Appendix E to Part 30 - OCC Guidelines Establishing Standards for Recovery Planning by Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches
12:1.0.1.1.27.0.28.7.17 : Appendix E
Appendix E to Part 30 - OCC Guidelines Establishing Standards for
Recovery Planning by Certain Large Insured National Banks, Insured
Federal Savings Associations, and Insured Federal Branches Table of
Contents I. Introduction A. Scope B. Compliance date C. Reservation
of authority D. Preservation of existing authority E. Definitions
II. Recovery Plan A. Recovery plan B. Elements of recovery plan 1.
Overview of covered bank 2. Triggers 3. Options for recovery 4.
Impact assessments 5. Escalation procedures 6. Management reports
7. Communication procedures 8. Other information C. Relationship to
other processes; coordination with other plans III. Management's
and Board of Directors' Responsibilities A. Management B. Board of
directors I. Introduction
A. Scope. This appendix applies to a covered bank, as
defined in paragraph I.E.3. of this appendix.
B. Compliance date.
1. A covered bank with average total consolidated assets,
calculated according to paragraph I.E.1. of this appendix, equal to
or greater than $250 billion as of January 28, 2019 should be in
compliance with this appendix on January 28, 2019.
2. A bank with average total consolidated assets, calculated
according to paragraph I.E.1. of this appendix, of less than $250
billion as of January 28, 2019 but which subsequently becomes a
covered bank should comply with this appendix within 12 months of
becoming a covered bank.
C. Reservation of authority.
1. The OCC reserves the authority:
a. To apply this appendix, in whole or in part, to a bank that
has average total consolidated assets of less than $250 billion, if
the OCC determines such bank is highly complex or otherwise
presents a heightened risk that warrants the application of this
appendix; or
b. To determine that compliance with this appendix should not be
required for a covered bank. The OCC will generally make this
determination if a covered bank's operations are no longer highly
complex or no longer present a heightened risk.
2. In determining whether a bank or covered bank is highly
complex or presents a heightened risk, the OCC will consider the
bank's size, risk profile, scope of operations, activities, and
complexity, including the complexity of its organizational and
legal entity structure. Before exercising the authority reserved by
paragraph I.C.1. of this appendix, the OCC will apply notice and
response procedures in the same manner and to the same extent as
the notice and response procedures in 12 CFR 3.404.
D. Preservation of existing authority. Neither section 39
of the Federal Deposit Insurance Act (12 U.S.C. 1831p-1) nor this
appendix in any way limits the authority of the OCC to address
unsafe or unsound practices or conditions or other violations of
law. The OCC may take action under section 39 and this appendix
independently of, in conjunction with, or in addition to any other
enforcement action available to the OCC.
E. Definitions.
1. Average total consolidated assets means the average
total consolidated assets of the bank or the covered bank, as
reported on the bank's or the covered bank's Consolidated Reports
of Condition and Income for the four most recent consecutive
quarters.
2. Bank means any insured national bank, insured Federal
savings association, or insured Federal branch of a foreign
bank.
3. Covered bank means any bank:
a. With average total consolidated assets equal to or greater
than $250 billion;
b. With average total consolidated assets of less than $250
billion if the bank was previously a covered bank, unless the OCC
determines otherwise; or
c. With average total consolidated assets less than $250
billion, if the OCC determines that such bank is highly complex or
otherwise presents a heightened risk as to warrant the application
of this appendix pursuant to paragraph I.C.1.a. of this
appendix.
4. Recovery means timely and appropriate action that a
covered bank takes to remain a going concern when it is
experiencing or is likely to experience considerable financial or
operational stress. A covered bank in recovery has not yet
deteriorated to the point where liquidation or resolution is
imminent.
5. Recovery plan means a plan that identifies triggers
and options for responding to a wide range of severe internal and
external stress scenarios to restore a covered bank that is in
recovery to financial strength and viability in a timely manner.
The options should maintain the confidence of market participants,
and neither the plan nor the options may assume or rely on any
extraordinary government support.
6. Trigger means a quantitative or qualitative indicator
of the risk or existence of severe stress, the breach of which
should always be escalated to senior management or the board of
directors (or appropriate committee of the board of directors), as
appropriate, for purposes of initiating a response. The breach of
any trigger should result in timely notice accompanied by
sufficient information to enable management of the covered bank to
take corrective action.
