[Federal Register Volume 61, Number 245 (Thursday, December 19, 1996)]
[Notices]
[Pages 67021-67029]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 96-32174]


=======================================================================
-----------------------------------------------------------------------

FEDERAL FINANCIAL INSTITUTIONS EXAMINATION COUNCIL


Uniform Financial Institutions Rating System

AGENCY: Federal Financial Institutions Examination Council.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: The Federal Financial Institutions Examination Council (FFIEC) 
is revising the Uniform Financial Institutions Rating System (UFIRS), 
which is commonly referred to as the CAMEL rating system. The term 
``financial institutions'' refers to those insured depository 
institutions whose primary Federal supervisory agency is represented on 
the FFIEC. The agencies comprising the FFIEC are the Board of Governors 
of the Federal Reserve System (FRB), the Federal Deposit Insurance 
Corporation (FDIC), the National Credit Union Administration (NCUA), 
the Office of the Comptroller of the Currency (OCC), and the Office of 
Thrift Supervision (OTS). The revisions update the rating system to 
address changes in the financial services industry and in supervisory 
policies and procedures occurring since the rating system was adopted 
in 1979. The changes include: reformatting and clarification of 
component rating descriptions and component rating definitions; adding 
a sixth component addressing sensitivity to market risk; increasing 
emphasis on the quality of risk management practices in each of the 
rating components, particularly in the Management component; revising 
the composite rating definitions; and explicitly identifying the risks 
considered in assigning component ratings.

DATES: December 19, 1996.

FOR FURTHER INFORMATION CONTACT:

    OCC: Lawrence W. (Bill) Morris, National Bank Examiner, Office of 
the Chief National Bank Examiner, (202) 874-5350, Office of the 
Comptroller of the Currency, 250 E Street SW, Washington, D.C. 20219.
    FRB: Kevin Bertsch, Supervisory Financial Analyst, (202) 452-5265, 
or Constance Powell, Supervisory Financial Analyst, (202) 452-3506, 
Division of Banking Supervision and Regulation, Board of Governors of 
the Federal Reserve System, 20th and C Streets NW, Washington, D.C. 
20551. For the hearing impaired only, Telecommunication Device for the 
Deaf (TDD), Dorothea Thompson, (202) 452-3544.
    FDIC: Daniel M. Gautsch, Examination Specialist, (202) 898-6912,

[[Page 67022]]

Office of Policy, Division of Supervision. For legal issues, Linda L. 
Stamp, Counsel, (202) 898-7310, Supervision and Legislation Branch, 
Federal Deposit Insurance Corporation, 550 17th Street NW, Washington, 
D.C. 20429.
    OTS: William J. Magrini, Senior Project Manager, (202) 906-5744, 
Supervision Policy, Office of Thrift Supervision, 1700 G Street NW, 
Washington, D.C. 20552.

SUPPLEMENTARY INFORMATION:

Background Information

    On July 18, 1996, the FFIEC published a notice and request for 
comment in the Federal Register (July Notice), 60 FR 37472, requesting 
comment on proposed revisions to the UFIRS. The UFIRS is an internal 
rating system used by the Federal supervisory agencies and State 
supervisory agencies for evaluating the soundness of financial 
institutions on a uniform basis and for identifying those institutions 
requiring special supervisory attention or concern. The UFIRS takes 
into consideration a careful evaluation of managerial, operational, 
financial, and compliance performance factors common to all 
institutions. The UFIRS is used by the supervisory agencies to monitor 
aggregate trends in the overall soundness of financial institutions. 
The UFIRS also provides a means for the supervisory agencies to 
monitor, for various statistical and supervisory purposes, the types 
and severity of problems that institutions may be experiencing, and to 
determine the level of supervisory concern that is warranted.
    Under the UFIRS, each financial institution is assigned a composite 
rating based on an evaluation and rating of essential components of an 
institution's financial condition and operations. Under the former 
UFIRS, the component factors addressed the adequacy of capital, the 
quality of assets, the capability of the board of directors and 
management, the quality and level of earnings, and the adequacy of 
liquidity. The composite and component ratings are assigned on a 1 to 5 
numerical scale. A 1 indicates the strongest performance and management 
practices and the lowest degree of supervisory concern. A 5 indicates 
the weakest performance and management practices and the highest degree 
of supervisory concern.
    The UFIRS is an effective tool for the supervisory agencies to 
determine the safety and soundness of financial institutions. A number 
of changes, however, have occurred in the financial services industry 
and in supervisory policies and procedures since the rating system was 
adopted in 1979. As a result, the FFIEC is making certain enhancements 
to the rating system but is retaining its basic framework. The 
enhancements include: reformatting and clarifying the component rating 
descriptions and component rating definitions; adding a new sixth 
component, Sensitivity to Market Risk; increasing emphasis on the 
quality of risk management processes in each of the component ratings, 
particularly in the Management component; adding language in the 
composite rating definitions to parallel the changes in the component 
rating descriptions; and identifying the types of risk associated with 
each component area.
    The FFIEC notes that some Federal supervisory agencies' regulations 
reference the institution's UFIRS or CAMEL rating in determining an 
institution's status under those regulations. The Federal supervisory 
agencies may consider amending those regulations to incorporate changes 
made to the UFIRS system.

