View PDF

The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.

Federal Reserve Bank
OF DALLAS
ROBERT

D. M C T E E R , J R .
DALLAS, TEXAS

p re s id e n t
A N D C H IE F E X E C U T I V E O F F I C E R

AllgUSt 19 199 6

7 5 2 6 5 -5 9 0 6

Notice 96-75

TO:

The Chief Executive Officer of each
member bank and others concerned in
the Eleventh Federal Reserve District

SUBJECT
Interagency Statement on the
Effect of Year 2000 on Computer Systems
DETAILS
An interagency statement entitled The Effect o f Year 2000 on Computer
Systems has been developed to alert financial institutions to the potential risks associated
with existing computer systems as they enter the new millennium. This matter will come
under increased regulatory scrutiny in the coming months.
ATTACHMENT
A copy of the interagency statement is attached.
MORE INFORMATION
For more information, please contact Don Vinnedge, Board of Governors of
the Federal Reserve System, at (202) 452-2717. For additional copies of this Bank’
s
notice, please contact the Public Affairs Department at (214) 922-5254.
Sincerely yours,

For additional copies, bankers and others are encouraged to use one of the following toll-free numbers in contacting the Federal
Reserve Bank o f Dallas: Dallas Office (800) 333 -4460; El Paso Branch Intrastate (800) 592-1631, Interstate (800) 351-1012; Houston
Branch Intrastate (800) 392-4162, Interstate (800) 221-0363; San Antonio Branch Intrastate (800) 292-5810.

This publication was digitized and made available by the Federal Reserve Bank of Dallas' Historical Library (FedHistory@dal.frb.org)

Federal Financial Institutions Examination Council

4
X

______________________________________________________________

2100 Pennsylvania Avenue, NW, Suite 200 • Washington. DC 20037 • (202)634-6526 • FAX (202)634-6556

THE EFFECT OF YEAR 2000 ON COMPUTER SYSTEMS

To:

Chief Executive Officers of all Federally Supervised
Financial Institutions, Senior management of each FFIEC
Agency, and all examining personnel.

PURPOSE
This interagency statement alerts financial institutions to
substantial risks to the industry represented by the programming
code in existing computer systems as the industry enters the new
millennium (year 2000).
BACKGROUND
The "year 2000" problem is pervasive and complex. Virtually
every organization will have its computing operations affected in
some way by the rollover of the two digit year value to 00. The
majority of computer operating systems and programs currently in
use have been developed utilizing six digit date fields (YYMMDD) .
For example, December 31, 1999, would be represented by ^9 91231"
in computer code.
The two digit field for the year (in example
*99") is the basis for all calculation formulas within most
computer systems, particularly those processed through
mainframes.
Up until now, this two digit field has sufficed, using a
subtraction of current date from some future date (up to 12-3199) . As the industry enters the year 2000, the two digit field
"00" will not permit accurate calculations based on the current
formulas.
January 1, 2000 would be read as 000101.
Many
computer systems will recognize this date as the year 1900.
The
potential impact is that date sensitive calculations would be
based on erroneous data or could cause a system failure.
This
affects all forms of financial accounting (including interest
computation, due dates, pensions, personnel benefits,
investments, legal commitments) . It can also affect record
keeping, such as inventory, maintenance, and file retention.
Reliable information is necessary for financial institutions to
conduct business.
Board of Governors of the Federal Reserve System , Federal Deposit Insurance Corporation, National Credit Union Administration,
Office of the Comptroller of the Currency, O ffice of Thrift Supervision

These coding changes impact billions of lines of program code,
throughout government, banking, and all other users of computer
technology.
Most large financial institutions should be aware of
this potential problem, however, industry estimates are that only
30 percent are currently addressing the issue- In some cases,
individual financial institutions are projecting costs of $50 to
$100 million over the next three years. Most vulnerable are the
community financial institutions that do their own programming
with in-house developed software systems- According to industry
•guesstimates,* costs to resolve these programming challenges
worldwide will approach $600 billion (all computer systems, not
just banking) . Banking, however, is a heavily technology
sensitive industry and will be impacted greatly.
CONCERNS
Many financial institutions, servicers, and vendors have not
adequately addressed the risks associated with the coming
millenniumThis lack of planning could result in the extended
or permanent disruption of computer system operations. This may
be the result of either the problem itself or the cost of' fixing
it.
Time is critical.
Commitments to action and funding cannot be
deferred, as the year 2000 is a finite date.
This issue affects
EVERY financial institution, whether processing information
internally, through service bureaus, or a combination of both.
ACTION PLAN
Financial institutions should achieve year 2000 compatibility by
performing a high level risk assessment of how systems are
affected.
This should be followed by the development of a
detailed action plain.
The board of directors and senior
management should take the following steps in addressing this
issue:
•

Developing a risk assessment that identifies systems and
applications that must be modified.

•

Identifying the segments of computer systems that must be
modified.

•

Evaluating various alternatives (determining which
applications that should be redeveloped, replaced, or
modified).

•

Estimating costs for modifications.

•

Reviewing, approving, and establishing milestones to ensure
the timely completion of the institution's millennium plan.

•

Ensuring that new systems are year 2000 compliant.

An institution should review all aspects of computer systems to
include those provided by service bureaus, hardware vendors, and
other software vendors.
For any aspect of its information
systems processing management must:
•

Ensure that external vendors and servicers are adequately
addressing the system and software issues related to the
coming millennium.

•

Ensure that the institution has taken adequate steps to
ensure that critical operations will continue if the
servicers or vendors are unable to achieve millennium
requirements.

TESTING
All reprogramming efforts must be completed in time for adequate
system testing.
It is recommended that reprogramming efforts be
completed by December 31, 1998. This will provide one full year
for testing.
It is important to note that all systems from
mainframes to personal computers and local area networks are
susceptible to the impact of year 2000 consequences.
The appendix to this issuance provides a suggested outline of the
process that should be followed to ensure that issues concerning
the millennium are addressed.

APPENDIX
Millennium Planning Process
I.

Establish a Year 2000 Review Team
A.

B.

II.

Management should consider utilizing both internal and
external information systems and audit resources to
ensure that a risk-based Year 2000 Action Plan is
developed.
An inventory of all computer operating systems,
applications and files should be created.
All those
with year 2000 issues must be identified.

Develop an institution wide year 2000 plan.
A.

The initial step in developing the plan should be to
consider whether current systems and files should be
modified, replaced, outsourced, or discontinued.
It
should be noted that even if new systems are purchased,
old files may still have to be modified.
(All computer
systems, including mainframes, personal computers,
local area networks, etc., should be considered) .

B.

The year 2000 plan should also identify and prioritize
applications and processes that are the most date
sensitive and those which are most vulnerable.
Interdependent applications should be grouped together.

C.

Management and the board of directors need to ensure
that adequate funds and resources are allocated so
that all year 2000 projects are completed in a timely
manner.

III. Year 2000 Plan Implementation.
A.

Initiate pilot projects to test solutions to identified
problems.
It may be feasible to work with more than one
vendor in order to evaluate their various
solutions/capabilities before making a final decision.

B.

Begin the process of systematically implementing year
2000 changes by priority in accordance to risk.
These
projects should be conducted within the framework of the
system development life cycle process currently in
place.

C.

Conduct post implementation reviews to ensure the
integrity and functionality of the modified systems.


Federal Reserve Bank of St. Louis, One Federal Reserve Bank Plaza, St. Louis, MO 63102