[Federal Register Volume 77, Number 219 (Tuesday, November 13, 2012)]
[Notices]
[Pages 67644-67650]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-27558]


=======================================================================
-----------------------------------------------------------------------

FEDERAL HOUSING FINANCE AGENCY

[No. 2012-N-17]


Examination Rating System

AGENCY: Federal Housing Finance Agency.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: The Federal Housing Finance Agency (FHFA) is adopting a new 
examination rating system to be used when examining Fannie Mae and 
Freddie Mac (Enterprises), the Federal Home Loan Banks (Banks) 
(collectively, regulated entities), and the Banks' Office of Finance. 
The new rating system is based on a ``CAMELSO'' framework and requires 
an assessment of seven individual components dealing with Capital, 
Asset quality, Management, Earnings, Liquidity, Sensitivity to market 
risk, and Operational risk. The new system replaces those that had been 
developed by FHFA's predecessor agencies.

DATES: FHFA will use the new rating system for all examinations 
commencing after January 1, 2013.

FOR FURTHER INFORMATION CONTACT: Karen Walter, Senior Associate 
Director, Division of Supervision Policy and Support, (202) 649-3405, 
[email protected], or Carol Connelly, Principal Examination 
Specialist, Division of Supervision Policy and Support, (202) 649-3232, 
[email protected], Federal Housing Finance Agency, 400 Seventh 
Street SW., Washington, DC 20024.

SUPPLEMENTARY INFORMATION: 

I. Background

A. Notice and Request for Comments

    In June 2012, FHFA published a notice and request for public 
comments (Notice) relating to a new rating system to be used when 
examining the Enterprises, Banks, and Office of Finance. See 77 FR 
36536 (June 19, 2012). The 30-day comment period closed on July 19, 
2012 without FHFA receiving any comment letters. Accordingly, FHFA is 
adopting the new examination rating system as proposed in the Notice, 
with the exception of the minor revisions noted below, which FHFA is 
making to clarify certain aspects of the new system.

B. Finance Agency's Statutory Authorities

    Effective July 30, 2008, the Housing and Economic Recovery Act of 
2008 (HERA), Public Law 110-289, 122 Stat. 2654 (2008), created FHFA as 
an independent agency of the Federal Government and transferred to it 
the supervisory and oversight responsibilities over the Enterprises and 
Banks that formerly had been vested with the Office of Federal Housing 
Enterprise Oversight (OFHEO) and the Federal Housing Finance Board 
(Finance Board), respectively. HERA provided that the Enterprises and 
the Banks were to be subject to the supervision and regulation of FHFA, 
and granted the Director of FHFA general regulatory authority over 
those regulated entities. 12 U.S.C. 4511(b). As regulator, FHFA is 
charged with ensuring that the Banks and Enterprises operate in a safe 
and sound manner, comply with applicable laws, and carry out their 
statutory missions. 12 U.S.C. 4513(a). The Director is authorized to 
exercise whatever incidental powers are necessary or appropriate to 
fulfilling his duties and responsibilities in overseeing the Banks and 
Enterprises, and to issue any regulations, guidelines or orders as are 
necessary to carry out his duties. 12 U.S.C. 4513(a)(2), 4526(a). The 
Director is also required to conduct an annual on-site examination of 
each Bank and Enterprise to determine its financial condition and to 
ensure that it operates in a safe and sound manner, and is authorized 
to conduct other examinations whenever he deems it to be appropriate or 
necessary. 12 U.S.C. 4517(a), (b).

C. Existing Examination Rating Systems

    As described in the Notice, FHFA examinations staff continues to 
use the examination rating systems that had been developed by its 
predecessor agencies. The FHFA's Division of Federal Home Loan Bank 
Regulation uses the Federal Home Loan Bank Rating System for assigning 
examination ratings to the Banks and the Office of Finance. That system 
had been developed by the Finance Board and was adopted after having 
been published for comment in the Federal Register. See 72 FR 547 
(January 5, 2007). That rating system was a numeric system based on a 
four-point scale. The FHFA examinations staff also continues to use the 
rating system developed by OFHEO in connection with its examination of 
the Enterprises. The OFHEO rating system was based on a non-numeric 
four-point scale ranging from ``No or Minimal Concerns'' to ``Critical 
Concerns.'' Although those existing examination rating systems differ 
in certain respects, both effectively addressed governance, capital 
adequacy and earnings, credit risk, market risk, and operational risk, 
which reflects the similarity in the financial risks to which the Banks 
and Enterprises are exposed. Because of those similarities, FHFA 
determined that it could improve its examination process by developing 
a single rating system that could be used when examining the 
Enterprises, the Banks, and the Banks' Office of Finance.