Comments Received and Changes Made

    The FFIEC received 55 comments regarding the proposed revisions to 
UFIRS. Thirty-four of the comments were from banks and thrifts, ten 
from state banking departments, five from trade associations, two from 
FRB offices, two from consultants, and two from Federal bank examiners.
    Commenters generally favored the changes to the rating system 
regarding structure and format, reference to risk management practices, 
identification of risk types, and revisions to the composite and 
component rating definitions. However, commenters were divided 
regarding the new component on sensitivity to market risk.
    Examiners field tested the revised rating system during 185 bank 
and thrift examinations conducted between July and October, 1996. The 
examiners provided comments regarding the revised rating system. 
Examiner response generally was favorable for the revised rating 
system, including the new sixth component. Few significant problems or 
rating differences were encountered between the former and the updated 
UFIRS.
    Many commenters and examiners recommended clarifying changes to 
various aspects of the revised rating system. The FFIEC carefully 
considered each comment and examiner response and is making certain 
changes. The following discussion describes the comments received and 
changes made to the UFIRS in response to the comments. The updated 
UFIRS is included at the end of this Notice.

July Notice Specific Questions

    In addition to requesting general comments regarding the proposed 
rating system, the FFIEC invited comments on two specific questions:
    (1) Does the proposed, revised rating system capture the essential 
aspects of a financial institution's condition, compliance with laws 
and regulations, and overall operating soundness? If not, what 
additional or different components should be considered?
    The majority of responses to this question were positive and 
indicated no additional or different components should be considered. 
Some commenters noted concerns with or the need for clarification of 
the new sixth component. These concerns are addressed later in this 
Notice.
    (2) Does the proposed management component rating adequately 
represent an assessment of the quality of the board of directors' and 
management's oversight regarding an institution's operating 
performance, risk management practices, and internal controls? If not, 
what other factors should be considered when rating management?
    The majority of responses to this question were favorable. A number 
of commenters recommended that the Management component make a clearer 
distinction between the role of the board of directors and the role of 
senior management.
    The FFIEC added language to the Management component that 
recognizes the different responsibilities of these two management 
groups.

Structure and Format of Component Descriptions

    The July Notice enhanced and clarified component rating 
descriptions by reformatting each component into three distinct 
sections: (1) An introductory paragraph discussing the areas to be 
considered when rating each component; (2) a bullet-style listing of 
the evaluation factors to be considered when assigning component 
ratings; and (3) a brief, qualitative description of the five rating 
grades that can be assigned to a particular component.
    Several commenters expressed concern that component descriptions 
and component rating definitions need clear distinction and 
differentiation between rating levels.
    The FFIEC acknowledges the need for clear distinction and 
differentiation between component rating levels. The UFIRS now reflects 
changed or added language to clarify that the component

[[Page 67023]]

rating assessments consider an institution's size, the nature and 
complexity of its business activities, and its risk profile. Sentence 
structure, coupled with other minor language changes, were made to 
enhance parallelism and to improve differentiation between component 
rating levels.
    Some commenters expressed concern regarding the number of 
evaluation factors within each component, the subjectivity associated 
with the evaluation factors, the order in which evaluation factors were 
listed, the redundancy of evaluation factors between components, and 
the need for clarification of some of the evaluation factors.
    The FFIEC made revisions to the UFIRS to better structure and 
identify the factors that examiners traditionally consider as part of 
their assessment of a component area. This allows examiners and bankers 
to have a better understanding of what is being assessed under each 
component. Since its inception, the UFIRS has always contained elements 
of subjectivity and examiner judgment when assigning a rating, 
particularly as it relates to qualitative assessments of policies, 
practices, processes, and systems. Subjectivity and judgment cannot be 
eliminated but, as in the past, it can be reasonably applied based on 
the examiner's experience and knowledge, and their familiarity with the 
unique characteristics of the institution being examined.
    The list of evaluation factors under each component is not meant to 
be all inclusive and appropriate language is added to the UFIRS noting 
that the evaluation factors are not listed in any particular order of 
importance. This allows examiners the flexibility of assessing factors 
that are most pertinent to the institution's situation and risk 
profile.
    The FFIEC also acknowledges that there is a certain degree of 
redundancy between the component evaluation factors. For example, 
certain factors, such as the ability of management to identify, 
measure, monitor, and control risk, apply to each of the components and 
are an integral part of each component's rating. In addition, the level 
of classified assets will also impact the Asset Quality component and 
the Capital and Earnings components. This analysis should not be 
considered as ``double counting,'' but rather as a balanced assessment 
of how an evaluation factor can impact several component areas.
    The FFIEC, however, has removed the evaluation factor referring to 
compliance with laws and regulations from all but the Management 
component. In addition, minor language changes are made to some of the 
component evaluation factors for clarification purposes.

