How Banks Can Prepare for the FDIC’s Proposed Standards
Last Updated: October 19, 2023
FDIC Proposes Stricter Corporate Governance for Banks with $10 Billion or More in Assets
On October 3, 2023, the Federal Deposit Insurance Corporation (FDIC) proposed new standards for corporate governance and risk management for financial institutions with $10 billion or more in total assets. In what is seen as a significant shift, the Proposed Standards will move away from the reliance on state law in favor of establishing governance and oversight obligations for banks. The affected banks will find themselves needing to shift their previous principles-based approach to governance to adhering to a rules-based approach to corporate governance. Among the areas expected to see change within compliance management of these banks will include obligations, board composition, duties, and committee structure. Additionally, there will be an over-arching requirement for these banks to adopt the 3 Lines of Defense Risk Management Strategy.
While banks may argue that this oversight and change in philosophy will not lead to an overall improvement in corporate governance, it should be noted that since the 2008 financial crisis, federal banking regulators have become more involved in overseeing governance and risk management.
What Changes Can Banks Expect
When delving into some of the specific changes banks can expect to see, the frequency of risk appetite statements will come into focus. Risk appetite is the amount and type of risk that an organization is prepared to pursue, retain or take. A proposed change would require the board to review and approve a risk appetite statement at least on a quarterly basis, as opposed to the current expectation of at least an annual basis. Additionally, banks would need to notify the FDIC in writing if a breach of risk limit or noncompliance were to occur with a risk appetite statement.
Actionable Risk Appetites: Top 5 Best Examples
Actionable risk appetite statements allow you to make data-driven, performance-enhancing decisions. We compiled a list of 5 great examples of risk appetite statements for organizations across various industries that are both actionable and tied to tangible risks.
Adopt the Three Lines of Defense
In addition to the tactical changes that banks will need to make regarding the frequency of compliance activities, the adoption of the 3 Lines of Defense of Risk Management may also serve as an adjustment that is needed.
At our customer conference IMPACT 2023, LogicManager customer Patrick Edwards discussed this concept, sharing “The three lines of defense represent an approach to providing structure around risk management, and the internal controls within an organization by defining those roles and responsibilities in different areas and then the relationship between those two those different areas. In the three lines of defense model, management control is the first line of defense and risk management. The various risk control and compliance oversight functions established by management are the second line, and independent assurance is the third.”
How LogicManager Empowers Banks
LogicManager’s Enterprise Risk Management (ERM) solutions are invaluable in assisting banks to implement the Three Lines of Defense model effectively. Here’s a concise breakdown of how LogicManager can make a difference:
- Risk Assessment and Management: LogicManager’s software provides a comprehensive platform for banks to identify, assess, and manage risks across their operations. The first line of defense, typically the business units, can use the software to conduct risk assessments, document risks, and develop mitigation plans. This ensures that the risks at the operational level are well understood and addressed.
- Policy and Procedure Management: The second line of defense, which includes risk management and compliance functions, can use LogicManager to establish and manage policies, standards, and procedures related to risk and compliance. The software allows for the centralization and distribution of these documents, ensuring that they are accessible and up-to-date.
- Internal Audit and Assurance: For the third line of defense, LogicManager can be used to facilitate internal audit processes. Internal auditors can use the platform to plan and execute audits, track findings, and report on the effectiveness of the risk management and control activities in place.
- Expert Risk Advisory: LogicManager’s expert advisors can provide guidance and expertise in implementing the Three Lines of Defense model. Their advisors can work closely with the bank to tailor the software and processes to its specific requirements.
In partnership with LogicManager, banks can bolster their risk management, enhancing governance and compliance while mitigating potential issues. Schedule a meeting with one LogicManager’s risk experts today to learn how you can keep ahead of new regulations.