D. Proposed Examination Rating System

    As described in the Notice, FHFA relies on its annual on-site 
examinations, as well as on periodic visitations and off-site 
monitoring, to ensure that the Banks and the Enterprises operate in a 
safe and sound manner, comply with applicable laws, and carry out their 
housing finance missions. On-site examinations ensure that FHFA carries 
out its oversight responsibilities and constitute the cornerstone of 
the agency's safety and soundness supervision program. As such, it is 
important that the manner in which the examinations are conducted and 
the manner in which the examination findings are organized and 
presented address key areas of the entities' business that present 
risks to their financial condition, performance, and safe and sound 
operations. The new examination rating system further refines the means 
of FHFA's communicating examination results, so that it may better 
identify and address supervisory concerns that may arise.

II. New Examination Rating System

    The new examination rating system is the same as described in the 
Notice, with the exception of the minor revisions noted below. The new 
system is risk-focused, which means that each regulated entity and the 
Office of Finance will be assigned a composite rating based on an 
evaluation of various aspects of its operations. Specifically, the 
composite rating of a Bank or an Enterprise will be based on an 
evaluation and rating of the following seven individual components: 
Capital, Asset quality; Management; Earnings; Liquidity; Sensitivity to 
market risk; and Operational risk, and will be referred to as the 
Entity's ``CAMELSO'' rating. That rating system is similar to the 
``CAMELS'' rating system used by the federal banking regulators for 
depository institutions. For the Banks' joint office, the Office of 
Finance, the composite rating will be based primarily on an evaluation 
of two components,

[[Page 67645]]

Management and Operational risk. Because the Office of Finance 
principally issues and services joint debt instruments on behalf of the 
Banks, and does not maintain or fund an investment portfolio, the other 
components are not relevant to assessing its condition, performance, 
and risk management.
    Under the new rating system, each Bank and Enterprise, as well as 
the Office of Finance, will be assigned a composite numerical rating 
from ``1'' to ``5.'' A ``1'' rating indicates the lowest degree of 
supervisory concern, while a ``5'' rating indicates the highest level 
of supervisory concern. The composite rating of each Bank, the 
Enterprises, and the Office of Finance will reflect the ratings of the 
underlying components, which also will be rated on a scale of ``1'' to 
``5.'' As is the case under the current rating system, the composite 
rating is not an arithmetic average of the component ratings. Instead, 
the relative importance of each component will be determined on a case-
by-case basis, within the parameters established by this rating system.
    In the version of the examination rating system published with the 
Notice, each of the seven components on which the entities are to be 
evaluated included a list of ``evaluative factors'' relating to the 
particular component. In the version of the examination rating system 
being adopted with this Notice, FHFA has made modest revisions or 
additions to the evaluative factors or the components, which are 
described briefly below.
    Under the ``Capital'' component, FHFA has revised the fourth bullet 
paragraph of evaluative factors, relating to off-balance sheet 
activities, to refer to the ``level and composition'' inherent in those 
activities. The prior version had referred to the risk exposure 
represented by those activities. Under the ``Asset Quality'' component, 
FHFA has added an explicit reference to ``advances'' within the 
component itself, as well as a new fifth bullet paragraph for the 
evaluative factors, relating to the level and trend of charge-offs. 
Under the ``Management'' component, FHFA has added a new eighth bullet 
paragraph addressing the adequacy of anti-money laundering processes 
and other processes to identify, manage or report financial fraud. 
Under the ``Earnings'' component, FHFA has revised the language of the 
first evaluative factor modestly and added a reference to earnings from 
``core business activities.'' Under the ``Operational Risk'' component, 
FHFA has added two new evaluative factors (the third and fourth bullet 
paragraphs) regarding management's ability to identify and control 
operational risk and the effectiveness of controls over third party 
vendors. In all other respects, the content of this examination rating 
system is the same as the content of the system published for notice 
and comment.
    With respect to the component ratings, both the original and final 
versions of the rating system make clear that the list of evaluative 
factors relating to each component is not an exhaustive listing of the 
factors that examiners will consider when rating an institution. Each 
of the revisions described above in the final version is intended to 
provide additional clarity about the types of factors that examiners 
will consider and does not materially alter the substance of what was 
addressed in the original version on which FHFA sought comments. Going 
forward, FHFA may make further revisions to the language of this 
examination rating system as may be necessary to promote clarity or 
better achieve its supervisory and examination objectives. FHFA does 
not intend to seek public comments prior to making any such changes. In 
the event that FHFA were to make significant substantive changes to the 
examination rating system, such as it has done by replacing the OFHEO 
and FHFB systems with the new CAMELSO system, it may seek public 
comment prior to making any changes of that magnitude.
    A copy of the new examination rating system is attached to this 
notice. FHFA will apply the new systems to examinations of the 
Enterprises, Banks and the Office of Finance that commence after 
January 1, 2013.