Sensitivity to Market Risk Component

    The July Notice added a sixth rating component addressing 
sensitivity to market risk and the degree to which changes in interest 
rates, foreign exchange rates, commodity prices, or equity prices can 
adversely affect a financial institution's earnings or economic 
capital.
    A number of commenters noted that the sensitivity to market risk 
already is considered under the existing components and questioned the 
need for the new component.
    The FFIEC acknowledges that market risk is already considered under 
the UFIRS; however, adding a new component provides a more precise 
indication of an institution's ability to monitor and manage its market 
risk. Since the sensitivity to market risk is already considered when 
assigning UFIRS ratings, the addition of the new component should not 
result in a change to the composite ratings being assigned.
    The principal benefit of this new component is that it gives a 
clearer indication of supervisory concerns related to market risk than 
can be gained from the former UFIRS. For example, a financial 
institution with weak earnings and poor liquidity also might have 
significant and poorly managed exposures to interest rate risk. Less 
than satisfactory component ratings for earnings or liquidity accorded 
an institution under the former UFIRS would not specifically note a 
problem with exposure to, or the management of, market risk. Under the 
updated UFIRS, however, it is now possible to determine whether an 
institution has less than satisfactory earnings, a deficiency in its 
level or management of liquidity, and a problem with its exposure to 
market risks.
    Other commenters objected to the new component on the grounds that 
it will place too much weight on a risk that is insignificant to most 
institutions and may result in examiners requiring elaborate market 
risk management systems where relatively basic management practices 
would suffice.
    The FFIEC acknowledges that, for most institutions, market risk 
primarily reflects exposures to changes in interest rates.
    Currently, interest rate risk is not a significant problem for the 
industry. In light of the level of risk embodied in this component for 
most institutions, the Federal supervisory agencies do not anticipate 
examiners overemphasizing this component when assigning a composite 
rating.
    For the institutions that choose to take on greater market risk 
through holdings of complicated investments or hedging instruments or 
as part of significant trading activities, the exposure to, and 
management of, market risk is more significant to their overall risk 
profile. Thus, it is possible more weight will be assigned to the new 
component in determining the composite rating under UFIRS for 
institutions engaging in these activities. This is consistent with the 
Federal supervisory agencies' views that, when assigning a composite 
rating, examiners should determine the weight placed on each component 
based upon the particular situation of the institution, not on an 
arithmetic average of the components.
    Thus, supervisory expectations for the management of market risk 
remain unchanged; the quality of management systems must be 
commensurate with risk exposure. Accordingly, the new component does 
not imply a requirement to develop enhanced management systems where 
market risk already is being identified, measured, monitored, and 
controlled in a manner appropriate to the institution's market risk 
exposure.
    Several commenters also raised concerns about a perceived emphasis 
on the absolute level of market risk in the rating descriptions for the 
sensitivity to market risk component.
    The FFIEC agrees that the evaluation of market risk must take into 
account the capital and earnings of an institution and the quality of 
its risk management practices. Accordingly, the description of the new 
component and its rating definitions have been revised to reflect this 
view.

Risk Management

    The revised rating system reflects an increased emphasis on risk 
management processes. The Federal supervisory agencies currently 
consider the quality of risk management practices when applying the 
UFIRS, particularly in the management component. Changes in the 
financial services industry, however, have broadened the range of 
financial products offered by institutions and accelerated the pace of 
transactions. These trends reinforce the importance of institutions 
having sound risk management systems. Accordingly, the revised rating 
system contains explicit language in each of the components emphasizing 
management's ability to

[[Page 67024]]

identify, measure, monitor, and control risks.
    Several commenters expressed concern that the revised rating system 
would add to an institution's regulatory burden; require additional 
policies, processes, and highly formalized management information 
systems; or prevent institutions from attaining the highest ratings if 
they did not have formalized risk management policies and systems.
    The FFIEC recognizes that management practices, particularly as 
they relate to risk management, vary considerably among financial 
institutions depending on their size and sophistication, the nature and 
complexity of their business activities, and their risk profile. Each 
institution must properly manage its risks and have appropriate 
policies, processes, or practices in place that management follows and 
uses. Activities undertaken in a less complex institution engaging in 
less sophisticated risk-taking activities may only need basic 
management and control systems compared to the detailed and formalized 
systems and controls needed for the broader and more complex range of 
activities undertaken at a larger and more complex institution.
    The FFIEC added appropriate language clarifying that the UFIRS does 
not add to the regulatory burden of institutions, but promotes and 
complements efficient examination processes. The FFIEC also added 
language clarifying that detailed or highly formalized management 
systems and controls are not required for less complex institutions 
engaging in less sophisticated risk taking activities to receive the 
higher composite and component ratings.

Composite Rating Definitions

    The July Notice retained the basic context of the existing 
composite rating definitions. The composite ratings are based on a 
careful evaluation of an institution's managerial, operational, 
financial, and compliance performance. The revised composite rating 
definitions contain an explicit reference to the quality of overall 
risk management practices.
    A number of commenters recommended that the composite rating 
definitions contain a clearer distinction between rating levels, 
include a better perspective on examiner flexibility in considering the 
evaluation factors, and clarify other language to ensure consistent and 
uniform application by supervisory agencies.
    The FFIEC agrees and has made certain changes in the structure and 
language of the composite rating definitions to address the concerns 
raised about examiner flexibility when assigning ratings based on an 
institution's particular circumstances. The principal change includes 
language to note explicitly that examiners consider an institution's 
size, complexity, and risk profile when assessing risk management 
practices. Other changes include sentence structure and other language 
changes in each of the composite rating definitions for better 
parallelism and readability from one definition to another and to 
provide clearer distinction between rating levels.

Peer Data Comparisons

    Some commenters noted the lack of references to peer comparisons in 
component descriptions and rating definitions in the UFIRS.
    The FFIEC acknowledges that it does not include peer comparison 
data in the updated rating system. The principal reason is to avoid 
over reliance on statistical comparisons to justify the component 
rating being assigned. Examiners are encouraged to consider all 
relevant factors when assigning a component rating. The rating system 
is designed to reflect an assessment of the individual institution. 
Peer data are a part of the overall assessment process, however.

Component Rating Disclosure

    Several commenters noted that component ratings should be disclosed 
to an institution's board of directors and senior management.
    The FFIEC agrees that component ratings should be disclosed to an 
institution's board of directors and senior management and recommended 
that the FDIC, FRB, OCC, and OTS begin disclosing component ratings in 
reports of examination no later than January 1, 1997. The FDIC began 
disclosing component ratings in reports of examination in process after 
September 30, 1996. The other Federal supervisory agencies expect to 
begin such disclosures on or before January 1, 1997.
    The FFIEC inserted into the Overview section of the UFIRS 
appropriate language noting that both composite and component ratings 
are disclosed to an institution's board of directors and senior 
management.

