[Federal Register Volume 79, Number 18 (Tuesday, January 28, 2014)]
[Proposed Rules]
[Pages 4414-4429]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2014-01173]
=======================================================================
-----------------------------------------------------------------------
FEDERAL HOUSING FINANCE BOARD
12 CFR Parts 914 and 917
FEDERAL HOUSING FINANCE AGENCY
12 CFR Parts 1236 and 1239
DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT
Office of Federal Housing Enterprise Oversight
12 CFR Parts 1710 and 1720
RIN 2590-AA59
Responsibilities of Boards of Directors, Corporate Practices and
Corporate Governance Matters
AGENCIES: Federal Housing Finance Board; Federal Housing Finance
Agency; Office of Federal Housing Enterprise Oversight.
ACTION: Proposed rule; with request for comments.
-----------------------------------------------------------------------
SUMMARY: The Federal Housing Finance Agency (FHFA) is proposing to
amend its regulations by relocating and consolidating certain Federal
Housing Finance Board (Finance Board) and Office of Federal Housing
Enterprise Oversight (OFHEO) regulations that pertain to the
responsibilities of boards of directors, corporate practices, and
corporate governance matters. The OFHEO regulations address corporate
governance matters at the Federal National Mortgage Association and the
Federal Home Loan Mortgage Corporation (Enterprises), while the Finance
Board regulations address the powers and responsibilities of the boards
of directors and management of the Federal Home Loan Banks (Banks). The
proposed rule would consolidate most of those existing regulations into
a new FHFA regulation, parts of which would apply to both the Banks and
the Enterprises (together, regulated entities), and parts of which
would apply only to the Banks or only to the Enterprises. Most of the
content of the new regulation has been derived from the existing
regulations, with such modifications as are necessary to apply certain
provisions to all regulated entities. The proposal also would include a
new provision on risk management and a new definition of ``credit
risk,'' which is a term that is used only within the proposed risk
management provision. Those provisions would apply to both the Banks
and the Enterprises. FHFA also is proposing to amend a definition
within
[[Page 4415]]
its Prudential Management and Operations Standards (Prudential
Standards) regulations and the introductory language to the standards
themselves. Together, those amendments would explicitly include certain
introductory language--pertaining to the general responsibilities of
senior management and boards of directors--as part of the standards.
The proposed rule also would repeal a separate provision of the OFHEO
regulations that relate to minimum safety and soundness requirements.
DATES: Written comments on the proposed rule must be received on or
before March 31, 2014. For additional information, see SUPPLEMENTARY
INFORMATION.
ADDRESSES: You may submit your comments on the proposed rule,
identified by regulatory information number ``RIN 2590-AA59,'' by any
of the following methods:
Email: Comments to Alfred M. Pollard, General Counsel, may
be sent by email to [email protected]. Please include ``RIN 2590-
AA59'' in the subject line of the message.
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments. If you submit your
comment to the Federal eRulemaking Portal, please also send it by email
to FHFA at [email protected] to ensure timely receipt by the agency.
Include the following information in the subject line of your
submission: Comments/RIN 2590-AA59.
U.S. Mail, United Parcel Post, Federal Express, or Other
Mail Service: The mailing address for comments is: Alfred M. Pollard,
General Counsel, Attention: Comments/RIN 2590-AA59, Federal Housing
Finance Agency, Constitution Center, Eighth Floor (OGC), 400 7th Street
SW., Washington, DC 20024.
Hand Delivered/Courier: The hand delivery address is:
Alfred M. Pollard, General Counsel; Attention: Comments/RIN 2590-AA59,
Federal Housing Finance Agency, Constitution Center, Eighth Floor
(OGC), 400 7th Street SW., Washington, DC 20024. The package should be
logged at the Guard Desk, First Floor, on business days between 9 a.m.
and 5 p.m.
FOR FURTHER INFORMATION CONTACT: Amy Bogdon, [email protected], (202)
649-3320, Associate Director, Division of Federal Home Loan Bank
Regulation; or Michou Nguyen, [email protected], (202) 649-3081
(not toll-free numbers), Assistant General Counsel, Office of General
Counsel, Federal Housing Finance Agency, Constitution Center, Eighth
Floor (OGC), 400 7th Street SW., Washington, DC 20024. The telephone
number for the Telecommunications Device for the Hearing Impaired is
(800) 877-8339.
SUPPLEMENTARY INFORMATION:
I. Comments
FHFA invites comments on all aspects of the proposed rule in
addition to requesting comments in response to specific questions that
appear throughout this document. FHFA will take all comments into
consideration before issuing a final regulation. All comments received
will be posted without change on the FHFA Web site at http://www.fhfa.gov, and will include any personal information you provide,
such as your name, address (mailing and email), and telephone numbers.
In addition, copies of all comments received will be available for
examination by the public on business days between the hours of 10 a.m.
and 3 p.m., at the Federal Housing Finance Agency, Eighth Floor, 400
7th Street SW., Washington, DC 20024. To make an appointment to inspect
comments, please call the Office of General Counsel at (202) 649-3804.
II. Background
A. Purpose of the Proposed Rule
This proposed rule is the next phase in FHFA's effort to repeal or
relocate all remaining OFHEO and Finance Board regulations. Both of the
predecessor agencies had adopted regulations addressing director
responsibilities, corporate practices, and corporate governance
matters. Pursuant to the Housing and Economic Recovery Act of 2008
(HERA), Public Law 110-289, 122 Stat. 2654, those regulations remain in
effect until they are superseded by regulations issued by FHFA. See id.
at sections 1301, 1302, 1311, 1312, 122 Stat. 2794-95, 2797-98. The
intent of this proposed rule is to consolidate or relocate certain of
the existing regulations into a new set of FHFA regulations that would
address those same matters. FHFA would expand the scope of certain of
the existing regulations to both the Enterprises and the Banks. Those
provisions address matters of general corporate governance or corporate
practices that are common to all the regulated entities. For certain
other provisions of the existing regulations, FHFA would continue to
apply them only to the Banks or only to the Enterprises, as they
address topics that are unique to the particular entity, as permitted
by statute. The proposed rule would carry over most of those provisions
without change. The proposed rule is not intended to address
conservatorship matters. Rather, the proposal addresses matters of
corporate practice and governance, as well as compliance and risk
management practices, nearly all of which currently apply to the
Enterprises through the OFHEO regulations and all of which remain
relevant to their safe and sound operation.
The regulations of the predecessor agencies that would be relocated
by this rulemaking are located at parts 914, 917, and 1710 of title 12
of the Code of Federal Regulations (CFR). The Finance Board regulations
at part 914 address regulatory reporting for the Banks. FHFA is
proposing to relocate that provision without substantive change and
apply it to all of the regulated entities. All of the relocated
regulations would be adopted as a new part, 12 CFR 1239 (part 1239), in
the FHFA section of title 12 of the CFR. Any regulations of the
predecessor agencies that are not being adopted as FHFA regulations
would be repealed.
As part of this rulemaking, FHFA is also proposing to amend one of
the definitions within its Prudential Standards regulations, as well as
one aspect of the Prudential Standards themselves. Together, those
amendments would explicitly provide that the introductory language
within the Prudential Standards, which appears immediately before the
enumerated 10 standards, is considered a part of the standards and is
to be treated in the same manner as the 10 enumerated standards. The
introductory section of the Prudential Standards recites general
concepts of corporate governance and responsibilities, as they relate
to the subject matter of the individual standards, that are a part of
the typical responsibilities of the board of directors and senior
management of any financial institution. FHFA believes that it would be
more appropriate to include those paragraphs as explicitly part of the
standards, and having the same substantive effect under the Prudential
Standards regime. Lastly, FHFA is proposing to repeal in its entirety
part 1720 of the OFHEO regulations, which established certain safety
and soundness standards for the Enterprises. Because many of the
matters addressed by part 1720 are also addressed by the Prudential
Standards and by parts of this proposed rule, FHFA has determined that
the repeal of part 1720 will not change the standards applicable to the
Enterprises. The following sections briefly describe each of the
provisions in proposed part 1239 and its origin.
[[Page 4416]]
Also with respect to the Prudential Standards, FHFA acknowledges
that there is substantial overlap between some of these proposed
regulations and the Prudential Standards, and requests comment on
appropriate modifications to the regulations to harmonize them with the
Prudential Standards to create a unified set of corporate governance
requirements with appropriate levels of specificity and appropriate
enforcement mechanisms.
B. Overview of Part 1239
Part 1239 of the proposed rule would be structured into a subpart
(A) for definitions and four substantive subparts (B through E).
Subpart B would consist of regulations relating to core corporate
governance principles, which would apply to both the Banks and the
Enterprises. Subpart C would include regulations addressing codes of
conduct, risk management, compliance programs, and regulatory reports,
which also would apply to all regulated entities. Subparts D and E
would consist of regulations that address matters specific to the Banks
(such as those relating to a Bank's member product policy) and to the
Enterprises (such as those relating to the Enterprise boards),
respectively.
Much of the content of part 1239, with the exception of the
provision on risk management, has been derived from the current Finance
Board and OFHEO regulations, with modifications as necessary to apply
certain of the provisions to all regulated entities and to clarify,
update, or supplement the existing regulations, as appropriate. FHFA
believes that the current Finance Board risk management regulation
would benefit from updates. Accordingly, FHFA has rewritten this
provision in its entirety and is proposing to apply the revised
provision to the Enterprises as well as to the Banks. FHFA believes
that the Finance Board regulations dealing with audit committees and
internal controls could be similarly updated and extended to the
Enterprises, but is soliciting comment on how best to do that, rather
than proposing revised language for those provisions, as discussed in
more detail in part III.E. (Bank Specific Requirements).
C. Considerations of Differences Between the Banks and the Enterprises
When promulgating regulations or taking other actions that relate
to the Banks, section 1313(f) of the Federal Housing Enterprises
Financial Safety and Soundness Act of 1992 (Safety and Soundness Act),
as amended by section 1201 of HERA, requires the Director to consider
the differences between the Banks and the Enterprises with respect to
the Banks' cooperative ownership structure; mission of providing
liquidity to members; affordable housing and community development
mission; capital structure; and joint and several liability. 12 U.S.C.
4513(f). In preparing the proposed rule, the Director has considered
the differences between the Banks and the Enterprises as they relate to
the above factors and has determined that none of the statutory factors
would be adversely affected by the proposed rule. The Director is
requesting comments from the public about whether differences related
to these factors should result in a revision of the proposed rule as it
relates to the Banks.
