Prudential regulationi Regulatory reporting requirements and bank examinations
Regulators have two primary tools to supervise BHCs and banks: regulatory reporting requirements and on-site examinations. BHCs and banks are subject to extensive financial, structural and other periodic reporting requirements. Financial reporting requirements for banks include capital, asset and liability data reported quarterly on call reports, and requirements for BHCs include financial statements for the BHC and certain non-bank subsidiaries. BHCs must also provide annual reports to the Federal Reserve that detail their shareholders and organisational structure. Banking institutions that are experiencing financial difficulties or that are not in compliance with regulatory requirements face more frequent and additional reporting obligations.
Bank regulators also conduct on-site examinations of BHCs and banks. Regulators generally conduct three principal types of formal examinations: safety and soundness, or full scope, which determine the bank's fundamental financial health and generally occur every 12 or 18 months; compliance examinations covering consumer compliance and fair lending issues; and speciality examinations covering areas such as trust activities and information technology infrastructure.
Congress expanded bank regulators' authority to examine entities beyond BHCs and banks in the Dodd-Frank Act. For instance, the Federal Reserve was granted the authority to examine functionally regulated subsidiaries (i.e., subsidiaries whose activities are regulated by another US regulatory authority, such as the SEC) and all insured depository institutions (IDIs) (including those for which the Federal Reserve is not currently the primary federal banking regulator).
The Dodd-Frank Act also requires the Federal Reserve to examine the permissible activities of BHCs' non-depository institution subsidiaries that are not functionally regulated or subsidiaries of a depository institution. The Federal Reserve must examine these entities subject to the same standards and with the same frequency as would be required if the activities were conducted in the lead IDI. With respect to federal consumer financial law, these expanded examination authorities are shared with the Consumer Financial Protection Bureau (CFPB), as described in more detail in Section IV.iv.
Aside from transactions such as mergers and acquisitions or other matters that require formal approvals, bank regulators are also routinely informed or involved on a more informal basis with certain key decisions contemplated by a bank or BHC, including capital-raising activities, dividend policies, and changes in business plans or strategies.ii Deposit insurance requirements
The Dodd-Frank Act permanently increased the Standard Maximum Deposit Insurance Amount (SMDIA) to US$250,000. For a foreign bank to establish or operate a state branch without federal deposit insurance, the branch, in addition to meeting other requirements, may accept initial deposits only in an amount equal to the SMDIA or greater.
In addition, the Dodd-Frank Act changed how the FDIC assesses deposit insurance premiums against IDIs. An IDI's quarterly deposit insurance assessment is determined by multiplying its assessment rate by its assessment base. An IDI's assessment base was historically its domestic deposits, with some adjustments. The Dodd-Frank Act, however, requires the FDIC to redefine the assessment base as average consolidated total assets minus average tangible equity during the assessment period. As a result, the distribution of assessments and the cost of federal deposit insurance has been shifted to larger banks, which fund a greater percentage of their balance sheet through non-deposit liabilities. The FDIC uses an assessment system for large IDIs and highly complex IDIs that combines supervisory ratings and certain financial measures into two scorecards, one for most large IDIs and another for highly complex IDIs, and modifies and introduces new assessment rate adjustments.iii Management of banks
The two traditional areas of regulatory focus on the management of banks have been the responsibilities and duties of BHCs and bank boards, directors and senior management, and the regulation of insider loans.
Bank and BHC boards of directors are different from corporate boards in that they normally have more competing interests to balance, such as shareholder, depositor, parent holding company (in the case of a bank), creditor and regulatory interests. Bank and BHC boards are generally responsible for overseeing management plans and ensuring that adequate controls and systems are in place to identify and manage risk, while management is responsible for the implementation, integrity and maintenance of risk-management systems. Bank examiners normally review bank and BHC board performance and make recommendations for improvement if they find weaknesses. The Federal Reserve has recently devoted additional attention to these issues, issuing proposed guidance for large financial institutions on board effectiveness and supervisory expectations for management.