Specialty Area Examinations

    Some commenters recommended that the specialty area examinations, 
i.e., Bank Information Systems, Fiduciary, Consumer Compliance, CRA, 
etc., be integrated into the rating system.
    The FFIEC acknowledges that results of such specialty examinations 
currently are taken into consideration when assigning an institution's 
composite rating or component ratings, as appropriate. Generally, the 
impact of specialty area examination findings are reflected in the 
composite and Management component ratings. However, other factors, 
such as reimbursable violations under Regulation Z (12 CFR Part 226), 
if substantial, could impact an institution's capital or earnings 
performance.
    The FFIEC added appropriate language to the revised UFIRS noting 
that Foreign Branch examination and specialty examination findings 
(Compliance, CRA, Government Security Dealers, Information Systems, 
Municipal Security Dealers, Transfer Agent, and Fiduciary) and the 
ratings assigned to those areas are taken into consideration, as 
appropriate, when assigning a composite rating and component ratings 
under UFIRS.

Implementation Date

    The FFIEC recommends that the Federal supervisory agencies 
implement the updated UFIRS no later than January 1, 1997. This date 
provides the Federal supervisory agencies flexibility to implement the 
updated UFIRS in conjunction with procedures for disclosing both 
composite and component ratings, as appropriate, to institutions' 
boards of directors and senior management. This date also ensures that 
institutions with examinations commenced in 1997 will be assessed under 
the updated UFIRS.

Text of the Revised Uniform Financial Institutions Rating System

Uniform Financial Institutions 1 Rating System
---------------------------------------------------------------------------

    \1\ For purposes of this rating system, the term ``financial 
institution'' refers to those insured depository institutions whose 
primary Federal supervisory agency is represented on the Federal 
Financial Institutions Examination Council (FFIEC). The agencies 
comprising the FFIEC are the Board of Governors of the Federal 
Reserve System, the Federal Deposit Insurance Corporation, the 
National Credit Union Administration, the Office of the Comptroller 
of the Currency, and the Office of Thrift Supervision. The term 
``financial institution'' includes Federally supervised commercial 
banks, savings and loan associations, mutual savings banks, and 
credit unions.
---------------------------------------------------------------------------

Introduction

    The Uniform Financial Institutions Rating System (UFIRS) was 
adopted by the Federal Financial Institutions Examination Council 
(FFIEC) on November 13, 1979. Over the years, the UFIRS has proven to 
be an effective internal supervisory tool for evaluating

[[Page 67025]]

the soundness of financial institutions on a uniform basis and for 
identifying those institutions requiring special attention or concern. 
A number of changes, however, have occurred in the banking industry and 
in the Federal supervisory agencies' policies and procedures which have 
prompted a review and revision of the 1979 rating system. The revisions 
to UFIRS include the addition of a sixth component addressing 
sensitivity to market risks, the explicit reference to the quality of 
risk management processes in the management component, and the 
identification of risk elements within the composite and component 
rating descriptions.
    The revisions to UFIRS are not intended to add to the regulatory 
burden of institutions or require additional policies or processes. The 
revisions are intended to promote and complement efficient examination 
processes. The revisions have been made to update the rating system, 
while retaining the basic framework of the original rating system.
    The UFIRS takes into consideration certain financial, managerial, 
and compliance factors that are common to all institutions. Under this 
system, the supervisory agencies endeavor to ensure that all financial 
institutions are evaluated in a comprehensive and uniform manner, and 
that supervisory attention is appropriately focused on the financial 
institutions exhibiting financial and operational weaknesses or adverse 
trends.
    The UFIRS also serves as a useful vehicle for identifying problem 
or deteriorating financial institutions, as well as for categorizing 
institutions with deficiencies in particular component areas. Further, 
the rating system assists Congress in following safety and soundness 
trends and in assessing the aggregate strength and soundness of the 
financial industry. As such, the UFIRS assists the agencies in 
fulfilling their collective mission of maintaining stability and public 
confidence in the nation's financial system.

Overview

    Under the UFIRS, each financial institution is assigned a composite 
rating based on an evaluation and rating of six essential components of 
an institution's financial condition and operations. These component 
factors address the adequacy of capital, the quality of assets, the 
capability of management, the quality and level of earnings, the 
adequacy of liquidity, and the sensitivity to market risk. Evaluations 
of the components take into consideration the institution's size and 
sophistication, the nature and complexity of its activities, and its 
risk profile.
    Composite and component ratings are assigned based on a 1 to 5 
numerical scale. A 1 indicates the highest rating, strongest 
performance and risk management practices, and least degree of 
supervisory concern, while a 5 indicates the lowest rating, weakest 
performance, inadequate risk management practices and, therefore, the 
highest degree of supervisory concern.
    The composite rating generally bears a close relationship to the 
component ratings assigned. However, the composite rating is not 
derived by computing an arithmetic average of the component ratings. 
Each component rating is based on a qualitative analysis of the factors 
comprising that component and its interrelationship with the other 
components. When assigning a composite rating, some components may be 
given more weight than others depending on the situation at the 
institution. In general, assignment of a composite rating may 
incorporate any factor that bears significantly on the overall 
condition and soundness of the financial institution. Assigned 
composite and component ratings are disclosed to the institution's 
board of directors and senior management.
    The ability of management to respond to changing circumstances and 
to address the risks that may arise from changing business conditions, 
or the initiation of new activities or products, is an important factor 
in evaluating a financial institution's overall risk profile and the 
level of supervisory attention warranted. For this reason, the 
management component is given special consideration when assigning a 
composite rating.
    The ability of management to identify, measure, monitor, and 
control the risks of its operations is also taken into account when 
assigning each component rating. It is recognized, however, that 
appropriate management practices vary considerably among financial 
institutions, depending on their size, complexity, and risk profile. 
For less complex institutions engaged solely in traditional banking 
activities and whose directors and senior managers, in their respective 
roles, are actively involved in the oversight and management of day-to-
day operations, relatively basic management systems and controls may be 
adequate. At more complex institutions, on the other hand, detailed and 
formal management systems and controls are needed to address their 
broader range of financial activities and to provide senior managers 
and directors, in their respective roles, with the information they 
need to monitor and direct day-to-day activities. All institutions are 
expected to properly manage their risks. For less complex institutions 
engaging in less sophisticated risk taking activities, detailed or 
highly formalized management systems and controls are not required to 
receive strong or satisfactory component or composite ratings.
    Foreign Branch and specialty examination findings and the ratings 
assigned to those areas are taken into consideration, as appropriate, 
when assigning component and composite ratings under UFIRS. The 
specialty examination areas include: Compliance, Community 
Reinvestment, Government Security Dealers, Information Systems, 
Municipal Security Dealers, Transfer Agent, and Trust.
    The following two sections contain the composite rating 
definitions, and the descriptions and definitions for the six component 
ratings.

