections: a narrative description of the component; a list of the 
    principal factors used to evaluate that component; and a description of 
    each numerical rating for that component. Some of the evaluation 
    factors are reiterated under one or more of the other components to 
    reinforce the interrelationship among components. The listing of 
    evaluation factors is in no particular order of importance.
        Management. This rating reflects the capability of the board of 
    directors and management, in their respective roles, to identify, 
    measure, monitor and control the risks of an institution's fiduciary 
    activities. It also reflects their ability to ensure that the 
    institution's fiduciary activities are conducted in a safe and sound 
    manner, and in compliance with applicable laws and regulations. 
    Directors should provide clear guidance regarding acceptable risk 
    exposure levels and ensure that appropriate policies, procedures and 
    practices are established and followed. Senior fiduciary management is 
    responsible for developing and implementing policies, procedures and 
    practices that translate the board's objectives and risk limits into 
    prudent operating standards.
        Depending on the nature and scope of an institution's fiduciary 
    activities, management practices may need to address some or all of the 
    following risks: reputation, operating or transaction, strategic, 
    compliance, legal, credit, market, liquidity and other risks. Sound 
    management practices are demonstrated by: active oversight by the board 
    of directors and management; competent personnel; adequate policies, 
    processes, and controls that consider the size and complexity of the 
    institution's fiduciary activities; and effective risk monitoring and 
    management information systems. This rating should reflect the board's 
    and management's ability as it applies to all aspects of fiduciary 
    activities in which the institution is involved.
        The management rating is based upon an assessment of the capability 
    and performance of management and the board of directors, including, 
    but not limited to, the following evaluation factors:
    
         The level and quality of oversight and support of 
    fiduciary activities by the board of directors and management, 
    including committee structure and adequate documentation of 
    committee actions.
         The ability of the board of directors and management, 
    in their respective roles, to plan for, and respond to, risks that 
    may arise from changing business conditions or the introduction of 
    new activities or products.
         The adequacy of, and conformance with, appropriate 
    internal policies, practices and controls addressing the operations 
    and risks of significant fiduciary activities.
         The accuracy, timeliness, and effectiveness of 
    management information and risk monitoring systems appropriate for 
    the institution's size, complexity, and fiduciary risk profile.
         The overall level of compliance with laws, regulations, 
    and sound fiduciary principles.
    
    [[Page 54708]]
    
         Responsiveness to recommendations from auditors and 
    regulatory authorities.
         Strategic planning for fiduciary products and services.
         The level of experience and competence of fiduciary 
    management and staff, including issues relating to turnover and 
    succession planning.
         The adequacy of insurance coverage.
         The availability of competent legal counsel.
         The extent and nature of pending litigation associated 
    with fiduciary activities, and its potential impact on earnings, 
    capital, and the institution's reputation.
         The process for identifying and responding to fiduciary 
    customer complaints.
    
        Ratings. A rating of 1 indicates strong performance by management 
    and the board of directors and strong risk management practices 
    relative to the size, complexity and risk profile of the institution's 
    fiduciary activities. All significant risks are consistently and 
    effectively identified, measured, monitored, and controlled. Management 
    and the board are proactive, and have demonstrated the ability to 
    promptly and successfully address existing and potential problems and 
    risks.
        A rating of 2 indicates satisfactory management and board 
    performance and risk management practices relative to the size, 
    complexity and risk profile of the institution's fiduciary activities. 
    Moderate weaknesses may exist, but are not material to the sound 
    administration of fiduciary activities, and are being addressed. In 
    general, significant risks and problems are effectively identified, 
    measured, monitored, and controlled.
        A rating of 3 indicates management and board performance that needs 
    improvement or risk management practices that are less than 
    satisfactory given the nature of the institution's fiduciary 
    activities. The capabilities of management or the board of directors 
    may be insufficient for the size, complexity, and risk profile of the 
    institution's fiduciary activities. Problems and significant risks may 
    be inadequately identified, measured, monitored, or controlled.
        A rating of 4 indicates deficient management and board performance 
    or risk management practices that are inadequate considering the size, 
    complexity, and risk profile of the institution's fiduciary activities. 
    The level of problems and risk exposure is excessive. Problems and 
    significant risks are inadequately identified, measured, monitored, or 
    controlled and require immediate action by the board and management to 
    protect the assets of account beneficiaries and to prevent erosion of 
    public confidence in the institution. Replacing or strengthening 
    management or the board may be necessary.
        A rating of 5 indicates critically deficient management and board 
    performance or risk management practices. Management and the board of 
    directors have not demonstrated the ability to correct problems and 
    implement appropriate risk management practices. Problems and 
    significant risks are inadequately identified, measured, monitored, or 
    controlled and now threaten the continued viability of the institution 
    or its administration of fiduciary activities, and pose a threat to the 
    safety of the assets of account beneficiaries. Replacing or 
    strengthening management or the board of directors is necessary.
        Operations, Internal Controls & Auditing. This rating reflects the 
    adequacy of the institution's fiduciary operating systems and internal 
    controls in relation to the volume and character of business conducted. 
    Audit coverage must assure the integrity of the financial records, the 
    sufficiency of internal controls, and the adequacy of the compliance 
    process.
        The institution's fiduciary operating systems, internal controls, 
    and audit function subject it primarily to transaction and compliance 
    risk. Other risks including reputation, strategic, and financial risk 
    may also be present. The ability of management to identify, measure, 
    monitor and control these risks is reflected in this rating.
        The operations, internal controls and auditing rating is based 
    upon, but not limited to, an assessment of the following evaluation 
    factors:
        Operations and Internal Controls, including the adequacy of:
    
