[Federal Register Volume 60, Number 157 (Tuesday, August 15, 1995)]
[Notices]
[Pages 42413-42417]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 95-20128]



=======================================================================
-----------------------------------------------------------------------

FEDERAL RESERVE SYSTEM

[Docket No. R-0889]


Federal Reserve Payment System Risk Policy

AGENCY: Board of Governors of the Federal Reserve System.

ACTION: Notice; request for comment.

-----------------------------------------------------------------------

SUMMARY: The Board requests comment on the benefits and costs of 
adopting a policy to control access to the Federal Reserve Banks' 
automated clearing house (ACH) service by entities other than the 
depository institution whose Federal Reserve account will be debited. 
The controls would apply to ACH credit transactions sent by third-party 
processors (service providers) and respondent depository institutions 
directly to a Reserve Bank or a private ACH operator that exchanges 
transactions with a Federal Reserve Bank. Controlling access to the ACH 
service will help to ensure the safety and soundness of the ACH system.
    The concepts underlying the proposed ACH third-party access policy 
are similar to the provisions of the Fedwire third-party access policy, 
which was originally adopted in 1987 and amended today. (See notice 
published elsewhere in today's Federal Register.) The Board requests 
comment on the specific provisions of the proposed policy and the cost 
and operational impact of providing risk monitoring capabilities for 
controlling access to the Federal Reserve Banks' ACH service. The risk 
monitoring capabilities are intended to permit the depository 
institutions that are 

[[Page 42414]]
responsible for funding ACH credit transactions to control the 
potential credit risk and reduce the risk of fraud created by their 
customers and respondent depository institutions. The proposed policy 
provisions and monitoring alternatives do not cover ACH debit 
transactions.

DATES: Comments must be submitted on or before November 9, 1995.

ADDRESSES: Comments should refer to Docket No. R-0889, and may be 
mailed to Mr. William Wiles, Secretary, Board of Governors of the 
Federal Reserve System, 20th Street and Constitution Avenue, N.W., 
Washington, DC 20551. Comments may also be delivered to Room B-2222 
between 8:45 a.m. and 5:15 p.m. weekdays, or to the guard station in 
the Eccles Building courtyard on 20th Street N.W. (between Constitution 
Avenue and C Street) at any time. Comments may be inspected in Room MP-
500 of the Martin Building between 9:00 a.m. and 5:00 p.m. weekdays, 
except as provided in 12 CFR 261.8 of the Board's rules regarding 
availability of information.

FOR FURTHER INFORMATION CONTACT: Florence M. Young, Assistant Director 
(202/452-3955), Wesley M. Horn, Manager, ACH Payments (202/452-2756), 
or Scott E. Knudson, Senior Financial Services Analyst, ACH Payments 
(202/452-3959) Division of Reserve Bank Operations and Payment Systems; 
for the hearing impaired only: Telecommunications Device for the Deaf, 
Dorothea Thompson (202/452-3544).

SUPPLEMENTARY INFORMATION:

I. Background

    The ACH is a value-dated electronic payment service that supports 
both debit and credit transactions. In ACH debit transactions, funds 
flow from the depository institution receiving the transaction to the 
institution originating the transaction. Typical debit transactions 
include collection of insurance premiums, mortgage and loan payments, 
consumer bill payments, point-of-sale transactions, and corporate cash 
concentration transactions. Institutions originating ACH debit 
transactions are exposed to the risk that the receiving institution 
will return a transaction and the originating institution's customer 
will not have sufficient funds available to cover the returned 
transaction. An originating institution can control its exposure to 
potential losses from returned debit transactions by establishing funds 
availability policies that are based on the creditworthiness of each 
customer. That is, an originating institution can hold all or a part of 
the funds collected via ACH debit transactions until returned 
transactions are expected to be received.1

    \1\ In Regulation CC (12 CFR Part 229), an ACH debit transfer is 
excluded from the definition of electronic payment, which is subject 
to next-day funds availability, because the receiver of an ACH debit 
transfer has the right to return the transfer. Thus, an ACH debit 
transfer is more like a check than a wire transfer of funds.
---------------------------------------------------------------------------