Composite Ratings

    Composite ratings are based on a careful evaluation of an 
institution's managerial, operational, financial, and compliance 
performance. The six key components used to assess an institution's 
financial condition and operations are: capital adequacy, asset 
quality, management capability, earnings quantity and quality, the 
adequacy of liquidity, and sensitivity to market risk. The rating scale 
ranges from 1 to 5, with a rating of 1 indicating: the strongest 
performance and risk management practices relative to the institution's 
size, complexity, and risk profile; and the level of least supervisory 
concern. A 5 rating indicates: the most critically deficient level of 
performance; inadequate risk management practices relative to the 
institution's size, complexity, and risk profile; and the greatest 
supervisory concern. The composite ratings are defined as follows:

Composite 1

    Financial institutions in this group are sound in every respect and 
generally have components rated 1 or 2. Any weaknesses are minor and 
can be handled in a routine manner by the board of directors and 
management. These financial institutions are the most capable of 
withstanding the vagaries of business conditions and are resistant to 
outside influences such as economic instability in their trade area. 
These financial institutions are in substantial compliance with laws 
and regulations. As a result, these financial institutions exhibit the 
strongest performance and

[[Page 67026]]

risk management practices relative to the institution's size, 
complexity, and risk profile, and give no cause for supervisory 
concern.

Composite 2

    Financial institutions in this group are fundamentally sound. For a 
financial institution to receive this rating, generally no component 
rating should be more severe than 3. Only moderate weaknesses are 
present and are well within the board of directors' and management's 
capabilities and willingness to correct. These financial institutions 
are stable and are capable of withstanding business fluctuations. These 
financial institutions are in substantial compliance with laws and 
regulations. Overall risk management practices are satisfactory 
relative to the institution's size, complexity, and risk profile. There 
are no material supervisory concerns and, as a result, the supervisory 
response is informal and limited.

Composite 3

    Financial institutions in this group exhibit some degree of 
supervisory concern in one or more of the component areas. These 
financial institutions exhibit a combination of weaknesses that may 
range from moderate to severe; however, the magnitude of the 
deficiencies generally will not cause a component to be rated more 
severely than 4. Management may lack the ability or willingness to 
effectively address weaknesses within appropriate time frames. 
Financial institutions in this group generally are less capable of 
withstanding business fluctuations and are more vulnerable to outside 
influences than those institutions rated a composite 1 or 2. 
Additionally, these financial institutions may be in significant 
noncompliance with laws and regulations. Risk management practices may 
be less than satisfactory relative to the institution's size, 
complexity, and risk profile. These financial institutions require more 
than normal supervision, which may include formal or informal 
enforcement actions. Failure appears unlikely, however, given the 
overall strength and financial capacity of these institutions.

Composite 4

    Financial institutions in this group generally exhibit unsafe and 
unsound practices or conditions. There are serious financial or 
managerial deficiencies that result in unsatisfactory performance. The 
problems range from severe to critically deficient. The weaknesses and 
problems are not being satisfactorily addressed or resolved by the 
board of directors and management. Financial institutions in this group 
generally are not capable of withstanding business fluctuations. There 
may be significant noncompliance with laws and regulations. Risk 
management practices are generally unacceptable relative to the 
institution's size, complexity, and risk profile. Close supervisory 
attention is required, which means, in most cases, formal enforcement 
action is necessary to address the problems. Institutions in this group 
pose a risk to the deposit insurance fund. Failure is a distinct 
possibility if the problems and weaknesses are not satisfactorily 
addressed and resolved.

Composite 5

    Financial institutions in this group exhibit extremely unsafe and 
unsound practices or conditions; exhibit a critically deficient 
performance; often contain inadequate risk management practices 
relative to the institution's size, complexity, and risk profile; and 
are of the greatest supervisory concern. The volume and severity of 
problems are beyond management's ability or willingness to control or 
correct. Immediate outside financial or other assistance is needed in 
order for the financial institution to be viable. Ongoing supervisory 
attention is necessary. Institutions in this group pose a significant 
risk to the deposit insurance fund and failure is highly probable.

Component Ratings

    Each of the component rating descriptions is divided into three 
sections: an introductory paragraph; a list of the principal evaluation 
factors that relate to that component; and a brief description of each 
numerical rating for that component. Some of the evaluation factors are 
reiterated under one or more of the other components to reinforce the 
interrelationship between components. The listing of evaluation factors 
for each component rating is in no particular order of importance.