III. Consideration of Differences

    Section 1313 of the Safety and Soundness Act, as amended by HERA, 
requires the Director, prior to promulgating any regulation or taking 
any other formal or informal action of general applicability and future 
effect, including the issuance of advisory documents or examination 
guidance, to consider differences between the regulated entities with 
respect to the Banks' cooperative ownership structure; mission of 
providing liquidity to members; affordable housing and community 
development mission; capital structure; and joint and several 
liability. As noted previously, although the operations of the Banks 
and the Enterprises differ in a number of respects, they are all 
government sponsored enterprises with a public mission to supporting 
housing finance, and they all face similar risks with respect to 
capital adequacy, the quality their assets and management, earnings, 
liquidity, market risk and operational risk. The new examination rating 
system principally addresses the manner in which FHFA examiners are to 
document their assessments of the financial condition and performance 
of the Enterprises and the Banks in connection with their periodic 
examinations. Because the system does not direct the Enterprises or the 
Banks to do anything, it likely does not constitute ``examination 
guidance'' as that term is used in HERA. Nonetheless, in developing the 
new rating system, the Director has considered the differences between 
the Banks and the Enterprises as they relate to the above factors, and 
has determined that the common risks faced by the Banks and the 
Enterprises justify the use of a single examination rating system for 
all of the regulated entities.

    Dated: November 5, 2012.
Edward J. DeMarco,
Acting Director, Federal Housing Finance Agency.
[GRAPHIC] [TIFF OMITTED] TN13NO12.009


[[Page 67646]]



Examination Rating System

I. Introduction and Overview

    The FHFA Examination Rating System is a risk-focused rating system 
under which each regulated entity and the Office of Finance (OF) is 
assigned a composite rating based on an evaluation of various aspects 
of its operations. Specifically, the composite rating of a Federal Home 
Loan Bank or an Enterprise is based on an evaluation and rating of 
seven components: Capital, Asset quality; Management; Earnings; 
Liquidity; Sensitivity to market risk; and Operational risk (CAMELSO). 
The composite rating of the Office of Finance is based primarily on an 
evaluation of two components: Management and Operational risk.
    Under the rating system, each Federal Home Loan Bank, Enterprise 
and the OF is assigned a composite rating from ``1'' to ``5.'' A ``1'' 
rating indicates the lowest degree of supervisory concern, while a 
``5'' rating indicates the highest level of supervisory concern. The 
composite rating of each Federal Home Loan Bank and Enterprise and the 
OF reflects the ratings of the underlying components, which are also 
rated on a scale of ``1'' to ``5.'' The composite rating is not an 
arithmetic average of the component ratings. Instead, the relative 
importance of each component is determined on a case-by-case basis, 
within the parameters established by this rating system.