III. Part 1239
A. Subpart A--General
Definitions (1239.2)
The definitions section of the proposed rule consists of
definitions from parts 914, 917, and 1710, most of which are being
relocated without any substantive change, apart from conforming changes
that are necessary to make certain of the defined terms applicable to
both the Banks and the Enterprises. The proposed rule would
substantively amend certain of the existing definitions, as described
below. First, the proposed rule would replace the term ``reportable
conditions'' (which currently appears only in the Finance Board
regulation on audit committees) with the term ``significant
deficiency.'' That revision would better align the concept with current
accounting and financial reporting standards. Second, the proposed rule
would amend the definition of ``credit risk,'' which currently appears
only in the Finance Board provision pertaining to risk management. The
proposed definition would define credit risk as the potential that a
borrower or counterparty will fail to meet its financial obligations in
accordance with the agreed terms. FHFA believes that is a better
definition than the current provision, which focuses on the decline in
value of an obligation as a result of a deterioration in
creditworthiness. Third, the proposal would revise the definition of
``operational risk'' to follow the definition used by the other federal
banking regulators in their risk-based capital regulations, which also
is consistent with the definition of the term from the Basel Committee
on Banking Supervision.\1\ Fourth, the proposed rule would delete the
definition of ``senior executive officer'' but add the substance of
that definition into the definition of ``executive officer.'' The term
``senior executive officer'' is not used in any of the substantive
provisions of the proposed regulations, and appears only within the
definition of ``executive officer.'' Rather than retain a definition of
a term that appears only within another defined term, FHFA believes it
is more appropriate to relocate the operative language from the
definition of ``senior executive officer'' into the definition of
``executive officer.'' A number of terms that will no longer be used in
the proposed regulations will not be carried forward into the proposed
rule, nor will any terms that FHFA has defined in the general
definitions section of its regulations, 12 CFR part 1201.
---------------------------------------------------------------------------
\1\ See Basel Committee on Banking Supervision, International
Convergence of Capital Measurement and Capital Standards: A Revised
Framework--Comprehensive Version, Section V (Operational Risk),
paragraph 644, Basel, June 2006.
---------------------------------------------------------------------------
B. Subpart B--Corporate Practices and Procedures Applicable to All
Regulated Entities
Subpart B includes three provisions that address certain core
principles of corporate practices or governance that FHFA believes
should be applied to both the Enterprises and the Banks. The topics
addressed by this part of the proposed rule are choice of law, duties
of directors, and committees of the boards of directors, and nearly all
of those provisions are derived from the Finance Board or OFHEO
regulations.
Choice of Law (1239.3)
Section 1239.3 of the proposed rule would require each regulated
entity to designate a body of law to follow with respect to its
corporate governance and indemnification practices. This requirement
already applies to the Enterprises and the Office of Finance, pursuant
to 12 CFR 1710.10 of the OFHEO regulations and 12 CFR 1273.7(i)(2) of
the FHFA regulations, respectively, but would be new for the Banks.
Under this provision, a regulated entity would be required to designate
in its bylaws one of the following for its corporate governance
practices and procedures: (1) The law of the jurisdiction in which the
entity maintains its principal office; (2) the Delaware General
Corporation Law; or (3) the Revised Model Business Corporation Act.
Technically, those laws would not apply to, nor be binding on, the
Banks or Enterprises, because they are not state-chartered
corporations. Rather, FHFA intends that the entities would look to
their chosen body of law to address any governance or indemnification
issues that may arise and for which no federal laws control.
[[Page 4417]]
The proposed regulation also includes a provision dealing with
indemnification, which is derived from FHFA's regulations governing the
Office of Finance, 12 CFR 1273.7(i)(3), and from the OFHEO
indemnification provisions at 12 CFR 1710.20. The proposed provision
would state that a regulated entity shall indemnify its directors,
officers, and employees under terms and conditions to be determined by
the board, subject to any limitations in federal law or the law of the
jurisdiction designated for an entity's corporate governance practices.
The proposal further requires each entity to have policies and
procedures regarding the indemnification of its directors, officers,
and employees, which must address how the board of directors is to
decide on requests for indemnification, and must include standards
relating to indemnification, investigations by the board of directors,
and review by independent counsel. The proposal also authorizes FHFA to
review an entity's indemnification policies, procedures, and practices,
and carries over a provision of the OFHEO regulation that authorized it
to limit or prohibit indemnification payments for reasons of safety and
soundness. Under that latter provision, FHFA could limit or prohibit
indemnification payments to any person found to have violated any law
or regulation, breached any material elements of the entity's bylaws or
code of conduct, or engaged in grossly negligent actions.
FHFA is proposing to make these provisions applicable to the Banks
because there are benefits to having all regulated entities follow the
same regulatory standard with respect to their corporate governance and
indemnification practices, and because there currently is no definitive
guidance for the Banks on this matter. The indemnification provision
explicitly states that it is subject to the other provisions of the
regulation, one of which provides that the corporate governance and
indemnification practices must comply with the authorizing statutes and
any other applicable federal statutes or regulations. That means that a
regulated entity's ability to indemnify its directors, officers, and
employees will be subject to any limitations that FHFA imposes through
its separate indemnification regulations or through this provision,
regardless of what the chosen state law may provide.
Duties and Responsibilities of Board Members (1239.4)
Section 1293.4 of the proposed rule would set forth certain basic
duties and responsibilities of directors of a regulated entity. This
provision states that the ultimate responsibility for managing a
regulated entity lies with the board of directors. It also requires
directors to, among other things: (1) Act in good faith and with due
care, in the best interest of the regulated entity, and in a fair and
impartial manner; (2) direct the affairs of an entity in a manner
consistent with applicable statutes and regulations; (3) have a working
familiarity with basic finance and accounting practices; and (4) adopt
bylaws governing the manner in which the regulated entity administers
its affairs. Directors must also put in place policies relating to the
board's oversight of risk management, compensation, financial
reporting, and responsiveness to FHFA supervisory concerns.
The text of the proposed regulation consists mostly of provisions
carried over from Finance Board regulation (Sec. 917.2) and, to a
lesser extent, OFHEO regulation (Sec. 1710.15). The proposed rule
would carry over nearly all of the provisions of (Sec. 917.2) of the
Finance Board regulations, and the substance of the existing OFHEO
regulations located at 12 CFR 1710.15(b)(3), (5), and (7). Those OFHEO
provisions require the boards of directors to have policies in place to
assure their oversight of compensation programs, disclosures to
shareholders and investors, and responsiveness to regulatory inquiries.
The proposed rule would add a provision requiring the boards to have
policies in place to assure their oversight of risk management, in
light of the importance of risk management policies and controls to the
safe and sound operation of the entities. FHFA is proposing not to
carry over certain other OFHEO regulations that require the boards to
have in place policies to assure their oversight of corporate strategy,
hiring and retention of qualified senior executive officers, integrity
of financial reporting, and extensions of credit to board members. See
12 CFR 1710.15(b)(1)-(2), (4), and (6). FHFA believes that these topics
are covered adequately elsewhere. The proposed rule also would repeal
1710.15(a) and (c), which state the purpose of those OFHEO regulations
and direct Enterprise board members to their chosen body of corporate
law, as well as to OFHEO pronouncements, for additional guidance on
these topics. FHFA believes that these matters need not be explicitly
stated in the regulation.
Board Committees (1239.5)
The last section in subpart B deals with committees of the board of
directors, and is derived principally from Sec. 1710.12 of the OFHEO
regulations. The proposed regulation would require each regulated
entity to have certain specified committees of the board of directors
and would authorize the entities to establish any other committees they
deem appropriate. Each entity would be required to have committees of
the board of directors that are responsible for each of the following
matters: (1) Risk management; (2) audit; (3) compensation; and (4)
corporate governance. The rule would not require the entities to
establish committees with those specific names, only that they
establish committees that are responsible for overseeing those matters.
The proposed rule also would provide that the risk management committee
and the audit committee cannot be combined with any of the other
committees. The proposal would further require that each committee have
a formal written charter and that it meet with sufficient frequency to
carry out its responsibilities. The regulation retains, for the
Enterprises only, an OFHEO provision requiring Enterprise audit
committees to comply with certain provisions of section 301 of the
Sarbanes-Oxley Act (SOA), which relates to audit committees of public
companies, and that the audit committee and other Enterprise committees
also comply with applicable provisions of the rules of the New York
Stock Exchange (NYSE). That is the only provision in this proposed
regulation that would not apply to the Banks. Because the Federal Home
Loan Bank Act (Bank Act) mandates that a majority of a Bank's board of
directors be officers or directors of the Bank's members, these
directors may not meet the independence criteria in both of the
relevant SOA and NYSE provisions for audit committee members. Indeed,
nine of the Banks have disclosed in their federal securities law
filings that the member directors who serve on the Banks' audit
committees did not meet the NYSE independence requirement because the
member had a ``material relationship'' with the Bank or failed the
NYSE's revenue test.\2\
---------------------------------------------------------------------------
\2\ Under NYSE rules, an employee of a Bank member would not be
considered independent for purposes of serving on the audit
committee if: (1) The member has made interest payments to the Bank
exceeding the greater of $1 million or 2 percent of the Bank's gross
annual revenue in any of the past three fiscal years; or (2) if the
Bank has purchased loans from the member in an amount exceeding the
greater of $1 million or 2 percent of the member's gross annual
revenue in any of the past three fiscal years. In addition, an
officer of a Bank member is not considered independent if the member
has a ``material relationship'' with the Bank. The rules list a
banking relationship as an example of a type of relationship that
can constitute a material relationship. The board of directors of
the Bank is responsible for determining whether a relationship is
``material'' after ``broadly'' considering all relevant facts and
circumstances. See NYSE Listed Company Manual Sect. 303A.02 and
303A.07(a).
Under SOA section 301, an audit committee director is not
considered independent if the director is an ``affiliated person''
of the Bank. The Securities Exchange Act of 1934 defines
``affiliated person'' as a person who owns, directly or indirectly,
or controls 5% of the voting securities of the Bank. A member
director does not directly own voting securities of a Bank but may
be deemed to indirectly own or control the securities under certain
scenarios (e.g., if the member director owns 25% of the voting
securities of the member). See 15 U.S.C. 78c(a)(19) and 78j-1. Under
SEC rule 10A-3, promulgated pursuant to SOA section 301, an audit
committee director is considered ``affiliated'' if the director
directly or indirectly ``controls'' the Bank. Under rule 10A-3, a
person will be deemed not to have ``control'' if the person,
directly or indirectly, owns 10% or less of the voting securities of
the Bank. See 17 CFR 240.10A-3. Nine of the Banks have stated in
their federal securities laws filings that all members of their
audit committees have satisfied the independence requirements under
SEC rule 10A-3.
