Full text of Annual Report of the Federal Deposit Insurance Corporation : Annual Report, 2018

View original document

The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.

FEDERAL
DEPOSIT
INSURANCE
CORPORATION

2018

ANNUAL REPORT

THIS PAGE INTENTIONALLY LEFT BLANK

FEDERAL
DEPOSIT
INSURANCE
CORPORATION

2018

ANNUAL REPORT

FEDERAL DEPOSIT INSURANCE CORPORATION
550 17th Street NW, Washington, DC 20429

OFFICE OF THE CHAIRMAN

February 14, 2019
Dear Sir/Madam,
The Federal Deposit Insurance Corporation (FDIC) is pleased to submit its 2018 Annual Report
(also referred to as the Performance and Accountability Report), which includes the audited financial
statements of the Deposit Insurance Fund and the Federal Savings and Loan Insurance Corporation
(FSLIC) Resolution Fund. This report is produced in accordance with:
♦♦ Section 17(a) of the Federal Deposit Insurance Act,
♦♦ the Chief Financial Officers Act of 1990, Public Law 101-576,
♦♦ the Government Performance and Results Act of 1993 (as amended) and the GPRA Modernization
Act of 2010,
♦♦ Section 5 (as amended) of the Inspector General Act of 1978,
♦♦ the Reports Consolidation Act of 2000, and
♦♦ the Fraud Reduction and Data Analytics Act of 2015.
In accordance with the Reports Consolidation Act of 2000, the FDIC assessed the reliability of the
performance data contained in this report. We found no material inadequacies, and the data are
considered to be complete and reliable.
Based on internal management evaluations, and in conjunction with the results of independent financial
statement audits, we can provide reasonable assurance that the objectives of Section 2 (internal controls)
and Section 4 (financial management systems) of the Federal Managers’ Financial Integrity Act of 1982
have been achieved, and that the FDIC has no material weaknesses. We are committed to maintaining
effective internal controls corporate-wide in 2019.
Sincerely,

Jelena McWilliams
Chairman
The President of the United States
The President of the United States Senate
The Speaker of the United States House of Representatives

2018
TA B L E O F C O N T E N T S
Mission, Vision, and Values................................................................................................................................................4
Message from the Chairman..............................................................................................................................................5
Message from the Chief Financial Officer............................................................................................................................9
FDIC Senior Leaders.........................................................................................................................................................10
I. Management’s Discussion and Analysis..................................................................................................................11
The Year in Review.................................................................................................................................................13

Overview................................................................................................................................................................ 13
Deposit Insurance................................................................................................................................................... 13
Supervision ............................................................................................................................................................ 14
Supervision Policy................................................................................................................................................... 20
Financial Technology ............................................................................................................................................. 26
Community Banking Initiatives.............................................................................................................................. 28
Activities Related to Systemically Important Financial Institutions......................................................................... 34
Depositor and Consumer Protection...................................................................................................................... 39
Receivership Management...................................................................................................................................... 46
Enhancing the FDIC’s IT Security.......................................................................................................................... 49
Minority and Women Inclusion.............................................................................................................................. 51
International Outreach .......................................................................................................................................... 54
Effective Management of Strategic Resources.......................................................................................................... 55

II. Performance Results Summary..............................................................................................................................59
Summary of 2018 Performance Results by Program................................................................................................ 61
Performance Results by Program and Strategic Goal............................................................................................... 63
Prior Years’ Performance Results............................................................................................................................. 69

III. Financial Highlights...............................................................................................................................................83
Deposit Insurance Fund Performance..................................................................................................................... 85

IV. Budget and Spending............................................................................................................................................89
FDIC Operating Budget......................................................................................................................................... 91
2018 Budget and Expenditures by Program ........................................................................................................... 92
Investment Spending.............................................................................................................................................. 93

V. Financial Section...................................................................................................................................................95
Deposit Insurance Fund.......................................................................................................................................... 96
FSLIC Resolution Fund........................................................................................................................................ 112
Government Accountability Office Auditor’s Report............................................................................................. 119
Management’s Report on Internal Control Over Financial Reporting................................................................... 124
Management’s Response to the Auditor’s Report................................................................................................... 125

VI. Risk Management and Internal Controls...............................................................................................................127

Fraud Reduction and Data Analytics Act of 2015................................................................................................. 129
Management Report on Final Actions.................................................................................................................. 130

VII. Appendices.........................................................................................................................................................133
A. Key Statistics.................................................................................................................................................. 135
B. More About the FDIC................................................................................................................................... 148
C. Office of Inspector General’s Assessment of the Management and Performance
Challenges Facing the FDIC........................................................................................................................... 157
D. Acronyms and Initialisms............................................................................................................................... 189
ANNUAL REPORT 2018

MISSION, VISION, AND VALUES
MISSION
The Federal Deposit Insurance Corporation (FDIC) is an independent agency created by the Congress
to maintain stability and public confidence in the nation’s financial system by:
♦♦ Insuring deposits,
♦♦ Examining and supervising financial institutions for safety and soundness and
consumer protection,
♦♦ Making large and complex financial institutions resolvable, and
♦♦ Managing receiverships.

VISION
The FDIC is a recognized leader in promoting sound public policies; addressing risks in the nation’s
financial system; and carrying out its insurance, supervisory, consumer protection, resolution planning,
and receivership management responsibilities.

VALUES
The FDIC and its employees have a tradition of distinguished public service. Six core values guide us
in accomplishing our mission:

Integrity

We adhere to the highest ethical and professional standards.

Competence

We are a highly skilled, dedicated, and diverse workforce that is empowered to
achieve outstanding results.

Teamwork

We communicate and collaborate effectively with one another and with other
regulatory agencies.

Effectiveness

We respond quickly and successfully to risks in insured depository institutions
and the financial system.

Accountability

We are accountable to each other and to our stakeholders to operate in a
financially responsible and operationally effective manner.

Fairness

We respect individual viewpoints and treat one another and our stakeholders
with impartiality, dignity, and trust.

2018
M E S S AG E F R O M T H E C H A I R M A N
minimum reserve ratio of 1.35 percent two years
ahead of the required date.
FDIC supervision programs continued to protect
our Nation’s financial institutions and consumers.
Our examiners started all examinations within
established statutory or FDIC requirements, and
examination results indicate that the vast majority of
FDIC-supervised institutions are operating in a safe
and sound manner and effectively managing their
consumer protection responsibilities.

Since my appointment as the 21st Chairman, I
have been honored to serve alongside the dedicated
and passionate men and women of the Federal
Deposit Insurance Corporation. Our mission is
vital to the economy of the United States, and our
accomplishments serve as a bulwark to financial
stability around the world.
The United States banking industry continued its
strong performance in 2018. The industry posted
record profits, net interest margins increased, loan
balances grew, and loan performance improved.
There were no bank failures in 2018, and the number
of banks on the FDIC’s problem bank list declined to
the lowest level since third quarter 2007. The Deposit
Insurance Fund increased to over $100 billion, and
the reserve ratio increased to 1.36 percent in third
quarter 2018, exceeding the statutorily required

One of my top priorities as FDIC Chairman is
to encourage more de novo formation, and we are
hard at work to make this a reality. Among other
initiatives, the FDIC has requested public comment
on the deposit insurance application process to
identify potential improvements. We are also working
to streamline our evaluation of deposit insurance
applications, and have launched a process to receive
and review draft deposit insurance proposals. Through
these initiatives, we seek to improve the quality of
submissions and reduce the time necessary to review
and process applications, particularly those involving
complex proposals. De novo banks are a key source of
new capital, talent, ideas, and ways to serve customers,
and the FDIC will do its part to support this segment
of the industry.
The FDIC also took robust steps this year to reduce
the regulatory burden on community banks, without
sacrificing safety and soundness or consumer
protections. We eliminated over one-half of the more
than 800 pieces of supervisory guidance outstanding.
We also launched a pilot program to use technology to
reduce the number of onsite days needed to conduct
an examination, and took other steps to reduce the
costs of examinations to our regulated institutions.
As part of this effort, the FDIC has worked toward
quickly implementing many provisions of the
Economic Growth, Regulatory Relief, and Consumer
Protection Act. This includes proposed rulemakings
to establish a community bank leverage ratio for
MESSAGE FROM THE CHAIRMAN

ANNUAL REPORT
highly capitalized community banks, tailor the
application of existing capital and liquidity rules
for regional banks, modify the capital treatment
of certain commercial real estate loans, modify
the threshold for mortgage loans to be exempt
from appraisal requirements, simplify reporting
requirements for community banks with less than $5
billion in assets, and exempt community banks from
the Volcker Rule. The FDIC has also issued a final
rule to extend the exam cycle to 18 months for banks
with less than $3 billion in assets.
The FDIC continued to evaluate firm-developed
resolution plans, and to develop our own strategies
and capabilities to facilitate, if necessary, the orderly
resolution of large, complex financial institutions
without taxpayer support or market breakdowns.
To support this effort, the FDIC and Federal Reserve
Board provided feedback regarding Title I resolution
plans submitted by 23 foreign banking organizations
and two domestic regional bank holding companies,
and assessed plans submitted by another 16 domestic
regional bank holding companies. The agencies
also released for public comment revised guidance
for the eight largest domestic firms. The FDIC also
worked to enhance our preparedness to use backup
Title II Orderly Liquidation Authority, including
strengthening our working relationships with
international authorities.
Traditional resolution activity for insured depository
institutions in 2018 included the monitoring of
several institutions near failure, the execution of
deposit insurance processing system improvements,
the liquidation of more than $1 billion in legacy
assets, the termination of 66 receiverships, and the
processing of almost $3 billion in dividend payments
to creditors. Substantial progress was made in the
evaluation of the resolution plans of 41 large banks,
and in the development of the FDIC’s capabilities
around bridge bank governance, including executive
search and onboarding, bridge bank exit strategies,
human capital transitioning, crisis communication,
claims administration, and large transaction
accounting.

MESSAGE FROM THE CHAIRMAN

In October, I announced my first public initiative as
Chairman, “Trust through Transparency,” an agencywide effort that unites the FDIC behind the goals
of being accessible, understandable, responsive, and
accountable. Transparency is pivotal to maintaining
the public’s trust in the safety and soundness of the
entire banking system and in our ability to accomplish
our mission. The first step in this initiative was
to launch a new section of our website (https://
www.fdic.gov/transparency/) where we publish
FDIC performance metrics. These are quantifiable
measurements of performance, such as turnaround
times for examinations and applications, call center
response rates, and guidelines and decisions related to
appeals of material supervisory determinations and
deposit insurance assessments. In the same place on
our website, we posted other policies and procedures
regarding how we conduct our work.
Publishing this information provides transparency
to the banking industry and the public on our
performance. In its first two months, our new
“Trust through Transparency” website received more
than 34,000 page views. During the remainder of
my chairmanship, we will continue to update this
information, provide more data, and make it easier for
the public to hold us accountable. We will provide
information that anyone – not just technical experts –
can understand. We will solicit and respond to public
feedback, and continue to provide real, quantifiable
performance measures. If you like what we are doing,
or if you have concerns, we also established an email
account to gather your feedback: Transparency@
FDIC.gov.
Looking forward to 2019, we have set forth a robust
agenda for the agency.
We will continue to focus on reducing unnecessary
regulatory burdens for community banks without
sacrificing consumer protections or prudential
requirements. My “Back to Basics” initiative is
designed to tailor regulatory requirements to the risk
presented by these smaller institutions, thus reducing
their cost of compliance. When we make these

2018
adjustments, we allow banks to focus on the business
of banking, not on the unraveling of red tape.
In addition, we are in the process of establishing an
Office of Innovation that will partner with banks and
non-banks to understand how technology is changing
the business of banking. The Office will be tasked
with addressing four fundamental questions:
1. How can the FDIC provide a safe regulatory
environment to promote the technological
innovation that is already occurring?
2. How can the FDIC promote technological
development at community banks that often have
limited research and development funding to
support independent efforts?
3. What changes in policy – particularly in the
areas of identity management, data quality and
integrity, and data usage or analysis – must occur
to support innovation while promoting safe and
secure financial services and institutions?
4. How can the FDIC transform – in terms of our
technology, examination processes, and culture
– to enhance the stability of the financial system,
protect consumers, and reduce the compliance
burden on our regulated institutions?
Through increased collaboration with FDIC-regulated
institutions, consumers, and financial services
innovators, we will help increase the velocity of
innovation in our business.
As the banking industry evolves, so must the FDIC.
That is why I have directed FDIC leadership to
conduct a comprehensive review of our current
supervisory processes, as well as the organization,
workforce structure, and capabilities supporting our
supervisory mission. Through focused adoption of
new technologies and processes, we can improve

the transparency, efficiency, and effectiveness of our
consumer and prudential examinations. We look
forward to working with experts in information
technology and banking – from the private sector,
academia, and government – for input on how the
FDIC can improve our supervision efforts.
In 2019, we will also increase our focus on
underserved or unbanked communities. We will
expand our engagement with Minority Depository
Institutions (MDIs), so that they are in a better
position to serve their communities. At the same
time, we will work with all FDIC-supervised
institutions to promote the safe adoption of additional
products and services that bring these underserved
communities more fully into the banking fold. The
FDIC has issued a request for information soliciting
feedback on steps the agency can take to better enable
FDIC-supervised banks to offer small dollar credit
to consumers.
The current positive economic cycle will not last
forever. The actions that the FDIC has taken in 2018
and our planned agenda for 2019 will strengthen the
stability of our institutions should a downturn occur
sooner than expected.
I am genuinely honored to serve as your FDIC
Chairman, and I look forward to working with all
of you to ensure that our Nation’s banks remain
strong and that the FDIC maintains its longstanding
tradition of distinguished public service.
Sincerely,

Jelena McWilliams

MESSAGE FROM THE CHAIRMAN

THIS PAGE INTENTIONALLY LEFT BLANK

2018
MESSAGE FROM THE
CHIEF FINANCIAL OFFICER
I am pleased to present
the FDIC’s 2018 Annual
Report, which covers
financial and program
performance information
and summarizes our
successes for the year.
For 27 consecutive years,
the U.S. Government
Accountability Office has issued unmodified audit
opinions for the two funds administered by the
FDIC: the Deposit Insurance Fund (DIF) and the
Federal Savings and Loan Insurance Corporation
(FSLIC) Resolution Fund (FRF). We take pride
in our responsibility and demonstrate discipline
and accountability as stewards of these funds. We
remain proactive in the execution of sound financial
management and in providing reliable financial data.

2018 FINANCIAL AND
PROGRAM RESULTS
The DIF balance (the net worth of the Fund) rose
to a record $102.6 billion as of December 31, 2018,
compared to the year-end 2017 balance of $92.7
billion. The Fund balance increase was primarily
due to assessment revenue. No insured financial
institutions failed in 2018.
The DIF U.S. Treasury securities investment portfolio
balance was $92.7 billion as of December 31, 2018,
an increase of $9.4 billion over the year-end 2017
portfolio balance of $83.3 billion. Interest revenue on
DIF investments was $1.6 billion for 2018, compared
to $1.1 billion for 2017.

In 2018, the FDIC continued to reduce operating
costs and prudently manage the funds that it
administers. The FDIC Operating Budget for 2018
totaled approximately $2.09 billion, which represented
a decrease of $66 million (3.0 percent) from 2017.
Actual 2018 spending totaled approximately $1.90
billion. On December 18, 2018, the FDIC Board of
Directors approved a 2019 FDIC Operating Budget
totaling $2.04 billion, down $49 million (2.3 percent)
from the 2018 budget. Including 2019, the annual
operating budget has declined for nine consecutive
years, consistent with a steadily declining workload.
The FDIC continues to reduce staffing levels, as
conditions in the banking industry improve and
the FDIC requires fewer resources. The FDIC’s
authorized full-time equivalent staffing dropped
from 6,363 in 2017 to 6,083 in 2018, a 4.4 percent
reduction. The FDIC Board of Directors recently
approved an authorized staffing level of 5,901 fulltime equivalent positons for 2019, a 3.0 percent
reduction from 2018.
The FDIC also took important steps in 2018 to
enhance its enterprise risk management program
by updating our enterprise risk management and
internal control corporate directive, drafting a risk
appetite statement, and updating our risk profile.
We will continue to implement enhancements to the
program during 2019 to ensure the FDIC identifies
and addresses enterprise risks proactively. We will
remain focused on implementing sound financial
management techniques, effective internal controls,
and appropriate risk responses.
Sincerely,

Steven O. App

MESSAGE FROM THE CHIEF FINANCIAL OFFICER

ANNUAL REPORT

FDIC SENIOR LEADERS

Seated (left to right): Arleas Upton Kea, Barbara A. Ryan, Chairman Jelena McWilliams, Director Martin J. Gruenberg, and Doreen R. Eberley.
Standing 1st Row (left to right): Jay N. Lerner, Arthur J. Murton, Jason C. Cave, Diane Ellis, Mark E. Pearce, Saul Schwartz, and Andy Jiminez. 2nd Row
(left to right): Craig R. Jarvill, Kymberly K. Copa, M. Anthony Lowe, Howard G. Whyte, Charles Yi, Bret D. Edwards, Russell G. Pittman, Ricardo Delfin,
Zachary N. Brown, and David Barr.
Not pictured: Brandon Milhorn, Steven O. App, Chad Davis, Suzannah L. Susser, and Robert D. Harris.

FDIC SENIOR LEADERS

MANAGEMENT’S
DISCUSSION AND ANALYSIS

THIS PAGE INTENTIONALLY LEFT BLANK

2018
THE YEAR IN REVIEW
OVERVIEW

DEPOSIT INSURANCE

During 2018, the FDIC continued to fulfill its
mission-critical responsibilities. In addition, the
agency adopted and issued proposed rules on key
regulations under the Economic Growth, Regulatory
Relief and Consumer Protection Act (EGRRCPA)
and the Economic Growth and Regulatory Paperwork
Reduction Act of 1996 (EGRPRA), and engaged
in several community banking and community
development initiatives.

As insurer of bank and savings association deposits,
the FDIC must continually evaluate and effectively
manage how changes in the economy, financial
markets, and banking system affect the adequacy and
the viability of the Deposit Insurance Fund (DIF).

Cybersecurity remained a high priority for the
FDIC in 2018; the agency worked to strengthen
cybersecurity oversight, help financial institutions
mitigate risk, and respond to cyber threats.
The sections below highlight these and other
accomplishments during the year.
In May 2018, Jelena McWilliams was confirmed as
the 21st Chairman of the FDIC, and has met with
bankers from across the country in the intervening
months to discuss the diverse needs of bank customers
and how to meet those needs.

Long-Term Comprehensive Fund Management Plan
In 2010 and 2011, the FDIC developed a
comprehensive, long-term DIF management plan
designed to reduce the effects of cyclicality and
achieve moderate, steady assessment rates throughout
economic and credit cycles, while also maintaining a
positive fund balance, even during a banking crisis.
That plan complements the DIF Restoration Plan,
originally adopted in 2008 and subsequently revised,
which was designed to ensure that the reserve
ratio (the ratio of the fund balance to estimated
insured deposits) would reach 1.35 percent by
September 30, 2020, as required by the Dodd-Frank
Wall Street Reform and Consumer Protection Act
(Dodd-Frank Act).

Picture provided by the Kansas Bankers Association
Chairman Jelena McWilliams (center), with bankers from New Hampshire, Iowa, and Kansas.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
Under the long-term DIF management plan, to
increase the probability that the fund reserve ratio
will reach a level sufficient to withstand a future crisis,
the FDIC Board set the Designated Reserve Ratio
(DRR) of the DIF at 2.0 percent. The FDIC views
the 2.0 percent DRR as a long-term goal and the
minimum level needed to withstand future crises of
the magnitude of past crises. In December 2018, the
Board voted to maintain the 2.0 percent ratio
for 2019.
Additionally, as part of the long-term DIF
management plan, the FDIC has suspended dividends
indefinitely when the fund reserve ratio exceeds
1.5 percent. In lieu of dividends, the plan prescribes
progressively lower assessment rates that will become
effective when the reserve ratio exceeds 2.0 percent
and 2.5 percent.
State of the Deposit Insurance Fund
There were no bank failures in 2018. The fund
balance continued to grow through 2018, as it has
every quarter after the end of 2009. Assessment
revenue was the primary contributor to the increase
in the fund balance in 2018. The fund reserve ratio
rose to 1.36 percent at September 30, 2018, from
1.27 percent a year earlier.
Minimum Reserve Ratio
Section 334 of the Dodd-Frank Act, which
increased the minimum reserve ratio of the DIF
from 1.15 percent to 1.35 percent, mandates that the
reserve ratio reach that level by September 30, 2020.
To achieve this ratio, the FDIC imposed surcharges
on the quarterly assessments of insured depository
institutions (IDIs) with total consolidated assets of
$10 billion or more (large banks). The surcharge
equaled an annual rate of 4.5 basis points applied to
an institution’s regular quarterly deposit insurance
assessment base after subtracting $10 billion, with
additional adjustments for banks with affiliated IDIs.
As of September 30, 2018, the reserve ratio exceeded
the required minimum of 1.35 percent, and the
surcharges were suspended.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

Because the Dodd-Frank Act mandates that the FDIC
offset the effect of the increase in the reserve ratio
on small banks (i.e., banks with assets less than $10
billion), these banks were exempt from the surcharges.
Furthermore, assessment credits are provided to small
banks for the portion of their regular assessments that
contributed to growth in the reserve ratio between
1.15 percent and 1.35 percent. The FDIC has
calculated the aggregate amount of credits to be
$765 million. Each quarter the reserve ratio is at
least 1.38 percent, the FDIC will automatically apply
a small bank’s credits to reduce its regular assessment
up to the entire amount of the assessment.

SUPERVISION
Supervision and consumer protection are cornerstones
of the FDIC’s efforts to ensure the stability of, and
public confidence in, the nation’s financial system.
The FDIC’s supervision program promotes the
safety and soundness of FDIC-supervised financial
institutions, protects consumers’ rights, and promotes
community investment initiatives.

Examination Program
The FDIC’s strong bank examination program is at
the core of its supervisory program. As of December
31, 2018, the FDIC was the primary federal regulator
for 3,495 FDIC-insured, state-chartered institutions
that were not members of the Federal Reserve
System (generally referred to as “state nonmember”
institutions). Through risk management (safety and
soundness), consumer compliance, Community
Reinvestment Act (CRA), and other specialty
examinations, the FDIC assesses an institution’s
operating condition, management practices and
policies, and compliance with applicable laws
and regulations.
As of December 31, 2018, the FDIC conducted 1,492
statutorily required risk management examinations,
including reviews of Bank Secrecy Act (BSA)
compliance, and all required follow-up examinations
for FDIC-supervised problem institutions, within
prescribed time frames. The FDIC also conducted

2018
1,215 statutorily required CRA/consumer compliance
examinations (876 joint CRA/consumer compliance
examinations, 337 consumer compliance-only
examinations, and two CRA-only examinations).
In addition, the FDIC performed 3,334 specialty
examinations (which include reviews for BSA
compliance) within prescribed time frames.

soundness purposes (defined as those institutions
having a composite CAMELS1 rating of 4 or 5). By
comparison, on September 30, 2017, there were 104
problem institutions with total assets of $16.0 billion.
This represents a 32 percent decline in the number
of problem institutions and a 233 percent increase in
problem institution assets.

The table below illustrates the number of
examinations by type, conducted from 2016
through 2018.

For the 12 months ended September 30, 2018, 45
institutions with aggregate assets of $7.4 billion
were removed from the list of problem financial
institutions, while 12 institutions with aggregate assets
of $45.6 billion were added to the list. The FDIC is
the primary federal regulator for 52 of the 71 problem
institutions, with total assets of $7.3 billion.

Risk Management
All risk management examinations have been
conducted in accordance with statutorily-established
time frames. As of September 30, 2018, 71 insured
institutions with total assets of $53.3 billion were
designated as problem institutions for safety and

In 2018, the FDIC’s Division of Risk Management
Supervision (RMS) initiated 156 formal enforcement
actions and 95 informal enforcement actions.

FDIC EXAMINATIONS 2016-2018
Risk Management (Safety and Soundness):
State Nonmember Banks
Savings Banks
State Member Banks
Savings Associations
National Banks
Subtotal–Risk Management Examinations
CRA/Consumer Compliance Examinations:
Consumer Compliance/Community Reinvestment Act
Consumer Compliance-only
CRA-only
Subtotal–CRA/Compliance Examinations
Specialty Examinations:
Trust Departments
Information Technology and Operations
Bank Secrecy Act
Subtotal–Specialty Examinations
TOTAL

2018

2017

2016

1,333

1,440

1,563

159

171

164

1,492

1,611

1,727

876

770

709

337

393

594

1,215

1,168

1,311

308

347

351

1,503

1,627

1,742

1,523

1,640

1,761

3,334

3,614

3,854

6,041

6,393

6,892

The CAMELS composite rating represents the adequacy of Capital, the quality of Assets, the capability of Management, the quality and level of Earnings, the adequacy
of Liquidity, and the Sensitivity to market risk, and ranges from “1” (strongest) to “5” (weakest).

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
Enforcement actions against institutions included,
but were not limited to 13 actions under Section 8(b)
of the Federal Deposit Insurance Act (FDI Act), all
of which were consent orders, and 94 memoranda
of understanding (MOUs). Of these enforcement
actions against institutions, eight consent orders
and 20 MOUs were based, in whole or in part,
on apparent violations of BSA and anti-money
laundering (AML) laws and regulations. In addition,
enforcement actions were also initiated against
individuals. These actions included, but were not
limited to, 52 removal and prohibition actions under
Section 8(e) of the FDI Act (50 consent orders and
two notices of intention to remove/prohibit), three
actions under Section 8(b) of the FDI Act (two orders
to pay restitution, and one notice of charges), and 11
civil money penalty (CMPs) (10 orders to pay and one
notice of assessment).
The FDIC continues its risk-focused, forward-looking
supervision program by assessing risk management
practices during the examination process to ensure
that risks are mitigated before they lead to financial
deterioration.

Consumer Compliance
As of December 31, 2018, 35 insured state
nonmember institutions, about 1 percent of all
supervised institutions, with total assets of $39 billion,
were problem institutions for consumer compliance,
CRA, or both. All of the problem institutions for
consumer compliance were rated “4” for consumer
compliance purposes, with none rated “5.” For CRA
purposes, the majority were rated “Needs to Improve,”
and only one was rated “Substantial Noncompliance.”
As of December 31, 2018, all follow-up examinations
for problem institutions were performed on schedule.
As of December 31, 2018, the FDIC conducted

substantially all required consumer compliance
and CRA examinations and, when violations
were identified, completed follow-up visits and
implemented appropriate enforcement actions in
accordance with FDIC policy. In completing these

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

activities, the FDIC substantially met its internallyestablished time standards for the issuance of final
examination reports and enforcement actions.
Overall, banks demonstrated strong consumer
compliance programs. The most significant consumer
protection issue that emerged from the 2018 consumer
compliance examinations involved banks’ failure to
adequately monitor third-party vendors. For example,
the FDIC found violations involving unfair or
deceptive acts or practices, such as failure to disclose
material information about product features and
limitations, deceptive marketing and sales practices,
and misrepresentations about the costs of products.
The FDIC issued orders requiring the payment of
CMPs to address these violations.
As of December 31, 2018, the FDIC’s Division of
Depositor and Consumer Protection (DCP) initiated
21 formal enforcement actions and 13 informal
enforcement actions to address consumer compliance
concerns. This included three restitution orders, four
consent orders, 13 CMPs, one Notice of Assessment,
and 13 MOUs. Restitution orders are formal actions
that require institutions to pay restitution in the form
of consumer refunds for violations of law. In 2018,
these orders required the payment of approximately
$21.3 million to harmed consumers. As of December
31, 2018, the CMP orders totaled $3,556,766.

Large Bank Supervision Program
The Large Bank Supervision Branch within RMS
addresses the growing complexity of large banking
organizations with assets exceeding $10 billion and
not assigned to the Complex Financial Institution
(CFI) Group. This branch is responsible for
supervisory oversight, ongoing monitoring, and
resolution planning, while supporting the insurance
business line. For state nonmember banks with
assets exceeding $10 billion, the FDIC generally
applies a continuous examination program, whereby
dedicated staff conducts ongoing on-site supervisory
examinations and institution monitoring. The FDIC
also has dedicated on-site examination staff at select

2018
banks for which the FDIC is not the primary federal
regulator. These examiners work closely with other
financial institution regulatory authorities to identify
emerging risks and assess the overall risk profile of
large institutions.
The Large Insured Depository Institution (LIDI)
Program remains the primary instrument for offsite monitoring of IDIs with $10 billion or more
in total assets not assigned to CFI Group. The
LIDI Program provides a comprehensive process
to standardize data capture and reporting for large
and complex institutions nationwide, allowing for
quantitative and qualitative risk analysis. In 2018,
the LIDI Program covered 116 institutions with total
assets of $6.2 trillion. The LIDI Program supports
effective large bank supervision by using individual
institution information to focus resources on higherrisk areas, determine the need for supervisory action,
and support insurance assessments and resolution
planning.
The Shared National Credit (SNC) Program is an
interagency initiative administered jointly by the
FDIC, the Office of the Comptroller of the Currency
(OCC), and the Federal Reserve Board (FRB) to
ensure consistency in the regulatory review of large,
syndicated credits, as well as to identify risk in this
market, which comprises a large volume of domestic
commercial lending. In 2018, outstanding credit
commitments identified in the SNC Program totaled
$4.4 trillion. The FDIC, OCC, and FRB report
the results of their review in an annual, joint public
statement.
In the first quarter of 2018, the Large Bank
Supervision Branch completed a horizontal creditrisk rating assessment at 16 large FDIC-supervised
institutions to evaluate transparency and effectiveness
of their internal credit risk rating systems. The
findings of this horizontal assessment were
summarized in a Supervisory Insights article published
in September 2018.2

Operational Risk Supervision Program
Information Technology and Cybersecurity
The FDIC examines information technology (IT),
including cybersecurity, at each bank it supervises as
part of the risk management examination. Examiners
assign an IT rating using the Federal Financial
Institutions Examination Council’s (FFIEC)
Uniform Rating System for Information Technology
(URSIT), and the IT rating is incorporated into the
management component of the CAMELS rating,
in accordance with the FFIEC’s Uniform Financial
Institutions Rating System (UFIRS).
The FDIC continued to enhance its IT supervision in
2018. Examiners used the Information Technology
Risk Examination Program (InTREx), which
includes cybersecurity components, to conduct
IT examinations. Examiners provided results and
recommended actions to institutions to address IT,
cybersecurity, and other operational risks. During
the year, the FDIC also analyzed the effectiveness and
efficiency of this examination program by reviewing
workpapers and reports of examination comments.
Together with the Federal Reserve and the Conference
of State Bank Supervisors, adjustments to InTREx
are being considered and implemented. In addition,
the FDIC held an IT Security Training Conference
to provide continuing education to RMS IT subject
matter experts and IT examiners on risks facing the
industry, and examination policy.
In October 2018, the FDIC and other FFIEC
members conducted a webinar and published a
Cybersecurity Resource Guide for Financial Institutions
to raise awareness about the importance of
cybersecurity. The webinar provided an overview
of the resource guide, and featured a guest speaker
from the Department of Homeland Security National
Cybersecurity and Technical Services (NCATS) team
who provided information on the NCATS’ Cyber
Hygiene program. This program’s goal is to secure
internet-accessible systems by continuously scanning

Sandra Macias, “Credit Risk Grading Systems: Observations From a Horizontal Assessment,” Supervisory Insights 15 no. 1, Summer 2018, https://www.fdic.gov/regulations/examinations/supervisory/insights/sisum18/si-summer-2018-article02.pdf.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
for known vulnerabilities and configuration errors at
no cost to financial institutions.
In October 2018, the FDIC also published new
vignettes for Cyber Challenge: A Community Bank
Cyber Exercise. Cyber Challenge is a series of video
vignettes and discussion material that can help bank
management and staff learn more about operational
risk and mitigation techniques.
The FDIC, OCC, and FRB also examine IT and
other operational components of service providers
that support financial institutions via the continued
implementation of the Cybersecurity Examination
Program. During 2018, the agencies completed
a horizontal interconnectivity review, as well as
individual cybersecurity reviews at all significant
service providers.
The FDIC continues to actively engage with both
the public and private sectors to assess cybersecurity
and other operational risk issues. This work includes
regular meetings with the Financial and Banking
Information Infrastructure Committee (FBIIC), the
Financial Services Sector Coordinating Council for
Critical Infrastructure Protection, the Department
of Homeland Security, the Financial Services
Information Sharing and Analysis Center, other
regulatory agencies, and law enforcement to share
information regarding emerging issues and coordinate
responses.
The FDIC played a significant role in organizing
FBIIC incident management communication related
to areas affected by hurricanes Florence and Michael.
The FDIC also actively participated in FBIIC working
groups to better understand the financial sector’s
vulnerability to a cybersecurity incident, and consider
ways to harmonize cybersecurity supervisory efforts.

Bank Secrecy Act/Anti-Money Laundering
In 2018, the FDIC and the other federal banking
agencies issued examination procedures for the
customer due diligence and beneficial ownership

rules, which were effective May 11. These procedures
supersede similar examination instructions and
procedures in the 2014 version of the FFIEC
BSA/AML Examination Manual.
The FDIC, other federal banking agencies, and
Financial Crimes Enforcement Network (FinCEN)
evaluated opportunities to increase the efficiency and
effectiveness of the BSA/AML examination process.
During the year, these agencies issued two statements.
The first statement discussed how banks with a
community focus, less-complex operations, and lower
risk profiles may share BSA resources. The second
statement expressed support for banks’ innovative efforts
with respect to BSA/AML compliance.

Cyber Fraud and Financial Crimes
The FDIC has undertaken a number of initiatives
in 2018 to protect the banking industry from
criminal financial activities. For example, the FDIC
developed, sponsored, and presented a financial crimes
conference that was attended by examiners, lawyers,
other interested personnel from the FDIC, other
banking agencies, and law enforcement agencies.
The FDIC also helped financial institutions identify
and shut down “phishing” websites that attempt
to fraudulently obtain an individual’s confidential
personal or financial information. Finally, the FDIC
published an article titled “Beware of ATM, Debit
and Credit Card ‘Skimming’ Schemes” in the Winter
2018 edition of the Consumer News. 3

Examiner Training and Development
Examiner training continued to receive high priority
and attention in 2018 on multiple fronts. The FDIC
strives to deliver effective and efficient on-the-job,
classroom, and computer-based instruction. A cadre
of highly trained and skilled instructors provides
classroom learning to FDIC examination staff, as well
as staff of regulatory partners from international and
state agencies. Oversight of the training program
is provided by senior and mid-level management
to ensure that content and delivery are effective,

“Beware of ATM, Debit, and Credit Card ‘Skimming’ Schemes,” FDIC Consumer News, Winter 2018, https://www.fdic.gov/consumers/consumer/news/cnwin18/
cardskimming.html.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

2018
appropriate, and current. The FDIC works in
collaboration with partners across the organization
and with the FFIEC to ensure that emerging risks
and topics are incorporated and conveyed timely.
Examination staff at all levels benefit from targeted
and tenure-appropriate content. The FDIC also
recognizes the critical role peer-to-peer knowledge
transfer plays in preserving institutional knowledge
and experience, and encourages opportunities for
employees to learn from each other.
The FDIC has undertaken a multi-year project to
expand and strengthen its examiner development
programs for specializations, such as IT, BSA/AML,
trust, capital markets, and accounting. As banks
become more specialized, enhancing examiner
skills in these areas is key to ensuring an effective
examination program. The goal of this project is to
standardize the skills needed to examine banks of
varying levels of risk and complexity in each specialty
area, and to develop on-the-job training (OJT)
programs to provide opportunities for examiners
to acquire higher level competencies in these
specialty areas.
In 2018, the FDIC drafted specialty OJT programs
in accounting, capital markets, BSA/AML, and trust.
These drafts are under management review and are
targeted for implementation in 2019. The agency also
implemented a new intermediate IT OJT program
and updated its advanced IT OJT program.
In addition, a Current Expected Credit Losses (CECL)
Examiner Training and Development Plan was
launched in 2018 to begin a multi-year initiative to
ensure examination staff understands the requirements
of the new credit losses accounting standard and are
consistent in conveying the FDIC’s expectations with
respect to banks’ CECL implementation efforts.

Minority Depository Institution Activities
The preservation of minority depository institutions
(MDI) remains a high priority for the FDIC. In
2018, the FDIC continued to promote and support
MDI and Community Development Financial
Institution (CDFI) industry-led strategies for success.

