12 C.F.R. PART 917—POWERS AND RESPONSIBILITIES OF BANK BOARDS OF DIRECTORS AND SENIOR MANAGEMENT
Title 12 - Banks and Banking
Authority: 12 U.S.C. 1422a(a)(3), 1422b(a)(1), 1426, 1427, 1432(a), 1436(a), 1440.
Source: 65 FR 25274, May 1, 2000, unless otherwise noted.
As used in this part: Business risk means the risk of an adverse impact on a Bank's profitability resulting from external factors as may occur in both the short and long run. Community financial institution has the meaning set forth in §925.1 of this chapter. Contingency liquidity means the sources of cash a Bank may use to meet its operational requirements when its access to the capital markets is impeded, and includes: (1) Marketable assets with a maturity of one year or less; (2) Self-liquidating assets with a maturity of seven days or less; (3) Assets that are generally accepted as collateral in the repurchase agreement market; and (4) Irrevocable lines of credit from financial institutions rated not lower than the second highest credit rating category by an NRSRO. Credit risk means the risk that the market value, or estimated fair value if market value is not available, of an obligation will decline as a result of deterioration in creditworthiness. Immediate family member means a parent, sibling, spouse, child, dependent, or any relative sharing the same residence. Internal auditor means the individual responsible for the internal audit function at the Bank. Liquidity risk means the risk that a Bank will be unable to meet its obligations as they come due or meet the credit needs of its members and associates in a timely and cost-efficient manner. Market risk means the risk that the market value, or estimated fair value if market value is not available, of a Bank's portfolio will decline as a result of changes in interest rates, foreign exchange rates, equity and commodity prices. Operational liquidity means sources of cash from both a Bank's ongoing access to the capital markets and its holding of liquid assets to meet operational requirements in a Bank's normal course of business. Operations risk means the risk of an unexpected loss to a Bank resulting from human error, fraud, unenforceability of legal contracts, or deficiencies in internal controls or information systems. Reportable conditions means matters that represent significant deficiencies in the design or operation of the internal control system that could adversely affect a Bank's ability to record, process, summarize and report financial data consistent with the assertions of management. [65 FR 25274, May 1, 2000, as amended at 67 FR 12846, Mar. 20, 2002] (a) Management of a Bank. The management of each Bank shall be vested in its board of directors. While Bank boards of directors may delegate the execution of operational functions to Bank personnel, the ultimate responsibility of each Bank's board of directors for that Bank's management is non-delegable. (b) Duties of Bank directors. Each Bank director shall have the duty to: (1) Carry out his or her duties as director in good faith, in a manner such director believes to be in the best interests of the Bank, and with such care, including reasonable inquiry, as an ordinarily prudent person in a like position would use under similar circumstances; (2) Administer the affairs of the Bank fairly and impartially and without discrimination in favor of or against any member; (3) At the time of appointment or election, or within a reasonable time thereafter, have a working familiarity with basic finance and accounting practices, including the ability to read and understand the Bank's balance sheet and income statement and to ask substantive questions of management and the internal and external auditors; and (4) Direct the operations of the Bank in conformity with the requirements set forth in the Act and this chapter. (c) Authority regarding staff and outside consultants. (1) In carrying out its duties and responsibilities under the Act and this chapter, each Bank's board of directors and all committees thereof shall have authority to retain staff and outside counsel, independent accountants, or other outside consultants at the expense of the Bank. (2) Bank staff providing services to the board of directors or any committee of the board under paragraph (c)(1) of this section may be required by the board of directors or such committee to report directly to the board or such committee, as appropriate. (a) Risk management policy—(1) Adoption. Beginning August 29, 2000, each Bank's board of directors shall have in effect at all times a risk management policy that addresses the Bank's exposure to credit risk, market risk, liquidity risk, business risk and operations risk and that conforms to the requirements of paragraph (b) of this section and to all applicable Finance Board regulations and policies. (2) Review and compliance. Each Bank's board of directors shall: (i) Review the Bank's risk management policy at least annually; (ii) Amend the risk management policy as appropriate; (iii) Re-adopt the Bank's risk management policy, including interim amendments, not less often than every three years; and (iv) Ensure that policies and procedures are in