II. Composite Ratings

    Composite ratings are based on a careful evaluation of: A Federal 
Home Loan Bank's or Enterprise's capital, asset quality, management, 
earnings, liquidity, sensitivity to market risk, and operational risk; 
and the OF's management and operational risk. A regulated entity will 
be assigned a composite rating of ``1'' to ``5'' as described below.
    Composite 1--The regulated entity is sound in every respect and 
typically each component is rated ``1'' or ``2.'' Any weaknesses are 
minor and can be addressed in a routine manner by the board of 
directors and management. The regulated entity is well positioned to 
withstand business fluctuations and adverse changes in the economic 
environment. Risk management practices are effective given the 
regulated entity's size, complexity and risk profile, and the regulated 
entity is in substantial compliance with laws, regulations, and 
regulatory requirements.
    Composite 2--The regulated entity is generally sound and most 
components are rated ``1'' or ``2'' and typically no component is rated 
more severely than a ``3.'' Weaknesses are moderate and the board and 
management have demonstrated the ability and willingness to take 
necessary corrective action. The regulated entity is able to withstand 
business fluctuations and adverse changes in the economic environment. 
Risk management practices are satisfactory given the regulated entity's 
size, complexity and risk profile, and the regulated entity is in 
substantial compliance with laws, regulations, and regulatory 
requirements.
    Composite 3--The regulated entity exhibits moderate to severe 
weaknesses in one or more respects but most components are rated ``3'' 
or better and no component is rated more severely than a ``4.'' Board 
and management may have demonstrated a lack of willingness or ability 
to address identified weaknesses within appropriate timeframes. The 
regulated entity is generally less capable of withstanding business 
fluctuations and adverse changes in the economic environment than 
regulated entities rated a composite ``1'' or ``2.'' Risk management 
practices typically need improvement given the regulated entity's size, 
complexity and risk profile, and the regulated entity may be in non-
compliance with certain laws, regulations, and/or regulatory 
requirements.
    Composite 4--The regulated entity generally exhibits severe 
weaknesses in multiple respects that result in serious deficiencies and 
unsatisfactory performance given its risk profile. The weaknesses may 
range from serious to critically deficient, to unsafe or unsound 
practices that have not been satisfactorily addressed or resolved by 
the board of directors and management within approved timeframes. The 
regulated entity is susceptible to further deterioration in condition 
or performance from business fluctuations and adverse changes in the 
economic environment. Risk management practices are deficient given the 
regulated entity's size, complexity and risk profile, and the regulated 
entity may be in non-compliance with critical laws, regulations and 
regulatory requirements. The viability of the regulated entity may be 
threatened if the problems and weaknesses are not satisfactorily 
resolved within an appropriate timeframe.
    Composite 5--The regulated entity exhibits a volume and severity of 
problems that are beyond the ability of the board of directors or 
management to correct. The regulated entity exhibits unsafe or unsound 
practices or conditions. Changes to the board of directors or 
management are needed and outside financial or other assistance may be 
needed in order for the regulated entity to be viable. Risk management 
practices are critically deficient given the regulated entity's size, 
complexity and risk profile, and the regulated entity may be in 
significant non-compliance with laws, regulations, and regulatory 
requirements.

III. Component Ratings

    The composite rating is derived from the seven component ratings 
that are described below. Each of the component rating descriptions 
provides a list of evaluative factors that relate to that component. 
The listing of evaluative factors is not exhaustive, and is not in 
order of importance.
    CAPITAL--when rating a regulated entity's capital, examiners 
determine whether the regulated entity has sufficient capital relative 
to the entity's risk profile. When making this determination, examiners 
assess:
     The extent to which the regulated entity meets (or fails 
to meet) applicable capital requirements (laws, regulations, orders, 
guidance);
     The overall financial condition of the regulated entity;
     The composition of the balance sheet, including the nature 
and amount of intangible assets, the composition of capital, market 
risk, and concentration risk;
     The level, composition and risk exposure inherent in off-
balance sheet activities;
     The types and quantity of risk inherent in the regulated 
entity's activities and management's ability to effectively identify, 
measure, monitor and control each of these risks;
     The potentially adverse consequences these risks may have 
on the regulated entity's capital;
     The adequacy of the allowance for loan losses and other 
reserves, as well as the nature, trend and volume of problem assets;
     The quality and strength of earnings and the 
reasonableness of dividends;
     The regulated entity's prospects and plans for growth, as 
well as the regulated entity's past experience in managing growth;
     The ability of management to address emerging needs for 
additional capital; and
     The regulated entity's access to capital markets and other 
sources of capital.

Capital Ratings

    1. A rating of 1 indicates: The level and composition of capital is 
strong relative to the regulated entity's risk

[[Page 67647]]