These strategies include increasing collaboration
between MDI and CDFI bankers and other financial
institutions; partnering to share costs, raise capital,
or pool loans; and making innovative use of available
federal programs. The FDIC supports this effort
by providing outreach, education and training, and
technical assistance to MDI and CDFI banks.
During 2018, the FDIC led discussions with MDI
bankers and its Advisory Committee on Community
Banking (CBAC) about the FDIC’s Resource
Guide for Collaboration with Minority Depository
Institutions. This guide, published in December 2017,
encourages collaboration among MDIs and between
MDIs and other institutions. The publication
describes some of the ways that financial institutions,
including community banks, can partner with MDIs
to the benefit of all institutions involved, as well as
the communities they serve. Both community banks
and larger insured financial institutions have valuable
incentives under the CRA to undertake ventures
with MDIs, including capital investment and loan
participations. In 2018, the FDIC began preparations
to host roundtables and other events that would
enable MDIs to engage with potential collaboration
partners in 2019.
The FDIC added additional minority bankers to
its CBAC to bring more diverse perspectives and
input to these discussions. In addition, the agency
began updating its 2014 study, “Minority Depository
Institutions: Structure, Performance, and Social
Impact,” for publication in 2019. In support of its
statutory goal to preserve the minority character in
mergers and acquisitions, the FDIC hosted outreach
sessions with MDI bankers to provide an overview
of the process for bidding on failed minority banks,
and to offer technical assistance to banks desiring to
place a bid on a failed MDI franchise. The FDIC also
began planning for the 2019 Interagency Minority
Depository Institution and CDFI Bank Conference,
which the FDIC will host in collaboration with the
OCC and FRB.
The FDIC also continuously pursued efforts to
improve communication and interaction with MDIs
M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
and to respond to the concerns of minority bankers
in 2018. The agency maintains active outreach with
MDI trade groups and offers to arrange annual
meetings between FDIC regional management and
each MDI’s board of directors to discuss issues of
interest. The FDIC routinely contacts MDIs to offer
return visits and technical assistance following the
conclusion of FDIC safety and soundness, compliance,
CRA, and specialty examinations to help bank
management understand and implement examination
recommendations. These return visits, normally
conducted within 90 to 120 days after the examination,
are intended to provide useful recommendations or
feedback for improving operations, not to identify
new issues.
The FDIC’s website invites inquiries and provides
contact information for any MDI to request technical
assistance at any time.
In 2018, the FDIC provided 149 individual technical
assistance sessions on nearly 50 risk management and
compliance topics, including:
♦♦
♦♦
♦♦
♦♦
♦♦

Accounting,
Bank Secrecy Act and Anti-Money Laundering,
Community Reinvestment Act,
Funding and liquidity,
Information technology risk management
and cybersecurity,
♦♦ Third-party oversight, and
♦♦ Troubled debt restructuring.
The FDIC also held outreach, training, and
educational programs for MDIs through conference
calls and regional banker roundtables. In 2018, topics
of discussion for these sessions included many of those
listed above, as well as collaboration and partnerships,
capital markets, cybersecurity, liquidity risk, and
Ombudsman services. In addition, the FDIC assisted
four MDIs in the early termination of Shared Loss
Agreements related to the purchase of failed bank
franchises during the crisis.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

Mutual Institution Activities
In July 2018, the FDIC and OCC co-hosted the 2018
Joint Mutual Forum, which was open to all mutual
banking institutions regardless of charter type.
Mutually owned institutions represent about 9 percent
of all FDIC-insured institutions and are among the
oldest form of depository institution. Attended by
approximately 135 participants, the forum provided
an opportunity for mutual bankers to learn about
current trends and engage in a dialogue on the
strengths of and challenges facing mutual institutions.
The forum opened with remarks by FDIC Chairman
Jelena McWilliams and Comptroller of the Currency
Joseph M. Otting and featured presentations and
banker panels covering topics of interest relating to
the mutual industry. Key sessions focused on: Being
a Mutual in Today’s Financial Services Environment,
Strategic Thinking: Liquidity and Interest Rate Risk
Management, a regulatory Compliance Update, and
an opportunity for each agency to hold an agencyspecific session to address other current matters and
respond to banker inquiries.

SUPERVISION POLICY
The goal of supervision policy is to provide clear,
consistent, meaningful, and timely information to
financial institutions.

Risk-Focused Supervision Program
During 2018, RMS undertook initiatives to enhance
its risk-focused supervision programs, including a
study of post-crisis bank failures, and an in-depth
evaluation of examination processes.
RMS studied post-crisis bank failures for lessons that
could be used to enhance risk-focused supervision
activities going forward. The study reinforced
the importance of a comprehensive and vigilant
approach to continuous risk-focused, forward-looking
supervision. As a result, case study analyses were
presented to supervisory staff, and training sessions
were held to communicate lessons learned from the

2018
study that would help examiners identify deficiencies
or weaknesses and work with institutions to correct
their root causes.
The FDIC also initiated an Examination Workstream
project to review risk-focused examination practices.
The Conference of State Bank Supervisors (CSBS)
participated in the initiative, which also leveraged
feedback from other sources, and developed numerous
recommendations to enhance the risk-focused
supervision program.

Current Expected Credit
Losses Implementation
In June 2016, the Financial Accounting Standards
Board (FASB) introduced the CECL methodology for
estimating allowances for credit losses, replacing the
current incurred-loss methodology.
Since then, the FDIC has worked collaboratively
with the other federal banking agencies, the FASB,
the Securities and Exchange Commission (SEC),
and the CSBS to answer questions regarding the
implementation of CECL.
♦♦ In February 2018, the FDIC and FRB, in
conjunction with the FASB, SEC, and CSBS,
jointly hosted two CECL webinars—one for
examiners and another for bankers—entitled
“Practical Examples of How Smaller, Less
Complex Community Banks Can Implement the
Current Expected Credit Losses Methodology.”
The webinars addressed loan loss rate methods
that such institutions can use to implement
CECL, as well as related data considerations and
controls. The banker webinar had more than
8,000 participants. Materials have been archived
for viewing, and a transcript of the banker
webinar is available.
♦♦ In May 2018, the FDIC, FRB, and OCC issued
a notice of proposed rulemaking (the CECL
NPR), that proposed a revision to the regulatory
capital rules for the implementation of, and
capital transition to, the CECL methodology.

♦♦ In July 2018, the three banking agencies, together
with the FASB, SEC, and CSBS, conducted a
Q&A webinar that addressed various CECL
questions the agencies have received from
community bankers. The July webinar had more
than 3,300 participants. The webinar materials
and a transcript of the presentation have also
been archived for viewing.
In September 2018, the FDIC, jointly with the
other federal banking agencies, published a Federal
Register notice requesting comment on proposed
revisions to the Call Report and other regulatory
reports to address, among other things, changes in
the accounting for credit losses under the CECL
methodology. The notice also proposed changes to
the Call Report’s regulatory capital schedule and
changes to another report to align these reports
with the agencies’ May 14, 2018, CECL NPR.
The agencies issued the CECL final rule in December
2018. The final rule allows banks to transition the
day one effects of the CECL accounting standard on
regulatory capital over three years. The final rule also
revises the agencies’ regulatory capital rule and other
rules to take into consideration differences between the
new accounting standard and existing U.S. generally
accepted accounting principles.

Alternative Reference Rates
The FDIC, along with the other FFIEC members,
launched an initiative to raise awareness and educate
supervised financial institutions and examiners about
reference rate alternatives to the London Inter-bank
Offered Rate (LIBOR). The FFIEC members hosted
an introductory webinar in December 2018, and plan
to follow with additional outreach via webinars and
other efforts as new information develops.

Credit Risk, Liquidity Risk,
and Interest-Rate Risk
Loan volume continues to grow as the economy
expands for the tenth consecutive year. A large
majority of insured institutions grew their loan

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
portfolios over the past year, and some institutions
have further increased existing concentrations. Loan
growth accompanied by a reduction in holdings of
liquid assets and increased reliance on funding sources
other than traditionally stable deposits is particularly
prevalent among institutions with rising or elevated
concentration levels. These trends have the potential
to give rise to heightened credit and liquidity risk.
While interest rates are beginning to rise, asset
maturities remain lengthened. A lengthy period
of historically low interest rates and tightening
net interest margins created incentives for insured
depository institutions to reach for yield in their
lending and investment portfolios by extending
portfolio durations, potentially increasing their
vulnerability to interest-rate risk. Banks must
continue to be diligent in their efforts to identify,
manage, and monitor credit risk, liquidity risk, and
interest-rate risk.
Through regular on-site examinations and interim
contacts with state nonmember institutions, FDIC
staff regularly engages in dialogue with institution
management to ensure that their policies to manage
credit risk, liquidity risk, and interest-rate risk are
effective. Where appropriate, FDIC staff works with
institutions that have significant exposure to these
risks and encourages them to take appropriate riskmitigating steps. The FDIC uses off-site monitoring
to help identify institutions that may have heightened
exposure to these risks, and follows up with them to
better understand their risk profiles.
Throughout 2018, the FDIC conducted outreach
and offered technical assistance regarding these risk
issues, including Supervisory Insights articles on credit
risk grading systems and on the risk management
practices of insured banks active in oil and gas
lending. In addition, FDIC examiners now devote
additional attention during the examination process
to assessing how well banks are managing the risks
associated with concentrations in credit exposures and
funding sources. The findings of these assessments
are shared with bank management in the Report
of Examination.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

Industry Guidance
Interagency Statement on Accounting and
Reporting Implications of the New Tax Law
In January 2018, the FDIC, jointly with the FRB and
OCC, issued an interagency statement containing
guidance on the accounting implications of the
new tax law, which was enacted on December 22,
2017, and related matters. The statement provided
instructions on the application of FASB Accounting
Standards Codification (ASC) Topic 740, “Income
Taxes,” and did not represent new rules or regulations
of the agencies. The changes enacted in the new
tax law were relevant to financial statements and
regulatory reports, such as the Call Report and the
Consolidated Financial Statements for Holding
Companies (FR Y-9C Report).

Interagency Statement Clarifying
the Role of Supervisory Guidance
In September 2018, the FDIC, jointly with the
FRB, OCC, National Credit Union Administration
(NCUA), and Consumer Financial Protection Bureau
(CFPB), issued an interagency statement explaining
the role of supervisory guidance and describing the
agencies’ approach to supervisory guidance. The
statement reaffirmed the purpose of supervisory
guidance to articulate the agencies’ general views
regarding appropriate practices for a given subject
area. Unlike a statute or regulation, supervisory
guidance does not have the force and effect of
law, and the agencies do not take enforcement
actions based on supposed “violations” of
supervisory guidance.

Regulatory Relief
During 2018, the FDIC issued 13 FILs to provide
guidance to financial institutions in areas affected by
hurricanes, tornadoes, flooding, wildfires, and other
severe storms, and to facilitate recovery. In these FILs,
the FDIC encouraged banks to work constructively with
borrowers experiencing financial difficulties as a result of
natural disasters, and clarified that prudent extensions

2018
or modifications of loan terms in such circumstances
can contribute to the health of communities and serve
the long-term interests of lending institutions.

Rulemakings to Implement the
Economic Growth, Regulatory Relief,
and Consumer Protection Act
In May 2018, the EGRRCPA was signed into law,
and the FDIC immediately began efforts to
implement various provisions of the new law.

Community Bank Leverage Ratio
In November 2018, the FDIC, OCC, and FRB
issued a notice of proposed rulemaking to implement
Section 201 of EGRRCPA to establish a leverage ratio
for qualifying community banks. If a qualifying
community bank exceeds this leverage ratio, it would
be deemed to meet the generally applicable leverage
and risk-based capital requirements and the wellcapitalized ratio requirements under the prompt
corrective action framework. Comments will be
accepted for 60 days following publication in the
Federal Register.
In December 2018, the FDIC published a notice of
proposed rulemaking to amend the deposit insurance
assessment system to address the application of the
leverage ratio for qualifying community banks.
Comments will be accepted for 60 days following
publication in the Federal Register.

Appraisal Threshold for Residential Real Estate Loans
In December 2018, the FDIC, OCC, and FRB
published a proposed rule to amend the agencies’
regulations requiring appraisals for certain real
estate-related transactions. The proposed rule would
raise the threshold from $250,000 to $400,000 at
which appraisals would be required for residential
real estate-related transactions. The proposed rule
would also make conforming changes to exempt
certain transactions secured by residential property in
rural areas from the agencies’ appraisal requirement

pursuant to the EGRRCPA. Pursuant to the DoddFrank Act, the proposed rule would amend the
agencies’ appraisal regulations and require institutions
to review appraisals for federally related transactions
for compliance with the Uniform Standards of
Professional Appraisal Practice. The comment period
closed on February 5, 2019.

Reciprocal Deposits
Section 202 of EGRRCPA amended Section 29 of the
FDI Act with respect to reciprocal brokered deposits.
On September 12, 2018, the FDIC approved an NPR
on the treatment of reciprocal deposits to conform
Section 337.6 of the FDIC Rules and Regulations
to Section 202. The NPR was published in the
Federal Register on September 26, 2018. The 30-day
comment period closed on October 26, 2018.
After reviewing the 13 comments received, the FDIC
Board approved a final rule on December 18, 2018,
for publication in the Federal Register. This final rule
adopts the NPR as proposed.
The final rule incorporates the Section 202 statutory
language into the regulation. In summary, the final
rule provides an exception for a capped amount
of reciprocal brokered deposits from treatment as
brokered deposits for certain IDIs, and confirms
that the current statutory and regulatory rate
restrictions for less than well-capitalized institutions
apply to reciprocal deposits that are excepted from
treatment as brokered deposits. The final rule also
includes conforming amendments to the insurance
assessment regulations, Part 327 of the FDIC Rules
and Regulations, to be consistent with the statutory
definition of reciprocal deposits.

Volcker Rule
In December 2018, the FDIC, OCC, FRB and
SEC issued an NPR to implement Section 203 of
EGRRCPA. Section 203 amends Section 13 of the
Bank Holding Company Act to create an exclusion
for certain banks and their holding companies from
the prohibitions of the Volcker Rule. To qualify,

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
neither the IDI nor any controlling company may
have more than $10 billion in total consolidated
assets, or total trading assets and trading liabilities
of more than 5 percent of total consolidated assets,
as reported on the most recent regulatory filing.
The NPR would also implement Section 204 of
EGRRCPA to amend the restrictions applicable to
the naming of a hedge fund or private equity fund
to permit certain banking entities that are not banks
or bank holding companies to share a name with the
fund under certain circumstances. Comments will
be accepted for 30 days following publication in the
Federal Register.

Short Form Call Reports
In November 2018, the FDIC, together with the FRB
and OCC, published in the Federal Register an NPR
to implement Section 205 of EGRRCPA, that would
increase the existing asset-size limit from less than
$1 billion to less than $5 billion for eligibility to file
the streamlined FFIEC 051 Call Report, provided
other criteria are met, and establish reduced reporting
for all IDIs that file this version of the Call Report.
To further reduce reporting requirements in the
FFIEC 051 Call Report, the agencies also proposed
exempting approximately 37 percent of data items
from being reported in the FFIEC 051 Call Report
in the first and third quarters. The principal areas
proposed for reduced reporting include data items
related to categories of risk-weighting of various types
of assets and other exposures under the agencies’
regulatory capital rules, fiduciary and related services
assets and income, and troubled debt restructurings
by loan category. As of June 30, 2018, almost 90
percent of IDIs reported less than $1 billion in total
assets and were already eligible to file the FFIEC
051 Call Report based on asset size. By raising the
threshold for filing the FFIEC 051 to less than $5
billion in total assets, approximately 95 percent of
all IDIs would be eligible to file this streamlined
Call Report. The 60-day comment period closed on
January 18, 2019.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

Expanded Examination Cycle
In December 2018, the FDIC, FRB, and OCC jointly
published final rules to expand the examination cycle
for certain small IDIs and U.S. branches and agencies
of foreign banks. The final rules did not differ from
the interim rules that were published in the Federal
Register on August 29, 2018.
Section 210 of the EGRRCPA raised the asset-size
threshold for the 18-month examination cycle from
less than $1 billion in assets to less than $3 billion in
assets for certain well-capitalized and well-managed
IDIs with an “outstanding” composite condition,
and gave the agencies discretion to similarly raise this
threshold for certain IDIs with an “outstanding” or
“good” composite condition. The agencies exercised
this discretion and issued final rules that, in general,
make qualifying IDIs with less than $3 billion in
total assets eligible for an 18-month (rather than a
12-month) examination cycle.
To qualify, IDIs must have a CAMELS composite
rating of “1” or “2,” and be well-capitalized, wellmanaged, not subject to a formal enforcement
proceeding, and must not have undergone any change
in control during the previous 12-month period.
The rule also applies to qualifying U.S. branches or
agencies of a foreign bank.
Since BSA compliance programs are required to be
reviewed during safety and soundness examinations,
institutions with assets up to $3 billion that are
now eligible for the 18-month safety-and-soundness
examination cycle will also generally be subject to less
frequent BSA reviews.

High Volatility Commercial Real Estate
The FDIC worked with the FRB and OCC to
issue an NPR, published in the Federal Register on
September 28, 2018, to incorporate the new definition
of high-volatility commercial real estate acquisition,
development or construction loan included in Section
214 of EGRRCPA. The 60-day comment period ended
on November 27, 2018.

2018
Liquidity Coverage Ratio Rule: Treatment of Certain
Municipal Obligations as High-Quality Liquid Assets
Section 403 of EGRRCPA amended Section 18 of
the FDI Act, requiring the FDIC, OCC, and FRB
(collectively, the agencies) to amend their liquidity
coverage ratio (LCR) rules, and any other regulation
that incorporates a definition of the term “highquality liquid asset” (HQLA), to treat a municipal
obligation as HQLA that is a level 2B liquid asset if
the obligation, as of the calculation date, is liquid and
readily-marketable and investment grade. On August
31, 2018, the agencies published an interim final rule
in the Federal Register in compliance with Section
403. The comment period for the interim final rule
closed October 1, 2018. The agencies are reviewing
the comments received.

Other Rulemakings
Removal of Credit Ratings from
International Banking Regulations
In March 2018, the FDIC published a final rule
amending its international banking regulations
related to permissible investment activities and the
pledging of assets. The final rule removes references
to “external credit ratings” and replaces them with
“appropriate standards of creditworthiness.” The
changes in the FDIC Rules and Regulations Part 347,
Subparts A and B, are consistent with Section 939A
of the Dodd-Frank Act.

Securities Transaction Settlement Cycle
In June 2018, the FDIC and OCC published a final
rule to amend the rules to generally require supervised
institutions to settle securities transactions within the
number of business days in the standard settlement
cycle followed by registered broker dealers in the
United States. The final rule, which became effective
on October 1, 2018, responds to an industry-wide
shift in the standard settlement cycle from three
days after the trade date (“T+3”) to two days (“T+2”),
as mandated by the SEC’s recent amendments to
SEC Rule 15c6-1(a). By requiring FDIC-supervised

institutions to settle securities transactions within
the standard settlement cycle as provided in SEC
Rule 15c6-1(a), the final rule effectively conforms the
FDIC’s rules to the current T+2 and accommodates
future shifts in the standard settlement cycle.

Proposed Changes to Applicability Thresholds
for Regulatory Capital Requirements and
Liquidity Requirements
In December 2018, the FDIC, FRB, and OCC
published an NPR that would establish a revised
framework for applying the regulatory capital rule,
liquidity coverage ratio rule, and proposed net stable
funding ratio rule. Under the proposal, application
of the rules would depend on the risk profile of each
large U.S. banking organization and its subsidiary
institutions. The proposal would establish four
categories of standards for banking organizations with
total assets of $100 billion or more, and would apply
capital and liquidity requirements tailored for banking
organizations subject to each category. The 30-day
comment period ended on January 22, 2019.

Modifications to the Statement of Policy for Section 19
On July 19, 2018, after considering public comments,
the FDIC Board of Directors approved modifications
to the Statement of Policy for Section 19 of the Federal
Deposit Insurance Act to revise the criteria that define
de minimis offenses, clarify existing statements, and
remove outdated references to the Office of Thrift
Supervision. The modifications are intended to reduce
regulatory burden, promote public awareness of the
law, and decrease the number of covered offenses that
will require an application. In addition, the FDIC
revised the Section 19 application form and published
an informational brochure: “Your Complete Guide
to Section 19.” The modifications to the statement of
policy, revised application form, and informational
brochure were announced in FIL-68-2018.

Brokered Deposits
The FDIC continues to receive questions about the
application of the brokered deposit regulation (Section
337.6 of the FDIC Rules and Regulations). Except
M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
for the December 2018 update for reciprocal deposits,
FDIC last amended its brokered deposit regulation
– specifically the interest rate restrictions– in 2009.
Since that time, technology, law, business models, and
product ranges have evolved. In order to determine
what additional changes to Section 337.6 may be
warranted, the FDIC approved an Advance NPR on
December 18, 2018, to seek comment on the brokered
deposit regulation more generally. The comment
period will end 90 days after publication in the
Federal Register.

FINANCIAL TECHNOLOGY
The FDIC continuously monitors developments in
technology to better understand how it may affect
the financial industry.

Center for Financial Research
The FDIC’s Center for Financial Research (CFR)
encourages, supports, and conducts innovative
research on topics that inform the FDIC’s key
functions of deposit insurance, supervision, and the
resolution of failed banks. CFR researchers produced
a number of new and innovative working papers
in 2018. Many of these were published in leading
banking, finance, and economics journals, and
presented in banking and finance seminars at major
conferences, regulatory institutions, and universities.

FDIC Chairman Jelena McWilliams delivers opening remarks at the
18th Annual Bank Research Conference.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

The CFR also developed and maintained many
financial models used throughout the FDIC,
including off-site models that inform the examination
process. CFR economists also provided ongoing
support to RMS through on-site examinations.
In September 2018, the CFR and the Journal of
Financial Services Research jointly sponsored the 18th
Annual Bank Research Conference. FDIC Chairman
Jelena McWilliams kicked-off the conference by
highlighting the importance of research in supporting
the FDIC’s role in maintaining stability and public
confidence in the nation’s financial system. The
conference has become a premier forum in its field.
Conference organizers received more than 450
submissions for the 26 available presentation slots, and
approximately 220 participants attended. Discussion
sessions focused on tradeoffs in bank regulation,
segmentation of the lending markets, FinTech, and
depositor reactions to increased risk at banks, among
other things.
In October 2018, the CFR published the Small
Business Lending Survey, which presented findings
from a nationally representative survey of U.S. banks
about their small
business lending
practices. The
report provided new
information about
the amount of loans
that banks extend
to small businesses;
how banks engage
with their small
business customers,
including start-ups;
the competitive
environment for
small business loans; and how banks of different
sizes compete in the small business lending market.
Presentations of the findings were made to banking
organizations and regulatory agencies, and the full
report is available at https://www.fdic.gov/sbls.

2018
FDIC Emerging Technology
Steering Committee
The FDIC’s Emerging Technology Steering
Committee, supported by two staff-level
subcommittees, continues to monitor and assess
the various dimensions of emerging technology
developments. The committee is comprised of the
Directors of RMS, DCP, Division of Insurance
and Research (DIR), Division of Resolutions and
Receiverships (DRR), and the Office of Complex
Financial Institutions (OCFI), as well as the General
Counsel, the Chief Risk Officer, and the Chief
Information Officer.
In 2018, the Emerging Technology Steering
Committee continued work on its established
objectives:
♦♦ Comprehend, assess, and monitor the current
emerging technology activities, risks, and trends;
♦♦ Evaluate the projected impact to the banking
system, the deposit insurance system, effective
regulatory oversight, economic inclusion, and
consumer protection;
♦♦ Oversee internal working groups monitoring
particular aspects of emerging technology;
♦♦ Recommend follow-up actions, as appropriate,
and monitor implementation; and
♦♦ Help formulate strategies to respond to
opportunities and challenges presented by
emerging technology, and to ensure developments
align with regulatory goals.
In May 2018, the FDIC hosted a forum on the Use of
Technology in the Business of Banking. The forum
brought together a range of stakeholders, including
banks, technology firms, financial technology
(fintech) firms, trade associations, consumer groups,
and other regulators, to explore emerging technology
issues, specifically as they relate to the business of
banking. The goals of the forum were to better
understand emerging technologies that banks are
using or considering for future use; gain a deeper
understanding of how banks are leveraging (or

can leverage) those emerging technologies to seize
opportunities for their business and their customers,
as well as methods to mitigate risks; and facilitate
candid discussion of emerging issues related to the
use of financial technology in banking. Panelists
represented banks of all sizes, from small community
banks to large banks, as well as other firms and
organizations involved with emerging technology.
Together, they offered a range of perspectives on many
new technologies and the associated opportunities and
potential risks.
The FDIC also participates on several working groups
related to financial technology:
♦♦ The Basel Committee on Banking Supervision’s
Task Force on Financial Technology, which
focuses on the impact of financial technology on
banks’ business models, risk management and
implications for bank supervision;
♦♦ The Financial Stability Oversight Council
(FSOC) Digital Assets Working Group, which is
examining potential policy areas as they relate to
digital assets and the application of distributed
ledger technology; and
♦♦ An interagency FinTech discussion forum, which
focuses on issues related to consumer compliance.

FinTech Legal Group
In 2018, the General Counsel announced a Legal
Division initiative and formed a FinTech Legal Group
comprised of attorneys from across the Division. The
initiative will support the Legal Division and the
FDIC, including its internal agency working groups
with respect to emerging and novel legal issues arising
from new digital and other forms of technology.
In particular, the FinTech Legal Group considers
developments that may transform the traditional
banking business model, operations, systems,
and vendor and consumer relationships; impact
application of current laws and regulations; affect the
risk profiles of FDIC-insured and FDIC-supervised
institutions; and introduce new considerations in
resolving failed institutions.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
COMMUNITY BANKING INITIATIVES
Community banks provide traditional, relationshipbased banking services in their local communities,
and as the primary federal supervisor for the majority
of community banks, the FDIC has a particular
responsibility for the safety and soundness of this
segment of the banking system.
As defined for FDIC research purposes, community
banks made up 92 percent of all FDIC-insured
institutions at mid-year 2018. While these banks hold
just 13 percent of banking industry assets, community
banks are of critical importance to the U.S. economy
and local communities across the nation. They hold
42 percent of the industry’s small loans to farmers and
businesses, making them the lifeline to entrepreneurs
and small enterprises of all types, and they hold the
majority of bank deposits in U.S. rural counties and
micropolitan counties with populations up to 50,000.
In fact, as of June 2018, community banks held more
than 75 percent of deposits in more than 1,200 U.S.
counties. In more than 600 of these counties, the
only banking offices available to consumers were those
operated by community banks.
In 2012, the FDIC launched a Community Banking
Initiative to better understand and support these
institutions. As part of the initiative, the FDIC
publishes research on issues of importance to
community banks, and provides them with resources
to manage risk, enhance the expertise of their staff,
and adapt to changes in the regulatory environment.

Community Banking Research
The FDIC pursues an ambitious, ongoing agenda
of research and outreach focused on community
banking issues. Since the 2012 publication of the
FDIC Community Banking Study, FDIC researchers
have published more than a dozen additional studies
on topics ranging from small business financing to the
factors that have driven industry consolidation over
the past 30 years.
The FDIC Quarterly Banking Profile (QBP) includes
a section focused specifically on community bank

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

performance, providing a detailed statistical picture of
the community banking sector that can be accessed
by analysts, other regulators, and bankers themselves.
The most recent report shows that net income at
community banks continued to grow at a healthy
annual rate in the first three quarters of 2018.
The long-term trend of consolidation has done little to
diminish the role of community banks in the banking
industry. More than three-quarters of the community
banks that merged in 2017 and early 2018 were
acquired by other community banks. On a merger
adjusted basis, loan growth at community banks
exceeded growth at noncommunity banks in every
year between 2012 and 2017. (See Chart 1 on Page
29.) From June 2017 to June 2018, currently operating
noncommunity banks closed far more offices than
they acquired. In contrast, currently operating
community banks acquired offices and opened still
more offices, on net, during the year.
(See Table 1 on page 29.)

Community Bank Advisory Committee
The FDIC’s Advisory Committee on Community
Banking is an ongoing forum for discussing current
issues and receiving valuable feedback from the
industry. The committee, which met twice during
2018, is composed of as many as 18 community bank
CEOs from around the country. It is a valuable
resource for information on a wide range of topics,
including examination policies and procedures, capital
and other supervisory issues, credit and lending
practices, deposit insurance assessments and coverage,
and regulatory compliance issues.
At the July 2018 meeting, DIR discussed the current
financial performance of community banks, and
how selected risk indicators compare to those seen
before the financial crisis. As compared to the precrisis years, community banks have higher capital
ratios than noncommunity banks, and far fewer of
community banks have extremely high concentrations
in construction lending. The presenters also noted,
however, that community banks are holding generally
more loans, fewer liquid assets, and face potential
pressures on deposit costs as interest rates increase.

2018
CHART 1: COMMUNITY BANK LOAN GROWTH HAS EXCEEDED GROWTH
AT NONCOMMUNITY BANKS FOR SIX CONSECUTIVE YEARS
Merger Adjusted Annual Growth in Total Loans and Leases
2006-2017

15%
15
11.2%

10%
10

9.5% 9.3% 9.0%

8.6%

7.0%
5.0%

5%
5
2.1%

0%
0

-0.3%
-2.1%

-5%
-5
-10%
-10

2.0%

3.4% 2.9%

8.3%

7.7%

6.0%
4.7%

4.8%

3.9%

2.1%

-0.9%
-2.3%

Community Banks
Noncommunity Banks

-8.9%

2006

2007

2008

2009

2010

2011

2012

2013

2014

2015

2016

2017

Source: FDIC. All calculations are merger adjusted.

TABLE 1. COMMUNITY BANKS ADDED OFFICES WHILE NONCOMMUNITY BANKS
CLOSED OFFICES FROM JUNE 2017 TO JUNE 2108

Community Banks
Noncommunity banks
TOTAL

Offices of the
June 2018
Group of
Institutions in
June 2017
29,832

Offices of
Banks
Acquired
619

Number of
Offices in
June 2017
Mergeradjusted
30,451

New
Offices
Opened
585

Offices
Closed
500

57,886

1,481

59,367

404

2,254

-15

57,502

87,718

2,100

89,818

989

2,754

88,053

Net Offices
Purchased
or Sold
15

Number of
Offices in
June 2018
30,551

Source: FDIC

Committee members indicated that deposit pricing
pressures had been relatively modest, but that further
interest rate increases could begin to pressure their
deposit costs.

In general, these initiatives focused on reviewing and,
as appropriate, updating the processes, procedures,
and management systems by which the FDIC
receives, reviews, and acts on applications.

De Novo Banks

Most significantly, in December 2018, the FDIC
announced new measures to promote a more
transparent, streamlined, and accountable process
for all de novo applications submitted to the
agency. Specifically, the FDIC issued a Request

In 2018, the FDIC pursued multiple initiatives to
fulfill its commitment to working with, and providing
support to, any group with interest in starting a bank.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
for Information soliciting comments on the deposit
insurance application process, including the
transparency and efficiency of the process, and any
unnecessary burdens that impede the process.
The agency also established a process to receive and
review draft deposit insurance proposals. This process
will help organizers of new financial institutions by
providing an early opportunity for both the FDIC
and organizers to identify potential challenges with
respect to the statutory criteria, areas that may require
further detail or support, and potential issues or
concerns. It will also promote a more transparent
and efficient deposit insurance application process.
The FDIC also established an Applications Mailbox
as an additional means by which bankers and other
applicants may pose questions regarding a specific
application or the application process.
Other measures to support de novo formation, included:
♦♦ Re-publishing time frame guidelines for
processing applications, notices, requests, and
other filings submitted on behalf of proposed
and existing institutions and other parties to help
applicants in their planning.
♦♦ Updating the Applying for Deposit Insurance – A
Handbook for Organizers of De Novo Institutions.
The handbook was designed to help organizers
become familiar with the deposit insurance
application process.
♦♦ Updating the Deposit Insurance Applications
Procedures Manual. The manual provides
comprehensive instruction to staff regarding
the review and processing of deposit insurance
applications.

Technical Assistance Program
As part of the Community Banking Initiative,
the FDIC continued to provide a robust technical
assistance program for bank directors, officers, and
employees. The technical assistance program
includes Directors’ College events held across the
country, industry teleconferences and webinars,
and a video program.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

In 2018, the FDIC hosted Directors’ College
events in five of its six regions. These events
were typically conducted jointly with state trade
associations and addressed issues such as corporate
governance, regulatory capital, community banking,
concentrations management, consumer protection,
BSA, and interest-rate risk, among other topics.
The FDIC also offers a series of banker events, in
order to maintain open lines of communication and
to keep bank management and staff up-to-date on
important banking regulatory and emerging issues of
interest to community bankers. In 2018, the FDIC
offered 11 teleconferences or webinars focused on the
following topics:
♦♦ Understanding Reasonably Expected Market
Area (REMA) and Community Reinvestment
Act (CRA) Assessment area,
♦♦ Liquidity and funding risk management,
♦♦ Current Expected Credit Losses (CECL)
accounting methodology,
♦♦ The impact of rising interest rates on asset/
liability management,
♦♦ Money Smart for Small Businesses,
♦♦ Regulatory and accounting update,
♦♦ Common exam findings,
♦♦ Update on compliance and CRA, and
♦♦ Information sharing on standardized export of
imaged loan documents.
In October 2018, the FDIC hosted a teleconference
to provide information about EGRRCPA
implementation, and to answer questions. The
call was part of the FDIC’s consumer compliance
teleconference and webinar series, which allows the
FDIC to communicate important information to
supervised institutions on a variety of topics and to
respond to industry questions.
In November 2018, the FDIC hosted another
teleconference to discuss results of the 2017 National
Survey of Unbanked and Underbanked Households.
During this call, participants also discussed economic

2018
inclusion resources pertinent to community banks,
including the Money Smart for Adults financial
education program, and CRA consideration for
activities that benefit underserved communities.