---------------------------------------------------------------------------
[[Page 4418]]
The substance of the proposed rule differs slightly from OFHEO
regulation Sec. 1710.12 in that it requires each board to have a
committee dealing with risk management. The OFHEO rule mandates that
the Enterprises have the other three committees mentioned above. There
is no equivalent Finance Board regulation. FHFA believes that,
consistent with current best practices, it is appropriate to add the
risk management committee to the list of required committees and to
make this regulation applicable to the Banks as these four areas are
crucial to the safe and sound operation of all regulated entities.
FHFA also has considered whether the proposed rule should require
the board of directors of each regulated entity to have an executive
committee, in addition to the other four committees that would be
required by the proposed rule. FHFA requests comments on whether it
would be appropriate for the regulations to require the establishment
of executive committees as a matter of course and, if so, what powers
should be delegated to those committees. An executive committee that is
authorized to exercise the powers of the full board of directors could
enhance the efficiency of the board's operations, particularly at Banks
that have large boards of directors. FHFA also requests comment on
whether the need for an executive committee, or the benefits from
having such a committee, would be any greater in the case of a Bank
that results from the merger of two other Banks. In such cases,
statutory provisions that cause the resulting Bank to have a very large
board of directors also may make board operations more cumbersome and
thus less efficient. To the extent that an executive committee may
address matters that otherwise would have been addressed by the full
board, FHFA requests comments on what limitations might be appropriate
to ensure that the ability of those directors who are not on the
executive committee to exercise their own fiduciary duties is not
compromised.
C. Subpart C--Other Requirements Applicable to All Regulated Entities
Subpart C includes four provisions that relate to certain other
matters that FHFA believes should apply to all of the regulated
entities, but are not the type of governance provisions that are
included in Subpart B. These provisions address: (1) Code of conduct;
(2) risk management; (3) compliance programs; and (4) regulatory
reports. The substance of these provisions is derived from parts 914,
917, and 1710 of the Finance Board and OFHEO regulations, respectively,
except for the risk management provision, which has been rewritten in
its entirety to better align it with supervisory expectations for sound
risk management.
Code of Conduct (1239.10)
The first regulation in Subpart C requires each regulated entity to
establish a written code of conduct for directors, executive officers,
and employees that is designed to ensure that they discharge their
duties in an objective and impartial manner. The code of conduct must
include standards set forth in section 406 of the SOA, which address
promoting: (1) Honest and ethical conduct, including the handling of
conflicts of interest between personal and professional relationships;
(2) full, fair, accurate, timely, and understandable disclosures in
periodic reports filed with the Securities and Exchange Commission
(SEC); and (3) compliance with applicable rules and regulations. In
addition, each regulated entity must review the code at least once
every three years and make any necessary revisions. The requirements of
proposed Sec. 1239.10 are being relocated from OFHEO regulation Sec.
1710.14 without any substantive changes, and are being made applicable
to the Banks as well as the Enterprises. FHFA believes that a code of
conduct is an important tool to ensure the safe and sound operation of
a regulated entity and therefore is proposing to extend the
requirements of this provision to the Banks.
Risk Management (1239.11)
Both the Finance Board and OFHEO regulations include provisions
dealing with the issue of risk management responsibilities of the
boards of directors. See 12 CFR 917.3 and Sec. 1710.19(b). In
reviewing both of those provisions, FHFA determined that they may no
longer reflect the current best risk management practices and concepts.
Based in part on more recent proposals of the Federal Reserve Board,\3\
FHFA is proposing to adopt a new risk management regulation for all of
the regulated entities, which would supplant the existing Finance Board
and OFHEO regulations. The proposed risk management provision would
require a regulated entity to adopt an enterprise-wide risk management
program that aligns the entity's overall risk profile with its
strategic plan and mission objectives. The regulation also would
require that the risk management program address the regulated entity's
risk profile and risk exposure. The program also would have to include
appropriate risk limitations, risk management practices, and compliance
monitoring provisions, while specifying management's authority and
independence to carry out its risk management responsibilities.
---------------------------------------------------------------------------
\3\ See Enhanced Prudential Standards and Early Remediation
Requirements for Covered Companies, Board of Governors of the
Federal Reserve System, 77 FR 594 (Jan. 5, 2012).
---------------------------------------------------------------------------
The proposed rule would require each regulated entity to have a
risk committee and that it be established pursuant to a written charter
approved by the full board of directors. The risk committee also would
have to be chaired by a director that does not serve in a management
capacity. That provision would effectively apply only to the
Enterprises because the boards of the Banks do not have any management
representatives. The committee must have at least one member with risk
management expertise and all members must have an understanding of risk
management principles and experience developing and applying risk
management practices, identifying risks, and monitoring risk controls
for financial services organizations. The proposal would require the
committee to meet regularly and report directly to the board of
directors, and would provide that the committee is responsible for
documenting and overseeing the risk management policies and practices,
reviewing and approving the risk management program, and reviewing
regular reports from the chief risk officer (CRO).
The proposed rule would require each regulated entity to appoint a
CRO, who would be responsible for the risk management function. The
proposed
[[Page 4419]]
rule would specify certain responsibilities of the CRO, which would
include: (1) Allocating delegated risk limits; (2) establishing
appropriate policies, processes, and systems to identify and report
risks; (3) managing risk exposures and controls; and (4) reporting risk
management issues directly and regularly to the risk committee and the
chief executive officer. The CRO also must have risk management
expertise commensurate with the regulated entity's capital structure,
risk profile, complexity, activities, and size. The board would be
required to structure the CRO's compensation in such a manner as to
provide for an objective and independent assessment of the risks taken
by the regulated entity.
Compliance Program (1239.12)
This provision of the proposed rule would require the regulated
entities to establish a compliance program headed by a compliance
officer and would set forth criteria for the program. These provisions
would be carried over, with modest conforming changes, from OFHEO
regulation Sec. 1710.19, and thus would be new only for the Banks. The
compliance program to be established under this provision must be
reasonably designed to ensure that the regulated entity complies with
applicable laws, rules, regulations, and internal controls. In addition
to reporting directly to the chief executive officer, the compliance
officer must report regularly to the entity's board of directors (or a
committee thereof) on the adequacy of the entity's compliance policies
and procedures, and must recommend any appropriate adjustments to those
policies or procedures. Other provisions of the OFHEO regulation, at
Sec. 1710.19(b) and (c), which deal with risk management and
registration of Enterprise stock under the federal securities laws,
would be repealed as either being addressed elsewhere or no longer
being relevant.
Regulatory Reports (1239.13)
The last section of Subpart C would require each regulated entity
to provide FHFA with such regulatory reports as are necessary for it to
evaluate the condition of a regulated entity, or compliance with
applicable law, and to do so in accordance with the forms and
instructions issued by FHFA from time to time. This provision would be
relocated, with only minor non-substantive changes, from the Finance
Board regulations at 12 CFR 914.1 and 914.2. FHFA has the statutory
authority to compel all regulated entities to submit the reports
described in Sec. 1239.13. 12 U.S.C. 4514. Therefore, applying this
provision to all regulated entities would not impose any new burdens on
the Enterprises, but would serve to highlight the importance of timely
and accurate data reporting.
D. Enterprise-Specific Requirements (Subpart D)
Subpart D of the proposed rule would carry over two OFHEO
regulations relating to: (1) Eligibility requirements for the board of
directors of the Enterprises and conduct of their board meetings; and
(2) compensation for Enterprise directors. The first provision is
substantively identical to the current OFHEO regulation Sec. 1710.11,
while the second provision is based on Sec. 1710.13, with minor
changes that eliminate portions relating to compensation of executive
officers and employees, which are no longer necessary. Neither of these
two provisions would be applied to the Banks because section 7 of the
Bank Act, 12 U.S.C. 1427, already establishes eligibility requirements
and mandates a specific composition of Bank boards between member
directors and independent directors, and because section 7 and 12 CFR
part 1261 of the FHFA regulations already include provisions governing
compensation for directors of the Banks.
Enterprise Board of Director Requirements (1239.20)
The first provision of Subpart D addresses age and term limits for
individual Enterprise board members and requires that a majority of the
directors be independent, as defined under the rules of the NYSE. It
also addresses the frequency of Enterprise board meetings, quorum
requirements, and voting by directors. These provisions are being
carried over from Sec. 1710.11 without substantive change and would
apply only to the Enterprises. In addition, proposed Sec. 1239.20
includes a new provision that would prohibit the chief executive
officer (CEO) of an Enterprise from also serving as the chairman of the
board of directors. FHFA is proposing to add this requirement in order
to promote the board of directors' oversight of senior management. By
separating the two positions, FHFA intends to preclude the possibility
that a CEO would have an opportunity to unduly influence the full board
of directors by virtue of holding the chairman's position.
Compensation of Enterprise Board Members (1239.21)
The second provision of Subpart D states that Enterprise director
compensation must be reasonable and appropriate for the time required
for the performance of their duties. This provision is based on Sec.
1710.13 of the OFHEO regulations, which addresses compensation of
Enterprise board members, as well as Enterprise officers and employees.
The proposed rule would differ from the OFHEO rule in that it would
apply only to compensation paid to the directors of an Enterprise.
Because FHFA has recently adopted an interim rule addressing executive
compensation matters for the Banks and the Enterprises, there is no
longer any need to address the matter of executive compensation in
these provisions. As for non-executive employees, FHFA believes that a
separate regulation is not necessary as those salaries will be set by
an entity's executives, whose compensation is subject to FHFA review.
E. Subpart E--Bank-Specific Requirements
Subpart E of the proposed rule would carry over from the Finance
Board regulations five provisions that address a Bank's: (1) Member
products policy; (2) strategic business plan; (3) internal control
system; (4) audit committee; and (5) dividends. The proposed provisions
derive from current Finance Board regulations on these topics, which
will be relocated to subpart E with only minor and conforming changes.