place that are reasonably designed to achieve continuing Bank compliance with the risk management policy. (b) Risk management policy requirements. In addition to meeting any other requirements set forth in this chapter, each Bank's risk management policy shall: (1) After the Finance Board has approved a Bank's capital plan, but before the plan takes effect, the Bank shall amend its risk management policy to describe the specific steps the Bank will take to comply with its capital plan and to include specific target ratios of total capital and permanent capital to total assets at which the Bank intends to operate. The target operating capital-to-assets ratios to be specified in the risk management policy shall be in excess of the minimum leverage and risk-based capital ratios and may be expressed as a range of ratios or as a single ratio; (2) Set forth the Bank's tolerance levels for the market and credit risk components; and (3) Set forth standards for the Bank's management of each risk component, including but not limited to: (i) Regarding credit risk arising from all secured and unsecured transactions, standards and criteria for, and timing of, periodic assessment of the creditworthiness of issuers, obligors, or other counterparties including identifying the criteria for selecting dealers, brokers and other securities firms with which the Bank may execute transactions; (ii) Regarding market risk, standards for the methods and models used to measure and monitor such risk; (iii) Regarding day-to-day operational liquidity needs and contingency liquidity needs: (A) An enumeration of specific types of investments to be held for such liquidity purposes; and (B) The methodology to be used for determining the Bank's operational and contingency liquidity needs; (iv) Regarding operations risk, standards for an effective internal control system, including periodic testing and reporting; and (v) Regarding business risk, strategies for mitigating such risk, including contingency plans where appropriate. (c) Risk assessment. The senior management of each Bank shall perform, at least annually, a risk assessment that is reasonably designed to identify and evaluate all material risks, including both quantitative and qualitative aspects, that could adversely affect the achievement of the Bank's performance objectives and compliance requirements. The risk assessment shall be in written form and shall be reviewed by the Bank's board of directors promptly upon its completion. [65 FR 25274, May 1, 2000, as amended at 66 FR 8308, Jan. 30, 2001; 67 FR 12846, Mar. 20, 2002] (a) Adoption and review of member products policy—(1) Adoption. Beginning November 15, 2000, each Bank's board of directors shall have in effect at all times a policy that addresses the Bank's management of products offered by the Bank to members and housing associates, including but not limited to advances, standby letters of credit and acquired member assets, consistent with the requirements of the Act, paragraph (b) of this section, and all applicable Finance Board regulations and policies. (2) Review and compliance. Each Bank's board of directors shall: (i) Review the Bank's member products policy annually; (ii) Amend the member products policy as appropriate; and (iii) Re-adopt the member products policy, including interim amendments, not less often than every three years. (b) Member products policy requirements. In addition to meeting any other requirements set forth in this chapter, each Bank's member products policy shall: (1) Address credit underwriting criteria to be applied in evaluating applications for advances, standby letters of credit, and renewals; (2) Address appropriate levels of collateralization, valuation of collateral and discounts applied to collateral values for advances and standby letters of credit; (3) Address advances-related fees to be charged by each Bank, including any schedules or formulas pertaining to such fees; (4) Address standards and criteria for pricing member products, including differential pricing of advances pursuant to §950.5(b)(2) of this chapter, and criteria regarding the pricing of standby letters of credit, including any special pricing provisions for standby letters of credit that facilitate the financing of projects that are eligible for any of the Banks' CICA programs under part 952 of this chapter; (5) Provide that, for any draw made by a beneficiary under a standby letter of credit, the member will be charged a processing fee calculated in accordance with the requirements of §975.6(b) of this chapter; (6) Address the maintenance of appropriate systems, procedures and internal controls; and (7) Address the maintenance of appropriate operational and personnel capacity. [65 FR 44426, July 18, 2000, as amended at 67 FR 12846, Mar. 20, 2002] (a) Adoption of strategic business plan. Beginning on July 30, 2000, each Bank's board of directors shall have in effect at all times a strategic business plan that describes how the business activities of the Bank will achieve the mission of the Bank consistent with part 940 of this chapter. Specifically, each Bank's strategic business plan shall: (1) Enumerate operating goals and