Capital Adequacy

    A financial institution is expected to maintain capital 
commensurate with the nature and extent of risks to the institution and 
the ability of management to identify, measure, monitor, and control 
these risks. The effect of credit, market, and other risks on the 
institution's financial condition should be considered when evaluating 
the adequacy of capital. The types and quantity of risk inherent in an 
institution's activities will determine the extent to which it may be 
necessary to maintain capital at levels above required regulatory 
minimums to properly reflect the potentially adverse consequences that 
these risks may have on the institution's capital.
    The capital adequacy of an institution is rated based upon, but not 
limited to, an assessment of the following evaluation factors:
     The level and quality of capital and the overall financial 
condition of the institution.
     The ability of management to address emerging needs for 
additional capital.
     The nature, trend, and volume of problem assets, and the 
adequacy of allowances for loan and lease losses and other valuation 
reserves.
     Balance sheet composition, including the nature and amount 
of intangible assets, market risk, concentration risk, and risks 
associated with nontraditional activities.
     Risk exposure represented by off-balance sheet activities.
     The quality and strength of earnings, and the 
reasonableness of dividends.
     Prospects and plans for growth, as well as past experience 
in managing growth.
     Access to capital markets and other sources of capital, 
including support provided by a parent holding company.

Ratings

1  A rating of 1 indicates a strong capital level relative to the 
institution's risk profile.
2  A rating of 2 indicates a satisfactory capital level relative to the 
financial institution's risk profile.
3  A rating of 3 indicates a less than satisfactory level of capital 
that does not fully support the institution's risk profile. The rating 
indicates a need for improvement, even if the institution's capital 
level exceeds minimum regulatory and statutory requirements.
4  A rating of 4 indicates a deficient level of capital. In light of 
the institution's risk profile, viability of the institution may be 
threatened. Assistance from shareholders or other external sources of 
financial support may be required.
5  A rating of 5 indicates a critically deficient level of capital such 
that the institution's viability is threatened. Immediate assistance 
from shareholders or other external sources of financial support is 
required.

Asset Quality

    The asset quality rating reflects the quantity of existing and 
potential credit risk associated with the loan and

[[Page 67027]]

investment portfolios, other real estate owned, and other assets, as 
well as off-balance sheet transactions. The ability of management to 
identify, measure, monitor, and control credit risk is also reflected 
here. The evaluation of asset quality should consider the adequacy of 
the allowance for loan and lease losses and weigh the exposure to 
counterparty, issuer, or borrower default under actual or implied 
contractual agreements. All other risks that may affect the value or 
marketability of an institution's assets, including, but not limited 
to, operating, market, reputation, strategic, or compliance risks, 
should also be considered.
    The asset quality of a financial institution is rated based upon, 
but not limited to, an assessment of the following evaluation factors:
     The adequacy of underwriting standards, soundness of 
credit administration practices, and appropriateness of risk 
identification practices.
     The level, distribution, severity, and trend of problem, 
classified, nonaccrual, restructured, delinquent, and nonperforming 
assets for both on- and off-balance sheet transactions.
     The adequacy of the allowance for loan and lease losses 
and other asset valuation reserves.
     The credit risk arising from or reduced by off-balance 
sheet transactions, such as unfunded commitments, credit derivatives, 
commercial and standby letters of credit, and lines of credit.
     The diversification and quality of the loan and investment 
portfolios.
     The extent of securities underwriting activities and 
exposure to counterparties in trading activities.
     The existence of asset concentrations.
     The adequacy of loan and investment policies, procedures, 
and practices.
     The ability of management to properly administer its 
assets, including the timely identification and collection of problem 
assets.
     The adequacy of internal controls and management 
information systems.
     The volume and nature of credit documentation exceptions.

Ratings

1  A rating of 1 indicates strong asset quality and credit 
administration practices. Identified weaknesses are minor in nature and 
risk exposure is modest in relation to capital protection and 
management's abilities. Asset quality in such institutions is of 
minimal supervisory concern.
2  A rating of 2 indicates satisfactory asset quality and credit 
administration practices. The level and severity of classifications and 
other weaknesses warrant a limited level of supervisory attention. Risk 
exposure is commensurate with capital protection and management's 
abilities.
3  A rating of 3 is assigned when asset quality or credit 
administration practices are less than satisfactory. Trends may be 
stable or indicate deterioration in asset quality or an increase in 
risk exposure. The level and severity of classified assets, other 
weaknesses, and risks require an elevated level of supervisory concern. 
There is generally a need to improve credit administration and risk 
management practices.
4  A rating of 4 is assigned to financial institutions with deficient 
asset quality or credit administration practices. The levels of risk 
and problem assets are significant, inadequately controlled, and 
subject the financial institution to potential losses that, if left 
unchecked, may threaten its viability.
5  A rating of 5 represents critically deficient asset quality or 
credit administration practices that present an imminent threat to the 
institution's viability.

Management

    The capability of the board of directors and management, in their 
respective roles, to identify, measure, monitor, and control the risks 
of an institution's activities and to ensure a financial institution's 
safe, sound, and efficient operation in compliance with applicable laws 
and regulations is reflected in this rating. Generally, directors need 
not be actively involved in day-to-day operations; however, they must 
provide clear guidance regarding acceptable risk exposure levels and 
ensure that appropriate policies, procedures, and practices have been 
established. Senior management is responsible for developing and 
implementing policies, procedures, and practices that translate the 
board's goals, objectives, and risk limits into prudent operating 
standards.
    Depending on the nature and scope of an institution's activities, 
management practices may need to address some or all of the following 
risks: credit, market, operating or transaction, reputation, strategic, 
compliance, legal, liquidity, and other risks. Sound management 
practices are demonstrated by: active oversight by the board of 
directors and management; competent personnel; adequate policies, 
processes, and controls taking into consideration the size and 
sophistication of the institution; maintenance of an appropriate audit 
program and internal control environment; and effective risk monitoring 
and management information systems. This rating should reflect the 
board's and management's ability as it applies to all aspects of 
banking operations as well as other financial service activities in 
which the institution is involved.
    The capability and performance of management and the board of 
directors is rated based upon, but not limited to, an assessment of the 
following evaluation factors:
     The level and quality of oversight and support of all 
institution activities by the board of directors and management.
     The ability of the board of directors and management, in 
their respective roles, to plan for, and respond to, risks that may 
arise from changing business conditions or the initiation of new 
activities or products.
     The adequacy of, and conformance with, appropriate 
internal policies and controls addressing the operations and risks of 
significant activities.
     The accuracy, timeliness, and effectiveness of management 
information and risk monitoring systems appropriate for the 
institution's size, complexity, and risk profile.
     The adequacy of audits and internal controls to: promote 
effective operations and reliable financial and regulatory reporting; 
safeguard assets; and ensure compliance with laws, regulations, and 
internal policies.
     Compliance with laws and regulations.
     Responsiveness to recommendations from auditors and 
supervisory authorities.
     Management depth and succession.
     The extent that the board of directors and management is 
affected by, or susceptible to, dominant influence or concentration of 
authority.
     Reasonableness of compensation policies and avoidance of 
self-dealing.
     Demonstrated willingness to serve the legitimate banking 
needs of the community.
     The overall performance of the institution and its risk 
profile.