As discussed in more detail below, FHFA believes that three of these
provisions--regarding the member products policy, business plan, and
dividends--are unique to the Banks and thus should not be applied to
the Enterprises. Although FHFA is proposing to include the Finance
Board provisions on internal controls and audit committees in the
``Bank specific'' portion of the rule, it also is requesting comment on
whether it would be appropriate to revise those provisions so that they
could be applied to both the Banks and the Enterprises.
Bank Member Product Policy (1239.30)
Finance Board regulations require each Bank to have a member
products policy that addresses the Bank's management of products
offered to members and housing associates. See 12 CFR 917.4. Under that
provision, a Bank's board of directors must review the policy annually,
amend it as appropriate, and readopt it at least every three years. The
policy must address certain specified topics, which are: (1) Credit
underwriting criteria; (2) levels of collateralization; (3) fees and
product pricing; (4) maintenance of appropriate systems, procedures,
and internal controls; and (5) maintenance of appropriate operational
and personnel
[[Page 4420]]
capacity. The proposed rule would simply relocate the existing Finance
Board regulations without substantive change.
Strategic Business Plan (1239.31)
Finance Board regulations also require each Bank's board of
directors to adopt a strategic business plan that describes how each
Bank will achieve its housing finance mission, and how each Bank
establishes goals and objectives for each of its business activities.
See 12 CFR Sec. 917.5. The plan must also: (1) Discuss how a Bank will
address credit needs and market opportunities; (2) establish
quantitative performance goals for Bank products related to multi-
family housing, small business, small farm, and small agri-business
lending; (3) describe proposed new business activities; and (4) be
supported by appropriate research and analysis of market developments
and member demand for products. Each Bank's board of directors must
review the plan at least annually, readopt it at least every three
years, and establish management reporting requirements and monitor
implementation. The proposed rule would simply relocate this regulation
without substantive change to the FHFA regulations. FHFA is not
proposing to extend it to the Enterprises because their strategic
objectives are subject to FHFA control as a result of the
conservatorships.
Internal Control System (1239.32)
The proposed rule would carry over, without substantive change, the
Finance Board regulation dealing with internal control systems at the
Banks. See 12 CFR 917.6. The current Finance Board regulation requires
each Bank to establish and maintain an effective internal control
system that addresses: (1) The efficiency and effectiveness of Bank
activities; (2) the safeguarding of Bank assets; (3) the reliability,
completeness, and timely reporting of financial and management
information; and (4) compliance with applicable laws, regulations,
policies, and management and board directives. The regulation sets
forth detailed responsibilities of senior management and the board of
directors with respect to internal controls. This regulation would not
apply to the Enterprises, as many of the detailed requirements in the
provision are specific to the Banks and reflect their unique structure.
Nonetheless, the topic of internal controls is one that is relevant
to both the Banks and the Enterprises, and FHFA is considering whether
it should adopt a regulation on internal controls that would apply to
all of the regulated entities. Accordingly, FHFA specifically requests
public comment on the following questions:
1. In what manner should FHFA revise the content of Sec. 917.6 so
that it could be applied to all regulated entities, and what specific
revisions to the regulatory text would be needed to accomplish that
objective?
2. What regulatory approach would be best suited for addressing the
topic of internal controls at the Banks and Enterprises, one based on
general principles, or one that includes detailed requirements that
prescribe particular steps that an entity should take in creating and
operating a system of internal controls?
3. If FHFA were to adopt a more prescriptive approach to a
regulation on internal controls, is the current approach, which
separately addresses the requirements of an internal control system,
the responsibilities of the board, and the responsibilities of
management, appropriate?
4. If FHFA were to adopt a more principles-based approach to
internal controls, what principles would be necessary to assure that
regulated entities would establish and maintain an effective system of
internal controls?
5. What amendments to the regulation or the Prudential Standards
would be most appropriate to ensure that they complement each other
with respect to the entities' internal control systems?
6. Should the proposed Sec. 1239.32(a)(iv) retain the requirement
that the internal control system must ensure that the entity complies
with all applicable laws and regulations if the proposed rule will
separately require that the entities establish a compliance program to
address that same topic?
7. Are there any types of internal control requirements that would
be unique to either the Banks or the Enterprises and could not readily
be applied to the other entities?
Audit Committee (1239.33)
The proposed rule also would carry over without substantive change
the provisions of the Finance Board regulations dealing with Bank audit
committees. See 12 CFR 917.7. Those provisions would set forth
requirements relating to the composition of the audit committee and the
content of the audit committee charter. They would also require that
the audit committee members be independent and establish certain
independence criteria. The proposal would retain the provision
requiring the audit committee to include a balance of representatives
of community financial institutions and other members, as well as
independent directors and member directors. The audit committee would
be required to have a charter that covers the selection and retention
of the internal auditor and reporting channels for the auditor. The
regulation also lists numerous duties of the audit committee,
including: (1) Directing senior management to maintain the reliability
and integrity of the accounting policies; (2) reviewing the basis for
the Bank's financial statements and the external auditor's opinion; (3)
overseeing the audit function; and (4) conducting or authorizing
investigations.
The Finance Board regulation on Bank audit committees reflects the
unique structure of the Banks as member-owned cooperatives whose boards
of directors include a majority of member directors that also serve as
officers or directors of their member institutions. Because the board
structure of the Banks is unique and differs so much from that of the
Enterprises, FHFA believes that it is appropriate to retain the Bank-
specific regulations for the Banks' audit committees. FHFA is not
proposing to impose these requirements on the Enterprises because of
those differences and because the Enterprises are separately required
(by the OFHEO regulations and by this proposed rule) to comply with the
audit committee requirements of section 301 of the SOA and the rules of
the NYSE.
Nonetheless, the topic of audit committees is one that is relevant
to both the Banks and the Enterprises, and FHFA requests comments on
the following questions:
1. By carrying over the existing Finance Board and OFHEO
regulations, the proposed rule would effectively retain the two
distinct regulatory approaches embodied in the current rules, i.e.,
OFHEO's approach of using a cross-reference to the SOA audit committee
provisions and the Finance Board's approach of using the considerably
more detailed regulatory provisions to address audit committee
responsibilities. FHFA requests comment on whether it should continue
this arrangement or whether it should develop one rule on audit
committees that would apply to both the Banks and the Enterprises. FHFA
also requests comment on how a single rule should be structured, i.e.,
whether it should adopt the approach of the current OFHEO regulations,
the approach of the Finance Board regulations, or some other approach.
2. If FHFA were to retain the substance of the current Finance
Board rule for Bank audit committees (either for the Banks or for the
Banks and the Enterprises), FHFA requests comments
[[Page 4421]]
on how it could modify the provisions of that rule (which would be
located at Sec. 1239.33 of this proposal) to make them more
streamlined while also providing sufficient guidance to the regulated
entities to ensure that the audit committees function in an independent
and efficient manner.
3. With respect to the independence requirement of the current
Finance Board regulation, FHFA requests comments on whether it should
add a new provision that would deem a member director to not be
``independent'' for audit committee purposes if the member institution
at which that director is employed were to have more than a specified
percentage of the Bank's outstanding capital stock or the Bank's total
advances. FHFA also requests comments regarding the level at which a
member's Bank stock or advances could be considered to be too high for
that member's representative to be deemed sufficiently independent to
serve on the Bank's audit committee.\4\
---------------------------------------------------------------------------
\4\ For example, the Federal Deposit Insurance Corporation
prohibits ``large customers'' from serving on the audit committee of
a regulated institution that has total assets of more than $3
billion at the beginning of the fiscal year. ``Large customer'' is
defined as ``any individual or entity (including a controlling
person of any such entity) which, in the determination of the board
of directors, has such significant direct or indirect credit or
other relationships with the institution, the termination of which
likely would materially and adversely affect the institution's
financial condition or results of operations . . .'' See 12 CFR
Sec. 363.5(b) and Appendix A to 12 CFR 363.
---------------------------------------------------------------------------
4. With respect to the composition of Bank audit committees, which
must include a balance of representatives from community financial
institutions and other members, and of independent and member
directors, FHFA requests comment on whether that provision remains
optimal or whether the regulation should require any other requirements
relating to audit committee composition, such as requiring a majority
of the committee members to be independent directors.
5. With respect to the relationship between the audit committee
regulations and the Prudential Standards, FHFA requests comment on how
best to coordinate the audit committee regulations with the provisions
of Standard 2, which also addresses audit committees, whether FHFA
should address audit committee requirements entirely within either the
regulations or the standards, and what matters would be more
appropriately addressed in a regulation or in the Prudential Standards.
Bank Dividends (1239.34)
The last regulation in Subpart E would carry over with only modest
revisions a Finance Board regulation addressing Bank dividends. See 12
CFR 917.9. Among other things, that provision prohibits a Bank's board
of directors from declaring or paying a dividend based on projected or
anticipated earnings or if the par value of the Bank's stock is
impaired, or would become impaired as a result of paying the dividend.
The proposed rule would not carry over two provisions from Sec. 917.9
whose content either is addressed in another regulation or relates to
statutory provisions that are no longer in effect. FHFA is proposing
not to apply this provision to the Enterprises, in part because it
carries out provisions of the Bank Act that apply only to the Banks and
in part because Enterprise dividends during conservatorship are
governed by the senior preferred stock purchase agreements.
F. Provisions To Be Repealed
As noted above, there are several portions of 12 CFR part 917 and
12 CFR part 1710 that have become obsolete or are no longer necessary,
and FHFA is proposing to repeal them as part of this rulemaking. The
repealed provisions consist of: (1) Several OFHEO regulations that
impose requirements substantively identical to those found in the SOA;
(2) an OFHEO regulation that reserves the right of FHFA to amend its
regulations; (3) an OFHEO regulation that states that FHFA has the
authority under the Safety and Soundness Act to prohibit or restrict
indemnification of board members and executives of the Enterprises; (4)
portions of the OFHEO regulation relating to the responsibilities of
boards of directors that address matters that are covered by the
Prudential Standards; and (5) a Finance Board regulation that requires
Banks to prepare annual budgets.
SOA Provisions
OFHEO regulations at Sec. 1710.13(b), Sec. 1710.16, Sec.
1710.17, Sec. 1710.18, and Sec. 1710.19(c) are substantively
identical to requirements found in the SOA, which apply to the Banks
and Enterprises as registered issuers under the federal securities
laws.\5\ These regulations address reimbursement of compensation paid
to an Enterprise CEO or CFO in cases of accounting restatements due to
material noncompliance with financial reporting requirements,
prohibitions on extensions of credit to Enterprise board members and
executives, certification of quarterly and annual financial statements
by the CEO and CFO, audit partner rotation, and registration and
deregistration of securities. Because the Enterprises and the Banks are
subject to the corresponding SOA statutory provisions, there is no need
to repeat those requirements in the FHFA regulations.