         Staff, facilities and operating systems;
         Records, accounting and data processing systems 
    (including controls over systems access and such accounting 
    procedures as aging, investigation and disposition of items in 
    suspense accounts);
         Trading functions and securities lending activities;
         Vault controls and securities movement;
         Segregation of duties;
         Controls over disbursements (checks or electronic) and 
    unissued securities;
         Controls over income processing activities;
         Reconciliation processes (depository, cash, vault, sub-
    custodians, suspense accounts, etc.);
         Disaster and/or business recovery programs;
         Hold-mail procedures and controls over returned mail; 
    and,
         Investigation and proper escheatment of funds in 
    dormant accounts.
    
        Auditing, including:
    
         The independence, frequency, quality and scope of the 
    internal and external fiduciary audit function relative to the 
    volume, character and risk profile of the institution's fiduciary 
    activities;
         The volume and/or severity of internal control and 
    audit exceptions and the extent to which these issues are tracked 
    and resolved; and
         The experience and competence of the audit staff.
    
        Ratings. A rating of 1 indicates that operations, internal 
    controls, and auditing are strong in relation to the volume and 
    character of the institution's fiduciary activities. All significant 
    risks are consistently and effectively identified, measured, monitored, 
    and controlled.
        A rating of 2 indicates that operations, internal controls and 
    auditing are satisfactory in relation to the volume and character of 
    the institution's fiduciary activities. Moderate weaknesses may exist, 
    but are not material. Significant risks, in general, are effectively 
    identified, measured, monitored, and controlled.
        A rating of 3 indicates that operations, internal controls or 
    auditing need improvement in relation to the volume and character of 
    the institution's fiduciary activities. One or more of these areas are 
    less than satisfactory. Problems and significant risks may be 
    inadequately identified, measured, monitored, or controlled.
        A rating of 4 indicates deficient operations, internal controls or 
    audits. One or more of these areas are inadequate or the level of 
    problems and risk exposure is excessive in relation to the volume and 
    character of the institution's fiduciary activities. Problems and 
    significant risks are inadequately identified, measured, monitored, or 
    controlled and require immediate action. Institutions with this level 
    of deficiencies may make little provision for audits, or may evidence 
    weak or potentially dangerous operating practices in combination with 
    infrequent or inadequate audits.
        A rating of 5 indicates critically deficient operations, internal 
    controls or audits. Operating practices, with or without audits, pose a 
    serious threat to the safety of assets of fiduciary accounts. Problems 
    and significant risks are inadequately identified, measured, monitored, 
    or controlled and now threaten the ability of the institution to 
    continue engaging in fiduciary activities.
        Earnings. This rating reflects the profitability of an 
    institution's fiduciary activities and its effect on the financial 
    condition of the institution. The use and adequacy of budgets and 
    earnings projections by functions, product lines and clients are 
    reviewed and evaluated.
    
