2016-28396. Recordkeeping for Timely Deposit Insurance Determination  

  • Start Preamble Start Printed Page 87734

    AGENCY:

    Federal Deposit Insurance Corporation (FDIC).

    ACTION:

    Final rule.

    SUMMARY:

    The FDIC is adopting a final rule to facilitate prompt payment of FDIC-insured deposits when large insured depository institutions fail. The final rule requires each insured depository institution that has two million or more deposit accounts to (1) configure its information technology system to be capable of calculating the insured and uninsured amount in each deposit account by ownership right and capacity, which would be used by the FDIC to make deposit insurance determinations in the event of the institution's failure, and (2) maintain complete and accurate information needed by the FDIC to determine deposit insurance coverage with respect to each deposit account, except as otherwise provided.

    DATES:

    Effective April 1, 2017.

    Start Further Info

    FOR FURTHER INFORMATION CONTACT:

    Marc Steckel, Deputy Director, Division of Resolutions and Receiverships, 571-858-8224; Teresa J. Franks, Associate Director, Division of Resolutions and Receiverships, 571-858-8226; Shane Kiernan, Counsel, Legal Division, 703-562-2632; Karen L. Main, Counsel, Legal Division, 703-562-2079.

    End Further Info End Preamble Start Supplemental Information

    SUPPLEMENTARY INFORMATION:

    I. Policy Objectives

    With this final rule (“final rule”), the FDIC adopts regulatory requirements that will facilitate the FDIC's prompt payment of deposit insurance after the failure of insured depository institutions (“IDIs”) with two million or more deposit accounts. These institutions are typically large and complex. By law, the FDIC must pay deposit insurance “as soon as possible” after an IDI fails while also resolving the IDI in the manner least costly to the Deposit Insurance Fund (“DIF”).[1] The FDIC believes that prompt payment of deposit insurance is essential to the FDIC's mission for several reasons. First, prompt payment of deposit insurance maintains public confidence in the FDIC, the banking system and overall financial stability. Second, facilitating prompt access to insured funds for depositors enables them to meet their financial needs and obligations. A delay in the payment of deposit insurance—especially in the case of the failure of one of the largest IDIs—could harm the entire financial system and national economy. For example, the failure of such a large IDI could cause disruptions to check clearing processes, direct debit arrangements, or other payment system functions. Third, prompt payment can help to avoid a reduction in franchise value by expanding options for resolution thereby decreasing potential losses to the DIF. Fourth, the final rule seeks to promote long term stability in the banking system by reducing moral hazard.

    The final rule is expected to significantly reduce the difficulties the FDIC would face in making prompt deposit insurance determinations at the largest IDIs. While the FDIC is authorized to rely upon the deposit account records of a failed IDI to determine deposit insurance coverage, the institution's records can be voluminous and inconsistent. Moreover, they may be incomplete for deposit insurance purposes. Consolidation of the banking industry has resulted in larger institutions that have more complex information technology systems (“IT systems”) and data management challenges. The final rule generally requires IDIs with two million or more deposit accounts (“covered institutions”) to maintain complete and accurate depositor information and to configure their IT systems in a manner that permits the FDIC to calculate deposit insurance coverage promptly in the event of failure.

    The final rule will facilitate consideration of the full range of resolution options that can be invoked by the FDIC to resolve a covered institution in a manner that satisfies the least-cost resolution requirement. These resolution methods include: Purchase-and-assumption transactions; establishment of bridge depository institutions; and payout and liquidation, in which the FDIC pays depositors the insured amount of their deposits and liquidates the failed IDI's assets to pay remaining claims. Expanding the range of resolution options and including those that impose losses on uninsured depositors can also improve market discipline.

    In order to resolve a bank under the least-cost requirement, the FDIC must be able to estimate the cost to the DIF of each possible resolution type. As part of this estimate, the FDIC must be able to rapidly identify insured versus uninsured deposits. Insufficient information about a bank's insured deposits and the difficulties posed in identifying relationships between deposit accounts at the time of closing, due in part to the large volume of deposit accounts managed by the institution, may impede the FDIC's ability to meet the least-cost requirement or to ensure timely access to insured funds.

    Covered institutions often use multiple deposit systems, which complicates deposit insurance determinations. Depending on the structure of the deposit systems, data aggregation and account identification may be burdensome, inefficient, and time-consuming, all adding to the cost of resolution. For certain types of deposit accounts, depositors need daily access to funds, so prompt payment is essential to providing confidence and maintaining financial stability. While challenges resulting from incomplete information are present when any bank fails, obtaining the necessary information could significantly delay the availability of funds when information is incomplete for a large number of accounts. Such delays could lead to a decrease in public confidence in the FDIC's deposit insurance program. Ensuring the swift availability of funds for millions of depositors at a large institution promotes financial stability by increasing confidence in deposit insurance and availability of funds.

    Another of the final rule's policy objectives is that depositors at both large and small failed banks receive the same prompt access to their deposits with full recognition of and respect for the deposit insurance limits, which should reduce potential disparities that might undermine market discipline or create unintended competitive advantages in the deposit market. Confidence in the ability of the FDIC to promptly determine insured amounts and provide access to insured deposits should help uninsured depositors realize that they may face losses in a large bank failure. This realization should mitigate moral hazard and help to curtail excessive risk taking on the part of the largest banks.

    II. Background

    A. Legal Authority

    The FDIC is authorized to prescribe rules and regulations as it may deem necessary to carry out the provisions of the Federal Deposit Insurance Act (“FDI Act”).[2] Under the FDI Act, the FDIC is responsible for paying deposit insurance “as soon as possible” following the Start Printed Page 87735failure of an IDI.[3] It must also implement the resolution of a failed IDI at the least cost to the DIF.[4] To pay deposit insurance, the FDIC uses a failed IDI's records to aggregate the amounts of all deposits that are maintained by a depositor in the same right and capacity and then applies the standard maximum deposit insurance amount (“SMDIA”) of $250,000.[5] As authorized by law, the FDIC generally relies on the failed institution's deposit account records to identify deposit owners and the right and capacity in which deposits are maintained.[6] The FDIC has a right and a duty under section 7(a)(9) of the FDI Act to take action as necessary to ensure that each IDI maintains, and the FDIC receives on a regular basis from such IDI, information on the total amount of all insured deposits, preferred deposits, and uninsured deposits at the institution.[7] Requiring covered institutions to maintain complete and accurate records regarding the ownership and insurability of deposits and to have an IT system that can be used to calculate deposit insurance coverage in the event of failure will facilitate the FDIC's prompt payment of deposit insurance and enhance the ability to implement the least costly resolution of these institutions.

    B. Current Regulatory Approach

    Although the statutory requirement that the FDIC pay insurance “as soon as possible” does not specify a time period for paying insured depositors, the FDIC strives to pay depositors promptly in the event of an IDI's failure. Indeed, the FDIC strives to make most insured deposits available to depositors by the next business day after a bank fails. For the reasons set forth earlier, the FDIC believes that prompt payment of deposit insurance is essential.

    The FDIC took an initial step toward ensuring that prompt deposit insurance determinations could be made at large IDIs through the issuance of § 360.9 of the FDIC's regulations.[8] Section 360.9 applies to IDIs with at least $2 billion in domestic deposits and at least 250,000 deposit accounts or $20 billion in total assets.[9] Currently, there are 155 IDIs that meet those criteria. Section 360.9 requires these institutions to be able to provide the FDIC with standard deposit account information that can be used in the event of the institution's failure. The appendices to 12 CFR part 360 prescribe the form and content of the data files that those institutions must provide to the FDIC. Section 360.9 also requires these institutions to maintain the technological capability to automatically place (and later release) provisional holds on deposit accounts if an insurance determination could not be made by the FDIC by the next business day after failure. Additionally, large volumes of deposit account data must be transferred from the IDI to the FDIC pursuant to § 360.9, which could cause further delay.

    While § 360.9 would assist the FDIC in fulfilling its legal mandates regarding the resolution of a failed institution that is subject to that rule, the FDIC believes that if the largest of depository institutions were to fail with little prior warning, additional measures would be needed to ensure the prompt and accurate payment of deposit insurance to all depositors.

    C. Need for Further Rulemaking

    The FDIC is authorized to rely upon the deposit account records of a failed IDI to determine the amount of deposit insurance available on each account. However, in the FDIC's experience, it is not unusual for a failed bank's records to be ambiguous or incomplete. For example, an account may be titled as a joint account but may not qualify to be insured as a joint account because signature cards are missing or have not been signed by all joint account holders. A further complication is that bank records on trust accounts are often in paper form or electronically scanned images that require a time-consuming manual review.

    In addition to problems with ambiguity or incompleteness of an institution's records, it is also possible that an institution simply is not required to maintain record of the beneficial owners of deposits with respect to certain types of deposit accounts under the existing regulatory framework. For example, under part 330, a deposit may be insured even if record of beneficial ownership is maintained outside of the IDI by an agent or third party that has been designated to maintain such record.

    Under each of these circumstances, in order to ensure the accurate payment of deposit insurance without imposing risk of overpayment by the DIF, the FDIC would need to delay the payment of deposit insurance while it manually reviews files and obtains additional information. Such delays in the insurance determination process could increase the likelihood of disruptions to an assuming institution's or an FDIC-managed bridge depository institution's payment processing functions, such as clearing checks and authorizing direct debits.

    While these challenges to accurately determining and promptly paying deposit insurance may be present at any size of failed institution, they become increasingly formidable as the size and complexity of the institution increases. Larger institutions are generally more complex, have more deposit accounts, greater geographic dispersion, multiple deposit systems, and more issues with data accuracy and completeness. The largest IDIs which grew through acquisition have inherited the legacy recordkeeping and deposit account systems of the acquired banks. Those systems might have inaccurate or incomplete deposit account records. Additionally, acquired records might not be automated or compatible with the acquiring institution's deposit systems, resulting in use of multiple deposit platforms.

    Although some of the largest institutions are able to conduct their banking operations without integrating these inherited systems or updating the acquired deposit account records, the state of their deposit systems would complicate and prolong the deposit insurance determination process in the event of failure. Because of the potential problems posed by delays in determination and payment of deposit insurance, improved strategies must be implemented to ensure that deposit insurance can be paid promptly.

    The FDIC's experiences during the most recent financial crisis, which peaked in the months following the promulgation of § 360.9, indicated that failures can often happen with very little notice and time for the FDIC to prepare. Since 2009, the FDIC was called upon to resolve 47 institutions with 30 days or less to plan the resolution (which includes review of deposit account records). While these 47 institutions were smaller, the financial condition of two banks with a very large number of deposit accounts—Washington Mutual Bank and Wachovia—deteriorated very quickly, also leaving the FDIC little time to prepare.[10] If a large bank were to fail because of liquidity problems rather than capital deterioration, for example, the FDIC would anticipate having less lead time to prepare to make deposit insurance determinations, which could result in the need for more time post-Start Printed Page 87736failure and less prompt payment of deposit insurance.

    The FDIC has worked with institutions covered by § 360.9 for several years to confirm their ability to comply with that rule's requirements. This implementation process has led the FDIC to conclude that the standard data sets and other requirements of § 360.9 are not sufficient to mitigate the complexities presented in the failure of the largest institutions. Based on its experience reviewing deposit data (and often finding inaccurate or incomplete data), deposit recordkeeping systems, and capabilities for imposing provisional holds in the course of its § 360.9 compliance visits, the FDIC believes that § 360.9 has not been as effective as intended in enhancing the capacity of the FDIC to make prompt deposit insurance determinations necessary for the largest IDIs. Specifically, the continued growth in the number of deposit accounts at larger IDIs and the number and complexity of deposit systems used by many of these institutions since the promulgation of § 360.9 would exacerbate the difficulties present in making prompt deposit insurance determinations. Additionally, the institutions covered by § 360.9 are permitted discretion when populating the data fields that often results in missing information.

    A failed IDI that has multiple deposit systems would further complicate the aggregation of deposits by depositor in a particular right and capacity, causing additional delay. Additionally, deposit taking practices have evolved, and innovative products and services have proliferated throughout the financial services markets. Customer use of deposit accounts has changed. Accounts that may have been used in the past as traditional savings vehicles are now used more frequently for transactional purposes. For example, checking accounts held in connection with a formal revocable trust are used to pay for everyday living expenses. Brokered deposits are sometimes held in money market deposit accounts (“MMDAs”).

    Using the FDIC's IT system to make deposit insurance determinations at a failed institution with a large number of deposit accounts would require the transmission of massive amounts of deposit data from the IDI's IT system to the FDIC's IT system. The transfer of such a large volume of data would be very time consuming and the time required for processing that data would present a significant impediment to making deposit insurance determinations in the timely manner that the public has come to expect. The 38 institutions currently covered by the final rule each have between 2 million and 87 million deposit accounts as of June 30, 2016. Requiring these covered institutions to enhance their deposit account data and upgrade their IT systems so that the FDIC can promptly determine deposit insurance available on most deposit accounts using the covered institutions' IT systems would help to resolve the timing issues presented when transferring and processing such a large volume of deposit data.

    Advance Notice of Proposed Rulemaking

    On April 28, 2015, the FDIC published in the Federal Register an Advance Notice of Proposed Rulemaking (“ANPR”) seeking comment on whether certain IDIs such as those that have two million or more deposit accounts should be required to take steps to ensure that depositors would have access to their FDIC-insured funds in a timely manner (usually within one business day of failure) if one of these institutions were to fail.[11] Specifically, the FDIC sought comment on whether these IDIs should be required to enhance their recordkeeping to maintain and be able to provide substantially more accurate and complete data on each depositor's ownership interest by right and capacity for all or a large subset of the institution's deposit accounts. The FDIC sought comment on whether these IDIs' IT systems should have the capability to calculate the insured and uninsured amounts for each depositor by deposit insurance right and capacity for all or a substantial subset of deposit accounts at the end of any business day. The FDIC also sought comment on the potential costs and benefits associated with instituting such requirements. The comment period ended on July 27, 2015. The FDIC received 10 comment letters. The FDIC also had six meetings or conference calls with banks, trade groups, and software providers.

    Notice of Proposed Rulemaking

    Following the ANPR, the FDIC developed and then published in the Federal Register a notice of proposed rulemaking entitled “Recordkeeping for Timely Deposit Insurance Determination” soliciting public comment on its proposal to require each IDI with two million or more deposit accounts to maintain complete and accurate information needed to allow the FDIC to determine promptly the deposit insurance coverage for each deposit account, and to have an IT system that is capable of calculating the insured and uninsured amounts for all deposit accounts in accordance with the FDIC's deposit insurance rules set forth in 12 CFR part 330 (the “NPR” for the “proposed rule”).[12] Under the proposed rule, each covered institution's IT system would facilitate the FDIC's deposit insurance determination by being able to calculate deposit insurance coverage for each deposit account and adjust account balances to the insured amount within 24 hours after the appointment of the FDIC as receiver should the covered institution fail. Relief from the proposed rule's requirements would have come in the form of: An extension of the implementation deadlines; an exception from the information collection requirements for certain deposit accounts or types of deposit accounts if conditions for exception could be met; exemption from all of the proposed rule's requirements if all the deposits a covered institution takes are fully insured; or release from all of the proposed rule's requirements when a covered institution no longer meets the definition of a covered institution. Each covered institution would need to certify compliance with the proposed rule annually, with enforcement measures to be taken in accordance with § 8 of the FDI Act, if necessary.

    The NPR's comment period expired on June 27, 2016. The FDIC received 14 comment letters in total from IDIs, industry trade associations, financial intermediaries, mortgage servicing companies, technology firms, an industry consultant, and an individual. In addition, FDIC staff participated in meetings or conference calls with industry representatives. The FDIC considered all of the comments it received when developing the final rule, and the comments and the FDIC's responses are discussed in VI. Discussion of Comments.

    III. Description of the Final Rule

    A. Summary

    The scope of the final rule is unchanged from the NPR. It applies to any IDI that has two million or more deposit accounts, defined as a “covered institution.” As contemplated by the proposed rule, under the final rule, each covered institution must configure its IT system to be capable of accurately calculating the deposit insurance available for each deposit account in accordance with the FDIC's deposit insurance rules set forth in 12 CFR part 330 should the covered institution fail. Start Printed Page 87737The FDIC would use the covered institution's IT system to facilitate the deposit insurance determinations in the event of the covered institution's failure.

    In order for the FDIC to effectively use the covered institution's IT system to calculate deposit insurance, the covered institution's deposit account records must contain certain information concerning the identity of the owner of the funds on deposit and details about the right and capacity in which the deposit is held for deposit insurance purposes. The proposed rule would have required covered institutions to maintain this information in their deposit account records for all accounts unless the FDIC granted the covered institution an exception from this requirement. In light of comments received in response to the NPR, the final rule modifies this approach. Recognizing that insured depository institutions do not maintain all information needed for deposit insurance determination in their deposit account records for every account, along with the significant challenges associated with collecting that information, the FDIC has bifurcated the recordkeeping requirement.

    Under the final rule's general recordkeeping requirements, a covered institution will need to ensure that its deposit account records contain the information needed for its IT system to be able to calculate deposit insurance coverage for those deposit accounts for which it already maintains the necessary information. A covered institution should, in the normal course of business, already maintain in its deposit account records the information necessary to do this for: Single ownership accounts; joint ownership accounts; accounts held by a corporation, partnership, or unincorporated association for themselves; informal revocable trust (i.e., “payable-on-death” or “in-trust-for”) accounts; and any account of an irrevocable trust for which the covered institution itself is the trustee.

    The final rule recognizes that, under the FDIC's deposit insurance rules set forth in 12 CFR part 330, the amount of deposit insurance available may not be determinable without reference to information that an IDI does not, and is not otherwise required to, maintain in its deposit account records under the existing regulatory framework. After an IDI fails, this information must be provided to the FDIC so that the FDIC can determine the full amount of deposit insurance available. Accordingly, under the final rule, a covered institution does not need to meet the general recordkeeping requirements described in this section, but may instead meet alternative recordkeeping requirements with respect to certain types of deposit accounts for which it is not required under 12 CFR part 330 to maintain in its deposit account records the information that would be needed for the FDIC to determine the full amount of deposit insurance coverage. Certain additional provisions apply to deposit accounts with transactional features.

    To meet the alternative recordkeeping requirements, the covered institution must maintain in its deposit account records certain information that will facilitate the FDIC's prompt collection of the information needed to determine deposit insurance with respect to those deposit accounts after its failure. These alternative recordkeeping requirements apply to deposit accounts that would be insured on a “pass-through” basis (such as brokered deposits) because beneficial owner information is not maintained by the covered institution, and to deposit accounts for which the amount of insurance is dependent on additional facts (such as deposit accounts held in connection with a trust). The FDIC also recognizes that it may not always be feasible for a covered institution to maintain information in its deposit account records needed to calculate the deposit insurance with respect to official items prior to presentment and, therefore, if the information needed for deposit insurance calculation is not available, the covered institution will need to maintain in its deposit account records certain information that will facilitate the FDIC's deposit insurance determination after the failure of a covered institution.

    For deposit accounts with “transactional features” for which the covered institution maintains its deposit account records in accordance with the alternative recordkeeping requirements set forth in § 370.4(b)(1), a covered institution must certify that the information needed to calculate deposit insurance coverage will be submitted to the FDIC so that deposit insurance can be determined within 24 hours after the appointment of the FDIC as receiver. The FDIC has been concerned about timely deposit insurance determinations for accounts with transactional features since the inception of this rulemaking process. One of the options presented in the ANPR was that “[f]or a large subset of deposits (“closing night deposits”), including those where depositors have the greatest need for immediate access to funds (such as transaction accounts and money market deposit accounts (“MMDAs”), deposit insurance determinations would be made on closing night.” [13] The FDIC acknowledged that the concept of “closing night deposits” served as a proxy for those deposit accounts for which depositors would expect immediate access to their funds on the next business day. The ANPR explained that in order to make deposit insurance determinations on closing night, the covered institutions would be required to: “Obtain and maintain data on all closing night deposits . . . at the end of any business day (since failure can occur on any business day).” [14] The ANPR solicited comment from the banking industry regarding what types of deposits should be considered as “closing night deposits.”

    After reviewing the comments received on the ANPR, the FDIC concluded that there really was no consensus among the potentially covered institutions regarding what types of deposits could be designated as “closing night deposits.” As a result, the FDIC adopted the approach in the proposed rule that, generally, covered institutions would need to collect and maintain the necessary depositor information for all deposit accounts unless the conditions for exception could be satisfied. Then, the FDIC would have all the depositor information necessary to begin the deposit insurance determinations immediately upon the covered institution's failure. However, in response to the commenters' objections to the proposed rule's approach, the FDIC developed the bifurcated approach set forth in the final rule. In this way, the final rule is consistent with the recordkeeping standards established in §§ 330.5 and 330.7; i.e., the deposit records for certain types of deposit accounts may be maintained off-site and with third parties rather than at the covered institution. Nevertheless, the requisite beneficial ownership information for those accounts must be made available to the FDIC so that the deposit insurance determination can be completed during the closing night process. The FDIC believes that requiring covered institutions to certify that the information needed to calculate deposit insurance coverage for certain deposit accounts with transactional features will be submitted to the FDIC by the respective account holder in time for the calculation to be performed within 24 hours after the appointment of the FDIC as receiver is important to ensure that the FDIC can make deposit insurance determinations expeditiously Start Printed Page 87738after failure of a covered institution to avoid delays in payment processing.