    In ACH credit transactions, funds flow from the institution 
originating the transaction to the institution receiving the 
transaction. Typical ACH credit transactions include direct deposit of 
payroll, annuity payments, dividend payments, and corporate payments to 
vendors and suppliers. When ACH credit transactions are transmitted to 
a Reserve Bank, the depository institution originating ACH credit 
transactions or its designated correspondent is obligated to fund the 
transactions on the settlement day, whether or not the institution's 
customers fund the payments.2 3

    \2\ The Federal Reserve Banks' Uniform Operating Circular on 
Automated Clearing House Items, paragraph 11(c) states ``by sending 
an item to a Reserve Bank, the sending institution authorized the 
Reserve Bank holding the institution's account to debit the amount 
of a credit item to the sending institution's account on the 
settlement date.'' Paragraph 38 states ``a sending institution or 
prior party may not amend or revoke an item after it has been 
received by a Reserve Bank, except as otherwise provided in the 
applicable ACH rules.'' The ACH Rules (Article Seven, Section 7.1), 
promulgated by the National Automated Clearing House Association 
(NACHA), state that ``neither an originator nor an ODFI (originating 
depository financial institution) has the right to recall an entry 
or file, to require the return of or adjustment to an entry, or to 
stop the payment or posting of an entry, once the entry or file has 
been received by the originating ACH operator.''
    \3\ The Uniform Operating Circular on Automated Clearing House 
Items, Appendix 4, Settlement Agreements, states that a sending or 
receiving institution (or its correspondent account holder) may 
terminate a settlement agreement by providing written notice to a 
Reserve Bank. A Reserve Bank may terminate a settlement agreement by 
providing written notice to the institution (or correspondent 
account holder). In either case, the termination notice is effective 
on and after the banking day following the banking day of receipt by 
the institution of the notice, or on and after a later date 
specified in the notice.
---------------------------------------------------------------------------

    ACH transactions are processed in batches one or two days before 
they are scheduled to settle. The use of value-dating exposes an 
originating institution to interday credit risk that can extend from 
one to two business days, depending upon when transactions are 
transmitted to an ACH operator and when a depository institution's 
customer funds the payments it originates. To address this exposure, as 
of January 3, 1995, The Guide to the Federal Reserve's Payment System 
Risk Policy requires depository institutions performing self 
assessments in order to obtain daylight overdraft caps to (1) evaluate 
the creditworthiness of each customer that originates ACH credit 
transactions, (2) establish for each customer an interday credit limit, 
and (3) monitor compliance with credit limits across all processing 
cycles for a given settlement day. For customers in weak financial 
condition, real-time monitoring is required.4 In addition, the 
Board has issued an Overview of the Federal Reserve's Payments System 
Risk Policy for use by depository institutions that use only minimal 
amounts of intraday Federal Reserve credit, that is, institutions that 
are exempt from filing or that qualify for a de minimis cap. The 
Overview indicates that institutions should perform credit assessments 
and establish credit or exposure limits for customers originating large 
dollar volumes of ACH credit transactions and that compliance with the 
limits should be monitored across all processing cycles for a given 
settlement day.5 In both documents, depository institutions are 
encouraged to require customers in weak financial condition to prefund 
or collateralize ACH credit transactions.

    \4\ Guide to the Federal Reserve's Payment System Risk Policy, 
Section VII, p. 57, January 1995.
    \5\ Overview of the Federal Reserve's Payments System Risk 
Policy, Section VI, p. 22, October 1993.
---------------------------------------------------------------------------

    Many depository institutions originating ACH transactions do so 
through third-party service providers. There are a variety of third-
party processing arrangements that result in a service provider's 
transmitting ACH transactions directly to a Federal Reserve Bank or a 
private ACH operator, which may ultimately transmit the transactions to 
a Federal Reserve Bank.6 For example, a depository institution may 
contract with another depository institution, acting as a service 
bureau, or with a non-depository institution service provider to create 
ACH transactions on its behalf. In some cases, companies create ACH 
transactions on behalf of their account-holding institution and 
transmit the files to third-party service providers. Service providers 
may also create ACH transactions directly for corporate customers, such 
as payroll payments. In these cases, service providers consider the 
contracting companies, not the depository institution, to be their 
clients. In addition, respondent depository institutions may send ACH 
credit transactions for which settlement will be made through a 
correspondent 

[[Page 42415]]
depository institution's account directly to a Federal Reserve Bank or 
a private ACH operator. In other cases, a respondent depository 
institution might transmit transactions to a third-party service 
provider, which would in turn transmit the transactions to a Federal 
Reserve Bank or private ACH operator. The Board believes that there may 
also be other types of third-party arrangements that have not been 
identified.