---------------------------------------------------------------------------
\5\ Section 1112 of HERA requires the Banks to maintain
registration of their common stock with the SEC and states that
equity securities of the Enterprises are not exempt from SEC
registration requirements.
---------------------------------------------------------------------------
Board of Directors
As noted previously, Sec. 1710.15 of the OFHEO regulations
addresses the conduct and responsibilities of Enterprise directors, and
FHFA is proposing to carry over certain of those provisions into Sec.
1239.4 of the proposed rule. FHFA also is proposing to repeal the
remaining portions of Sec. 1710.15, which include the introductory
language, language requiring directors to refer to state law and OFHEO
pronouncements for additional guidance, several provisions requiring
the board to have policies for overseeing corporate strategy, hiring of
qualified senior executives, financial reporting, and extensions of
credit to board members. FHFA believes that these matters are
adequately addressed in other provisions of the proposed rule or in the
Prudential Standards, and need not be adopted as FHFA regulations.
Budget Preparation
Finance Board regulation Sec. 917.8 requires Banks to adopt an
operating and a capital expenditures budget annually. FHFA believes
that the adoption of a budget is a basic duty already encompassed in a
director's duty to act in good faith and with care in overseeing the
affairs of a Bank. Therefore, FHFA is not proposing to carry this
Finance Board provision over into the FHFA regulations.
Part 1720
As noted previously, FHFA is proposing to repeal 12 CFR part 1720
of the OFHEO regulations, which established certain safety and
soundness standards for the Enterprises, because those matters are
addressed by the Prudential Standards and by certain parts of this
proposed rule.
IV. Prudential Standards
The introductory section of the Prudential Standards, which appears
immediately before the enumerated 10 standards, recites general
responsibilities of the boards of directors and senior management of
the regulated entities, as they relate to the matters addressed by the
individual standards. FHFA is proposing to explicitly state that this
introductory
[[Page 4422]]
section is part of the standards, which means that the introductory
provisions would have the same effect and could be enforced in the same
manner as the 10 enumerated standards. To do this, FHFA is proposing to
amend the definition of the term ``standards,'' which appears in 12 CFR
1236.2, by adding an explicit statement that the Prudential Standards
consist of both the introductory section and the existing enumerated
standards. FHFA is also proposing to revise the Prudential Standards by
relocating a sentence that appears immediately after the introductory
language and immediately before the 10 enumerated standards, that reads
as follows: ``The following provisions constitute the prudential
management and operations standards established pursuant to 12 U.S.C.
4513b(a).'' FHFA would relocate this sentence to the beginning of the
Prudential Standards and immediately before the existing introductory
language regarding director and senior management responsibilities.
FHFA is proposing these amendments to ensure that it can use the
remedial provisions of the Prudential Standards to address corporate
governance deficiencies at the regulated entities, as they may relate
to the individual standards, should FHFA believe that those provisions
will be more effective than its other administrative enforcement
authorities.
Harmonization of the Prudential Standards and FHFA Regulations
The Prudential Standards address certain topics that also are
covered by the existing regulations and would continue to be covered by
the proposed regulations, which results in a degree of regulatory
overlap. Despite that overlap, there are meaningful differences between
the two provisions, some of which may be appropriate to preserve. One
key difference is that because the Prudential Standards have been
adopted as guidance, they do not have the force and effect of law, as
do the regulations addressing the same topics. For that reason, the
Prudential Standards may be enforced only by the remedial authorities
in the Prudential Standards statute, and not through the agency's
administrative enforcement powers, which can be used to enforce
regulations, unless a regulated entity's failure to meet a prudential
standard rises to the level of an unsafe or unsound practice. FHFA is
not proposing to address in this regulation all of the potential areas
of overlap between the Prudential Standards and the regulations, but
does intend to initiate a separate project to identify any regulations
that address topics that are also covered by the Prudential Standards,
or would more appropriately be covered by a Prudential Standard. To aid
it in that undertaking, FHFA is requesting comments on how it may best
integrate and harmonize its regulations and the Prudential Standards,
particularly with respect to the seven topics described below.
General Duties of Boards of Directors. To certain degrees, both the
Prudential Standards and the regulations address the general
responsibilities of the boards of directors of the regulated entities.
Within the Standards, the first three principles of the introductory
section address certain director responsibilities, as they relate to
the subject matter of each of the Prudential Standards, such as
adopting business strategies and policies, overseeing management, and
remaining informed about the operations and condition of a regulated
entity. The proposed regulation, at Sec. 1239.4, also would address
the duties and responsibilities of the boards of directors, albeit in a
more global sense, i.e., not simply in relation to the subject matter
of the 10 prudential standards.
Board Briefings. Principles seven and eight of the introductory
section of the Prudential Standards require management to provide the
board of directors with periodic reports on the entity's condition and
performance. This is similar to proposed Sec. 1239.20(b)(4), which
would apply only to the Enterprise and requires management to provide
boards with information that is necessary to allow the directors to
fulfill their fiduciary duties.
Audit Committee Responsibilities. Several provisions of the
Prudential Standards, paragraphs 2.1, 2.3-2.7, and 2.9-2.10, address
audit committee responsibilities, including establishing policies for
and overseeing the internal audit function, evaluating the
effectiveness of the internal audit function, addressing internal audit
issues, and ensuring that audit department personnel are competent and
properly trained. Section 1239.33 of the proposed rule, which is based
on a Finance Board regulation and would apply only to the Banks, also
addresses certain of these same topics.
Risk Management. Although the Prudential Standards do not address
specific duties of the risk committee or the CRO, Standards 8.2, 8.4-
8.5, 8.7, 8.9-8.10, and principles nine and 10 of the introductory
section do require a regulated entity to have a risk management program
that is capable of addressing a number of the topics. Certain of those
topics are also addressed in Sec. 1239.11 of the proposed rule. In
addition, both Sec. 1239.11 and the Prudential Standards provide that
the CRO should report to the CEO and the risk committee.
Internal Controls. Prudential Standards 1.1, 1.3-1.8, 1.10, and
1.14-1.15 require regulated entities to have an adequate and effective
system of internal controls, including a board-approved organizational
structure that clearly assigns responsibilities and reporting
relationships. Under those provisions, a regulated entity also must
establish and monitor appropriate internal control policies. These same
topics and related concepts are also addressed in Sec. 1239.32, which
is based on an existing Finance Board regulation and would apply only
to the Banks.
Code of Conduct. Principle nine of the introductory section of the
Prudential Standards states that board members and senior management of
a regulated entity should conduct themselves in a manner to promote
high ethical standards and establish a culture of compliance throughout
the organization. Section 1239.10, which would apply to all regulated
entities, also addresses the topic of codes of conduct and ethics.
Compliance with Laws and Regulations. Prudential Standards 1-5 and
8-10 each contain a paragraph that states that, with respect to the
subject matter addressed by that standard, a regulated entity should
comply with all applicable laws, regulations, and supervisory guidance.
The subject of regulatory compliance is also addressed in Sec.
1239.12, which requires each entity to have a compliance program.
With respect to each of those topics described above, FHFA requests
comments on whether there are any direct conflicts between the
regulations and the standards, i.e., situations in which an entity
cannot practicably comply with both the regulation and the standard.
FHFA also requests comments on how it should strike the balance for
each of those topics with respect to what issues should be addressed by
regulation and what issues should be addressed by the Prudential
Standards. FHFA further requests comments on the content of the
particular regulations and standards, i.e., whether the current content
remains appropriate, as well as the structure of the regulations or
standards, i.e., whether they should address the underlying subject
matter through a principles-based approach or through the more
prescriptive approach reflected in the current Finance Board
regulations.
[[Page 4423]]
V. Paperwork Reduction Act
The proposed regulation does not contain any information collection
requirement that requires the approval of the Office of Management and
Budget under the Paperwork Reduction Act (44 U.S.C. 3501 et seq.).
VI. Regulatory Flexibility Act
The Regulatory Flexibility Act (5 U.S.C. 601 et seq.) requires an
agency to analyze a proposed regulation's impact on small entities if
the final rule is expected to have a significant economic impact on a
substantial number of small entities. 5 U.S.C. 605(b). FHFA has
considered the impact of this regulation and determined that it is not
likely to have a significant economic impact on a substantial number of
small entities because it applies only to the regulated entities, which
are not small entities for purposes of the Regulatory Flexibility Act.
List of Subjects
12 CFR Part 914
Federal Home Loan Banks, Reporting and recordkeeping requirements.
12 CFR Part 917
Federal Home Loan Banks.
12 CFR Part 1236
Administrative practice and procedure, Federal Home Loan Banks,
Government-Sponsored Enterprises, Reporting and recordkeeping
requirements.
12 CFR Part 1239
Administrative practice and procedure, Federal Home Loan Banks,
Government-Sponsored Enterprises, Reporting and recordkeeping
requirements.
12 CFR Part 1710
Administrative practice and procedure, Mortgages.
12 CFR Part 1720
Administrative practice and procedure, Mortgages.
Accordingly, for reasons stated in the Supplementary Information
and under the authority of 12 U.S.C. 1426, 1427, 1432(a), 1436(a),
1440, 4511(b), 4513(a), 4513(b), and 4526, FHFA hereby proposes to
amend subchapter C of chapter IX, subchapter B of chapter XII, and
subchapter C of chapter XVII of title 12 of the Code of Federal
Regulations as follows:
CHAPTER IX--FEDERAL HOUSING FINANCE BOARD
Subchapter C--[Removed and Reserved]
0
1. Subchapter C, consisting of parts 914 and 917, is removed and
reserved.
CHAPTER XII--FEDERAL HOUSING FINANCE AGENCY
Subchapter B--Entity Regulations
PART 1236--PRUDENTIAL MANAGEMENT AND OPERATIONS STANDARDS
0
2. The authority citation for part 1236 continues to read as follows:
Authority: 12 U.S.C. 4511, 4513(a) and (f), 4513b, and 4526.
0
3. Amend Sec. 1236.2 by revising the definition of ``Standards'' to
read as follows:
Sec. 1236.2 Definitions.