    The proposed rule would have provided a two-year timeframe for implementation of IT system and recordkeeping requirements. Under the final rule, a covered institution has three years after the effective date for implementation and can apply to the FDIC for extension of that timeframe.

    B. Section-by-Section Description of the Final Rule

    1. Section 370.1 Purpose and Scope

    The purpose of the final rule is to help the FDIC overcome the challenges it faces when fulfilling its statutory mandate to pay deposit insurance as soon as possible after the failure of an IDI with millions of deposit accounts at the least cost to the DIF. These challenges become more pronounced as the number of deposit accounts at an IDI rises above two million. Moreover, the number of deposit accounts is highly correlated with other attributes that contribute to this challenge, such as the complexity of account relationships and the use of multiple deposit systems by these institutions. Accordingly, the final rule requires IDIs with two million or more deposit accounts to configure their IT systems to be capable of calculating the amount of deposit insurance coverage available for each deposit account in the event of failure.

    2. Section 370.2 Definitions

    This section provides definitions of terms that are used in the final rule. A covered institution is an IDI which, based on its Reports of Condition and Income (“Call Reports”) filed with the appropriate Federal banking agency, has two million or more deposit accounts during the two consecutive quarters preceding the effective date of the final rule or thereafter.

    For purposes of the final rule, account holder is defined as the person who has opened a deposit account with a covered institution and with whom the covered institution has a direct legal and contractual relationship with respect to the deposit. An account holder is often, but not always, the person who actually owns deposits in a deposit account, and to whom deposit insurance inures under the FDIC's deposit insurance rules set forth in 12 CFR part 330. The person who actually owns the deposits is commonly referred to as the “beneficial owner” of a deposit or as the “principal.” When the account holder does not have ownership rights to deposits, it is typically acting as an agent, custodian, or fiduciary on behalf of the beneficial owner of the deposit. In these situations, deposit insurance coverage can “pass through” the account holder to the beneficial owner of the deposit, and the deposit would be insured to the beneficial owner based on the deposit insurance right and capacity in which those deposits are owned. Because the account holder is the party with whom a covered institution has a deposit account relationship, it is the account holder who will need to provide the information needed for purposes of calculating deposit insurance. For that reason, the final rule's recordkeeping requirements with respect to certain deposit accounts are framed around the relationship between the covered institution and the account holder.

    Several terms are defined by reference to their statutory or regulatory definitions. Specifically, brokered deposit has the same meaning as provided in 12 CFR 337.6(a)(2); deposit has the same meaning as provided under section 3(l) of FDI Act (12 U.S.C. 1813(l)); deposit account records has the same meaning as provided in 12 CFR 330.1(e); and standard maximum deposit insurance amount (or “SMDIA”) has the same meaning as provided pursuant to section 11(a)(1)(E) of the FDI Act (12 U.S.C. 1821(a)(1)(E)) and 12 CFR 330.1(o). Ownership rights and capacities are set forth in 12 CFR part 330.

    Compliance date means the date that is three years after the later of the effective date of this part or the date on which an IDI becomes a covered institution. In response to the NPR, commenters had suggested that a four-year implementation period be provided. In light of the bifurcated approach to recordkeeping taken in the final rule, the FDIC believes that a three-year implementation period will be sufficient.

    Payment instrument means a check, draft, warrant, money order, traveler's check, electronic instrument, or other instrument, payment of funds, or monetary value (other than currency). This definition is consistent with § 1002(18) of the Consumer Financial Protection Act of 2010 (12 U.S.C. 5481(18)) and common banking usage.

    Transactional features, with respect to a deposit account, means that the depositor or account holder can make transfers or withdrawals from the deposit account to make payments or transfers to third persons or others (including another account of the depositor or account holder at the same institution or at a different institution) by means of a negotiable or transferable instrument, payment order of withdrawal, check, draft, prepaid account access device, debit card, or other similar order made by the depositor and payable to third parties, or by means of a telephonic (including data transmission) agreement, order or instruction, or by means of an instruction made at an automated teller machine or similar terminal or unit. For purposes of this definition, “telephonic (including data transmission) agreement, order or instruction” includes orders and instructions made by means of facsimile, computer, internet, handheld device, or other similar means. When interpreting this definition, the FDIC will consider the frequency with which a depositor or account holder may make transfers or withdrawals with respect to a deposit account, in addition to other account features. For example, an account comprised of time deposits will not be deemed to have transactional features solely because it allows a depositor or account holder who is not the beneficial owner to redeem or withdraw the time deposit and transfer the proceeds on a one-time basis to the beneficial owner.

    Unique identifier means an alpha-numeric code associated with an individual or entity that is used by a covered institution to monitor its relationship with only that individual or entity. The unique identifier may be, but is not required to be, a government-issued identification number such as a social security number or tax identification number. It could also be a customer identification number already in use by the covered institution for other operational or regulatory purposes.

    3. Section 370.3 Information Technology System Requirements

    As was proposed in the NPR, each covered institution is required to configure its IT system to be capable of accurately calculating the deposit insurance available to each beneficial owner of funds on deposit in accordance with the FDIC's deposit insurance rules set forth in 12 CFR part 330. Additionally, the IT system must be able to adjust account balances within 24 hours after the appointment of the FDIC as receiver. Each covered institution's IT system would need to be capable of grouping each beneficial owner's deposits within the applicable ownership right and capacity because deposit insurance is available up to the SMDIA for each ownership right and capacity in which the deposits are held. To do this, a covered institution must maintain in its deposit account records certain information, as described in § 370.4. The covered institution's IT system would also need to be able to Start Printed Page 87739generate a record that reflects the deposit insurance calculation. This record would contain, at a minimum, the name and unique identifier of the account holder or beneficial owner of a deposit if the account holder is not the beneficial owner, the balance of each beneficial owner's deposits in each deposit account grouped by ownership right and capacity, the aggregated balance of each beneficial owner's deposits within each applicable ownership right and capacity, the amount of the aggregated balance within each ownership right and capacity that is insured, and the amount of the aggregated balance within each ownership right and capacity that is uninsured. Appendix B to the final rule specifies the data format for the records that the covered institution's IT system would need to produce.

    If a covered institution were to fail, its depositors' access to their funds would need to be restricted while the FDIC makes deposit insurance determinations in order to avoid overpayment. Each covered institution's IT system would need to be capable of restricting access to some or all of the funds in each deposit account until the FDIC has determined the deposit insurance coverage for that account using the covered institution's IT system.

    The deposit insurance determinations for most deposit accounts would be made within 24 hours after failure and holds on those accounts would be removed. Holds would remain in place on deposit accounts for which a deposit insurance determination has not been made within that time frame and would be removed after the determination has been made.

    The covered institution's IT system would need to adjust the balance in each deposit account, if necessary, after the deposit insurance determination has been completed so that only insured deposits are made available. Specifically, if any of a beneficial owner's deposits within a particular ownership right and capacity were not insured, then the covered institution's IT system would need to debit the respective deposit accounts for the uninsured amount associated with each account. To the extent that a beneficial owner of deposits is uninsured, it will have a claim against the receivership for the failed covered institution that would be paid out of the assets of the receivership on equal footing with all other deposit claims, including the FDIC's subrogated claim for insured deposits.

    A covered institution's IT system would need to be capable of performing these functions for most deposit accounts within 24 hours after the FDIC's appointment as receiver should the covered institution fail, and within 24 hours after the FDIC receives from the remaining account holders the additional information needed to determine deposit insurance coverage.

    The FDIC's regulations and resources concerning deposit insurance that are available to the public on the FDIC's Web site are useful tools that covered institutions can use to develop the capabilities of their IT systems to meet the final rule's requirements.[15] The FDIC also intends to offer guidance and outreach to facilitate covered institutions' efforts to meet this requirement.

    4. Section 370.4 Recordkeeping Requirements

    In response to commenters' recommendations, the final rule's recordkeeping requirements have been modified from those set forth in the proposed rule. While the proposed rule would have required covered institutions to collect and maintain significantly more information on deposit relationships than is currently contemplated under part 330, the final rule recognizes that such information may continue to reside in records maintained outside the covered institution by either the account holder or a party designated by the account holder, as set forth in part 330. The final rule contemplates, however, that in many instances, a covered institution will already maintain in its deposit account records the necessary information for its IT system to calculate deposit insurance coverage and therefore the institution will be capable of fulfilling the general recordkeeping requirement to maintain in its deposit account records for each account the unique identifier for the appropriate parties and the applicable ownership right and capacity code. Accordingly, § 370.4(a) imposes a general recordkeeping requirement whereby the covered institution must assign a unique identifier to each account holder, beneficial owner, grantor, and beneficiary, as appropriate, and assign the applicable ownership right and capacity code listed in Appendix A. A covered institution should, in the normal course of business, already have in its deposit account records the necessary information to do this for, among others, deposit accounts that would be insured as: single ownership accounts; joint ownership accounts; accounts owned by a corporation, partnership, or unincorporated association; informal revocable trust (i.e., “payable-on-death” or “in-trust-for”) accounts; and any account held in connection with an irrevocable trust for which the covered institution itself is the trustee.

    The final rule recognizes, however, that under the FDIC's deposit insurance rules, where an IDI's deposit account records disclose the existence of a relationship that might provide a basis for additional insurance, the details of the relationship must be ascertainable from either the IDI's deposit account records or from records maintained by the depositor or by a third party that has undertaken to maintain such records for the depositor. (See 12 CFR 330.5 concerning recognition of deposit ownership and fiduciary relationships; 12 CFR 330.7 concerning accounts held by an agent, nominee, guardian, custodian, or conservator; 12 CFR 330.10 concerning revocable trust accounts; and 12 CFR 330.13 concerning irrevocable trust accounts.) Accordingly, under § 370.4(b), a covered institution may meet alternative recordkeeping requirements with respect to those types of accounts. Under the alternative recordkeeping requirements, the covered institution must maintain in its deposit account records for each deposit account where the basis for additional deposit insurance is contained in records maintained by the account holder, or a party designated by the account holder, the unique identifier for only the account holder. It must also maintain in its deposit account records information sufficient to populate the “pending reason” field of the pending file set forth in Appendix B, which is to be generated by the covered institution's IT system pursuant to § 370.3(b) of the final rule. For deposit accounts held in connection with formal trusts for which the covered institution is not trustee, the covered institution will need to maintain in its deposit account records the unique identifier of the account holder, and the unique identifier of the grantor (if the grantor is not the account holder) if the account has transactional features. The unique identifier of the grantor is needed in order to begin calculating how much deposit insurance would be available, at a minimum, on deposit accounts held in connection with a formal trust. The covered institution will also need to maintain in its deposit account records information sufficient to populate the “pending reason” field of the pending file set forth in Appendix B, which is to be Start Printed Page 87740generated by the covered institution's IT system pursuant to § 370.3(b) of the final rule.

    Additionally, a covered institution will need to maintain in its deposit account records the information needed for its IT system to calculate deposit insurance coverage with respect to payment instruments drawn on an account of the covered institution (commonly referred to as “official items”), such as a cashier's check, teller's check, certified check, personal money order, or foreign draft. The FDIC recognizes that it may not always be feasible to identify the beneficial owner of such instruments and, therefore, if the necessary information is not available, the covered institution will need to maintain in its deposit account records for those accounts only the “pending reason” code to indicate that more information is needed before deposit insurance can be calculated. This will be used to populate the “pending reason” field of the pending file set forth in Appendix B, which is to be generated by the covered institution's IT system pursuant to § 370.3(b) of the final rule.

    To the extent that a covered institution does not meet the recordkeeping requirements set forth in § 370.4(a) and instead meets the alternative recordkeeping requirements set forth in § 370.4(b), it must take the additional action set forth in § 370.5 with respect to those deposit accounts that have transactional features.

    5. Section 370.5 Actions Required for Certain Deposit Accounts With Transactional Features

    The FDIC is concerned that many deposit accounts held in the name of someone other than the beneficial owner of the deposit (such as an agent, nominee, custodian, fiduciary, or other third party) are relied upon for transactions. In the case of a failure of a covered institution, with its millions of deposit accounts, any material delay in the payment of deposit insurance could undermine public confidence in the financial system and be extremely disruptive not only for individual depositors but also for the community or region as a whole. Widespread or extended delay could even result in systemic consequences. Therefore, § 370.5(a) imposes the requirement that, with respect to deposit accounts with transactional features that are held in the name of a third party for the benefit of others, the covered institution certify that all information needed to calculate deposit insurance coverage can and will be submitted to the FDIC upon failure of the covered institution to minimize any delay in the FDIC's efforts to calculate deposit insurance within 24 hours after appointment as receiver using the covered institution's IT system. The timeframe within which this information must be received will likely need to be less than 24 hours because the covered institution's IT system will need time to process the information once received. This requirement applies not only to traditional demand and checking accounts, but also to savings deposit accounts that have transactional features, such as MMDAs, and to prepaid accounts that are entitled to deposit insurance coverage. The final rule provides, however, that this certification requirement does not apply with respect to mortgage servicing accounts, lawyers trust accounts, real estate trust accounts, or accounts held by employee benefits plans. A covered institution that is unable to provide this certification must apply to the FDIC for an exception from the certification requirement. In addition, the final rule makes clear that a covered institution's failure to provide the certification shall be deemed not to constitute a violation of this part if the FDIC has granted the covered institution relief from the certification requirement.

    6. Section 370.6 Implementation

    This section provides that a covered institution must comply with the final rule no later than the compliance date, which is three years after the later of the effective date of the final rule or the date on which the institution becomes a covered institution by reaching the threshold of two million deposit accounts. Under § 370.6(b), a covered institution may request that the FDIC extend the implementation time period. The request must state the amount of additional time needed and the reasons therefor. It must also report the total number of, and dollar amount in, accounts for which the covered institution's IT system could not calculate deposit insurance coverage if the covered institution were to fail as of the date of the request.

    7. Section 370.7 Accelerated Implementation

    The final rule provides for accelerated implementation on a case-by-case basis and after notice from the FDIC to a covered institution in three scenarios. The first would be when a covered institution has received a composite rating of 3, 4, or 5 under the Uniform Financial Institution's Rating System (CAMELS rating) in its most recently completed Report of Examination. The second scenario would be when a covered institution has become undercapitalized, as defined in the prompt corrective action provisions of 12 CFR part 325. The third would be when the appropriate Federal banking agency or the FDIC, in consultation with the appropriate Federal banking agency, has determined that a covered institution is experiencing a significant deterioration of capital or significant funding difficulties or liquidity stress, notwithstanding the composite rating of the covered institution by its appropriate Federal banking agency in its most recent Report of Examination.

    While the FDIC recognizes concerns about the imposition of an accelerated implementation deadline during economic distress, including the concern that a covered institution's attention might be diverted to solving critical problems that threaten its financial condition, providing depositors with immediate access to funds and preserving systemic stability is also critical. The ability to accelerate the implementation deadline must be balanced against any hardship an accelerated implementation period might impose on a covered institution. Before accelerating the implementation time period, the FDIC would consult with the covered institution's appropriate Federal banking agency. The FDIC would also evaluate the complexity of the covered institution's deposit systems and operations, the extent of the covered institution's asset quality difficulties, the volatility of the covered institution's funding sources, the expected near-term changes in the covered institution's capital levels, and other relevant factors appropriate for the FDIC's consideration as deposit insurer.

    8. Section 370.8 Relief

    Under § 370.8(a) of the final rule, a covered institution may submit a request to the FDIC for an exemption if it demonstrates that it has not and will not take deposits which, when aggregated, would exceed the SMDIA (currently $250,000) for any beneficial owner of the funds on deposit. In other words, if each owner of deposits were to have an amount equal to or less than the SMDIA on deposit at a covered institution, then all deposits would be fully insured. Deposit insurance determinations at failed covered institutions that meet this condition should not be complicated and, therefore, the FDIC does not believe that requiring such covered institutions to develop the capability to calculate deposit insurance coverage would be necessary.

    Recognizing that circumstances may currently exist, or emerge in the future, Start Printed Page 87741for which a covered institution is unable to comply with the recordkeeping requirements set forth in § 370.4 or some particular provision therein with respect to an identified deposit account or class of deposit accounts, § 370.8(b) allows a covered institution to request an exception for those accounts. In its request letter, the covered institution must demonstrate the need for an exception, describe the impact of an exception on the ability to accurately calculate deposit insurance for the related deposit accounts, and state the number of, and the dollar value of deposits in, those deposit accounts. When reviewing the request, the FDIC would consider the implications that a delayed deposit insurance determination would have for a particular account holder or the beneficial owners of deposits, the nature of the deposit relationship, and the ability of the covered institution to obtain the information needed for an accurate calculation of deposit insurance.

    A covered institution that no longer meets the criteria for being a covered institution may submit a request for release from the final rule's requirements. Section 370.8(c) provides that if the number of deposit accounts at a covered institution drops below the two million deposit account threshold for three consecutive quarters based on Schedule RC-O in the Report of Condition and Income, the institution may request release. Like any other IDI, an institution released under this paragraph would become a covered institution again if it were to have two million or more deposit accounts for two consecutive quarters.

    The objectives of the final rule supersede the objectives of 12 CFR 360.9. Accordingly, if a covered institution reaches full compliance with the final rule, the results intended under § 360.9 will be largely accomplished. Paragraph (d) permits a covered institution to request a release from the requirements set forth in § 360.9 upon submission of its first certification of compliance with the final rule's requirements.

    This section further provides that the FDIC will consider all requests made under relevant provisions of the final rule on a case-by-case basis in light of the final rule's objectives, and that the FDIC's grant of a covered institution's request may be conditional or time-limited.

    9. Section 370.9 Communication With the FDIC

    This section requires that within ten business days after either the effective date of the final rule or becoming a covered institution, whichever is later, a covered institution notify the FDIC of the person(s) responsible for implementing the recordkeeping or IT system requirements set forth in this part. Point-of-contact information, reports and requests are to be submitted in writing to: Office of the Director, Division of Resolutions and Receiverships, Federal Deposit Insurance Corporation, 550 17th Street NW., Washington, DC 20429-0002.

    10. Section 370.10 Compliance

    The final rule sets forth a two-part approach for compliance. First, beginning on or before the compliance date and annually thereafter, a covered institution must certify that it has implemented and successfully tested its IT system for compliance with the final rule's requirements during the preceding calendar year. The certification must be signed by the covered institution's chief executive officer or chief operating officer. Along with its certification of compliance, the covered institution must also submit a summary deposit insurance coverage report to the FDIC. The summary deposit insurance coverage report would list key metrics for evaluating deposit insurance risk to the DIF and coverage available to a covered institution's depositors. Those metrics are: The number of account holders, the number of deposit accounts, and the dollar amount of deposits by ownership right and capacity; the total number of fully-insured deposit accounts and the dollar amount of deposits in those accounts; the total number of deposit accounts with uninsured amounts and the total dollar amount of insured and uninsured amounts in those accounts; the total number of deposit accounts and the dollar amount of deposits in accounts, broken out by account type, for which the covered institution's IT system cannot calculate deposit insurance coverage because it is permitted to maintain alternative recordkeeping requirements as set forth in § 370.4(b); and a description of any substantive change to the covered institution's IT system or deposit taking operations since the prior annual certification.

    Second, the FDIC will conduct periodic on-site inspections and tests of each covered institution's IT system's capability to accurately calculate deposit insurance coverage in the event of failure. Testing will begin no sooner than the last day of the first calendar quarter following the compliance date, and will occur no more frequently than on a three-year cycle thereafter, unless there is a material change to the covered institution's IT system, deposit-taking operations, or financial condition. The FDIC will provide data integrity and IT system testing instructions to covered institutions through the issuance of procedures or guidelines prior to the final rule's effective date and before initiating its compliance testing program, and will provide outreach to covered institutions to facilitate their implementation efforts. The final rule also requires covered institutions to assist the FDIC in resolving any issues that arise upon the FDIC's on-site inspection and testing of the IT system's capabilities.

    The final rule provides that a covered institution will not be in violation of any requirements of the rule for which the institution has submitted a request for relief pursuant to § 370.6(b) or § 370.8(a)-(c) while awaiting the FDIC's response to the request.

    IV. Expected Effects

    Using current data, the FDIC estimates that the rule will apply to 38 institutions, each with two million or more deposit accounts.[16] Together, these institutions hold more than $10 trillion in total assets and manage over 400 million deposit accounts.

    The FDIC has evaluated the estimated cost to implement this rule, as well as the benefits to the FDIC's resolution process and to the millions of account holders who would need immediate access to their funds in the event of failure of a covered institution. The main determinants of the estimated cost to institutions covered by the final rule are the number of deposit accounts they hold and the number of deposit IT systems they manage. Benefits of the rule include: Ensuring prompt and efficient deposit insurance determinations by the FDIC and thus the liquidity of deposit funds; enabling the FDIC to readily resolve a failed IDI; reducing the costs of failure of a covered institution by increasing the FDIC's resolution options; and promoting long term stability in the banking system by reducing moral hazard.

    These benefits are expected to accrue to the public at large. However, because there is no market in which the value of these expected benefits can be determined, it is not possible to quantify these benefits with precision. As the public benefits cannot be quantified, the FDIC presents an analytical framework that describes the qualitative effects of the proposed rule and the quantitative effects where possible, consistent with Start Printed Page 87742the FDIC Statement of Policy on the Development and Review of FDIC Regulations and Policies.