    \6\ There are currently one national private ACH operator--Visa, 
U.S.A.--and two regional private ACH operators--the New York 
Automated Clearing House and Deluxe Data Systems, which is the 
service provider for the Arizona Clearing House Association.
---------------------------------------------------------------------------

    As noted above, depository institutions are required to fund ACH 
credit transactions on the settlement day once they have been 
transmitted to a Federal Reserve Bank. Therefore, the transmission of 
ACH credit transactions to a Federal Reserve Bank by a third-party 
service provider or respondent institution without the explicit review 
and consent of the originating institution or correspondent, whose 
Federal Reserve account will ultimately be charged for the 
transactions, can expose the originating institution or correspondent 
to credit risk. For example, if a depository institution's customer 
that uses a third-party service provider to originate payroll payments 
declares bankruptcy before transactions have settled, the depository 
institution would be required to absorb any loss. Similarly, if a 
third-party service provider originated fraudulent payments, a 
depository institution could, at a minimum, be exposed to liquidity 
risk and the safety and soundness of the ACH service could be 
undermined.
II. Risk in ACH Third-Party Processing Arrangements

    During the mid-1980s, the Board became concerned about the credit 
exposure faced by depository institutions entering into arrangements 
with service providers to send and receive Fedwire funds transfers. To 
address the credit exposure inherent in these arrangements, as part of 
its risk reduction policy, in 1987 the Board approved a set of 
conditions under which Fedwire third-party access arrangements could be 
established. The Board has adopted revisions to the Fedwire third-party 
access policy. (See notice published elsewhere in today's Federal 
Register.) 7

    \7\ The policy requires depository institutions to impose 
prudent controls over Fedwire transfers initiated, received, or 
otherwise processed on their behalf by a third-party service 
provider.
---------------------------------------------------------------------------

    At the time the Fedwire controls were adopted, they were not 
applied to the ACH because it was considered a small-dollar payment 
system. As a result, there was little concern about the risks created 
when third parties originated and transmitted ACH transactions to ACH 
operators on behalf of depository institutions. Although the average 
value of individual ACH credit transactions is relatively small--$2,600 
compared with $3 million for Fedwire funds transfers in 1994--the 
aggregate value of ACH transactions originated by a customer of an 
institution can be significant. Moreover, the volume and value of 
commercial ACH credit transactions has increased rapidly. In 1987, when 
the Fedwire policy was adopted, 206.8 million ACH credit transfers, 
with a value of approximately $410.7 billion, were processed by the 
Federal Reserve Banks. In 1994, 955 million transfers, with a value of 
almost $2.5 trillion, were processed by the Federal Reserve Banks. 
Thus, over the last seven years, the volume of ACH credit transactions 
has grown at an average annual rate of nearly 25 percent and the value 
of these transactions has increased at an average annual rate of nearly 
30 percent. A number of factors indicate that continued rapid growth is 
likely.
    To assess the level of risk depository institutions face due to ACH 
transactions originated through third-party service providers, the 
Board's staff surveyed the Reserve Banks to obtain information on the 
value of ACH credit transactions that are processed for depository 
institutions that have agreements with service providers.8 The 
potential credit exposure was measured by dividing the dollar value of 
the daily average and peak-day ACH credit transactions originated by 
service providers for each depository institution by the amount of the 
institution's total capital. In general, the survey results indicated 
that the amount of risk faced by institutions in third-party processing 
arrangements is a small percentage of capital. Peak-day exposure 
averaged approximately 5 percent of the total capital of institutions 
using third-party processors. Although the average risk exposure, as 
measured by the survey, was not significant, for some institutions 
significant exposure existed. Of the 5,020 institutions that permitted 
service providers to originate ACH transactions, the peak-day exposure 
for seven institutions exceeded 150 percent of capital and, for one 
institution, it exceeded 250 percent of capital. As ACH volume 
continues to grow, the potential risks created by the use of service 
providers is likely to increase. Further, anecdotal evidence suggests 
that many depository institutions are not fully aware of the extent to 
which third parties originate ACH transactions on their behalves.