    [[Page 54709]]
    
    Risk exposure that may lead to negative earnings is also evaluated.
        An evaluation of earnings is required for all institutions with 
    fiduciary activities. An assignment of an earnings rating, however, is 
    required only for institutions that, at the time of the examination, 
    have total trust assets of more than $100 million, or are a non-deposit 
    trust company (those institutions that would be required to file 
    Schedule E of FFIEC 001).
        For institutions where the assignment of an Earnings rating is not 
    required by the UITRS, the Federal supervisory agency has the option to 
    assign an earnings rating using an alternate set of ratings. A rating 
    will be assigned in accordance with implementing guidelines adopted by 
    the supervisory agency. The definitions for the alternate ratings are 
    included in the revised UITRS and may be found in the section 
    immediately following the definitions for the required ratings.
        The evaluation of earnings is based upon, but not limited to, an 
    assessment of the following factors:
    
         The profitability of fiduciary activities in relation 
    to the size and scope of those activities and to the overall 
    business of the institution.
         The overall importance to the institution of offering 
    fiduciary services to its customers and local community.
         The effectiveness of the institution's procedures for 
    monitoring fiduciary activity income and expense relative to the 
    size and scope of these activities and their relative importance to 
    the institution, including the frequency and scope of profitability 
    reviews and planning by the institution's board of directors or a 
    committee thereof.
    
        For those institutions for which a rating of earnings is mandatory, 
    additional factors should include the following:
    
         The level and consistency of profitability, or the lack 
    thereof, generated by the institution's fiduciary activities in 
    relation to the volume and character of the institution's business.
         Dependence upon non-recurring fees and commissions, 
    such as fees for court accounts.
         The effects of charge-offs or compromise actions.
         Unusual features regarding the composition of business 
    and fee schedules.
         Accounting practices that contain practices such as (1) 
    unusual methods of allocating direct and indirect expenses and 
    overhead, or (2) unusual methods of allocating fiduciary income and 
    expense where two or more fiduciary institutions within the same 
    holding company family share fiduciary services and/or processing 
    functions.
         The extent of management's use of budgets, projections 
    and other cost analysis procedures.
         Methods used for directors' approval of financial 
    budgets and/or projections.
         Management's attitude toward growth and new business 
    development.
         New business development efforts, including types of 
    business solicited, market potential, advertising, competition, 
    relationships with local organizations, and an evaluation by 
    management of risk potential inherent in new business areas.
    
        Ratings. A rating of 1 indicates strong earnings. The institution 
    consistently earns a rate of return on its fiduciary activities that is 
    commensurate with the risk of those activities. This rating would 
    normally be supported by a history of consistent profitability over 
    time and a judgement that future earnings prospects are favorable. In 
    addition, management techniques for evaluating and monitoring earnings 
    performance are fully adequate and there is appropriate oversight by 
    the institution's board of directors or a committee thereof. Management 
    makes effective use of budgets and cost analysis procedures. Methods 
    used for reporting earnings information to the board of directors, or a 
    committee thereof, are comprehensive.
        A rating of 2 indicates satisfactory earnings. Although the 
    earnings record may exhibit some weaknesses, earnings performance does 
    not pose a risk to the overall institution nor to its ability to meet 
    its fiduciary obligations. Generally, fiduciary earnings meet 
    management targets and appear to be at least sustainable. Management 
    processes for evaluating and monitoring earnings are generally 
    sufficient in relationship to the size and risk of fiduciary activities 
    that exist, and any deficiencies can be addressed in the normal course 
    of business. A rating of 2 may also be assigned to institutions with a 
    history of profitable operations if there are indications that 
    management is engaging in activities with which it is not familiar, or 
    where there may be inordinately high levels of risk present that have 
    not been adequately evaluated. Alternatively, an institution with 
    otherwise strong earnings performance may also be assigned a 2 rating 
    if there are significant deficiencies in its methods used to monitor 
    and evaluate earnings.
        A rating of 3 indicates less than satisfactory earnings. Earnings 
    are not commensurate with the risk associated with the fiduciary 
    activities undertaken. Earnings may be erratic or exhibit downward 
    trends, and future prospects are unfavorable. This rating may also be 
    assigned if management processes for evaluating and monitoring earnings 
    exhibit serious deficiencies, provided the deficiencies identified do 
    not pose an immediate danger to either the overall financial condition 
    of the institution or its ability to meet its fiduciary obligations.
        A rating of 4 indicates earnings that are seriously deficient. 
    Fiduciary activities have a significant adverse effect on the overall 
    income of the institution and its ability to generate adequate capital 
    to support the continued operation of its fiduciary activities. The 
    institution is characterized by fiduciary earnings performance that is 
    poor historically, or faces the prospect of significant losses in the 
    future. Management processes for monitoring and evaluating earnings may 
    be poor. The board of directors has not adopted appropriate measures to 
    address significant deficiencies.
        A rating of 5 indicates critically deficient earnings. In general, 
    an institution with this rating is experiencing losses from fiduciary 
    activities that have a significant negative impact on the overall 
    institution, representing a distinct threat to its viability through 
    the erosion of its capital. The board of directors has not implemented 
    effective actions to address the situation.
        Alternate Rating of Earnings. Alternate ratings are assigned based 
    on the level of implementation of four minimum standards by the board 
    of directors and management.
        These standards are:
    