    Expected Costs

    The FDIC's initial estimate of the cost of this rule, as described in the NPR, was approximately $328 million. The FDIC has updated its cost estimate to $478 million, based in part upon comments the FDIC received in response to the NPR. The updated estimated cost to covered institutions represents $386 million of this total, with the remaining estimated costs accruing to depositors and the FDIC. Even with these updates, the estimated costs to covered institutions remain small relative to their revenues and expenses.

    In estimating the costs of this rule, the FDIC engaged the services of an independent consulting firm. Working with the FDIC, the consultant used its extensive knowledge and experience with IT systems at financial institutions to develop a model to provide cost estimates for the following activities:

    • Implementing the deposit insurance calculation
    • Legacy data clean-up
    • Data extraction
    • Data aggregation
    • Data standardization
    • Data quality control and compliance
    • Data reporting
    • Ongoing operations

    Cost estimates for these activities were derived from a projection of the types of workers needed for each task, an estimate of the amount of labor hours required, an estimate of the industry average labor cost (including benefits) for each worker needed, and an estimate of worker productivity. The analysis assumed that manual data clean-up would be needed for 5 percent of deposit accounts, 10 accounts per hour would be resolved, and internal labor would be used for 60 percent of the clean-up. This analysis also projected higher costs for institutions based on the following factors:

    • Higher number of deposit accounts
    • Higher number of distinct core servicing platforms
    • Higher number of depository legal entities or separate organizational units
    • Broader geographic dispersal of accounts and customers
    • Use of sweep accounts
    • Greater degree of complexity in business lines, accounts, and operations

    Illustration 1 provides a diagram of the cost model.

    Table 1 shows that almost half of the rule's estimated total costs are attributable to legacy data clean-up. These legacy data clean-up cost estimates are sensitive to both the number of deposit accounts and the number of deposit IT systems. More than 90 percent of the legacy data clean-up costs are associated with manually collecting account information from customers and entering it into the covered institution's systems. Data aggregation, which is sensitive to the number of deposit IT systems, makes up about 13 percent of the rule's estimated costs.Start Printed Page 87743

    Table 1—Estimated Implementation * Costs by Component

    ComponentsComponent costPercent of total
    Legacy Data Cleanup$226,482,33347.43%
    Data Aggregation64,015,37313.41%
    Ongoing Operations **55,175,45111.55%
    Data Standardization36,573,8947.66%
    FDIC Costs **36,001,5207.54%
    Data Extraction25,397,7615.32%
    Quality Control and Compliance18,403,0063.85%
    Insurance Calculation9,500,4001.99%
    Reporting5,971,8001.25%
    Total Cost477,521,538100%
    * Estimates of bank implementation costs include both initial and ongoing costs associated with this final rule.
    ** Present value of annual costs using a 3.5 percent discount rate over a 30-year time horizon. For example, this discount rate is used in OMB Circular No. A-4 and A-94, Appendix C (revised November 2015 for calendar year 2016).

    Table 2—Comparison of Bank Implementation * Costs to Expenses

    [Amounts in thousands]

    [Estimated cost to covered institutions: $385,517]

    Expense item2015 Expenses for covered institutionsImplementation * cost as percent of expense
    Noninterest Expense$260,857,9650.15%
    Personnel Expense119,069,4160.32%
    Tax Expense49,262,6600.78%
    Interest Expense26,761,3001.44%
    Fixed Expense: Premises28,446,1631.36%
    Cost as Percent of Income
    Pre-Tax Net Income, 2015$157,197,6680.25%
    Cost per Deposit Account
    Number of Deposit Accounts, 2Q 2016416,149.383$0.93
    Cost as Percent of Assets
    Total Assets, 2Q 2016$10,558,645,3760.004%
    * Estimates of bank implementation costs include both initial and ongoing costs associated with this final rule.

    These estimates of initial and ongoing costs of implementation are higher than those provided in the NPR. The increase in total estimated implementation costs is the result of updating the data, reviewing the cost methodology, and incorporating comments received on the NPR. Even with the revisions, however, the updated cost estimate does not alter the FDIC's overall assessment of the expected effects of the final rule.

    The estimated total cost of the final rule remains relatively small for covered institutions. The estimated costs amount to an average of 93 cents per deposit account and one-quarter of one percent of pre-tax net income, as shown in Table 2. Banks with more serious deficiencies in their current systems or with greater complexity in their business lines, accounts, and operations are expected to incur above-average compliance costs. These estimates may overstate the costs of the final rule because some covered institutions are already undertaking efforts to improve their data quality to address their own operational concerns and to comply with other statutes and regulations.

    Expected Benefits

    The recent financial crisis has demonstrated that large financial institutions can fail very rapidly. The failure of a covered institution would likely involve millions of deposit insurance claims. An orderly resolution requires ready access to complete and accurate information about the insurance status of depositors. The final rule ensures that the FDIC can conduct an orderly resolution of covered institutions despite the informational challenges they pose.

    Financial crises are, by their very nature, unpredictable, and unique and the likelihood, duration and magnitude of any such crisis cannot be predicted with mathematical precision. There are over $9 trillion in deposits in United States banks and the FDIC insures each qualifying account up to a maximum of $250,000, regardless of the events that unfold during any particular crisis. During the recent financial crisis, the federal government provided trillions of dollars of government support to large financial institutions.[17] Some of the Start Printed Page 87744institutions covered by this rule received government support that far exceeds the anticipated costs of this rule.

    The FDIC expects that the benefits of the final rule will accrue broadly to the public at large, to bank customers, to IDIs not covered by the rule, and to the covered institutions themselves. As discussed earlier, the FDIC expects the final rule to provide significant benefits, including ensuring prompt and efficient deposit insurance determinations by the FDIC and thus the liquidity of deposit funds; enabling the FDIC to more readily resolve a failed IDI; reducing the costs of failure of a covered institution by increasing the FDIC's resolution options; and promoting long term stability in the banking system by reducing moral hazard.

    The public at large will be the primary beneficiaries of the final rule. An effective failed bank resolution maintains liquidity in the economy by providing timely access to insured funds, promotes financial stability by ensuring an orderly, least costly resolution, and reduces moral hazard by recognizing deposit insurance limits (since uninsured depositors could be subject to losses even at the largest banks). Making accurate deposit insurance determinations for all insured institutions is a key component in carrying out the FDIC's mission of maintaining confidence in the banking system and minimizing costs to the DIF.

    Broadly, the final rule facilitates the consideration of resolution methods that might otherwise be unavailable, enabling the FDIC to resolve a failing covered institution in the least costly manner. With more resolution options, the FDIC may be less likely to resolve a failing large institution by having another large institution absorb it; absorption by another large institution would further increase concentration among the largest banks and raise concerns about longer term financial stability. This final rule reduces the likelihood of invoking a systemic risk exception, the cost of assistance provided as the result of a failure and receivership for which the systemic risk exception has been invoked, and the associated long-term risk of increased moral hazard and damaged market discipline.[18]

    Bank customers will also benefit from the final rule. Timely deposit insurance determinations will give bank customers expeditious access to insured funds to meet their transaction needs and financial obligations. Moreover, any current deficiencies in IT systems and data gathering that prevent covered institutions from identifying relationships between deposit accounts are likely to also prevent them from having the ability to quickly inform customers whether or not their deposits are insured, if asked.

    IDIs not covered by the final rule will benefit because the prompt payment of deposit insurance at the largest IDIs should promote public confidence in the banking system as a whole. The provisions of the final rule will help to level the competitive playing field between large banks with two million or more deposit accounts and community banks, which typically maintain far fewer deposit accounts. The requirements of the final rule will reduce the perception that uninsured depositors at large banks are less likely to incur losses in the event of failure than their counterparts at smaller institutions.

    The enhancements to data accuracy and completeness supported by the final rule should benefit covered institutions as well. Improvements to data on depositors and information systems as a result of adopting the final rule may lead to efficiencies in managing customer data. Accordingly, the upgrades in depositor information required under this rule are likely to benefit covered institutions by improving their ability to serve their customers and increasing their depositors' confidence that deposit insurance can be paid promptly by the FDIC in the event of failure. Moreover, the processing of daily bank transactions may be less prone to data errors.

    V. Alternatives Considered

    A number of alternatives were considered in developing the final rule. The major alternatives include (1) adjusting thresholds above or below the proposed two million accounts, (2) imposing recordkeeping requirements on all account types, (3) maintaining the FDIC's current approach to deposit insurance determinations (status quo), (4) developing an internal IT system and transfer processes within the FDIC capable of subsuming the deposit system of any large covered IDI in order to perform deposit insurance determinations, and (5) simplifying deposit insurance coverage rules. The FDIC considers the final rule to be the most effective approach among the alternatives in terms of cost to the industry, the speed and accuracy of deposit insurance determinations, access to funds, and reduction of systemic and information security risks. Development of the final rule was based on a careful evaluation of expected effects, public comments, and the FDIC's experience in resolving failed banks.

    In deciding which institutions would be subject to the final rule, the FDIC considered thresholds above and below two million deposit accounts. Raising the threshold would decrease the costs of the final rule to the industry because fewer institutions would be covered, but would also increase the risk that the FDIC would be unable to make timely and accurate deposit insurance determinations for large institutions and limit the FDIC's resolution options, thereby potentially increasing the costs of resolution.

    Making a correct and timely deposit insurance determination requires that the FDIC have access to accurate data on deposit accounts as well as on any relationships among those accounts. The FDIC has learned from prior experience that it is possible to manage data quality problems at small institutions without delaying or materially altering the outcome of the deposit insurance determination. However, the ability of the FDIC to promptly manage data quality problems at large institutions declines rapidly with the number and complexity of deposit accounts. Therefore, resolving data quality problems at institutions with the largest number of accounts and most complex deposit account systems prior to failure, as required by this final rule, should substantially lower the risk of inaccuracy or delay in making determinations.

    As described in IV. Expected Effects, the FDIC estimates that the costs associated with the two million account threshold for these large IDIs will be relatively modest compared to their net income and other costs of doing business. Decreasing the threshold below two million accounts would impose higher costs on the industry as a whole, and the marginal benefits of Start Printed Page 87745the rule would decline since smaller institutions present less risk to prompt deposit insurance determinations.

    In determining the scope of the final rule, the FDIC considered requiring covered institutions to maintain complete and accurate records for all accounts as originally proposed. However, the FDIC recognizes that covered institutions may not maintain in their deposit account records, and may not be able to obtain, for all accounts the information needed for deposit insurance purposes. The FDIC's regulation that sets forth the standards for deposit insurance coverage, 12 CFR part 330, permits records to reside outside of an IDI with respect to certain types of deposit accounts, as long as certain requirements are satisfied, without adverse consequences for the insurability of deposits. Similarly, the final rule recognizes that covered institutions will not have and therefore do not need to keep complete records for deposit insurance purposes for those types of deposit accounts.

    Additionally, costs associated with developing the ability to collect data, produce key account holder information in a timely manner, and perform a deposit insurance calculation are estimated to be relatively high for some account types. For example, for covered institutions the costs associated with collecting key information regarding beneficial ownership of deposits held by a prepaid account program manager on behalf of program participants is likely to be higher than for other account types for which beneficial ownership can be readily determined. For trust accounts, the identity and number of beneficiaries can often change, making the costs associated with collecting key information from the account holder, trustee, or other interested parties relatively high.

    Another alternative is to maintain the status quo established by 12 CFR 360.9. However, that rule does not adequately address an important problem that arises in the resolution of the largest and most complex institutions. Deposit insurance determinations under § 360.9 necessitate a secure bulk download of depositor data that introduces additional delays in making determinations. The FDIC's experience in resolving large institutions shows that the amount of time for data to download can vary widely based on the file size, complexity of the data, and the number of deposit systems, among other things. Given the limited time available to the FDIC to make determinations, these delays pose the risk of creating financial hardships for depositors and disrupting financial markets.

    Another alternative considered was to establish a system to rapidly transmit all deposit data from a failed IDI's IT system to the FDIC for processing in order to calculate and make deposit insurance determinations. Although this alternative utilizes a common deposit insurance calculation IT system, absorbing the deposit system or systems of a large, complex institution quickly enough to make a prompt insurance determination is infeasible as a practical matter. Unlike typical small and mid-sized IDIs, covered institutions have large amounts of data and often use multiple deposit account IT systems which are programmed to meet institution-specific needs. FDIC staff, working with staff from each large institution, would have to develop an individualized solution for each institution tailored to its IT systems and third-party applications. Extensive initial and ongoing testing would be required to establish that the data transmission would allow a prompt and accurate insurance determination. Additionally, covered institutions would still bear the cost of legacy data cleanup and data aggregation, which are the two largest cost components in the cost model.

    The alternative of the FDIC establishing an IT system to rapidly transfer all deposit data from a failed IDI would also likely impose large ongoing costs for covered institutions because any significant change to the deposit system of a large IDI would necessitate further testing and validation. Further, the large IT development, testing, and recertification costs borne by the FDIC under this alternative would ultimately be paid by insured depository institutions through ongoing deposit insurance assessments. In contrast, the final rule requires that a covered institution's IT system have the ability to calculate deposit insurance coverage for all deposit accounts in the event of a failure. It would use the data that the covered institution has on hand at the time of failure as well as data collected by the FDIC from depositors shortly after failure. Under the final rule, IT costs would be absorbed by covered institutions rather than by the entire banking industry.

    Another alternative the FDIC considered was to simplify deposit insurance coverage rules. Currently, deposit insurance is provided under different ownership rights and capacities, some of which involve complex types of deposit accounts. Reducing the number of rights and capacities or simplifying the coverage rules would reduce the costs associated with covered institutions' development of the capability to calculate deposit insurance coverage. However, efforts to simplify the deposit insurance coverage rules could effectively reduce coverage to depositors at all FDIC insured institutions, an approach that would impose a cost on a wider range of institutions and bank customers. Further, these complex account types present problems when the FDIC must analyze a significant number of these accounts at the same time. The FDIC's established methods for dealing with these more complex accounts in smaller and mid-sized resolutions include manual processing, an approach that could take too long in a larger resolution involving a significant number of these accounts. Consequently, the FDIC is not pursuing simplification of the deposit insurance coverage rules.

    VI. Discussion of Comments

    Generally, the issues raised by the commenters may be categorized under the following topics: The need for regulation, expected effects of the proposed rule, possible alternatives to the proposed rule, problems with the proposed rule's requirements, and possible adverse consequences.

    A. Comments Concerning the Need for Regulation

    The commenters generally agree that it is important for depositors to have prompt access to their insured deposits in the event of the failure of a large and complex IDI. However, some commenters contended that the proposed rule is unnecessary because covered institutions are unlikely to fail. One commenter remarked that the likelihood of failure is “essentially zero.” This commenter maintained that it is more likely that market forces and the FDIC's enforcement powers and supervisory authority would solve the problems of a large institution before failure. This commenter also asserted that, even if failure did occur, a transaction in which all deposits are assumed by another institution would be the least costly resolution, thereby avoiding the need for a deposit insurance determination. The payment of all uninsured deposits would preserve the failed bank's franchise value, this commenter argued, while adherence to deposit insurance limits could cause runs at other financial institutions and be systemically disruptive. Another commenter suggested that it would be “unlikely” that the FDIC would use a straight deposit payoff, an insured deposit transfer, or a deposit insurance national bank to resolve a large bank. Similarly, other commenters posited that, if a Start Printed Page 87746covered institution were to fail, then an all-deposit purchase and assumption transaction would be the least costly resolution, thereby avoiding the need for a deposit insurance determination.

    While the likelihood of any particular covered institution's failure may be low at a given point in time, history suggests that the financial condition of institutions that are perceived to be in good health can deteriorate quickly and with little notice. In 2008 and 2009, several large insured depository institutions failed, including IndyMac Bank and Washington Mutual Bank. In general, very large IDIs rely on credit-sensitive funding more than smaller IDIs do, which makes them more likely to suffer a rapid liquidity-induced failure.

    The contention that warning signs will give the FDIC sufficient notice to plan for resolution of a covered institution and the related argument by another commenter that the “FDIC has provided absolutely no evidence that a large bank . . . has ever failed with little prior warning” are also controverted by the events of the recent banking and financial crisis. The financial condition of several large and complex financial institutions deteriorated very rapidly in 2008. Numerous academic studies, articles, reports to Congress, other government reports, and Congressional testimony (including testimony from FDIC officials) have documented that short term funding challenges rapidly caused distress at banks during the last financial crisis (resulting in either bank failure or government intervention to prevent failure, as in the case of Wachovia Bank and Citibank).[19] This dynamic, present in the failure of Washington Mutual, for example, increases the risk that the FDIC will have little lead time to prepare for the failure of a covered institution.

    While certain post-crisis reforms have resulted in a more resilient banking system with stronger liquidity and capital, the effect of these reforms has not been tested in a crisis. These post-crisis reforms mitigate but do not eliminate the risk of failure. Other post-crisis reforms have limited the FDIC's authorities. For example, during the most recent crisis the FDIC was able to provide debt guarantees through the Temporary Liquidity Guarantee Program under then-existing statutory authority to bolster liquidity in the financial system. Under current law, such a program would require Congressional approval.

    The contentions that, even if a large bank did fail, a transaction in which all deposits are assumed by another institution or in which all assets are purchased and deposit liabilities assumed would be the least costly resolution (thus avoiding the need for a deposit insurance determination), or that it would be “unlikely” that the FDIC would use a straight deposit payoff, an insured deposit transfer, or a deposit insurance national bank to resolve a large bank are again controverted by the facts. Since 2008, the FDIC has conducted 36 resolutions where an all-deposit assumption transaction could not be arranged. Moreover, the sheer size of many covered institutions limits the number of institutions that could even consider purchasing all assets and assuming all deposits (or simply assuming all deposits), increasing the chances that a deposit insurance payout or a bridge bank will be the least costly alternative.[20] To use these resolution methods, the FDIC must be able to make a deposit insurance determination.

    Moreover, a former Chairman of the FDIC publicly shared his reaction to a commenter's suggestion that the FDIC would never need to determine deposit insurance for the largest banks, stating that the suggestion was “in effect, proposing 100% deposit insurance at banks, which would sound the death knell for any pretense of market discipline and a private sector banking system.” He stated that, historically, the FDIC “had no ability to deal with large bank failures in any way other than by recapitalizing them or merging them into even larger banks if [the FDIC] couldn't quickly segregate the uninsured deposits from the insured. Without this information, the FDIC might as well throw in the towel on instilling private sector discipline in the banking system.” [21] The possibility of failure must exist to maintain market discipline and avoid moral hazard.

    Some commenters assert that additional regulation is unnecessary because the FDIC's informational needs for a deposit insurance determination are already addressed in its current regulation at 12 CFR 360.9. The current approach under § 360.9 is not adequate and additional regulation is necessary for two reasons. First, as discussed in II. Need for Further Rulemaking, the informational and provisional hold aspects of § 360.9 are inadequate for the largest depository institutions. The institutions covered by § 360.9 are permitted to populate the data fields by using only data elements currently maintained in-house. If the institution does not maintain the information to complete a particular data field, then a null value can be used in that field. As a result of this discretionary approach, these institutions' standard data files are frequently incomplete. The provisional hold capability falls short because § 360.9 requires these institutions to maintain the technological capability to automatically place and release holds on deposit accounts if an insurance determination could not be made by the FDIC by the next business day after failure. Although provisional holds allow depositors' access to a portion of their total deposit while the insurance determination is being finalized, the hold does not facilitate a faster or more efficient insurance determination.

    Second, because deposit data files must be transmitted to the FDIC, standardized by FDIC staff, and then processed on the FDIC's IT system, a deposit insurance determination is still a very time consuming and manually intensive endeavor. While § 360.9 would assist the FDIC in fulfilling its legal mandates regarding the resolution of failed institutions subject to that rule, the FDIC believes that if one of the largest IDIs were to fail with little prior warning, additional measures would be needed to ensure the prompt and accurate payment of deposit insurance to all depositors.

    Beyond the constraints apparent in § 360.9, significant resources are needed to collect and standardize the information needed to process the high volume of accounts a covered institution has in a manner that will Start Printed Page 87747avoid significant disruption to depositors and the payment system. Processing deposit accounts after gathering needed information can take significant time after failure as well. As the amount of time needed to gather information from a depositor increases, the speed of insurance payment to that depositor decreases. Delays in processing deposit insurance determinations at banks with millions of deposit accounts would likely be more significant than the delays imposed during past resolutions of smaller banks. For example, in the wake of IndyMac's failure, it took FDIC staff significant time and resources to complete deposit insurance determinations for many formal revocable trust and irrevocable trust accounts. Given the level of public anxiety after the failure of IndyMac Bank, it is not unreasonable to be concerned that the fear of loss on deposits could be even greater in the event of the failure of a covered institution. The reporting required under the final rule will help the FDIC prepare to make deposit insurance determinations after the failure of a covered institution.

    Several commenters assert that there is no need for covered institutions to maintain account information that duplicates or overlaps with information already maintained outside the institution by account holders who can provide the information expeditiously in the event of the institution's failure. These commenters believe that a two-pronged approach by which prompt payment is made to most depositors and later payment is made to certain other depositors once the required information has been received has had no negative effect on public confidence in deposit insurance and the banking system. To a large extent, the final rule accommodates this concern by limiting the recordkeeping requirements for certain types of deposit accounts for which covered institutions do not already maintain the information needed for deposit insurance determination.