profile. The regulated entity meets or exceeds all regulatory and 
statutory capital requirements and is expected to continue to be well-
capitalized considering potential risks to the regulated entity. 
Capital management practices are strong.
    2. A rating of 2 indicates: The level and composition of capital is 
satisfactory relative to the regulated entity's risk profile. The 
regulated entity meets or exceeds all regulatory and statutory capital 
requirements and is expected to continue to be satisfactorily 
capitalized considering potential risks to the regulated entity. 
Capital management practices are satisfactory, although minor 
weaknesses may be identified.
    3. A rating of 3 indicates: The level and/or composition of capital 
needs improvement and does not fully support the regulated entity's 
risk profile. Although the regulated entity may currently meet or 
exceed minimum regulatory and statutory capital requirements, capital 
should be augmented when considering potential risks to the regulated 
entity. Capital management practices need improvement.
    4. A rating of 4 indicates: The level and/or composition of capital 
are not adequate relative to the regulated entity's risk profile. The 
regulated entity may not meet all minimum regulatory and statutory 
capital requirements, and the viability of the entity may be in 
question. Capital management practices exhibit deficiencies.
    5. A rating of 5 indicates: The level and composition of capital 
are critically deficient and the viability of the regulated entity may 
be threatened. The regulated entity does not meet minimum regulatory 
and statutory capital requirements. Outside financial assistance may be 
needed in order for the regulated entity to be viable.
    ASSET QUALITY--when rating a regulated entity's asset quality, 
examiners determine the quantity of existing and potential credit risk 
associated with the loan and investment portfolios, advances, real 
estate owned, and other assets, as well as off-balance sheet 
transactions, and management's ability to identify, measure, monitor 
and control credit risk. When making this determination, examiners 
assess:
     The adequacy of underwriting standards;
     The soundness of credit administration practices;
     The appropriateness of risk identification and rating 
practices;
     The level, distribution, severity of problem, adversely 
classified, nonaccrual, restructured, delinquent, and nonperforming 
assets for both on- and off-balance sheet transactions;
     The level and trend of charge-offs;
     The adequacy of the allowance for loan losses and other 
asset valuation reserves;
     The credit risk arising from or reduced by off-balance 
sheet transactions, such as unfunded commitments, credit derivatives, 
and lines of credit;
     The diversification and quality of the loan and investment 
portfolios;
     The extent of securities underwriting activities and 
exposure to counterparties in trading activities;
     The existence of asset concentrations;
     The level and pace of asset growth;
     The adequacy of loan and investment policies, procedures 
and practices;
     The ability of management to properly administer its 
assets, including the timely identification and collection of problem 
assets;
     The adequacy of internal controls and management 
information systems; and
     The volume and nature of credit documentation exceptions.

Asset Quality Ratings

    1. A rating of 1 indicates: Asset quality and credit risk 
management practices are strong. Any identified weaknesses are minor in 
nature and risk exposure is minimal in relation to the regulated 
entity's capital protection and management's ability to identify, 
monitor and mitigate risks
    2. A rating of 2 indicates: Asset quality and credit risk 
management practices are satisfactory. Identified weaknesses, such as 
the level and severity of adversely-rated or classified assets, are 
moderate and in-line with the regulated entity's capital protection and 
management's ability to identify, monitor and mitigate risks.
    3. A rating of 3 indicates: Asset quality or credit risk management 
practices need improvement. Identified weaknesses, such as the level 
and severity of adversely rated or classified assets, are significant 
and not in-line with the regulated entity's capital protection or 
management's ability to identify, monitor and mitigate risks.
    4. A rating of 4 indicates: Asset quality or credit risk management 
practices are deficient. Identified weaknesses, such as the level of 
problem assets are significant and inadequately controlled. The 
weaknesses subject the regulated entity to potential losses, which if 
left unchecked may threaten the regulated entity's viability.
    5. A rating of 5 indicates: Asset quality or credit risk management 
practices are critically deficient and may represent an imminent threat 
to the regulated entity's viability.
    MANAGEMENT--when rating a regulated entity's management, examiners 
determine the capability and willingness of the board of directors and 
management, in their respective roles, to identify, measure, monitor, 
and control the risks of the regulated entity's activities and to 
ensure that the regulated entity's safe, sound and efficient operations 
are in compliance with applicable laws and regulations. When making 
this determination, examiners assess:
     The level and quality of oversight and support of all 
entity activities by the board of directors and management;
     The quality and effectiveness of strategic planning;
     The ability of the board of directors and management, in 
their respective roles, to plan for, and respond to, risks that may 
arise from changing business conditions or the initiation of new 
activities or products;
     The adequacy of, and conformance with, appropriate 
internal policies and controls addressing the operations and risks of 
significant activities;
     The accuracy, timeliness and effectiveness of management 
information and risk monitoring systems appropriate for the regulated 
entity's size, complexity and risk profile;
     The ability and willingness to identify, measure, monitor, 
and control risks across the regulated entity;
     The adequacy of audits and internal controls to promote 
effective operations and reliable financial and regulatory reporting; 
safeguard assets; and ensure compliance with laws, regulations, 
regulatory requirements, and internal policies;
     The adequacy of anti-money laundering processes and other 
processes designed to identify, manage and/or report financial fraud;
     The regulated entity's compliance with laws and 
regulations, including Prudential Management and Operational Standards 
(PMOS), Office of Minority and Women Inclusion (OMWI) and relevant 
provisions of the Dodd-Frank Act;
     The regulated entity's responsiveness to findings made by 
regulatory authorities, the regulated entity's risk management 
function, internal/external audit functions or outside consultants;
     The depth of management and management succession;