* * * * *
Standards means any one or more of the prudential management and
operations standards established by the Director pursuant to 12 U.S.C.
4513b(a), as modified from time to time pursuant to Sec. 1236.3(b),
including the introductory statement of general responsibilities of
boards of directors and senior management of the regulated entities.
Appendix to Part 1236 [Amended]
0
4. Amend the appendix to part 1236 by removing the undesignated
paragraph ``The following provisions constitute the prudential
management and operations standards established pursuant to 12 U.S.C.
4513b(a).'' following paragraph 10 under ``Responsibilities of the
Board of Directors and Senior Management'' and adding it as
introductory text to the appendix.
0
5. Part 1239 is added to read as follows:
PART 1239--RESPONSIBILITIES OF BOARDS OF DIRECTORS, CORPORATE
PRACTICES, AND CORPORATE GOVERNANCE
Subpart A--General
Sec.
1239.1 Purpose.
1239.2 Definitions.
Subpart B--Corporate Practices and Procedures Applicable to All
Regulated Entities
1239.3 Law applicable to corporate governance and indemnification
practices.
1239.4 Duties and responsibilities of directors.
1239.5 Board committees.
Subpart C--Other Requirements Applicable to All Regulated Entities
1239.10 Code of conduct and ethics.
1239.11 Risk management.
1239.12 Compliance program.
1239.13 Regulatory reports.
Subpart D--Enterprise Specific Requirements
1239.20 Board of directors of the Enterprises.
1239.21 Compensation of Enterprise board members.
Subpart E--Bank Specific Requirements
1239.30 Bank member product policy.
1239.31 Strategic business plan.
1239.32 Internal control system.
1239.33 Audit committee.
1239.34 Dividends.
Authority: 12 U.S.C. 1426, 1427, 1432(a), 1436(a), 1440,
4511(b), 4513(a), 4513(b), and 4526.
Subpart A--General
Sec. 1239.1 Purpose.
FHFA is responsible for supervising and ensuring the safety and
soundness of the regulated entities. In furtherance of those
responsibilities, this part sets forth minimum standards with respect
to responsibilities of boards of directors, corporate practices, and
corporate governance matters of the regulated entities.
Sec. 1239.2 Definitions.
As used in this part (or, as otherwise noted):
Authorizing statutes mean the Federal National Mortgage Association
Charter Act and the Federal Home Loan Mortgage Corporation Act, which
are codified at 12 U.S.C. 1716 through 1723i and 12 U.S.C. 1451 through
1459, respectively, or the Bank Act, as applicable.
Board member means a member of the board of directors of a
regulated entity.
Board of directors means the board of directors of a regulated
entity.
Business risk means the risk of an adverse impact on a regulated
entity's profitability resulting from external factors as may occur in
both the short and long run.
Community financial institution has the meaning set forth in Sec.
1263.1 of this chapter.
Compensation means any payment of money or the provision of any
other thing of current or potential value in connection with employment
or service as a director.
Credit risk is the potential that a borrower or counterparty will
fail to meet its financial obligations in accordance with agreed terms.
Employee means an individual, other than an executive officer, who
works
[[Page 4424]]
part-time, full-time, or temporarily for a regulated entity.
Executive officer means the chairperson or vice chairperson of the
board of directors of an Enterprise; and, with respect to any regulated
entity, the chief executive officer, chief financial officer, chief
operating officer, president, any executive vice president, any senior
vice president, and any individual with similar responsibilities,
without regard to title, who is in charge of a principal business unit,
division, or function, or who reports directly to the chairperson, vice
chairperson, chief operating officer, or chief executive officer or
president of a regulated entity.
Immediate family member means a parent, sibling, spouse, child,
dependent, or any relative sharing the same residence.
Internal auditor means the individual responsible for the internal
audit function at a regulated entity.
Liquidity risk means the risk that a regulated entity will be
unable to meet its financial obligations as they come due or meet the
credit needs of its members and associates in a timely and cost-
efficient manner.
Market risk means the risk that the market value, or estimated fair
value if market value is not available, of a regulated entity's
portfolio will decline as a result of changes in interest rates,
foreign exchange rates, or equity or commodity prices.
NYSE means the New York Stock Exchange.
Operational risk means the risk of loss resulting from inadequate
or failed internal processes, people, or systems, or from external
events (including legal risk but excluding strategic and reputational
risk).
Significant deficiency means a deficiency, or a combination of
deficiencies, in internal control that is less severe than a material
weakness, yet important enough to merit attention by those charged with
governance.
SOA means the Sarbanes Oxley Act, Pub. L. 107-204 (2002).
Subpart B--Corporate Practices and Procedures Applicable to All
Regulated Entities
Sec. 1239.3 Law applicable to corporate governance and
indemnification practices.
(a) General. The corporate governance practices and procedures of
each regulated entity, and practices and procedures relating to
indemnification (including advancement of expenses), shall comply with
and be subject to the applicable authorizing statutes and other Federal
law, rules, and regulations, and shall be consistent with the safe and
sound operations of the regulated entities.
(b) Election and designation of body of law. (1) To the extent not
inconsistent with paragraph (a) of this section, each regulated entity
shall elect to follow the corporate governance and indemnification
practices and procedures set forth in one of the following:
(i) The law of the jurisdiction in which the principal office of
the regulated entity is located;
(ii) The Delaware General Corporation Law (Del. Code Ann. Title 8);
or
(iii) The Revised Model Business Corporation Act.
(2) Each regulated entity shall designate in its bylaws the body of
law elected for its corporate governance and indemnification practices
and procedures pursuant to this paragraph.
(c) Indemnification. (1) Subject to paragraphs (a) and (b) of this
section, to the extent applicable, a regulated entity shall indemnify
(and advance the expenses of) its directors, officers, and employees
under such terms and conditions as are determined by its board of
directors. The regulated entity is authorized to maintain insurance for
its directors and any other officer or employee.
(2) Each regulated entity shall have in place policies and
procedures consistent with this section for indemnification of its
directors, officers, and employees. Such policies and procedures shall
address how the board of directors is to approve or deny requests for
indemnification from current and former directors, officers, and
employees, and shall include standards relating to indemnification,
investigations by the board of directors, and review by independent
counsel.
(3) Nothing in this paragraph shall affect any rights to
indemnification (including the advancement of expenses) that a director
or any other officer or employee had with respect to any actions,
omissions, transactions, or facts occurring prior to the effective date
of this paragraph.
(4) FHFA has the authority under the Safety and Soundness Act to
review a regulated entity's indemnification policies, procedures, and
practices, and may limit or prohibit indemnification payments in
furtherance of the safe and sound operations of the regulated entity.
Sec. 1239.4 Duties and responsibilities of directors.
(a) Management of a regulated entity. The management of each
regulated entity shall be vested in its board of directors. While
boards of directors may delegate the execution of operational functions
to officers and employees of the regulated entity, the ultimate
responsibility of each entity's board of directors for that entity's
management is non-delegable. The board of directors of a regulated
entity is responsible for directing the conduct and affairs of the
entity in furtherance of the safe and sound operation of the entity and
shall remain reasonably informed of the condition, activities, and
operations of the entity.
(b) Duties of directors. Each director of a regulated entity shall
have the duty to:
(1) Carry out his or her duties as director in good faith, in a
manner such director believes to be in the best interests of the
regulated entity, and with such care, including reasonable inquiry, as
an ordinarily prudent person in a like position would use under similar
circumstances;
(2) Administer the affairs of the regulated entity fairly and
impartially and, for Bank directors, without discrimination in favor of
or against any member institution;
(3) At the time of election, or within a reasonable time
thereafter, have a working familiarity with basic finance and
accounting practices, including the ability to read and understand the
regulated entity's balance sheet and income statement and to ask
substantive questions of management and the internal and external
auditors;
(4) Direct the operations of the regulated entity in conformity
with the requirements set forth in the authorizing statutes, Safety and
Soundness Act, and this chapter; and
(5) Adopt and maintain in effect at all times bylaws governing the
manner in which the regulated entity administers its affairs. Such
bylaws shall be consistent with applicable laws and regulations
administered by FHFA, and with the body of law designated for the
entity's corporate governance practices and procedures.
(c) Director responsibilities. The responsibilities of the board of
directors include having in place adequate policies and procedures to
assure its oversight of, among other matters, the following:
(1) The risk management and compensation programs of the regulated
entity;
(2) The processes for providing accurate financial reporting and
other disclosures, and communications with stockholders; and
(3) The responsiveness of executive officers in providing accurate
and timely reports to FHFA and in addressing all supervisory concerns
of
[[Page 4425]]
FHFA in a timely and appropriate manner.
(d) Authority regarding staff and outside consultants. (1) In
carrying out its duties and responsibilities under the authorizing
statutes, the Safety and Soundness Act, and this chapter, each
regulated entity's board of directors and all committees thereof shall
have authority to retain staff and outside counsel, independent
accountants, or other outside consultants at the expense of the
regulated entity.
(2) The board of directors and its committees may require that
staff of the regulated entity that provides services to the board or
any committee under paragraph (d)(1) of this section report directly to
the board or such committee, as appropriate.
Sec. 1239.5 Board committees.
(a) General. The board of directors may rely, in directing a
regulated entity, on reports from committees of the board of directors,
provided, however, that no committee of the board of directors shall
have the authority of the board of directors to amend the bylaws and no
committee shall operate to relieve the board of directors or any board
member of a responsibility imposed by applicable law, rule, or
regulation.
(b) Required committees. The board of directors of each regulated
entity shall have committees, however styled, that address each of the
following areas of responsibility: Risk management, audit,
compensation, and corporate governance (in the case of the Banks,
including the nomination of independent board of director candidates,
and, in the case of the Enterprises, including the nomination of all
board of director candidates). The risk management committee and the
audit committee shall not be combined with any other committees. The
board of directors may establish any other committees that it deems
necessary or useful to carrying out its responsibilities, subject to
the provisions of this section. In the case of the Enterprises, board
committees shall comply with the charter, independence, composition,
expertise, duties, responsibilities, and other requirements set forth
under rules issued by the NYSE, and the audit committees shall also
comply with the requirements set forth under section 301 of the SOA.
(c) Charter. Each committee shall adopt, and the board of directors
of each regulated entity shall approve, a formal written charter that
specifies the scope of a committee's powers and responsibilities, as
well as the committee's structure, processes, and membership
requirements.