    The evolution of deposit products and relationships has rendered current regulatory standards less effective in facilitating rapid deposit insurance determination. Account features and customer use and expectations have changed. Immediate and continuous access to deposit accounts is more common now than in the past. Deposit accounts are increasingly used by beneficial owners of deposits who are not the named account holder (e.g., MMDAs associated with brokered sweep accounts and prepaid account programs administered by a third party that places deposits at an IDI on behalf of the cardholders). Also, demand deposit accounts held in connection with revocable trusts are used more commonly. Because these accounts are transactional, those depositors expect to have immediate access without regard for the respective institution's failure. Checks outstanding at the time of failure need to be processed and either paid or returned in a timely manner, often no more than a few business days, in order to avoid cascading consequences across the payments system. However, it could take time after failure for the FDIC to gather the information needed to make a deposit insurance determination for the deposit accounts that those checks are drawn upon. The final rule seeks to minimize the amount of time needed to make deposits in those accounts accessible so that the impact on depositors and the payments system in general is minimized.

    Some of the commenters maintain that the FDIC should develop its own IT system capabilities to handle deposit insurance determinations at an institution of any size. One advocated for the development and use of a single insurance calculation system to be deployed at every covered institution, while another discussed the use of a custodial facility to reconcile depositor data transmitted by the institution with data transmitted by financial intermediaries. As described in V. Alternatives Considered, the FDIC considered developing a system to rapidly transfer all deposit data from a failed IDI's IT system to the FDIC for processing in order to calculate and make deposit insurance determinations but determined that absorbing the deposit system or systems of a large, complex institution quickly enough to make a prompt insurance determination is practically infeasible.

    B. Comments Concerning the Expected Effects of the Rule

    Several commenters challenged the conclusions and methodology of the FDIC's analysis of the proposed rule's expected effects. One commenter remarked that the “proposed rule would impose unnecessary costs without delivering any benefit” and that the FDIC “almost certainly has grossly underestimated the cost to the affected banks of implementing and maintaining deposit-account aggregation as specified in the NPR.” Commenters criticized different cost components of the analysis, including whether the model was up-to-date, captured the impact of the rule on all market participants, and the assumptions and robustness of the model. The FDIC has considered these comments in development of the final rule.

    Expected Costs

    FDIC costs: One commenter noted that the NPR did not include costs to the FDIC. The FDIC estimates that this rule may require as many as 15 full-time equivalent employees to assist with implementation of the regulation.[22] The present value of these costs at a 3.5 percent discount rate for 30 years increases the estimated cost of the rule by approximately $36 million.[23] The costs of these employees include wages, benefits, and taxes, and are adjusted for inflation. The FDIC believes this is a conservative estimate as it anticipates that administration of the rule will require less effort over time.

    Costs to depositors: Commenters noted that the NPR did not include the costs that depositors will incur updating or providing account information to covered institutions. The FDIC believes that the number of accounts where depositors will be asked to provide account information is significantly reduced from the NPR given the alternative recordkeeping requirements provided for in the final rule. Even so, the FDIC estimates that the cost to depositors will be approximately $56 million. In calculating this estimate, the FDIC assumes a 100 percent response rate by depositors with a level of effort (LOE) for depositors equal to the LOE of the covered institutions and the average national wage rate of $27 per hour.[24] Depositors are not required to provide account information, however, and the FDIC expects that some depositors will not provide it. A depositor who provides the account information reveals that he or she perceives that the benefit of providing the information justifies the cost of doing so.

    Costs to intermediaries: Some commenters criticized the FDIC's cost estimate because it did not include the potential impact on other market participants, including administrators, custodians, and sub-custodians. In response to comments discussed elsewhere in this preamble, the final rule provides alternative recordkeeping Start Printed Page 87748requirements for certain deposit accounts. The FDIC expects that the cost to intermediaries will be mitigated by the final rule's alternative recordkeeping requirements.

    Number of deposit accounts: Several commenters criticized the FDIC's analysis on the grounds that it was based on outdated information, and it included some banks that would not be covered by the NPR and excluded some banks that would be covered. Based upon comments received on the NPR and taking into consideration the banks that amended their Call Reports to reflect a deposit account total under the two million threshold, the FDIC updated its model using June 30, 2016 Call Report data, adding banks that will be subject to the final rule and removing banks that are no longer expected to be subject to the final rule. The number of covered institutions increased from 36 to 38, and the number of deposit accounts rose by 4.7 percent. This update, by itself, added approximately $6.4 million to the estimated cost of the rule.

    Ongoing costs: The FDIC's cost estimate was also criticized as not addressing the ongoing costs of compliance or considering anti-competitive effects. Some commenters argued that the FDIC failed to take into consideration ongoing costs; other commenters argued that the FDIC's estimate of these costs was too low. The FDIC did not receive any evidence that its estimate for one year of ongoing costs was too high; however, it did update its estimate to include costs incurred in later years. The FDIC extended the horizon for annual ongoing costs by calculating the present value of these costs over a 30-year horizon at a 3.5 percent discount rate.[25] This re-calculation raises the estimated cost of ongoing operations from $2.9 million to approximately $55 million.

    Costs and risks of data breaches: Several commenters stated that the additional information maintained by banks as a result of this final rule would increase the risk and cost of data breaches. As stated in the NPR, covered institutions already maintain significant amounts of personally identifiable information (PII) on their depositors. However, the final rule has been modified in a way that should largely address this issue. It does not require covered institutions to bring records in-house that currently are permitted to reside outside the institution with the account holder or other designated third party.

    Foreign deposits: One commenter stated that the rule should not cover foreign deposits. The rule does not cover foreign deposits and the cost calculations take into account only domestic deposit accounts.

    Misinterpretation of rule requirements: Several commenters stated the costs of the final rule would be orders of magnitude higher than the FDIC's estimate as they believed the rule would require them to collect or report changes to beneficial ownership and account balances on a daily basis. The proposed rule did not contain any such requirement. Similarly, the final rule does not require daily collection or reporting but rather periodic demonstrations that covered institutions can promptly provide deposit account information to the FDIC. In any event, the final rule sets forth alternative recordkeeping requirements that can be met to satisfy the rule with respect to accounts insured on a pass-through basis and certain deposit accounts held in connection with formal trusts.

    Model robustness to changes in assumptions: One commenter stated that the costs in the model are sensitive to the assumptions used by the FDIC. The FDIC did not receive any information that would indicate that its assumptions are inappropriate. Further, this comment ignored the effect that changing assumptions has on the benefits of the rule, which also rise with the banks' difficulty in obtaining accurate account information. For example, assuming that the percentage of accounts with insufficient deposit records will be higher would raise the costs of the rule, but it would also increase the benefits of the rule because, absent the final rule, a higher percentage of accounts with missing or incorrect information would likely further delay an insurance determination.

    Reliability of cost estimate: The NPR noted that even if actual compliance costs turned out to be twice the projected cost, such costs would still be relatively small in the context of the size, annual income, and expenses of covered institutions. Referring to this statement, one commenter stated that the “margin of error in the estimate could be as much as 100 percent.” The FDIC recognizes that no model will perfectly capture all of the costs associated with this rule. Doubling the estimated costs merely demonstrates the robustness of the FDIC's cost estimate. Moreover, none of the commenters proposed an alternative model or provided their own compliance cost data. The FDIC invited the submission of such information when it issued the ANPR and the NPR.

    Relative costs for smaller institutions: Another commenter states that the FDIC's compliance cost estimates do not accurately reflect the burden the proposed rule would place on covered institutions and that compliance burdens would fall disproportionately on smaller institutions, which do not have the economies of scale to absorb the costs. This commenter suggests that the FDIC provide a cost calculation that stratifies the financial impact of the proposal by total deposits, so that the actual costs relative to size, other expenses, and earnings can be accurately assessed. One commenter noted that, while the costs of the rule relative to revenue and expenses are very small for covered institutions as a whole, this is because of the outsized influence of large banks on aggregate revenue and expenses. While the FDIC recognizes that the cost of the rule per account and as a percentage of assets, revenue, and expenses will be higher for relatively smaller covered institutions and, while it considered these costs when determining whether to adopt the final rule, the FDIC concluded that incomplete deposit account information at institutions with two million or more deposit accounts poses an unacceptable risk to the DIF and depositors. However, institutions can submit a request to the FDIC for an exemption from the final rule if their deposit-taking business model does not pose a significant risk to the DIF or depositors because all deposits they accept are fully insured. Moreover, the primary determinant of the costs of the rule per institution is not likely to be the size of the institution, but rather the quality of its current IT system for deposit record-keeping. Those institutions with more robust and accurate record-keeping systems will incur fewer costs. Those with less robust and less accurate record-keeping systems will incur greater compliance costs.

    Expected Benefits

    Multiple commenters argued that the FDIC should quantify the expected benefits of the final rule. None of the commenters provided their view on the quantitative benefits of the rule. Because there is no market in which the value of these public benefits can be determined, it is not possible to quantify or estimate these benefits with precision.

    Some commenters questioned the benefits that the rule would provide. One individual argued that the rule would not deliver any benefit. One group of trade associations described the expected benefits as “marginal,” and Start Printed Page 87749another individual described the rule as providing little benefit. The commenters offered minimal explanation of their positions on the expected benefits apart from speculating that the failure of one of these large institutions was unlikely, notwithstanding the events of the recent financial crisis. In the FDIC's view, the final rule provides many benefits, as explained in II. Background and IV. Expected Effects.

    C. Comments Concerning Possible Alternatives to the Proposed Rule

    As described in V. Alternatives Considered, the FDIC considered a number of alternatives in developing the proposed and final rule, including: (i) Adjusting thresholds above or below the proposed two million accounts; (ii) excluding certain account types; (iii) maintaining the FDIC's current approach to deposit insurance determinations (status quo); (iv) developing an internal FDIC IT system and transfer processes capable of subsuming the deposit system of any large covered IDI in order to perform deposit insurance determinations; and (v) simplifying deposit insurance coverage rules. The FDIC received comments on these alternatives.

    In deciding which institutions would be subject to the final rule, the FDIC considered thresholds above and below two million deposit accounts. The FDIC received one comment on this alternative. The commenter suggested that the threshold should include both the number of accounts and total dollar amount of deposits and suggested that the threshold for the number of accounts should be higher—10 million accounts. Raising the threshold would decrease the costs of the rule on the industry because fewer institutions would be covered, but would also increase the risk that the information would not be available for the FDIC to make timely and accurate deposit insurance determinations for large institutions and limit the FDIC's resolution options, thereby potentially increasing its loss.

    Several commenters argued that it would be too costly to impose additional recordkeeping requirements for certain types of deposit accounts. The FDIC recognizes that under current generally applicable deposit insurance rules for certain types of deposit accounts, information needed for deposit insurance purposes may reside outside an IDI's deposit account records, and the final rule does not require that covered institutions collect the additional information needed from account holders for these types of deposit accounts.

    Some commenters supported maintaining the status quo and considered existing regulatory standards (specifically § 360.9) to be adequate. Adoption of § 360.9 was an important step toward resolving a large depository institution in an efficient and orderly manner. However, while § 360.9 would assist the FDIC in fulfilling its legal mandates regarding the resolution of a failed institution that is subject to that rule, the FDIC believes that if the largest of depository institutions were to fail with little prior warning, additional measures would be needed to ensure the prompt and accurate payment of deposit insurance to all depositors.

    The FDIC received a comment supporting the alternative in which the FDIC creates a software solution to calculate and make deposit insurance determinations to be deployed at all covered institutions. The FDIC finds that alternative is not feasible, given the challenge of creating one program to accommodate the different and bespoke deposit systems of all covered institutions.

    D. Comments Concerning the Proposed Rule's Requirements

    1. Problems Associated With Beneficial Ownership Information

    One commenter stated that requiring a large amount of beneficial owner data to be collected on a daily basis would be superfluous because the FDIC would only need to use the data for deposit insurance determinations if and when a covered institution failed. Moreover, requiring daily updates on beneficial customer data would result in high costs and risk customer dissatisfaction. Generally speaking, beneficial ownership of deposits placed in covered institutions relies upon the principles of agency law or fiduciary relationships to provide “pass-through” deposit insurance coverage to the beneficial owners of those accounts. In most circumstances, the agents, fiduciaries, custodians, or other accountholders maintain the requisite beneficial ownership data in their own records, and presumably, those accountholders update their records as necessary, including on a daily basis, as ownership of the underlying deposits changes. While the final rule requires a covered institution's IT system to be capable of accepting and processing beneficial ownership data for all accounts on any given day, i.e., the day of the covered institution's failure, the beneficial ownership information will not be required to be transferred and maintained on a daily basis at the covered institution provided that 12 CFR part 330 permits the recordkeeping associated with those deposit accounts to be maintained by an entity other than the covered institution. See, 12 CFR 330.5 and 330.7.

    Some commenters remarked that having to submit requests for exceptions for individual account holders would be “senselessly cumbersome and grossly inefficient—including for the FDIC itself—considering that all or most covered banks would be expected to seek exceptions for certain classes or accounts.” The FDIC has considered the comments regarding the inefficiency as well as the burden to both the covered institutions and the FDIC of having to submit and process, respectively, requests for exceptions from the final rule's requirements for each individual account holder for whom it would not be possible to obtain the requisite information. The FDIC has revised its proposal to address this concern. As more fully described in III. Description of the Final Rule, the final rule adopts a bifurcated approach to deposit account recordkeeping requirements based upon the recordkeeping procedures permitted by 12 CFR part 330. Under this approach, covered institutions will not be required to collect and maintain information for certain deposit accounts provided that 12 CFR part 330 allows the requisite information to be maintained by the account holder or some other third party. Consequently, it will not be necessary for covered institutions to request exceptions for individual deposit accounts or for certain “classes” of deposit accounts provided that the relevant deposit account ownership information for those accounts is maintained in accordance with 12 CFR part 330.

    Certain commenters claimed that the proposed rule would be unduly costly, burdensome, and impracticable in the case of particular account holders, such as banks needing to obtain ownership and balance information from agents and other custodians who service payment cards issued by large corporations as checking and debit substitutes. One commenter expected that information for retirement plan participants would not be forthcoming from sponsors, fiduciaries and others involved in plan administration because participants' interests change daily, there are multiple intermediaries from whom information would need to be collected, and because plan sponsors and fiduciaries won't disclose participant information for fear of violating participants' privacy and breaching fiduciary duties under the Employee Retirement Income Security Start Printed Page 87750Act of 1974.[26] Another commenter contended that a lawyer's disclosure of clients' identities and interests in client trust accounts conflicts with ethical rules protecting confidential client information.

    After balancing the goals of the final rule and the concerns of the commenters, the FDIC decided to align the deposit account recordkeeping requirements of this final rule with the recordkeeping requirements set forth in 12 CFR 330.5 and 12 CFR 330.7. These two sections of the FDIC's regulations address deposit account ownership (and recordkeeping) in the context of fiduciary relationships (as described in § 330.5) and which includes agents, nominees, guardians and custodians. Compliance with these recordkeeping requirements is necessary to ensure the availability of pass-through deposit insurance to the underlying beneficial owners of the deposits. The commenters presented various arguments for different types of pass-through deposits to support their request for “class” exceptions.

    Retirement and other employee benefit plan accounts. For the reasons discussed, the FDIC will consider these accounts to be subject to the alternative recordkeeping requirements of final part 370. Nevertheless, the covered institutions will be required to assign a unique identifier to the account holder. Covered institutions will also be required to maintain a “pending reason” code in their deposit account records for each account to comply with § 370.4(b)(1)(ii) of the final rule. The covered institutions should have procedures in place to obtain the necessary plan participant information as soon as possible after failure. Any delay in the receipt of the requisite information post-failure will adversely impact the FDIC's ability to complete its deposit insurance determinations and disburse deposit insurance payments to the plan administrators.

    Interest on Lawyer Trust Accounts and Real Estate Trust Accounts. Several commenters described the problems facing lawyers attempting to maintain current and accurate information regarding their clients' identities and transactions associated with their Interest on Lawyer Trust Accounts (“IOLTA”) accounts. The commenters asserted that frequent, if not daily, deposits and withdrawals are made on behalf of various clients. Therefore, requiring the lawyers to provide up-to-date information on a daily basis would be “administratively difficult and costly” for the lawyers who are the account holders. As the American Bar Association Model Rule 1.15 requires lawyers to keep adequate records on IOLTAs for up to five years, the lawyer or law firm (as the account holder) should be able to provide the necessary information regarding their clients, who are the beneficial owners of the deposit in the IOLTA account, in a timely fashion. The commenters also pointed out that lawyers have a fiduciary duty to maintain the confidentiality of their clients' sensitive or personal information and raised concerns that this duty could be compromised by routinely disclosing such information to a covered institution. The FDIC recognizes that FinCEN recently excepted IOLTAs and other lawyer escrow accounts from its customer due diligence final rule; it appears that FinCEN relied upon many of the same considerations discussed here.[27] It is important to note, however, that FinCEN and the FDIC are addressing different problems through their respective rulemakings; i.e., the prevention of money laundering and timely deposit insurance determinations, respectively. Ultimately, the safeguards provided by the lawyers' rules of professional responsibility to properly manage their IOLTA accounts coupled with the off-site recordkeeping allowed pursuant to § 330.5(b)(1)-(3) for fiduciary relationships justify the reduced deposit account recordkeeping requirements for IOLTA accounts.

    The same commenters asserted that Real Estate Trust Accounts (“RETAs”) are very similar in structure and concept to IOLTAs and, therefore, should also be excepted as a class of deposits from the recordkeeping requirements of final part 370. RETAs represent another type of pooled, custodial account in which a title/escrow agent deposits funds from multiple clients; the funds are usually held for a short period of time until the clients' real estate transactions are completed. Deposit account recordkeeping for RETAs is also subject to the off-site recordkeeping requirements of § 330.5(b)(1)-(3) for fiduciary relationships. Therefore, covered institutions will only be required to assign a unique identifier to the account holder and maintain a “pending reason” code in its deposit account records in accordance with § 370.4(b)(1)(ii).

    Mortgage servicing accounts. The FDIC received several comments requesting that the recordkeeping requirements of the proposed rule be revised to allow relevant information regarding mortgagors whose payments are placed in a mortgage servicing account (“MSA”) to continue to be maintained with the mortgage servicing company rather than at the covered institution. Commenters from the mortgage servicing industry provided a description of the typical transactions which occur in a mortgage servicing account, explaining that there are safeguards which would make the need to access the funds in such an account on the first business day after a covered institution's failure a low priority for the servicer. For example, payments of principal and interest are made in advance; mortgage servicing contracts require the servicer to maintain back-up liquidity sources; and while the transaction volume in these accounts is usually high, the deposit amounts allocated to individual beneficial owners are typically far less than the SMDIA. In addition, mortgage servicing deposit accounts are expressly included in § 330.7(d) and are usually held by a mortgage servicing company in a custodial or fiduciary capacity. The FDIC has considered these comments and, based on these considerations, the FDIC has concluded that MSAs maintained by a third party mortgage servicer must only comply with the recordkeeping requirements set forth in 12 CFR 370.4(b)(1). On the other hand, MSAs for which the covered institution serves as the mortgage servicer must comply with the recordkeeping requirements set forth in § 370.4(a).

    Brokered deposits and sweep accounts. Several commenters raised concerns about the impact of the proposed rule on brokered deposits. One proposed revising the exemption provision to apply to deposits received through a deposit allocation or sweep service in amounts that do not exceed the SMDIA, expressly permitting a custodian or sub-custodian, as account holder, to refuse to provide beneficial owner data for all deposits placed through a deposit placement network or cash sweep program, and granting an exception based on such refusal without requiring a particularized showing for each of the custodian's customers. Another commenter recommended excepting deposits placed in a covered institution by a non-covered institution through a deposit placement network.

    Another commenter provided data concerning the scope and composition of brokered deposits and sweep programs as a subset of the entire banking industry's deposit base. According to this commenter, as of March 31, 2016, there were $813 billion of brokered deposits reported on bank Call Reports; of this amount, Start Printed Page 87751approximately $350 billion were brokered CDs. This commenter also estimated that $350 billion of the $813 billion reported brokered deposits are in sweep programs and noted that deposits in some sweep programs are not categorized as “brokered deposits” and are therefore not reported as such on the Call Reports of those banks in which they are deposited. According to this commenter, almost 13 percent of domestic deposits are held on a pass-through basis through broker-dealers or other banks through these various deposit programs, and average sweep deposit balances and purchases of brokered CDs are substantially below the SMDIA.

    Brokered deposits—for example, those that are part of a deposit placement network or as brokered CDs offered by or sweep programs sponsored by a broker-dealer—represent another type of deposit account where a fiduciary or other agent or custodian is the account holder on behalf of beneficial owners. In recognition of the recordkeeping requirements set forth in § 330.5, the final rule provides for “alternative recordkeeping” for those deposit accounts. The covered institutions are authorized to maintain their account records for brokered deposit accounts in accordance with the off-site and multi-tiered relationship methods set forth in § 330.5(b). The covered institutions will be required to assign a unique identifier to the account holder which will be the entity placing the deposit(s) in the covered institution. The covered institutions will not be able to designate the appropriate right and capacity code because they will not have access to the requisite underlying information regarding the beneficial owners; consequently, they will need to maintain in their deposit account records information sufficient to populate the pending reason field in the pending file that would be generated by the IT system as required under § 370.4(b)(1) and Appendix B of the final rule and, if appropriate, comply with the certification requirement set forth in § 370.5.