objectives for each major business activity and for all new business activities, which must include plans for maximizing activities that enhance the carrying out of the mission of the Bank, consistent with part 940 of this chapter; (2) Discuss how the Bank will: (i) Address credit needs and market opportunities identified through ongoing market research and consultations with members, associates and public and private organizations; and (ii) Notify members and associates of relevant programs and initiatives; (3) Establish quantitative performance goals for Bank products related to multi-family housing, small business, small farm and small agri-business lending; (4) Describe any proposed new business activities or enhancements of existing activities; and (5) Be supported by appropriate and timely research and analysis of relevant market developments and member and associate demand for Bank products and services. (b) Review and monitoring. Each Bank's board of directors shall: (1) Review the Bank's strategic business plan at least annually; (2) Amend the strategic business plan as appropriate; (3) Re-adopt the Bank's strategic business plan, including interim amendments, not less often than every three years; and (4) Establish management reporting requirements and monitor implementation of the strategic business plan and the operating goals and objectives contained therein. (c) Report to Finance Board. Each Bank shall submit to the Finance Board annually a report analyzing and describing the Bank's performance in achieving the goals described in paragraph (a)(3) of this section. [65 FR 25274, May 1, 2000, as amended at 67 FR 12846, Mar. 20, 2002] (a) Establishment and maintenance. (1) Each Bank shall establish and maintain an effective internal control system that addresses: (i) The efficiency and effectiveness of Bank activities; (ii) The safeguarding of Bank assets; (iii) The reliability, completeness and timely reporting of financial and management information and transparency of such information to the Bank's board of directors and to the Finance Board; and (iv) Compliance with applicable laws, regulations, policies, supervisory determinations and directives of the Bank's board of directors and senior management. (2) Ongoing internal control activities necessary to maintain the internal control system required under paragraph (a)(1) of this section shall include, but are not limited to: (i) Top level reviews by the Bank's board of directors and senior management, including review of financial presentations and performance reports; (ii) Activity controls, including review of standard performance and exception reports by department-level management on an appropriate periodic basis; (iii) Physical and procedural controls to safeguard, and prevent the unauthorized use of, assets; (iv) Monitoring for compliance with the risk tolerance limits set forth in the Bank's risk management policy; (v) Any required approvals and authorizations for specific activities; and (vi) Any required verifications and reconciliations for specific activities. (b) Internal control responsibilities of Banks' boards of directors. Each Bank's board of directors shall ensure that the internal control system required under paragraph (a)(1) of this section is established and maintained, and shall oversee senior management's implementation of such a system on an ongoing basis, by: (1) Conducting periodic discussions with senior management regarding the effectiveness of the internal control system; (2) Ensuring that an internal audit of the internal control system is performed annually and that such annual audit is reasonably designed to be effective and comprehensive; (3) Requiring that internal control deficiencies be reported to the Bank's board of directors in a timely manner and that such deficiencies are addressed promptly; (4) Conducting a timely review of evaluations of the effectiveness of the internal control system made by internal auditors, external auditors and Finance Board examiners; (5) Directing senior management to address promptly and effectively recommendations and concerns expressed by internal auditors, external auditors and Finance Board examiners regarding weaknesses in the internal control system; (6) Reporting any internal control deficiencies found, and the corrective action taken, to the Finance Board in a timely manner; (7) Establishing, documenting and communicating an organizational structure that clearly shows lines of authority within the Bank, provides for effective communication throughout the Bank, and ensures that there are no gaps in the lines of authority; (8) Reviewing all delegations of authority to specific personnel or committees and requiring that such delegations state the extent of the authority and responsibilities delegated; and (9) Establishing reporting requirements, including specifying the nature and frequency of reports it receives. (c) Internal control responsibilities of Banks' senior management. Each Bank's senior management shall be responsible for carrying out the directives of the Bank's board of directors, including the establishment, implementation and maintenance of the internal control