         Standard No. 1--The institution has reasonable methods 
    for measuring income and expense commensurate with the volume and 
    nature of the fiduciary services offered.
         Standard No. 2--The level of profitability is reported 
    to the board of directors, or a committee thereof, at least 
    annually.
         Standard No. 3--The board of directors periodically 
    determines that the continued offering of fiduciary services 
    provides an essential service to the institution's customers or to 
    the local community.
         Standard No. 4--The board of directors, or a committee 
    thereof, reviews the justification for the institution to continue 
    to offer fiduciary services even if the institution does not earn 
    sufficient income to cover the expenses of providing those services.
    
        Ratings. A rating of 1 may be assigned where an institution has 
    implemented all four minimum standards. If fiduciary earnings are 
    lacking, management views this as a cost of doing business as a full 
    service institution and believes that the negative effects of not 
    offering fiduciary services are more significant than the expense of 
    administrating those services.
        A rating of 2 may be assigned where an institution has implemented, 
    at a minimum, at least three of the four standards. This rating may be 
    assigned if the institution is not generating positive earnings or 
    where formal
    
    [[Page 54710]]
    
    earnings information may not be available.
        A rating of 3 may be assigned if the institution has implemented at 
    least two of the four standards. While management may have attempted to 
    identify and quantify other revenue to be earned by offering fiduciary 
    services, it has decided that these services should be offered as a 
    service to customers, even if they cannot be operated profitably.
        A rating of 4 may be assigned if the institution has implemented 
    only one of the four standards. Management has undertaken little or no 
    effort to identify or quantify the collateral advantages, if any, to 
    the institution from offering fiduciary services.
        A rating of 5 may be assigned if the institution has implemented 
    none of the standards.
        Compliance. This rating reflects an institution's overall 
    compliance with applicable laws, regulations, accepted standards of 
    fiduciary conduct, governing account instruments, duties associated 
    with account administration, and internally established policies and 
    procedures. This component specifically incorporates an assessment of a 
    fiduciary's duty of undivided loyalty and compliance with applicable 
    laws, regulations, and accepted standards of fiduciary conduct related 
    to self-dealing and other conflicts of interest.
        The compliance component includes reviewing and evaluating the 
    adequacy and soundness of adopted policies, procedures, and practices 
    generally, and as they relate to specific transactions and accounts. It 
    also includes reviewing policies, procedures, and practices to evaluate 
    the sensitivity of management and the board of directors to refrain 
    from self-dealing, minimize potential conflicts of interest, and 
    resolve actual conflict situations in favor of the fiduciary account 
    beneficiaries.
        Risks associated with account administration are potentially 
    unlimited because each account is a separate contractual relationship 
    that contains specific obligations. Risks associated with account 
    administration include: failure to comply with applicable laws, 
    regulations or terms of the governing instrument; inadequate account 
    administration practices; and inexperienced management or inadequately 
    trained staff. Risks associated with a fiduciary's duty of undivided 
    loyalty generally stem from engaging in self-dealing or other conflict 
    of interest transactions. An institution may be exposed to compliance, 
    strategic, financial and reputation risk related to account 
    administration and conflicts of interest activities. The ability of 
    management to identify, measure, monitor and control these risks is 
    reflected in this rating. Policies, procedures and practices pertaining 
    to account administration and conflicts of interest are evaluated in 
    light of the size and character of an institution's fiduciary business.
        The compliance rating is based upon, but not limited to, an 
    assessment of the following evaluation factors:
    