The Federal Reserve Act of 1913 (FRA) and implementing regulations also govern extensions of credit by a bank to an executive officer, director or principal shareholder of that bank, of a BHC of which the member bank is a subsidiary or of any other subsidiary of that BHC. In general, a bank may not extend credit to any such insider unless the extension of credit is made on substantially all the same terms, and subject to no less stringent credit underwriting procedures, as those for comparable transactions by the bank with persons who are not insiders and not employed by the bank, and the transaction does not involve more than the normal repayment risk or present other unfavourable features. The Dodd-Frank Act expanded the types of transactions subject to insider lending limits to include derivative transactions, repurchase agreements, and securities lending or borrowing transactions. It also imposed limitations on the sale of assets to, or the purchase of assets from, insiders by requiring that such transactions be on market terms and, in the case of significant transactions, have the approval of the majority of disinterested board members.iv Enhanced prudential standards
Section 165 of the Dodd-Frank Act, as amended by the EGRRCPA, subjects BHCs with total consolidated assets of US$100 billion or more and systemically important non-bank financial companies to enhanced prudential standards (EPS) and other standards, and enhanced reporting and disclosure requirements. In November 2019, this statutory threshold will increase from US$100 billion to US$250 billion, although the Federal Reserve has the authority under the EGRRCPA to apply any of the EPS requirements to any BHC with US$100 billion or more but less than US$250 billion in total consolidated assets. The heightened standards include increased capital and liquidity requirements, leverage limits, contingent capital, resolution plans, credit exposure reporting, concentration limits, public disclosures and short-term debt limits. The Financial Stability Oversight Council (FSOC) is authorised to make recommendations to the Federal Reserve concerning prudential standards, and the Federal Reserve must consider those recommendations in prescribing standards.
All BHCs covered by the relevant rules finalised by the Federal Reserve under Section 165 of the Dodd-Frank Act must comply with, and hold capital commensurate with, the requirements of any regulations adopted by the Federal Reserve related to capital plans and stress tests, including the Federal Reserve's capital planning rule. The capital planning rule, described in greater detail below, requires firms to meet minimum capital regulatory requirements under economic scenarios published by the Federal Reserve.
The liquidity provisions of the final rules require covered BHCs to maintain a sufficient quantity of highly liquid assets to survive a projected 30-day liquidity stress event, conduct regular liquidity stress tests and implement liquidity risk-management requirements, including periodic reviews of business lines for liquidity risks. A BHC's board of directors is ultimately responsible for liquidity risk management, including periodic review, and a risk committee is responsible for approving a contingency funding plan to address potential liquidity stress events.
BHCs with total consolidated assets of US$50 billion or more must also comply with a range of corporate governance requirements, such as establishing a risk committee of the board of directors, and appointing a chief risk officer with defined responsibilities.
The final rules also incorporate the Federal Reserve's supervisory stress test and company-run stress test requirements for covered companies. The stress tests, which are designed to assess firms' capital adequacy, involve nine-quarter planning horizons under both supervisory and company-designed scenarios. The Federal Reserve publishes public summaries of companies' stress test results, with more detailed information remaining confidential. The stress tests are designed to work in tandem with the capital planning rule, which requires large US BHCs to submit annual capital plans to the Federal Reserve for approval while demonstrating capital adequacy under baseline, adverse and severely adverse scenarios.
The final rule also implements a provision of Section 165 that imposes a 15:1 debt-to-equity limit on any BHC that is determined by the FSOC to represent a grave threat to US financial stability.
In June 2018, the Federal Reserve finalised a rule to implement single-counterparty credit limits. The final rule limits net credit exposure to any single counterparty to 25 per cent of Tier 1 capital for BHCs with US$250 billion or more in total consolidated assets. A more stringent net credit exposure limit of 15 per cent of Tier 1 capital would apply to the US global systemically important banks (G-SIBs) with respect to certain large counterparties, including other G-SIBs and non-bank SIFIs. The rule also requires BHCs to aggregate exposures between counterparties that are economically interdependent or in the presence of certain control relationships. Compliance is required beginning on 1 January 2020 for G-SIBs and beginning on 1 July 2020 for all other covered companies.