Ratings

1 A rating of 1 indicates strong performance by management and the 
board of directors and strong risk management practices relative to the 
institution's size, complexity, and risk profile. All significant risks 
are consistently and effectively identified, measured, monitored, and 
controlled.

[[Page 67028]]

Management and the board have demonstrated the ability to promptly and 
successfully address existing and potential problems and risks.
2 A rating of 2 indicates satisfactory management and board performance 
and risk management practices relative to the institution's size, 
complexity, and risk profile. Minor weaknesses may exist, but are not 
material to the safety and soundness of the institution and are being 
addressed. In general, significant risks and problems are effectively 
identified, measured, monitored, and controlled.
3 A rating of 3 indicates management and board performance that need 
improvement or risk management practices that are less than 
satisfactory given the nature of the institution's activities. The 
capabilities of management or the board of directors may be 
insufficient for the type, size, or condition of the institution. 
Problems and significant risks may be inadequately identified, 
measured, monitored, or controlled.
4 A rating of 4 indicates deficient management and board performance or 
risk management practices that are inadequate considering the nature of 
an institution's activities. The level of problems and risk exposure is 
excessive. Problems and significant risks are inadequately identified, 
measured, monitored, or controlled and require immediate action by the 
board and management to preserve the soundness of the institution. 
Replacing or strengthening management or the board may be necessary.
5 A rating of 5 indicates critically deficient management and board 
performance or risk management practices. Management and the board of 
directors have not demonstrated the ability to correct problems and 
implement appropriate risk management practices. Problems and 
significant risks are inadequately identified, measured, monitored, or 
controlled and now threaten the continued viability of the institution. 
Replacing or strengthening management or the board of directors is 
necessary.

Earnings

    This rating reflects not only the quantity and trend of earnings, 
but also factors that may affect the sustainability or quality of 
earnings. The quantity as well as the quality of earnings can be 
affected by excessive or inadequately managed credit risk that may 
result in loan losses and require additions to the allowance for loan 
and lease losses, or by high levels of market risk that may unduly 
expose an institution's earnings to volatility in interest rates. The 
quality of earnings may also be diminished by undue reliance on 
extraordinary gains, nonrecurring events, or favorable tax effects. 
Future earnings may be adversely affected by an inability to forecast 
or control funding and operating expenses, improperly executed or ill-
advised business strategies, or poorly managed or uncontrolled exposure 
to other risks.
    The rating of an institution's earnings is based upon, but not 
limited to, an assessment of the following evaluation factors:
     The level of earnings, including trends and stability.
     The ability to provide for adequate capital through 
retained earnings.
     The quality and sources of earnings.
     The level of expenses in relation to operations.
     The adequacy of the budgeting systems, forecasting 
processes, and management information systems in general.
     The adequacy of provisions to maintain the allowance for 
loan and lease losses and other valuation allowance accounts.
     The earnings exposure to market risk such as interest 
rate, foreign exchange, and price risks.

Ratings

1 A rating of 1 indicates earnings that are strong. Earnings are more 
than sufficient to support operations and maintain adequate capital and 
allowance levels after consideration is given to asset quality, growth, 
and other factors affecting the quality, quantity, and trend of 
earnings.
2 A rating of 2 indicates earnings that are satisfactory. Earnings are 
sufficient to support operations and maintain adequate capital and 
allowance levels after consideration is given to asset quality, growth, 
and other factors affecting the quality, quantity, and trend of 
earnings. Earnings that are relatively static, or even experiencing a 
slight decline, may receive a 2 rating provided the institution's level 
of earnings is adequate in view of the assessment factors listed above.
3 A rating of 3 indicates earnings that need to be improved. Earnings 
may not fully support operations and provide for the accretion of 
capital and allowance levels in relation to the institution's overall 
condition, growth, and other factors affecting the quality, quantity, 
and trend of earnings.
4 A rating of 4 indicates earnings that are deficient. Earnings are 
insufficient to support operations and maintain appropriate capital and 
allowance levels. Institutions so rated may be characterized by erratic 
fluctuations in net income or net interest margin, the development of 
significant negative trends, nominal or unsustainable earnings, 
intermittent losses, or a substantive drop in earnings from the 
previous years.
5 A rating of 5 indicates earnings that are critically deficient. A 
financial institution with earnings rated 5 is experiencing losses that 
represent a distinct threat to its viability through the erosion of 
capital.