         Compliance with applicable federal and state statutes 
    and regulations, including, but not limited to, federal and state 
    fiduciary laws, the Employee Retirement Income Security Act of 1974, 
    federal and state securities laws, state investment standards, state 
    principal and income acts, and state probate codes;
         Compliance with the terms of governing instruments;
         The adequacy of overall policies, practices, and 
    procedures governing compliance, considering the size, complexity, 
    and risk profile of the institution's fiduciary activities;
         The adequacy of policies and procedures addressing 
    account administration;
         The adequacy of policies and procedures addressing 
    conflicts of interest, including those designed to prevent the 
    improper use of ``material inside information'';
         The effectiveness of systems and controls in place to 
    identify actual and potential conflicts of interest;
         The adequacy of securities trading policies and 
    practices relating to the allocation of brokerage business, the 
    payment of services with ``soft dollars'' and the combining, 
    crossing, and timing of trades;
         The extent and permissibility of transactions with 
    related parties, including, but not limited to, the volume of 
    related commercial and fiduciary relationships and holdings of 
    corporations in which directors, officers, or employees of the 
    institution may be interested;
         The decision making process used to accept, review, and 
    terminate accounts; and,
         The decision making process related to account 
    administration duties, including cash balances, overdrafts, and 
    discretionary distributions.
    
        Ratings. A rating of 1 indicates strong compliance policies, 
    procedures and practices. Policies and procedures covering conflicts of 
    interest and account administration are appropriate in relation to the 
    size and complexity of the institution's fiduciary activities. Accounts 
    are administered in accordance with governing instruments, applicable 
    laws and regulations, sound fiduciary principles, and internal policies 
    and procedures. Any violations are isolated, technical in nature and 
    easily correctable. All significant risks are consistently and 
    effectively identified, measured, monitored and controlled.
        A rating of 2 indicates fundamentally sound compliance policies, 
    procedures and practices in relation to the size and complexity of the 
    institution's fiduciary activities. Account administration may be 
    flawed by moderate weaknesses in policies, procedures or practices. 
    Management's practices indicate a determination to minimize the 
    instances of conflicts of interest. Fiduciary activities are conducted 
    in substantial compliance with laws and regulations, and any violations 
    are generally technical in nature. Management corrects violations in a 
    timely manner and without loss to fiduciary accounts. Significant risks 
    are effectively identified, measured, monitored, and controlled.
        A rating of 3 indicates compliance practices that are less than 
    satisfactory in relation to the size and complexity of the 
    institution's fiduciary activities. Policies, procedures and controls 
    have not proven effective and require strengthening. Fiduciary 
    activities may be in substantial noncompliance with laws, regulations 
    or governing instruments, but losses are no worse than minimal. While 
    management may have the ability to achieve compliance, the number of 
    violations that exist, or the failure to correct prior violations, are 
    indications that management has not devoted sufficient time and 
    attention to its compliance responsibilities. Risk management practices 
    generally need improvement.
        A rating of 4 indicates an institution with deficient compliance 
    practices in relation to the size and complexity of its fiduciary 
    activities. Account administration is notably deficient. The 
    institution makes little or no effort to minimize potential conflicts 
    or refrain from self-dealing, and is confronted with a considerable 
    number of potential or actual conflicts. Numerous substantive and 
    technical violations of laws and regulations exist and many may remain 
    uncorrected from previous examinations. Management has not exerted 
    sufficient effort to effect compliance and may lack the ability to 
    effectively administer fiduciary activities. The level of compliance 
    problems is significant and, if left unchecked, may subject the 
    institution to monetary losses or reputation risk. Risks are 
    inadequately identified, measured, monitored and controlled.
        A rating of 5 indicates critically deficient compliance practices. 
    Account administration is critically deficient or incompetent and there 
    is a flagrant disregard for the terms of the governing instruments and 
    interests of account beneficiaries. The institution frequently engages 
    in transactions that compromise
    
    [[Page 54711]]
    
    its fundamental duty of undivided loyalty to account beneficiaries. 
    There are flagrant or repeated violations of laws and regulations and 
    significant departures from sound fiduciary principles. Management is 
    unwilling or unable to operate within the scope of laws and regulations 
    or within the terms of governing instruments and efforts to obtain 
    voluntary compliance have been unsuccessful. The severity of 
    noncompliance presents an imminent monetary threat to account 
    beneficiaries and creates significant legal and financial exposure to 
    the institution. Problems and significant risks are inadequately 
    identified, measured, monitored, or controlled and now threaten the 
    ability of management to continue engaging in fiduciary activities.
        Asset Management. This rating reflects the risks associated with 
    managing the assets (including cash) of others. Prudent portfolio 
    management is based on an assessment of the needs and objectives of 
    each account or portfolio. An evaluation of asset management should 
    consider the adequacy of processes related to the investment of all 
    discretionary accounts and portfolios, including collective investment 
    funds, proprietary mutual funds, and investment advisory arrangements.
        The institution's asset management activities subject it to 
    reputation, compliance and strategic risks. In addition, each 
    individual account or portfolio managed by the institution is subject 
    to financial risks such as market, credit, liquidity, and interest rate 
    risk, as well as transaction and compliance risk. The ability of 
    management to identify, measure, monitor and control these risks is 
    reflected in this rating.
        The asset management rating is based upon, but not limited to, an 
    assessment of the following evaluation factors:
    