The early remediation regime in rules proposed in 2012 would address material financial distress or management weaknesses at any company covered by the proposed rules. A company would be placed into one of four early remediation levels based on triggers related to capital and leverage, forward-looking stress tests, risk management or liquidity. In addition, under the proposed rules, a company may be considered for placement into the lowest early remediation category in response to volatility in certain market indicators tied to the company's financial strength. The four levels of early remediation, which include increasingly severe limitations and requirements, are heightened supervisory review, initial remediation, recovery and resolution assessment. As at 31 December 2018, the Federal Reserve had not yet adopted final rules implementing the early remediation framework.v Regulation of foreign banking organisations
On 18 February 2014, the Federal Reserve adopted final rules that use a tiered approach for applying US capital, liquidity and other Dodd-Frank EPS to the US operations of foreign banking organisations (FBOs) with total global consolidated assets of US$50 billion or more (large FBOs). The most burdensome requirements apply to FBOs with US$50 billion or more in US assets, excluding US branch and agency assets, and certain other US assets (each such FBO, an IHC FBO). Fewer requirements apply to FBOs with limited US footprints, but a large FBO that is not subject to the requirement to form a US intermediate holding company (IHC) must still comply with new EPS, including liquidity, stress testing and risk management requirements.
An IHC FBO must create a separately capitalised, top-tier US IHC to hold substantially all of its ownership interests in its US bank and non-bank subsidiaries. For the purposes of identifying subsidiaries, the final rule relies on the BHC Act definition of control, including the facts and circumstances-based controlling influence test. With very limited exceptions, an IHC FBO may not retain any ownership interest in the US subsidiary directly or through non-US affiliates. However, the final rule does not require an IHC FBO to be the 100 per cent owner of any US subsidiary. In other words, an IHC FBO is not required to buy out other, unaffiliated third-party investors in a US subsidiary. Regardless of whether an IHC controls a US bank, an IHC will be subject to US Basel III (subject to limited adjustments), capital planning and Dodd-Frank company-run and supervisory stress-testing requirements, qualitative and quantitative liquidity standards, risk-management standards and other EPS. In addition, the Federal Reserve has the authority to examine any IHC and any IHC subsidiary. Although the US branches and agencies of an IHC FBO's foreign bank are not required to be held beneath the IHC, they are also subject to certain EPS.
A large FBO with US$50 billion or more in US assets (including US branch and agency assets) is subject to a qualitative liquidity framework that includes liquidity risk management and related governance requirements, as well as a requirement to maintain separate US liquidity buffers (based on results of internal liquidity stress tests) for its US branches or agencies and, if applicable, its IHC. The liquidity buffers must consist of unencumbered highly liquid assets sufficient to meet net stressed cash flow needs. The Federal Reserve's prescribed method for calculating net stressed cash flow needs distinguishes between external and internal stressed cash flow needs such that internal cash flows cannot be used to offset external cash flows; it is designed to minimise maturity mismatches such that intragroup cash flow sources may offset intragroup cash flow needs of the US branches or agencies or IHC only to the extent that the term of the intragroup cash flow source is the same as or shorter than the term of the intragroup cash flow need.
FBOs that meet the characteristics of G-SIBs, FBOs with US$250 billion or more in total global consolidated assets and US IHCs are subject to single-counterparty credit limit requirements established by the Federal Reserve. Under these requirements, which become effective in 2020, an FBO that meets the characteristics of a global systemically important bank will be required to limit, with respect to its combined US operations, its net credit exposure to each counterparty to 15 per cent of Tier 1 capital. Other FBOs with US$250 billion or more in total global consolidated assets and their US IHCs will be subject to single-counterparty net credit exposure limits of 25 per cent of Tier 1 capital, while US IHCs of FBOs with US$50 billion or more but less than US$250 billion in total global consolidated assets will be subject to single-counterparty net credit exposure limits of 25 per cent of capital stock and surplus, which is a broader base than Tier 1 capital.