II. Recovery Plan
A. Recovery plan. Each covered bank should develop and
maintain a recovery plan that is specific to that covered bank and
appropriate for its individual size, risk profile, activities, and
complexity, including the complexity of its organizational and
legal entity structure.
B. Elements of recovery plan. A recovery plan under
paragraph II.A. of this appendix should include the following
elements:
1. Overview of covered bank. A recovery plan should
describe the covered bank's overall organizational and legal entity
structure, including its material entities, critical operations,
core business lines, and core management information systems. The
plan should describe interconnections and interdependencies (i)
across business lines within the covered bank, (ii) with affiliates
in a bank holding company structure, (iii) between a covered bank
and its foreign subsidiaries, and (iv) with critical third
parties.
2. Triggers. A recovery plan should identify triggers
that appropriately reflect the covered bank's particular
vulnerabilities.
3. Options for recovery. A recovery plan should identify
a wide range of credible options that a covered bank could
undertake to restore financial strength and viability, thereby
allowing the bank to continue to operate as a going concern and to
avoid liquidation or resolution. A recovery plan should explain how
the covered bank would carry out each option and describe the
timing required for carrying out each option. The recovery plan
should specifically identify the recovery options that require
regulatory or legal approval.
4. Impact assessments. For each recovery option, a
covered bank should assess and describe how the option would affect
the covered bank. This impact assessment and description should
specify the procedures the covered bank would use to maintain the
financial strength and viability of its material entities, critical
operations, and core business lines for each recovery option. For
each option, the recovery plan's impact assessment should address
the following:
a. The effect on the covered bank's capital, liquidity, funding,
and profitability;
b. The effect on the covered bank's material entities, critical
operations, and core business lines, including reputational impact;
and
c. Any legal or market impediment or regulatory requirement that
must be addressed or satisfied in order to implement the
option.
5. Escalation procedures. A recovery plan should clearly
outline the process for escalating decision-making to senior
management or the board of directors (or an appropriate committee
of the board of directors), as appropriate, in response to the
breach of any trigger. The recovery plan should also identify the
departments and persons responsible for executing the decisions of
senior management or the board of directors (or an appropriate
committee of the board of directors).
6. Management reports. A recovery plan should require
reports that provide senior management or the board of directors
(or an appropriate committee of the board of directors) with
sufficient data and information to make timely decisions regarding
the appropriate actions necessary to respond to the breach of a
trigger.
7. Communication procedures. A recovery plan should
provide that the covered bank notify the OCC of any significant
breach of a trigger and any action taken or to be taken in response
to such breach and should explain the process for deciding when a
breach of a trigger is significant. A recovery plan also should
address when and how the covered bank will notify persons within
the organization and other external parties of its action under the
recovery plan. The recovery plan should specifically identify how
the covered bank will obtain required regulatory or legal
approvals.
8. Other information. A recovery plan should include any
other information that the OCC communicates in writing directly to
the covered bank regarding the covered bank's recovery plan.
C. Relationship to other processes; coordination with other
plans. The covered bank should integrate its recovery plan into
its risk governance functions. The covered bank also should align
its recovery plan with its other plans, such as its strategic;
operational (including business continuity); contingency; capital
(including stress testing); liquidity; and resolution planning. The
covered bank's recovery plan should be specific to that covered
bank. The covered bank also should coordinate its recovery plan
with any recovery and resolution planning efforts by the covered
bank's holding company, so that the plans are consistent with and
do not contradict each other.
III. Management's and Board of Directors' Responsibilities
The recovery plan should address the following management and
board responsibilities:
A. Management. Management should review the recovery plan
at least annually and in response to a material event. It should
revise the plan as necessary to reflect material changes in the
covered bank's size, risk profile, activities, and complexity, as
well as changes in external threats. This review should evaluate
the organizational structure and its effectiveness in facilitating
a recovery.
B. Board of directors. The board is responsible for
overseeing the covered bank's recovery planning process. The board
of directors (or an appropriate committee of the board of
directors) of a covered bank should review and approve the recovery
plan at least annually, and as needed to address significant
changes made by management.
[81 FR 66800, Sept. 29, 2016, as amended at 83 FR 66607, Dec. 27,
2018]