Economic Growth and Regulatory
Paperwork Reduction Act
The Economic Growth and Regulatory Paperwork
Reduction Act (EGRPRA) directs the federal banking
agencies and the FFIEC to conduct a joint review of
regulations every 10 years to determine whether any
of those regulations are outdated or unnecessary.
In March 2017, the FFIEC submitted a report to
Congress that described actions the agencies had
already taken to address comments received during
the EGRPRA process as well as actions the agencies
planned to take in the future. During 2018, the
FDIC along with the other FFIEC member agencies,
continued to work together to reduce burden in the
following areas raised during the EGRPRA review
process.
♦♦ Capital Simplification Proposal
In 2017, the federal banking agencies issued
an NPR to seek comment on simplifications to
the capital framework as part of the agencies’
EGRPRA efforts. Parts of the proposed
rulemaking was superseded by certain capital
framework provisions of the Economic Growth,
Regulatory Relief and Consumer Protection Act.
As a result, the federal banking agencies issued
in September 2018 an NPR to seek comment on
implementation of the revised statutory definition
of High Volatility Commercial Real Estate and
issued in November 2018 an additional NPR to
seek comment on the leverage ratio for qualifying
community banks. FDIC staff, along with the
staff of other federal banking agencies, continued
to review comments received in response to the
2017 NPR to simplify the capital rules for small
banks not eligible for the community bank
leverage ratio, including the regulatory capital
treatment of mortgage servicing assets, deferred
tax assets, investments in the capital instruments

of other financial institutions, and minority
interest. FDIC staff, along with the staff of
other federal banking agencies, plan to put forth
final rules on both of these capital simplification
efforts in 2019 and explore other areas of
regulatory capital rules that may be simplified
or streamlined.
♦♦ Commercial and Residential Real Estate
Appraisal Thresholds
On April 9, 2018, the FDIC, FRB, and
OCC jointly published a final rule that raised
the threshold for requiring an appraisal on
commercial real estate transactions from
$250,000 to $500,000.
Similarly, on December 7, 2018, the FDIC, FRB,
and OCC jointly published an NPR requesting
comment on an increase in the threshold for
requiring an appraisal on residential real estate
transactions from $250,000 to $400,000.
♦♦ Frequently Asked Questions (FAQs) on the
Appraisal Regulations and the Interagency
Appraisal and Evaluation Guidelines
In October 2018, the FDIC, FRB, and OCC
jointly issued FAQs on real estate appraisals
and evaluations, in response to questions raised
during the EGRPRA process about the agencies’
appraisal regulations and guidance. The FAQs
do not introduce new policy or guidance, but
instead assemble previously communicated policy
and interpretations. The FAQs complement the
agencies’ appraisal regulations, the real estate
lending standards, the Interagency Appraisal and
Evaluation Guidelines, the Interagency Advisory
on the Use of Evaluations in Real Estate-Related
Financial Transactions, and other regulations and
advisories related to appraisals and evaluations.
The FAQs rescinded and replaced FAQs that the
agencies previously issued in March 2005.
♦♦ Advisory on the Availability of Appraisers
The FDIC, FRB, OCC, and NCUA issued an
advisory that discusses two existing methods
that may address appraiser shortages, particularly
M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
in rural areas: temporary practice permits and
temporary waivers. The advisory addresses
concerns raised pursuant to the EGRPRA
review process.
The first method, temporary practice permits,
may be granted by state appraiser regulatory
agencies to allow credentialed appraisers to
provide their services in states experiencing
a shortage of appraisers, subject to state law.
Reciprocity is a widely used practice in which
one state recognizes the appraiser certification
and licensing of another state, permitting statecertified and -licensed appraisers to perform
appraisals across state lines. The second method,
temporary waivers, sets aside requirements
relating to the certification or licensing of
individuals to perform appraisals under Title
XI of FIRREA in states or geographic political
subdivisions while there is a scarcity of certified
or licensed appraisers that has caused significant
delays in performing appraisals. Authority to
grant temporary waiver requests rests with the
FFIEC's Appraisal Subcommittee, and is subject
to FFIEC approval. To further communicate
about the availability of the waiver process and
get a deeper understanding of rural appraisal
issues, the Conference of State Bank Supervisors
organization arranged six roundtables between
federal banking regulators, state commissioners
and rural community bankers. Roundtables were
held in Michigan, Tennessee, Wyoming, North
Dakota, South Dakota, and Montana.
♦♦ Call Report Burden Reduction
Effective with the June 30, 2018, reporting
date, burden-reducing revisions were made to
all three versions of the Call Report (FFIEC
051, FFIEC 041, and FFIEC 031 Call Reports).
These changes were the result of multi-phase
review of the data collected in all Call Report
schedules, the re-evaluation of certain previously
reviewed schedules, and consideration of industry
comments and feedback. These changes were
designed to ease reporting requirements and

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

lessen the reporting burden for small and
large institutions.
Additionally, during 2018 the FFIEC’s Task
Force on Reports developed options for
expanding eligibility to file the FFIEC 051 Call
Report beyond the initial asset size eligibility
threshold of $1 billion. This effort included
analyzing Call Report data from institutions
with domestic offices only and $1 billion or more
in total assets. Section 205 of the EGRRCPA
requires the banking agencies to issue regulations
that allow for a reduced reporting requirement
in the first and third quarter Call Reports for
institutions that have less than $5 billion in
total assets and satisfy other appropriate criteria
established by the agencies. An NPR to expand
eligibility for filing FFIEC 051 and to reduce
the quarterly reporting frequency for some items
to semiannual (i.e., June and December only)
was published in November 2018. As of June
30, 2018, approximately 90 percent of IDIs were
eligible to file the FFIEC 051 Call Report. If
the rule is finalized as proposed, approximately
95 percent of IDIs would be eligible to file the
FFIEC 051 Call Report.
♦♦ Part 350 Disclosure of Financial and
Other Information
In October 2018, the FDIC published an NPR
to rescind and remove Part 350 of its regulations,
which requires insured state nonmember banks
and insured state-licensed branches of foreign
banks to prepare an annual disclosure statement
containing specified financial information and
make it available to the public. The FDIC
determined that widespread access to the internet
allows interested persons to readily access more
extensive and timely financial information about
individual institutions than an annual disclosure
statement, and that the burden of providing this
annual disclosure statement is no longer justified.
♦♦ Management Official Interlocks
In December 2018, the FDIC, OCC, and
FRB approved a proposed rule that would

2018
increase the major assets prohibition thresholds
for management interlocks in the agencies’
rules implementing the Depository Institution
Management Interlocks Act (DIMIA). The
DIMIA major assets prohibition prohibits a
management official of a depository organization
with total assets exceeding $2.5 billion (or any
affiliate of such an organization) from serving
at the same time as a management official of an
unaffiliated depository organization with total
assets exceeding $1.5 billion (or any affiliate of
such an organization). Raising the thresholds
will account for changes in the U.S. banking
market and inflation since the current thresholds
were established in 1996, and relieve certain
institutions (i.e., those below the adjusted
threshold) from having to ask the agencies for
an exemption from the major assets prohibition.
The agencies proposed three alternative
approaches to increasing the thresholds, and do
not expect the proposal to materially increase
anticompetitive risk.
♦♦ Retirement of Certain Financial
Institution Letters
Financial Institution Letters (FILs) serve as
the primary tool for delivering information to
financial institutions about new regulations,
supervisory guidance, management tools,
regulatory relief, and other subjects of interest.
As part of a continuing effort to reduce
regulatory burden, in December 2018, the FDIC
retired 374 risk management supervision-related
FILs and 119 FILs related to consumer protection
that were issued between 1995 and 2017. The
retired FILs were identified as being outdated or
as conveying regulations or other information
that is still in effect but available elsewhere on the
FDIC’s website.
♦♦ Examination Modernization
Recognizing that regulatory burden does not
emanate only from statutes and regulations, the
FDIC, along with the FFIEC, continued the

FFIEC Examination Modernization project in
2018 as a follow-up to the review of regulations
under EGRPRA. The project is focused on
identifying ways to improve the efficiency of
processes, procedures, and tools related to safetyand-soundness examinations and supervisory
oversight, while maintaining the quality of the
examination process.
In March 2018, the FFIEC issued an update
on the Examination Modernization project,
which noted that, in response to feedback from
both bankers and examiners, the FFIEC would
initially focus on the following measures to
reduce supervisory burden:
1. Highlight and reinforce regulator
communication objectives before, during, and
after examinations.
2. Continue to tailor examinations based on risk.
3. Leverage technology and shift, as appropriate,
examination work from on-site to off-site.
4. Improve electronic file transfer systems to
facilitate the secure exchange of information
between institutions and supervisory offices or
examiners.
As a first step, and to address the first theme,
the FDIC and other banking agencies issued
a statement describing the principles of
communication the agencies follow during the
examination process, and committed to issue
guidance to examination staff to reinforce
and clarify the importance of being clear and
transparent with community bankers during the
examination process.
In April 2018, the FDIC conducted an
information sharing session to introduce
a methodology for examiners to review
standardized imaged loan files off-site. This
technology is designed to reduce the amount of
time examiners must spend onsite during a bank
examination. A pilot program began in May,
and several institutions have participated.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
Also in 2018, the Examination Modernization
project team reviewed and compared principles
and processes for risk-focusing examinations of
community banks. This review concluded that
the agencies have developed and implemented
similar programs and processes for risk-tailoring
examinations.
On November 27, 2018, the FFIEC issued a
statement to update the industry on efforts
to reduce supervisory burden by tailoring
examinations based on risk. In this statement,
the FDIC and other agencies committed to issue
reinforcing and clarifying guidance to examiners
on risk-focused examination principles.
♦♦ OTS Rule Integration
The FDIC also streamlined and clarified
certain regulations through the Office of Thrift
Supervision (OTS) rule integration process.
Under Section 316(b) of the Dodd-Frank
Act, former OTS rules remain in effect “until
modified, terminated, set aside, or superseded
in accordance with applicable law” by the
relevant successor agency, a court of competent
jurisdiction, or operation of law. When
the FDIC republished the transferred OTS
regulations as new FDIC regulations applicable
to state savings associations, the FDIC stated in
the Federal Register notice that its staff would
evaluate the transferred OTS rules and might
later recommend incorporating them into other
FDIC rules, amending them, or rescinding
them. This process began in 2013 and continues,
involving publication in the Federal Register of a
series of NPRs and final rules.
In April 2018, two transferred OTS rules,
Prompt Corrective Action and Capital, were
removed as part of Basel III implementation.
Additionally, in May 2018, the FDIC issued
final rules to remove two transferred OTS rules,
Minimum Security Procedures and Consumer
Protection in Sales of Insurance, and to make
technical amendments to related FDIC rules
for applicability to FDIC-supervised state banks

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

and savings associations. In November 2018,
the FDIC issued a final rule to remove the
transferred OTS rule regarding Fiduciary Powers
of State Savings Associations, and to amend and
revise rules regarding Consent Requirements
for the Exercise of Trust Powers. The final rule
makes all FDIC-supervised institutions subject
to the same application procedures for obtaining
consent to exercise trust powers.
Finally, in December 2018, the FDIC approved
an NPR seeking comment on the removal of a
transferred rule regarding lending and investment
that is duplicative of standards in existing FDIC
regulations. The NPR also seeks to remove rules
related to the registration of residential mortgage
loan originators in light of Title X of the DoddFrank Act, which transferred this authority to
the CFPB. Staff will continue to review the
remaining nine transferred regulations.

ACTIVITIES RELATED TO SYSTEMICALLY
IMPORTANT FINANCIAL INSTITUTIONS
The FDIC is committed to addressing the unique
challenges associated with the supervision, insurance,
and potential resolution of large and complex financial
institutions. The agency’s ability to analyze and
respond to risks in these institutions is particularly
important, as they comprise a significant share of
banking industry assets and deposits. We have
developed a consistent approach to large bank
supervision nationwide that allows us to identify,
analyze, and quickly respond to industry-wide and
institution-specific risks and emerging issues. The
FDIC has segregated these activities in two groups to
both ensure that supervisory attention is risk-focused
and tailored to the risk presented by the nation’s
largest banks, and to meet our responsibilities under
the FDI Act and the Dodd-Frank Act.

Complex Financial Institutions Program
The Dodd-Frank Act expanded the FDIC’s
responsibilities pertaining to systematically important
financial institutions (SIFIs) and nonbank financial

2018
companies designated by FSOC. The FDIC’s CFI
Group and Large Bank Supervision Branch, both
within RMS, perform ongoing risk monitoring of
Global Systemically Important Banks (G-SIBs), large
Foreign Banking Organizations (FBOs), and FSOCdesignated nonbank financial companies, provide
backup supervision of the firms’ related IDIs, and
evaluate the firms’ required resolution plans. The CFI
Group also performs certain analyses that support the
FDIC’s role as an FSOC member.

Resolution Plans – Title I Living Wills
Certain large banking organizations and nonbank
financial companies designated by the FSOC for
supervision by the FRB are periodically required to
submit resolution plans to the FRB and the FDIC.
Each resolution plan, commonly known as a “living
will,” must describe the company’s strategy for rapid
and orderly resolution under the U.S. Bankruptcy
Code in the event of material financial distress or
failure of the company.
Companies subject to Title I are divided into three
groups: 1) companies with $250 billion or more in
nonbank assets, 2) companies with nonbank assets
between $100 billion and $250 billion, and 3) all
other companies with total consolidated assets of $50
billion or more.4 Large bank holding companies with
substantial nonbank assets file in July. Other large
bank holding companies file in December.

Large Bank Holding Companies
with Substantial Nonbank Assets
July filers include Bank of America Corporation,
Bank of New York Mellon Corporation, JPMorgan
Chase & Co., State Street Corporation, Wells Fargo
& Company, Goldman Sachs Group, Inc., Morgan
Stanley, and Citigroup, Inc. (collectively referred to as
the eight domestic G-SIBs); and Barclays PLC, Credit
Suisse Group AG, Deutsche Bank AG, and UBS AG,
(collectively referred to as the four large FBOs).

The four FBOs submitted resolution plans on or
before July 1, 2018. On December 18, 2018, the
FDIC and FRB issued letters to the four firms
providing their review findings and information
about areas where additional work needs to be done
to improve resolvability. The agencies also extended
the next resolution plan filing deadline for FBOs
from July 1, 2019, to July 1, 2020. The extensions
will allow additional time for the agencies to provide
feedback to the firms on their last submissions and for
the firms to produce their next plans.
On July 29, 2018, the agencies issued for public
comment revised resolution plan guidance for the
eight domestic banking organizations. The proposed
guidance updates to the agencies’ expectations for how
a firm’s resolution strategy should address derivatives
and trading activities, and payment, clearing, and
settlement activities. The comment period closed
on September 14, 2018. The agencies issued final
guidance on December 18, 2018.

Other Large Bank Holding Company Filers
In January 2018, the FDIC, jointly with the FRB,
provided feedback to 19 foreign-based banking
organizations with total consolidated assets of $50
billion or more regarding resolution plans submitted
in December 2015. In March 2018, the FDIC, and
FRB, provided feedback to two regional bank holding
companies which submitted their resolution plans
in December 2016. In May 2018, the FDIC and
FRB granted an extension to 14 regional bank
holding companies, extending the due date for
their next resolution plan from December 2018 to
December 2019.

Nonbank Firms
Nonbank financial firms designated as systemically
important by FSOC also are required to submit
resolution plans for review by the FDIC and FRB.
Prudential, Inc., the only remaining designated

In 2018, the EGRRCPA increased the threshold for resolution plan requirements under Section 165(d) of the Dodd-Frank Act. The FDIC and FRB have announced
their intention to propose amendments to current regulations and tailor certain future plan submission requirements in 2019.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT

Insured Depository
Institution Resolution Plans

and guidance considerations, and resolution planning
efforts. As part of this monitoring, the FDIC
analyzes each company’s risk profile, governance
and risk management capabilities, structure and
interdependencies, business operation and activities,
management information system capabilities, and
recovery and resolution capabilities.

Section 360.10 of the FDIC Rules and Regulations
requires an IDI with total assets of $50 billion or
more to periodically submit to the FDIC a plan for
its resolution in the event of its failure (the “IDI
rule”). The IDI rule requires covered IDIs to submit
a resolution plan that would allow the FDIC, as
receiver, to resolve the institution under Sections 11
and 13 of the FDI Act in an orderly manner that
enables prompt access to insured deposits, maximizes
the return from the sale or disposition of the failed
IDI’s assets, and minimizes losses realized by
creditors. The resolution plan must also describe how
a proposed strategy will be least costly to the Deposit
Insurance Fund.

The FDIC continues to work closely with the other
federal banking agencies to analyze institution-specific
and industry-wide conditions and trends, emerging
risks and outliers, risk management, and the potential
risk posed to financial stability by G-SIBs and
large FBOs and non-bank financial companies. To
support risk monitoring that informs supervisory and
resolution planning efforts, the FDIC has developed
systems and reports that make extensive use of
structured and unstructured data. Monitoring reports
are prepared on a routine and ad-hoc basis and cover
a variety of aspects that include risk components,
business lines and activity, market trends, and
product analysis.

Forty-one large insured banks covered by the IDI rule
submitted their resolution plans by July 1, 2018. In
the time period leading up to the submission deadline,
the FDIC had undertaken measures to improve
transparency and responsiveness. Specifically, the
FDIC established a dedicated mailbox to receive
questions and responded to more than 200 individual
questions from banks, conducted three industry
calls, met with one trade association, and conducted
numerous meetings with individual covered IDIs.
The resolution plans submitted by the IDIs have been
reviewed and potential impediments to resolvability
identified. Letters will be sent to the firms in
early 2019.

Additionally, the FDIC has implemented and
continues to expand upon various monitoring
systems, including the Systemic Monitoring System
(SMS). The SMS provides an individual risk profile
and assessment for each G-SIB and large FBO by
evaluating the level and change in metrics that serve
as important indicators of overall risk. The SMS
supports the identification of emerging and outsized
risks within individual firms and the prioritization
of supervisory and monitoring activities. The SMS
also serves as an early warning system of financial
vulnerability. Information from SMS and other
FDIC-prepared reports are used to prioritize activities
relating to SIFIs and to coordinate supervisory and
resolution-related activities with the other banking
agencies.

nonbank at the start of 2018, was required to submit
its plan on December 31, 2018, pursuant to a previous
extension. However, on October 16, 2018, FSOC
rescinded Prudential’s designation as a SIFI.

The FDIC expects to issue an advance notice of
proposed rulemaking relating to the IDI rule for
public comment during the first quarter of 2019.

Monitoring and Measuring Systemic Risks
The FDIC monitors risks related to G-SIBs and
large FBOs at the firm level and industry wide to
inform supervisory planning and response, policy

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

The FDIC also conducts semi-annual “Day of Risk”
meetings to present, discuss, and prioritize the review
of emerging risks. In some cases, these discussions
can lead to shifts in supervisory focus or priorities.
In 2018, RMS CFI Group implemented a new SIFI
Risk Report that identifies key vulnerabilities of

2018
systemically important firms, gauges the proximity of
these firms to a resolution event, and independently
assesses the appropriateness of supervisory CAMELS
ratings for the insured deposit institutions held by
these firms.

Back-up Supervision Activities for IDIs of
Systemically Important Financial Institutions
Risk monitoring is enhanced by the FDIC’s back-up
supervision activities. In its back-up supervisory role,
as outlined in Sections 8 and 10 of the FDI Act, the
FDIC has expanded resources and has developed and
implemented policies and procedures to guide backup supervisory activities. These activities include
performing analyses of industry conditions and
trends, supporting insurance pricing, participating
in supervisory activities with other regulatory
agencies, and exercising examination and enforcement
authorities when necessary.
At institutions where the FDIC is not the primary
federal regulator, FDIC staff works closely with other
regulatory authorities to identify emerging risk and
assess the overall risk profile of large and complex
institutions. The FDIC has assigned dedicated staff
to IDIs of G-SIBs and large FBOs and certain other
large IDIs to enhance risk-identification capabilities
and facilitate the communication of supervisory
information. These individuals work with the staff
of the FRB and OCC in monitoring risk at their
assigned institutions.
Through December 2018, FDIC staff participated
in 112 targeted examination activities with the FRB
or OCC in G-SIBS, large FBOs, and large regional
banks. The reviews included, but were not limited
to, engagement in evaluation of risk management,
corporate governance, BSA/AML reviews, credit risk
reviews, quantitative model reviews, and cybersecurity
risk and operational risk reviews. FDIC staff also
participated in various interagency horizontal review
activities, including the FRB’s Comprehensive
Capital Assessment and Review, reviews of model
risk management, and independent pricing of
fair-valued assets.

Title II Orderly Liquidation Authority
Under the Dodd-Frank Act, failed or failing financial
companies are expected to file for reorganization or
liquidation under the U.S. Bankruptcy Code, similar
to what any failed or failing nonfinancial company
would file. If resolution under the Bankruptcy
Code would result in serious adverse effects to U.S.
financial stability, Title II of the Dodd-Frank Act
provides a backup authority for resolving a company
for which the bankruptcy process is not viable.
There are strict parameters on the use of the Title
II Orderly Liquidation Authority, however, and it
can only be invoked under a statutorily prescribed
recommendation and determination process, coupled
with an expedited judicial review process.

Resolution Strategy Development
The FDIC has undertaken institution-specific
strategic planning to carry out its orderly liquidation
authorities with respect to the largest G-SIBs
operating in the United States. The strategic plans
and optionality being developed for these firms are
informed by the Title I plan submissions. Further,
the FDIC continues to build its systemic resolution
framework, portions of which have been shared with
other authorities, and is developing process documents
to facilitate the implementation of the framework in
a Title II resolution. In addition, preliminary work
continues in the development of resolution strategies
for financial market utilities, particularly central
counterparties (CCPs).

Cross-Border Efforts
Advance planning and cross-border coordination
for the resolution of Global Systemically Important
Financial Institutions (G-SIFIs) is essential to
minimizing disruptions to global financial markets.
Recognizing that the resolution of a G-SIFI creates
complex cross-border legal and operational concerns,
the FDIC continues to work with foreign regulators
to establish frameworks for effective cooperation,
including information-sharing arrangements.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
The FDIC continued to advance its working
relationships with authorities from other jurisdictions
that supervise G-SIFIs, and through international
forums, such as the Financial Stability Board’s
Resolution Steering Group and its various subgroups.
In 2018, the FDIC continued its ongoing work with
international authorities to enhance coordination on
cross-border bank resolution. This work included
participation by senior financial officials and staff
from the United States and key foreign jurisdictions.
FDIC staff continues to pursue follow-on work
endorsed by senior officials from participating
agencies.
The FDIC serves as a co-chair for all of the
cross-border crisis management groups (CMGs)
of supervisors and resolution authorities for U.S.
G-SIFIs. In addition, the FDIC participates as a
host authority in CMGs for foreign G-SIFIs. The
FDIC and the European Commission (EC) continued
their engagement through a joint working group,
which is composed of senior executives at the FDIC
and EC who meet to focus on both resolution and
deposit insurance issues. In 2018, the working group
discussed cross-border bank resolution and resolution
of CCPs, among other topics.
FDIC staff also participated in the joint U.S.-EU
Financial Regulatory Forum meetings, one held in
Washington, D.C., in January 2018, and another
held in Brussels in June 2018, with representatives
of the EC and other participating European
Union authorities, and staffs of the Department of
Treasury, FRB, SEC, Commodities Futures Trading
Commission (CFTC), and other participating U.S.
agencies. Discussions addressed the outlook for
financial regulatory reforms and future priorities,
including those involving standards relevant to banks
and cooperation on cross-border issues relevant to
capital markets such as those involving CCPs.
In 2018, FDIC staff also participated in the inaugural
meeting of the U.S.-UK Financial Regulatory
Working Group in London, which was formed to
support financial stability and related matters. This

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

cooperation is especially important given transition in
the UK’s regulatory relationships as it withdraws from
the European Union.

Systemic Resolution Advisory Committee
The FDIC created the Systemic Resolution Advisory
Committee (SRAC) in 2011 to receive advice and
recommendations on a broad range of issues regarding
the resolution of systemically important financial
companies pursuant to the Dodd-Frank Act. Over
the years, the SRAC has advised the FDIC on a
variety of issues, including:
♦♦ The effects on financial stability and economic
conditions resulting from the failure of a SIFI,
♦♦ The ways in which specific resolution strategies
would affect stakeholders and customers,
♦♦ The tools available to the FDIC to wind down
the operations of a failed organization, and
♦♦ The tools needed to assist in cross-border
relations with foreign regulators and governments
when a SIFI has international operations.
Members of the SRAC have a wide range of
experience, including managing complex firms,
administering bankruptcies, and working in the legal
system, accounting field, and academia. The last
meeting of the SRAC was held on December 6, 2018.
Agenda topics included updates to the Title I Living
Wills, Title II Orderly Liquidation Authority, and
international developments.

Financial Stability Oversight Council
The FSOC was created by the Dodd-Frank Act in
July 2010 to promote the financial stability of the
United States. It is composed of 10 voting members,
including the Chairperson of the FDIC, and five nonvoting members.
The FSOC’s responsibilities include the following:
♦♦ Identifying risks to financial stability, responding
to emerging threats in the financial system, and
promoting market discipline;

2018
♦♦ Identifying and assessing threats that institutions
may pose to financial stability and, if appropriate,
designating a nonbank financial company for
supervision by the FRB subject to heightened
prudential standards;
♦♦ Designating financial market utilities and
payment, clearing, or settlement activities
that are, or are likely to become, systemically
important;
♦♦ Facilitating regulatory coordination and
information sharing regarding policy
development, rulemaking, supervisory
information, and reporting requirements;
♦♦ Monitoring domestic and international financial
regulatory proposals and advising Congress
and making recommendations to enhance the
integrity, efficiency, competitiveness, and stability
of U.S. financial markets; and
♦♦ Producing annual reports describing, among
other things, the Council’s activities and
potential emerging threats to financial stability.
In December 2018, the FSOC issued its 2018 annual
report. Generally, at each of its meetings, the FSOC
discusses various risk issues. In 2018, the FSOC
meetings addressed, among other topics: the process
for considering applications from bank holding
companies or their successors under section 117 of
the Dodd-Frank Act, the annual reevaluation of its
designation of a nonbank financial company, financial
market volatility, fluctuations in various asset classes
(including cryptocurrency futures) and the impacts
on financial institutions and markets, the progress of
the United Kingdom’s efforts to leave the European
Union (i.e., “Brexit”) and potential changes that could
affect U.S. financial markets or institutions, and
alternative reference rates, including the adoption of
the Secured Overnight Financing Rate. Additionally,
in early 2018, the Council established a working
group to study a digital asset and distributed ledger
technology. The working group brings together
federal financial regulators whose jurisdictions are
relevant to the oversight of digital assets and their
underlying technologies.

DEPOSITOR AND
CONSUMER PROTECTION
A major component of the FDIC’s mission is to
ensure that financial institutions treat consumers
and depositors fairly, and operate in compliance with
federal consumer protection, anti-discrimination,
and community reinvestment laws. The FDIC
also promotes economic inclusion to build and
strengthen positive connections between insured
financial institutions and consumers, depositors, small
businesses, and communities.

Rulemaking and Guidance
Home Mortgage Disclosure Act
In March 2018, the FDIC and other FFIEC members
revised A Guide to HMDA Reporting: Getting It Right!
The guide was updated to reflect changes to the Home
Mortgage Disclosure Act (HMDA) in October 2015,
and further amendments made in 2017. The guide
was designed to help financial institutions better
understand the HMDA requirements, including data
collection and reporting provisions.
In July 2018, the FDIC released a statement on the
impact of the EGRRCPA on HMDA. EGRRCPA
provides partial exemptions for some insured
depository institutions and insured credit unions
from certain HMDA requirements. The FDIC noted
that the CFPB would be providing further guidance
on the applicability of the EGRRCPA to HMDA
data collected in 2018. The agencies retained their
diagnostic examination approach regarding HMDA
data collected in 2018 and reported in 2019.

Updated Examination Procedures
Updated examination procedures were communicated
through revisions to the FDIC Compliance
Examination Manual that is publicly available on
the FDIC’s website.
In February 2018:
♦♦ Truth in Lending Act (TILA) (V-1.1): Several
TILA thresholds were updated. Specifically, the
M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
escrow exemption and the appraisal exemption
thresholds for higher priced mortgages were
increased and dollar amounts for provisions in
Regulation Z related to qualified mortgages and
Home Ownership and Equity Protection Act
loans were updated. The exemption threshold
for consumer credit and lease transactions were
also increased. The Credit Card Penalty Fee Safe
Harbor remained the same as the prior year.
♦♦ Home Mortgage Disclosure Act (HMDA)
(V-9.1): The asset size exemption thresholds were
updated. Additional information regarding
implementation of the 2015 HMDA Final Rule
and subsequent rulemakings was added.
♦♦ Consumer Leasing Act (V-10.1): The exemption
threshold for consumer credit and lease
transactions was updated.
♦♦ Community Reinvestment Act (XI-1.1):
Asset-based definitions for “small banks” and
“intermediate small banks” were updated.
In May 2018:
♦♦ Truth in Lending Act (TILA) (V-1.1): The
interagency TILA examination procedures
were updated to reflect the 2016 amendments
to the Mortgage Servicing Rule originally issued
in 2013.
♦♦ Real Estate Settlement Procedures Act (RESPA)
(V-3.1): The interagency RESPA examination
procedures were updated to reflect the 2016
amendments to the Mortgage Servicing Rule
originally issued in 2013.
♦♦ Servicemembers Civil Relief Act (SCRA) (V11.1): The SCRA chapter was updated to reflect a
statutory amendment extending the sunset date
of certain expanded protections for members
of uniformed services relating to mortgages
and mortgage foreclosure available under the
Servicemembers Civil Relief Act.
In June 2018:
♦♦ Retail Insurance Sales (IX-2.1): The Retail
Insurance Sales chapter was updated to reflect
changes to Part 343 to reflect the scope of the

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

FDIC’s current supervisory responsibilities
as the appropriate federal banking agency for
state savings associations that were previously
regulated by the Office of Thrift Supervision.
In August 2018:
♦♦ Expedited Funds Availability Act (VI-1.1): The
Expedited Funds Availability Act chapter was
updated to reflect amendments to Regulation CC
regarding check collections and return provisions.

Promoting Economic Inclusion
The FDIC is strongly committed to promoting
access to a broad array of responsible and sustainable
banking products to meet consumer’s financial needs.
In support of this goal, the FDIC:
♦♦ Conducts research on the unbanked and
underbanked populations,
♦♦ Engages in research and development on models
of products meeting the needs of lower-income
consumers,
♦♦ Supports partnerships to promote consumer
access to and use of banking services,
♦♦ Advances financial education and literacy, and
♦♦ Facilitates partnerships to support community
and small business development.

Advisory Committee on Economic Inclusion
The Advisory Committee on Economic Inclusion
(ComE-IN) provides the FDIC with advice and
recommendations on important initiatives to expand
access to mainstream banking services to underserved
populations. This includes reviewing basic retail
financial services (e.g., low-cost, safe transaction
accounts; affordable small-dollar loans; savings
accounts; and other services), as well as demand-side
factors such as consumers’ perceptions of mainstream
financial institutions.
In October 2018, the ComE-IN held a meeting that
included a discussion of the results from the 2017
FDIC National Survey of Unbanked and Underbanked
Households. The committee also heard a presentation

2018
on research from the United Kingdom’s Financial
Conduct Authority into the effectiveness of mobile
text notifications sent to help consumers avoid
unwanted fees. In addition, the committee heard a
presentation on opportunities to extend economic
inclusion in the banking system through youth
employment programs.
In December 2018, the FDIC renewed the ComE-IN
charter pursuant to the requirements of the Federal
Advisory Committee Act (5 U.S.C. App. 2).

FDIC National Survey of Unbanked and
Underbanked Households and Related Research
As part of its ongoing commitment to expanding
economic inclusion in the United States, the FDIC
works to fill the research and data gap regarding
household participation in mainstream banking and
the use of nonbank financial services. In addition,
Section 7 of the Federal Deposit Insurance Reform
Conforming Amendments Act of 2005 mandates that
the FDIC regularly report on underserved populations
and bank efforts to bring individuals and families
into the mainstream banking system. In response,
the FDIC regularly conducts and reports on surveys
of households and banks to inform the public and
enhance the understanding of financial institutions,
policymakers, regulators, researchers, academics,
and others.
In 2018, the FDIC published results from the 2017
FDIC National Survey of Unbanked and Underbanked
Households. In addition to updating key reference
measurements on participation in the banking system,
the report analyzed the methods through which
households access their bank accounts, examined
consumer use of various mobile banking functions,
measured bank branch utilization, and examined
household use of and demand for mainstream credit.
This information provided a basis for identifying
additional opportunities in the report to expand
economic inclusion in the banking system. The
FDIC made full results and respondent-level data
available on https://economicinclusion.gov and
also provided users with the ability to generate

custom tabulations and to access a wide range of
pre-formatted information, including new five-year
estimates that provide additional granularity for state
and local results. In addition, planning for the 2019
FDIC National Survey of Unbanked and Underbanked
Households is complete. A November 2018 notice
in the Federal Register proposed the use of a
revised questionnaire.

Community and Small Business Development
and Affordable Mortgage Lending
In 2018, the FDIC provided technical assistance
to banks and community organizations through
more than 254 outreach events designed to increase
shared knowledge and support collaboration between
financial institutions and other community, housing,
and small business development resources and to
improve knowledge about CRA.
The FDIC’s work emphasized sharing information to
support bank efforts to prudently provide affordable
mortgages, small business credit, and access to safe
accounts and financial education.
As part of this effort, the FDIC also launched the
Affordable Mortgage Lending Center, a website
that houses a number of resources, including the
Affordable Mortgage Lending Guide, a three-part guide
designed to help community banks identify affordable
mortgage products.
By year-end 2018, the Affordable Mortgage Lending
Center had more than 15,000 subscribers. Materials
from the center have been downloaded more than
12,000 times, and the site has had more than 68,000
page views since its inception.
In addition, the FDIC sponsored sessions with
interagency partners covering basic and advanced
CRA training for banks. The agencies also offered
CRA basics for community-based organizations,
as well as seminars on establishing effective
bank/community collaborations in more than
27 communities. The FDIC also focused on
encouraging community development initiatives in

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
rural communities. This work included workshops
to highlight housing needs and programs, economic
development programs, and community development
financial institution collaborations, including those
serving Native American communities.

Advancing Financial Education
Financial education helps consumers understand and
use bank products effectively and sustain a banking
relationship. In 2018, the FDIC continued to be
a leader in developing high-quality, free financial
education resources and pursuing collaborations to
use those tools to educate the public.
The Money Smart series of products is available
to organizations and individuals who want to
teach financial concepts to consumers of all ages;
individuals can also use the products to learn the
concepts on their own. In particular, the newly
updated Money Smart for Adults can help adults
build the fundamental financial knowledge,
skills, and confidence they need to use banking
services effectively.

Youth Financial Education
The FDIC’s Youth Banking Network provides
opportunities for 66 banks to learn from one another
and FDIC staff about promising strategies to teach
financial education concepts to school-aged children
using hands-on approaches.
In 2018, Youth Banking Network members
participated in periodic learning calls to discuss
helpful strategies and resources. For example, the
April 2018 call highlighted practical approaches in
conducting reality fairs, a strategy to help young
people understand the tradeoffs of money choices that
they can expect to experience as they enter adulthood.
The FDIC also engaged network participants to
develop an operational toolkit of resources that
can support the development of new youth savings
collaborations. The FDIC drafted new resources for
the network based on consultations with members
that included:

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

♦♦ Answers to frequently asked questions about
operating youth banking programs;
♦♦ A tip sheet to help banks communicate with
parents and caregivers about the financial
education provided through schools;
♦♦ A tip sheet to help banks communicate with
teachers and administrators to secure an
agreement to educate students;
♦♦ Strategies bankers can use to make financial
education relevant when visiting classrooms to
talk about money;
♦♦ A guide to reality fairs; and
♦♦ A guide to measuring outcomes of youth
savings programs.
Many youth banking programs provide financial
education training based on FDIC’s Money Smart
for Young People curriculum. As part of the FDIC’s
ongoing efforts to improve the curriculum, the FDIC
obtained feedback from 26 educators who taught
83 Money Smart for Young People sessions as part
of a special project. The participating educators
overwhelmingly reported that the materials were
structured well, easy to use, and initiated critical
thinking among students. They also provided
valuable suggestions for improvement, such as
including more activities, updating the content, and
reorganizing content to make it more useful.
The FDIC has begun to revise Money Smart for Young
People based on this teacher feedback and other
curriculum assessments with a goal of releasing a
redesigned and strengthened curriculum tool in mid2019. As part of our collaboration with the CFPB
to promote youth financial capability, the FDIC is
exploring how to integrate the CFPB’s research-based
Building Blocks for Youth Financial Capability activities
into the updated materials.

Financial Education Outreach
Highlights of our outreach include collaboration
with members of the Federal Financial Literacy and
Education Commission (FLEC). During Financial
Capability Month (April), the members shared and

2018
promoted financial education resources using the
#FinancialFuture2018 hashtag on social media.
During a webinar hosted by FLEC, 200 participants
learned about the FDIC’s financial education
resources.
The FDIC also collaborated with the U.S.
Department of Education and other FLEC agencies
on the “Financial Education in America’s Schools”
convening on April 27, 2018. This event promoted
the exchange of ideas among state and local leaders
and highlighted federal resources that support
promising ideas.
In addition, the FDIC engaged with youth
employment programs to use the Money Smart
financial education materials to reach young workers.
For example, FDIC staff visited a Job Corps site in
Washington, D.C., to provide technical assistance,
and later conducted a Money Smart train-the-trainer
session for 10 staff members, and planned a banker
roundtable.
The FDIC also developed a brochure for workforce
program organizations that included tips on how
to engage financial institutions to provide financial
education or deposit account opportunities for young
people. The FDIC joined with NCUA to engage
more than 15 cities to participate in the America Saves
for Young Workers initiative and learn how to connect
young workers with basic deposit accounts at insured
financial institutions.

From left, Salvador Arbujo, Tina Queen, April Atkins, and Alberto Cornejo
discuss an activity during a Money Smart Train-the-Trainer session for the
Community Affairs Branch staff.

The FDIC collaborated with the CFPB to release a
Spanish translation of Money Smart for Older Adults.
This material had been updated in 2017 to include
information and resources to help older adults and
their caregivers avoid financial exploitation through
fraud and scams.
Finally, the format of the FDIC Consumer News
has changed from a quarterly printed newsletter to
an electronic monthly article release with printable
versions. This allows for more frequent contact
with consumers and consistent timely releases of
information. It also provides an opportunity to
attract new readers through the use of social media in
an easy to read format for mobile devices. Through
digitation the FDIC can measure and improve
communication and outreach efforts.

Money Smart for Adults
In November 2018, the FDIC updated the Money
Smart for Adults curriculum, building on insights
gained from more than 17 years of experience with
the Money Smart program. The revised curriculum,
field-tested twice with community organizations and
banks, features 14 modules that cover basic financial
topics for use during group training or one-on-one
work. Specifically, the updated curriculum features:
♦♦ Expanded content on topics such as mobile
banking, reading a pay statement, renting an
apartment, creative ways to save money, and
updated information on standard topics such as
credit reports and scores;
♦♦ Vibrant graphics and discrete sections so
instructors can create effective training sessions
by choosing topics of interest to training
participants;
♦♦ “Try It” activities that provide engaging
opportunities for participants to practice what
they’re learning during training in many
contexts, including realistic scenarios;
♦♦ “Apply It” activities to help participants apply
what they have learned to their own lives, either
during or after training;

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
♦♦ “Key Takeaways” that briefly summarize the
main message of each section;
♦♦ A “Take Action” section in every module that
encourages participants to identify at least one
thing they plan to do because of what they
learned during the training;
♦♦ A new Guide to Presenting Money Smart for
Adults that includes tools to help instructors
present interactive, non-biased training using
the updated curriculum, such as “roadmaps” to
create customized training across modules, fun
and engaging introductory activities to energize
participants to learn, and detailed checklists to
prepare for training; and
♦♦ An updated supplement with scenarios featuring
individuals with disabilities thinking about a
financial decision.
More than 1,500 organizations were trained on the
updated materials before year-end, including during
two national webinars, and plans are underway to
provide training to many more organizations.
In addition, the FDIC plans to release a self-paced
online learning tool based on the updated curriculum
in 2020.