    \8\ Data were provided by all Reserve Banks, expect the Federal 
Reserve Bank of New York, for the month of December 1993. The New 
York Automated Clearing House provides essentially all commercial 
ACH service in the New York District.
---------------------------------------------------------------------------

    The potential exposure created by the use of third-party service 
providers to institutions originating ACH transactions, led the Board 
of Directors of the National Automated Clearing House Association to 
pass a resolution addressing system controls for third-party processors 
in November 1993. That resolution, among other things, recommended that 
ACH controls include: ``. . . a review and release function capability 
for originating depository financial institutions with respect to all 
files sent directly to ACH Operators by third parties and respondent 
depository financial institutions.. . .'' The purpose of this 
resolution was to provide originating depository institutions a 
mechanism to control the risks created by third-party service providers 
and respondent depository institutions.
    The New York Automated Clearing House (NYACH) has implemented a 
voluntary mechanism that permits originating institutions to set limits 
on the aggregate amount of ACH credit transactions that can be 
originated against their accounts by third-party processors. If the 
credit limit is exceeded, NYACH will hold the files and contact the 
originating institution. Based on its instructions, NYACH will either 
reject the file or permit the institution to adjust the credit limit. 
Visa, U.S.A. and the Arizona Clearing House Association are considering 
instituting third-party controls.

III. Proposed ACH Access Policy

    The Board is concerned about the potential lack of control in 
third-party arrangements and believes that appropriate measures should 
be taken to ensure the safety and soundness of the ACH service by 
enabling originating institutions to control the risks created by the 
use of service providers. Thus, the Board requests comment on the 
benefits and costs of adopting a policy to control access to the 
Federal Reserve's ACH services. In particular, the Board requests 
comment on the scope of the proposed policy, risk monitoring 
capabilities for implementing ACH credit controls, and several other 
controls.

A. Scope

    The proposed ACH policy would apply only to ACH credit 
transactions. As noted above, a depository institution is able to 
control its credit risk from ACH debit transactions by delaying the 

[[Page 42416]]
availability of funds to the originators of the transactions. The 
Board, therefore, believes that limiting the policy to the origination 
of ACH credit transactions avoids imposing unnecessary burdens on the 
industry while addressing the most significant risk.
    The policy would cover all of the following types of arrangements:
     Service providers (service bureaus, information 
processors, and depository institutions that act as service bureaus for 
other institutions) that transmit ACH credit transactions directly to a 
Federal Reserve Bank or to an ACH operator that exchanges payments with 
a Federal Reserve Bank;
     Companies that transmit their ACH credit transactions 
directly to a Reserve Bank or private ACH operators that transmit 
transactions to the Federal Reserve; and
     Institutions that transmit ACH credit transactions 
directly or indirectly to a Federal Reserve Bank and designate a 
correspondent depository institution for the settlement of the 
transactions.
B. Credit Controls