[[Page 67648]]

     The extent that the board of directors and management is 
affected by, or susceptible to, dominant influence or concentration of 
authority;
     The reasonableness and comparability of compensation and 
compensation policies and avoidance of self-dealing;
     The ability of the regulated entity to achieve mission-
related goals and requirements, including affordable housing and 
community investment requirements; and
     The overall performance of the regulated entity and its 
risk profile.

Management Ratings

    1. A rating of 1 indicates: The performance by the board of 
directors and management, and risk management practices relative to the 
regulated entity's size, complexity and risk profile are strong. All 
significant risks are consistently and effectively identified, 
measured, monitored and controlled. The regulated entity is in 
substantial compliance with laws, regulations and regulatory 
requirements, including mission-related and affordable housing goals 
and requirements. The board of directors and management demonstrate the 
ability to promptly and successfully address existing and potential 
problems and risks.
    2. A rating of 2 indicates: The performance by the board of 
directors and management, and risk management practices relative to the 
regulated entity's size, complexity and risk profile are satisfactory. 
Generally, significant risks and problems are effectively identified, 
measured, monitored and controlled. The regulated entity is in 
substantial compliance with laws, regulations and regulatory 
requirements, including mission-related and affordable housing goals 
and requirements. Minor weaknesses may exist, but they are not material 
to the safety and soundness of the regulated entity, and are being 
satisfactorily addressed.
    3. A rating of 3 indicates: The performance by the board of 
directors and management, and/or risk management practices need 
improvement given the regulated entity's size, complexity and risk 
profile. Problems and significant risks may be inadequately identified, 
measured, monitored or controlled. The regulated entity may be in non-
compliance with laws, regulations and regulatory requirements, 
including mission-related and affordable housing goals and 
requirements. The capabilities of the board of directors or management 
may be insufficient for the type, size or condition of the regulated 
entity.
    4. A rating of 4 indicates: The performance by the board of 
directors and management and/or risk management practices are deficient 
given the regulated entity's size, complexity and risk profile. 
Operational or performance problems and significant risks are 
inadequately identified, measured, monitored or controlled, and require 
immediate action to preserve the soundness of the regulated entity. The 
regulated entity may be in significant non-compliance with laws, 
regulations and regulatory requirements, including mission-related and 
affordable housing goals and requirements.
    5. A rating of 5 indicates: The performance by the board of 
directors and management and/or risk management practices are 
critically deficient. Problems and significant risks are inadequately 
identified, measured, monitored or controlled, and may threaten the 
viability of the regulated entity. The regulated entity is in 
significant non-compliance with laws, regulations and regulatory 
requirements, including mission-related and affordable housing goals 
and requirements. The board of directors and management fail to 
demonstrate the ability or willingness to correct problems and 
implement appropriate risk management practices.
    EARNINGS--when rating a regulated entity's earnings, examiners 
determine the quantity, trend, sustainability, and quality of earnings. 
When making this determination, examiners assess:
     The level, trend and stability of earnings from core 
business activities;
     The ability to provide for adequate capital through 
retained earnings;
     The quality and source of earnings, including the level of 
reliance on extraordinary gains, nonrecurring events, or favorable tax 
effects;
     The level of expenses in relations to operations;
     The adequacy of the budgeting systems, forecasting 
processes, and management information systems in general;
     The adequacy of provisions to maintain the allowance for 
loan losses and other valuation allowance accounts; and
     The earnings exposure to market risk.