    Prepaid accounts. One commenter argued for a class exemption for closed-loop and non-reloadable cards because funds paid in exchange for many of these types of cards are not FDIC-insured on a pass-through basis, bank collection of information on the owners of the cards is limited at best, and the cards are often easily transferrable (e.g., given to friends or relatives). As discussed in the preamble to the NPR (and acknowledged by the commenter), the funds paid to a merchant for a closed-loop (or merchant) card are not insured on a pass-through basis by the FDIC because “the funds are not placed into a custodial deposit account at an insured depository institution.” [28] The FDIC's General Counsel's Opinion No. 8 (“GC Opinion”) affirms this principle by stating that the GC Opinion “does not address merchant cards because such cards do not involve the placement of funds at insured depository institutions.” [29] The guidance provided in the GC Opinion “is limited to bank cards and other nontraditional access mechanisms, such as computers, that provide access to funds at insured depository institutions.” [30]

    This commenter also advocated for a class exemption for open-loop cards. The commenter noted that there are practical limitations to obtaining beneficiary-level information given customers' very real concern for data security and privacy. It emphasized that employers and government agencies are very sensitive to daily transmittal of PII and would prefer to maintain the information in their own systems. In addition, this commenter believed that it is highly unlikely that any individual would receive benefits on an open-loop payroll card or government benefits card in excess of $250,000. Finally, it pointed out that other Federal agencies (the Consumer Financial Protection Bureau, FinCEN) have issued regulations on prepaid accounts (or imposed additional customer identification requirements) that may or may not complement the proposed rule's requirements.

    Covered institutions that issue and administer their own prepaid account programs will need to meet the general recordkeeping requirements set forth in § 370.4(a) because they maintain in their deposit account records the information needed to determine deposit insurance coverage. On the other hand, if an account holder (such as a third party program manager, for example) administers a prepaid account program and the covered institution does not maintain the information needed to determine deposit insurance coverage in its deposit account records, then those deposits would be eligible for pass-through deposit insurance coverage in accordance with §§ 330.5 and 330.7 if specified conditions are met. Consequently, the alternative recordkeeping requirements set forth in § 370.4(b)(1) would be applicable instead.

    One comment stated that for a subset of prepaid accounts, the covered institutions have represented that they will modify their deposit systems (in addition to other IT systems enhancements required by the final rule) to be able to receive “sensitive [PII] from employers and government agencies at the specific point in time of a bank resolution.” According to the commenter, this additional modification would allow employers or governments to maintain the accuracy and integrity of employee/beneficiary data on their own systems. Industry-driven technological innovations also may facilitate the covered institutions' ability to comply with this critical timing requirement.

    Under the final rule, the covered institutions will be permitted to rely on the alternative recordkeeping requirements set forth in § 370.4(b)(1) for any type of deposit account that meets the criteria set forth therein, i.e., the covered institution's deposit account records disclose the existence of a relationship which might provide a basis for additional deposit insurance in accordance with 12 CFR 330.5 or 330.7 (a “§ 370.4(b)(1) account”). Consistent with the goals of preserving public confidence, an additional condition applies to accounts with transactional features. The covered institution must certify that the respective account holder(s) will be able to provide the necessary depositor/beneficial owner information to the FDIC upon failure of the covered institution so that the FDIC will be able to determine the deposit insurance coverage within 24 hours after the FDIC's appointment as receiver to help ensure that the FDIC will be able to complete the deposit insurance determination over closing weekend. The requisite depositor information for these § 370.4(b)(1) accounts must be received by the FDIC so that they will be part of the initial deposit insurance determination process. Examples of such deposit accounts include, but are not limited to: Deposits placed by third parties with associated sweep accounts, whether or not those sweep accounts are categorized as brokered deposits, and prepaid accounts. If these deposit accounts are not part of the initial deposit insurance determination, then the FDIC would be required to place holds on the funds in those accounts until the necessary information is received and processed. As a result, the beneficial owners of these § 370.4(b)(1) accounts would not have access to their funds on the next business day after the covered institution's failure. It is possible that for some depositors, this Start Printed Page 87752delay would create a hardship; the inability to access their funds could result in returned checks and an inability to handle their day-to-day financial obligations. In the event that a covered institution is unable to certify that that the account holder will be able to provide the required information regarding the § 370.4(b)(1) accounts to the FDIC upon failure of the covered institution so that the FDIC will be able to use the covered institution's IT system to determine deposit insurance coverage within 24 hours after its appointment as receiver, then the covered institution will have to request an exception from the FDIC.

    2. Trust Accounts

    Although deposit insurance coverage for trust accounts is not dependent upon the principle of pass-through insurance, issues concerning the identification of the beneficiaries of a trust and their respective interests create a similar problem for covered institutions, and ultimately for the FDIC, when faced with making such deposit insurance determinations. Several commenters contended that covered institutions, regardless of client base, would satisfy at least one, if not all three, of the criteria identified as warranting an exception under § 370.4(c) of the proposed rule for these types of accounts; i.e., the covered institution does not maintain information identifying the beneficial owner(s) and the account holder has refused to provide such information, disclosure of such information is protected by law or by contract, and information concerning the beneficiaries changes frequently and updating the information is neither cost effective nor technologically practicable. They stated that trustees are bound by common law and statutory fiduciary duties to keep certain information confidential, including PII such as the names and Social Security Numbers (“SSNs”) of the trust beneficiaries. The fiduciary duties of loyalty and confidentiality are the basis for allowing a Certification of Trust (under § 1013 of the Uniform Trust Code), “to protect the privacy of a trust instrument by discouraging requests from persons other than beneficiaries for complete copies of the instrument in order to verify a trustee's authority.” These commenters further believed (based upon anecdotal information) that individual trustees would open accounts at other institutions not subject to the proposed rule's requirements to avoid having to respond to the unwanted inquiry from a covered institution. The commenters identified a number of different trust arrangements which should be included within the trust deposit exception: trusts administered by third-party individual or institutional trustees, collective investment funds (including common trust funds), corporate trustees for bond indentures, and fiduciary self-deposits made by covered institutions.

    The FDIC has considered all of the arguments advanced by the commenters as described above. Rather than adopt the exception process as described in the proposed rule, the FDIC has decided to require recordkeeping for certain types of trust accounts based upon the covered institution's knowledge about the trustee or grantor (the account holder), as well as information regarding the beneficiaries of the trust which should be maintained by the covered institution. The FDIC has developed this approach based upon the comment letters. Moreover, the FDIC has considered the deposit account ownership analysis provided in 12 CFR part 330 in the context of the various types of trust accounts. For example, the FDIC recognizes that such factors as the common law and statutory duties of confidentiality and loyalty imposed upon trustees would make it difficult or impossible for them to disclose the necessary information regarding the beneficiaries of certain trust accounts. Therefore, the FDIC has determined that all deposit accounts established pursuant to a formal trust agreement—either formal revocable or irrevocable (when the trustee of the irrevocable trust is not the covered institution) must comply with the alternative recordkeeping requirements set forth in § 370.4(b)(2). This alternative recordkeeping method should include all formal revocable trust accounts which are commonly referred to as “living trusts” or “family trusts” [31] and all irrevocable trust accounts when established by another person or entity as trustee.[32] A covered institution would only be required to satisfy the more limited recordkeeping requirements set forth in § 370.4(b)(2) of the final rule for those deposit accounts governed by a formal trust agreement. One requirement of that paragraph, however, provides that the covered institution maintain a unique identifier for the grantor of a formal trust account if the trust account has transactional features. The FDIC recognizes that many consumers now open formal trust accounts and use them to handle their daily financial transactions. Compliance with this requirement regarding the grantor will permit the FDIC to begin the deposit insurance determination process and, during that delay, allow access to some portion of that deposit account and process outstanding checks.

    In contrast, any deposit account held in a covered institution established pursuant to an informal testamentary trust will be required to comply with all of the recordkeeping requirements set forth in § 370.4(a) of the final regulation. “Such informal trusts are commonly referred to as payable-on-death accounts, in-trust-for accounts, or Totten Trust accounts” (“PODs”).[33] To comply with the FDIC's current regulations regarding deposit insurance coverage for informal revocable trust accounts, any IDI is already required to specifically name the beneficiaries in the deposit account records of the IDI.[34] Finally, covered institutions which act as the trustee for certain irrevocable trust accounts would also be required to maintain trust account information in accordance with § 370.4(a) of the final regulation.

    As with other classes of deposits for which the FDIC will not have the requisite information at the time of a covered institution's failure, deposit insurance determinations on the various types of formal trust accounts will not be possible until the account holder provides the FDIC with the necessary trust documentation after closing weekend. Therefore, based upon how quickly the trust documentation and/or information about beneficiaries is provided as well as the number of trust accounts to be determined, account holders may experience a delay in receiving the insured deposits placed in their trust accounts. This is the deposit insurance determination process currently employed by the FDIC; however, the volume of trust accounts at a covered institution could prolong the deposit insurance determination period.

    3. Security Risks of Collecting Depositors' PII

    An area of particular concern for many commenters was the proposal's requirement that a covered institution obtain PII from third parties such as financial intermediaries, trustees, escrow companies, benefit plan administrators, and government entities who have opened deposit accounts on behalf of other entities. A commenter remarked that the requirement to obtain and store PII and other sensitive information regarding covered institutions' financial intermediary customers and their beneficial owners Start Printed Page 87753“would cause substantial disruption in the deposit markets and increase the risk of breaches of security of depositors' [PII]”. The commenters expressed particular concern regarding the added security risk for both the financial intermediaries and the covered institutions if they are required to collect depositors' PII for deposit accounts opened by various third parties on behalf of numerous beneficial owners.

    The FDIC has addressed this concern. Because the recordkeeping requirements for all types of pass-through deposit accounts will be based upon the existing recordkeeping requirements for deposit insurance purposes set forth in §§ 330.5 and 330.7, the covered institutions will not be required to request, collect, and maintain PII on the beneficial owners of the deposits placed by certain financial intermediaries. In addition, the covered institutions will not be required to request and maintain information regarding the beneficiaries (which are required to perform a deposit insurance determination) of trust accounts that are governed by a formal trust agreement pursuant to §§ 330.10 and 330.13.

    4. Official Items

    The statutory definition of deposit includes, but is not limited to, certified checks, traveler's checks, cashier's checks and money orders.[35] Informally, these types of deposit instruments are known as “official items.” Part 330 of the FDIC's regulations does not adopt this popular convention and contains no definition of official items. Nevertheless, the FDIC's Financial Institution Employee's Guide to Deposit Insurance utilizes the term and includes the following examples: Money orders, expense checks, interest checks, official checks/cashier's checks, travelers' checks, and loan disbursement checks.[36] Two commenters stated that cashier's checks, teller's checks, certified checks, and personal money orders (all commonly known as “official items”) would be particularly problematic because the covered institution does not typically have tax identification numbers (“TINs”) for non-customer purchasers, payees, or holders of any of these instruments. Consequently, both commenters requested that these deposit instruments be exempted as a class from the proposed recordkeeping requirements in the final rule. Moreover, commenters from the banking industry and potentially covered institutions explained the practical difficulties with obtaining and maintaining the necessary depositor information regarding these deposit instruments. To address these issues, the FDIC adopted the following approach in the final rule: Covered institutions will not be required to modify their recordkeeping practices with respect to these types of deposits. While the FDIC believes that covered institutions do generally maintain records concerning the number of deposit instruments issued and for which they are primarily liable, they routinely will not have a SSN or TIN for the payee. Therefore, pursuant to § 370.4(c) of the final rule, covered institutions will not be required to assign a unique identifier to the payee or designate the appropriate right and capacity code. Nevertheless, the covered institution must maintain in its deposit account records a “pending reason” code in data field 2 of the pending file format set forth in Appendix B for all of its official items.

    5. Assigning Right and Capacity Codes

    One commenter submitted that the proposed rule's requirement to assign the appropriate ownership right and capacity code to each of the covered institution's deposit accounts presents practical and administrative challenges for both the covered institution and its deposit customers. Other commenters pointed out that covered institutions will be required to review all of their current account records in order to accurately identify and code their deposit accounts in accordance with the FDIC's deposit insurance categories. In addition, many accounts on legacy systems would have to be reviewed and missing data and documentation obtained in order to comply with certain part 330 requirements. According to one commenter, this would be “a momentous undertaking” imposing significant burden.

    Covered institutions would also have to develop new procedures when opening accounts and re-train employees to classify accounts appropriately. Also, in many cases, the covered institutions' employees do not have the subject matter expertise to accurately designate some types of accounts such as trust accounts. Other types of deposit accounts potentially difficult to identify and/or designate include joint accounts and accounts for corporations, partnerships, and unincorporated associations. The problems with assigning the correct right and capacity code to joint accounts, as described by the commenters, will be discussed separately, infra. One commenter also believed that this requirement effectively transfers the FDIC's responsibility to interpret and apply part 330 to the covered institutions. It asserted that “[n]on-covered institutions would not take on this additional responsibility.”

    The commenters offered the following recommendations regarding the proposed requirement that covered institutions assign the correct right and capacity code to each deposit account. It appears the first choice would be for the FDIC to amend 12 CFR part 330 prior to finalizing proposed part 370—presumably by eliminating certain criteria which the FDIC uses to define or characterize various categories of deposit accounts. Another suggestion would be to allow the covered institutions to rely on their internal coding to assign the requisite codes rather than requiring them to align their designations with the FDIC's rights and capacities codes. Some commenters seem to assume that in the context of bank failures and the concomitant deposit insurance determination, the FDIC disregards part 330's requirements. The commenters requested that the final rule permit “covered banks to classify accounts for FDIC insurance determination as recorded on their internal systems, in line with FDIC's current practice in bank failures.” The commenters asked that the FDIC make deposit insurance determinations in the same manner (based upon the same criteria) for covered institutions as it would in the case of a smaller bank failure.

    As discussed previously in the preamble to the NPR, the FDIC will not be amending 12 CFR part 330 prior to or in conjunction with the issuance of 12 CFR part 370 as a final rule.[37] While both regulations concern deposit insurance, they serve independent purposes. The purpose of part 330 is, among other things, to “provide rules for the recognition of deposit ownership in various circumstances.” [38] The FDIC follows part 330 when making deposit insurance determinations at the time of failure. Aside from governing the application of deposit insurance, the rules in part 330 are intended to assist both IDIs and their deposit customers to structure deposit accounts so that their accounts will conform with the rules for various account types. In that way, a depositor could be confident that his or her funds will be fully insured by the FDIC in the event of the IDI's failure. On the other hand, final part 370 requires Start Printed Page 87754the largest IDIs, the covered institutions, to develop IT systems capable of performing the deposit insurance calculations in the event of failure and to maintain their deposit account records in accordance with the information requirements set forth in the final rule. When 12 CFR part 370 is fully implemented, the FDIC will be in a better position to complete the deposit insurance determination “as soon as possible” rather than waiting for deposit account information to be provided after a covered institution's failure which might result in an unacceptable delay.

    The covered institutions requested that they be allowed to rely on the internal coding of their deposit accounts. The FDIC presumes that for many accounts, the covered institutions' internal coding will, in fact, align with the appropriate FDIC right and capacity code, e.g., individual, joint, business, and PODs. In certain circumstances, however, it may be necessary for the covered institutions to refer to the appropriate section of part 330 and/or the FDIC's Financial Institution Employee's Guide to Deposit Insurance (or perhaps call the FDIC Call Center) in order to make an accurate assignment of the FDIC right and capacity code. All of the deposits held by a depositor in the same right and capacity must be aggregated before the deposit insurance determination can be performed. Assigning the correct right and capacity code is necessary so that the FDIC would be able to complete the deposit insurance determination promptly. If the codes assigned by the covered institutions do not align with FDIC codes, then the FDIC could not rely on the covered institution's records for deposit insurance determination purposes. In the context of a bank failure, the FDIC typically will look behind the titling and will examine the failed bank's records if there is a question or concern regarding the proper deposit insurance coverage.

    The FDIC does not anticipate handling deposit insurance determinations at a covered institution in a different manner than it has done historically with smaller IDIs. Smaller IDIs have not generally had numerous deposit accounts that are not readily assigned to the most common FDIC rights and capacities codes; therefore, this has not created a problem for either the smaller institutions or the FDIC at failure. The FDIC has recognized, however, that for certain types of deposit accounts, e.g., those based upon pass-through deposit insurance and certain types of trust accounts, the covered institutions will not have sufficient information regarding the beneficial owners or the beneficiaries, respectively, to assign the correct FDIC right and capacity code. For those types of accounts, § 370.4(b)(1) and (b)(2) permit the covered institution to maintain a “pending reason” code in the pending file (as set forth in Appendix B) of its deposit account records in lieu of the correct right and capacity code.

    Finally, the commenters asserted that this requirement, in effect, transfers the FDIC's responsibility to interpret and apply part 330 to the covered institutions. IDIs play an important role in maintaining a functioning deposit insurance system, which benefits them, their customers and the public in general. Prompt payment of deposit insurance is only possible when IDIs maintain sufficient records to enable the FDIC to perform its deposit insurance determination function consistent with FDI Act requirements and authority. The FDIC provides a number of different resources to the banking industry as well as the public to assist in the interpretation and application of the part 330 rules. For example, the FDIC conducts live Deposit Insurance Coverage Seminars for bank officers and employees throughout the year. Moreover, videos of these seminars are available on YouTube. The FDIC also provides guidance to IDIs and the public through the operation of a call center. FDIC staff receives calls from bank customer service representatives seeking assistance in real time to structure new deposit accounts for their customers properly. A new edition of the FDIC's Financial Institution Employee's Guide to Deposit Insurance was recently published, and finally, the Electronic Deposit Insurance Estimator (also known as “EDIE”) is located on the FDIC's Web site. All of these FDIC resources are available for the use of IDIs (including the covered institutions) as well as the public. Presumably this information is instructive in opening and structuring deposit accounts so that they are (and remain) in compliance with the criteria set forth in part 330.

    6. Joint Accounts and Signature Cards

    Both in response to the ANPR and the NPR, certain commenters have expressed their concern with the challenges they would face trying to comply with § 330.9(c)(1)(ii) of the FDIC's regulations. That particular paragraph requires that “each co-owner has personally signed a deposit account signature card” in order to be a “qualifying joint account” for purposes of deposit insurance under part 330.[39] Some commenters stated that covered institutions would have to go through all of their deposit accounts (in this particular case, those accounts styled as joint accounts) to verify that those accounts satisfied the part 330 requirements. They have characterized this process as a “momentous undertaking.” Moreover, the covered institutions expect that keeping these records accurate and up-to-date “would be a continuing and likely insurmountable challenge.” They noted that frequently an individual opening a joint account will take the signature card for a co-owner to sign but never return the completed signature card to the bank establishing the account. Finally, the commenters asserted that “there is no current requirement for banks to (1) ensure that all signature cards are complete and on file for joint accounts, or (2) record in deposit recordkeeping systems which joint accounts have complete signature cards.”

    Regulations requiring that each co-owner of a joint account must personally sign a signature card or the account would not be treated as a joint account for deposit insurance determinations have been in existence since 1967.[40] Most recently, the FDIC addressed the commenters' concerns regarding § 330.9(c) in the preamble of the NPR.[41] Briefly, the FDIC's justifications for maintaining the joint ownership signature card requirement are as follows: (i) The FDIC's signature card requirement simply reflects safe and sound banking practice; (ii) the signature card represents the contractual relationship between the IDI and the depositor (or depositors), and signature cards are a reliable indicator of deposit ownership; and (iii) elimination of the signature card requirement for joint accounts could enable some depositors to “disguise” single accounts as joint accounts in order to be eligible for an additional $250,000 of deposit insurance coverage. Finally, the FDIC believes that the three year implementation time frame should provide the covered institutions with adequate time both to review their Start Printed Page 87755current and legacy account records and to develop procedures to maintain the accuracy of these records going forward. As discussed previously, the FDIC will not be amending provisions of 12 CFR part 330 as part of the adoption of part 370 as a final rule.

    7. Community Banks

    Several commenters noted that requiring account holders of deposits eligible for pass-through insurance to provide beneficial owner data would force community banks to share confidential data on their most vital asset, i.e., their large-dollar depositors. One commenter believed that community banks would incur steep costs and potential customer dissatisfaction if forced to comply with the covered institutions' requests for the beneficial ownership information. However, financial intermediaries, which may include community banks, may not be willing to disclose sensitive and proprietary information regarding their customers to the covered institutions.

    One of the commenters raised another concern that the proposed rule would adversely affect community banks that participate in deposit placement networks. According to this commenter, thousands of community banks participate in deposit placement networks and the commenter believes that deposit allocation services are a vital tool for community banks. Those banks would be required to furnish competing banks with confidential information about some of their largest depository customers any business day that a community bank placed customer funds at a covered institution. Two commenters recommended that an exception from the requirements of the proposed rule should automatically apply to the class of deposits (rather than an account by account exception) placed by community banks in a covered institution through a deposit placement network. According to the commenter, this type of exception would assure community banks that they would not be penalized if they participated in a deposit placement network.

    The requirements of the final rule have addressed these potential concerns. As discussed above, the final rule provides for “alternative recordkeeping” for deposits placed by agents, custodians or some other fiduciary on behalf of others as set forth in §§ 330.5 and 330.7 of the FDIC's deposit insurance rules. Therefore, community banks will not be required to provide covered institutions with proprietary information concerning their large-dollar customers in the event a community bank places deposits with a covered institution. As currently permitted pursuant to the applicable provisions of part 330, community banks will be allowed to retain the beneficial ownership information on these customers rather than provide it to the covered institution. Likewise, the recordkeeping requirements applicable to deposit placement networks will not be affected by the issuance of the final rule. Nevertheless, if deposits placed by community banks with covered institutions serve as transaction accounts for the beneficial owners thereof, then the underlying ownership information (i.e., the identity of each beneficial owner and their respective interest in the accounts) must be provided to the FDIC upon the covered institution's failure so that the FDIC will be able to use the covered institution's IT system to determine deposit insurance coverage for those deposit accounts within 24 hours after the FDIC's appointment as receiver.