Money Smart for Small Business
The FDIC convened forums and roundtables
featuring safe small business products and services,
and provided information and technical assistance
to support initiatives geared to increase access to
capital for small businesses. In 2018, the FDIC
completed 74 events and activities primarily focused
on small business.
The Small Business Administration (SBA) and its
partner networks – including the Small Business
Development Centers, Women’s Business Centers and
SCORE Chapters – the Federal Trade Commission,
CFPB, and other stakeholders collaborated with the
FDIC to produce a revised version of the Money Smart
for Small Business Credit and Banking Modules to
address information needs in response to a lending
marketplace where entrepreneurs may be unaware

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

of safe and affordable financing options and may
be engaging in financing with terms they do not
fully understand.

Money Smart Alliance
The maximum potential of the curriculum is reached
when banks collaborate with non-profits or other
community-based organizations to bring Money Smart
training to local communities, and, when appropriate,
connect the training to banking products and services
that respond to the needs of participants. Through
the Money Smart Alliance, the FDIC recognizes
organizations that commit to using Money Smart and
that want to receive regular updates and training tips
to enhance their use of the curriculum.
More than 450 organizations joined the Alliance
during 2018, bringing the total members to 1,062.
The Alliance experienced a 34 percent growth during
2018 compared to year-end 2017. This growth is
largely attributable to the Money Smart Advance Team
effort that built engagement with organizations that
have or will deliver Money Smart to adults.
The FDIC engaged Alliance members through
quarterly webinars and one-on-one calls. Alliance
members also learned about the updated Money Smart
for Adults curriculum (and had the opportunity for
early review of the modules) starting in September
2018, several weeks before the broader public release.

Partnerships for Access
to Mainstream Banking
The FDIC supported community development and
economic inclusion partnerships at the local level
by providing technical assistance and information
resources throughout the country, with a focus on
unbanked and underbanked households and low- and
moderate-income communities. Community Affairs
staff support economic inclusion through work with
the Alliances for Economic Inclusion (AEI), Bank On
initiatives, and other coalitions originated by local and
state governments, and in collaboration with federal
partners and many local and national non-profit
organizations. The FDIC also partners with other

2018
financial regulatory agencies to provide information
and technical assistance on community development
to banks and community leaders across the country.
In the 12 AEI communities and in other areas,
the FDIC helped working groups of bankers and
community leaders develop responses to the financial
capability and services needs in their communities.
To integrate financial capability into community
services more effectively, the FDIC supported
seminars and training sessions for community service
providers and asset-building organizations, workshops
for financial coaches and counselors, promotion of
savings opportunities for low- and moderate-income
people and communities, initiatives to expand access
to savings accounts for all ages, outreach to bring
larger numbers of people to expanded tax preparation
assistance sites, and education for business owners to
help them become bankable.
The FDIC worked across the nation, including in
16 targeted communities, to convene 12 forums
and 19 roundtables that helped advance strategies
to expand access to safe and affordable deposit
accounts and engage unbanked and underbanked
consumers. The FDIC provided technical assistance
to bankers, coalition leaders, and others interested
in understanding opportunities for banking services
designed to meet the needs of the unbanked
and underbanked.
In total, the FDIC sponsored more than 55 events, 80
outreach activities, and 13 speaking engagements and
exhibitions during 2018 that provided opportunities
for partners to collaborate on increasing access to
bank accounts and credit services, opportunities
to build savings and improve credit histories, and
initiatives to significantly strengthen the financial
capability of community service providers who
directly serve consumers with low or moderate
incomes and small businesses.

Consumer Complaints and Inquiries
The FDIC helps consumers by receiving,
investigating, and responding to consumer complaints
about FDIC-supervised institutions and answering

inquiries about banking laws and regulations, FDIC
operations, and other related topics. In addition, the
FDIC provides analytical reports and information
on complaint data for internal and external use, and
conducts outreach activities to educate consumers.
The FDIC recognizes that consumer complaints and
inquiries play an important role in the development
of strong public and supervisory policy. Assessing
and resolving these matters helps the agency identify
trends or problems affecting consumer rights,
understand the public perception of consumer
protection issues, formulate policy that aids
consumers, and foster confidence in the banking
system by educating consumers about the protection
they receive under certain consumer protection laws
and regulations.

Consumer Complaints by Product and Issue
The FDIC receives complaints and inquiries
by telephone, fax, U.S. mail, email, and online
through the FDIC’s website. In 2018, the FDIC
handled 18,334 written and telephonic complaints
and inquiries. Of the 12,016 involving written
correspondence, 5,306 were referred to other agencies
and 6,710 were handled by the FDIC. The FDIC
responded to 97 percent of written complaints
within time frames established by corporate policy,
and acknowledged 100 percent of all consumer
complaints and inquiries within 14 days. As part
of the complaint and inquiry handling process,
the FDIC works with the other federal financial
regulatory agencies to ensure that complaints and
inquiries are forwarded to the appropriate agencies for
response. The FDIC carefully analyzes the topics and
issues involved in complaints about FDIC-supervised
institutions. The number of complaints received
about a specific bank topic and issue can serve as a red
flag to prompt further review of practices that may
raise consumer protection or supervisory concerns.
In 2018, the four most frequently identified topics
in consumer complaints and inquiries about FDICsupervised institutions concerned checking accounts
(19 percent), consumer line of credit/installment
M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
loans (15 percent), credit cards consumer/business
(14 percent), and residential real estate (10 percent).
Issues most commonly cited in correspondence
about checking accounts were concerns with account
discrepancies or transaction errors, and fees and
service charges. Consumer loan complaints and
inquiries most frequently described issues with
reporting erroneous account information and
collection practices, while consumer correspondence
about credit cards most often raised issues regarding
reporting of erroneous account information and
billing disputes/error resolution. Correspondence
regarding residential real estate related to disclosures,
inaccurate appraisal reports, and loan modifications.
The FDIC also investigated 63 Fair Lending
complaints alleging discrimination during 2018. The
number of discrimination complaints investigated
has fluctuated over the past several years but averaged
approximately 67 complaints per year between
2013 and 2018. Over this period, 47 percent of
the complaints investigated alleged discrimination
based on the race, color, national origin, or ethnicity
of the applicant or borrower; 14 percent related to
discrimination allegations based on age; 13 percent
involved the sex of the borrower or applicant; and 8
percent concerned disability.
Consumer refunds generally involve the financial
institution offering a voluntary credit to the
consumer’s account, often as a direct result of
complaint investigations and identification of a
banking error or violation of law. Through December
2018, consumers received more than $448,500 in
refunds from financial institutions as a result of
the assistance provided by the FDIC’s Consumer
Response Center.

Public Awareness of Deposit
Insurance Coverage
An important part of the FDIC’s deposit insurance
mission is to ensure that bankers and consumers
have access to accurate information about the FDIC’s
rules for deposit insurance coverage. The FDIC has
an extensive deposit insurance education program

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

consisting of seminars for bankers, electronic tools for
estimating deposit insurance coverage, and written
and electronic information targeted to both bankers
and consumers.
The FDIC continued its efforts to educate bankers
and consumers about the rules and requirements for
FDIC insurance coverage during 2018. For example,
as of December 31, 2018, the FDIC conducted four
telephone seminars for bankers on deposit insurance
coverage, reaching an estimated 4,473 bankers
participating at approximately 1,278 bank sites
throughout the country. The FDIC also features
deposit insurance training videos that are available on
the FDIC’s website and YouTube channel.
As of December 31, 2018, the FDIC Call
Center received 96,703 telephone calls, of which
approximately 38,681 were identified as deposit
insurance-related inquiries. The FDIC Call Center
handled approximately 20,102 inquiries and Deposit
Insurance subject matter experts (SMEs) handled
18,579 complex telephone calls identifying a total
of 50,548 deposit insurance issues. In addition to
telephone inquiries about deposit insurance coverage,
the FDIC received 1,339 written inquiries from
consumers and bankers identifying a total of 2,248
deposit insurance issues. Of these inquiries, 100
percent received responses within two weeks, as
required by corporate policy.

RECEIVERSHIP MANAGEMENT
The FDIC has the unique mission of protecting
depositors of insured banks and savings associations.
No depositor has ever experienced a loss on the
insured amount of his or her deposits in an FDICinsured institution due to a failure. When an
institution closes, its chartering authority—the state
for state-chartered institutions and the OCC for
national banks and federal savings associations—
typically appoints the FDIC as receiver, responsible
for resolving the failed institution.
The FDIC employs a variety of strategies and business
practices to resolve a failed institution. These

2018
strategies and practices are typically associated with
either the resolution process or the receivership
process. Depending on the characteristics of
the institution, the FDIC may utilize several of
these methods to ensure the prompt and smooth
payment of deposit insurance to insured depositors,
to minimize the impact on the DIF, and to speed
dividend payments to uninsured depositors and other
creditors of the failed institution.
The resolution process involves evaluating and
marketing a failing institution, soliciting and
accepting bids for the sale of the institution,
determining which bid (if any) is least costly to the
DIF, and working with the acquiring institution
through the closing process.
To minimize disruption to the local community,
the resolution process must be performed as quickly
and efficiently as possible. The FDIC uses two
basic resolution methods: purchase and assumption
transactions and deposit payoffs.
The purchase and assumption (P&A) transaction
is the most commonly used resolution method.
Typically, in a P&A transaction, a healthy institution
purchases certain assets and assumes certain liabilities
of the failed institution. However, a variety of P&A
transactions can be used. Because each failing bank
situation is different, P&A transactions provide
flexibility to structure deals that result in obtaining
the highest value for the failed institution. For each
possible P&A transaction, the acquirer may acquire
either all of the failing institution’s deposits or only
the insured portion of the deposits.
From 2008 through 2013, loss sharing was offered by
the FDIC in connection with P&A transactions. In
a loss-share transaction, the FDIC, as receiver, agrees
to share losses on certain assets with the acquirer,
absorbing a significant portion (typically 80 percent)
of future losses on assets that have been designated as
“shared-loss assets” for a specific period of time (e.g.,
five to 10 years). The economic rationale for these
transactions is that keeping assets in the banking
sector and resolving them over an extended period

of time can produce a better net recovery than
the FDIC’s immediate liquidation of these assets.
However, in recent years as the markets improved
and functioned more normally with both capital
and liquidity returning to the banking industry,
acquirers have become more comfortable with bidding
on failing bank franchises without the loss-sharing
protection.
The FDIC continues to monitor compliance
with shared-loss agreements by validating the
appropriateness of loss-share claims; reviewing
acquiring institutions’ efforts to maximize recoveries;
ensuring consistent application of policies and
procedures across both shared-loss and legacy
portfolios; and confirming that the acquirers have
sufficient internal controls, including adequate staff,
reporting, and recordkeeping systems. At year-end
2018, there were 81 receiverships with active sharedloss agreements and $9.6 billion in total shared-loss
covered assets.

Financial Institution Failures
During 2018, there were no institution failures,
compared to eight failures in 2017.
There were no losses on insured deposits, and no
appropriated funds were required to pay insured
deposits.
The following chart provides a comparison of failure
activity over the past three years.

FAILURE ACTIVITY 2016 – 2018
Dollars in Billions

2018

2017

2016

Total Assets of Failed
Institutions*

$0.0

$5.1

$0.3

Total Deposits of Failed
Institutions*

$0.0

$4.7

$0.3

Estimated Loss to the DIF

$0.0

$1.2

$0.04

Total Institutions

*Total assets and total deposits data are based on the last quarterly report filed by
the institution prior to failure.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
Asset Management and Sales
As part of its resolution process, the FDIC tries to sell
as many assets as possible to an assuming institution.
Assets that are retained by the receivership are
promptly valued and liquidated in order to maximize
the return to the receivership estate. For 95 percent
of failed institutions, at least 90 percent of the book
value of marketable assets is marketed for sale within
90 days of an institution’s failure for cash sales, and
within 120 days for structured sales.

uninsured depositors and other creditors by reducing
overhead and other holding costs. Once the assets of
a failed institution have been sold and its liabilities
extinguished, the final distribution of any proceeds is
made, and the FDIC terminates the receivership. In
2018, the number of receiverships under management
decreased by 66 (19.5 percent) to 272.
The following chart shows overall receivership activity
for the FDIC in 2018.

RECEIVERSHIP ACTIVITY

Cash sales of assets for 2018 totaled $38.6 million in
book value.

Active Receiverships as of 12/31/17
New Receiverships

338

As a result of the FDIC’s marketing and collection
efforts, the book value of assets in inventory decreased
by $1.1 billion (48 percent) in 2018.

Receiverships Terminated
Active Receiverships as of 12/31/18

The following chart shows the beginning and ending
balances of these assets by asset type.

ASSETS-IN-LIQUIDATION INVENTORY
BY ASSET TYPE
Dollars in Millions

Asset Type

12/31/18

12/31/17

12/31/16

$50

$160

$183

Commercial Loans

Real Estate Mortgages

139

151

260

268

157

100

854

1,449

2,614

$1,178

$2,271

$3,317

Securities
Consumer Loans

Other Assets/Judgments
Owned Assets
Net Investments in
Subsidiaries
Structured and
Securitized Assets
TOTAL

Receivership Management Activities
The FDIC, as receiver, manages failed banks and their
subsidiaries with the goal of expeditiously winding up
their affairs. The oversight and prompt termination
of receiverships help to preserve value for the

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

0
272

Protecting Insured Depositors
The FDIC’s ability to attract healthy institutions
to assume deposits and purchase assets of failed
banks and savings associations at the time of failure
minimizes the disruption to customers and allows
assets to be returned to the private sector immediately.
Assets remaining after resolution are liquidated by
the FDIC in an orderly manner, and the proceeds are
used to pay receivership creditors, including depositors
whose accounts exceeded the insurance limit. During
2018, receiverships paid dividends of $4.6 million to
depositors whose accounts exceeded the insurance
limit.

Professional Liability and
Financial Crimes Recoveries
The FDIC investigates bank failures to identify
potential claims against directors, officers, securities
underwriters and issuers, fidelity bond insurance
carriers, appraisers, attorneys, accountants, mortgage
loan brokers, title insurance companies, and other
professionals who may have caused losses to insured
depository institutions and FDIC receiverships. The
FDIC will pursue meritorious claims that are expected
to be cost-effective.

2018
During 2018, the FDIC recovered $116.2 million
from professional liability claims and settlements.
The FDIC did not authorize any professional liability
lawsuits during 2018. As of December 31, 2018,
the FDIC’s caseload included 62 open institutions
(not including institutions open for collection only),
21 professional liability lawsuits (down from 24 at
year-end 2017), nine residential mortgage malpractice
and fraud lawsuits (down from 21), and open
investigations in 27 claim areas out of 18 institutions.
The FDIC seeks to complete professional liability
investigations and make decisions expeditiously on
whether to pursue potential professional liability
claims. The FDIC completed investigations and made
decisions on 92 percent of the investigations related
to failures that reached the 18-month point after the
institution’s failure date in 2018, thereby exceeding its
annual performance target.
As part of the sentencing process, for those convicted
of criminal wrongdoing against an insured institution
that later failed, a court may order a defendant
to pay restitution or to forfeit funds or property
to the receivership. The FDIC, working with the
U.S. Department of Justice, in connection with
criminal restitution and forfeiture orders issued by
federal courts and independently in connection
with restitution orders issued by the state courts,
collected $8.3 million in 2018. As of December
31, 2018, there were 2,346 active restitution and
forfeiture orders (decreased from 4,163 at year-end
2017). This includes 101 orders held by the Federal
Savings and Loan Insurance Corporation (FSLIC)
Resolution Fund, (i.e., orders arising out of failed
financial institutions that were in receivership or
conservatorship by the FSLIC or the Resolution
Trust Corporation).

ENHANCING THE FDIC’s IT SECURITY
Information technology (IT) is an essential
component in virtually all FDIC business processes.
This integration with the business provides
opportunities for efficiencies but also requires an
awareness of potential risks. In 2018, the Chief

Information Officer Organization focused its efforts
on addressing cybersecurity risk, strengthening
infrastructure resiliency, and improving IT
governance.

Addressing FDIC Cybersecurity Risk
The FDIC’s Information Security Program is critical
to the agency’s ability to carry out the mission of
maintaining stability and public confidence in the
nation’s financial system. The Information Security
Program relies on effective and efficient cybersecurity
practices that are designed to detect, identify, respond,
and recover from cybersecurity incidents as rapidly
as possible with minimal disruption to stakeholders,
and to protect against future incidents. The FDIC
continues to strengthen and expand its cybersecurity
program and practices.
On May 11, 2017, the President issued an Executive
Order 13800 entitled Strengthening the Cybersecurity
of Federal Networks and Critical Infrastructure.
The Executive Order builds on existing statutory
requirements under the Federal Information Security
Modernization Act of 2014, which establishes
information security obligations for Federal agencies
(including the FDIC). Subsequent to the issuance
of the Executive Order, OMB issued Reporting
Guidance for Executive Order on Strengthening
the Cybersecurity of Federal Networks and Critical
Infrastructure, M-17-25 (May 19, 2017) to provide
agency heads with instructions for meeting the risk
management reporting requirements in the Executive
Order. To fulfill these requirements and strengthen
cybersecurity, the FDIC:
♦♦ Reorganized the Information Security function
by creating the Office of the Chief Information
Security Officer which includes a new Deputy
Chief Information Security Officer position
and a new Privacy Section Chief position that
report directly to the Chief Information
Security Officer;
♦♦ Implemented the Cybersecurity Framework
(CSF) according to OMB M-17-25 requirements;

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
♦♦ Conducted the CSF cybersecurity assessment to
capture, assess, report, and monitor the current
state of FDIC cybersecurity controls;
♦♦ Established an agency-wide Incident
Response Plan;
♦♦ Updated the agency’s Breach Response Plan to
address new Federal policy requirements; and
♦♦ Developed and submitted the Annual Risk and
FISMA Reports for 2018.
Cybersecurity continues to be a top management
priority at the FDIC. During 2018, the FDIC has
taken a number of actions to enhance and improve
our risk management practices.
We developed and implemented an Information
Security and Privacy Strategic Plan to guide our efforts
through 2021. This plan aligns with the FDIC
Information Technology Strategic Plan: 2017 – 2020,
and defines the core strategies needed to sustain and
improve the FDIC’s cybersecurity posture.
To operationalize the strategy, the FDIC implemented
a risk management function and assigned program,
and executive-level officials to manage information
risk. Ensuring that leaders are accountable for the
effective planning, implementation, and monitoring
of risk management enables the FDIC to identify,
prioritize, communicate, and sustain the information
security and privacy controls required to mitigate
cybersecurity risks across the agency.

Strengthening Infrastructure Resiliency
Infrastructure resilience requires that the FDIC be
able to provide and maintain an acceptable level
of service in the face of threats and challenges to
normal computer and network operations. Threats
and challenges for services can range from simple
misconfigurations, unforeseen large scale natural
disasters, to targeted attacks. The FDIC works to
ensure that its infrastructure can anticipate, absorb,
adapt to, and/or rapidly recover from a potentially
disruptive event.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

In 2018, the FDIC launched a comprehensive
initiative to expand and enhance its existing disaster
recovery and business continuity capabilities to ensure
that designated IT systems and applications that
support mission-essential functions can be recovered
within targeted timeframes. As part of this multi-year
project, the FDIC is migrating key IT systems and
applications to a new and larger backup data center
(BDC). This effort will help mitigate the current
risk posed by the geographic proximity of the FDIC’s
BDC to its primary data center.
The new facility will enhance security capabilities that
are not available at the current recovery site, including
enterprise logging, vulnerability identification,
file integrity monitoring, forensic analysis, threat
management, and security operational risk
management. These security enhancements will allow
security operations and other key security functions
to be carried out at the new site without interruption,
in the event of a failure or other contingency at
the primary data center. The new BDC will also
provide flexibility and scalability for future growth
and increased computing requirements. It will
also accommodate potential future changes in the
configuration of the network and provide connectivity
to cloud providers.
Additionally, the new BDC will provide for the rapid
restoration (failover) of mission-critical business
applications. Restoration processes will be automated
to minimize manual intervention, and equipment will
be maintained in a higher availability mode to enable
faster restoration. As a result, the FDIC will be better
positioned to preempt and rapidly recover from an
outage or threat.

Improving IT Governance
The purpose of IT governance at the FDIC is to
ensure that IT resources are used effectively and
efficiently to achieve the FDIC’s goals and mission.
IT governance enables the alignment of the FDIC’s
strategies and goals with IT services, infrastructure,
and environment.

2018
During 2018, the FDIC implemented changes to
enhance, consolidate, and streamline IT governance
processes. The Security and Enterprise Architecture
Technical Advisory Board (SEATAB) was established,
(replacing three other groups) and became the one
governance body that was chartered to oversee and
manage all architecture and technical decisions
around FDIC’s technology infrastructure, platforms,
systems, and applications.
The implementation of the SEATAB was just one
of the changes made in IT governance. The Chief
Information Officer (CIO) Council charter was
also revised to include increased business division
membership. The CIO Council is the principal
advisory body to the CIO, with members having
the delegated authority to agree to and authorize IT
decisions on behalf of the division or the office that
the member represents.
Additionally, an IT Operating Commitee SubCharter was established to reflect its strategic role
in IT governance. The Operating Committee also
assumed the responsibilities of the Intelligence
and Critical Infrastructure Protection Committee
(ICIPC). The Operating Committee, as the executive
leadership of FDIC divisions and offices, is consulted
and informed on corporate-wide IT matters. This
ensures that there is consensus on those IT decisions
that impact business priorities and corporate-wide
operations and that these decisions are in the best
interest of the FDIC.
The changes made in IT governance, along with the
use of the IT Decision Framework which serves as the
foundation for IT architecture, development policies,
and standards decisions ensure the integration and
alignment of the FDIC information technology and
security management processes with the agency’s
strategic planning.

Insider Threat and
Counterintelligence Program
An insider threat is a concern or risk posed to the
FDIC that involves an individual who misuses or
betrays, wittingly or unwittingly, his or her authorized

access to FDIC resources. This individual may
have access to sensitive or personally identifiable
information, as well as privileged access to critical
infrastructure or business sensitive information
(e.g., bank data).
The FDIC established the Insider Threat and
Counterintelligence Program (ITCIP) in September
2016. ITCIP is a defensive program focused on
preventing and mitigating internal and external
threats and risks posed to FDIC personnel, facilities,
assets, resources, and both national security
and sensitive information by insider and foreign
intelligence entities. These threats may involve
inadvertent disclosures and intentional breaches
of sensitive information by personnel who may be
compromised by external sources, disgruntled, seeking
personal gain, intending to damage the reputation of
the FDIC, or acting for some other reason. ITCIP
leverages both physical and logical safeguards to
minimize the risk, likelihood, and impact of an
executed insider threat.
The National Insider Threat Task Force (NITTF)
initiated its Federal Program Review in January 2017
to ensure the FDIC’s implementation of the White
House minimum standards. NITTF’s independent
evaluation showed that FDIC’s ITCIP met all
minimum standards and achieved full operating
capability. NITTF also noted that FDIC’s ITCIP
leads the federal government in several best practices
that affect the entire workforce and serves as a model
program for other independent regulators and nonTitle 50 departments and agencies. The FDIC is
moving forward with several important new steps
to further advance the agency’s ITCIP during 2019
and beyond.

MINORITY AND WOMEN INCLUSION
Consistent with the provisions of the Dodd-Frank
Act, the FDIC continues to enhance its longstanding
commitment to promote diversity and inclusion in
employment opportunities and all business areas
of the agency. The Office of Minority and Women
Inclusion (OMWI) supports the FDIC’s mission
M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
through outreach efforts to ensure the fair inclusion
and utilization of minority- and women-owned
businesses, law firms, and investors in contracting
and investment opportunities.
The FDIC relies on contractors to help meet its
mission. The FDIC awarded 166 (29.4 percent)
contracts to minority- and women-owned businesses
(MWOBs) out of a total of 565 issued. The FDIC
awarded contracts with a combined value of $499.5
million in 2018, of which 24.5 percent ($122.5
million) were awarded to MWOBs, compared to
18.5 percent for all of 2017. The FDIC paid $98.0
million of its total contract payments (22.8 percent) to
MWOBs, under 299 MWOB contracts.
The Legal Division’s legal contracting program
endeavors to maximize the participation of both
minority- and women-owned law firms (MWOLFs)
and minority and women partners and associates
employed at majority owned firms (Diverse Attorneys)
in legal contracting. This approach is consistent
with Section 342 of the Dodd-Frank Act that
encourages diversity and inclusion at all levels. For
both MWOLFs and Diverse Attorneys, FDIC legal
matters provide important learning and professional
client development opportunities that can be quite
meaningful to career advancement. For the year
2018, the Legal Division has an aggregate 26.4
percent diversity and inclusion participation rate in
legal contracting as set forth below.
The FDIC made 29 referrals to MWOLFs, which
accounted for 28 percent of all legal referrals. Total
payments to MWOLFs were $3.7 million in 2018,
which is 7.7 percent of all payments to outside
counsel, compared to 11 percent for all of 2017. In
2018, Diverse Attorneys earned $8.9 million in legal
fees, which is 18.6 percent of all payments to outside
counsel. Taken together, FDIC paid $12.7 million to
MWOLF firms and Diverse Attorneys out of a total of
$48.0 million dollars spent on outside counsel services
in 2018. This number represents 26.4 percent of total
outside counsel fees.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

The keystone of the Legal Division diversity and
inclusion outreach is the FDIC’s partnerships
with minority bar associations and specialized
stakeholder organizations. In 2018, the FDIC Legal
Division participated in six minority bar association
conferences and three stakeholder events in support
of maximizing the participation of MWOLFs
and Diverse Attorneys in FDIC legal contracting.
Stakeholder event participation included service on
several panels and committees, such as the National
Association of Minority and Women Owned
Law Firms (NAMWOLF) Advisory Council, the
NAMWOLF Events Committee, the NAMWOLF
Law Firm Admissions Committee, and the
NAMWOLF Diversity and Inclusion Initiative.
In 2018, NAMWOLF formally recognized the FDIC
as a principal member of, and major contributor to,
its Inclusion Initiative, a collaborative program among
law departments of major corporations designed to
increase the participation of MWOLF firms in legal
contracting. Members of the Inclusion Initiative have
spent over $1 billion with MWOLF firms since its
inception. The FDIC participates in the Inclusion
Initiative along with major corporations.
The Legal Division recognizes the value of involving
FDIC in-house counsel in its MWOLF outreach.
In 2018, the Legal Division collaborated with a top
rated New York MWOLF firm to present a full
day continuing legal education seminar on cutting
edge legal issues in the capital markets area to FDIC
attorneys who are responsible for engaging outside
counsel. The program was designed to showcase
the MWOLF’s expertise while providing the firm
with valuable opportunities to build meaningful
relationships with FDIC oversight attorneys in the
field offices and at the headquarters office. In its
ongoing diversity and inclusion efforts, the Legal
Division continues to seek more opportunities
to highlight the expertise of MWOLF firms in
accordance with the needs of the FDIC at any given
point in time. Also in 2018, the Legal Division
presented an MWOLF Utilization Workshop for the
closed bank oversight attorneys at the Dallas Regional

2018
Office. These attorneys are responsible for assigning
work to MWOLFs. The program included a review of
the prior year’s MWOLF statistics, planned projects,
question and answers, and the solicitation of ideas
from the attorneys for improving the selection and
retention of outside counsel.

in doing business with the FDIC). The Office of
Minority and Women Inclusion (OMWI) Director
and Chief of the Minority and Women Business and
Diversity Inclusion Branch made panel presentations
and attended a number of these events to enhance
OMWI’s outreach efforts.

Pursuant to Section 342 of the Dodd-Frank Act,
which requires an assessment of legal contractors’
internal workforce diversity practices, the Legal
Division conducted nine compliance reviews of the
top-billing law firms (both non-minority-owned
and MWOLFs). The reviews included discussions
that focused on associate and partner recruitment,
retention rates of minority and women associates
and partners, and partnership offers to minority and
women attorneys working on FDIC legal matters.
The site visit discussions are instrumental in gathering
diversity data for ongoing monitoring efforts as well as
the exchange of ideas to enhance diversity initiatives.

The FDIC, in conjunction with the other OMWI
agencies, partnered with the Minority Business
Development Agency Business Center of San Antonio,
University of Texas at San Antonio, and the Institute
for Economic Development to host the Smart
Contacts – Smart Contracts technical assistance event.
The presenters shared information about tools for
competing for government contracting opportunities
and developing winning proposals. The OMWI
Director, Chief of the Minority and Women Business
Diversity Inclusion Branch, and leaders from other
OMWI financial agencies made panel presentations
to explain contracting opportunities. The OMWI
agencies also hosted a panel on Doing Business with
the OMWI Agencies. The final panel presentation
consisted of representatives from various local
minority/women trade organizations sharing their
outreach mission and outreach services with the 199
attendees. In addition, the sponsoring agencies and
various procurement trade organizations exhibited at
the event.

In addition to the outreach efforts noted above,
the Legal Division continues to provide technical
assistance to other related government agencies on
developing MWOLF outreach programs that mirror
FDIC’s program. The Legal Division evaluated and
approved six new MWOLF applications in 2018.
Firms from various geographic areas were added to
the FDIC List of Counsel Available in order to be
eligible to receive legal contracting work.
In 2018, the FDIC participated in a total of 33
business expos, one-on-one matchmaking sessions,
and panel presentations. At these events, FDIC
staff provided information and responded to
inquiries regarding FDIC business opportunities
for minorities and women. In addition to targeting
MWOBs and MWOLFs, these efforts also targeted
veteran-owned and small disadvantaged businesses.
Vendors were provided with the FDIC’s general
contracting procedures, prime contractors’ contact
information, and forecasts of possible upcoming
solicitations. Also, vendors were encouraged to
register through the FDIC’s Contractor Resource
List (the principal database for vendors interested

Information regarding the Minority and Women
Outreach Program can be found on the FDIC’s
website at www.fdic.gov/mwop.
In addition, FDIC worked closely with the OMWIs
of the OCC, FRB, CFPB, NCUA, SEC, and the
Department of Treasury to further implement
Section 342(b)(2)(C) of the Dodd-Frank Act, which
requires the agencies to develop standards to assess
the diversity policies and practices of the entities
they regulate. After publishing Joint Standards in
2015, the FDIC developed an electronic diversity
self-assessment instrument to assist FDIC-regulated
financial institutions in systematically assessing their
diversity programs.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
The FDIC started collecting voluntary selfassessments from its regulated financial institutions
in 2017. The FDIC received 95 of 805 (11.8 percent)
self-assessments in 2017 for the 2016 reporting period.
In 2018, the FDIC received 137 of 820 (16.7 percent)
self-assessments from its regulated institutions for the
2017 reporting period. OMWI analyzed the selfassessment responses for the 2016 reporting period
and posted this analysis on its internal and external
web sites.
While the FDIC is pleased with the increased
participation of financial institutions in 2018, it
will continue to take steps to increase voluntary
participation by augmenting outreach at banking
conferences, developing financial institution diversity
marketing materials, and making improvements to
the program website.
On September 13, 2018, the FDIC along with the
OMWI agencies hosted an outreach event entitled
“Financial Regulatory Agencies Diversity Summit”
in New York, New York. The 109 individuals that
attended the event were from various financial
institutions that are regulated by the financial
agencies. The event focused on the value of
conducting voluntary self-assessments, annually
submitting assessment results to OMWI Directors,
and making diversity information transparent to the
public. The OMWI agencies also outlined how the
self-assessments will be used to identify leading trends
and establish benchmarks that will assist financial
institutions in assessing and enhancing their diversity
programs. The OMWI FDIC Director, along with
Directors from other OMWI financial agencies, made
a panel presentation concerning the analysis of selfassessments received for the 2016 and 2017 reporting
periods and associated issues.

INTERNATIONAL OUTREACH
The FDIC played a leading role during the year
in supporting the global development of deposit
insurance, bank supervision, and bank resolution
systems. This included working closely with
regulatory and supervisory authorities from around

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

the world, as well as international standard-setting
bodies and multilateral organizations, such as the
International Association of Deposit Insurers (IADI),
the Association of Supervisors of Banks of the
Americas (ASBA), the Basel Committee on Banking
Supervision (BCBS), the Financial Stability Board
(FSB), the International Monetary Fund (IMF), and
The World Bank. The FDIC engaged with foreign
regulatory counterparts by hosting visiting officials,
conducting training seminars, delivering technical
assistance abroad, and fulfilling the commitments
of FDIC membership in international organizations.
The FDIC also advanced policy objectives with
key jurisdictions by participating in high-level
interagency dialogues.

International Association of Deposit Insurers
FDIC officials and subject matter experts provided
continuing support for IADI programs in 2018. This
included chairing IADI’s Training and Conference
Technical Committee, which provided support
for developing and facilitating technical assistance
workshops for the Middle Eastern, African, European,
Eurasian, Asia-Pacific, Caribbean, North American,
and Latin American regions of IADI. The FDIC
also participated in reviews of IADI members’ selfassessments of compliance with the Core Principles
and assisted in the development of a Core Principles
workshop for officials and senior management of
deposit insurance and other financial regulatory
authorities in conjunction with the IADI Annual
General Meeting. Led and supported by FDIC
executives and senior staff, IADI technical assistance
and training activities reached approximately 500
participants during 2018.

Association of Supervisors of Banks of the Americas
Senior FDIC staff chaired the ASBA Training and
Technical Committee in 2018, which designs and
implements ASBA’s training strategy, promoting the
adoption of sound banking supervision policies and
practices among its members. The training program
reached more than 500 member participants in 2018.

2018
Basel Committee on Banking Supervision
The FDIC supports and contributes to the
development of international standards, guidelines,
and sound practices for prudential regulation and
supervision of banks through its longstanding
membership in BCBS. The contribution includes
actively participating in many of the committee
groups, working groups, and task forces established
by BCBS to carry out its work, which focused on
policy development, supervision and implementation,
macroprudential supervision, accounting, and
consultation.

International Capacity Building
During the year, FDIC provided direct assistance to
many foreign organizations through the provision
of technical expertise. These engagements included
providing staff experts to advise the European Union’s
Single Resolution Board, the De Nederlandsche
Bank, and the IMF. FDIC also hosted more than
170 visiting regulators and other government officials
from 20 countries during the year, including in-depth
technical visits from the Indonesia Deposit Insurance
Corporation and Bank of Ghana. Two sessions of
FDIC 101: An Introduction to Deposit Insurance, Bank
Supervision, and Resolutions, a structured learning
program for senior foreign officials, were offered in
2018 and attended by 65 participants from more
than 45 organizations. FDIC’s Corporate University
also makes supervisory courses available to foreign
participants and trained 129 students this year.

EFFECTIVE MANAGEMENT
OF STRATEGIC RESOURCES
The FDIC recognizes that it must effectively manage
its human, financial, and technological resources
to successfully carry out its mission and meet the
performance goals and targets set forth in its annual
performance plan. The FDIC must align these
strategic resources with its mission and goals and
deploy them where they are most needed to enhance

its operational effectiveness and minimize potential
financial risks to the DIF. Following are the FDIC’s
major accomplishments in improving operational
efficiency and effectiveness during 2018.

Human Capital Management
The FDIC’s human capital management programs
are designed to attract, train, develop, reward,
and retain a highly skilled, diverse, and resultsoriented workforce. In 2018, the FDIC workforce
planning initiatives emphasized the need to plan for
employees to fulfill current and future capability
and leadership needs. This focus ensures that the
FDIC has a workforce positioned to meet today’s core
responsibilities and prepared to fulfill its mission in
the years ahead.