system required under paragraph (a)(1) of this section, by: (1) Establishing, implementing and effectively communicating to Bank personnel policies and procedures that are adequate to ensure that internal control activities necessary to maintain an effective internal control system, including the activities enumerated in paragraph (a)(2) of this section, are an integral part of the daily functions of all Bank personnel; (2) Ensuring that all Bank personnel fully understand and comply with all policies, procedures and legal requirements applicable to their positions and responsibilities; (3) Ensuring that there is appropriate segregation of duties among Bank personnel and that personnel are not assigned conflicting responsibilities; (4) Establishing effective paths of communication upward, downward and across the organization in order to ensure that Bank personnel receive necessary and appropriate information, including: (i) Information relating to the operational policies and procedures of the Bank; (ii) Information relating to the actual operational performance of the Bank; (iii) Adequate and comprehensive internal financial, operational and compliance data; and (iv) External market information about events and conditions that are relevant to decision making; (5) Developing and implementing procedures that translate the major business strategies and policies established by the Bank's board of directors into operating standards; (6) Ensuring adherence to the lines of authority and responsibility established by the Bank's board of directors; (7) Overseeing the implementation and maintenance of management information and other systems; (8) Establishing and implementing an effective system to track internal control weaknesses and the actions taken to correct them; and (9) Monitoring and reporting to the Bank's board of directors the effectiveness of the internal control system on an ongoing basis. [65 FR 25274, May 1, 2000, as amended at 67 FR 12846, Mar. 20, 2002] (a) Establishment. The board of directors of each Bank shall establish an audit committee, consistent with the requirements set forth in this section. (b) Composition. (1) The audit committee shall comprise five or more persons drawn from the Bank's board of directors, each of whom shall meet the criteria of independence set forth in paragraph (c) of this section. (2) The audit committee shall include a balance of representatives of: (i) Community financial institutions and other members; and (ii) Appointive and elective directors of the Bank. (3) The terms of audit committee members shall be appropriately staggered so as to provide for continuity of service. (4) At least one member of the audit committee shall have extensive accounting or related financial management experience. (c) Independence. Any member of the Bank's board of directors shall be considered to be sufficiently independent to serve as a member of the audit committee if that director does not have a disqualifying relationship with the Bank or its management that would interfere with the exercise of that director's independent judgment. Such disqualifying relationships include, but are not limited to: (1) Being employed by the Bank in the current year or any of the past five years; (2) Accepting any compensation from the Bank other than compensation for service as a board director; (3) Serving or having served in any of the past five years as a consultant, advisor, promoter, underwriter, or legal counsel of or to the Bank; or (4) Being an immediate family member of an individual who is, or has been in any of the past five years, employed by the Bank as an executive officer. (d) Charter. (1) The audit committee of each Bank shall adopt, and the Bank's board of directors shall approve, a formal written charter that specifies the scope of the audit committee's powers and responsibilities, as well as the audit committee's structure, processes and membership requirements. (2) The audit committee and the board of directors of each Bank shall: (i) Review, assess the adequacy of and, where appropriate, amend the Bank's audit committee charter on an annual basis; (ii) Amend the audit committee charter as appropriate; and (iii) Re-adopt and re-approve, respectively, the Bank's audit committee charter not less often than every three years. (3) Each Bank's audit committee charter shall: (i) Provide that the audit committee has the responsibility to select, evaluate and, where appropriate, replace the internal auditor and that the internal auditor may be removed only with the approval of the audit committee; (ii) Provide that the internal auditor shall report directly to the audit committee on substantive matters and that the internal auditor is ultimately accountable to the audit committee and board of directors; and (iii) Provide that both the internal auditor and the external auditor shall have unrestricted access to the audit committee without the need for any prior management knowledge or approval. (e) Duties. Each Bank's audit committee shall have the duty to: (1) Direct senior management to maintain the reliability and integrity of the accounting policies and financial reporting and disclosure practices