    8. Foreign Deposits

    Two commenters recommended that foreign deposits, i.e., those deposits placed in the foreign branches of U.S. banks, should not be within the scope of the final rule. Both commenters asserted that the FDIC does not need depositor information concerning these foreign deposits; foreign deposits are not “insured” deposits, and therefore, the FDIC does not require that type of information in order to complete its deposit insurance determination. One of the commenters added that the FDIC already has access to information concerning foreign deposits because that information is required pursuant to § 360.9 of the FDIC's regulations.

    In accordance with 12 U.S.C. 1813(l)(5)(A), a foreign deposit is not a “deposit” unless it is dually payable in a U.S. branch and a foreign branch of a U.S. bank. If dually payable, however, it would be an uninsured deposit for purposes of the FDIC's deposit insurance determination and would be recognized as a general unsecured claim (a priority two claim) against the failed bank's receivership. Consequently, foreign deposits, by definition, are beyond the scope of the final rule. Therefore, no recordkeeping requirements will be imposed on the covered institutions with respect to foreign deposits. It is worth noting, however, that the FDIC will no longer have access to information regarding foreign deposits pursuant to § 360.9 once covered institutions are compliant with part 370 and are released from the § 360.9 requirements.

    9. Exceptions Process

    A commenter argued that providing the FDIC with the authority to approve or disapprove a covered institution's request “in its sole discretion” would confer unlimited power on the FDIC to discourage or prohibit lawful acceptance by well-capitalized covered institutions of brokered deposits and other deposits placed on a pass-through insurance basis through deposit allocation sweep services. This commenter cited as a source of concern recent regulatory actions by the FDIC and other Federal banking agencies and asked the FDIC to avoid the misperception that it will discourage lawful deposit brokerage relationships by making them too costly or burdensome for covered institutions.

    The commenter's concern that the FDIC will exercise “virtually unlimited power to use the Proposed Rule . . . to discourage or prohibit well-capitalized covered institutions from accepting brokered and other pass-through deposits” is unfounded. The particular concern that the FDIC would discourage lawful brokerage relationships under this final rule is addressed by the adoption of alternate recordkeeping requirements permitted for brokered deposits. It is not intended to otherwise affect brokered deposits.

    Several commenters asserted that obtaining the information from account holders that is needed for deposit insurance calculations would be a significant challenge; one of these commenters remarked that full compliance with the proposed rule for certain account types would be “extremely difficult if not practically impossible.” These commenters argued that the volume of information on financial intermediaries and their beneficial owners, the frequency of changes to the information, and certain legal impediments to disclosure would pose significant operational and cost issues. In addition to requesting exceptions for classes of deposits, some of the commenters believed that the final rule should also include a process for requesting exceptions for other “idiosyncratic accounts” for which obtaining the requisite depositor information would be impossible or cost-prohibitive.

    The FDIC believes that the modifications to the recordkeeping requirements as described in the final rule should address the concerns of covered institutions and the concerns raised about community banks. As a result of the concerns raised by commenters, the FDIC has decided that the deposit account recordkeeping Start Printed Page 87756requirements of part 370 should align with the existing deposit insurance recordkeeping requirements provided in § 330.5 and § 330.7. These two sections of 12 CFR part 330 allow an IDI to maintain the deposit account records for various types of pass-through deposit accounts off-site and with third parties. Nevertheless, in the event that a covered institution identifies other “idiosyncratic accounts” which would not be covered by the recordkeeping methods described in §§ 330.5 and 330.7, the final rule includes a procedure for requesting an exception from the recordkeeping requirements set forth in § 370.4. The covered institution would be required to submit a request to the FDIC for the exception in the form of a letter and explain the circumstances that would make it impracticable or overly burdensome to meet the applicable recordkeeping requirements. Additionally, the request must provide the number and dollar value of the deposit accounts that would be subject to the exception. When reviewing the request, the FDIC would consider primarily the implications that a delay in deposit insurance determination would have for a particular account holder or the beneficial owner of the deposits, the related effect on public confidence, the nature of the deposit relationship, and the ability of the covered institution to obtain the information necessary for the FDIC to make an accurate deposit insurance determination.

    Several commenters believed a more detailed exception process than that provided for in the proposed rule is needed, and they posed a number of questions regarding the process. For example, there were several questions concerning how a covered institution would demonstrate that an entire class of deposit accounts would meet one or more of the three criteria for an exception. The commenters also asked whether a covered institution would be required to continue to gather depositor information on accounts subject to an exception request during the pendency of the FDIC's consideration of that request. They wanted assurances both that the FDIC would respond expeditiously to requests for exceptions and that in the event that a request was denied, the FDIC would not require immediate compliance. The commenters were concerned that a covered institution be allowed a reasonable time to achieve compliance should an exception request be denied.

    As discussed, supra, the final rule does not provide for classes of deposits to be “excepted” from the requirements of part 370. Instead, covered institutions will continue to be allowed to maintain the beneficial ownership information for deposit accounts that are currently subject to the off-site recordkeeping provisions of §§ 330.5 and 330.7 with the appropriate custodian, agent, or other fiduciary as set forth in those sections of the FDIC's regulations. Therefore, there is no need for a process to request exceptions for classes of deposits. Further, the FDIC has addressed the commenters' concerns regarding the covered institutions' compliance during the pendency of an exception request, as the final rule provides that a covered institution will not be in violation of any requirements of the rule for which the institution has submitted a request for relief pursuant to § 370.6(b) or § 370.8(a)-(c) while awaiting the FDIC's response to the request. Finally, a covered institution will be given a reasonable amount of time to comply with recordkeeping requirements for certain deposit accounts in the event that the covered institution's request for an exception is denied.

    The commenters asked whether there would be a general sunset time frame for approved exceptions, and if so, whether there would be a flexible process to renew those exceptions. The final rule does not impose a general sunset time frame for approved exceptions. Depending on the circumstances, approvals could be tailored to be time-limited or open-ended. Section 370.8(e) allows the FDIC to grant its approval of a covered institution's request for an exception subject to certain conditions that would have to be met or to limit its approval to a particular time frame.

    The commenters also wanted to know what type of process there would be to appeal the FDIC's adverse ruling on a petition for an exception. They recommended that the FDIC provide public notice of all exceptions granted or denied on a timely and ongoing basis—without naming the petitioners or specific deposit account holders—with explanations of the bases for those rulings. These commenters also believed that because the exception process “is so critical that input from covered institutions would be needed to assure a workable scheme,” the exception process should be further clarified and re-proposed for public notice and comment.

    The FDIC believes that the modifications to the recordkeeping requirements as described in the final rule should provide much of the requested relief. Given the alternative recordkeeping allowed for certain described deposit accounts, the FDIC does not anticipate that many covered institutions will need to request exceptions from the final rule's requirements. With respect to § 370.4(b)(1) accounts that have transactional features, if a covered institution will not be able to provide the certification required pursuant to § 370.5(a), then the covered institution must submit a request for an exception from that certification requirement as provided for in § 370.8(b).

    10. Comments Concerning the Implementation Period

    The proposed rule provided for an implementation period of two years, and several commenters proposed that four years would be an appropriate time-frame for implementation. The FDIC has considered the commenters' discussion of impediments that would exist for a two-year implementation period and believes that the modifications made in the final rule to harmonize it with the recordkeeping permitted under 12 CFR part 330 make a three-year implementation period reasonable and feasible.

    E. Comments Concerning Possible Adverse Consequences

    Several commenters expressed concern over possible adverse consequences for covered institutions, related entities, and the financial system generally if the proposed rule was adopted as proposed. One commenter specifically noted that the rule could result in treating some depositors at covered institutions differently than the same kind of depositors at non-covered institutions because the covered institution would be applying a more stringent standard to its deposits for insurance purposes, and deposit insurance determinations should not depend on the size or complexity of the depository institution. As discussed, supra, 12 CFR part 330 of the FDIC's regulations which govern the criteria for ownership of deposits by right and capacity has not been amended in connection with the adoption of final part 370. Specifically, the FDIC has not imposed “more stringent standards” on covered institutions with respect to “qualifying joint accounts,” for example, than on any other IDI. As discussed in I. Policy Objectives, the final rule ensures that customers of both large and small failed banks will receive the same prompt access to their funds and that deposit insurance limits are recognized equally at both large and small banks.

    One commenter objected to the proposed rule's requirement that, if a covered institution is granted an exception, it must then notify account Start Printed Page 87757holders that delays in the payment of deposit insurance are possible due to the absence of required information. According to this commenter, such a notification could raise concerns on the part of depositors, lead them to rethink their account relationships, drive deposits away from excepted accounts, create competitive disadvantages, and be categorically unfair. The final rule imposes no requirement that covered institutions notify depositors of a possible delay in payment of deposit insurance. Therefore, the commenter's concerns should be alleviated.

    The FDIC has adopted the suggestion of another commenter, however, who argued that disclosures regarding a delay in payment should not be required whenever the custodian, administrator or other fiduciary will provide the current beneficial owner data to the FDIC before midnight on the day of the covered institution's failure. Section 370.5(a) requires a covered institution to certify to the FDIC that the information needed to calculate deposit insurance for § 370.4(b)(1) accounts with transactional features will be available to the FDIC upon failure of the covered institution so that the FDIC will be able to use the covered institution's IT system to determine deposit insurance coverage within 24 hours of its appointment as receiver. In view of this requirement, there is no need for covered institutions to provide notification of a possible delay in deposit insurance payments because the FDIC will have the requisite information in time to complete the deposit insurance determination on these time-sensitive accounts during the closing weekend.

    One commenter asserted that certain account holders likely would be motivated to seek out alternative banking relationships rather than provide the information requested by the covered institutions. This would result in disruption to these account holders and to other aspects of their banking relationship, as well as to the deposit markets. One commenter argued that the proposed rule could discourage smaller and mid-sized retail-focused institutions from actively seeking small deposit accounts in order to avoid being covered by the proposed rule. This in turn could encourage such institutions to consider riskier and more volatile funding sources. The FDIC believes that these concerns have been addressed and mitigated by the alternative recordkeeping requirements found in § 370.4(b) of the final rule.

    These commenters also asserted that “end-to-end” testing for compliance on an annual basis would involve an excessive commitment of time and personnel. The requirement for end-to-end testing has been deleted from the final rule. Finally, they contended that it is not necessary and not in accordance with corporate governance principles for a covered institution's board of directors to certify or attest to the covered institution's compliance with the proposed rule's requirements. This additional board responsibility would be an undue burden on the board and should remain within the purview of the covered institution's management. The FDIC considered this comment and revised the corporate governance requirement accordingly. In the final rule, § 370.10(a)(1)(ii), the annual certification must be signed by the covered institution's chief executive officer or its chief operating officer.

    VII. Regulatory Analysis and Procedure

    A. Paperwork Reduction Act

    The FDIC has determined that this final rule involves a collection of information pursuant to the provisions of the Paperwork Reduction Act of 1995 (the “PRA”) (44 U.S.C. 3501 et seq.). In accordance with the PRA, the FDIC may not conduct or sponsor, and an organization is not required to respond to, this information collection unless the information collection displays a currently valid OMB control number. OMB has assigned an OMB control number.

    OMB Control Number: 3064-0202.

    Frequency of Response: On occasion.

    Affected Public: Insured depository institutions having two million or more deposit accounts and their depositors.[42]

    Implementation Burden:[43]

    Estimated number of respondents: 38 covered institutions and their depositors.

    Estimated time per response:[44] 137,014 hours (average).

    Low complexity: 29,158-35,072 hours.

    Medium complexity: 38,404-59,588 hours.

    High complexity: 69,908-911,016 hours.

    Estimated total implementation burden: 5.21 million hours.

    Ongoing Burden:

    Estimated number of respondents: 38 covered institutions and their depositors.

    Estimated time per response: 526 hours (average) per year.

    Low complexity: 481-529 hours.

    Medium complexity: 458-577 hours.

    High complexity: 507-666 hours.

    Estimated total ongoing annual burden: 20,000 hours per year.

    Description of Collection

    The final rule would require a covered institution to (1) maintain complete and accurate data on each depositor's ownership interest by right and capacity for all of the institution's deposit accounts, except as provided, and (2) configure its IT system to be capable of calculating the insured and uninsured amount in each deposit account by ownership right and capacity, which would be used by the FDIC to make deposit insurance determinations in the event of the institution's failure.

    These requirements also must be supported by policies and procedures and will involve ongoing burden for testing, reporting to the FDIC, and general maintenance of recordkeeping and IT systems functionality. Estimates of both initial implementation and ongoing burden are provided.

    Compliance with this proposed rule would involve certain reporting requirements:

    • Not later than ten business days after the effective date of the final rule or after becoming a covered institution, a covered institution shall designate a point of contact responsible for implementing the requirements of this rulemaking.
    • Covered institutions would be required to certify annually that their IT systems can calculate deposit insurance coverage accurately and completely within the 24 hour time frame set forth in the final rule. If a covered institution experiences a significant change in its deposit taking operations, it may be required to demonstrate more frequently than annually that its IT system can calculate deposit insurance coverage accurately and completely.
    • In connection with the certification, covered institutions shall complete a deposit insurance coverage summary report (as detailed in VI. The Proposed Rule).
    • Covered institutions may seek relief from any specific aspect of the final rule's requirements if circumstances exist that would make it impracticable or overly burdensome to meet those requirements. When doing so, they must demonstrate the need for exception, describe the impact of an exception on Start Printed Page 87758the ability to quickly and accurately calculate deposit insurance for the related deposit accounts, and state the number of, and the dollar value of deposits in, the related deposit accounts.

    Estimated Costs

    Comments submitted in response to the NPR did not estimate with particularity the implementation and ongoing costs for covered institutions to comply with the proposed rule. The FDIC has, however, estimated the costs to covered institutions based on, among other things, information gathered in connection with § 360.9 compliance visitations, the cost model developed by an outside consultant for the purpose of developing the ANPR, and estimated costs associated with burdens that were identified by commenters in response to the NPR. The total projected cost of the final rule for covered institutions amounts to $386 million and approximately 5.2 million total labor hours over three years. The cost components of the estimate include (1) implementing the deposit insurance calculation, (2) legacy data cleanup, (3) data extraction, (4) data aggregation, (5) data standardization, (6) data quality control and compliance, (7) data reporting, and (8) ongoing operations. Estimates of total costs and labor hours for each component are calculated by assuming a standard mix of skilled labor tasks, industry standard hourly compensation estimates, and labor productivity. It is assumed that a combination of in-house and external services is used for legacy data clean up in proportions of 40 and 60 percent respectively. Finally, the estimated costs for each institution are adjusted according to the complexity of their operations and systems.

    Implementation Costs

    Implementation costs are expected to vary widely among the covered institutions. There are considerable differences in the complexity and scope of the deposit operations across covered institutions. Some covered institutions only slightly exceed the two million deposit account threshold while others greatly exceed that number. In addition, some covered institutions—most notably the largest—have proprietary deposit systems likely requiring an in-house, custom solution for the proposed requirements while others may purchase deposit software from a vendor or use a servicer for deposit processing. Deposit software vendors and servicers are expected to incorporate the proposed requirements into their products or services to be available for their clients.

    The implementation costs for all covered institutions are estimated to total $330 million and require approximately 5.2 million labor hours. The implementation costs cover (1) making the deposit insurance calculation, (2) legacy data cleanup,[45] (3) data extraction, (4) data aggregation, (5) data standardization, (6) data quality control and compliance, and (7) data reporting. The estimated PRA burden for individual covered institutions will range from $2.3 million to $100 million, and require between 29,158 and 911,016 hours.

    Ongoing Reporting Costs

    The estimated burden on individual covered institutions for ongoing costs for reporting, testing, maintenance, and other periodic items is estimated to range between $68,676 and $99,865 annually and require between 458 and 666 labor hours.

    Comments

    The FDIC has a continuing interest in comments on paperwork burden. Comments are invited on (a) whether the collection of information is necessary for the proper performance of the FDIC's functions, including whether the information has practical utility; (b) the accuracy of the estimates of the burden of the information collection, including the validity of the methodology and assumptions used; (c) ways to enhance the quality, utility, and clarity of the information to be collected; and (d) ways to minimize the burden of the information collection on respondents, including through the use of automated collection techniques or other forms of information technology.

    B. Regulatory Flexibility Act

    The Regulatory Flexibility Act (5 U.S.C. 601, et seq.) (“RFA”) requires each federal agency to prepare a final regulatory flexibility analysis in connection with the promulgation of a final rule, or certify that the final rule will not have a significant economic impact on a substantial number of small entities.[46] For purposes of the RFA, “small entities” is currently defined to include depository institutions with assets of $550 million or less. The requirements of the final rule are not expected to apply to any depository institutions with assets of $550 million or less. Pursuant to section 605(b) of the RFA, the FDIC certifies that the final rule will not have a significant economic impact on a substantial number of small entities.

    C. Small Business Regulatory Enforcement Act

    The Office of Management and Budget has determined that this final rule is a “major rule” within the meaning of the Small Business Regulatory Enforcement Fairness Act of 1996 (5 U.S.C. 801, et seq.) (“SBREFA”). As required by the SBREFA, the FDIC will file the appropriate reports with Congress and the Government Accountability Office so that the final rule may be reviewed.

    D. Riegle Community Development and Regulatory Improvement Act

    The Riegle Community Development and Regulatory Improvement Act requires that the FDIC, in determining the effective date and administrative compliance requirements of new regulations that impose additional reporting, disclosure, or other requirements on IDIs, consider, consistent with principles of safety and soundness and the public interest, any administrative burdens that such regulations would place on depository institutions, including small depository institutions, and customers of depository institutions, as well as the benefits of such regulations.[47] Subject to certain exceptions, new regulations and amendments to regulations prescribed by a Federal banking agency which impose additional reporting, disclosures, or other new requirements on IDIs shall take effect on the first day of a calendar quarter which begins on or after the date on which the regulations are published in final form.[48]

    In accordance with these provisions, the FDIC has considered the final rule's benefits and any administrative burdens that the final rule would place on covered institutions and their customers in determining the effective date and administrative compliance requirements of the final rule. IV. Expected Effects details the expected benefits of the final rule and the administrative burdens that the final rule would place on depository institutions and their customers. The final rule imposes additional reporting and other requirements IDIs, and accordingly, shall take effect no earlier than the first day of the calendar quarter that begins on or after the date on which the final rule is published.

    E. Plain Language

    Section 722 of the Gramm-Leach-Bliley Act (Pub. L. 106-102, 113 Stat.1338, 1471) requires the Federal Start Printed Page 87759banking agencies to use plain language in all proposed and final rules published after January 1, 2000. The FDIC has sought to present the final rule in a simple and straightforward manner.

    Start List of Subjects

    List of Subjects in 12 CFR Part 370

    • Bank deposit insurance
    • Banks
    • Banking
    • Reporting and recordkeeping requirements
    • Savings and loan associations
    End List of Subjects

    Authority and Issuance

    Start Amendment Part

    For the reasons stated in the preamble, the Board of Directors of the Federal Deposit Insurance Corporation adds part 370 to title 12 of the Code of Federal Regulations to read as follows:

    End Amendment Part Start Part

    PART 370—RECORDKEEPING FOR TIMELY DEPOSIT INSURANCE DETERMINATION

    370.1
    Purpose and scope.
    370.2
    Definitions.
    370.3
    Information technology system requirements.
    370.4
    Recordkeeping requirements.
    370.5
    Actions required for certain deposit accounts with transactional features.
    370.6
    Implementation.
    370.7
    Accelerated implementation.
    370.8
    Relief.
    370.9
    Communication with the FDIC.
    370.10
    Compliance.

    Appendix A to Part 370—Ownership Right and Capacity Codes

    Appendix B to Part 370—Output Files Structure

    Start Authority

    Authority: 12 U.S.C. 1817(a)(9), 1819 (Tenth), 1821(f)(1), 1822(c), 1823(c)(4).

    End Authority
    Purpose and scope.

    Unless otherwise provided in this part, each “covered institution” (defined in § 370.2(a)) is required to implement the information technology system and recordkeeping capabilities needed to calculate the amount of deposit insurance coverage available for each deposit account in the event of its failure. Doing so will improve the FDIC's ability to fulfill its statutory mandates to pay deposit insurance as soon as possible after a covered institution's failure and to resolve a covered institution at the least cost to the Deposit Insurance Fund.

    Definitions.

    For purposes of this part:

    (a) Account holder means the person or entity who has opened a deposit account with a covered institution and with whom the covered institution has a direct legal and contractual relationship with respect to the deposit.

    (b) Brokered deposit has the same meaning as provided in 12 CFR 337.6(a)(2).

    (c) Covered institution means an insured depository institution which, based on its Reports of Condition and Income filed with the appropriate federal banking agency, has 2 million or more deposit accounts during the two consecutive quarters preceding the effective date of this part or thereafter.

    (d) Compliance date means the date that is three years after the later of the effective date of this part or the date on which an insured depository institution becomes a covered institution.

    (e) Deposit has the same meaning as provided under section 3(l) of the Federal Deposit Insurance Act (12 U.S.C. 1813(l)).