Earnings Ratings

    1. A rating of 1 indicates: The quality, quantity, and 
sustainability of earnings are strong. The regulated entity's earnings 
are more than sufficient to support operations and maintain adequate 
capital and allowance levels after considering the regulated entity's 
overall condition, growth and other factors.
    2. A rating of 2 indicates: The quality, quantity, and 
sustainability of earnings are satisfactory. The regulated entity's 
earnings are sufficient to support operations and maintain adequate 
capital and allowance levels after considering the regulated entity's 
overall condition, growth and other factors.
    3. A rating of 3 indicates: The quality, quantity, or 
sustainability of earnings need improvement. The regulated entity's 
earnings may not fully support the regulated entity's operations or 
provide for adequate capital and/or allowance levels in relation to the 
regulated entity's overall condition, growth, and other factors.
    4. A rating of 4 indicates: The quality, quantity, and/or 
sustainability of earnings are deficient. The regulated entity's 
earnings are insufficient to support operations and maintain adequate 
capital and allowance levels.
    5. A rating of 5 indicates: The quality, quantity, and/or 
sustainability of earnings are critically deficient. The regulated 
entity's earnings are inadequate to cover expenses, and losses may 
threaten the regulated entity's viability through the erosion of 
capital.
    LIQUIDITY--when rating a regulated entity's liquidity, examiners 
determine the current level and prospective sources of liquidity 
compared to funding needs, as well as the adequacy of funds management 
practices relative to the regulated entity's size, complexity and risk 
profile. When making this determination, examiners assess:
     The adequacy of liquidity sources to meet present and 
future needs and the ability of the regulated entity to meet liquidity 
needs without adversely affecting its operations or condition;
     The availability of assets readily convertible to cash 
without undue loss;
     The regulated entity's access to money markets and other 
secondary sources of funding;
     The level and diversification of funding sources, both on- 
and off-balance sheet;
     The degree of reliance on short-term, volatile sources of 
funding to fund longer term assets;
     The ability to securitize and sell certain pools of 
assets; and
     The capability and willingness of management to properly 
identify, measure, monitor and control the regulated entity's liquidity 
position, including the effectiveness of funds management strategies, 
liquidity policies, management information

[[Page 67649]]

systems and contingency liquidity plans.

Liquidity Ratings

    1. A rating of 1 indicates: The level of liquidity and the 
regulated entity's management of its liquidity position are strong. Any 
identified weaknesses in its liquidity management practices are minor. 
The regulated entity has reliable access to sufficient sources of funds 
on favorable terms to meet current and anticipated liquidity needs. The 
regulated entity meets or exceeds regulatory guidance related to 
liquidity.
    2. A rating of 2 indicates: The level of liquidity and the 
regulated entity's management of its liquidity position are 
satisfactory. The regulated entity may have moderate weaknesses in its 
liquidity management practices, but these are correctable in the normal 
course of business. The regulated entity has reliable access to 
sufficient sources of funds on acceptable terms to meet current and 
anticipated liquidity needs. The regulated entity meets or exceeds 
regulatory guidance related to liquidity.
    3. A rating of 3 indicates: The level of liquidity or the regulated 
entity's management of its liquidity position needs improvement. The 
regulated entity may evidence moderate weaknesses in funds management 
practices, or weaknesses that are not correctable in the normal course 
of business. The regulated entity may lack ready access to funds on 
reasonable terms. The regulated entity may not meet all regulatory 
guidance related to liquidity.
    4. A rating of 4 indicates: The level of liquidity or the regulated 
entity's management of its liquidity position is deficient. The 
regulated entity may not have or be able to obtain sufficient funds on 
reasonable terms. The regulated entity does not meet all regulatory 
guidance related to liquidity.
    5. A rating of 5 indicates: The level of liquidity or the regulated 
entity's management of its liquidity position is critically deficient. 
The viability of the regulated entity may be threatened and the 
regulated entity may need to seek immediate external financial 
assistance to meet maturing obligations or other liquidity needs. The 
regulated entity does not meet regulatory guidance related to 
liquidity.
    SENSITIVITY TO MARKET RISK--when rating a regulated entity's 
sensitivity to market risk, examiners determine the degree to which 
changes in interest rates, foreign exchange rates, commodity prices, or 
equity prices can adversely affect the regulated entity's earnings or 
economic capital. When making this determination, examiners assess:
     The sensitivity of the regulated entity's earnings, or the 
economic value of its capital to adverse changes in interest rates, 
foreign exchange rates, commodity prices or equity prices;
     The ability of management to identify, measure, monitor 
and control exposure to market risk given the regulated entity's size, 
complexity and risk profile;
     The nature and complexity of interest rate risk exposure 
arising from non-trading positions; and
     The nature and complexity of market risk exposure arising 
from trading, asset management activities and foreign operations.