Strategic Workforce Planning and Readiness
During 2018, the FDIC continued to develop
and implement integrated workforce development
strategies to address workforce challenges and
opportunities. The effort is focused on four
broad objectives:
♦♦ Attract and develop talented employees across
the agency;
♦♦ Enhance the capabilities of employees through
training and diverse work experiences;
♦♦ Encourage employees to engage in active career
development planning and seek leadership roles
in the FDIC; and
♦♦ Build on and strengthen the FDIC’s operations
to support these efforts.
In 2018, the FDIC continued to develop the programs
and processes to help meet its long-term workforce
and leadership needs. The FDIC is committed to
building and growing its talent pipeline to ensure
succession challenges are met. To that end, the
agency expanded its succession planning efforts in
2018 to include a survey of 4,000 non-supervisory
employees occupying positions that could feed into
the agency’s longer-term pipeline for management

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

ANNUAL REPORT
positions. The survey was designed to identify
the population’s aspiration to higher-level and
management roles, their perceptions of readiness for
these opportunities, and actions they have taken to
prepare themselves.
Nearly two-thirds of mid-level non-supervisor
respondents reported that they were interested in
seeking higher-level positions at the FDIC. Of
these, more than three-quarters believe they have the
talents and skills for higher-level positions and plan
to apply for promotions and details over the next
five years, demonstrating their ongoing interest in
career development. The FDIC also learned that less
than half of respondents have discussed their career
interests and plans with a manager.
As a result of the survey findings, the FDIC plans
to further develop the longer-term pipeline of the
FDIC’s aspiring leadership pool. Plans include
supervisory training in succession management
techniques, developing resources to support career
planning discussions between managers and staff,
and promoting emerging manager coaching through
FDIC’s Career Management Program.
The FDIC’s strategic workforce planning initiatives
require a long-term and sustained focus to identify
future workforce and leadership needs, assess current
capabilities, support aspiration to management and
leadership roles, and develop and source the talent to
meet emerging workforce needs. Through further
development of its human capital strategies, the FDIC
will work to ensure that the future FDIC workforce
is as prepared, capable, and dedicated as the one it
has today.
Corporate Employee Program
The FDIC’s Corporate Employee Program (CEP)
sponsors the development of newly hired Financial
Institution Specialists (FIS) in entry-level positions.
During the first-year rotation within the program, FIS
gain experience and knowledge in the core business of
the FDIC, including DCP, RMS, DRR, and DIR. At
the conclusion of the rotation period, FIS are placed

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

within RMS or DCP, where they continue their career
path to become commissioned examiners.
The CEP is an essential part of the FDIC’s ability to
provide highly-trained staff for its core occupational
series, and ultimately for its future senior technical
and leadership positions. Nearly 500 individuals are
active in this multi-discipline program. Since the
CEP’s inception in 2005, more than 980 employees
have become commissioned examiners after
successfully completing the program’s requirements.
The FDIC continues to sponsor the Financial
Management Scholars Program (FMSP), an additional
hiring source for the CEP. Participants in the FMSP
complete an internship with the FDIC the summer
following the conclusion of their junior year in
college. The program serves as an additional avenue
to recruit talent.
Employee Learning and Development
The FDIC is committed to training and developing
its employees throughout their careers to enhance
technical proficiency and leadership capacity,
supporting career progression and succession
management. The FDIC is focused on developing
and implementing comprehensive curricula for its
business lines to prepare employees to meet new
challenges. Such training, which includes both
classroom and online instruction for maximum
flexibility, is a critical part of workforce and succession
planning as more experienced employees become
eligible for retirement.
The FDIC also offers a comprehensive leadership
development program that combines core courses,
electives, and other enrichment opportunities to
develop employees at all levels. From new employees
to new executives, the FDIC provides employees
with targeted leadership development opportunities
that align with key leadership competencies. In
addition to a broad array of internally developed and
administered courses, the FDIC also provides its
employees with funds and/or time to participate in
external training to support their career development.

2018
Employee Engagement
The FDIC continually evaluates its human capital
programs and strategies to ensure that it remains an
employer of choice, and that all of its employees are
fully engaged and aligned with the mission. The
FDIC uses the Federal Employee Viewpoint Survey
mandated by Congress to solicit information from
employees, and takes an agency-wide approach to
address key issues identified in the survey. The FDIC
continues to rank near the top in all categories of
the Partnership for Public Service Best Places to Work

Photo credit: Partnership for Public Service

in the Federal Government® list for mid-size federal
agencies. Effective leadership is the primary factor
driving employee satisfaction and commitment in
the federal workplace, according to a report by the
Partnership for Public Service.
The FDIC engages employees through formal
mechanisms such as the Workplace Excellence
program, Chairman’s Diversity Advisory Councils,
and Employee Resource Groups; and informally
through working groups, team discussions, and
daily employee-supervisor interactions. Employee
engagement plays an important role in empowering
employees and helps maintain, enhance, and
institutionalize a positive workplace environment.

Employee Resource Groups bring people together.

Deputy to the Chairman and Chief Operating Officer and Director of the
Division of Administration Arleas Upton Kea receives the award for Best
Places to Work in the Federal Government for mid-sized federal agencies
from Max Stier, President and CEO of Partnership for Public Service.

M A N A G E M E N T ’ S D I S C U S S I O N A N D A N A LY S I S

THIS PAGE INTENTIONALLY LEFT BLANK

II.

PERFORMANCE
RESULTS SUMMARY

THIS PAGE INTENTIONALLY LEFT BLANK

2018
SUMMARY OF 2018 PERFORMANCE RESULTS BY PROGRAM
The FDIC successfully achieved 26 of the 37 annual
performance targets established in its 2018 Annual
Performance Plan. Seven of the targets were not
applicable since there were no bank failures in 2018.
Two targets were substantially achieved, which
involved conducting consumer compliance and CRA
examinations and implementing corrective programs
within timeframes established by FDIC policy. Two
PROGRAM AREA

Insurance

targets were not met, which involved finalizing
rulemaking in regard to regulatory capital standards.
There were no instances in which 2018 performance
had a material adverse effect on the successful
achievement of the FDIC’s mission or its strategic
goals and objectives regarding its major program
responsibilities.
Additional key accomplishments are noted below.

PERFORMANCE RESULTS

♦♦ Updated the FDIC Board of Directors on loss, income, and reserve ratio
projections for the Deposit Insurance Fund (DIF) at the March and
December meetings.
♦♦ Briefed the FDIC Board of Directors in March and December on
progress in meeting the goals of the Restoration Plan.
♦♦ Completed reviews of the recent accuracy of the contingent loss reserve.
♦♦ Researched and analyzed emerging risks and trends in the banking
sector, financial markets, and the overall economy to identify issues
affecting the banking industry and the DIF.
♦♦ Provided policy research and analysis to FDIC leadership in support of
the implementation of financial industry regulation, as well as support
for testimony and speeches.
♦♦ Published economic and banking information and analyses through
the FDIC Quarterly, FDIC Quarterly Banking Profile (QBP), FDIC
State Profiles, Perspectives, and the Center for Financial Research
Working Papers.
♦♦ Operated the Electronic Deposit Insurance Estimator (EDIE), which
had 777,655 user sessions in 2018.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
PROGRAM AREA

PERFORMANCE RESULTS

Supervision

♦♦ A total of 398 institutions were assigned a composite CAMELS rating
of 2 and had Matters Requiring Board Attention (MRBAs) identified in
the examination reports. To ensure that MRBAs are being appropriately
addressed at these institutions, the FDIC timely reviews progress reports
and follows up with bank management as needed. More specifically,
within six months of issuing the examination reports, the FDIC
conducted appropriate follow up and review of these MRBAs at 383 (96
percent) of these institutions. Follow up and review of the MRBAs at
the remaining 15 institutions (4 percent) occurred more than six months
after issuing the examination reports primarily due to delayed responses
from some banks as well as the need for additional information in order
to complete a full review.
♦♦ Participated on the examinations of selected financial institutions, for
which the FDIC is not the primary federal regulator, to assess risk to
the DIF.
♦♦ Implemented the strategy outlined in the work plan approved by the
Advisory Committee on Economic Inclusion to support the expanded
availability of Safe Accounts and the responsible use of technology, to
expand banking services to the underbanked.

Receivership Management

♦♦ Terminated at least 75 percent of new receiverships that are not subject
to loss-share agreements, structured sales, or other legal impediments,
within three years of the date of failure.
♦♦ Continued to enhance the FDIC’s ability to administer deposit
insurance claims at large insured deposit institutions.
♦♦ Evaluated within 120 days all termination offers from Limited Liability
Corporation (LLC) managing members to determine whether to pursue
dissolution of those LLCs that are determined to be in the best overall
economic interest of the participating receiverships.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2018
PERFORMANCE RESULTS BY PROGRAM AND STRATEGIC GOAL
2018 INSURANCE PROGRAM RESULTS
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
#

ANNUAL
PERFORMANCE GOAL

INDICATOR

TARGET

RESULTS

Number of business
days after an institution
failure that depositors
have access to insured
funds.

Depositors have access to insured
funds within one business day if the
failure occurs on a Friday.

N/A – NO FAILURES.
SEE PG. 47.

Depositors have access to insured
funds within two business days if the
failure occurs on any other day of the
week.

N/A – NO FAILURES.
SEE PG. 47.

Insured depositor
losses resulting from
a financial institution
failure.

Depositors do not incur any losses on
insured deposits.

N/A – NO FAILURES.
SEE PG. 47.

No appropriated funds are required to
pay insured depositors.

N/A – NO FAILURES.
SEE PG. 47.

Disseminate data and
analyses on issues and
risks affecting the financial
services industry to bankers,
supervisors, the public, and
other stakeholders on an
ongoing basis.

Scope and timeliness
of information
dissemination on
identified or potential
issues and risks.

Disseminate results of research and
analyses in a timely manner through
regular publications, ad hoc reports,
and other means.

ACHIEVED.
SEE PG. 61.

Adjust assessment rates,
as necessary, to achieve a
DIF reserve ratio of at least
1.35 percent of estimated
insured deposits by
September 30, 2020.

Updated fund balance
projections and
recommended changes
to assessment rates.

Undertake industry outreach
activities to inform bankers and other
stakeholders about current trends,
concerns, and other available FDIC
resources.
Provide updated fund balance
projections to the FDIC Board of
Directors by June 30, 2018, and
December 31, 2018.

Respond promptly to all
insured financial institution
closings and related
emerging issues.

Recommend changes to deposit
insurance assessment rates to the
FDIC Board of Directors as necessary.
Demonstrated progress Provide progress reports to the FDIC
in achieving the goals of Board of Directors by June 30, 2018,
the Restoration Plan.
and December 31, 2018.

ACHIEVED.
SEE PGS. 13,14,61.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
2018 INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
#

ANNUAL
PERFORMANCE GOAL

Expand and strengthen the
FDIC’s participation and
leadership role in supporting
robust and effective deposit
insurance programs,
resolution strategies, and
banking systems worldwide.

Market failing institutions to
all known qualified and
interested potential bidders.
Provide educational
information to insured
depository institutions and
their customers to help
them understand the rules
for determining the amount
of insurance coverage on
deposit accounts.

INDICATOR

TARGET

RESULTS

Activities to expand
and strengthen
engagement with
strategically important
foreign jurisdictions
and key international
organizations and
associations, and to
advance the FDIC’s
global leadership
and participation on
deposit insurance,
bank supervision,
resolution practices and
international financial
safety net issues.

Foster strong relationships with
international banking regulators,
deposit insurers, and other relevant
authorities by engaging with
strategically important jurisdictions
and organizations on international
financial safety net issues.

ACHIEVED.
SEE PGS. 54-55.

Provide leadership and expertise to
key international organizations and
associations that promote sound
deposit insurance and effective bank
supervision and resolution practices.

ACHIEVED.
SEE PGS. 54-55.

Provision of technical
assistance and training
to foreign counterparts.

Promote international standards
and expertise in financial regulatory
practices and stability through the
provision of technical assistance and
training to global financial system
authorities.
Contact all known qualified and
interested bidders.

ACHIEVED.
SEE PGS. 54-55.

Scope of qualified
and interested bidders
solicited.
Timeliness of responses
to deposit insurance
coverage inquiries.
Initiatives to increase
public awareness of
deposit insurance
coverage changes.

P E R F O R M A N C E R E S U LT S S U M M A R Y

N/A – NO FAILURES.
SEE PG. 47.

Respond within two weeks to
95 percent of written inquiries
from consumers and bankers about
FDIC deposit insurance coverage.

ACHIEVED.
SEE PGS. 45-46.

Conduct at least four telephone or
in-person seminars for bankers on
deposit insurance coverage.

ACHIEVED.
SEE PG. 46.

2018
2018 SUPERVISION PROGRAM RESULTS
Strategic Goal: FDIC-insured institutions are safe and sound.
#

ANNUAL
PERFORMANCE GOAL

INDICATOR

TARGET

RESULTS

Conduct on-site risk
management examinations
to assess the overall financial
condition, management
practices and policies, and
compliance with applicable
laws and regulations of
FDIC-supervised depository
institutions. When problems
are identified, promptly
implement appropriate
corrective programs, and
follow up to ensure that
identified problems are
corrected.

Percentage of required
examinations conducted
in accordance with
statutory requirements
and FDIC policy.

Conduct all required risk
management examinations within the
timeframes prescribed by statute and
FDIC policy.

ACHIEVED.
SEE PGS. 14-15.

Follow-up actions on
identified problems.

For at least 90 percent of institutions
that are assigned a composite
CAMELS rating of 2 and for which
the examination report identifies
“Matters Requiring Board Attention”
(MRBAs), review progress reports and
follow up with the institution within
six months of the issuance of the
examination report to ensure that all
MRBAs are being addressed.

ACHIEVED.
SEE PGS. 14-15.

Assist in protecting the
infrastructure of the U.S.
banking system against
terrorist financing, money
laundering, and other
financial crimes.
Ensure that regulatory
capital standards promote
banks’ resilience under stress
and the confidence of their
counterparties.

Percentage of required
Conduct all BSA examinations within
examinations conducted the timeframes prescribed by statute
in accordance with
and FDIC policy.
statutory requirements
and FDIC policy.

ACHIEVED.
SEE PGS. 14-15.

Simplification of
capital standards for
community banks.

Finalize a Notice of Proposed
Rulemaking (NPR) for a simplified
risk-based capital framework for
community banks.

NOT ACHIEVED.
SEE PG. 31.

U.S. implementation of
internationally agreed
regulatory standards.
Enhance the
cybersecurity awareness
and preparedness of the
banking industry.

Finalize the Basel III Net Stable
Funding Ratio (NSFR).

NOT ACHIEVED.
SEE PG. 25.

Implement strategies
to promote enhanced
cybersecurity and business
continuity within the
banking industry.

Continue implementation of a
horizontal review program that
focuses on the information technology
risks in large and complex supervised
institutions and in technology service
providers.

ACHIEVED.
SEE PG. 18.

Continue implementation of the
Cybersecurity Examination Program
for the most significant service
provider examinations.

ACHIEVED.
SEE PG. 18.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
2018 SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Consumers’ rights are protected, and FDIC-supervised institutions invest in their communities.
#

ANNUAL
PERFORMANCE GOAL

Conduct on-site CRA
and consumer compliance
examinations to assess
compliance with applicable
laws and regulations by
FDIC-supervised depository
institutions. When
violations are identified,
promptly implement
appropriate corrective
programs and follow up
to ensure that identified
problems are corrected.
Effectively investigate and
respond to written consumer
complaints and inquiries
about FDIC-supervised
financial institutions.

INDICATOR

TARGET

Conduct all required examinations
Percentage of
examinations conducted within the timeframes established by
in accordance with the FDIC policy.
timeframes prescribed
by FDIC policy.
Implementation of
corrective programs.

Timely responses to
written consumer
complaints and
inquiries.

Promote economic inclusion Completion of planned
and access to responsible
initiatives.
financial services through
supervisory, research, policy,
and consumer/community
affairs initiatives.

P E R F O R M A N C E R E S U LT S S U M M A R Y

Conduct visits and/or follow-up
examinations in accordance with
established FDIC policies to ensure
that the requirements of any required
corrective program have been
implemented and are effectively
addressing identified violations.
Respond to 95 percent of written
consumer complaints and inquiries
within timeframes established by
policy, with all complaints and
inquiries receiving at least an initial
acknowledgement within two weeks.
Publish the results of the 2017 FDIC
National Survey of Unbanked and
Underbanked Households.
Complete planning for the 2019
FDIC National Survey of Unbanked
and Underbanked Households.

RESULTS

SUBSTANTIALLY
ACHIEVED.
SEE PG. 16.

ACHIEVED.
SEE PGS. 45-46.

ACHIEVED.
SEE PG. 41.

Continue to promote broader access
to and use of low-cost transaction and
savings accounts to build banking
relationships that will meet the
needs of unbanked and underbanked
households by increasing the
current level of engagement from
10 communities to 15 communities.

ACHIEVED.
SEE PGS. 41-42

Launch the revised Money Smart for
Adults curriculum.

ACHIEVED.
SEE PGS. 43-44.

2018
2018 SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Large and complex financial institutions are resolvable in an orderly manner under bankruptcy.
#

ANNUAL
PERFORMANCE GOAL

Identify and address risks
in large, complex financial
institutions, including those
designated as systemically
important.

INDICATOR

TARGET

RESULTS

Compliance with the
statutory and regulatory
requirements under
Title I of the DoddFrank Act and Section
360.10 of the FDIC
Rules and Regulations.

In collaboration with the FRB,
continue to review all resolution
plans subject to the requirements of
Section 165(d) of Dodd-Frank to
ensure their conformance to statutory
and other regulatory requirements.
Identify potential impediments
in those plans to resolution
under the Bankruptcy Code.

ACHIEVED.
SEE PGS. 34-36.

Continue to review all resolution
plans subject to the requirements
of Section 360.10 of the Insured
Depository Institutions (IDI) Rule to
ensure their conformance to statutory
and other regulatory requirements.
Identify potential impediments
to resolvability under the Federal
Deposit Insurance (FDI) Act.

ACHIEVED.
SEE PGS. 36-37.

Conduct ongoing risk analysis and
monitoring of large, complex financial
institutions to understand and assess
their structure, business activities, risk
profiles, and resolution and recovery
plans.

ACHIEVED.
SEE PG. 37.

Risk monitoring of
large, complex financial
institutions, bank
holding companies, and
designated nonbanking
firms.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
2018 RECEIVERSHIP MANAGEMENT PROGRAM RESULTS
Strategic Goal: Resolutions are orderly and receiverships are managed effectively.
#

ANNUAL
PERFORMANCE GOAL

INDICATOR

Value, manage, and market
assets of failed institutions
and their subsidiaries in a
timely manner to maximize
net return.

Manage the receivership
estate and its subsidiaries
toward an orderly
termination.

Conduct investigations into
all potential professional
liability claim areas for all
failed insured depository
institutions, and decide
as promptly as possible to
close or pursue each claim,
considering the size and
complexity of the institution.
Ensure the FDIC’s
Refinement of
operational readiness to
resolution plans and
administer the resolution of strategies.
large financial institutions,
including those designated as
systemically important.

RESULTS

N/A – NO FAILURES.
Percentage of the assets For at least 95 percent of insured
SEE PG. 47.
marketed for each failed institution failures, market at least
institution.
90 percent of the book value of the
institution’s marketable assets within
90 days of the failure date (for cash
sales) and within 120 days of the date
that the pool of similar assets is of
sufficient size to bring to market (for
structured sales).
N/A – NO FAILURES.
Timely termination of
Terminate at least 75 percent of new
SEE PG. 47.
new receiverships.
receiverships that are not subject to
loss-share agreements, structured sales,
or other legal impediments within
three years of the date of failure.
ACHIEVED.
Percentage of
For 80 percent of all claim areas,
SEE PG. 49.
investigated claim areas make a decision to close or pursue
for which a decision has professional liability claims within 18
been made to close or
months of the failure of an insured
pursue the claim.
depository institution.

Continued crossborder coordination
and cooperation in
resolution planning.

TARGET

P E R F O R M A N C E R E S U LT S S U M M A R Y

Continue to refine plans to ensure
the FDIC’s operational readiness to
administer the resolution of large
financial institutions under Title II
of the Dodd-Frank Act, including
those nonbank financial companies
designated as systemically important.

ACHIEVED.
SEE PG. 37.

Continue to deepen and strengthen
bilateral working relationships with
key foreign jurisdictions.

ACHIEVED.
SEE PGS. 37-38.

2018
PRIOR YEARS’ PERFORMANCE RESULTS
Refer to the respective full Annual Report of prior
years, located on the FDIC’s website for more
information on performance results for those years.

Shaded areas indicate no such target existed for that
respective year.

INSURANCE PROGRAM RESULTS
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Respond promptly to all insured financial institution
closings and related emerging issues.
♦♦ Depositors have access to insured funds within one
business day if the failure occurs on a Friday.
♦♦ Depositors have access to insured funds within two
business days if the failure occurs on any other
day of the week.
♦♦ Depositors do not incur any losses on
insured deposits.
♦♦ No appropriated funds are required to pay
insured depositors.
2. Disseminate data and analyses on issues and risks
affecting the financial services industry to bankers,
supervisors, the public, and other stakeholders on an
ongoing basis.
♦♦ Disseminate results of research and analyses in a
timely manner through regular publications, ad hoc
reports, and other means.
♦♦ Undertake industry outreach activities to inform
bankers and other stakeholders about current trends,
concerns, and other available FDIC resources.
♦♦ Industry outreach activities are undertaken to inform
bankers and other stakeholders about current trends,
concerns, and other available FDIC resources.
3. Adjust assessment rates, as necessary, to achieve a DIF
reserve ratio of at least 1.35 percent of estimated insured
deposits by September 30, 2020.
♦♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2017, and
December 31, 2017.
♦♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2016, and
December 31, 2016.

2017

2016

2015

2014

2013

ACHIEVED.

ACHIEVED

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
Annual Performance Goals and Targets

♦♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2015, and
December 31, 2015.
♦♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2014, and
December 31, 2014.
♦♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2013, and
December 31, 2013.
♦♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2017, and December 31, 2017.
♦♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2016, and December 31, 2016.
♦♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2015, and December 31, 2015.
♦♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2014, and December 31, 2014.
♦♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2013, and December 31, 2013.
♦♦ Recommend changes to deposit insurance assessment
rates to the FDIC Board of Directors as necessary.
4. Expand and strengthen the FDIC’s participation and
leadership role in supporting robust and effective deposit
insurance programs, resolution strategies, and banking
systems worldwide.
♦♦ Foster strong relationships with international banking
regulators, deposit insurers, and other relevant
authorities by engaging with strategically important
jurisdictions and organizations on key international
financial safety net issues.
♦♦ Provide leadership and expertise to key international
organizations and associations that promote sound
deposit insurance and effective bank supervision and
resolution practices.
♦♦ Promote international standards and expertise in
financial regulatory practices and stability through the
provision of technical assistance and training to global
financial system authorities.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2017

2016

2015

2014

2013

ACHIEVED.

ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.

ACHIEVED.

2018
INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
Annual Performance Goals and Targets

♦♦ Continue to play leadership roles within key
international organizations and associations and
promote sound deposit insurance, bank supervision,
and resolution practices.
♦♦ Promote continued enhancement of international
standards and expertise in financial regulatory
practices and stability through the provision of
technical assistance and training to global financial
system authorities.
♦♦ Develop and foster closer relationships with bank
supervisors in the reviews through the provision of
technical assistance and by leading governance efforts
in the Association of Supervisors of Banks of the
Americas (ASBA).
♦♦ Maintain open dialogue with counterparts in
strategically important jurisdictions, international
financial organizations and institutions, and partner
U.S. agencies; and actively participate in bilateral
interagency regulatory dialogues.
♦♦ Maintain open dialogue with counterparts in
strategically important jurisdictions, international
financial organizations and institutions, and partner
U.S. agencies.
♦♦ Maintain open dialogue with counterparts
in strategically important countries as well as
international financial institutions and partner
U.S. agencies.
♦♦ Maintain a leadership position in the International
Association of Deposit Insurers (IADI) by conducting
workshops and performing assessments of deposit
insurance systems based on the methodology for
assessment of compliance with the IADI Core
Principles for Effective Deposit Insurance Systems
(Core Principles), developing and conducting training
on priority topics identified by IADI members, and
actively participating in IADI’s Executive Council
and Standing Committees.

2017

2016

2015

2014

2013

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
Annual Performance Goals and Targets

♦♦ Conduct workshops and assessments of deposit
insurance systems based on the methodology for
assessment of compliance with Basel Committee on
Bank Supervisions (BCBS) and the International
Association of Depositor Insurers (IADI) Core
Principles for Effective Deposit Insurance Systems.
♦♦ Maintain open dialogue with the Association of
Supervisors of Banks of the Americas (ASBA) to
develop and foster relationships with bank supervisors
in the region by providing assistance when necessary.
♦♦ Engage with authorities responsible for resolutions
and resolutions planning in priority foreign
jurisdictions and contribute to the resolution-related
agenda of the Financial Stability Board (FSB) through
active participation in the FSB’s Resolution Steering
Group (ReSG).
♦♦ Engage with authorities responsible for resolutions
and resolutions planning in priority foreign
jurisdictions.
♦♦ Contribute to the resolution-related agenda of the
Financial Stability Board (FSB) through active
participation in the FSB’s Resolution Steering Group
and its working groups.
♦♦ Actively participate in bilateral interagency regulatory
dialogues.
♦♦ Support visits, study tours, secondments, and longerterm technical assistance and training programs for
representatives for foreign jurisdictions to strengthen
their deposit insurance organizations, central banks,
bank supervisors, and resolution authorities.
5. Market failing institutions to all known qualified and
interested potential bidders.
♦♦ Contact all known qualified and interested bidders.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2017

2016

2015

2014

2013

ACHIEVED.

ACHIEVED

ACHIEVED.

2018
INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
Annual Performance Goals and Targets

6. Provide educational information to insured depository
institutions and their customers to help them
understand the rules for determining the amount of
insurance coverage on deposit accounts.
♦♦ Respond within two weeks to 95 percent of written
inquiries from consumers and bankers about FDIC
deposit insurance coverage.
♦♦ Conduct at least four telephone or in-person seminars
for bankers on deposit insurance coverage.
♦♦ Conduct at least 12 telephone or in-person seminars
for bankers on deposit insurance coverage.
♦♦ Conduct at least 15 telephone or in-person seminars
for bankers on deposit insurance coverage.
♦♦ Complete and post on the FDIC website videos
for bankers and consumers on deposit insurance
coverage.

2017

2016

2015

2014

2013

ACHIEVED.

ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
SUPERVISION PROGRAM RESULTS
Strategic Goal: FDIC-insured institutions are safe and sound.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Conduct on-site risk management examinations to assess
the overall financial condition, management practices
and policies, and compliance with applicable laws and
regulations of FDIC-supervised depository institutions.
When problems are identified, promptly implement
appropriate corrective programs, and follow up to ensure
that identified problems are corrected.
♦♦ Conduct all required risk management examinations
within the time frames prescribed by statute and
FDIC policy.
♦♦ For at least 90 percent of institutions that are assigned
a composite CAMELS rating of 2 and for which the
examination report identifies “Matters Requiring Board
Attention” (MRBAs), review progress reports and
follow up with the institution within six months of the
issuance of the examination report to ensure that all
MRBAs are being addressed.
♦♦ Implement formal or informal enforcement actions
within 60 days for at least 90 percent of all institutions
that are newly downgraded to a composite Uniform
Financial Institutions Rating of 3, 4, or 5.
2. Assist in protecting the infrastructure of the U.S.
banking system against terrorist financing, money
laundering, and other financial crimes.
♦♦ Conduct all Bank Secrecy Act examinations
within the time frames prescribed by statute and
FDIC policy.
3. More closely align regulatory capital standards with risk
and ensure that capital is maintained at prudential levels.
♦♦ Issue a Notice of Proposed Rulemaking (NPR) for a
simplified capital framework for community banks.
♦♦ Issue a final rule implementing the Basel III Net
Stable Funding Ratio.
♦♦ Publish in 2016, a Notice of (proposed) Rulemaking
on the Basel III Net Stable Funding Ratio.
♦♦ Publish by December 31, 2015, an interagency
Notice of Proposed Rulemaking on implementation
of the Basel III Net Stable Funding Ratio.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2017

2016

2015

2014

2013

ACHIEVED.

SUBSTANTIALLY
ACHIEVED.

ACHIEVED.

ACHIEVED.
NOT
ACHIEVED.
ACHIEVED.
NOT
ACHIEVED.

2018
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
Annual Performance Goals and Targets

♦♦ Finalize Basel III reporting instructions in time to
ensure that institutions that are using the advanced
approaches can implement Basel III in the first
quarter of 2014 and that all IDIs can implement the
standardized approach in the first quarter of 2015.
♦♦ Publish a final Basel Liquidity Coverage Rule,
in collaboration with other regulators by
December 31, 2014.
♦♦ Publish a final rule implementing the Basel III capital
accord in collaboration with other regulators, by
December 31, 2014.
♦♦ Finalize, in collaboration with other regulators, an
enhanced U.S. supplementary leverage ratio standard
by December 31, 2014.
♦♦ Complete by June 30, 2013, the review of comments
and impact analysis of June 2012 proposed
interagency changes to regulatory capital rules.
♦♦ Issue by December 31, 2013, final regulatory
capital rules.
4. Implement strategies to promote enhanced information
security, cybersecurity, and business continuity within
the banking industry.
♦♦ Continue implementation of a horizontal review
program that focuses on the IT risks in large and
complex supervised institutions and Technology
Service Providers (TSPs).
♦♦ Revise and implement by December 31, 2017, the
Cybersecurity Examination Tool for TSPs.
♦♦ Establish a horizontal review program that focuses
on the IT risks in large and complex supervised
institutions and Technology Service providers (TSPs).
♦♦ Complete by June 30, 2016, examiner training
and implement by September 30, 2016, the new
IT examination work program to enhance focus
on information security, cybersecurity, and
business continuity.
♦♦ Enhance the technical expertise of the IT
supervisory workforce.
♦♦ Working with FFIEC counterparts, update
and strengthen IT guidance to the industry on
cybersecurity preparedness.

2017

2016

2015

2014

2013

ACHIEVED.

ACHIEVED.
ACHIEVED.

ACHIEVED.

ACHIEVED.
ACHIEVED.

ACHIEVED.

ACHIEVED.
ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
Annual Performance Goals and Targets

♦♦ Working with the FFIEC counterparts, update
and strengthen IT examination work programs
for institutions and technology service providers
(TSPs) to evaluate cybersecurity preparedness and
cyber resiliency.
♦♦ Improve information sharing on identified
technology risks among the IT examination
workforces of FFIEC member agencies.
♦♦ In coordination with the FFIEC, implement
recommendations to enhance the FDIC’s supervision
of the IT risks at insured depository institutions and
their technology service providers.
5. Identify and address risks in financial institutions
designated as systemically important.
♦♦ Conduct ongoing risk analysis and monitoring of
SIFIs to understand their structure, business activities
and risk profiles, and their resolution and recovery
capabilities.
♦♦ Complete, in collaboration with the Federal
Reserve Board and in accordance with statutory and
regulatory timeframes, all required actions associated
with the review of resolution plans submitted by
financial companies subject to the requirements of
Section 165 (d) of the Dodd-Frank Act.
♦♦ Complete, in collaboration with the FRB and in
accordance with statutory and regulatory time frames,
all required actions associated with the review of
Section 165(d) resolution plans submitted under
Title 1 of DFA.
♦♦ Hold at least one meeting of the Systemic
Resolution Advisory Committee to obtain feedback
on resolving SIFIs.
♦♦ Hold at least one meeting of the Systemic Resolution
Advisory Committee to obtain feedback on resolving
systemically important financial companies.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2017

2016

2015

2014

2013

ACHIEVED.

2018
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Consumers’ rights are protected, and FDIC-supervised institutions invest in their communities.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Conduct on-site CRA and consumer compliance
examinations to assess compliance with applicable
laws and regulations by FDIC-supervised depository
institutions. When violations are identified, promptly
implement appropriate corrective programs and follow
up to ensure that identified problems are corrected.
♦♦ Conduct all required examinations within the time
frames established by FDIC policy.
♦♦ Conduct visits and/or follow-up examinations in
accordance with established FDIC policies to ensure
that the requirements of any required corrective
program have been implemented and are effectively
addressing identified violations.
♦♦ Conduct 100 percent of required examinations
within the time frames established by FDIC policy.
2. Effectively investigate and respond to written consumer
complaints and inquiries about FDIC-supervised
financial institutions.
♦♦ Respond to 95 percent of written consumer
complaints and inquiries within time frames
established by policy, with all complaints and
inquiries receiving at least an initial acknowledgment
within two weeks.
3. Promote economic inclusion and access to responsible
financial services through supervisory, research, policy,
and consumer/community affairs initiatives.
♦♦ Revise and administer the 2017 FDIC National
Survey of Unbanked and Underbanked Households.
♦♦ Continue and expand efforts to promote broader
awareness of the availability of low-cost transaction
accounts consistent with the FDIC’s Model SAFE
transaction account template.
♦♦ Complete and pilot a revised, instructor-led Money
Smart for Adults product.
♦♦ Publish the results of the 2015 FDIC National Survey
of Unbanked and Underbanked Household.
♦♦ Complete and present to the Advisory Committee
on Economic Inclusions (ComE-IN) a report on the
pilot Youth Savings Program (YSP) conducted jointly
with the CFPB.

2017

2016

2015

ACHIEVED.

2014

2013

ACHIEVED.

SUBSTANTIALLYACHIEVED.

ACHIEVED.

ACHIEVED.
ACHIEVED.

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
Annual Performance Goals and Targets

♦♦ Revise, test, and administer the 2015 FDIC National
Survey of Unbanked and Underbanked Household.
♦♦ Publish the results of the 2013 FDIC National Survey
of Unbanked and Underbanked Households (conducted
jointly with the U.S. Census Bureau).
♦♦ Conduct the third biennial FDIC National Survey of
Unbanked and Underbanked Households (conducted
jointly with the U.S. Census Bureau).
♦♦ Initiate work on the Survey of Banks’ Efforts to Serve
the Unbanked and Underbanked.
♦♦ Promote broader awareness of the availability of lowcost transaction accounts consistent with the FDIC’s
Model SAFE transaction account template.
♦♦ Support the Advisory Committee on Economic
Inclusion in expanding the availability and awareness
of low-cost transaction accounts, consistent with the
FDIC’s SAFE account template.
♦♦ Implement the strategy outlined in the work plan
approved by the Advisory Committee on Economic
Inclusion to support the expanded availability of
SAFE accounts and the responsible use of technology,
to expand banking services to the underbanked.
♦♦ In partnership with the Consumer Financial
Protection Bureau, enhance financial capability
among school-age children through (1) development
and delivery of tailored financial education materials;
(2) resources and outreach targeted to youth, parents,
and teachers; and (3) implementation of a pilot youth
savings program.
♦♦ Facilitate opportunities for banks and community
stakeholders to address issues concerning access to
financial services, community development, and
financial education.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2017

2016

2015

2014

2013

ACHIEVED.
ACHIEVED.

ACHIEVED.
DEFERRED.
ACHIEVED.

ACHIEVED.

2018
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Large and complex financial institutions are resolvable in an orderly manner under bankruptcy.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Identify and address risks in large and complex financial
institutions, including those designated as systemically
important.
♦♦ In collaboration with the FRB continue to review
all resolution plans subject to the requirements
of Section 165(d) of the DFA to ensure their
conformance to statutory and other regulatory
requirements. Identify potential impediments in
those plans to resolution under the Bankruptcy Code.
♦♦ Continue to review all resolution plans subject
to the requirements of Section 360.10 of the IDI
rule to ensure their conformance to statutory and
other regulatory time frames. Identify potential
impediments to resolvability under the Federal
Deposit Insurance (FDI) Act.
♦♦ Conduct ongoing risk analysis and monitoring of
large, complex financial institutions to understand
and assess their structure, business activities, risk
profiles, and resolution and recovery plans.
♦♦ Conduct ongoing risk analysis and monitoring of
large, complex financial institutions to understand
and assess their structure, business activities, risk
profiles, and resolution and recovery plans.
♦♦ Complete, in collaboration with the FRB and in
accordance with statutory and regulatory time frames,
a review of resolution plans submitted by individual
financial companies subject to the requirements of
section 165 (d) of DFA and Part 360.10 of the FDIC
Rules and Regulations.

2017

2016

ACHIEVED.

2015

2014

2013

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ANNUAL REPORT
RECEIVERSHIP MANAGEMENT PROGRAM RESULTS
Strategic Goal: Resolutions are orderly and receiverships are managed effectively.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Value, manage, and market assets of failed institutions
and their subsidiaries in a timely manner to maximize
net return.
♦♦ For at least 95 percent of insured institution failures,
market at least 90 percent of the book value of the
institution’s marketable assets within 90 days of the
failure date (for cash sales) or 120 days of the failure
date (for structured sales).
2. Manage the receivership estate and its subsidiaries
toward an orderly termination.
♦♦ Terminate at least 75 percent of new receiverships
that are not subject to loss-share agreements,
structured sales, or other legal impediments, within
three years of the date of failure.
♦♦ Terminate within three years of the date of failure,
at least 75 percent of new receiverships that are not
subject to loss-share agreements, structured sales, or
other legal impediments.
3. Conduct investigations into all potential professional
liability claim areas for all failed insured depository
institutions, and decide as promptly as possible, to
close or pursue each claim, considering the size and
complexity of the institution.
♦♦ For 80 percent of all claim areas, make a decision to
close or pursue professional liability claims within
18 months of the failure of an insured depository
institution.
4. Ensure the FDIC’s operational readiness to administer
the resolution of large financial institutions, including
those designated as systemically important.
♦♦ Continue to refine plans to ensure the FDIC’s
operational readiness to administer the resolution
of large financial institutions under Title II of the
DFA, including those nonbank financial companies
designated as systemically important.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2017

2016

2015

2014

2013

ACHIEVED.

2018
RECEIVERSHIP MANAGEMENT PROGRAM RESULTS (continued)
Strategic Goal: Resolutions are orderly and receiverships are managed effectively.
Annual Performance Goals and Targets

♦♦ Refine plans to ensure the FDIC’s operational
readiness to administer the resolution of large
financial institutions including those designated as
systemically important.
♦♦ Continue to deepen and strengthen bilateral working
relationships with key foreign jurisdictions.
♦♦ Hold a meeting of the Systemic Resolution Advisory
Committee in early 2016 to obtain feedback on
resolving SIFIs.
5. Ensure the FDIC’s operational readiness to resolve a
large, complex financial institution using the orderly
liquidation authority in Title II of the DFA.
♦♦ Update and refine firm-specific resolutions plans and
strategies and develop operational procedures for the
administration of a Title II receivership.
♦♦ Prepare for an early 2016 meeting of the Systemic
Resolution Advisory Committee to obtain feedback
on resolving SIFIs.
♦♦ Continue to deepen and strengthen bilateral working
relationships with key foreign jurisdictions.