(d) Frequency of meetings. Each committee of the board of directors
shall meet regularly and with sufficient frequency to carry out its
obligations and duties under applicable laws, rules, regulations, and
guidelines. Such a committee shall also meet with sufficient timeliness
as necessary in light of relevant conditions and circumstances to
fulfill its obligations and duties.
Subpart C--Other Requirements Applicable to All Regulated Entities
Sec. 1239.10 Code of conduct and ethics.
(a) General. A regulated entity shall establish and administer a
written code of conduct and ethics that is reasonably designed to
assure the ability of board members, executive officers, and employees
of the regulated entity to discharge their duties and responsibilities,
on behalf of the regulated entity, in an objective and impartial
manner, and that includes standards required under section 406 of the
SOA, as amended from time to time, and other applicable laws, rules,
and regulations.
(b) Review. Not less often than once every three years, a regulated
entity shall review the adequacy of its code of conduct and ethics for
consistency with practices appropriate to the entity and make any
appropriate revisions to such code.
Sec. 1239.11 Risk management.
(a) Risk management program--(1) Adoption. Each regulated entity's
board of directors shall have in effect at all times an enterprise-wide
risk management program that establishes the regulated entity's risk
profile, aligns the risk profile with the regulated entity's strategies
and objectives, and addresses the regulated entity's exposure to credit
risk, market risk, liquidity risk, business risk and operational risks
and complies with the requirements of this part and with all applicable
FHFA regulations and policies.
(2) Risk profile. The board of directors and senior management
shall ensure that the risk management program aligns the regulated
entity's overall risk profile with its mission objectives.
(b) Risk committee. The board of each regulated entity shall
establish and maintain a risk committee of the board of directors that
is responsible for oversight of enterprise-wide risk management
practices of the regulated entity.
(c) Risk committee structure and requirements. (1) The risk
management program shall include:
(i) Risk limitations appropriate to each business line of the
regulated entity;
(ii) Appropriate policies and procedures relating to risk
management governance, risk management practices, and risk control
infrastructure, and processes and systems for identifying and reporting
risks, including emerging risks;
(iii) Provisions for monitoring compliance with the regulated
entity's risk limit structure and policies and procedures relating to
risk management governance, practices, risk controls, and effective and
timely implementation of corrective actions; and
(iv) Provisions specifying management's authority and independence
to carry out risk management responsibilities, and the integration of
risk management and control objectives in management goals and
compensation structure.
(2) The risk committee shall:
(i) Be chaired by a director not serving in a management capacity
of the regulated entity;
(ii) Have at least one member with risk management expertise that
is commensurate with the regulated entity's capital structure, risk
profile, complexity, activities, size, and other appropriate risk-
related factors;
(iii) Have committee members with an understanding of risk
management principles and practices relevant to the regulated entity;
(iv) Have members with experience developing and applying risk
management practices and procedures, measuring and identifying risks,
and monitoring the testing risk controls with respect to financial
services organizations;
(v) Fully document and maintain records of its meetings, including
its risk management decisions and recommendations; and
(vi) Report directly to the board and not as part of, or combined
with, another committee.
(d) Risk committee responsibilities. The risk committee shall:
(1) Be responsible for documenting and overseeing the enterprise-
wide risk management policies and practices of the regulated entity;
(2) Review and approve an appropriate risk management program that
is commensurate with the regulated entity's capital structure, risk
profile, complexity, activities, size, and other appropriate risk-
related factors; and
(3) Receive and review regular reports from the regulated entity's
chief risk officer.
(e) Chief Risk Officer--(1) Appointment of a chief risk officer
[[Page 4426]]
(CRO). Each regulated entity shall appoint a CRO to implement and
maintain appropriate enterprise-wide risk management practices for the
regulated entity.
(2) Organizational structure of the risk management function. The
CRO shall oversee an independent risk management function, or unit, and
shall report directly to the risk committee and to the chief executive
officer.
(3) Responsibilities of the CRO. The CRO shall be responsible for
oversight of:
(i) Allocating delegated risk limits and monitoring compliance with
such limits;
(ii) Establishing appropriate policies and procedures relating to
risk management governance, practices, and risk controls, and
developing appropriate processes and systems for identifying and
reporting risks, including emerging risks;
(iii) Monitoring risk exposures and risk controls, including
testing risk controls and verifying risk measures; and
(iv) Reporting risk management issues and emerging risks, and
ensuring that risk management issues are effectively resolved in a
timely manner.
(4) The CRO shall execute the responsibilities enumerated in
paragraph (e)(3) of this section on an enterprise-wide basis.
(5) The CRO should have risk management expertise that is
commensurate with the regulated entity's capital structure, risk
profile, complexity, activities, size, and other appropriate risk
related factors.
(6) The CRO shall report regularly to the risk committee and to the
chief executive officer on the entity's compliance with, and the
adequacy of, its current risk management policies and procedures, and
shall recommend any adjustments to such policies and procedures that he
or she considers necessary or appropriate.
(7) The compensation of a regulated entity's CRO shall be
appropriately structured to provide for an objective and independent
assessment of the risks taken by the regulated entity.
Sec. 1239.12 Compliance program.
A regulated entity shall establish and maintain a compliance
program that is reasonably designed to assure that the regulated entity
complies with applicable laws, rules, regulations, and internal
controls. The compliance program shall be headed by a compliance
officer, however styled, who reports directly to the chief executive
officer. The compliance officer also shall report regularly to the
board of directors, or an appropriate committee thereof, on the
adequacy of the entity's compliance policies and procedures, including
the entity's compliance with them, and shall recommend any revisions to
such policies and procedures that he or she considers necessary or
appropriate.
Sec. 1239.13 Regulatory reports.
(a) Reports. Each regulated entity shall file Regulatory Reports
with FHFA in accordance with the forms, instructions, and schedules
issued by FHFA from time to time. If no regularly scheduled reporting
dates are established, Regulatory Reports shall be filed as requested
by FHFA.
(b) Definition. For purposes of this section, the term Regulatory
Report means any report to FHFA of information or raw or summary data
needed to evaluate the safe and sound condition or operations of a
regulated entity, or to determine compliance with any:
(1) Provision in the Bank Act, Safety and Soundness Act, or other
law, order, rule, or regulation;
(2) Condition imposed in writing by FHFA in connection with the
granting of any application or other request by a regulated entity; or
(3) Written agreement entered into between FHFA and a regulated
entity.
Subpart D--Enterprise Specific Requirements
Sec. 1239.20 Board of directors of the Enterprises.
(a) Membership--(1) Limits on service of board members--(i) General
requirement. No board member of an Enterprise may serve on the board of
directors for more than 10 years or past the age of 72, whichever comes
first; provided, however, a board member may serve his or her full term
if he or she has served less than 10 years or is 72 years on the date
of his or her election or appointment to the board; and
(ii) Waiver. Upon written request of an Enterprise, the Director
may waive, in his or her sole discretion and for good cause, the limits
on the service of a board member under paragraph (a)(1)(i) of this
section.
(2) Independence of board members. A majority of seated members of
the board of directors of an Enterprise shall be independent board
members, as defined under rules set forth by the NYSE, as amended from
time to time.
(3) Segregation of duties. The position of chairperson of the board
of directors shall be filled by a person other than the chief executive
officer, who shall also be a director of the Enterprise that is
independent, as defined under the rules set forth by the NYSE, as
amended from time to time.
(b) Meetings, quorum and proxies, information, and annual review--
(1) Frequency of meetings. The board of directors of an Enterprise
shall meet at least eight times a year and no less than once a calendar
quarter to carry out its obligations and duties under applicable laws,
rules, regulations, and guidelines.
(2) Non-management board member meetings. Non-management directors
of an Enterprise shall meet at regularly scheduled executive sessions
without management participation.
(3) Quorum of board of directors; proxies not permissible. For the
transaction of business, a quorum of the board of directors of an
Enterprise is at least a majority of the seated board of directors and
a board member may not vote by proxy.
(4) Information. Management of an Enterprise shall provide a board
member of the Enterprise with such adequate and appropriate information
that a reasonable board member would find important to the fulfillment
of his or her fiduciary duties and obligations.
(5) Annual review. At least annually, the board of directors of an
Enterprise shall review, with appropriate professional assistance, the
requirements of laws, rules, regulations, and guidelines that are
applicable to its activities and duties.
Sec. 1239.21 Compensation of Enterprise board members.
Each Enterprise may pay its directors reasonable and appropriate
compensation for the time required of them, and their necessary and
reasonable expenses, in the performance of their duties.
Subpart E--Bank Specific Requirements
Sec. 1239.30 Bank member products policy.
(a) Adoption and review of member products policy--(1) Adoption.
Each Bank's board of directors shall have in effect at all times a
policy that addresses the Bank's management of products offered by the
Bank to members and housing associates, including but not limited to
advances, standby letters of credit, and acquired member assets,
consistent with the requirements of the Bank Act, paragraph (b) of this
section, and all applicable FHFA regulations and policies.
(2) Review and compliance. Each Bank's board of directors shall:
(i) Review the Bank's member products policy annually;
[[Page 4427]]
(ii) Amend the member products policy as appropriate; and
(iii) Re-adopt the member products policy, including interim
amendments, not less often than every three years.
(b) Member products policy requirements. In addition to meeting any
other requirements set forth in this chapter, each Bank's member
products policy shall:
(1) Address credit underwriting criteria to be applied in
evaluating applications for advances, standby letters of credit, and
renewals;
(2) Address appropriate levels of collateralization, valuation of
collateral and discounts applied to collateral values for advances, and
standby letters of credit;
(3) Address advances-related fees to be charged by each Bank,
including any schedules or formulas pertaining to such fees;
(4) Address standards and criteria for pricing member products,
including differential pricing of advances pursuant to Sec.
1266.5(b)(2) of this chapter, and criteria regarding the pricing of
standby letters of credit, including any special pricing provisions for
standby letters of credit that facilitate the financing of projects
that are eligible for any of the Banks' CICA programs under part 1292
of this chapter;
(5) Provide that, for any draw made by a beneficiary under a
standby letter of credit, the member will be charged a processing fee
calculated in accordance with the requirements of Sec. 1271.6(b) of
this chapter;
(6) Address the maintenance of appropriate systems, procedures and
internal controls; and
(7) Address the maintenance of appropriate operational and
personnel capacity.
Sec. 1239.31 Strategic business plan.