EPS of more general applicability to FBOs include risk management requirements. All large FBOs, as well as publicly traded FBOs with US$10 billion or more in total global consolidated assets (public mid-size FBO), must establish a US risk committee. A large FBO with US$50 billion or more in US assets (including US branch and agency assets) that conducts its operations through US branches or agencies (in addition to its IHC, if any) may maintain its US risk committee either as a committee of its global board of directors, on a stand-alone basis or as part of its enterprise-wide risk committee, or as a committee of its IHC's board of directors, on a stand-alone basis or as a joint committee with the IHC's risk committee. The US risk committee for an IHC FBO must include at least one member with experience in identifying, assessing and managing risk exposures of large, complex financial firms and at least one member who meets certain independence requirements. A large FBO with US$50 billion or more in US assets (including US branch and agency assets) must also employ a US chief risk officer with specified risk management expertise and responsibilities, and must adopt a risk management framework for its combined US operations. The US risk committee of a large FBO with less than US$50 billion in US assets or a public mid-size FBO is not subject to the independent committee member requirement, but must have at least one committee member with experience in identifying, assessing and managing risk exposures of large, complex firms, which may be acquired in a non-banking or non-financial field.
The Federal Reserve must still finalise an early remediation framework that would apply to US operations of an FBO.vi Regulatory capital
Regulatory capital emerged from the global financial crisis of 2008 as one of bank regulators' primary areas of supervisory focus. This part focuses on the US implementation of the Basel Committee on Banking Supervision's (Basel Committee) third accord on regulatory capital, known as Basel III, and related provisions in the Dodd-Frank Act.
Federal Reserve policy and regulations traditionally required a BHC to act as a source of financial and managerial strength to each of its subsidiary banks and to commit resources to their support. This policy became a statutory requirement pursuant to the Dodd-Frank Act. Section 616(d) of the Dodd-Frank Act requires all companies that directly or indirectly control an IDI to serve as a source of strength for the institution. US banking agencies were required to issue regulations implementing this requirement not later than 21 July 2012, but as of 31 December 2018 had not proposed such regulations.
Under the Dodd-Frank Act, as amended by the EGRRCPA, US BHCs with consolidated assets of US$100 billion or more (large BHCs) and non-bank SIFIs are subject to periodic (or in the case of US G-SIBs and US BHCs with consolidated assets of US$250 billion or more, annual) supervisory and company-run stress tests. Supervisory stress tests, along with related capital plans required by Federal Reserve rules, are part of the supervisory process for large US BHCs. Companies subject to stress test requirements must publish summaries of their company-run stress test results, and the Federal Reserve must publish summaries of its supervisory stress test results.
The Federal Reserve has integrated capital planning and DFAST requirements into its CCAR, an annual exercise designed to ensure that large BHCs have robust, forward-looking capital planning processes and sufficient capital to continue operations throughout times of economic and financial stress. Capital plans incorporate projected capital distributions over a planning horizon of at least nine quarters and are submitted to the Federal Reserve for non-objection. Among other things, the capital plan must demonstrate a large BHC's ability to maintain capital above each minimum regulatory capital ratio on a pro forma basis after taking planned capital actions, such as planned distributions, under baseline, adverse and severely adverse economic conditions throughout the planning horizon. Large BHCs must submit their capital plans by April 5 of the year of the applicable capital planning cycle, and the Federal Reserve must take action by 30 June. If the Federal Reserve objects to a capital plan on either quantitative or qualitative grounds, the company generally may not increase dividends or make other changes to capital distributions. In January 2017, the Federal Reserve adopted a rule that removed certain large and non-complex firms from the scope of the Federal Reserve's qualitative assessment of their capital plans and that reduced certain reporting requirements for these firms.US Basel III
US Basel III is the most complete overhaul of US bank capital standards in nearly a quarter of a century. It comprehensively revises the regulatory capital framework for the entire US banking sector, and has significant implications for all US banking organisations from business, operations, M&A and regulatory compliance perspectives.
US Basel III applies to all national banks, state member and non-member banks, and state and federal savings associations regardless of size. The regulation also applies to all BHCs and covered SLHCs other than certain BHCs and SLHCs with less than US$1 billion in total assets. However, the bank and thrift subsidiaries of these small BHCs and SLHCs are still subject to US Basel III.