    (f) Deposit account records has the same meaning as provided in 12 CFR 330.1(e).

    (g) Ownership rights and capacities are set forth in 12 CFR part 330.

    (h) Payment instrument means a check, draft, warrant, money order, traveler's check, electronic instrument, or other instrument, payment of funds, or monetary value (other than currency).

    (i) Standard maximum deposit insurance amount (or “SMDIA”) has the same meaning as provided pursuant to section 11(a)(1)(E) of the Federal Deposit Insurance Act (12 U.S.C. 1821(a)(1)(E)) and 12 CFR 330.1(o).

    (j) Transactional features with respect to a deposit account means that the depositor or account holder can make transfers or withdrawals from the deposit account to make payments or transfers to third persons or others (including another account of the depositor or account holder at the same institution or at a different institution) by means of a negotiable or transferable instrument, payment order of withdrawal, check, draft, prepaid account access device, debit card, or other similar order made by the depositor and payable to third parties, or by means of a telephonic (including data transmission) agreement, order or instruction, or by means of an instruction made at an automated teller machine or similar terminal or unit. For purposes of this definition, “telephonic (including data transmission) agreement, order or instruction” includes orders and instructions made by means of facsimile, computer, internet, handheld device, or other similar means.

    (k) Unique identifier means an alpha-numeric code associated with an individual or entity that is used consistently and continuously by a covered institution to monitor the covered institution's relationship with that individual or entity.

    Information technology system requirements.

    (a) A covered institution must configure its information technology system to be capable of performing the functions set forth in paragraph (b) of this section within 24 hours after the appointment of the FDIC as receiver. To the extent that a covered institution does not maintain its deposit account records in the manner prescribed under § 370.4(a) but instead in the manner prescribed under § 370.4(b) or (c), the covered institution's information technology system must be able to perform the functions set forth in paragraph (b) of this section upon input by the FDIC of additional information collected from account holders after failure of the covered institution.

    (b) Each covered institution's information technology system must be capable of:

    (1) Accurately calculating the deposit insurance coverage for each deposit account in accordance with 12 CFR part 330;

    (2) Generating and retaining output records in the data format and layout specified in Appendix B;

    (3) Restricting access to some or all of the deposits in a deposit account until the FDIC has made its deposit insurance determination for that deposit account using the covered institution's information technology system; and

    (4) Debiting from each deposit account the amount that is uninsured as calculated pursuant to paragraph (b)(1) of this section.

    Recordkeeping requirements.

    (a) General recordkeeping requirements. Except as otherwise provided in paragraphs (b) and (c) of this section, a covered institution must maintain in its deposit account records for each account the information necessary for its information technology system to meet the requirements set forth in § 370.3. The information must include:

    (1) The unique identifier of each

    (i) Account holder;

    (ii) Beneficial owner of a deposit, if the account holder is not the beneficial owner;

    (iii) Grantor and each beneficiary, if the deposit account is held in connection with an informal revocable trust that is insured pursuant to 12 CFR 330.10 (e.g., payable-on-death accounts, in-trust-for accounts, and Totten Trust accounts); and

    (iv) Grantor and each beneficiary, if the deposit account is held by the covered institution as the trustee of an irrevocable trust that is insured pursuant to 12 CFR 330.12.Start Printed Page 87760

    (2) The applicable ownership right and capacity code listed and described in Appendix A to this part.

    (b) Alternative recordkeeping requirements. As permitted under this paragraph, a covered institution may maintain in its deposit account records less information than is required under paragraph (a) of this section.

    (1) For each deposit account for which a covered institution's deposit account records disclose the existence of a relationship which might provide a basis for additional deposit insurance in accordance with 12 CFR 330.5 or 330.7 and for which the covered institution does not maintain information that would be needed for its information technology system to meet the requirements set forth in § 370.3, the covered institution must maintain, at a minimum, the following in its deposit account records:

    (i) The unique identifier of the account holder; and

    (ii) The corresponding “pending reason” code in data field 2 of the pending file format set forth in Appendix B (and need not maintain a “right and capacity” code).

    (2) For each formal revocable trust account that is insured as described in 12 CFR 330.10 and for each irrevocable trust account that is insured as described in 12 CFR 330.13, and for which the covered institution does not maintain the information that would be needed for its information technology system to meet the requirements set forth in § 370.3, the covered institution must, at a minimum, maintain in its deposit account records:

    (i) The unique identifier of the account holder;

    (ii) The unique identifier of the grantor if the deposit account has transactional features; and

    (iii) The corresponding “pending reason” code in data field 2 of the pending file format set forth in Appendix B (and need not maintain a “right and capacity” code).

    (c) Recordkeeping requirements for official items. A covered institution must maintain in its deposit account records the information needed for its information technology system to meet the requirements set forth in § 370.3 with respect to accounts held in the name of the covered institution from which withdrawals are made to honor a payment instrument issued by the covered institution, such as a certified check, loan disbursement check, interest check, traveler's check, expense check, official check, cashier's check, money order, or any similar payment instrument that the FDIC identifies in guidance issued to covered institutions in connection with this part. To the extent that the covered institution does not have such information, it need only maintain in its deposit account records for those accounts the corresponding “pending reason” code in data field 2 of the pending file format set forth in Appendix B (and need not maintain “right and capacity” codes).

    Actions required for certain deposit accounts with transactional features.

    (a) For each deposit account with transactional features for which the covered institution maintains its deposit account records in accordance with § 370.4(b)(1), a covered institution must certify to the FDIC that the account holder will provide to the FDIC the information needed for the covered institution's information technology system to calculate deposit insurance coverage as set forth in § 370.3(b) within 24 hours after the appointment of the FDIC as receiver. Such certification may be part of the annual certification of compliance required pursuant to § 370.10(a)(1).

    (b) Notwithstanding paragraph (a) of this section, a covered institution need not provide such certification with respect to:

    (1) Accounts maintained by a mortgage servicer, in a custodial or other fiduciary capacity, which are comprised of payments by mortgagors of principal, interest, taxes and insurance;

    (2) Accounts maintained by real estate brokers, real estate agents, or title companies in which funds from multiple clients are deposited and held for a short period of time in connection with a real estate transaction;

    (3) Accounts established by an attorney or law firm on behalf of clients, commonly known as an Interest on Lawyers Trust Accounts, or functionally equivalent accounts; and

    (4) Accounts held in connection with an employee benefit plan (as defined in 12 CFR 330.15(f)(2)).

    (c) The covered institution's failure to provide the certification required under paragraph (a) of this section shall be deemed not to constitute a violation of this part if the FDIC has granted the covered institution relief from that certification requirement.

    Implementation.

    (a) A covered institution must satisfy the information technology system and recordkeeping requirements set forth in this part before the compliance date.

    (b) A covered institution may submit a request to the FDIC for an extension of its compliance date. The request shall state the amount of additional time needed to meet the requirements of this part, the reason(s) for which such additional time is needed, and the total number and dollar value of accounts for which deposit insurance coverage could not be calculated using the covered institution's information technology system were the covered institution to fail as of the date of the request. The FDIC's grant of a covered institution's request for extension may be conditional or time-limited.

    Accelerated implementation.

    (a) On a case-by-case basis, the FDIC may accelerate, upon notice, the implementation time frame for all or part of the requirements of this part for a covered institution that:

    (1) Has a composite rating of 3, 4, or 5 under the Uniform Financial Institution's Rating System (CAMELS rating), or in the case of an insured branch of a foreign bank, an equivalent rating;

    (2) Is undercapitalized, as defined under the prompt corrective action provisions of 12 CFR part 325; or

    (3) Is determined by the appropriate federal banking agency or the FDIC in consultation with the appropriate federal banking agency to be experiencing a significant deterioration of capital or significant funding difficulties or liquidity stress, notwithstanding the composite rating of the covered institution by its appropriate federal banking agency in its most recent report of examination.

    (b) In implementing this section, the FDIC must consult with the covered institution's appropriate federal banking agency and consider the complexity of the covered institution's deposit system and operations, extent of the covered institution's asset quality difficulties, volatility of the institution's funding sources, expected near-term changes in the covered institution's capital levels, and other relevant factors appropriate for the FDIC to consider in its role as insurer of the covered institution.

    Relief.

    (a) Exemption. A covered institution may submit a request in the form of a letter to the FDIC for an exemption from this part if it demonstrates that it does not take deposits from any account holder which, when aggregated, would exceed the SMDIA for any owner of the funds on deposit and will not in the future.

    (b) Exception. A covered institution may submit a request in the form of a letter to the FDIC for exception from any specific aspect of the information technology system requirements, recordkeeping requirements, Start Printed Page 87761certification requirements, or reporting requirements set forth in this part if circumstances exist that would make it impracticable or overly burdensome to meet those requirements. In its request letter, the covered institution must demonstrate the need for exception, describe the impact of an exception on the ability to quickly and accurately calculate deposit insurance for the related deposit accounts, and state the number of, and the dollar value of deposits in, the related deposit accounts.

    (c) Release from this part. A covered institution may submit a request in the form of a letter to the FDIC for release from this part if, based on its Reports of Condition and Income filed with the appropriate federal banking agency, it has less than two million deposit accounts during any three consecutive quarters after becoming a covered institution.

    (d) Release from 12 CFR 360.9 requirements. A covered institution is released from the provisional hold and standard data format requirements of 12 CFR 360.9 upon submitting to the FDIC the compliance certification required under § 370.10(a).

    (e) FDIC approval of a request. The FDIC will consider all requests submitted in writing by a covered institution on a case-by-case basis in light of the objectives of this part, and the FDIC's grant of any request made by a covered institution pursuant to this section may be conditional or time-limited.

    Communication with the FDIC.

    (a) Point of contact. Not later than ten business days after either the effective date of this part or becoming a covered institution, a covered institution must notify the FDIC of the person(s) responsible for implementing the recordkeeping and information technology system capabilities required by this part.

    (b) Address. Point-of-contact information, reports and requests made under this part shall be submitted in writing to: Office of the Director, Division of Resolutions and Receiverships, Federal Deposit Insurance Corporation, 550 17th Street NW., Washington, DC 20429-0002.

    Compliance.

    (a) Certification and report. A covered institution shall submit to the FDIC a certification of compliance and a deposit insurance coverage summary report on or before the compliance date and annually thereafter.

    (1) The certification must:

    (i) Confirm that the covered institution has implemented and successfully tested its information technology system for compliance with this part during the preceding calendar year; and

    (ii) Be signed by the covered institution's chief executive officer or chief operating officer.

    (2) The deposit insurance coverage summary report must include:

    (i) A description of any material change to the covered institution's information technology system or deposit taking operations since the prior annual certification;

    (ii) The number of deposit accounts, number of different account holders, and dollar amount of deposits by ownership right and capacity code (as listed and described in Appendix A);

    (iii) The total number of fully-insured deposit accounts and the total dollar amount of deposits in all such accounts;

    (iv) The total number of deposit accounts with uninsured deposits and the total dollar amount of uninsured amounts in all of those accounts; and

    (v) By deposit account type, the total number of, and dollar amount of deposits in, deposit accounts for which the covered institution's information technology system cannot calculate deposit insurance coverage using information currently maintained in the covered institution's deposit account records.

    (3) If a covered institution experiences a significant change in its deposit taking operations, the FDIC may require that it submit a certification of compliance and a deposit insurance coverage summary report more frequently than annually.

    (b) FDIC Testing. (1) The FDIC will conduct periodic tests of a covered institution's compliance with this part. These tests will begin no sooner than the last day of the first calendar quarter following the compliance date and would occur no more frequently than on a three-year cycle thereafter, unless there is a material change to the covered institution's information technology system, deposit-taking operations, or financial condition.

    (2) A covered institution shall provide the appropriate assistance to the FDIC as the FDIC tests the covered institution's ability to satisfy the requirements set forth in this part.

    (c) Effect of pending requests. A covered institution that has submitted a request pursuant to § 370.6(b) or § 370.8(a) through (c) will not be considered to be in violation of this part as to the requirements that are the subject of the request while awaiting the FDIC's response to such request.

    Appendix A to Part 370—Ownership Right and Capacity Codes

    A covered institution must use the codes defined below when assigning ownership right and capacity codes.

    CodeIllustrative description
    SGLSingle Account (12 CFR 330.6): An account owned by one person with no testamentary or “payable-on-death” beneficiaries. It includes individual accounts, sole proprietorship accounts, single-name accounts containing community property funds, and accounts of a decedent and accounts held by executors or administrators of a decedent's estate.
    JNTJoint Account (12 CFR 330.9): An account owned by two or more persons with no testamentary or “payable-on-death” beneficiaries (other than surviving co-owners). An account does not qualify as a joint account unless: (1) All co-owners are living persons; (2) each co-owner has personally signed a deposit account signature card (except that the signature requirement does not apply to certificates of deposit, to any deposit obligation evidenced by a negotiable instrument, or to any account maintained on behalf of the co-owners by an agent or custodian); and (3) each co-owner possesses withdrawal rights on the same basis.
    REVRevocable Trust Account (12 CFR 330.10): An account owned by one or more persons that evidences an intention that, upon the death of the owner(s), the funds shall belong to one or more beneficiaries. There are two types of revocable trust accounts:
    (1) Payable-on-Death Account (Informal Revocable Trust Account): An account owned by one or more persons with one or more testamentary or “payable-on-death” beneficiaries.
    (2) Revocable Living Trust Account (Formal Revocable Trust Account): An account in the name of a formal revocable “living trust” with one or more grantors and one or more testamentary beneficiaries.
    IRRIrrevocable Trust Account (12 CFR 330.13): An account in the name of an irrevocable trust (unless the trustee is an insured depository institution, in which case the applicable code is DIT.
    Start Printed Page 87762
    CRACertain Other Retirement Accounts (12 CFR 330.14 (b)-(c)) to the extent that participants under such plan have the right to direct the investment of assets held in individual accounts maintained on their behalf by the plan, including an individual retirement account described in section 408(a) of the Internal Revenue Code (26 U.S.C. 408(a)), an account of a deferred compensation plan described in section 457 of the Internal Revenue Code (26 U.S.C. 457), an account of an individual account plan as defined in section 3(34) of the Employee Retirement Income Security Act (29 U.S.C. 1002), a plan described in section 401(d) of the Internal Revenue Code (26 U.S.C. 401(d)).
    EBPEmployee Benefit Plan Account (12 CFR 330.14): An account of an employee benefit plan as defined in section 3(3) of the Employee Retirement Income Security Act (29 U.S.C. 1002), including any plan described in section 401(d) of the Internal Revenue Code (26 U.S.C. 401(d)), but not including any account classified as a Certain Retirement Account.
    BUSBusiness/Organization Account (12 CFR 330.11): An account of an organization engaged in an `independent activity' (as defined in § 330.1(g)), but not an account of a sole proprietorship.
    This category includes:
    a. Corporation Account: An account owned by a corporation.
    b. Partnership Account: An account owned by a partnership.
    c. Unincorporated Association Account: An account owned by an unincorporated association (i.e., an account owned by an association of two or more persons formed for some religious, educational, charitable, social, or other noncommercial purpose).
    GOV1-GOV2-GOV3Government Account (12 CFR 330.15): An account of a governmental entity.
    GOV1All time and savings deposit accounts of the United States and all time and savings deposit accounts of a state, county, municipality, or political subdivision depositing funds in an insured depository institution in the state comprising the public unit or wherein the public unit is located (including any insured depository institution having a branch in said state).
    GOV2All demand deposit accounts of the United States and all demand deposit accounts of a state, county, municipality, or political subdivision depositing funds in an insured depository institution in the state comprising the public unit or wherein the public unit is located (including any insured depository institution having a branch in said state).
    GOV3All deposits, regardless of whether they are time, savings or demand deposit accounts of a state, county, municipality or political subdivision depositing funds in an insured depository institution outside of the state comprising the public unit or wherein the public unit is located.
    MSAMortgage Servicing Account (12 CFR 330.7(d)): An account held by a mortgage servicer, funded by payments by mortgagors of principal and interest.
    PBAPublic Bond Accounts (12 CFR 330.15(c)): An account consisting of funds held by an officer, agent or employee of a public unit for the purpose of discharging a debt owed to the holders of notes or bonds issued by the public unit.
    DITIDI as trustee of irrevocable trust accounts (12 CFR 330.12): “Trust funds” (as defined in § 330.1(q)) account held by an insured depository institution as trustee of an irrevocable trust.
    ANCAnnuity Contract Accounts (12 CFR 330.8): Funds held by an insurance company or other corporation in a deposit account for the sole purpose of funding life insurance or annuity contracts and any benefits incidental to such contracts.
    BIACustodian accounts for American Indians (12 CFR 330.7(e)): Funds deposited by the Bureau of Indian Affairs of the United States Department of the Interior (the “BIA”) on behalf of American Indians pursuant to 25 U.S.C. 162(a), or by any other disbursing agent of the United States on behalf of American Indians pursuant to similar authority, in an insured depository institution.
    DOEIDI Accounts under Department of Energy Program: Funds deposited by an insured depository institution pursuant to the Bank Deposit Financial Assistance Program of the Department of Energy.

    Appendix B to Part 370—Output Files Structure

    The output files will include the data necessary for the FDIC to determine the deposit insurance coverage in a resolution. A covered institution must have the capability to prepare and maintain the files detailed below. These files must be prepared in successive iterations as the covered institution receives additional data from external sources necessary to complete any pending deposit insurance calculations. The unique identifier is required in all four files to link the customer information. All files are pipe delimited. Do not pad leading and trailing spacing or zeros for the data fields.

    Customer File. Customer File will be used by the FDIC to identify the customers. One record represents one unique customer.

    The data elements will include:Start Printed Page 87763

    Field nameDescriptionFormat
    1. CS_Unique_IDThis field is the unique identifier that is the primary key for the depositor data record. It will be generated by the covered institution and there shall not be duplicatesVariable Character.
    2. CS_Govt_IDThis field shall contain the ID number that identifies the entity based on a government issued ID or corporate filling. Populate as follows:Variable Character.
    —For a United States individual—Legal identification number (e.g., SSN, TIN, Driver's License, or Passport Number)
    —For a foreign national individual—where a SSN or TIN does not exist, a foreign passport or other legal identification number (e.g., Alien Card)
    —For a Non-Individual—the Tax identification Number (TIN), or other register entity number
    3. CS_Govt_ID_TypeThe valid customer identification types, are noted below:Character (3).
    —SSN—Social Security Number
    —TIN—Tax Identification Number
    —DL—Driver's License, issued by a State or Territory of the United States
    —ML—Military ID
    —PPT—Valid Passport
    —AID—Alien Identification Card
    —OTH—Other
    4. CS_TypeThe customer type field indicates the type of entity the customer is at the covered institution. The valid values are:Character (3).
    —IND—Individual
    —BUS—Business
    —TRT—Trust
    —NFP—Non-Profit
    —GOV—Government
    —OTH—Other
    5. CS_First_NameCustomer first name. Use only for the name of individuals and the primary contact for entityVariable Character.
    6. CS_Middle_NameCustomer middle name. Use only for the name of individuals and the primary contact for entityVariable Character.
    7. CS_Last_NameCustomer last name. Use only for the name of individuals and the primary contact for entityVariable Character.
    8. CS_Name_SuffixCustomer suffixVariable Character.
    9. CS_Entity_NameThe registered name of the entity. Do not use this field if the customer is an individualVariable Character.
    10. CS_Street_Add_Ln1Street address line 1. The current account statement mailing address of recordVariable Character.
    11. CS_Street_Add_Ln2Street address line 2. If available, the second address lineVariable Character.
    12. CS_Street_Add_Ln3Street address line 3. If available, the third address lineVariable Character.
    13. CS_CityThe city associated with the permanent legal addressVariable Character.
    14. CS_StateThe state for United States addresses or state/province/county for international addressesVariable Character.
    —For United States addresses use a two-character state code (official United States Postal Service abbreviations) associated with the permanent legal address
    —For international address follow that country state code
    15. CS_ZIPThe Zip/Postal Code associated with the customers' permanent legal addressVariable Character.
    —For United States zip codes, use the United States Postal Service ZIP+4 standard
    —For international zip codes follow that standard format of that country
    16. CS_CountryThe country associated with the permanent legal address. Provide the country name or the standard International Organization for Standardization (ISO) country codeVariable Character.
    17. CS_TelephoneCustomer telephone number. The telephone number on record for the customer, including the country code if not within the United StatesVariable Character.
    18. CS_EmailThe email address on record for the customerVariable Character.
    19. CS_Outstanding_Debt_FlagThis field indicates whether the customer has outstanding debt with covered institution. This field may be used by the FDIC to determine offsets. Enter “Y” if customer has outstanding debt with covered institutions, enter “N” otherwiseCharacter (1).
    20. CS_Security_Pledge_FlagThis field shall only be used for Government customers. This field indicates whether the covered institution has pledged securities to the government entity, to cover any shortfall in deposit insurance. Enter “Y” if the government entity has outstanding security pledge with covered institutions, enter “N” otherwiseCharacter (1).

    Account File. The Account File contains the deposit ownership rights and capacities information, allocated balances, insured amounts, and uninsured amounts. The balances are in U.S. dollars. The Account file is linked to the Customer File by the CS_Unique_ID.