(a) Adoption of strategic business plan. Each Bank's board of
directors shall have in effect at all times a strategic business plan
that describes how the business activities of the Bank will achieve the
mission of the Bank consistent with part 1265 of this chapter.
Specifically, each Bank's strategic business plan shall:
(1) Enumerate operating goals and objectives for each major
business activity and for all new business activities, which must
include plans for maximizing activities that further the Bank's housing
finance and community lending mission, consistent with part 1265 of
this chapter;
(2) Discuss how the Bank will address credit needs and market
opportunities identified through ongoing market research and
consultations with members, associates, and public and private
organizations;
(3) Establish quantitative performance goals for Bank products
related to multi-family housing, small business, small farm and small
agri-business lending;
(4) Describe any proposed new business activities or enhancements
of existing activities; and
(5) Be supported by appropriate and timely research and analysis of
relevant market developments and member and associate demand for Bank
products and services.
(b) Review and monitoring. Each Bank's board of directors shall:
(1) Review the Bank's strategic business plan at least annually;
(2) Re-adopt the Bank's strategic business plan, including interim
amendments, not less often than every three years; and
(3) Establish management reporting requirements and monitor
implementation of the strategic business plan and the operating goals
and objectives contained therein.
(c) Report to FHFA. Each Bank shall submit to FHFA annually a
report analyzing and describing the Bank's performance in achieving the
goals described in paragraph (a)(3) of this section.
Sec. 1239.32 Internal control system.
(a) Establishment and maintenance. (1) Each Bank shall establish
and maintain an effective internal control system that addresses:
(i) The efficiency and effectiveness of Bank activities;
(ii) The safeguarding of Bank assets;
(iii) The reliability, completeness, and timely reporting of
financial and management information, and transparency of such
information to the Bank's board of directors and to FHFA; and
(iv) Compliance with applicable laws, regulations, policies,
supervisory determinations, and directives of the Bank's board of
directors and senior management.
(2) Ongoing internal control activities necessary to maintain the
internal control system required under paragraph (a)(1) of this section
shall include, but are not limited to:
(i) Top level reviews by the Bank's board of directors and senior
management, including review of financial presentations and performance
reports;
(ii) Activity controls, including review of standard performance
and exception reports by department-level management on an appropriate
periodic basis;
(iii) Physical and procedural controls to safeguard, and prevent
the unauthorized use of, assets;
(iv) Monitoring for compliance with the risk tolerance limits set
forth in the Bank's risk management policy;
(v) Any required approvals and authorizations for specific
activities; and
(vi) Any required verifications and reconciliations for specific
activities.
(b) Internal control responsibilities of Banks' boards of
directors. Each Bank's board of directors shall ensure that the
internal control system required under paragraph (a)(1) of this section
is established and maintained, and shall oversee senior management's
implementation of such a system on an ongoing basis, by:
(1) Conducting periodic discussions with senior management
regarding the effectiveness of the internal control system;
(2) Ensuring that an internal audit of the internal control system
is performed annually and that such annual audit is reasonably designed
to be effective and comprehensive;
(3) Requiring that internal control deficiencies be reported to the
Bank's board of directors in a timely manner and that such deficiencies
are addressed promptly;
(4) Conducting a timely review of evaluations of the effectiveness
of the internal control system made by internal auditors, external
auditors, and FHFA examiners;
(5) Directing senior management to address promptly and effectively
recommendations and concerns expressed by internal auditors, external
auditors, and FHFA examiners regarding weaknesses in the internal
control system;
(6) Reporting any internal control deficiencies found, and the
corrective action taken, to FHFA in a timely manner;
(7) Establishing, documenting, and communicating an organizational
structure that clearly shows lines of authority within the Bank,
provides for effective communication throughout the Bank, and ensures
that there are no gaps in the lines of authority;
(8) Reviewing all delegations of authority to specific personnel or
committees and requiring that such delegations state the extent of the
authority and responsibilities delegated; and
(9) Establishing reporting requirements, including specifying the
nature and frequency of reports it receives.
(c) Internal control responsibilities of Banks' senior management.
Each Bank's
[[Page 4428]]
senior management shall be responsible for carrying out the directives
of the Bank's board of directors, including the establishment,
implementation, and maintenance of the internal control system required
under paragraph (a)(1) of this section, by:
(1) Establishing, implementing, and effectively communicating to
Bank personnel policies and procedures that are adequate to ensure that
internal control activities necessary to maintain an effective internal
control system, including the activities enumerated in paragraph (a)(2)
of this section, are an integral part of the daily functions of all
Bank personnel;
(2) Ensuring that all Bank personnel fully understand and comply
with all policies, procedures, and legal requirements applicable to
their positions and responsibilities;
(3) Ensuring that there is appropriate segregation of duties among
Bank personnel and that personnel are not assigned conflicting
responsibilities;
(4) Establishing effective paths of communication upward, downward,
and across the organization in order to ensure that Bank personnel
receive necessary and appropriate information, including:
(i) Information relating to the operational policies and procedures
of the Bank;
(ii) Information relating to the actual operational performance of
the Bank;
(iii) Adequate and comprehensive internal financial, operational,
and compliance data; and
(iv) External market information about events and conditions that
are relevant to decision making;
(5) Developing and implementing procedures that translate the major
business strategies and policies established by the Bank's board of
directors into operating standards;
(6) Ensuring adherence to the lines of authority and responsibility
established by the Bank's board of directors;
(7) Overseeing the implementation and maintenance of management
information and other systems;
(8) Establishing and implementing an effective system to track
internal control weaknesses and the actions taken to correct them; and
(9) Monitoring and reporting to the Bank's board of directors the
effectiveness of the internal control system on an ongoing basis.
Sec. 1239.33 Audit committee.
(a) Establishment. The audit committee of each Bank established as
required by Sec. 1239.5(b) of this chapter, shall be consistent with
the requirements set forth in this section.
(b) Composition. (1) The audit committee shall comprise five or
more persons drawn from the Bank's board of directors, each of whom
shall meet the criteria of independence set forth in paragraph (c) of
this section.
(2) The audit committee shall include a balance of representatives
of:
(i) Community financial institutions and other members; and
(ii) Independent and member directors of the Bank.
(3) The terms of audit committee members shall be appropriately
staggered so as to provide for continuity of service.
(4) At least one member of the audit committee shall have extensive
accounting or related financial management experience.
(c) Independence. Any member of the Bank's board of directors shall
be considered to be sufficiently independent to serve as a member of
the audit committee if that director does not have a disqualifying
relationship with the Bank or its management that would interfere with
the exercise of that director's independent judgment. Such
disqualifying relationships include, but are not limited to:
(1) Being employed by the Bank in the current year or any of the
past five years;
(2) Accepting any compensation from the Bank other than
compensation for service as a board director;
(3) Serving or having served in any of the past five years as a
consultant, advisor, promoter, underwriter, or legal counsel of or to
the Bank; or
(4) Being an immediate family member of an individual who is, or
has been in any of the past five years, employed by the Bank as an
executive officer.
(d) Charter. (1) The audit committee and the board of directors of
each Bank shall:
(i) Review, and assess the adequacy of, the Bank's audit committee
charter on an annual basis;
(ii) Amend the audit committee charter as appropriate; and
(iii) Re-adopt and re-approve, respectively, the Bank's audit
committee charter not less often than every three years.
(2) Each Bank's audit committee charter shall:
(i) Provide that the audit committee has the responsibility to
select, evaluate and, where appropriate, replace the internal auditor
and that the internal auditor may be removed only with the approval of
the audit committee;
(ii) Provide that the internal auditor shall report directly to the
audit committee on substantive matters and that the internal auditor is
ultimately accountable to the audit committee and board of directors;
and
(iii) Provide that both the internal auditor and the external
auditor shall have unrestricted access to the audit committee without
the need for any prior management knowledge or approval.
(e) Duties. Each Bank's audit committee shall have the duty to:
(1) Direct senior management to maintain the reliability and
integrity of the accounting policies and financial reporting and
disclosure practices of the Bank;
(2) Review the basis for the Bank's financial statements and the
external auditor's opinion rendered with respect to such financial
statements (including the nature and extent of any significant changes
in accounting principles or the application therein) and ensure that
policies are in place that are reasonably designed to achieve
disclosure and transparency regarding the Bank's true financial
performance and governance practices;
(3) Oversee the internal audit function by:
(i) Reviewing the scope of audit services required, significant
accounting policies, significant risks and exposures, audit activities,
and audit findings;
(ii) Assessing the performance and determining the compensation of
the internal auditor; and
(iii) Reviewing and approving the internal auditor's work plan.
(4) Oversee the external audit function by:
(i) Approving the external auditor's annual engagement letter;
(ii) Reviewing the performance of the external auditor; and
(iii) Making recommendations to the Bank's board of directors
regarding the appointment, renewal, or termination of the external
auditor;
(5) Provide an independent, direct channel of communication between
the Bank's board of directors and the internal and external auditors;
(6) Conduct or authorize investigations into any matters within the
audit committee's scope of responsibilities;
(7) Ensure that senior management has established and is
maintaining an adequate internal control system within the Bank by:
(i) Reviewing the Bank's internal control system and the resolution
of identified material weaknesses and significant deficiencies in the
internal control system, including the prevention or detection of
management override or compromise of the internal control system; and
[[Page 4429]]
(ii) Reviewing the programs and policies of the Bank designed to
ensure compliance with applicable laws, regulations and policies, and
monitoring the results of these compliance efforts;
(8) Review the policies and procedures established by senior
management to assess and monitor implementation of the Bank's strategic
business plan and the operating goals and objectives contained therein;
and
(9) Report periodically its findings to the Bank's board of
directors.
(f) Meetings. The audit committee shall prepare written minutes of
each audit committee meeting.
Sec. 1239.34 Dividends.
A Bank's board of directors may not declare or pay a dividend based
on projected or anticipated earnings and may not declare or pay a
dividend if the par value of the Bank's stock is impaired or is
projected to become impaired after paying such dividend.
CHAPTER XVII--OFFICE OF FEDERAL HOUSING ENTERPRISE OVERSIGHT,
DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT
Subchapter C--Safety and Soundness
PART 1710--[REMOVED]
0
6. Remove part 1710.
PART 1720--[REMOVED]
0
7. Remove part 1720.
Dated: January 15, 2014.
Melvin L. Watt,
Director, Federal Housing Finance Agency.
[FR Doc. 2014-01173 Filed 1-27-14; 8:45 am]
BILLING CODE 8070-01-P