         The adequacy of overall policies, practices and 
    procedures governing asset management, considering the size, 
    complexity and risk profile of the institution's fiduciary 
    activities.
         The decision making processes used for selection, 
    retention and preservation of discretionary assets including 
    adequacy of documentation, committee review and approval, and a 
    system to review and approve exceptions.
         The use of quantitative tools to measure the various 
    financial risks in investment accounts and portfolios.
         The existence of policies and procedures addressing the 
    use of derivatives or other complex investment products.
         The adequacy of procedures related to the purchase or 
    retention of miscellaneous assets including real estate, notes, 
    closely held companies, limited partnerships, mineral interests, 
    insurance and other unique assets.
         The extent and adequacy of periodic reviews of 
    investment performance, taking into consideration the needs and 
    objectives of each account or portfolio.
         The monitoring of changes in the composition of 
    fiduciary assets for trends and related risk exposure.
         The quality of investment research used in the 
    decision-making process and documentation of the research.
         The due diligence process for evaluating investment 
    advice received from vendors and/or brokers (including approved or 
    focus lists of securities).
         The due diligence process for reviewing and approving 
    brokers and/or counter parties used by the institution.
    
        This rating may not be applicable for some institutions because 
    their operations do not include activities involving the management of 
    any discretionary assets. Functions of this type would include, but not 
    necessarily be limited to, directed agency relationships, securities 
    clearing, non-fiduciary custody relationships, transfer agent and 
    registrar activities. In institutions of this type, the rating for 
    Asset Management may be omitted by the examiner in accordance with the 
    examining agency's implementing guidelines. However, this component 
    should be assigned when the institution provides investment advice, 
    even though it does not have discretion over the account assets. An 
    example of this type of activity would be where the institution selects 
    or recommends the menu of mutual funds offered to participant directed 
    401(k) plans.
        Ratings. A rating of 1 indicates strong asset management practices. 
    Identified weaknesses are minor in nature. Risk exposure is modest in 
    relation to management's abilities and the size and complexity of the 
    assets managed.
        A rating of 2 indicates satisfactory asset management practices. 
    Moderate weaknesses are present and are well within management's 
    ability and willingness to correct. Risk exposure is commensurate with 
    management's abilities and the size and complexity of the assets 
    managed. Supervisory response is limited.
        A rating of 3 indicates that asset management practices are less 
    than satisfactory in relation to the size and complexity of the assets 
    managed. Weaknesses may range from moderate to severe; however, they 
    are not of such significance as to generally pose a threat to the 
    interests of account beneficiaries. Asset management and risk 
    management practices generally need to be improved. An elevated level 
    of supervision is normally required.
        A rating of 4 indicates deficient asset management practices in 
    relation to the size and complexity of the assets managed. The levels 
    of risk are significant and inadequately controlled. The problems pose 
    a threat to account beneficiaries generally, and if left unchecked, may 
    subject the institution to losses and could undermine the reputation of 
    the institution.
        A rating of 5 represents critically deficient asset management 
    practices and a flagrant disregard of fiduciary duties. These practices 
    jeopardize the interests of account beneficiaries, subject the 
    institution to losses, and may pose a threat to the soundness of the 
    institution.
    
        Dated: October 7, 1998
    Keith J. Todd,
    Executive Secretary, Federal Financial Institutions Examination 
    Council.
    [FR Doc. 98-27328 Filed 10-9-98; 8:45 am]
    BILLING CODE 6210-01-P 25%, 6720-01-P 25%, 6714-01-P 25%, 4810-33-P 25%
    
    
    

Document Information

Effective Date:
10/13/1998
Published:
10/13/1998
Department:
Federal Financial Institutions Examination Council
Entry Type:
Notice
Action:
Notice.
Document Number:
98-27328
Dates:
Effective October 13, 1998.
Pages:
54704-54711 (8 pages)
PDF File:
98-27328.pdf