    In its payments system risk policies, the Board has indicated that 
depository institutions should establish procedures to protect 
themselves from the risk created by their corporate customers when they 
originate ACH credit transactions. In particular, the Board has 
indicated that depository institutions should perform credit 
assessments and establish credit limits for corporate customers that 
originate ACH credit transactions. That policy applies whether ACH 
credit transactions are originated by a depository institution itself 
or by a service provider.
    In addition to the requirements currently included in the payment 
system risk policy, the Board requests comment on the following credit 
controls.
     Institutions that outsource their own ACH processing would 
be required to establish an interday limit on the value of ACH credit 
transactions that a service provider can originate on their behalf.
     Correspondent depository institutions would be required to 
establish interday credit limits for each of their respondent 
institutions that originate ACH credit transactions.
    Monitoring capabilities would enable institutions to ensure that 
the credit limits established by the originating institution for each 
corporate customer and for its own transactions are not exceeded. If 
monitoring capabilities only enabled a depository institution to 
monitor the aggregate value of ACH credit transactions transmitted to a 
Reserve Bank or a private ACH operator by a third-party, the 
responsible depository institution would not be able to control the 
risk that it faces from its corporate customers. The Board believes 
that it is important for depository institutions to be able to control 
the credit exposure that they face from each of their corporate 
customers and respondent institutions. As a result, the Board requests 
comment on the benefits and costs of adopting risk monitoring 
capabilities that differ from the approach recommended by the NACHA's 
Board of Directors and implemented by one private operator, which 
establishes controls over the total exposure an institution faces due 
to transactions originated through third-party service providers. 
Additionally, more than one third-party service provider may originate 
ACH credit transactions on behalf of a depository institution's 
customers. Therefore, a depository institution would be expected to 
ensure that its internal procedures enable it to monitor all ACH credit 
transactions originated for each of its corporate customers through 
third-party service providers.
    The following discussion describes the requirements of the ACH risk 
monitoring capabilities. The Board requests comment on whether the 
Reserve Banks and private ACH operators and/or third-party service 
providers, at the option of depository institutions, should provide the 
risk monitoring capabilities.
    The institution's management would set credit limits to reflect the 
total amount of unsettled ACH credit transactions that the 
institution's management had determined was acceptable based on the 
customer's or respondent institution's financial condition. The 
institution would provide these credit limits to the entity providing 
the monitoring capabilities. Upon receipt of a file from a third-party 
service provider or respondent institution, the dollar value of the ACH 
credit transactions in each batch would be combined with the amount of 
other unsettled ACH credit transactions that had previously been 
processed for the same company or respondent institution. The resulting 
aggregate amount of unsettled credit transactions would be compared to 
the pre-established credit limit. If this total were below the credit 
limit established for the customer or respondent institution, the 
transactions would be processed. If the credit limit for the customer 
or respondent institution were exceeded, the batch(es) would be held 
and the originating depository institution and/or the correspondent 
institution would be notified. The depository institution would have 
the option to reject the batch or set a new credit limit for its 
corporate or respondent customer.
    If an originating institution of ACH credit transactions uses a 
third-party service provider to originate ACH transactions and uses a 
correspondent institution for settlement, the respondent institution 
would be expected to establish credit limits for its customers and to 
instruct the provider of the monitoring mechanism regarding the action 
to be taken if a batch(es) of ACH credit transactions exceeded its 
customer's credit limits. In addition, the correspondent institution 
would be expected to establish credit limits for its respondent 
institutions and to instruct the provider on the action to be taken if 
a batch(es) of transactions originated on behalf of its respondent 
institution exceeded the respondent's credit limit.
    These risk monitoring requirements would apply if the Reserve Banks 
and private ACH operators or third-party service providers provided the 
monitoring capabilities. Specifically, the Board is requesting comment 
on whether the monitoring capabilities could most effectively be 
provided by the Reserve Banks and private ACH operators, third-party 
service providers, or some combination selected by depository 
institutions.
    If the Reserve Banks provided the monitoring capabilities, the 
Board believes that the capabilities for this alternative could be 
implemented within approximately 12 to 18 months following approval of 
the ACH third-party policy. Developing and operating such a monitoring 
system would be costly, and the benefits of the system would accrue to 
institutions using third-party service providers and correspondent 
institutions. Therefore, it is likely that the Reserve Banks would 
assess some fee to institutions originating ACH credit transactions 
through third-party service providers and to institutions acting as ACH 
correspondent settlement agents if they were to provide monitoring 
capabilities. The Board is interested in knowing the amount of time 
that private ACH operators and service providers would need to 
implement the proposed monitoring capabilities.
    The Board believes that the risk monitoring capability may require 
users of ACH services to make changes that may result in increased 
costs. For example, in many instances batches of ACH credit 
transactions could be pended after normal business hours. Thus, 
originating institutions and correspondent institutions would need to 
make personnel with credit-granting 

[[Page 42417]]
authority available during these off-hours. Finally, if service 
providers provided the monitoring capabilities, originating depository 
institutions or correspondent institutions that permit customers or 
respondents to transmit ACH credit transactions directly to a Reserve 
Bank may not be able to rely on the service provider to provide 
effective controls over such transactions.

C. Other Controls

    To ensure the integrity of ACH third-party and respondent access 
arrangements, the following provisions, which are generally consistent 
with those required in the Fedwire third-party access policy, would 
apply.
     An institution's board of directors would be required to 
approve the role and responsibilities of a service provider(s) that is 
not affiliated with the institution through at least 80 percent common 
ownership.
      A depository institution that uses an ACH third-party 
access arrangement would be required to have its auditors confirm 
compliance with the controls described in the policy at least annually.
     The service provider must be subject to examination by the 
appropriate federal depository institution regulatory agency(ies).
     The conditions under which these arrangements could be 
established would be set forth in the appendices of the Reserve Banks' 
uniform ACH operating circular. The uniform operating circular would 
serve as the legal agreement governing the arrangement between the 
institution and the service provider and/or correspondent and would 
govern arrangements of which the Reserve Banks otherwise may not be 
aware. The ACH Participation Agreement, which is used to document the 
various agreements between the Federal Reserve Banks and users of their 
ACH services, such as settlement arrangements and electronic 
connections, would serve to identify the institution and the service 
provider(s) or correspondent(s) in the third-party arrangement(s).