US Basel III implements many aspects of the Basel Committee's Basel III capital standards, including higher minimum risk-based capital ratios, capital buffers, revised eligibility criteria for Common Equity Tier 1, Additional Tier 1 and Tier 2 capital instruments, certain deductions from and adjustments to regulatory capital, and the recognition of minority interests. US Basel III introduces a revised and expanded standardised approach for calculating risk-weighted assets (RWAs), the denominator of the risk-based capital ratios, which replaced the previously applicable Basel I-based rules. In addition to the standardised approach, large and internationally active US banking organisations (i.e., those with US$250 billion or more in total consolidated assets or US$10 billion or more in total on-balance sheet foreign exposure) must calculate RWAs using the advanced internal ratings-based approach for credit risk and advanced measurement approaches for operational risk (together, advanced approaches). A key difference between the standardised approach and advanced approaches is that the former mandates the use of standardised risk weights and methodologies for calculating RWAs, whereas the latter permit the use of supervisor-approved internal models and methodologies that meet specified qualitative and quantitative requirements, which generally give rise to more risk-sensitive measurements.
US Basel III implements the capital floor requirement of Section 171 of the Dodd-Frank Act (known as the Collins Amendment) by requiring advanced approaches banking organisations to calculate their risk-based capital ratios using both the standardised approach and the advanced approaches. An advanced approaches banking organisation's risk-based capital ratios for regulatory purposes, including for calculating capital buffers, are the lower of each ratio calculated under the standardised approach and advanced approaches.
As of January 2018, advanced approaches banking organisations must also maintain a minimum supplementary leverage ratio of 3 per cent. The supplementary leverage ratio is based on the Basel Committee's Basel III leverage ratio. The US banking agencies have established enhanced supplementary leverage ratio standards for the eight US BHCs identified by the Financial Stability Board as G-SIBs as well as their IDI subsidiaries. Under the enhanced supplementary leverage ratio standards, a US G-SIB's IDI subsidiaries must maintain a supplementary leverage ratio of at least 6 per cent to be considered well-capitalised for regulatory purposes. A US G-SIB, on a global consolidated basis, must maintain a leverage capital buffer that functions in a similar way to US Basel III's risk-based capital buffers - the capital conservation buffer, the countercyclical buffer and the G-SIB capital surcharge. Specifically, a US G-SIB that does not maintain a supplementary leverage ratio of greater than 5 per cent (i.e., a buffer of more than 2 per cent on top of the 3 per cent minimum) will be subject to increasingly stringent restrictions on its ability to make capital distributions and discretionary bonus payments.
Besides the enhanced supplementary leverage ratio requirements, US G-SIBs are also subject to a risk-based capital surcharge buffer under US Basel III, which implements the Basel Committee's G-SIB capital surcharge standard with certain modifications. The G-SIB capital surcharge functions as an extension of the Basel III capital conservation buffer, requiring each G-SIB to hold an additional buffer of Common Equity Tier 1 capital, on top of the capital conservation and countercyclical buffers, to avoid limitations on making capital distributions and discretionary bonus payments. Under the US implementation of the G-SIB capital surcharge, the resulting buffers for the eight US G-SIBs currently range from 1.5 to 3.5 per cent of RWAs, depending on the size of the G-SIB's systemic footprint. The US implementation modifies the measure of each US G-SIB's systemic footprint to include a component linked to the G-SIB's reliance on short-term wholesale funding.
US banking agencies proposed further amendments to US Basel III and the Federal Reserve's capital planning and stress testing rules that would simplify and tailor requirements for non-advanced approaches banking organisations; enhance the transparency of supervisory scenarios, models and assumptions used in capital planning and stress testing; simplify the interactions between capital requirements and capital planning requirements for certain large banking or other financial organisations; and recalibrate the enhanced supplementary leverage ratio requirement for US G-SIBs and their US IDI subsidiaries. In November 2017, in connection with the proposal to simplify and tailor requirements for non-advanced approaches, the US banking agencies finalised a rule to freeze the final step of the transition provisions for certain US Basel III requirements applicable to non-advanced approaches banking organisations. The Federal Reserve in April 2018 proposed a rule that would change how stress testing is used to impose capital requirements for large BHCs by incorporating a firm's modelled stress losses directly into the firm's point-in-time capital requirements. The proposal would replace the 2.5 per cent fixed portion of the capital conservation buffer with a new stress capital buffer (on top of the G-SIB surcharge and any applicable countercyclical capital buffer) and would impose a new stress leverage buffer, each based on a firm's peak-to-trough stress losses and four quarters of planned dividends.