2017

2016

2015

2014

2013

ACHIEVED.

ACHIEVED.
ACHIEVED.

ACHIEVED.

ACHIEVED.
ACHIEVED

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

THIS PAGE INTENTIONALLY LEFT BLANK

III.

FINANCIAL
HIGHLIGHTS

THIS PAGE INTENTIONALLY LEFT BLANK

2018
In its role as insurer of bank and savings association
deposits, the FDIC promotes the safety and soundness
of insured depository institutions. The following
financial highlights address the performance of the
Deposit Insurance Fund.

DEPOSIT INSURANCE
FUND PERFORMANCE
The DIF balance was $102.6 billion at December 31,
2018, compared to $92.7 billion at year-end 2017.
Assessment revenue, including assessment surcharges
on large banks, drove the growth in the DIF.
Comprehensive income totaled $9.9 billion for 2018,
compared to comprehensive income of $9.6 billion
during 2017, a $275 million year-over-year increase.
Assessment revenue was $9.5 billion for 2018,
compared to $10.6 billion for 2017. The $1.1
billion year-over-year decrease was primarily due to
the cessation of the surcharge assessment on large
institutions effective October 1, 2018, as a result of
the reserve ratio exceeding the required minimum of
1.35 percent as of September 30, 2018.
The DIF’s interest revenue on U.S. Treasury securities
for 2018 was $1.6 billion, compared to interest
revenue of $1.1 billion in 2017. The $576 million
year-over-year increase resulted from a combination of
factors: (1) the Federal Reserve increased the federal
funds target rate, resulting in an increase in the
average overnight investment interest rate; (2) higher
yields on new long-term investments purchased as
older long-term investments matured; and (3) steady
growth in the investment portfolio balance.

The provision for insurance losses was a negative
$563 million for 2018, compared to negative $183
million for 2017. The negative provision for 2018
primarily resulted from a $570 million decrease to the
estimated losses for prior year failures, attributable to:
(1) a decrease in receivership shared-loss liability cost
estimates of $186 million primarily due to lower-thananticipated losses on covered assets, reductions in
shared-loss cost estimates from the early termination
of shared-loss agreements (SLAs) during the year,
and unanticipated recoveries from SLAs where
the commercial loss coverage has expired but the
recovery period remains active; (2) $172 million of
estimated recoveries from residual certificates retained
by receiverships for structured transactions; and (3)
$130 million of unanticipated recoveries received by
receiverships from tax refunds, litigation settlements,
and professional liability claims.
During 2018, the DIF recognized an unrealized
loss on U.S. Treasury securities of $136 million,
down from a $500 million unrealized loss in 2017.
The unrealized loss in 2018 was the result of yields
rising dramatically across all maturity sectors of the
Treasury yield curve, resulting in declines in the
securities’ market values relative to their book values.
The DIF’s cash, cash equivalents, and U.S. Treasury
investment portfolio balances increased by $13.4
billion during 2018 to $98.5 billion at year-end 2018,
from $85.1 billion at year-end 2017. This increase
was primarily due to assessment collections of $10.8
billion, recoveries from resolutions of $3.3 billion, and
interest received on U.S. Treasury securities of $1.8
billion, less operating expenses paid of $1.7 billion.

FINANCIAL HIGHLIGHTS

ANNUAL REPORT
ESTIMATED DIF INSURED DEPOSITS
8,000
7,000

Dollars in Billions

6,000
5,000
4,000
3,000
2,000
1,000
0

3-11 6-11 9-11 12-11 3-12 6-12 9-12 12-12 3-13 6-13 9-13 12-13 3-14 6-14 9-14 12-14 3-15 6-15 9-15 12-15 3-16 6-16 9-16 12-16 3-17 6-17 9-17 12-17 3-18 6-18 9-18

SOURCE: Commercial Bank Call and Thrift Financial Reports
Note: Beginning in fourth quarter 2010 through fourth quarter 2012, estimated insured deposits include the entire balance of noninterest-bearing transaction
accounts.

Fund Balance as a Percent of Estimated Insured Deposits

DEPOSIT INSURANCE FUND RESERVE RATIOS

1.4
1.2
1.0
0.8
0.6
0.4
0.2
0.0
-0.2

3-11 6-11 9-11 12-11 3-12 6-12 9-12 12-12 3-13 6-13 9-13 12-13 3-14 6-14 9-14 12-14 3-15 6-15 9-15 12-15 3-16 6-16 9-16 12-16 3-17 6-17 9-17 12-17 3-18 6-18 9-18

FINANCIAL HIGHLIGHTS

2018
DEPOSIT INSURANCE FUND SELECTED STATISTICS
Dollars in Millions

For the years ended December 31
2018

2017

2016

$11,171

$11,664

$10,674

Operating Expenses

1,765

1,739

1,715

Insurance and Other Expenses (includes provision for losses)

(560)

(181)

(1,564)

Net Income

9,966

10,105

10,524

Comprehensive Income

9,861

9,586

10,561

Insurance Fund Balance

$102,609

$92,747

$83,162

1.36%³

1.30%

1.20%

5,477³

5,670

5,913

71³

123

$53,289³

$13,939

$27,624

$5,082

$277

272

338

378

Financial Results
Revenue

Fund as a Percentage of Insured Deposits (reserve ratio)
Selected Statistics
Total DIF-Member Institutions1
Problem Institutions
Total Assets of Problem Institutions
Institution Failures
Total Assets of Failed Institutions in Year2
Number of Active Failed Institution Receiverships
1

Commercial banks and savings institutions. Does not include U.S. insured branches of foreign banks.

Total Assets data are based upon the last Call Report filed by the institution prior to failure.

As of September 30, 2018.

FINANCIAL HIGHLIGHTS

THIS PAGE INTENTIONALLY LEFT BLANK

IV.

BUDGET
AND SPENDING

THIS PAGE INTENTIONALLY LEFT BLANK

2018
FDIC OPERATING BUDGET

funding, and $43 million for the OIG. The level
of approved ongoing operations budget for 2019 is
approximately $2 million (0.1 percent) lower than
the 2018 ongoing operations budget, while the
approved receivership funding budget is $50 million
(22 percent) lower than the 2018 receivership funding
budget. The 2019 OIG budget is $3 million (7
percent) higher than the 2018 OIG budget.

The FDIC segregates its corporate operating budget
and expenses into three discrete components: ongoing
operations, receivership funding, and the Office of
Inspector General (OIG). The receivership funding
component represents expenses resulting from
financial institution failures and is, therefore, largely
driven by external forces and is less controllable and
estimable. FDIC operating expenditures totaled $1.9
billion in 2018, including $1.7 billion in ongoing
operations, $145 million in receivership funding,
and $37 million for the OIG. This represented
approximately 94 percent of the approved budget
for ongoing operations, 64 percent of the approved
budget for receivership funding, and 92 percent of the
approved budget for the OIG for the year.

As in prior years, the 2019 budget was formulated
primarily on the basis of an analysis of projected
workload for each of the Corporation’s three major
business lines and its program support functions. The
most significant factor contributing to the decrease
in the FDIC Operating Budget is the improving
health of the industry and the resultant reduction
in failure related workload. Although savings in
this area are being realized, the 2019 receivership
funding budget provides resources for contractor
support should workload in these areas require an
immediate response.

The approved 2019 FDIC Operating Budget of
approximately $2.0 billion consists of $1.8 billion
for ongoing operations, $175 million for receivership

FDIC EXPENDITURES 2009–2018
Dollars in Millions

$3,500
$3,000
$2,500
$2,000
$1,500
$1,000
$500
$0

2009

2010

2011

2012

2013

2014

2015

2016

2017

2018

BUDGET AND SPENDING

ANNUAL REPORT
The FDIC’s Strategic Plan and Annual Performance
Plan provide the basis for annual planning and
budgeting for needed resources. The 2018 aggregate
budget (for ongoing operations, receivership
funding, OIG, and investment spending) was
$2.1 billion, while actual expenditures for the
year were $1.9 billion, about $34 million less than
2017 expenditures.

Over the past decade the FDIC’s expenditures have
varied in response to workload. During the last
several years, expenditures have fallen, largely due to
decreasing resolution and receivership activity. To a
lesser extent decreased expenses have resulted from
supervision-related costs associated with the oversight
of fewer troubled institutions.

2018 BUDGET AND EXPENDITURES BY PROGRAM
(including Allocated Support)
Dollars in Millions

$1,200
Budget

Expenditures

$900
$600
$300
$0
Supervision
and Consumer
Protection
Program

Receivership
Management
Program

2018 BUDGET AND
EXPENDITURES BY PROGRAM
(Excluding Investments)
The FDIC budget for 2018 totaled approximately $2.1
billion. Budget amounts were allocated as follows:
$1.07 billion or 51 percent, to the Supervision and
Consumer Protection program; $451 million or 21
percent, to the Receivership Management program;
$309 million, or 15 percent, to the Insurance

BUDGET AND SPENDING

Insurance
Program

General and
Administrative

program; and $271 million, or 13 percent, to
Corporate General and Administrative expenditures.
Actual expenditures for the year totaled $1.9
billion. Actual expenditures amounts were allocated
as follows: $1.06 billion, or 56 percent, to the
Supervision and Consumer Protection program;
$327 million, or 17 percent, to the Receivership
Management program; $300 million, or 16 percent,
to the Insurance program; and $213 million, or
11 percent, to Corporate General and Administrative
expenditures.

2018
INVESTMENT SPENDING
The FDIC instituted a separate Investment Budget in
2003 to provide enhanced governance of major multiyear development efforts. It has a disciplined process
for reviewing proposed new investment projects and
managing the construction and implementation of
approved projects. Proposed IT projects are carefully
reviewed to ensure that they are consistent with the
Corporation’s enterprise architecture. The project

approval and monitoring processes also enable
the FDIC to be aware of risks to the major capital
investment projects and facilitate appropriate, timely
intervention to address these risks throughout the
development process. An investment portfolio
performance review is provided to the FDIC’s Board
of Directors on a quarterly basis. From 2009-2018,
investment spending totaled $104 million and is
estimated at $9 million for 2019.

INVESTMENT SPENDING 2009 - 2018
Dollars in Millions

$30
$25
$20
$15
$10
$5
$0

2009

2010

2011

2012

2013

2014

2015

2016

2017

2018

BUDGET AND SPENDING

THIS PAGE INTENTIONALLY LEFT BLANK

FINANCIAL
SECTION

ANNUAL REPORT
DEPOSIT INSURANCE FUND (DIF)
Federal Deposit Insurance Corporation

Deposit Insurance Fund Balance Sheet

As of December 31

2018

(Dollars in Thousands)

2017

ASSETS
Cash and cash equivalents

Investment in U.S. Treasury securities (Note 3)
Assessments receivable (Note 9)
Interest receivable on investments and other assets, net
Receivables from resolutions, net (Note 4)
Property and equipment, net (Note 5)
Total Assets

5,773,995 $

1,829,198

92,708,356

83,302,963

1,376,341

2,634,386

549,791

505,766

3,058,241

5,972,971

328,530

334,050

103,795,254 $

94,579,334

198,072 $

236,971

LIABILITIES
Accounts payable and other liabilities
Liabilities due to resolutions (Note 6)

604,776

1,203,260

Postretirement benefit liability (Note 12)

235,935

259,316

113,936

97,777

Contingent liabilities:
Anticipated failure of insured institutions (Note 7)
Guarantee payments and litigation losses (Notes 7 and 8)

33,611

34,515

1,186,330

1,831,839

103,238,013

93,272,447

(615,549)

(479,362)

Unrealized postretirement benefit (loss) (Note 12)

(13,540)

(45,590)

Total Accumulated Other Comprehensive (Loss)

(629,089)

(524,952)

Total Liabilities
Commitments and off-balance-sheet exposure (Note 13)
FUND BALANCE
Accumulated Net Income
ACCUMULATED OTHER COMPREHENSIVE INCOME
Unrealized (loss) on U.S. Treasury securities, net (Note 3)

Total Fund Balance
Total Liabilities and Fund Balance
The accompanying notes are an integral part of these financial statements.

FINANCIAL SECTION

102,608,924

92,747,495

103,795,254 $

94,579,334

2018
DEPOSIT INSURANCE FUND (DIF)
Federal Deposit Insurance Corporation

Deposit Insurance Fund Statement of Income and Fund Balance

For the Years Ended December 31

2018

(Dollars in Thousands)

2017

REVENUE
Assessments (Note 9)

Interest on U.S. Treasury securities

9,526,723 $

10,594,838

1,632,863

1,056,989

11,208

11,947

11,170,794

11,663,774

1,764,748

1,739,395

(562,622)

(183,149)

3,102

2,072

Total Expenses and Losses

1,205,228

1,558,318

Net Income

9,965,566

10,105,456

Other revenue
Total Revenue
EXPENSES AND LOSSES
Operating expenses (Note 10)
Provision for insurance losses (Note 11)
Insurance and other expenses

OTHER COMPREHENSIVE INCOME
Unrealized (loss) on U.S. Treasury securities, net
Unrealized postretirement benefit gain (loss) (Note 12)
Total Other Comprehensive (Loss)
Comprehensive Income
Fund Balance - Beginning
Fund Balance - Ending

(136,187)

(499,633)

32,050

(19,843)

(104,137)

(519,476)

9,861,429

9,585,980

92,747,495

83,161,515

102,608,924 $

92,747,495

The accompanying notes are an integral part of these financial statements.

FINANCIAL SECTION

ANNUAL REPORT
DEPOSIT INSURANCE FUND (DIF)
Federal Deposit Insurance Corporation

Deposit Insurance Fund Statement of Cash Flows

For the Years Ended December 31

2018

(Dollars in Thousands)

2017

OPERATING ACTIVITIES
Provided by:
Assessments

10,766,890 $

10,609,959

Interest on U.S. Treasury securities

1,837,400

1,622,583

Recoveries from financial institution resolutions

3,254,230

3,952,375

18,290

16,853

(1,744,274)

(1,838,673)

(353,448)

(3,010,042)

(3,694)

(799)

Miscellaneous receipts
Used by:
Operating expenses
Disbursements for financial institution resolutions
Miscellaneous disbursements
Net Cash Provided by Operating Activities

13,775,394

11,352,256

27,354,816

29,931,209

(37,140,141)

(40,756,734)

(45,272)

(30,499)

(9,830,597)

(10,856,024)

INVESTING ACTIVITIES
Provided by:
Maturity of U.S. Treasury securities
Used by:
Purchase of U.S. Treasury securities
Purchase of property and equipment
Net Cash (Used) by Investing Activities
Net Increase in Cash and Cash Equivalents

3,944,797

496,232

Cash and Cash Equivalents - Beginning

1,829,198

1,332,966

5,773,995 $

1,829,198

Cash and Cash Equivalents - Ending
The accompanying notes are an integral part of these financial statements.

FINANCIAL SECTION

2018
DEPOSIT INSURANCE FUND

NOTES TO THE FINANCIAL STATEMENTS
December 31, 2018 and 2017
1.

Operations of the Deposit Insurance Fund

OVERVIEW
The Federal Deposit Insurance Corporation (FDIC) is the
independent deposit insurance agency created by Congress
in 1933 to maintain stability and public confidence in the
nation’s banking system. Provisions that govern the FDIC’s
operations are generally found in the Federal Deposit
Insurance (FDI) Act, as amended (12 U.S.C. 1811, et seq). In
accordance with the FDI Act, the FDIC, as administrator of
the Deposit Insurance Fund (DIF), insures the deposits of
banks and savings associations (insured depository
institutions). In cooperation with other federal and state
agencies, the FDIC promotes the safety and soundness of
insured depository institutions (IDIs) by identifying,
monitoring, and addressing risks to the DIF. Commercial
banks, savings banks and savings associations (known as
“thrifts”) are supervised by either the FDIC, the Office of the
Comptroller of the Currency, or the Federal Reserve Board.
In addition to being the administrator of the DIF, the FDIC is
the administrator of the FSLIC Resolution Fund (FRF). The
FRF is a resolution fund responsible for the sale of the
remaining assets and the satisfaction of the liabilities
associated with the former Federal Savings and Loan
Insurance Corporation (FSLIC) and the former Resolution
Trust Corporation. The FDIC maintains the DIF and the FRF
separately to support their respective functions.
Pursuant to the Dodd-Frank Wall Street Reform and
Consumer Protection Act of 2010 (Dodd-Frank Act), the FDIC
also manages the Orderly Liquidation Fund (OLF).
Established as a separate fund in the U.S. Treasury (Treasury),
the OLF is inactive and unfunded until the FDIC is appointed
as receiver for a covered financial company. A covered
financial company is a failing financial company (for
example, a bank holding company or nonbank financial
company) for which a systemic risk determination has been
made as set forth in section 203 of the Dodd-Frank Act.
The Dodd-Frank Act (Public Law 111-203) granted the FDIC
authority to establish a widely available program to
guarantee obligations of solvent IDIs or solvent depository
institution holding companies (including affiliates) upon the
systemic risk determination of a liquidity event during times
of severe economic distress. The program would not be
funded by the DIF but rather by fees and assessments paid
by all participants in the program. If fees are insufficient to
cover losses or expenses, the FDIC must impose a special

assessment on participants as necessary to cover the
shortfall. Any excess funds at the end of the liquidity event
program would be deposited in the General Fund of the
Treasury.
The Dodd-Frank Act also created the Financial Stability
Oversight Council (FSOC) of which the Chairman of the FDIC
is a member and expanded the FDIC’s responsibilities to
include supervisory review of resolution plans (known as
living wills) and backup examination authority for
systemically important bank holding companies and
nonbank financial companies supervised by the Federal
Reserve Board. The living wills provide for an entity’s rapid
and orderly resolution in the event of material financial
distress or failure.
OPERATIONS OF THE DIF
The primary purposes of the DIF are to (1) insure the
deposits and protect the depositors of IDIs and (2) resolve
failed IDIs upon appointment of the FDIC as receiver in a
manner that will result in the least possible cost to the DIF.
The DIF is primarily funded from deposit insurance
assessments. Other available funding sources, if necessary,
are borrowings from the Treasury, the Federal Financing
Bank (FFB), Federal Home Loan Banks, and IDIs. The FDIC
has borrowing authority of $100 billion from the Treasury
and a Note Purchase Agreement with the FFB, not to exceed
$100 billion, to enhance the DIF’s ability to fund deposit
insurance.
A statutory formula, known as the Maximum Obligation
Limitation (MOL), limits the amount of obligations the DIF
can incur to the sum of its cash, 90 percent of the fair market
value of other assets, and the amount authorized to be
borrowed from the Treasury. The MOL for the DIF was
$201.8 billion and $191.5 billion as of December 31, 2018
and 2017, respectively.
OPERATIONS OF RESOLUTION ENTITIES
The FDIC, as receiver, is responsible for managing and
disposing of the assets of failed institutions in an orderly and
efficient manner.
The assets held by receiverships,
conservatorships, and bridge institutions (collectively,
resolution entities), and the claims against them, are
accounted for separately from the DIF assets and liabilities to
ensure that proceeds from these entities are distributed
according to applicable laws and regulations. Therefore,
income and expenses attributable to resolution entities are

FINANCIAL SECTION

99
1

ANNUAL REPORT
DEPOSIT INSURANCE FUND
accounted for as transactions of those entities. The FDIC, as
administrator of the DIF, bills resolution entities for services
provided on their behalf.

Summary of Significant Accounting Policies

GENERAL
The financial statements include the financial position,
results of operations, and cash flows of the DIF and are
presented in accordance with U.S. generally accepted
accounting principles (GAAP). These statements do not
include reporting for assets and liabilities of resolution
entities because these entities are legally separate and
distinct, and the DIF does not have any ownership or
beneficial interests in them. Periodic and final accounting
reports of resolution entities are furnished to courts,
supervisory authorities, and others upon request.
USE OF ESTIMATES
The preparation of the financial statements in conformity
with GAAP requires management to make estimates and
assumptions that affect the reported amounts of assets and
liabilities, revenue and expenses, and disclosure of
contingent liabilities. Actual results could differ from these
estimates. Where it is reasonably possible that changes in
estimates will cause a material change in the financial
statements in the near term, the nature and extent of such
potential changes in estimates have been disclosed. The
more significant estimates include the assessments
receivable and associated revenue; the allowance for loss on
receivables from resolutions (which considers the impact of
shared-loss agreements); the guarantee obligations for
structured transactions; the postretirement benefit
obligation; and the estimated losses for anticipated failures.
CASH EQUIVALENTS
Cash equivalents are short-term, highly liquid investments
consisting primarily of U.S. Treasury Overnight Certificates.
INVESTMENT IN U.S. TREASURY SECURITIES
The FDI Act requires that the DIF funds be invested in
obligations of the United States or in obligations guaranteed
as to principal and interest by the United States. The
Secretary of the Treasury must approve all such investments
in excess of $100,000 and has granted the FDIC approval to
invest the DIF funds only in U.S. Treasury obligations that are
purchased or sold exclusively through the Treasury’s Bureau
of the Fiscal Service’s Government Account Series program.
The DIF’s investments in U.S. Treasury securities are classified
as available-for-sale (AFS). Securities designated as AFS are
shown at fair value. Unrealized gains and losses are

100

FINANCIAL SECTION

reported as other comprehensive income. Any realized
gains and losses are included in the Statement of Income
and Fund Balance as components of net income. Income on
securities is calculated and recorded daily using the effective
interest or straight-line method depending on the maturity
of the security (see Note 3).
REVENUE RECOGNITION FOR ASSESSMENTS
Assessment revenue is recognized for the quarterly period of
insurance coverage based on an estimate. The estimate is
derived from an institution’s regular risk-based assessment
rate and assessment base for the prior quarter adjusted for
certain changes in supervisory examination ratings for larger
institutions as well as modest assessment base growth and
average assessment rate adjustment factors. Effective third
quarter 2016 through third quarter 2018, the estimate
included a surcharge for institutions with $10 billion or more
in total consolidated assets (see Note 9). At the subsequent
quarter-end, the estimated revenue amounts are adjusted
when actual assessments for the covered period are
determined for each institution.
CAPITAL ASSETS AND DEPRECIATION
The FDIC buildings are depreciated on a straight-line basis
over a 35- to 50-year estimated life. Building improvements
are capitalized and depreciated over the estimated useful life
of the improvements.
Leasehold improvements are
capitalized and depreciated over the lesser of the remaining
life of the lease or the estimated useful life of the
improvements, if determined to be material. Capital assets
depreciated on a straight-line basis over a five-year
estimated useful life include mainframe equipment;
furniture, fixtures, and general equipment; and internal-use
software. Computer equipment is depreciated on a straightline basis over a three-year estimated useful life (see Note 5).
PROVISION FOR INSURANCE LOSSES
The provision for insurance losses primarily represents
changes in the allowance for losses on receivables from
closed banks and the contingent liability for anticipated
failure of insured institutions (see Note 11).
REPORTING ON VARIABLE INTEREST ENTITIES
The receiverships engaged in structured transactions, some
of which resulted in the issuance of note obligations that
were guaranteed by the FDIC, in its corporate capacity. As
the guarantor of note obligations for several structured
transactions, the FDIC, in its corporate capacity, holds an
interest in many variable interest entities (VIEs). The FDIC
conducts a qualitative assessment of its relationship with
each VIE as required by the Financial Accounting Standards
Board (FASB) Accounting Standards Codification (ASC) Topic
810, Consolidation. These assessments are conducted to

2018
NOTES TO THE FINANCIAL STATEMENTS
determine if the FDIC, in its corporate capacity, has (1) power
to direct the activities that most significantly affect the
economic performance of the VIE and (2) an obligation to
absorb losses of the VIE or the right to receive benefits from
the VIE that could potentially be significant to the VIE. When
a variable interest holder has met both of these
characteristics, the enterprise is considered the primary
beneficiary and must consolidate the VIE. In accordance
with the provisions of FASB ASC Topic 810, an assessment of
the terms of the legal agreement for each VIE was
conducted to determine whether any of the terms had been
activated or modified in a manner that would cause the
FDIC, in its corporate capacity, to be characterized as a
primary beneficiary.
In making that determination,
consideration was given to which, if any, activities were
significant to each VIE. Often, the right to service collateral,
to liquidate collateral, or to unilaterally dissolve the VIE was
determined to be the most significant activity. In other
cases, it was determined that the structured transactions did
not include such significant activities and that the design of
the entity was the best indicator of which party was the
primary beneficiary.
The conclusion of these analyses was that the FDIC, in its
corporate capacity, has not engaged in any activity that
would cause the FDIC to be characterized as a primary
beneficiary to any VIE with which it was involved as of
December 31, 2018 and 2017. Therefore, consolidation is
not required for the December 31, 2018 and 2017 DIF
financial statements. In the future, the FDIC, in its corporate
capacity, may become the primary beneficiary upon the
activation of provisional contract rights that extend to the
FDIC if payments are made on guarantee claims. Ongoing
analyses will be required to monitor consolidation
implications under FASB ASC Topic 810.

to AFS debt securities. In November 2018, the FASB issued
ASU 2018-19, Codification Improvements to Topic 326,
Financial Instruments—Credit Losses, that changed the
effective date of ASU 2016-13 for the DIF to January 1,
2022. ASU 2016-13 requires the cumulative effect of the
change on the DIF’s beginning fund balance when it is
adopted. The FDIC continues to assess the effect ASU 201613 will have on the DIF’s financial position and results of
operations.
Other recent accounting pronouncements have been
deemed not applicable or material to the financial
statements as presented.

3. Investment in U.S. Treasury Securities
The “Investment in U.S. Treasury securities” line item on the
Balance Sheet consisted of the following components by
maturity (dollars in millions).
December 31, 2018
Yield at
Maturity
Purchase
U.S. Treasury notes and bonds
Within 1 year
1.90% $
After 1 year
through 5 years
Total

2.08%

Net
Carrying
Amount

Face
Value
28,950

64,650
$

93,600

28,997 $

Unrealized
Holding
Gains
0 $

Unrealized
Holding
Losses

Fair
Value

(104) $

28,893

64,327

137

(649)

63,815

93,324 $

137 $

(753) a $

92,708

(a) These unrealized losses occurred as a result of temporary changes in market interest
rates. The FDIC does not intend to sell the securities and is not likely to be required to sell
them before their maturity date, thus, the FDIC does not consider these securities to be
other than temporarily impaired at December 31, 2018. As of December 31, 2018,
securities with a continuous unrealized loss position of less than 12 months had an
aggregate related fair value and unrealized loss of $21.6 billion and $77 million,
respectively. For those with a continuous unrealized loss position of 12 months or longer,
their aggregate related fair value and unrealized losses were $53.1 billion and $676 million,
respectively.

The FDIC’s involvement with VIEs is fully described in Note 8
under FDIC Guaranteed Debt of Structured Transactions.
RELATED PARTIES
The nature of related parties and a description of related
party transactions are discussed in Note 1 and disclosed
throughout the financial statements and footnotes.
APPLICATION OF RECENT ACCOUNTING STANDARDS
In June 2016, the FASB issued ASU 2016-13, Financial
Instruments—Credit Losses (Topic 326): Measurement of
Credit Losses on Financial Instruments. The ASU will replace
the incurred loss impairment model with a new expected
credit loss model for financial assets measured at amortized
cost and for off-balance-sheet credit exposures.
The
guidance also amends the AFS debt securities impairment
model by requiring the use of an allowance to record
estimated credit losses (and subsequent recoveries) related

FINANCIAL SECTION

101
3

ANNUAL REPORT
DEPOSIT INSURANCE FUND
December 31, 2017
Yield at
Maturity
Purchasea
U.S. Treasury notes and bonds
Within 1 year
1.25% $

Net
Carrying
Amount

Face
Value
26,525 b $

-0.14% $
$
$

a book value of $5.1 billion as of December 31, 2018, and
$8.8 billion as of December 31, 2017 (including $4.0 billion
and $6.5 billion, respectively, of cash, investments,
receivables due from the DIF, and other receivables).

Fair
Value

0 $

(53) $

26,608

56,694

(428)

56,269

83,355 $

3 $

(481) $

82,877

427 $
427 $

0 $
0 $

(1) $
(1) $

426
426

83,782 $

3 $

(482) c $

83,303

400 $
400 $
83,425

Unrealized
Holding
Losses

26,661 $

After 1 year
1.67%
56,500
through 5 years
Subtotal
$
83,025 $
U.S. Treasury Inflation-Protected Securities
Within 1 year
Subtotal
Total

Unrealized
Holding
Gains

(a) The Treasury Inflation-Protected Securities (TIPS) are indexed to increases or decreases
in the Consumer Price Index for All Urban Consumers (CPI-U). For TIPS, the yields in the
above table are stated at their real yields at purchase, not their effective yields. Effective
yields on TIPS include a long-term annual inflation assumption as measured by the CPI-U.
The long-term CPI-U consensus forecast is 2.0 percent, based on figures issued by the
Congressional Budget Office and Blue Chip Economic Indicators in early 2017.
(b) Includes two Treasury notes totaling $2.1 billion which matured on Sunday, December
31, 2017. Settlements occurred the next business day, January 2, 2018.
(c) These unrealized losses occurred over a period of less than a year as a result of
temporary changes in market interest rates. The FDIC does not intend to sell the securities
and is not likely to be required to sell them before their maturity date, thus, the FDIC does
not consider these securities to be other than temporarily impaired at December 31, 2017.
The aggregate related fair value of securities with unrealized losses was $75.5 billion as of
December 31, 2017.

4. Receivables from Resolutions, Net
The receivables from resolutions result from DIF payments to
cover obligations to insured depositors (subrogated claims),
advances to resolution entities for working capital, and
administrative expenses paid on behalf of resolution entities.
Any related allowance for loss represents the difference
between the funds advanced and/or obligations incurred
and the expected repayment. Estimated future payments on
losses incurred on assets sold to an acquiring institution
under a shared-loss agreement (SLA) are factored into the
computation of the expected repayment. Assets held by
resolution entities (including structured transaction-related
assets; see Note 8) are the main source of repayment of the
DIF’s receivables from resolutions. The “Receivables from
resolutions, net” line item on the Balance Sheet consisted of
the following components (dollars in thousands).

December 31
Receivables from closed banks

Allowance for losses
Total

December 31

2018

2017

68,267,737 $

76,725,761

(65,209,496)

(70,752,790)

3,058,241 $

5,972,971

As of December 31, 2018, the FDIC, as receiver, managed
272 active receiverships; no new receiverships were
established in 2018. The resolution entities held assets with

102

FINANCIAL SECTION

Estimated cash recoveries from the management and
disposition of assets that are used to determine the
allowance for losses are based on asset recovery rates from
several sources, including actual or pending institutionspecific asset disposition data, failed institution-specific asset
valuation data, aggregate asset valuation data on several
recently failed or troubled institutions, sampled asset
valuation data, and empirical asset recovery data based on
failures since 2007. Methodologies for determining the
asset recovery rates incorporate estimating future cash
recoveries, net of applicable liquidation cost estimates, and
discounting based on market-based risk factors applicable to
a given asset’s type and quality. The resulting estimated
cash recoveries are then used to derive the allowance for
loss on the receivables from these resolutions.
For failed institutions resolved using a whole bank purchase
and assumption transaction with an accompanying SLA, the
projected future shared-loss payments on the covered
residential and commercial loan assets sold to the acquiring
institution under the agreement are considered in
determining the allowance for loss on the receivables from
these resolutions. The shared-loss cost projections are
based on the covered assets’ intrinsic value, which is
determined using financial models that consider the quality,
condition and type of covered assets, current and future
market conditions, risk factors, and estimated asset holding
periods.
For year-end 2018, the shared-loss cost estimates were
updated for all 81 receiverships with active SLAs. The
updated shared-loss cost projections for 13 residential SLAs,
which represent the majority ($5.0 billion or 52 percent) of
shared-loss covered assets of $9.6 billion, were primarily
based on third-party valuations estimating the cumulative
loss of covered assets. The updated cost projections on the
remaining residential shared-loss covered assets ($4.6 billion
or 48 percent) were based on pending sales activity and the
FDIC’s historical loss experience that also factors in the time
period based on the life of the agreement. This is a change
from 2017, when the valuation methodology on such assets
were either based on third-party valuations or a stratified
random sample of institutions selected for third-party loss
estimations and valuation results from the sampled
institutions were aggregated and extrapolated to the nonsampled institutions by asset type and performance status.
This change was made to address the seasoned nature of
this portfolio (loss coverage will expire on 75 percent of the

2018
NOTES TO THE FINANCIAL STATEMENTS
remaining covered assets within one year of December
2018). The effect of this change was a $138 million decrease
to the shared-loss liability. As of December 31, 2018, all
commercial asset shared-loss coverage has expired. For the
year ending December 31, 2017, shared-loss cost projections
for commercial covered assets were based on the FDIC’s
historical loss experience that also factored in the time
period based on the life of the agreement.

The estimated shared-loss liability is accounted for by the
receiver and is included in the calculation of the DIF’s
allowance for loss against the corporate receivable from the
resolution. As shared-loss claims are asserted and proven,
receiverships satisfy these shared-loss payments using
available liquidation funds and/or by drawing on amounts
due from the DIF for funding the deposits assumed by the
acquirer (see Note 6).

Also reflected in the allowance for loss calculation are endof-agreement SLA “true-up” recoveries. True-up recoveries
are projected to be received at expiration in accordance with
the terms of the SLA, if actual losses at expiration are lower
than originally estimated.

Receivership shared-loss transactions are summarized as
follows (dollars in thousands).

Note that estimated asset recoveries are regularly evaluated
during the year, but remain subject to uncertainties because
of potential changes in economic and market conditions,
which may cause the DIF’s actual recoveries to vary
significantly from current estimates.

Shared-loss payments made to date, net of recoveries

Projected shared-loss payments, net of "true-up" recoveries

175,207 $

428,971

Total remaining shared-loss covered assets

9,602,069 $

13,896,921

WHOLE
BANK
PURCHASE
AND
ASSUMPTION
TRANSACTIONS WITH SHARED-LOSS AGREEMENTS
Since the beginning of 2008 through 2013, the FDIC resolved
304 failures using whole bank purchase and assumption
resolution transactions with accompanying SLAs on total
assets of $215.7 billion purchased by the financial institution
acquirers. The acquirer typically assumed all of the deposits
and purchased essentially all of the assets of a failed
institution. The majority of the commercial and residential
loan assets were purchased under an SLA, where the FDIC
agreed to share in future losses and recoveries experienced
by the acquirer on those assets covered under the
agreement.
Losses on the covered assets of failed institutions are shared
between the acquirer and the FDIC, in its receivership
capacity, when losses occur through the sale, foreclosure,
loan modification, or charge-off of loans under the terms of
the SLA. The majority of the agreements cover commercial
and single-family loans over a five- to ten-year shared-loss
period, respectively, with the receiver covering 80 percent of
the losses incurred by the acquirer and the acquiring
institution covering 20 percent. Prior to March 26, 2010,
most SLAs included a threshold amount, above which the
receiver covered 95 percent of the losses incurred by the
acquirer. Recoveries by the acquirer on covered commercial
and single-family SLA losses are also shared over an eightto ten-year period, respectively. Note that future recoveries
on SLA losses are not factored into the DIF allowance for loss
calculation because the amount and timing of such receipts
are not determinable.

December 31

2018

2017

29,088,461 $

29,014,957

The $4.3 billion reduction in the remaining shared-loss
covered assets from 2017 to 2018 is primarily due to the
liquidation of covered assets from active SLAs, expiration of
loss coverage for two commercial loan SLAs, and early
termination of SLAs impacting 20 receiverships during 2018.
CONCENTRATION OF CREDIT RISK
Financial instruments that potentially subject the DIF to
concentrations of credit risk are receivables from resolutions.
The repayment of these receivables is primarily influenced by
recoveries on assets held by receiverships and payments on
the covered assets under SLAs.
The majority of the
remaining assets in liquidation ($1.2 billion) and current
shared-loss covered assets ($9.6 billion), which together total
$10.8 billion, are concentrated in commercial loans ($34
million), residential loans ($9.7 billion), and structured
transaction-related assets ($853 million) as described in Note
8. Most of the assets originated from failed institutions
located in California ($7.3 billion), Puerto Rico ($1.1 billion),
and Florida ($898 million).

5. Property and Equipment, Net
Depreciation expense was $51 million and $54 million for
2018 and 2017, respectively. The “Property and equipment,
net” line item on the Balance Sheet consisted of the
following components (dollars in thousands).