IV. Competitive Impact Analysis

    In considering a change that has a substantial effect on payment 
system participants, the Board assesses whether the proposed change 
would have a direct and material adverse effect on the ability of other 
service providers to compete effectively with the Federal Reserve Banks 
in providing similar services and if such effects are due to legal 
differences or due to a dominant market position deriving from such 
legal differences.
    The Federal Reserve Banks compete in providing ACH services to 
depository institutions with private-sector ACH operators. The intent 
of the proposed third-party access policy is to ensure the integrity of 
the ACH system. The proposed policy would apply equally to institutions 
using Federal Reserve Bank ACH services and to institutions that use 
the services of private ACH operators that transmit ACH transactions to 
the Federal Reserve Banks on their behalf. Therefore, the Board 
believes that although the proposal would impose requirements on 
private ACH operators, those requirements would not be any greater than 
the additional requirements the Federal Reserve would be placing on 
itself.

V. Request for Comments

    The Board requests comments on all aspects of this proposal. The 
Board specifically requests comments on the following questions:

A. Current Arrangements and Controls

    1. Under what types of arrangements do third parties initiate or 
transmit ACH credit transactions to the Federal Reserve Banks or 
private-sector ACH operators on behalf of depository institutions?
    2. What are the unique risk characteristics of third-party 
processing arrangements and correspondent settlement arrangements that 
concern the institutions, service providers, and private ACH operators 
participating in such arrangements? Are the risks in these arrangements 
expected to increase in the future?
    3. What controls are currently in place that permit institutions to 
control their risk in ACH third-party processing arrangements and 
correspondent settlement arrangements? Are these controls consistent 
with the type of controls required in the payment system risk policy?

B. Risk Monitoring Alternatives

    4. How would the requirement to make personnel available after 
normal business hours affect institutions' ACH operating risk and 
costs? How would it affect the quality of the ACH service? Are there 
other operational issues or customer service issues associated with 
either risk control alternative?
    5. Would monitoring capabilities provided by the Reserve Banks and 
private ACH operators or by the service providers be most effective in 
achieving the objectives of controlling risk in the ACH? Should the 
Board consider permitting depository institutions to select between the 
two alternatives or should only one approach be adopted?
    6. If only service providers were to provide monitoring 
capabilities, how would the activity of originating institutions' 
customers and respondent institutions that transmit ACH credit 
transactions directly to a Federal Reserve Bank or a private ACH 
operator be monitored?
    7. What costs would be incurred by (a) private ACH operators to 
expand or develop their monitoring systems to permit their users to 
monitor ACH credit transactions at the customer level and (b) third-
party service providers to develop such a monitoring mechanism?
    8. How do the benefits derived from improving credit controls over 
access to the ACH service compare with the potential costs of 
implementing the proposal and the operational risk (i.e., possible 
untimely processing) that may be created by proposed controls?
    9. Are there other monitoring alternatives that would be equally 
effective but pose fewer operational issues and be less costly?
    10. Could depository institutions, private ACH operators, and 
service providers comply with the proposed policy if the final policy 
were effective 18 months after adoption by the Board? Could the parties 
comply within 12 months after adoption by the Board?

C. Proposed Policy Provisions

    11. Do the provisions of the proposed policy address the credit 
risk concerns of institutions participating in ACH third-party 
processing arrangements? If not, explain your concerns and suggested 
alternative controls.
    12. Could the risk monitoring controls effectively control credit 
risk if they were applied only to corporate customers or respondent 
institutions whose financial condition was considered weak? What issues 
might be raised if parties other than the responsible depository 
institution had information identifying financially weak customers or 
respondent institutions?
    13. Should a depository institution be responsible for monitoring 
the financial stability of its service providers and adopting 
procedures necessary to ensure that the activities of the service 
provider were controlled appropriately?

    By order of the Board of Governors of the Federal Reserve 
System, August 9, 1995.
William W. Wiles,
Secretary of the Board.
[FR Doc. 95-20128 Filed 8-14-95; 8:45 am]
BILLING CODE 6210-01-P