In December 2017, the Basel Committee finalised revisions to the international Basel III standards, marking the finalisation and completion by the Basel Committee of all remaining components of the Basel III framework. The primary purpose of this final set of revisions was to reduce excessive variability in RWAs and to restore credibility in the calculation of RWAs by enhancing the robustness and risk sensitivity of the standardised approaches for credit risk and operational risk, constraining the use of internally modelled approaches and complementing the risk-weighted capital ratio with a finalised leverage ratio and a revised capital floor. In January 2019, following its fundamental review of the trading book, the Basel Committee finalised updated minimum capital requirements for market risk. As of 31 December 2018, the US banking agencies have not proposed rules to implement the revisions to the international Basel III standards, including the market risk requirements, in the United States.vii Resolution planning
Section 165(d) under Title I of the Dodd-Frank Act requires all BHCs and FBOs with assets of US$50 billion or more, or any non-bank financial institution that has been designated as systemically important, to prepare and regularly update a resolution plan (Title I resolution plan). Under the final rules implementing this provision, these entities must each periodically submit a report regarding the company's plan for rapid and orderly resolution under the US Bankruptcy Code or other applicable insolvency law in the event of material financial distress at or failure of the company. In May 2018, the EGRRCPA raised the asset threshold for financial institutions that need to submit resolution plans - resolution plans are now statutorily required for BHCs with assets of US$250 billion or more; any BHC, regardless of asset size, that has been identified as a G-SIB; any BHC with assets of US$100 billion or more for which the Federal Reserve by order or rule chooses to require a resolution plan; and any non-bank financial institution that has been designated as systemically important. The EGRRCPA also made clear that its changes do not alter the Federal Reserve's treatment of FBOs with assets of US$100 billion or more under pre-existing regulations. Although regulators have indicated that they will enforce resolution planning requirements consistently with the new thresholds established in the EGRRCPA, revised implementing regulations have not yet been proposed as of 31 December 2018.
The resolution plan is submitted to and evaluated by the Federal Reserve and the FDIC. If the plan were deficient, or deemed not credible, the Federal Reserve and the FDIC could jointly agree to impose increasingly onerous restrictions on the company until the plan is determined to be credible. The FDIC separately requires all US IDIs with assets of US$50 billion or more to also submit and regularly update a resolution plan. Resolution planning is one of the areas that has frequently been identified by the Federal Reserve and the FDIC as one of potential financial regulatory reform and tailoring, including by extending the filing deadlines between resolution plan submissions. On 20 December 2018, the Federal Reserve and FDIC issued guidance for the largest US financial institutions regarding their 2019 resolution plan submissions, and senior officials of the Federal Reserve and FDIC, including FDIC Chair Jelena McWilliams in November 2018, publicly discussed Federal Reserve and FDIC efforts to propose amendments to tailor and focus their resolution planning regulations in light of the EGRRCPA, suggesting the likelihood of changes in the near future.viii Orderly liquidation authority
Title II of the Dodd-Frank Act includes an orderly liquidation authority (OLA), modelled on the US bank resolution authority in the Federal Deposit Insurance Act, which would allow the government, under certain circumstances, to resolve a US financial company outside the bankruptcy process.
Specifically, if a determination to place a financial company under this resolution regime were made, the FDIC would step in as receiver of the company, with the authority to sell all or any assets and liabilities to a third party, or establish one or more bridge financial companies to hold the part of the business worth preserving until it could be recapitalised, sold or liquidated in an orderly fashion. The Act provides for an orderly liquidation fund to be used to provide liquidity to the covered financial company or bridge financial company. That fund would not be pre-funded, but rather would be funded initially through borrowing from the US Treasury. Any loss in the fund would be paid back over time, either through a clawback from creditors who received additional benefits or through assessments on eligible financial companies.
On 15 July 2011, the FDIC issued a final rule implementing certain provisions of OLA, including:
- how the preferential transfer and fraudulent transfer provisions of OLA will be harmonised with the Bankruptcy Code;
- the priorities of administrative expenses and unsecured claims;
- the obligations of bridge financial companies with respect to assumed claims and the use of any proceeds realised from the sale or other disposition of the bridge;
- certain details of the FDIC's administrative claims process;
- special rules for secured claims;
- proposals for determining whether senior executives or directors of a covered financial company were substantially responsible for its failure and may therefore be ordered to return up to two years of their remuneration; and
- the treatment of claimants whose set-off rights are destroyed by the FDIC.