of the Bank; (2) Review the basis for the Bank's financial statements and the external auditor's opinion rendered with respect to such financial statements (including the nature and extent of any significant changes in accounting principles or the application therein) and ensure that policies are in place that are reasonably designed to achieve disclosure and transparency regarding the Bank's true financial performance and governance practices; (3) Oversee the internal audit function by: (i) Reviewing the scope of audit services required, significant accounting policies, significant risks and exposures, audit activities and audit findings; (ii) Assessing the performance and determining the compensation of the internal auditor; and (iii) Reviewing and approving the internal auditor's work plan; (4) Oversee the external audit function by: (i) Approving the external auditor's annual engagement letter; (ii) Reviewing the performance of the external auditor; and (iii) Making recommendations to the Bank's board of directors regarding the appointment, renewal, or termination of the external auditor; (5) Provide an independent, direct channel of communication between the Bank's board of directors and the internal and external auditors; (6) Conduct or authorize investigations into any matters within the audit committee's scope of responsibilities; (7) Ensure that senior management has established and is maintaining an adequate internal control system within the Bank by: (i) Reviewing the Bank's internal control system and the resolution of identified material weaknesses and reportable conditions in the internal control system, including the prevention or detection of management override or compromise of the internal control system; and (ii) Reviewing the programs and policies of the Bank designed to ensure compliance with applicable laws, regulations and policies and monitoring the results of these compliance efforts; (8) Review the policies and procedures established by senior management to assess and monitor implementation of the Bank's strategic business plan and the operating goals and objectives contained therein; and (9) Report periodically its findings to the Bank's board of directors. (f) Meetings. The audit committee shall prepare written minutes of each audit committee meeting. [65 FR 25274, May 1, 2000, as amended at 67 FR 12846, Mar. 20, 2002] (a) Adoption of budgets. Each Bank's board of directors shall be responsible for the adoption of an annual operating expense budget and a capital expenditures budget for the Bank, and any subsequent amendments thereto, consistent with the requirements of the Act, this section, other regulations and policies of the Finance Board, and with the Bank's responsibility to protect both its members and the public interest by keeping its costs to an efficient and effective minimum. (b) No delegation of budget authority. A Bank's board of directors may not delegate the authority to approve the Bank's annual budgets, or any subsequent amendments thereto, to Bank officers or other Bank employees. (c) Interest rate scenario. A Bank's annual budgets shall be prepared based upon an interest rate scenario as determined by the Bank. (d) Board approval for deviations. A Bank may not exceed its total annual operating expense budget or its total annual capital expenditures budget without prior approval by the Bank's board of directors of an amendment to such budget. (a) A Bank's board of directors may declare and pay a dividend only from previously retained earnings or current net earnings and only if such payment will not result in a projected impairment of the par value of the capital stock of the Bank. Dividends on such capital stock shall be computed without preference. (b) The requirement in paragraph (a) of this section that dividends shall be computed without preference shall cease to apply to any Bank that has established any dividend preferences for one or more classes or subclasses of its capital stock as part of its approved capital plan, as of the date on which the capital plan takes effect. [65 FR 25274, May 1, 2000, as amdended at 66 FR 8308, Jan. 30, 2001] A Bank's board of directors shall have in effect at all times bylaws governing the manner in which the Bank administers its affairs and such bylaws shall be consistent with applicable laws and regulations as administered by the Finance Board.
Title 12: Banks and Banking
PART 917—POWERS AND RESPONSIBILITIES OF BANK BOARDS OF DIRECTORS AND SENIOR MANAGEMENT
Section Contents
§ 917.1 Definitions.
§ 917.2 General authorities and duties of Bank boards of directors.
§ 917.3 Risk management.
§ 917.4 Bank Member Products Policy.
§ 917.5 Strategic business plan.
§ 917.6 Internal control system.
§ 917.7 Audit committees.
§ 917.8 Budget preparation.
§ 917.9 Dividends.
§ 917.10 Bank bylaws.
§ 917.1 Definitions.
top
§ 917.2 General authorities and duties of Bank boards of directors.
top
§ 917.3 Risk management.
top
§ 917.4 Bank Member Products Policy.
top
§ 917.5 Strategic business plan.
top
§ 917.6 Internal control system.
top
§ 917.7 Audit committees.
top
§ 917.8 Budget preparation.
top
§ 917.9 Dividends.
top
§ 917.10 Bank bylaws.
top