FINANCIAL SECTION

103
5

ANNUAL REPORT
DEPOSIT INSURANCE FUND

Land
Buildings (including building and leasehold improvements)
Application software (includes work-in-process)
Furniture, fixtures, and equipment
Accumulated depreciation
Total

December 31 December 31
2018
2017
$
37,352 $
37,352
328,787
325,322
103,543
112,727
66,889
72,384
(208,041)
(213,735)
$
328,530 $
334,050

6. Liabilities Due to Resolutions
As of December 31, 2018 and 2017, the DIF recorded
liabilities totaling $601 million and $1.2 billion, respectively,
to resolution entities representing the agreed-upon value of
assets transferred from the receiverships, at the time of
failure, to the acquirers/bridge institutions for use in funding
the deposits assumed by the acquirers/bridge institutions.
Ninety-seven percent of these liabilities are due to failures
resolved under whole-bank purchase and assumption
transactions, most with an accompanying SLA. The DIF
satisfies these liabilities either by sending cash directly to a
receivership to fund shared-loss and other expenses or by
offsetting receivables from resolutions when a receivership
declares a dividend.
In addition, there were $4 million and $9 million in unpaid
deposit claims related to multiple receiverships as of
December 31, 2018 and 2017, respectively. The DIF pays
these liabilities when the claims are approved.

7. Contingent Liabilities
ANTICIPATED FAILURE OF INSURED INSTITUTIONS
The DIF records a contingent liability and a loss provision for
DIF-insured institutions that are likely to fail when the
liability is probable and reasonably estimable, absent some
favorable event such as obtaining additional capital or
merging. The contingent liability is derived by applying
expected failure rates and loss rates to the institutions based
on supervisory ratings, balance sheet characteristics, and
projected capital levels.
The banking industry’s financial condition and performance
were generally positive in 2018. According to the most
recent quarterly financial data submitted by DIF-insured
institutions, the industry’s capital levels continued to
improve, and the percentage of total loans that were
noncurrent at September 30 fell to its lowest level since
second quarter 2007. The industry reported total net
income of $178.1 billion for the first nine months of 2018, an

104

FINANCIAL SECTION

increase of 27.4 percent over the comparable period one
year ago.
Consistent with the positive performance of the banking
industry, the contingent liability remained relatively stable as
of December 31, 2018 compared to December 31, 2017. The
DIF recorded contingent liabilities totaling $114 million and
$98 million as of December 31, 2018 and 2017, respectively.
In addition to the recorded contingent liabilities, the FDIC
has identified risks in the financial services industry that
could result in additional losses to the DIF, should potentially
vulnerable insured institutions ultimately fail. As a result of
these risks, the FDIC believes that it is reasonably possible
that the DIF could incur additional estimated losses of
approximately $227 million as of December 31, 2018,
compared to $373 million as of year-end 2017. The actual
losses, if any, will largely depend on future economic and
market conditions and could differ materially from this
estimate.
During 2018, no institutions failed. The improvement in
financial performance and condition of the banking industry
of the past year should continue if market conditions remain
favorable.
However, the operating environment poses
several key challenges.
Interest rates have been
exceptionally low for an extended period, and there are signs
of growing credit and liquidity risk. Recently, revenue
growth and net interest margins have benefited from
interest rate hikes; however, margins may be squeezed as
deposit rates begin to increase. Economic conditions that
challenge the banking sector include the potential effect of
increases in interest rates on liquidity and economic activity;
the impact of trade tariffs on economic growth and exports;
the impact of continued weak commodity prices on local
markets; and the risk of market volatility from geopolitical
developments. The FDIC continues to evaluate ongoing risks
to affected institutions in light of existing economic and
financial conditions, and the extent to which such risks may
put stress on the resources of the insurance fund.
LITIGATION LOSSES
The DIF records an estimated loss for unresolved legal cases
to the extent that those losses are considered probable and
reasonably estimable. The FDIC recorded probable litigation
losses of $200 thousand for the DIF as of December 31, 2018
and 2017. In addition, the FDIC has identified no reasonably
possible losses from unresolved cases as of December 31,
2018 and $1 million as of December 31, 2017.

2018
NOTES TO THE FINANCIAL STATEMENTS
8. Other Contingencies
INDYMAC FEDERAL BANK REPRESENTATION AND
INDEMNIFICATION CONTINGENT LIABILITY
On March 19, 2009, the FDIC, as receiver, for IndyMac
Federal Bank (IMFB) and certain subsidiaries (collectively,
Sellers) sold substantially all of the assets, which included
mortgage loans and servicing rights, to OneWest Bank (now
known as CIT Bank) and its affiliates (collectively, Acquirers).
Under the sale agreements, the Acquirers have
indemnification rights to recover losses incurred as a result
of third-party claims and breaches of the Sellers’
representations.
The FDIC, in its corporate capacity,
guaranteed the Sellers’ indemnification obligations under
the sale agreements. Until all indemnification claims are
asserted, quantified and paid, losses could continue to be
incurred by the receivership and indirectly by the DIF.
The unpaid principal balances of loans in the servicing
portfolios sold subject to the Sellers’ indemnification
obligations totaled $171.6 billion at the time of sale. The
IndyMac receivership has paid cumulative claims totaling
$110 million through December 31, 2018 and 2017. There
were no claims accrued as of December 31, 2018 and 2017.
The Acquirers’ rights to submit breach notices as well as
their right to submit claims for reimbursement with respect
to certain third-party claims have passed. However, the
Acquirers retain the right to assert indemnification claims for
losses over the life of those loans for which breach notices or
third-party claim notices were timely submitted. While many
loans are subject to notices of alleged breaches, not all
breach allegations or third-party claims will result in an
indemnifiable loss. In addition, the Acquirers retain the right
to seek reimbursement for losses incurred as a result of
claims alleging breaches of loan seller representations
asserted by Ginnie Mae on or before March 19, 2019 for its
reverse mortgage servicing portfolios. At the time of the
sale to CIT the reverse loans serviced for Ginnie Mae
constituted approximately 2 percent of the reverse servicing
portfolio. Quantifying the contingent liability is subject to a
number of uncertainties, including market conditions, the
occurrence of borrower defaults and resulting foreclosures
and losses, and the possible allocation of certain losses to
the Acquirers. Therefore, because of these uncertainties the
FDIC has determined that, while additional losses are
probable, the amount is not currently estimable.
PURCHASE AND ASSUMPTION INDEMNIFICATION
In connection with purchase and assumption agreements for
resolutions, the FDIC, in its receivership capacity, generally
indemnifies the purchaser of a failed institution’s assets and
liabilities in the event a third party asserts a claim against the
purchaser unrelated to the explicit assets purchased or

liabilities assumed at the time of failure. The FDIC, in its
corporate capacity, is a secondary guarantor if a receivership
is unable to pay. These indemnifications generally extend
for a term of six years after the date of institution failure.
The FDIC is unable to estimate the maximum potential
liability for these types of guarantees as the agreements do
not specify a maximum amount and any payments are
dependent upon the outcome of future contingent events,
the nature and likelihood of which cannot be determined at
this time. During 2018 and 2017, the FDIC, in its corporate
capacity, made no indemnification payments under such
agreements, and no amount has been accrued in the
accompanying financial statements with respect to these
indemnification guarantees.
FDIC
GUARANTEED
DEBT
OF
STRUCTURED
TRANSACTIONS
The FDIC, as receiver, used structured transactions
(securitizations and structured sales of guaranteed notes
(SSGNs) or collectively, “trusts”) to dispose of residential
mortgage loans, commercial loans, and mortgage-backed
securities held by the receiverships.
For these transactions, certain loans or securities from failed
institutions were pooled and transferred into a trust
structure. The trusts issued senior and/or subordinated debt
instruments and owner trust or residual certificates
collateralized by the underlying mortgage-backed securities
or loans.
From March 2010 through March 2013, the receiverships
transferred a portfolio of loans with an unpaid principal
balance of $2.4 billion and mortgage-backed securities with
a book value of $6.4 billion to the trusts. Private investors
purchased the senior notes issued by the trusts for $6.2
billion in cash and the receiverships held the subordinated
debt instruments and owner trust or residual certificates. In
exchange for a fee, the FDIC, in its corporate capacity,
guarantees the timely payment of principal and interest due
on the senior notes, with the last guarantee expected to
terminate in 2022. If the FDIC is required to perform under
its guarantees, it acquires an interest in the cash flows of the
trust equal to the amount of guarantee payments made plus
accrued interest. The subordinated note holders and owner
trust or residual certificate holders receive cash flows from
the trust only after all expenses have been paid, the
guaranteed notes have been satisfied, and the FDIC has
been reimbursed for any guarantee payments.
The following table provides the maximum loss exposure to
the FDIC, as guarantor, total guarantee fees collected,
guarantee fees receivable, and other information related to
the FDIC guaranteed debt for the trusts as of December 31,
2018 and 2017 (dollars in millions).

FINANCIAL SECTION

105
7

ANNUAL REPORT
DEPOSIT INSURANCE FUND
December 31
2018
Number of trusts
Initial
Current

11
8

December 31
2017
11
11

Trust collateral balances
Initial
Current

$
$

8,780 $
1,643 $

8,780
2,169

Guaranteed note balances
Initial
Current (maximum loss exposure)

$
$

6,196 $
404 $

6,196
672

Guarantee fees collected to date

163 $

159

Amounts recognized in Interest
receivable on investments and other
assets, net
Receivable for guarantee fees
$
Receivable for guarantee payments,
$
net

28 $

Amounts recognized in Contingent
liabilities: Guarantee payments and
litigation losses
Contingent liability for guarantee
$
payments

33 $

Amounts recognized in Accounts
payable and other liabilities
Deferred revenue for guarantee feesa $

(a) All guarantee fees are recorded as deferred revenue and recognized as revenue
primarily on a straight-line basis over the term of the notes.

Except as presented above, the DIF records no other
structured transaction-related assets or liabilities on its
balance sheet.
ESTIMATED LOSS FROM GUARANTEE PAYMENTS
Any estimated loss to the DIF from the guarantees is based
on an analysis of the expected guarantee payments by the
FDIC, net of reimbursements to the FDIC for such guarantee
payments. The DIF recorded a contingent liability of $33
million as of December 31, 2018, for estimated payments
under the guarantee for one SSGN transaction, down from
$34 million at December 31, 2017. As guarantor, the FDIC, in
its corporate capacity, is entitled to reimbursement from the
trust for any guarantee payments; therefore a corresponding
receivable has been recorded. The related allowance for loss
on this receivable is $5 million as of December 31, 2018,
reflecting the expected shortfall of proceeds available for

106

FINANCIAL SECTION

reimbursement after liquidation of the SSGN’s underlying
collateral at note maturity, as compared to the $14 million
allowance recorded at year-end 2017. Guarantee payments
are expected to be made at note maturity in December
2020.
For all of the remaining transactions, the estimated cash
flows from the trust assets provide sufficient coverage to
fully pay the debts. To date, the FDIC, in its corporate
capacity, has not provided, and does not intend to provide,
any form of financial or other type of support for structured
transactions that it was not previously contractually required
to provide.

9. Assessments
The FDIC deposit insurance assessment system is mandated
by section 7 of the FDI Act and governed by part 327 of title
12 of the Code of Federal Regulations (12 CFR Part 327).
The risk-based system requires the payment of quarterly
assessments by all IDIs.
In response to the Dodd-Frank Act, the FDIC implemented
several changes to the assessment system, amended its
Restoration Plan (which is required when the ratio of the DIF
balance to estimated insured deposits, or reserve ratio, is
below the statutorily mandated minimum), and developed a
comprehensive, long-term fund management plan. The plan
is designed to restore and maintain a positive fund balance
for the DIF even during a banking crisis and achieve
moderate, steady assessment rates throughout any
economic cycle. Summarized below are actions taken to
implement requirements of the Dodd-Frank Act and
provisions of the comprehensive, long-term fund
management plan.
• The FDIC amended the Restoration Plan, which was
intended to ensure that the reserve ratio reaches 1.35
percent by September 30, 2020, as required by the
Dodd-Frank Act, in lieu of the previous statutory
minimum of 1.15 percent by the end of 2016. While
under the restoration plan, the FDIC updates, at least
semiannually, its loss and income projections for the
fund and, if needed, increases or decreases
assessment rates, following notice-and-comment
rulemaking, if required.
• The FDIC Board of Directors designates a reserve ratio
for the DIF and publishes the designated reserve ratio
(DRR) before the beginning of each calendar year, as
required by the FDI Act. Accordingly, in December
2018, the FDIC published a notice maintaining the

2018
NOTES TO THE FINANCIAL STATEMENTS
DRR at 2 percent for 2019. The DRR is an integral
part of the FDIC’s comprehensive, long-term
management plan for the DIF and is viewed as a longrange, minimum target for the reserve ratio.
• The FDIC adopted a final rule that suspends dividends
indefinitely, and, in lieu of dividends, adopts lower
assessment rate schedules when the reserve ratio
reaches 1.15 percent, 2 percent, and 2.5 percent.
The Dodd-Frank Act requires that the FDIC offset the effect
of increasing the minimum reserve ratio from 1.15 percent to
1.35 percent on small banks.
To implement this
requirement, the FDIC imposed a surcharge to the regular
quarterly assessments of IDIs with $10 billion or more in
total consolidated assets (larger institutions), beginning with
the quarter ending September 30, 2016. Pursuant to a final
rule published in March 2016:
• The surcharge generally equals an annual rate of 4.5
basis points applied to a larger institution’s regular
quarterly assessment base (with certain adjustments).
• The FDIC will provide assessment credits, as described
in 12 CFR 327.11(c)(4), to institutions with less than
$10 billion in total assets (small banks) for the portion
of their assessments that contributed to the growth in
the reserve ratio between 1.15 percent and 1.35
percent to ensure that the effect of reaching 1.35
percent is fully borne by the larger institutions.
As of September 30, 2018, the reserve ratio of the DIF
exceeded the required minimum of 1.35 percent by reaching
1.36 percent. As a result, the requirements of the amended
Restoration Plan were achieved and the surcharge
assessment on large banks ended effective October 1, 2018.
The total amount of small bank assessment credits is $765
million. In each quarter that the reserve ratio is at or above
1.38 percent, the FDIC will automatically apply a small bank’s
credits to reduce its regular assessment up to the entire
amount of the assessment, until credits are exhausted.
The reserve ratio as of December 31, 2018, is not yet known,
and it is uncertain whether the fourth quarter reserve ratio
will be at least 1.38 percent. The year-end 2018 assessment
receivable and related assessment revenue have not been
reduced for the potential use of small bank assessment
credits since it is only reasonably possible the small bank
credits will be applied against fourth quarter assessments.
The reserve ratio for December 31, 2018, will be determined
before the fourth quarter assessments are billed and
collected at the end of the first quarter of 2019. If the
reserve ratio is at least 1.38 percent, then the FDIC expects
that approximately $305 million in assessment credits will be

applied against the first quarter collection in 2019, with an
equal reduction to revenue at that time.
If the reserve ratio falls below 1.35 percent in the future, the
FDIC would again establish and implement a restoration
plan; however, under the FDI Act, the FDIC would have 8
years to restore the reserve ratio to the 1.35 percent
minimum, and possibly longer if the Board finds that
extraordinary circumstances warrant a longer time period [12
U.S.C. 1817(b)(3)(E)]. The FDIC must also establish and
implement a restoration plan if the FDIC determines the
DIF’s reserve ratio will, within 6 months of such
determination, fall below 1.35 percent [12 U.S.C.
1817(b)(3)(E)(i)].
ASSESSMENT REVENUE
Annual assessment rates averaged approximately 7.2 cents
per $100 of the assessment base through September 30,
2018. Annual assessment rates averaged approximately 3.5
cents per $100 for the fourth quarter of 2018, reflecting the
end of surcharges on larger institutions beginning October
1, 2018. Annual assessment rates averaged approximately
7.2 cents per $100 of the assessment base during 2017. The
assessment base is generally defined as average
consolidated total assets minus average tangible equity
(measured as Tier 1 capital) of an IDI during the assessment
period.
The “Assessments receivable” line item on the Balance Sheet
of $1.4 billion and $2.6 billion represents the estimated
premiums due from IDIs for the fourth quarter of 2018 and
2017, respectively. The actual deposit insurance assessments
for the fourth quarter of 2018 will be billed and collected at
the end of the first quarter of 2019. During 2018 and 2017,
$9.5 billion and $10.6 billion, respectively, were recognized
as assessment revenue from institutions, including $3.8
billion and $4.9 billion in surcharges from large IDIs in 2018
and 2017, respectively. In total, surcharges of $11.2 billion
were collected over nine quarters.
PENDING LITIGATION FOR UNDERPAID ASSESSMENTS
On January 9, 2017, the FDIC filed suit in the United States
District Court for the District of Columbia (and amended this
complaint on April 7, 2017), alleging that Bank of America,
N.A. (BoA) underpaid its insurance assessments for multiple
quarters based on the underreporting of counterparty
exposures. In total, the FDIC alleges that BoA underpaid
insurance assessments by $1.12 billion, including interest for
the quarters ending March 2012 through December 2014.
The FDIC invoiced BoA for $542 million and $583 million
representing claims in the initial suit and the amended
complaint, respectively. BoA has failed to pay these past due
amounts. Pending resolution of this matter, BoA has fully
pledged security with a third-party custodian pursuant to a

FINANCIAL SECTION

107
9

ANNUAL REPORT
DEPOSIT INSURANCE FUND
security agreement with the FDIC. As of December 31, 2018,
the total amount of unpaid assessments (including accrued
interest) was $1.16 billion. For the years ending December
31, 2018 and 2017, the impact of this litigation is not
reflected in the financial statements of the DIF.
RESERVE RATIO
As of September 30, 2018 and December 31, 2017, the DIF
reserve ratio was 1.36 percent and 1.30 percent, respectively.
ASSESSMENTS RELATED TO FICO
Assessments are levied on institutions for payments of the
interest on bond obligations issued by the Financing
Corporation (FICO). The final FICO assessment is estimated
to be collected in March 2019 pursuant to a final rule issued
in December 2018 by the Federal Housing Finance Agency,
the agency authorized by Congress to prescribe regulations
relating to the FICO. The FICO was established as a mixedownership government corporation to function solely as a
financing vehicle for the former FSLIC. The FICO assessment
has no financial impact on the DIF and is separate from
deposit insurance assessments. The FDIC, as administrator
of the DIF, acts solely as a collection agent for the FICO.
Interest obligations collected and remitted to the FICO as of
December 31, 2018 and 2017, were $460 million and $760
million, respectively.

11. Provision for Insurance Losses
The provision for insurance losses was a negative $563
million for 2018, compared to negative $183 million for
2017. The negative provision for 2018 primarily resulted
from a $570 million decrease to the estimated losses for
prior year failures.
As described in Note 4, the estimated recoveries from assets
held by receiverships and estimated payments related to
assets sold by receiverships to acquiring institutions under
shared-loss agreements (SLAs) are used to derive the loss
allowance on the receivables from resolutions. Summarized
below are the three primary components that comprise the
majority of the decrease in estimated losses for prior year
failures.
•

Receivership shared-loss liability cost estimates
decreased $186 million primarily due to lowerthan-anticipated losses on covered assets,
reductions in shared-loss cost estimates from the
early termination of SLAs during the year, and
unanticipated recoveries from SLAs where the
commercial loss coverage has expired but the
recovery period remains active.

•

Estimated recoveries from residual certificates
retained by receiverships for structured transactions
of $172 million were recognized in 2018 as
uncertainties regarding collection have diminished.
The likelihood of collection has increased given that
the majority of the senior notes are at least 92
percent amortized as of year-end 2018 and all are
projected to be fully paid within one to three years.
The residual certificates will receive cash from the
trust once the senior notes have been fully satisfied.

•

Receiverships
received
$130
million
of
unanticipated recoveries from tax refunds, litigation
settlements, and professional liability claims. These
recoveries are typically not recognized in the
allowance for loss estimate until the cash is
received by receiverships, or collectability is
assured, since significant uncertainties surround
their recovery.

10. Operating Expenses
The “Operating expenses” line item on the Statement of
Income and Fund Balance consisted of the following
components (dollars in thousands).

Salaries and benefits

December 31

2018

2017

1,221,138 $

1,222,793

268,693

265,514

Travel

89,443

88,786

Buildings and leased space

86,795

88,465

Software/Hardware maintenance

83,276

77,911

Depreciation of property and equipment

51,316

53,639

Outside services

Other
Subtotal
Less: Expenses billed to resolution entities and others
Total

108

26,362
1,823,470

(62,579)
$

FINANCIAL SECTION

26,666
1,827,327
1,764,748 $

(84,075)
1,739,395

2018
NOTES TO THE FINANCIAL STATEMENTS
12. Employee Benefits
PENSION BENEFITS AND SAVINGS PLANS
Eligible FDIC employees (permanent and term employees
with appointments exceeding one year) are covered by the
federal government retirement plans, either the Civil Service
Retirement System (CSRS) or the Federal Employees
Retirement System (FERS). Although the DIF contributes a
portion of pension benefits for eligible employees, it does
not account for the assets of either retirement system. The
DIF also does not have actuarial data for accumulated plan
benefits or the unfunded liability relative to eligible
employees. These amounts are reported on and accounted
for by the U.S. Office of Personnel Management (OPM).
Under the Federal Thrift Savings Plan (TSP), the FDIC
provides FERS employees with an automatic contribution of
1 percent of pay and an additional matching contribution up
to 4 percent of pay. CSRS employees also can contribute to
the TSP, but they do not receive agency matching
contributions. Eligible FDIC employees may also participate
in an FDIC-sponsored tax-deferred 401(k) savings plan with
an automatic contribution of 1 percent of pay and an
additional matching contribution up to 4 percent of pay.
The expenses for these plans are presented in the table
below (dollars in thousands).

Civil Service Retirement System
Federal Employees Retirement System (Basic Benefit)
Federal Thrift Savings Plan
FDIC Savings Plan
Total

December 31 December 31
2018
2017
$
2,089 $
2,644
111,926
111,228
35,564
35,180
39,466
39,004
$
189,045 $
188,056

POSTRETIREMENT BENEFITS OTHER THAN PENSIONS
The DIF has no postretirement health insurance liability since
all eligible retirees are covered by the Federal Employees
Health Benefits (FEHB) program. The FEHB is administered
and accounted for by the OPM. In addition, OPM pays the
employer share of the retiree’s health insurance premiums.
The FDIC provides certain life and dental insurance coverage
for its eligible retirees, the retirees’ beneficiaries, and
covered dependents. Retirees eligible for life and dental
insurance coverage are those who have qualified due to (1)
immediate enrollment upon appointment or five years of
participation in the plan and (2) eligibility for an immediate
annuity. The life insurance program provides basic coverage
at no cost to retirees and allows converting optional
coverage to direct-pay plans. For the dental coverage,
retirees are responsible for a portion of the premium.

The FDIC has elected not to fund the postretirement life and
dental benefit liabilities. As a result, the DIF recognized the
underfunded status (the difference between the
accumulated postretirement benefit obligation and the plan
assets at fair value) as a liability. Since there are no plan
assets, the plan’s benefit liability is equal to the accumulated
postretirement benefit obligation.
Postretirement benefit obligation, gain and loss, and
expense information included in the Balance Sheet and
Statement of Income and Fund Balance are summarized as
follows (dollars in thousands).

December 31
2018
Accumulated postretirement benefit obligation
recognized in Postretirement benefit liability
Amounts recognized in accumulated other
comprehensive income: Unrealized postretirement
benefit (loss)
Cumulative net actuarial loss
Prior service cost
Total
Amounts recognized in other comprehensive income:
Unrealized postretirement benefit gain (loss)
Actuarial gain (loss)
Prior service credit
Total
Net periodic benefit costs recognized in Operating
expenses
Service cost
Interest cost
Net amortization out of other comprehensive
income
Total

December 31
2017

235,935 $

259,316

(13,155) $
(385)
(13,540) $

(44,630)
(960)
(45,590)

31,475 $
575
32,050 $

(20,418)
575
(19,843)

4,625 $
9,334

4,098
9,241

2,064
16,023 $

654
13,993

$
$

Expected amortization of accumulated other comprehensive
income into net periodic benefit cost over the next year is
shown in the table below (dollars in thousands).

December 31, 2019
Prior service costs
Net actuarial loss
Total

$
$

FINANCIAL SECTION

385
0
385

109
11

ANNUAL REPORT
DEPOSIT INSURANCE FUND
The annual postretirement contributions and benefits paid
are included in the table below (dollars in thousands).

Employer contributions
Plan participants' contributions
Benefits paid

December 31
December 31
2018
2017
$
7,354 $
6,720
$
846 $
788
$
(8,200) $
(7,508)

The expected contributions for the year ending December
31, 2019, are $9 million. Expected future benefit payments
for each of the next 10 years are presented in the following
table (dollars in thousands).
2019
$7,885

2020
$8,448

2021
$9,004

2022
$9,575

2023
$10,164

2024-2028
$59,735

Assumptions used to determine the amount of the
accumulated postretirement benefit obligation and the net
periodic benefit costs are summarized as follows.

Discount rate for future benefits (benefit obligation)
Rate of compensation increase
Discount rate (benefit cost)
Dental health care cost-trend rate
Assumed for next year
Ultimate
Year rate will reach ultimate

December 31 December 31
2018
2017
4.81%
4.03%
3.49%
3.44%
4.03%
4.67%

3.80%
3.80%
2019

4.00%
4.00%
2018

13. Commitments and Off-Balance-Sheet Exposure
COMMITMENTS:
Leased Space
The DIF leased space expense totaled $44 million for 2018
and 2017. The FDIC’s lease commitments total $127 million
for future years. The lease agreements contain escalation
clauses resulting in adjustments, usually on an annual basis.
Future minimum lease commitments are as follows (dollars
in thousands).

2019

2020

2021

2022

2023

2024/Thereafter

$42,835

$29,795

$21,580

$11,816

$10,115

$10,432

OFF-BALANCE-SHEET EXPOSURE:
Deposit Insurance
Estimates of insured deposits are derived primarily from
quarterly financial data submitted by IDIs to the FDIC and
represent the accounting loss that would be realized if all
IDIs were to fail and the acquired assets provided no
recoveries. As of September 30, 2018 and December 31,
2017, estimated insured deposits for the DIF were $7.4
trillion and $7.2 trillion, respectively.

14. Fair Value of Financial Instruments
Financial assets recognized and measured at fair value on a
recurring basis at each reporting date include cash
equivalents (see Note 2) and the investment in U.S. Treasury
securities (see Note 3). Other financial assets and liabilities,
measured at amortized cost, are the receivables from
resolutions, assessments receivable, interest receivable on
investments, other short-term receivables, and accounts
payable and other liabilities. The DIF’s financial assets
measured at fair value consisted of the following
components (dollars in millions).
December 31, 2018

Assets
Cash equivalents1
Available-for-Sale Debt Securities
Investment in U.S. Treasury securities2
Total Assets

Quoted Prices in
Active Markets for Significant Other
Significant
Identical Assets Observable Inputs Unobservable Inputs Total Assets
(Level 1)
(Level 2)
(Level 3)
at Fair Value
$

5,739

92,708
98,447 $

0 $

5,739

0 $

92,708
98,447

(1) Cash equivalents are Special U.S. Treasury Certificates with overnight maturities valued
at prevailing interest rates established by the Treasury’s Bureau of the Fiscal Service.
(2) The investment in U.S. Treasury securities is measured based on prevailing market yields
for federal government entities.

December 31, 2017

Quoted Prices in
Active Markets for Significant Other
Significant
Identical Assets Observable Inputs Unobservable Inputs Total Assets
(Level 1)
(Level 2)
(Level 3)
at Fair Value

Assets
Cash equivalents1
Available-for-Sale Debt Securities
Investment in U.S. Treasury securities2
Total Assets

1,820

83,303
85,123 $

0 $

1,820

0 $

83,303
85,123

110

FINANCIAL SECTION

2018
NOTES TO THE FINANCIAL STATEMENTS
15. Information Relating to the Statement of Cash Flows

16. Subsequent Events

The following table presents a reconciliation of net income
to net cash from operating activities (dollars in thousands).

Subsequent events have been evaluated through February 7,
2019, the date the financial statements are available to be
issued. Based on management’s evaluation, there were no
subsequent events requiring disclosure.

December 31
2018
Operating Activities
Net Income:
$ 9,965,566 $
Adjustments to reconcile net income to net cash provided
by operating activities:
Amortization of U.S. Treasury securities
246,725
Treasury Inflation-Protected Securities inflation adjustment
(2,980)
Depreciation on property and equipment
51,316
(Gain) loss on retirement of property and equipment
(524)
Provision for insurance losses
(562,622)
Unrealized gain (loss) on postretirement benefits
32,050
Change in Assets and Liabilities:
Decrease in assessments receivable
(Increase) Decrease in interest receivable and other assets
Decrease in receivables from resolutions
(Decrease) in accounts payable and other liabilities
(Decrease) Increase in postretirement benefit liability
(Decrease) Increase in contingent liabilities guarantee payments and litigation losses
(Decrease) in liabilities due to resolutions
Net Cash Provided by Operating Activities

1,258,045
(43,889)
3,493,375
(38,899)
(23,381)
(904)
(598,484)
$ 13,775,394 $

December 31
2017
10,105,456

543,445
(8,564)
53,639
386
(183,149)
(19,843)

31,881
21,171
1,620,258
(1,352)
27,116
31,927
(870,115)
11,352,256

FINANCIAL SECTION

111
13

ANNUAL REPORT
FSLIC RESOLUTION FUND (FRF)
Federal Deposit Insurance Corporation

FSLIC Resolution Fund Balance Sheet

As of December 31

2018

(Dollars in Thousands)

2017

ASSETS
Cash and cash equivalents

Other assets, net
Total Assets

901,562 $
746

885,380
497

902,308 $

885,877

9 $

Contributed capital

125,489,317

Accumulated deficit

(124,587,018)

(124,603,532)

LIABILITIES
Accounts payable and other liabilities
Total Liabilities
RESOLUTION EQUITY (NOTE 5)

Total Resolution Equity
Total Liabilities and Resolution Equity
The accompanying notes are an integral part of these financial statements.

112

FINANCIAL SECTION

902,299

885,785

902,308 $

885,877

2018
FSLIC RESOLUTION FUND (FRF)
Federal Deposit Insurance Corporation

FSLIC Resolution Fund Statement of Income and Accumulated Deficit

For the Years Ended December 31

2018

(Dollars in Thousands)

2017

REVENUE
Interest on U.S. Treasury securities

Other revenue
Total Revenue

15,818 $

7,065

808

764

16,626

7,829

425

562

(313)

EXPENSES AND LOSSES
Operating expenses
Losses related to thrift resolutions (Note 6)
Total Expenses and Losses
Net Income
Accumulated Deficit - Beginning
Accumulated Deficit - Ending

112

583

16,514

7,246

(124,603,532)

(124,610,778)

(124,587,018) $

(124,603,532)

The accompanying notes are an integral part of these financial statements.

FINANCIAL SECTION

113

ANNUAL REPORT
FSLIC RESOLUTION FUND (FRF)
Federal Deposit Insurance Corporation

FSLIC Resolution Fund Statement of Cash Flows

For the Years Ended December 31

2018

(Dollars in Thousands)

2017

OPERATING ACTIVITIES
Provided by:
Interest on U.S. Treasury securities

Recovery of tax benefits
Recoveries from thrift resolutions
Miscellaneous receipts

15,818 $

7,065

3,750

832

1,001

(452)

(555)

(19)

(59)

Used by:
Operating expenses
Miscellaneous disbursements
Net Cash Provided by Operating Activities

16,182

11,206

Net Increase in Cash and Cash Equivalents

16,182

11,206

885,380

874,174

901,562 $

885,380

Cash and Cash Equivalents - Beginning
Cash and Cash Equivalents - Ending
The accompanying notes are an integral part of these financial statements.

114

FINANCIAL SECTION

2018
FSLIC RESOLUTION FUND

NOTES TO THE FINANCIAL STATEMENTS
December 31, 2018 and 2017
1.

Operations/Dissolution of the FSLIC Resolution Fund

OVERVIEW
The Federal Deposit Insurance Corporation (FDIC) is the
independent deposit insurance agency created by Congress
in 1933 to maintain stability and public confidence in the
nation’s banking system. Provisions that govern the FDIC’s
operations are generally found in the Federal Deposit
Insurance (FDI) Act, as amended (12 U.S.C. 1811, et seq). In
accordance with the FDI Act, the FDIC, as administrator of
the Deposit Insurance Fund (DIF), insures the deposits of
banks and savings associations (insured depository
institutions). In cooperation with other federal and state
agencies, the FDIC promotes the safety and soundness of
insured depository institutions (IDIs) by identifying,
monitoring, and addressing risks to the DIF.
In addition to being the administrator of the DIF, the FDIC is
the administrator of the FSLIC Resolution Fund (FRF). As
such, the FDIC is responsible for the sale of remaining assets
and satisfaction of liabilities associated with the former
Federal Savings and Loan Insurance Corporation (FSLIC) and
the former Resolution Trust Corporation (RTC). The FDIC
maintains the DIF and the FRF separately to support their
respective functions.
The FSLIC was created through the enactment of the
National Housing Act of 1934. The Financial Institutions
Reform, Recovery, and Enforcement Act of 1989 (FIRREA)
abolished the insolvent FSLIC and created the FRF. At that
time, the assets and liabilities of the FSLIC were transferred
to the FRF – except those assets and liabilities transferred to
the newly created RTC – effective on August 9, 1989.
Further, the FIRREA established the Resolution Funding
Corporation (REFCORP) to provide part of the initial funds
used by the RTC for thrift resolutions by authorizing
REFCORP to issue debt obligations. The REFCORP issued
debt obligations in the form of long-term bonds ranging in
maturity from 2019 to 2030.
The RTC Completion Act of 1993 terminated the RTC as of
December 31, 1995. All remaining assets and liabilities of
the RTC were transferred to the FRF on January 1, 1996.
Today, the FRF consists of two distinct pools of assets and
liabilities: one composed of the assets and liabilities of the
FSLIC transferred to the FRF upon the dissolution of the
FSLIC (FRF-FSLIC), and the other composed of the RTC assets
and liabilities (FRF-RTC). The assets of one pool are not
available to satisfy obligations of the other.

OPERATIONS/DISSOLUTION OF THE FRF
The FRF will continue operations until all of its assets are
sold or otherwise liquidated and all of its liabilities are
satisfied. Any funds remaining in the FRF-FSLIC will be paid
to the U.S. Treasury. Any remaining funds of the FRF-RTC
will be distributed to the REFCORP to pay interest on the
REFCORP bonds. In addition, the FRF-FSLIC has available
until expended $602 million in appropriations to facilitate, if
required, efforts to wind up the resolution activity of the
FRF-FSLIC.
The FDIC has extensively reviewed and cataloged the FRF's
remaining assets and liabilities. Some of the unresolved
issues are:
•

criminal restitution orders (generally have from 1 to
21 years remaining to enforce);

•

collections of judgments obtained against officers
and directors and other professionals responsible
for causing or contributing to thrift losses
(generally have up to 10 years remaining to
enforce, unless the judgments are renewed or are
covered by the Federal Debt Collections Procedures
Act, which will result in significantly longer periods
for collection of some judgments);

•

liquidation/disposition of residual assets purchased
by the FRF from terminated receiverships;

•

one remaining issue related to assistance
agreements entered into by the former FSLIC (FRF
could continue to receive or refund overpayments
of tax benefits sharing in future years);

•

a potential tax liability associated with a fully
adjudicated goodwill litigation case (see Note 3);
and

•

Affordable
Housing
Disposition
Program
monitoring (the last agreement expires no later
than 2045; see Note 4).

The FRF could realize recoveries from tax benefits sharing,
criminal restitution orders, and professional liability claims.
However, any potential recoveries are not reflected in the
FRF’s financial statements, given the significant uncertainties
surrounding the ultimate outcome.

FINANCIAL SECTION

115
1

ANNUAL REPORT
FSLIC RESOLUTION FUND
On April 1, 2014, the FDIC concluded its role as receiver, on
behalf of the FRF, when the last active receivership was
terminated. In total, 850 receiverships were liquidated by
the FRF and the RTC. To facilitate receivership terminations,
the FRF, in its corporate capacity, acquired the remaining
receivership assets that could not be liquidated during the
life of the receiverships due to restrictive clauses and other
impediments. These assets are included in the “Other assets,
net” line item on the Balance Sheet.

estimates will cause a material change in the financial
statements in the near term, the nature and extent of such
potential changes in estimates have been disclosed. The
estimates for other assets, goodwill litigation, and
guarantees are considered significant.
CASH EQUIVALENTS
Cash equivalents are short-term, highly liquid investments
consisting primarily of U.S. Treasury Overnight Certificates.

During the years of receivership activity, the assets held by
receivership entities, and the claims against them, were
accounted for separately from the FRF’s assets and liabilities
to ensure that receivership proceeds were distributed in
accordance with applicable laws and regulations. Also, the
income and expenses attributable to receiverships were
accounted for as transactions of those receiverships. The
FDIC, as administrator of the FRF, billed receiverships for
services provided on their behalf.

RELATED PARTIES
The nature of related parties and a description of related
party transactions are discussed in Note 1 and disclosed
throughout the financial statements and footnotes.