After public statements by the FDIC chair indicating that the FDIC's preferred method for resolving the largest and most complex banking groups under Title II is the single-point-of-entry (SPOE) recapitalisation model, the FDIC released a notice providing information about how the FDIC would carry out an SPOE recapitalisation in resolving a US G-SIB under Title II. Under the SPOE model, only the parent BHC of a banking group would be put into a resolution proceeding. All the parent's assets, including its ownership interests in operating subsidiaries, would be transferred to a bridge financial company. The transferred business would be recapitalised by leaving behind the failed company's equity capital and a sufficient amount of its unsecured long-term debt in a receivership. The operating subsidiaries would be recapitalised and kept out of insolvency proceedings by converting loans or other extensions of credit from the parent into new equity in the operating subsidiaries or otherwise downstreaming available parent assets to the subsidiaries. If the bridge financial holding company (FHC) or any of its operating subsidiaries were unable to obtain sufficient liquidity from the market, the Federal Reserve's discount window or Section 13(3) of the FRA, the FDIC could provide such liquidity with an orderly liquidation fund by borrowing from the US Treasury, subject to certain limits.ix Total loss-absorbing capacity
To facilitate an SPOE recapitalisation, the parent BHC of a banking group must have a sufficient amount of long-term debt or other resources capable of absorbing losses to be left behind in a receivership or bankruptcy proceeding. To that end, the application of a minimum requirement of total loss-absorbing capacity (TLAC) for G-SIBs was discussed by the international regulatory community for several years, resulting in the publication by the Financial Stability Board of a statement of principles and a term sheet for an international TLAC standard. On 15 December 2016, the Federal Reserve released a final rule implementing the international TLAC standard for the parent BHCs of US G-SIBs and IHCs created pursuant to EPS that are controlled by foreign G-SIBs. Under the rule, beginning on 1 January 2019, parent BHCs of US G-SIBs and IHCs that are controlled by foreign G-SIBs became subject to minimum TLAC requirements, separate minimum long-term debt requirements and clean holding company requirements intended to simplify holding company balance sheets. The BHCs and IHCs subject to the rule are generally able to satisfy TLAC requirements with a combination of Tier 1 capital instruments and unsecured long-term debt that, unlike short-term debt, would not run off as a G-SIB experiences financial distress. Separately, the rule requires parent BHCs of US G-SIBs and IHCs that are controlled by foreign G-SIBs to hold certain minimum amounts of unsecured long-term debt. The clean holding company requirements prohibit parent BHCs of US G-SIBs and IHCs that are controlled by foreign G-SIBs from entering into certain transactions that might impede an orderly resolution, such as issuing short-term debt to or entering into certain types of financial contracts with third parties, and limit the amount of operational liabilities and liabilities such as structured notes that rank pari passu or junior to TLAC in part to limit the risk of successful legal challenge to losses being imposed on holders of TLAC instruments.x Qualified financial contracts
One potential impediment to an SPOE recapitalisation is the inclusion of cross-default provisions in qualified financial contracts (QFCs) that would not be automatically stayed in a resolution of the parent BHC under ordinary insolvency proceedings. This would mean that a counterparty could terminate a QFC against a subsidiary based on the entry of its parent into resolution proceedings, even if the subsidiary otherwise remains operational and able to perform on its obligations, which could impair the continued viability of the subsidiary. This would defeat the purpose of an SPOE resolution, which is meant to enable subsidiaries of the parent BHC to continue operating without entering into their own bankruptcy or resolution proceedings.