Liquidity

    In evaluating the adequacy of a financial institution's liquidity 
position, consideration should be given to the current level and 
prospective sources of liquidity compared to funding needs, as well as 
to the adequacy of funds management practices relative to the 
institution's size, complexity, and risk profile. In general, funds 
management practices should ensure that an institution is able to 
maintain a level of liquidity sufficient to meet its financial 
obligations in a timely manner and to fulfill the legitimate banking 
needs of its community. Practices should reflect the ability of the 
institution to manage unplanned changes in funding sources, as well as 
react to changes in market conditions that affect the ability to 
quickly liquidate assets with minimal loss. In addition, funds 
management practices should ensure that liquidity is not maintained at 
a high cost, or through undue reliance on funding sources that may not 
be available in times of financial stress or adverse changes in market 
conditions.
    Liquidity is rated based upon, but not limited to, an assessment of 
the following evaluation factors:
     The adequacy of liquidity sources compared to present and 
future needs and the ability of the institution to meet liquidity needs 
without adversely affecting its operations or condition.
     The availability of assets readily convertible to cash 
without undue loss.
     Access to money markets and other sources of funding.
     The level of diversification of funding sources, both on- 
and off-balance sheet.
     The degree of reliance on short-term, volatile sources of 
funds, including borrowings and brokered deposits, to fund longer term 
assets.
     The trend and stability of deposits.
     The ability to securitize and sell certain pools of 
assets.

[[Page 67029]]

     The capability of management to properly identify, 
measure, monitor, and control the institution's liquidity position, 
including the effectiveness of funds management strategies, liquidity 
policies, management information systems, and contingency funding 
plans.

Ratings

1 A rating of 1 indicates strong liquidity levels and well-developed 
funds management practices. The institution has reliable access to 
sufficient sources of funds on favorable terms to meet present and 
anticipated liquidity needs.
2 A rating of 2 indicates satisfactory liquidity levels and funds 
management practices. The institution has access to sufficient sources 
of funds on acceptable terms to meet present and anticipated liquidity 
needs. Modest weaknesses may be evident in funds management practices.
3 A rating of 3 indicates liquidity levels or funds management 
practices in need of improvement. Institutions rated 3 may lack ready 
access to funds on reasonable terms or may evidence significant 
weaknesses in funds management practices.
4 A rating of 4 indicates deficient liquidity levels or inadequate 
funds management practices. Institutions rated 4 may not have or be 
able to obtain a sufficient volume of funds on reasonable terms to meet 
liquidity needs.
5 A rating of 5 indicates liquidity levels or funds management 
practices so critically deficient that the continued viability of the 
institution is threatened. Institutions rated 5 require immediate 
external financial assistance to meet maturing obligations or other 
liquidity needs.

Sensitivity to Market Risk

    The sensitivity to market risk component reflects the degree to 
which changes in interest rates, foreign exchange rates, commodity 
prices, or equity prices can adversely affect a financial institution's 
earnings or economic capital. When evaluating this component, 
consideration should be given to: management's ability to identify, 
measure, monitor, and control market risk; the institution's size; the 
nature and complexity of its activities; and the adequacy of its 
capital and earnings in relation to its level of market risk exposure.
    For many institutions, the primary source of market risk arises 
from nontrading positions and their sensitivity to changes in interest 
rates. In some larger institutions, foreign operations can be a 
significant source of market risk. For some institutions, trading 
activities are a major source of market risk.
    Market risk is rated based upon, but not limited to, an assessment 
of the following evaluation factors:
     The sensitivity of the financial institution's earnings or 
the economic value of its capital to adverse changes in interest rates, 
foreign exchanges rates, commodity prices, or equity prices.
     The ability of management to identify, measure, monitor, 
and control exposure to market risk given the institution's size, 
complexity, and risk profile.
     The nature and complexity of interest rate risk exposure 
arising from nontrading positions.
     Where appropriate, the nature and complexity of market 
risk exposure arising from trading and foreign operations.

Ratings

1  A rating of 1 indicates that market risk sensitivity is well 
controlled and that there is minimal potential that the earnings 
performance or capital position will be adversely affected. Risk 
management practices are strong for the size, sophistication, and 
market risk accepted by the institution. The level of earnings and 
capital provide substantial support for the degree of market risk taken 
by the institution.
2  A rating of 2 indicates that market risk sensitivity is adequately 
controlled and that there is only moderate potential that the earnings 
performance or capital position will be adversely affected. Risk 
management practices are satisfactory for the size, sophistication, and 
market risk accepted by the institution. The level of earnings and 
capital provide adequate support for the degree of market risk taken by 
the institution.
3  A rating of 3 indicates that control of market risk sensitivity 
needs improvement or that there is significant potential that the 
earnings performance or capital position will be adversely affected. 
Risk management practices need to be improved given the size, 
sophistication, and level of market risk accepted by the institution. 
The level of earnings and capital may not adequately support the degree 
of market risk taken by the institution.
4  A rating of 4 indicates that control of market risk sensitivity is 
unacceptable or that there is high potential that the earnings 
performance or capital position will be adversely affected. Risk 
management practices are deficient for the size, sophistication, and 
level of market risk accepted by the institution. The level of earnings 
and capital provide inadequate support for the degree of market risk 
taken by the institution.
5  A rating of 5 indicates that control of market risk sensitivity is 
unacceptable or that the level of market risk taken by the institution 
is an imminent threat to its viability. Risk management practices are 
wholly inadequate for the size, sophistication, and level of market 
risk accepted by the institution.

End of Proposed Text of Uniform Financial Institutions Rating 
System

    Dated: December 13, 1996.
Keith J. Todd,
Assistant Executive Secretary, Federal Financial Institutions 
Examination Council.
[FR Doc. 96-32174 Filed 12-18-96; 8:45 am]
BILLING CODE 4810-33-P; 6210-01-P; 6710-01-P; 6720-01-P