Sensitivity to Market Risk Ratings

    1. A rating of 1 indicates: Market risk sensitivity is well 
controlled and there is minimal potential that the regulated entity's 
earnings performance or capital position will be adversely affected by 
market risk sensitivity. Risk management practices are strong for the 
size, sophistication and market risk accepted by the regulated entity. 
Earnings and capital provide substantial support for the amount of 
market risk taken by the regulated entity.
    2. A rating of 2 indicates: Market risk sensitivity is 
satisfactorily controlled and there is moderate potential that the 
regulated entity's earnings performance or capital position will be 
adversely affected by market risk sensitivity. Risk management 
practices are satisfactory for the size, sophistication and market risk 
accepted by the regulated entity. Earnings and capital provide adequate 
support for the amount of market risk taken by the regulated entity.
    3. A rating of 3 indicates: Market risk sensitivity control needs 
improvement or there is significant potential that the regulated 
entity's earnings performance or capital position will be adversely 
affected by market risk sensitivity. Risk management practices need 
improvement given the size, sophistication and market risk accepted by 
the regulated entity. Earnings and capital may not adequately support 
the amount of market risk taken by the regulated entity.
    4. A rating of 4 indicates: Market risk sensitivity control is 
deficient or there is a high potential that the regulated entity's 
earnings performance or capital position will be adversely affected by 
market risk sensitivity. Risk management practices are deficient for 
the size, sophistication and market risk accepted by the regulated 
entity. Earnings and capital provide inadequate support for the amount 
of market risk taken by the regulated entity.
    5. A rating of 5 indicates: Market risk sensitivity control is 
critically deficient or the level of market risk taken by the regulated 
entity may be an imminent threat to the regulated entity's viability. 
Risk management practices are critically deficient for the size, 
sophistication and level of market risk accepted by the regulated 
entity.
    OPERATIONAL RISK--when rating a regulated entity's operational 
risk, examiners determine the exposure to loss from inadequate or 
failed internal processes, people, and systems, including internal 
controls and information technology, or from external events, including 
all direct and indirect economic losses related to legal liability, 
reputational setbacks, and compliance and remediation costs to the 
extent such costs are consequences of operational events. When making 
this determination examiners assess:
     The efficiency and effectiveness of operations and 
technology;
     The effectiveness of the operational risk framework in 
identifying and assessing threats posed to operations;
     The ability of management to identify, measure, monitor 
and control operational risk;
     The effectiveness of controls over third-party vendors;
     The quality of operational risk management in the 
administration of the regulated entity's mission-related activities, 
including affordable housing and community investment activities;
     The organizational structure, including lines of authority 
and responsibility for adhering to prescribed policies;
     The accuracy of recording transactions;
     The effectiveness of internal controls over financial 
reporting (i.e., the level of compliance with Sarbanes-Oxley section 
404);
     The controls surrounding limits of authorities, including: 
safeguarding access to and use of records and assets; segregation of 
duties;
     The effectiveness of the control environment in preventing 
and/or detecting errors and unauthorized activity;
     The accuracy, effectiveness and security of information 
systems, data and management reporting;
     The effectiveness of business continuity planning; and
     The effectiveness, accuracy and security of models.

Operational Risk Ratings

    1. A rating of 1 indicates: Operational risk management is strong 
and the

[[Page 67650]]

number and severity of operational risk events are low. There is 
minimal potential that the regulated entity's earnings performance or 
capital position will be adversely affected by the level of operational 
risk.
    2. A rating of 2 indicates: Operational risk management is 
satisfactory and the number and severity of operational risk events are 
moderate. There is moderate potential that the regulated entity's 
earnings performance or capital position will be adversely affected by 
the level of operational risk.
    3. A rating of 3 indicates: Operational risk management needs 
improvement or there is significant potential that the regulated 
entity's earnings performance or capital position will be adversely 
affected by the level of operational risk. The number and severity of 
operational risk events are moderate to serious.
    4. A rating of 4 indicates: Operational risk management is 
deficient or there is a high potential that the regulated entity's 
earnings performance or capital position will be adversely affected by 
the level of operational risk. The number and severity of operational 
risk events are serious to critical.
    5. A rating of 5 indicates: Operational risk management is 
critically deficient or the level of operational risk taken by the 
regulated entity may be an imminent threat to the regulated entity's 
viability. The number and severity of operational risk events may 
threaten the regulated entity's viability.

[FR Doc. 2012-27558 Filed 11-9-12; 8:45 am]
BILLING CODE 8070-01-P