    The data elements will include:

    Field nameDescriptionFormat
    1. CS_Unique_IDThis field is the unique identifier that is the primary key for the depositor data record. It will be generated by the covered institution and there cannot be duplicatesVariable Character.
    2. DP_Acct_IdentifierDeposit account identifier. The primary field used to identify a deposit accountVariable Character.
    The account identifier may be composed of more than one physical data element to uniquely identify a deposit account.
    3. DP_Right_CapacityAccount ownership categoriesCharacter (4).
    —SGL—Single accounts
    —JNT—Joint accounts
    —REV—Revocable trust accounts
    —RR—Irrevocable trust accounts
    —CRA—Certain retirement accounts
    Start Printed Page 87764
    —EBP—Employee benefit plan accounts
    —BUS—Business/Organization accounts
    —GOV1, GOV2, GOV3—Government accounts (public unit accounts)
    —MSA—Mortgage servicing accounts for principal and interest payments
    —DIT—Accounts held by a depository institution as the trustee of an irrevocable trust
    —ANC—Annuity contract accounts
    —PBA—Public bond accounts
    —BIA—Custodian accounts for American Indians
    —DOE—Accounts of an IDI pursuant to the Bank Deposit Financial Assistance Program of the Department of Energy
    4. DP_Prod_CatProduct category or classificationCharacter (3).
    —DDA—Demand Deposit Accounts
    —NOW—Negotiable Order of Withdrawal
    —MMA—Money Market Deposit Accounts
    —SAV—Other savings accounts
    —CDS—Time Deposit accounts and Certificate of Deposit accounts, including any accounts with specified maturity dates that may or may not be renewable.
    5. DP_Allocated_AmtThe current balance in the account at the end of business on the effective date of the file, allocated to a specific owner in that insurance categoryDecimal (14,2).
    For JNT accounts, this is a calculated field that represents the allocated amount to each owner in JNT category.
    For REV accounts, this is a calculated field that represents the allocated amount to each owner-beneficiary in REV category.
    For other accounts with only one owner, this is the account current balance.
    This balance shall not be reduced by float or holds. For CDs and time deposits, the balance shall reflect the principal balance plus any interest paid and available for withdrawal not already included in the principal (do not include accrued interest)
    6. DP_Acc_IntAccrued interest allocated similarly as data field #5 DP_Allocated_AmtDecimal (14,2).
    The amount of interest that has been earned but not yet paid to the account as of the date of the file.
    7. DP_Total_PITotal amount adding #5 DP_Allocated_Amt and #6 DP_Acc_IntDecimal (14,2).
    8. DP_Hold_AmountHold amount on the accountDecimal (14,2).
    The available balance of the account is reduced by the hold amount. It has no effect on current balance (ledger balance)
    9. DP_Insured_AmountThe insured amount of the accountDecimal (14,2).
    10. DP_Uninsured_AmountThe uninsured amount of the accountDecimal (14,2).
    11. DP_Prepaid_Account_FlagThis field indicates a prepaid account with covered institution. Enter “Y” if account is a prepaid account with covered institutions, enter “N” otherwiseCharacter (1).
    12. DP_PT_Account_FlagThis field indicates a pass-through account with covered institution. Enter “Y” if account is a pass-through with covered institutions, enter “N” otherwiseCharacter (1).
    13. DP_PT_Trans_FlagThis field indicates whether the fiduciary account has sub-accounts that have transactional features. Enter “Y” if account has transactional features, enter “N” otherwiseCharacter (1).

    Account Participant File. The Account Participant File will be used by the FDIC to identify account participants, to include the official custodian, beneficiary, bond holder, mortgagor, or employee benefit plan participant, for each account and account holder. One record represents one unique account participant. The Account Participant File is linked to the Account File by CS_Unique_ID and DP_Acct_Identifier.

    The data elements will include:

    Field nameDescriptionFormat
    1. CS_Unique_IDThis field is the unique identifier that is the primary key for the depositor data record. It will be generated by the covered institution and there shall not be duplicatesVariable Character.
    2. DP_Acct_IdentifierDeposit account identifier. The primary field used to identify a deposit account.Variable Character.
    The account identifier may be composed of more than one physical data element to uniquely identify a deposit account
    3. DP_Right_CapacityAccount ownership categoriesCharacter (4).
    —SGL—Single accounts
    —JNT—Joint accounts
    —REV—Revocable trust accounts
    —IRR—Irrevocable trust accounts
    —CRA—Certain retirement accounts
    —EBP—Employee benefit plan accounts
    —BUS—Business/Organization accounts
    —GOV1, GOV2, GOV3—Government accounts (public unit accounts)
    —MSA—Mortgage servicing accounts for principal and interest payments
    —DIT—Accounts held by a depository institution as the trustee of an irrevocable trust
    —ANC—Annuity contract accounts
    —PBA—Public bond accounts
    —BIA—Custodian accounts for American Indians
    —DOE—Accounts of an IDI pursuant to the Bank Deposit Financial Assistance Program of the Department of Energy
    Start Printed Page 87765
    4. DP_Prod_CategoryProduct category or classificationCharacter (3).
    —DDA—Demand Deposit Accounts
    —NOW—Negotiable Order of Withdrawal
    —MMA—Money Market Deposit Accounts
    —SAV—Other savings accounts
    —CDS—Time Deposit accounts and Certificate of Deposit accounts, including any accounts with specified maturity dates that may or may not be renewable
    5. AP_Allocated_AmountAmount of funds attributable to the account participant as an account holder (e.g., Public account holder of a public bond account) or the amount of funds entitled to the beneficiary for the purpose of insurance determination (e.g., Revocable Trust)Decimal (14,2).
    6. AP_Participant_IDThis field is the unique identifier for the Account Participant. It will be generated by the covered institution and there shall not be duplicates. If the account participant is an existing bank customer this field is the same as CS_Unique_ID fieldVariable Character.
    7. AP_Govt_IDThis field shall contain the ID number that identifies the entity based on a government issued ID or corporate filling. Populate as follows:Variable Character.
    —For a United States individual—Legal identification number (e.g., SSN, TIN, Driver's License, or Passport Number)
    —For a foreign national individual—where a SSN or TIN does not exist, a foreign passport or other legal identification number (e.g., Alien Card)
    —For a Non-Individual—the Tax identification Number (TIN), or other register entity number
    8. AP_Govt_ID_TypeThe valid customer identification types, are:Character (3).
    —SSN—Social Security Number
    —TIN—Tax Identification Number
    —DL—Driver's License, issued by a State or Territory of the United States
    —ML—Military ID
    —PPT—Valid Passport
    —AID—Alien Identification Card
    —OTH—Other
    9. AP_First_NameCustomer first name. Use only for the name of individuals and the primary contact for entityVariable Character.
    10. AP_Middle_NameCustomer middle name. Use only for the name of individuals and the primary contact for entityVariable Character.
    11. AP_Last_NameCustomer last name. Use only for the name of individuals and the primary contact for entityVariable Character.
    12. AP_Entity_NameThe registered name of the entity. Do not use this field if the participant is an individualVariable Character.
    13. AP_Participant_TypeThis field is used as the participant type identifier. The field will list the “beneficial owner” type:Character (3).
    —OC—Official Custodian
    —BEN—Beneficiary
    —BHR—Bond Holder
    —MOR—Mortgagor
    —EPP—Employee Benefit Plan Participant

    Pending File. The Pending File contains the information needed for the FDIC to contact the owner or agent requesting additional information to complete the deposit insurance calculation. Each record represents a deposit account.

    The data elements will include:

    Field nameDescriptionFormat
    1. CS_Unique_IDThis field is the unique identifier that is the primary key for the depositor data record. It will be generated by the covered institution and there cannot be duplicatesVariable Character.
    2. Pending_ReasonReason code for the account to be included in Pending fileCharacter (5).
    For deposit account records maintained by the bank, use the following codes
    —A—agency or custodian
    —B—beneficiary
    —OI—official item
    —RAC—right and capacity code
    For alternative recordkeeping requirements, use the following codes
    —ARB—direct obligation brokered deposit
    —ARBN—non-direct obligation brokered deposit
    —ARCRA—certain retirement accounts
    —AREBP—employee benefit plan accounts
    —ARM—mortgage servicing for principal and interest payments
    —ARO—other deposits
    —ARTR—trust accounts
    The FDIC needs these codes to initiate the collection of needed information
    3. DP_Acct_IdentifierDeposit account identifier. The primary field used to identify a deposit accountVariable Character.
    The account identifier may be composed of more than one physical data element to uniquely identify a deposit account
    4. DP_Right_CapacityAccount ownership categoriesCharacter (4).
    —SGL—Single accounts
    —JNT—Joint accounts
    —REV—Revocable trust accounts
    —IRR—Irrevocable trust accounts
    —CRA—Certain retirement accounts
    Start Printed Page 87766
    —EBP—Employee benefit plan accounts
    —BUS—Business/Organization accounts
    —GOV1, GOV2, GOV3—Government accounts (public unit accounts)
    —MSA—Mortgage servicing accounts for principal and interest payments
    —DIT—Accounts held by a depository institution as the trustee of an irrevocable trust
    —ANC—Annuity contract accounts
    —PBA—Public bond accounts
    —BIA—Custodian accounts for American Indians
    —DOE—Accounts of an IDI pursuant to the Bank Deposit Financial Assistance Program of the Department of Energy
    5. DP_Prod_CategoryProduct category or classificationCharacter (3).
    —DDA—Demand Deposit Accounts
    —NOW—Negotiable Order of Withdrawal
    —MMA—Money Market Deposit Accounts
    —SAV—Other savings accounts
    —CDS—Time Deposit accounts and Certificate of Deposit accounts, including any accounts with specified maturity dates that may or may not be renewable
    6. DP_Cur_BalCurrent balanceDecimal (14,2).
    The current balance in the account at the end of business on the effective date of the file
    This balance shall not be reduced by float or holds. For CDs and time deposits, the balance shall reflect the principal balance plus any interest paid and available for withdrawal not already included in the principal (do not include accrued interest)
    7. DP_Acc_IntAccrued interestDecimal (14,2).
    The amount of interest that has been earned but not yet paid to the account as of the date of the file
    8. DP_Total_PITotal of principal and accrued interestDecimal (14,2).
    9. DP_Hold_AmountHold amount on the accountDecimal (14,2).
    The available balance of the account is reduced by the hold amount. It has no impact on current balance (ledger balance)
    10. DP_Prepaid_Account_FlagThis field indicates a prepaid account with covered institution. Enter “Y” if account is a prepaid account, enter “N” otherwiseCharacter (1).
    11. CS_Govt_IDThis field shall contain the ID number that identifies the entity based on a government issued ID or corporate filling. Populate as follows:Variable Character.
    —For a United States individual—Legal identification number (e.g., SSN, TIN, Driver's License or Passport Number)
    —For a foreign national individual—where a SSN or TIN does not exist, a foreign passport or other legal identification number (e.g., Alien Card)
    —For a Non-Individual—the Tax identification Number (TIN), or other register entity number
    12. CS_Govt_ID_TypeThe valid customer identification types:Character (3).
    —SSN—Social Security Number
    —TIN—Tax Identification Number
    —DL—Driver's License, issued by a State or Territory of the United States
    —ML—Military ID
    —PPT—Valid Passport
    —AID—Alien Identification Card
    —OTH—Other
    13. CS_First_NameCustomer first name. Use only for the name of individuals and the primary contact for entityVariable Character.
    14. CS_Middle_NameCustomer middle name. Use only for the name of individuals and the primary contact for entityVariable Character.
    15. CS_Last_NameCustomer last name. Use only for the name of individuals and the primary contact for entityVariable Character.
    16. CS_Name_SuffixCustomer suffixVariable Character.
    17. CS_Entity_NameThe registered name of the entity. Do not use this field if the customer is an individualVariable Character.
    18. CS_Street_Add_Ln1Street address line 1Variable Character.
    The current account statement mailing address of record
    19. CS_Street_Add_Ln2Street address line 2Variable Character.
    If available, the second address line
    20. CS_Street_Add_Ln3Street address line 3Variable Character.
    If available, the third address line
    21. CS_CityThe city associated with the permanent legal addressVariable Character.
    22. CS_StateThe state for United States addresses or state/province/county for international addressesVariable Character.
    —For United States addresses use a two-character state code (official United States Postal Service abbreviations) associated with the permanent legal address
    —For international address follow that country state code
    23. CS_ZIPThe Zip/Postal Code associated with the customers' permanent legal addressVariable Character.
    —For United States zip codes, use the United States Postal Service ZIP+4 standard
    —For international zip codes follow the standard format of that country
    24. CS_CountryThe country associated with the permanent legal address. Provide the country name or the standard International Organization for Standardization (ISO) country codeVariable Character.
    25. CS_TelephoneCustomer telephone number. The telephone number on record for the customer, including the country code if not within the United StatesVariable Character.
    26. CS_EmailThe email address on record for the customerVariable Character.
    27. CS_Outstanding_Debt_FlagThis field indicates whether the customer has outstanding debt with covered institution. This field may be used to determine offsets. Enter “Y” if customer has outstanding debt with covered institutions, enter “N” otherwiseCharacter (1).
    Start Printed Page 87767
    28. CS_Security_Pledge_FlagThis field indicates whether the CI has pledged securities to the government entity, to cover any shortfall in deposit insurance. Enter “Y” if the government entity has outstanding security pledge with covered institutions, enter “N” otherwise. This field shall only be used for Government customersCharacter (1).
    29. DP_PT_Account_FlagThis field indicates a pass-through account with covered institution. Enter “Y” if account is a pass-through with covered institutions, enter “N” otherwiseCharacter (1).
    30. PT_Parent_Customer_IDThis field contains the unique identifier of the parent customer ID who has the fiduciary responsibility at the covered institutionVariable Character.
    31. DP_PT_Trans_FlagThis field indicates whether the fiduciary account has sub-accounts that have transactional features. Enter “Y” if account has transactional features, enter “N” otherwiseCharacter (1).
    End Part Start Signature

    Dated at Washington, DC, this 15th day of November, 2016.

    Robert E. Feldman,

    Executive Secretary.

    End Signature End Supplemental Information

    Footnotes

    2.  12 U.S.C. 1819(a) (Tenth), 1820(g), 1821(d)(4)(B)(iv).

    Back to Citation

    8.  12 CFR 360.9. See 73 FR 41180 (July 17, 2008).

    Back to Citation

    10.  In their final Call Reports (2Q-08) Washington Mutual reported 42 million deposit accounts and Wachovia reported 29 million deposit accounts.

    Back to Citation

    11.  80 FR 23478 (April 28, 2015).

    Back to Citation

    12.  81 FR 10026 (February 26, 2016).

    Back to Citation

    13.  80 FR 23478, 23480 (April 28, 2015).

    Back to Citation

    15.  See FDIC's Financial Institution Employee's Guide to Deposit Insurance, 2016 Ed., available at https://www.fdic.gov/​deposit/​DIGuideBankers/​index.html.

    Back to Citation

    16.  All data in this section is calculated using FDIC Call Report Data as of June 30, 2016.

    Back to Citation

    17.  See, e.g., David Luttrell, Tyler Atkinson, & Harvey Rosenblum, Assessing the Costs and Consequences of the 2007-09 Financial Crisis and Its Aftermath, Federal Reserve Bank of Dallas Economic Letter (Sept. 2013), available at http://www.dallasfed.org/​assets/​documents/​research/​eclett/​2013/​el1307.pdf;​; Richard G. Anderson & Charles S. Gascon, A Closer Look, Assistance Programs in the Wake of Crisis, The Regional Economist, Federal Reserve Bank of St. Louis (Jan. 2011), available at https://www.stlouisfed.org/​~/​media/​Files/​PDFs/​publications/​pub_​assets/​pdf/​re/​2011/​a/​bailouts.pdf;​; U.S. Gov't Accountability Office, GAO-10-100, Regulators' Use of Systemic Risk Exception Raises Moral Hazard Concerns and Opportunities Exist to Clarify the Provision (2010), available at http://www.gao.gov/​assets/​310/​303248.pdf.

    Back to Citation

    18.  As mandated by the Dodd-Frank Act, future payments pursuant to the systemic risk exception can only be made with respect to an institution in receivership, removing the possibility of open bank assistance. See Dodd-Frank Wall Street Reform and Consumer Protection Act, Public Law 111-203, 1106, 124 Stat. 1376 (2010). This change increases the likelihood that the failure of a covered institution will involve millions of deposit insurance claims.

    Back to Citation

    19.  See, e.g., Testimony of Scott G. Alvarez, General Counsel, Board of Governors of the Federal Reserve System, The Acquisition of Wachovia Corporation by Wells Fargo & Company Before the Financial Crisis Inquiry Commission, Before the Financial Crisis Inquiry Commission (Sept. 1, 2010); Testimony of Sheila C. Bair, Chairwoman of the FDIC, Causes and Current State of the Financial Crisis Before the Financial Crisis Inquiry Commission, Before the Financial Crisis Inquiry Commission (Jan. 14, 2010); Financial Crisis Inquiry Commission, “The Financial Crisis Inquiry Report: Final Report of the National Commission on the Causes of the Financial and Economic Crisis in the United States” (U.S. Government Printing Office, 2011); Philip Strahan, Liquidity Risk and Credit in the Financial Crisis, Federal Reserve Bank of San Francisco Economic Letter (May 14, 2012); U.S. Gov't Accountability Office, GAO-10-100, Federal Deposit Insurance Act: Regulators Use of Systemic Risk Exception Raises Moral Hazard Concerns and Opportunities Exist to Clarify the Provision (April 2010).

    Back to Citation

    20.  The least cost test does not consider indirect or speculative costs, such as costs to other entities in the economy that result from a bank's failure. Thus, absent a systemic risk determination, the FDIC cannot consider these costs as a reason to implement a more costly alternative.

    Back to Citation

    21.  Bill Isaac (former FDIC Chairman), online response to Bert Ely, FDIC's Sudden Concern with Insurance Limit Makes No Sense, American Banker (May 18, 2016), available at http://www.americanbanker.com/​bankthink/​fdics-sudden-concern-with-insurance-limit-makes-no-sense-1081055-1.html.

    Back to Citation

    22.  Costs for full-time equivalent employees should be considered opportunity costs (that is, hours worked on the implementation of the final rule rather than on other work assignments).

    Back to Citation

    23.  For example, this discount rate is used in OMB Circular A-4 and A-94, Appendix C (revised November 2015 for calendar year 2016).

    Back to Citation

    24.  Bureau of Labor Statistics, Establishment Data, Table B-3.

    Back to Citation

    25.  For example, this discount rate is used in OMB Circular A-4 and A-94, Appendix C (revised November 2015 for calendar year 2016).

    Back to Citation

    27.  81 FR 29398, 29416 (May 11, 2016).

    Back to Citation

    28.  81 FR 10026, 10035 (February 26, 2016).

    Back to Citation

    29.  FDIC General Counsel's Opinion No. 8—Insurability of Funds Underlying Stored Value Cards and Other Nontraditional Access Mechanisms, 74 FR 67155 (November 13, 2008), available at https://www.fdic.gov/​regulations/​laws/​rules/​5500-500.html.

    Back to Citation

    35.  12 U.S.C. 1813(l)(1) and -(4).

    Back to Citation

    36.  See FDIC's Financial Institution Employee's Guide to Deposit Insurance, 2016 Ed., available at https://www.fdic.gov/​deposit/​DIGuideBankers/​index.html.

    Back to Citation

    37.  81 FR 10026, 10032 (February 26, 2016).

    Back to Citation

    39.  The other criteria which must be satisfied in order to be recognized as a “qualifying joint account” are: The co-owners of the funds in the account are “natural persons” as defined in § 330.1(l) and each co-owner possesses withdrawal rights on the same basis. 12 CFR 330.9(c)(i) and -(iii).

    Back to Citation

    40.  12 CFR 330.9; see FDIC, Final Rule, 32 FR 10408, 10409 (July 14, 1967); 12 CFR 564.9(b) (repealed); see FHLBB Final Rule, 32 FR 10415, 10416 (July 14, 1967). Certain types of accounts have been exempted from this requirement.

    Back to Citation

    41.  81 FR 10026, 10032 (February 26, 2016).

    Back to Citation

    42.  Covered institutions will, as necessary, contact their depositors to obtain accurate and complete account information for deposit insurance determinations. For the purposes of this analysis, the FDIC assumes that every depositor will voluntarily respond.

    Back to Citation

    43.  Implementation costs and hours are spread over a three-year period.

    Back to Citation

    44.  For PRA purposes, covered institutions are presented in roughly equal-sized low, medium and high complexity tranches ranked by their PRA implementation hours.

    Back to Citation

    45.  Including costs to depositors.

    Back to Citation

    [FR Doc. 2016-28396 Filed 12-2-16; 8:45 am]

    BILLING CODE 6714-01-P

Document Information

Effective Date:
4/1/2017
Published:
12/05/2016
Department:
Federal Deposit Insurance Corporation
Entry Type:
Rule
Action:
Final rule.
Document Number:
2016-28396
Dates:
Effective April 1, 2017.
Pages:
87734-87767 (34 pages)
RINs:
3064-AE33: Recordkeeping for Timely Deposit Insurance Determination
RIN Links:
https://www.federalregister.gov/regulations/3064-AE33/recordkeeping-for-timely-deposit-insurance-determination
Topics:
Bank deposit insurance, Banks, banking, Banks, banking, Banks, banking, Banks, banking, Reporting and recordkeeping requirements, Savings associations
PDF File:
2016-28396.pdf
CFR: (10)
12 CFR 370.1
12 CFR 370.2
12 CFR 370.3
12 CFR 370.4
12 CFR 370.5
More ...