The US banking agencies have issued final rules that would require US G-SIBs and the US operations of non-US G-SIBs to remediate certain QFCs to eliminate the ability of a counterparty to exercise any cross-default right against a G-SIB entity based on the top-tier parent's or any other affiliate's entry into insolvency, resolution, or similar proceedings, subject to certain creditor protections, and to eliminate the right of counterparties to object to the transfer of any related credit enhancements provided by an affiliate following the entry into any such proceedings. In addition, US G-SIBs and the US operations of non-US G-SIBs must amend certain QFCs to expressly recognise the FDIC's authority under the Federal Deposit Insurance Act and Title II of the Dodd-Frank Act (the OLA provisions described in Section III.viii) to impose a temporary stay on the ability of counterparties to exercise certain default rights, and to transfer the contracts of the failed institution to a third party or bridge institution. There is a phased-in compliance schedule based on counterparty type, beginning with 1 January 2019 for contracts with other US G-SIBs or the US operations of non-US G-SIBs, 1 July 2019 for contracts with certain other financial counterparties and 1 January 2020 for contracts with all other counterparties. The requirements apply to new and existing QFCs.
These rules complement the international protocol developed by the International Swaps and Derivatives Association (ISDA) at the request of various financial regulators around the world, including the Federal Reserve and the FDIC (ISDA Protocol). The ISDA Protocol provides for the contractual recognition of statutory stays under certain special resolution regimes and contractual limitations on early termination rights based on cross-defaults under ISDA master agreements and certain other types of financial contracts. The rules would enable relevant G-SIBs to comply with the requirements through adherence to the ISDA Protocol and its annexes or through a new US Protocol that is substantively similar to the ISDA Protocol, which was published by ISDA on 31 July 2018.xi Enhanced cyber risk management standards
As a result of recent high-profile cyberattacks on banks and other financial institutions, state and federal regulators have proposed new cybersecurity regulations to protect financial institutions and consumers to supplement the already expansive web of regulator-issued cybersecurity rules and guidance to which BHCs and banks are currently subject. In March 2017, the New York Department of Financial Services' (NYDFS) new cybersecurity regulations that apply to banks (including New York branches and agencies of foreign banks) and certain other financial institutions chartered or licensed in New York State became effective. The rules require covered entities to, among other things, establish and maintain a cybersecurity programme with a written cybersecurity policy, appoint a chief information security officer, conduct regular penetration testing and vulnerability assessments, create a written incident response plan, encrypt non-public information in transit and at rest, and certify compliance with the rules annually. The regulation includes a phase-in schedule, with the final compliance date being 1 March 2019. Covered entities will be required to certify compliance with the phase four requirements by 15 February 2020. We expect cybersecurity to continue to be an area of focus by lawmakers and regulatory agencies in the United States.xii Fintech charters
Fintech charters continue to be an area of interest in the United States. On 31 July 2018, the OCC issued a policy statement announcing that it would consider applications from fintech companies to become special purpose national banks. In contrast to the regulatory sandbox initiatives by some non-US regulators, the OCC's special-purpose charter, like all national bank charters, comes with a host of regulatory obligations and activity limitations. The special purpose national bank charter is available to qualifying companies engaged in a limited range of banking activities, including paying cheques or lending money, but that do not take deposits. Concurrent with the announcement, the OCC issued a supplement to its licensing manual to provide guidance for evaluating special purpose national bank charters for fintech companies. Following the announcement, the NYDFS and the Conference of State Bank Supervisors separately filed suit against the OCC to stop it from granting applications for the special purpose national bank charter, arguing that the agency lacks the legal authority to charter non-depository institutions. As of 31 December 2018, the OCC had not received any applications for the special purpose national bank charter.xiii Virtual currencies
As digital assets have grown in both popularity and market size, the US Congress and a number of US federal and state agencies, including the SEC, the US Commodity Futures Trading Commission (CFTC) and the CFPB, have examined the operations of digital asset networks, with particular focus on the extent to which digital assets can be used to launder the proceeds of illegal activities or fund criminal or terrorist enterprises and the safety and soundness of exchanges or other service providers that take custody of digital assets for users. Many of these state and federal agencies have issued consumer advisories regarding the risks posed to investors in digital assets. The SEC and US state securities regulators have issued warnings that digital assets sold in initial coin offerings (ICOs) may be classified as securities and that both those digital assets and ICOs may be subject to securities regulations. In addition, federal and state agencies have issued rules or guidance about the treatment of digital asset transactions or requirements for businesses engaged in digital asset activity.