3. Goodwill Litigation

Summary of Significant Accounting Policies

GENERAL
The financial statements include the financial position,
results of operations, and cash flows of the FRF and are
presented in accordance with U.S. generally accepted
accounting principles (GAAP).
During the years of
receivership activity, these statements did not include
reporting for assets and liabilities of receivership entities
because these entities were legally separate and distinct, and
the FRF did not have any ownership or beneficial interest in
them.
The FRF is a limited-life entity, however, it does not meet the
requirements for presenting financial statements using the
liquidation basis of accounting. According to Accounting
Standards Codification Topic 205, Presentation of Financial
Statements, a limited-life entity should apply the liquidation
basis of accounting only if a change in the entity’s governing
plan has occurred since its inception. By statute, the FRF is a
limited-life entity whose dissolution will occur upon the
satisfaction of all liabilities and the disposition of all
assets. No changes to this statutory plan have occurred
since inception of the FRF.
USE OF ESTIMATES
The preparation of the financial statements in conformity
with GAAP requires management to make estimates and
assumptions that affect the reported amounts of assets and
liabilities, revenue and expenses, and disclosure of
contingent liabilities. Actual results could differ from these
estimates. Where it is reasonably possible that changes in

116

APPLICATION OF RECENT ACCOUNTING STANDARDS
Recent accounting pronouncements have been deemed not
applicable or material to the financial statements as
presented.

In United States v. Winstar Corp., 518 U.S. 839 (1996), the
Supreme Court held that when it became impossible
following the enactment of FIRREA in 1989 for the federal
government to perform certain agreements to count
goodwill toward regulatory capital, the plaintiffs were
entitled to recover damages from the United States. The
contingent liability associated with the nonperformance of
these agreements was transferred to the FRF on August 9,
1989, upon the dissolution of the FSLIC.
The FRF can draw from an appropriation provided by Section
110 of the Department of Justice Appropriations Act, 2000
(Public Law 106-113, Appendix A, Title I, 113 Stat. 1501A-3,
1501A-20), such sums as may be necessary for the payment
of judgments and compromise settlements in the goodwill
litigation. This appropriation is to remain available until
expended. Because an appropriation is available to pay such
judgments and settlements, any estimated liability for
goodwill litigation will have a corresponding receivable from
the U.S. Treasury and therefore have no net impact on the
financial condition of the FRF.
The last remaining goodwill case was resolved in 2015.
However, for another case fully adjudicated in 2012, an
estimated loss of $5 million as of December 31, 2018,
compared to $8 million as of year-end 2017, for the courtordered reimbursement of potential tax liabilities to the
plaintiff is reasonably possible.

FINANCIAL SECTION

2018
NOTES TO THE FINANCIAL STATEMENTS
The FRF-FSLIC paid goodwill litigation expenses incurred by
the Department of Justice (DOJ), the entity that defended
these lawsuits against the United States, based on a
Memorandum of Understanding (MOU) dated October 2,
1998, between the FDIC and the DOJ. These expenses were
paid in advance by the FRF-FSLIC and any unused funds
were carried over by the DOJ and applied toward the next
fiscal year charges. The DOJ has returned all unused funds
except for $250 thousand retained to cover future
administrative expenses.

maximum potential exposure to the FRF cannot be
estimated as it is contingent upon future legal proceedings.
However, loss mitigation factors include: (1) the
indemnification may become void if the FDIC is not
immediately informed upon receiving notice of any legal
proceedings and (2) the FDIC is entitled to reimbursement of
any legal expenses incurred for successful litigation against a
property owner. AHDP guarantees will continue until the
termination of the last LURA, or 2045 (whichever occurs first).
As of December 31, 2018 and 2017, no contingent liability
for this indemnification has been recorded.

4. Guarantees
5. Resolution Equity
FANNIE MAE GUARANTEE
On May 21, 2012, the FDIC, in its capacity as administrator of
the FRF, entered into an agreement with Fannie Mae for the
release of $13 million of credit enhancement reserves to the
FRF in exchange for indemnifying Fannie Mae from all future
losses incurred on 76 multi-family mortgage loans. The
former RTC had previously supplied Fannie Mae with the
credit enhancement reserves to cover future losses on these
mortgage loans through 2020. Based on the most current
data available, as of September 30, 2018, the maximum
exposure on this indemnification is the current unpaid
principal balance of the remaining 9 multi-family loans
totaling $288 thousand. Based on a contingent liability
assessment of this portfolio as of September 30, 2018, the
majority of the loans are at least 94 percent amortized, and
all are scheduled to mature within one to two years. Since
all of the loans are performing and no losses have occurred
since 2001, future payments on this indemnification are not
expected. No contingent liability for this indemnification has
been recorded as of December 31, 2018 and 2017.
AFFORDABLE HOUSING DISPOSITION PROGRAM
Required by FIRREA under section 501, the Affordable
Housing Disposition Program (AHDP) was established in
1989 to ensure the preservation of affordable housing for
low-income households.
The FDIC, in its capacity as
administrator of the FRF-RTC, assumed responsibility for
monitoring property owner compliance with land use
restriction agreements (LURAs). To enforce the property
owners’ LURA obligation, the RTC, prior to its dissolution,
entered into Memoranda of Understanding with 34
monitoring agencies to oversee these LURAs.
As of
December 31, 2018, 24 monitoring agencies oversee these
LURAs. The FDIC, through the FRF, has agreed to indemnify
the monitoring agencies for all losses related to LURA legal
enforcement proceedings.

As stated in the Overview section of Note 1, the FRF is
composed of two distinct pools: the FRF-FSLIC and the FRFRTC. The FRF-FSLIC consists of the assets and liabilities of
the former FSLIC. The FRF-RTC consists of the assets and
liabilities of the former RTC. Pursuant to legal restrictions,
the two pools are maintained separately and the assets of
one pool are not available to satisfy obligations of the other.
Contributed capital, accumulated deficit, and resolution
equity consisted of the following components by each pool
(dollars in thousands).
December 31, 2018
FRF-FSLIC
Contributed capital beginning

43,864,980 $

FRF-RTC

FRF
Consolidated

81,624,337 $

125,489,317

Contributed capital ending

43,864,980

81,624,337

125,489,317

Accumulated deficit

(43,006,464)

(81,580,554)

(124,587,018)

Total Resolution
Equity

858,516 $

43,783 $

902,299

December 31, 2017
FRF-FSLIC
Contributed capital beginning

43,864,980 $

FRF-RTC

FRF
Consolidated

81,624,337 $

125,489,317

Contributed capital ending

43,864,980

81,624,337

125,489,317

Accumulated deficit

(43,022,301)

(81,581,231)

(124,603,532)

Total Resolution
Equity

842,679 $

43,106 $

Since 2006, the FDIC entered into two litigations against
property owners and paid $23 thousand in legal expenses,
which was fully reimbursed due to successful litigation. The
FINANCIAL SECTION

885,785

117
3

ANNUAL REPORT
FSLIC RESOLUTION FUND
CONTRIBUTED CAPITAL
The FRF-FSLIC and the former RTC received $43.5 billion and
$60.1 billion from the U.S. Treasury, respectively, to fund
losses from thrift resolutions prior to July 1, 1995.
Additionally, the FRF-FSLIC issued $670 million in capital
certificates to the Financing Corporation (a mixed-ownership
government corporation established to function solely as a
financing vehicle for the FSLIC) and the RTC issued $31.3
billion of these instruments to the REFCORP. FIRREA
prohibited the payment of dividends on any of these capital
certificates. Through December 31, 2018, the FRF-FSLIC
received a total of $2.3 billion in goodwill appropriations, the
effect of which increased contributed capital.

7. Fair Value of Financial Instruments
At December 31, 2018 and 2017, the FRF’s financial assets
measured at fair value on a recurring basis are cash
equivalents (see Note 2) of $857 million and $842 million,
respectively. Cash equivalents are Special U.S. Treasury
Certificates with overnight maturities valued at prevailing
interest rates established by the U.S. Treasury’s Bureau of the
Fiscal Service. The valuation is considered a Level 1
measurement in the fair value hierarchy, representing
quoted prices in active markets for identical assets.

8. Information Relating to the Statement of Cash Flows
Through December 31, 2018, the FRF-RTC had returned $4.6
billion to the U.S. Treasury and made payments of $5.1
billion to the REFCORP. The most recent payment to the
REFCORP was in July of 2013 for $125 million. In addition,
the FDIC returned $2.6 billion to the U.S. Treasury on behalf
of the FRF-FSLIC in 2013. These actions reduced contributed
capital.
ACCUMULATED DEFICIT
The accumulated deficit represents the cumulative excess of
expenses and losses over revenue for activity related to the
FRF-FSLIC and the FRF-RTC. Approximately $29.8 billion and
$87.9 billion were brought forward from the former FSLIC
and the former RTC on August 9, 1989, and January 1, 1996,
respectively. Since the dissolution dates, the FRF-FSLIC
accumulated deficit increased by $13.2 billion, whereas the
FRF-RTC accumulated deficit decreased by $6.3 billion.

The following table presents a reconciliation of net income
to net cash from operating activities (dollars in thousands).
December 31

December 31

2018

2017

Operating Activities
Net Income:
Change in Assets and
Liabilities:
(Increase) Decrease in
other assets
(Decrease) Increase in
accounts payable and
other liabilities
Net Cash Provided by
Operating Activities

16,514 $

7,246

(249)

3,894

(83)

16,182 $

11,206

6. Losses Related to Thrift Resolutions
Losses related to thrift resolutions represent changes in the
estimated losses on assets acquired from terminated
receiverships, as well as expenses for the disposition and
administration of these assets. These losses were negative
$313 thousand for 2018, compared to a positive $21
thousand for 2017.

118

FINANCIAL SECTION

9. Subsequent Events
Subsequent events have been evaluated through February 7,
2019, the date the financial statements are available to be
issued. Based on management’s evaluation, there were no
subsequent events requiring disclosure.

2018
GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT
441 G St. N.W.
Washington, DC 20548

Independent Auditor’s Report
To the Board of Directors
The Federal Deposit Insurance Corporation
In our audits of the 2018 and 2017 financial statements of the Deposit Insurance Fund (DIF) and
of the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund (FRF), both of
which are administered by the Federal Deposit Insurance Corporation (FDIC),1 we found
•

the financial statements of the DIF and of the FRF as of and for the years ended
December 31, 2018, and 2017, are presented fairly, in all material respects, in accordance
with U.S. generally accepted accounting principles;

•

FDIC maintained, in all material respects, effective internal control over financial reporting
relevant to the DIF and to the FRF as of December 31, 2018; and

•

with respect to the DIF and to the FRF, no reportable noncompliance for 2018 with
provisions of applicable laws, regulations, contracts, and grant agreements we tested.

The following sections discuss in more detail (1) our report on the financial statements and on
internal control over financial reporting and other information included with the financial
statements;2 (2) our report on compliance with laws, regulations, contracts, and grant
agreements; and (3) agency comments.
Report on the Financial Statements and on Internal Control over Financial Reporting
In accordance with Section 17 of the Federal Deposit Insurance Act, as amended,3 and the
Government Corporation Control Act,4 we have audited the financial statements of the DIF and
of the FRF, both of which are administered by FDIC. The financial statements for the DIF
comprise the balance sheets as of December 31, 2018, and 2017; the related statements of
income and fund balance and of cash flows for the years then ended; and the related notes to
the financial statements. The financial statements for the FRF comprise the balance sheets as
of December 31, 2018, and 2017; the related statements of income and accumulated deficit and
of cash flows for the years then ended; and the related notes to the financial statements. We
also have audited FDIC’s internal control over financial reporting relevant to the DIF and to the
FRF as of December 31, 2018, based on criteria established under 31 U.S.C. § 3512(c), (d),
commonly known as the Federal Managers’ Financial Integrity Act (FMFIA).

A third fund managed by FDIC, the Orderly Liquidation Fund, established by Section 210(n) of the Dodd-Frank Wall
Street Reform and Consumer Protection Act, Pub. L. No. 111-203, 124 Stat. 1376, 1506 (July 21, 2010), is unfunded
and did not have any transactions from its inception in 2010 through 2018.

Other information consists of information included with the financial statements, other than the auditor’s report.

Act of September 21, 1950, Pub. L. No. 797, § 2[17], 64 Stat. 873, 890, classified as amended at 12 U.S.C. § 1827.

31 U.S.C. §§ 9101-9110.

FINANCIAL SECTION

119

ANNUAL REPORT
GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT (continued)
We conducted our audits in accordance with U.S. generally accepted government auditing
standards. We believe that the audit evidence we obtained is sufficient and appropriate to
provide a basis for our audit opinions.
Management’s Responsibility
FDIC management is responsible for (1) the preparation and fair presentation of these financial
statements in accordance with U.S. generally accepted accounting principles; (2) preparing and
presenting other information included in documents containing the audited financial statements
and auditor’s report, and ensuring the consistency of that information with the audited financial
statements; (3) maintaining effective internal control over financial reporting, including the
design, implementation, and maintenance of internal control relevant to the preparation and fair
presentation of financial statements that are free from material misstatement, whether due to
fraud or error; (4) evaluating the effectiveness of internal control over financial reporting based
on the criteria established under FMFIA; and (5) its assessment about the effectiveness of
internal control over financial reporting as of December 31, 2018, included in the accompanying
Management’s Report on Internal Control over Financial Reporting in appendix I.
Auditor’s Responsibility
Our responsibility is to express opinions on these financial statements and opinions on FDIC’s
internal control over financial reporting relevant to the DIF and to the FRF based on our audits.
U.S. generally accepted government auditing standards require that we plan and perform the
audits to obtain reasonable assurance about whether the financial statements are free from
material misstatement, and whether effective internal control over financial reporting was
maintained in all material respects. We are also responsible for applying certain limited
procedures to other information included with the financial statements.
An audit of financial statements involves performing procedures to obtain audit evidence about
the amounts and disclosures in the financial statements. The procedures selected depend on
the auditor’s judgment, including the auditor’s assessment of the risks of material misstatement
of the financial statements, whether due to fraud or error. In making those risk assessments, the
auditor considers internal control relevant to the entity’s preparation and fair presentation of the
financial statements in order to design audit procedures that are appropriate in the
circumstances. An audit of financial statements also involves evaluating the appropriateness of
the accounting policies used and the reasonableness of significant accounting estimates made
by management, as well as evaluating the overall presentation of the financial statements.
An audit of internal control over financial reporting involves performing procedures to obtain
evidence about whether a material weakness exists.5 The procedures selected depend on the
auditor’s judgment, including the assessment of the risk that a material weakness exists. An
audit of internal control over financial reporting also includes obtaining an understanding of
internal control over financial reporting, and evaluating and testing the design and operating
effectiveness of internal control over financial reporting based on the assessed risk. Our audit of
internal control also considered FDIC’s process for evaluating and reporting on internal control
5

A material weakness is a deficiency, or combination of deficiencies, in internal control over financial reporting, such
that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be
prevented, or detected and corrected, on a timely basis. A deficiency in internal control exists when the design or
operation of a control does not allow management or employees, in the normal course of performing their assigned
functions, to prevent, or detect and correct, misstatements on a timely basis.

120

FINANCIAL SECTION

2018
GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT (continued)
over financial reporting based on criteria established under FMFIA. Our audits also included
performing such other procedures as we considered necessary in the circumstances.
We did not evaluate all internal controls relevant to operating objectives as broadly established
under FMFIA, such as those controls relevant to preparing performance information and
ensuring efficient operations. We limited our internal control testing to testing controls over
financial reporting. Our internal control testing was for the purpose of expressing an opinion on
whether effective internal control over financial reporting was maintained, in all material
respects. Consequently, our audit may not identify all deficiencies in internal control over
financial reporting that are less severe than a material weakness.
Definition and Inherent Limitations of Internal Control over Financial Reporting
An entity’s internal control over financial reporting is a process effected by those charged with
governance, management, and other personnel, the objectives of which are to provide
reasonable assurance that (1) transactions are properly recorded, processed, and summarized
to permit the preparation of financial statements in accordance with U.S. generally accepted
accounting principles, and assets are safeguarded against loss from unauthorized acquisition,
use, or disposition, and (2) transactions are executed in accordance with provisions of
applicable laws, regulations, contracts, and grant agreements, noncompliance with which could
have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent, or
detect and correct, misstatements due to fraud or error. We also caution that projecting any
evaluation of effectiveness to future periods is subject to the risk that controls may become
inadequate because of changes in conditions, or that the degree of compliance with the policies
or procedures may deteriorate.
Opinions on Financial Statements
In our opinion,
•

the DIF’s financial statements present fairly, in all material respects, the DIF’s financial
position as of December 31, 2018, and 2017, and the results of its operations and its cash
flows for the years then ended, in accordance with U.S. generally accepted accounting
principles, and

•

the FRF’s financial statements present fairly, in all material respects, the FRF’s financial
position as of December 31, 2018, and 2017, and the results of its operations and its cash
flows for the years then ended, in accordance with U.S. generally accepted accounting
principles.

Opinions on Internal Control over Financial Reporting
In our opinion,
•

FDIC maintained, in all material respects, effective internal control over financial reporting
relevant to the DIF as of December 31, 2018, based on criteria established under FMFIA,
and

•

FDIC maintained, in all material respects, effective internal control over financial reporting
relevant to the FRF as of December 31, 2018, based on criteria established under FMFIA.
FINANCIAL SECTION

121

ANNUAL REPORT
GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT (continued)
During our 2018 audit, we identified deficiencies in FDIC’s internal control over financial
reporting that we do not consider to be material weaknesses or significant deficiencies.6
Nonetheless, these deficiencies warrant FDIC management’s attention. We have communicated
these matters to FDIC management and, where appropriate, will report on them separately.
Other Matters
Other Information
FDIC’s other information contains a wide range of information, some of which is not directly
related to the financial statements. This information is presented for purposes of additional
analysis and is not a required part of the financial statements. We read the other information
included with the financial statements in order to identify material inconsistencies, if any, with
the audited financial statements. Our audit was conducted for the purpose of forming opinions
on the DIF and the FRF financial statements. We did not audit and do not express an opinion or
provide any assurance on the other information.
Report on Compliance with Laws, Regulations, Contracts, and Grant Agreements
In connection with our audits of the financial statements of the DIF and of the FRF, both of
which are administered by FDIC, we tested compliance with selected provisions of applicable
laws, regulations, contracts, and grant agreements consistent with our auditor’s responsibility
discussed below. We caution that noncompliance may occur and not be detected by these
tests. We performed our tests of compliance in accordance with U.S. generally accepted
government auditing standards.
Management’s Responsibility
FDIC management is responsible for complying with applicable laws, regulations, contracts, and
grant agreements.
Auditor’s Responsibility
Our responsibility is to test compliance with selected provisions of applicable laws, regulations,
contracts, and grant agreements that have a direct effect on the determination of material
amounts and disclosures in the financial statements of the DIF and of the FRF, and to perform
certain other limited procedures. Accordingly, we did not test FDIC’s compliance with all
applicable laws, regulations, contracts, and grant agreements.
Results of Our Tests for Compliance with Laws, Regulations, Contracts, and Grant Agreements
Our tests for compliance with selected provisions of applicable laws, regulations, contracts, and
grant agreements disclosed no instances of noncompliance for 2018 that would be reportable,
with respect to the DIF and to the FRF, under U.S. generally accepted government auditing
standards. However, the objective of our tests was not to provide an opinion on compliance with
applicable laws, regulations, contracts, and grant agreements. Accordingly, we do not express
such an opinion.
6

A significant deficiency is a deficiency, or a combination of deficiencies, in internal control over financial reporting
that is less severe than a material weakness, yet important enough to merit attention by those charged with
governance.

122

FINANCIAL SECTION

2018
GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT (continued)
Intended Purpose of Report on Compliance with Laws, Regulations, Contracts, and Grant
Agreements
The purpose of this report is solely to describe the scope of our testing of compliance with
selected provisions of applicable laws, regulations, contracts, and grant agreements, and the
results of that testing, and not to provide an opinion on compliance. This report is an integral
part of an audit performed in accordance with U.S. generally accepted government auditing
standards in considering compliance. Accordingly, this report on compliance with laws,
regulations, contracts, and grant agreements is not suitable for any other purpose.
Agency Comments
In commenting on a draft of this report, FDIC stated that it was pleased to receive unmodified
opinions on the DIF’s and the FRF’s financial statements, and noted that we reported that FDIC
had effective internal control over financial reporting and that there was no reportable
noncompliance with tested provisions of applicable laws, regulations, contracts, and grant
agreements. FDIC also stated that it recognizes the important role a strong internal control
program plays in an agency achieving its mission and that it remains committed to ensuring
sound financial management remains a top priority. The complete text of FDIC’s response is
reprinted in appendix II.

James R. Dalkin
Director
Financial Management and Assurance
February 7, 2019

FINANCIAL SECTION

123

ANNUAL REPORT
Appendix I

MANAGEMENT’S REPORT ON INTERNAL CONTROL
OVER FINANCIAL REPORTING

124

FINANCIAL SECTION

2018
Appendix II

MANAGEMENT’S RESPONSE TO THE AUDITOR’S REPORT

FINANCIAL SECTION

125

THIS PAGE INTENTIONALLY LEFT BLANK

VI.

RISK MANAGEMENT
AND INTERNAL CONTROLS

127 127

THIS PAGE INTENTIONALLY LEFT BLANK

2018
The FDIC uses several means to maintain
comprehensive internal controls, ensure the overall
effectiveness and efficiency of operations, and
otherwise comply as necessary with the following
federal standards, among others:
♦♦ Chief Financial Officers’ Act (CFO Act)
♦♦ Federal Managers’ Financial Integrity Act
(FMFIA)
♦♦ Federal Financial Management Improvement Act
(FFMIA)
♦♦ Government Performance and Results Act
(GPRA)
♦♦ Federal Information Security Modernization Act
of 2014 (FISMA)
♦♦ OMB Circular A-123
♦♦ GAO’s Standards for Internal Control in the
Federal Government
As a foundation for these efforts, the Division of
Finance, Risk Management and Internal Controls
Branch (RMIC) oversees a corporate-wide program
of relevant activities by establishing policies and
working with management in each division and
office in the FDIC. The FDIC has made a concerted
effort to ensure that financial, reputational, and
operational risks have been identified and that
corresponding control needs are being incorporated
into day-to-day operations. The program also requires
that comprehensive procedures be documented,
employees be thoroughly trained, and supervisors
be held accountable for performance and results.
Compliance monitoring is carried out through
periodic management reviews and by the distribution
of various activity reports to all levels of management.
Conscientious attention is also paid to the
implementation of audit recommendations made by
the FDIC Office of Inspector General, the GAO, and
other providers of external/audit scrutiny. The FDIC
has received unmodified opinions on its financial
statement audits for 27 consecutive years, and these
and other positive results reflect the effectiveness of
the overall management control program.

In 2018, efforts were focused on enhancing FDIC’s
Risk Management program (updating the enterprise
risk management and internal control directive,
drafting the risk appetite statement, updating the
risk profile), improving data mining capabilities,
identifying performance metrics, mapping key
operational areas, exploring opportunities for process
improvement, monitoring FDIC’s internal controls
over outsourced service providers, continuing efforts
with stakeholders on failed bank data, and system
security. Considerable energy was devoted to ensuring
that the FDIC’s processes and systems of control have
kept pace with the workload, and that the foundation
of controls throughout the FDIC remained strong.
During 2019, RMIC will focus on the Corporate
Enterprise Risk Management Program, Model Risk
Management validation, enhancing the internal
control program, exploring opportunities for process
improvement, monitoring FDIC’s internal controls
over outsourced service providers, and system security.
Also, continued emphasis and management scrutiny
will be applied to the accuracy and integrity of
transactions and oversight of systems development
efforts in general.

FRAUD REDUCTION AND
DATA ANALYTICS ACT OF 2015
The Fraud Reduction and Data Analytics Act of
2015 was signed into law on June 30, 2016. The law
is intended to improve federal agency financial and
administrative controls and procedures to assess and
mitigate fraud risks, and to improve federal agencies’
development and use of data analytics for the purpose
of identifying, preventing, and responding to fraud,
including improper payments.
The FDIC’s enterprise risk management and internal
control program considers the potential for fraud and
incorporates elements of Principle 8 – Assess Fraud
Risk, of the GAO Standards of Internal Control in
the Federal Government. The FDIC implemented
a Fraud Risk Assessment Framework as a basis
for identifying potential financial fraud risks and
RISK MANAGEMENT AND INTERNAL CONTROLS

129

ANNUAL REPORT
schemes, ensuring that preventive and detective
controls are present and working as intended.
Examples of fraud risks are contractor payments,
wire transfers, travel card purchases, and theft of
cash receipts.

diligence, the matter is either closed or referred
to the Office of Inspector General for investigation.

As part of the Framework, potential fraud areas are
identified and key controls are evaluated/implemented
as proactive measures to fraud prevention. Although
no system of internal control provides absolute
assurance, the FDIC’s system of internal control
can provide reasonable assurance that key controls
are adequate and working as intended. Monitoring
activities include supervisory approvals, management
reports, and exception reporting.

MANAGEMENT REPORT
ON FINAL ACTIONS

FDIC management performs due diligence in areas of
suspected or alleged fraud. At the conclusion of due

During 2018, there was no systemic fraud identified
within the FDIC.

As required under the provisions of Section 5 (as
amended) of the Inspector General Act of 1978, the
FDIC must report information on final action taken
by management on certain audit reports. The tables
on the following pages provide information on final
action taken by management on audit reports for the
federal fiscal year period October 1, 2017, through
September 30, 2018.

TABLE 1:
MANAGEMENT REPORT ON FINAL ACTION ON AUDITS
WITH DISALLOWED COSTS FOR FISCAL YEAR 2018
Dollars in Thousands

(There were no audit reports in this category.)

TABLE 2:
MANAGEMENT REPORT ON FINAL ACTION ON AUDITS WITH RECOMMENDATIONS
TO PUT FUNDS TO BETTER USE FOR FISCAL YEAR 2018
Dollars in Thousands

(There were no audit reports in this category.)

130

RISK MANAGEMENT AND INTERNAL CONTROLS

2018
TABLE 3:
AUDIT REPORTS WITHOUT FINAL ACTIONS BUT WITH MANAGEMENT DECISIONS
OVER ONE YEAR OLD FOR FISCAL YEAR 2018
Report No. and
Issue Date

AUD-16-001
10/28/2015

EVAL-17-004
2/14/2017

OIG Audit Finding

The Acting CIO should assess the
Information Security Manager (ISM)
Outsourced Information Service
Provider Assessment Methodology
processes supporting information service
provider assessments to determine and
implement any needed improvements to
ensure timely completion of assessments.
The Director, RMS should continue to
communicate to Financial Institutions
(FIs) the importance of: fully
considering and assessing the risks that
Technology Service Providers (TSPs)
could have on the FI’s ability to manage
its own business continuity and incident
response planning efforts; ensuring that
contracts with TSPs include specific
provisions that address FI-identified
risks, protect FI interests, and provide
details necessary to allow FIs to manage
their own business continuity planning
and incident response and reporting
efforts through TSP operations; and
clearly defining key contract terms that
would be important in understanding
FI and TSP rights and responsibilities
in the event of a business disruption or
computer security incident particularly
for those contracts that FIs identify as
critical or that have access to sensitive or
personally identifiable information.

Management Action

The FDIC needs additional time to
bring the 22 remaining contracts into
compliance consistent with recently
developed transition and action plans.

Disallowed
Costs

Due Date: 4/30/2019

Due to the significant coordination
required with many agencies, the review
and editing of the draft Federal Financial
Institutions Examination Council’s
(FFIEC) Business Continuity Planning
Booklet and FFIEC Outsourcing Booklet
have experienced significant delays. The
agencies are attempting to make the
booklets more user-friendly.

Due Date: 12/31/2019

RISK MANAGEMENT AND INTERNAL CONTROLS

131

ANNUAL REPORT
TABLE 3:
AUDIT REPORTS WITHOUT FINAL ACTIONS BUT WITH MANAGEMENT DECISIONS
OVER ONE YEAR OLD FOR FISCAL YEAR 2018 (continued)
Report No. and
Issue Date

EVAL-17-007
9/18/2017

OIG Audit Finding

Management Action

The Director, DOA, should incorporate
a risk assessment of individual separating
employees into the FDIC’s pre-exit
clearance process.

Additional time is needed for DOA to
assess currently-available operational
and analytical tools to determine what
tools can be used in supporting the
Insider Threat and Counterintelligence
Program (ITCIP). DOA will continue
to analyze existing internal analytic
capabilities and work with the CIOO to
establish cybersecurity monitoring and
mitigation capabilities (e.g., forensics,
incident management systems, and data
loss prevention methodologies) while
protecting individual legal and privacy
rights. The procedures and protocols will
be drafted for appropriate review once the
tools are identified and put into place.
Due Date: 3/29/2019

The Director, DOA, should work with
the FDIC’s Chief Information Officer
to establish appropriate policy for using
Data Loss Prevention (DLP) to support
the FDIC’s pre-exit clearance process.

More time is needed to complete the
revisions to the Directive and to allow for
sufficient time for the Directive Review
Process.

The Director, DOA, should work with
the FDIC’s Chief Information Officer to
develop an expanded and better defined
use of the Data Loss Prevention (DLP)
tool for separating contractors.

As the process for notification for
contractor personnel is different than
the process for employees, more time is
needed to effectuate this change so that
the Computer Security Incident
Response Team (CSIRT) is notified
in a timely fashion.

Due Date: 3/29/2019

Due Date: 2/18/2019

132

RISK MANAGEMENT AND INTERNAL CONTROLS

Disallowed
Costs

VII.

APPENDICES

133

THIS PAGE INTENTIONALLY LEFT BLANK

2018
A. KEY STATISTICS
FDIC ACTIONS ON FINANCIAL INSTITUTIONS APPLICATIONS
2016–2018
Deposit Insurance
Approved1
Denied
New Branches
Approved
Denied
Mergers
Approved
Denied
Requests for Consent to Serve2
Approved
Section 19
Section 32
Denied
Section 19
Section 32
Notices of Change in Control
Letters of Intent Not to Disapprove
Disapproved
Brokered Deposit Waivers
Approved
Denied
Savings Association Activities3
Approved
Denied
State Bank Activities/Investments4
Approved
Denied
Conversion of Mutual Institutions
Non-Objection
Objection

2018

2017

2016

533

500

507

533

500

507

224

218

245

224

218

245

120

104

167

120

104

164

113

103

155

Includes deposit insurance application filed on behalf of (1) newly organized institutions, (2) existing uninsured financial services companies seeking establishment as
an insured institution, and (3) interim institutions established to facilitate merger or conversion transactions, and applications to facilitate the establishment of thrift
holding companies.

Under Section 19 of the Federal Deposit Insurance (FDI) Act, an insured institution must receive FDIC approval before employing a person convicted of dishonesty
or breach of trust. Under Section 32, the FDIC must approve any change of directors or senior executive officers at a state nonmember bank that is not in compliance
with capital requirements or is otherwise in troubled condition.

Section 28 of the FDI Act, in general, prohibits a federally-insured state savings association from engaging in an activity not permissible for a federal savings association
and requires notices or applications to be filed with the FDIC.

Section 24 of the FDI Act, in general, prohibits a federally-insured state bank from engaging in an activity not permissible for a national bank and requires notices or
applications to be filed with the FDIC.

APPENDICES

135

ANNUAL REPORT
COMBINED RISK AND CONSUMER ENFORCEMENT ACTIONS
2016–2018

2018

Total Number of Actions Initiated by the FDIC
Termination of Insurance
Involuntary Termination
Sec. 8a For Violations, Unsafe/Unsound Practices or Conditions
Voluntary Termination
Sec. 8a By Order Upon Request
Sec. 8p No Deposits
Sec. 8q Deposits Assumed
Sec. 8b Cease-and-Desist Actions
Notices of Charges Issued
Orders to Pay Restitution
Consent Orders
Personal Cease and Desist Orders
Sec. 8e Removal/Prohibition of Director or Officer
Notices of Intention to Remove/Prohibit
Consent Orders
Sec. 8g Suspension/Removal When Charged With Crime
Civil Money Penalties Issued
Sec. 7a Call Report Penalties
Sec. 8i Civil Money Penalties
Sec. 8i Civil Money Penalty Notices of Assessment
Sec. 10c Orders of Investigation
Sec. 19 Waiver Orders
Approved Section 19 Waiver Orders
Denied Section 19 Waiver Orders
Sec. 32 Notices Disapproving Officer/Director’s Request for Review
Truth-in-Lending Act Reimbursement Actions
Denials of Requests for Relief
Grants of Relief
Banks Making Reimbursement*
Suspicious Activity Reports (Open and closed institutions)*
Other Actions Not Listed

2017

2016

177

231

259

135

193,585

182,647

222,836

* These actions do not constitute the initiation of a formal enforcement action and, therefore, are not included in the total number of actions initiated.

136

APPENDICES

2018
ESTIMATED INSURED DEPOSITS AND THE DEPOSIT INSURANCE FUND,
DECEMBER 31, 1934, THROUGH SEPTEMBER 30, 20181
Dollars in Millions (except Insurance Coverage)

Deposits in Insured
Institutions2

Year
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
1990
1989
1988
1987
1986

Insurance
Coverage2
$250,000
250,000
250,000
250,000
250,000
250,000
250,000
250,000
250,000
250,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000

Total Domestic
Deposits
$12,368,002
12,129,503
11,693,371
10,952,922
10,410,687
9,825,479
9,474,720
8,782,291
7,887,858
7,705,354
7,505,408
6,921,678
6,640,097
6,229,753
5,724,621
5,223,922
4,916,078
4,564,064
4,211,895
3,885,826
3,817,150
3,602,189
3,454,556
3,318,595
3,184,410
3,220,302
3,275,530
3,331,312
3,415,464
3,412,503
2,337,080
2,198,648
2,162,687

Est. Insured
Deposits
$7,376,566
7,159,748
6,917,928
6,519,449
6,195,554
5,998,238
7,402,053
6,973,483
6,301,542
5,407,773
4,750,783
4,292,211
4,153,808
3,890,930
3,622,059
3,452,497
3,383,598
3,215,581
3,055,108
2,869,208
2,850,452
2,746,477
2,690,439
2,663,873
2,588,619
2,602,781
2,677,709
2,733,387
2,784,838
2,755,471
1,756,771
1,657,291
1,636,915

Percentage
of Domestic
Deposits
59.6
59.0
59.2
59.5
59.5
61.0
78.1
79.4
79.9
70.2
63.3
62.0
62.6
62.5
63.3
66.1
68.8
70.5
72.5
73.8
74.7
76.2
77.9
80.3
81.3
80.8
81.7
82.1
81.5
80.7
75.2
75.4
75.7

Deposit
Insurance
Fund
$100,204.0
92,747.5
83,161.5
72,600.2
62,780.2
47,190.8
32,957.8
11,826.5
(7,352.2)
(20,861.8)
17,276.3
52,413.0
50,165.3
48,596.6
47,506.8
46,022.3
43,797.0
41,373.8
41,733.8
39,694.9
39,452.1
37,660.8
35,742.8
28,811.5
23,784.5
14,277.3
178.4
(6,934.0)
4,062.7
13,209.5
14,061.1
18,301.8
18,253.3

Insurance Fund as
a Percentage of
Total
Domestic
Est. Insured
Deposits
Deposits
0.81
1.36
0.76
1.30
0.71
1.20
0.66
1.11
0.60
1.01
0.48
0.79
0.35
0.45
0.13
0.17
(0.09)
(0.12)
(0.27)
(0.39)
0.23
0.36
0.76
1.22
0.76
1.21
0.78
1.25
0.83
1.31
0.88
1.33
0.89
1.29
0.91
1.29
0.99
1.37
1.02
1.38
1.03
1.38
1.05
1.37
1.03
1.33
0.87
1.08
0.75
0.92
0.44
0.55
0.01
0.01
(0.21)
(0.25)
0.12
0.15
0.39
0.48
0.60
0.80
0.83
1.10
0.84
1.12

APPENDICES

137

ANNUAL REPORT
ESTIMATED INSURED DEPOSITS AND THE DEPOSIT INSURANCE FUND,
DECEMBER 31, 1934, THROUGH SEPTEMBER 30, 20181 (continued)
Dollars in Millions (except Insurance Coverage)

Deposits in Insured
Institutions2

Year
1985
1984
1983
1982
1981
1980
1979
1978
1977
1976
1975
1974
1973
1972
1971
1970
1969
1968
1967
1966
1965
1964
1963
1962
1961
1960
1959
1958
1957
1956
1955
1954
1953

138

Insurance
Coverage2
100,000
100,000
100,000
100,000
100,000
100,000
40,000
40,000
40,000
40,000
40,000
40,000
20,000
20,000
20,000
20,000
20,000
15,000
15,000
15,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000

APPENDICES

Total Domestic
Deposits
1,975,030
1,805,334
1,690,576
1,544,697
1,409,322
1,324,463
1,226,943
1,145,835
1,050,435
941,923
875,985
833,277
766,509
697,480
610,685
545,198
495,858
491,513
448,709
401,096
377,400
348,981
313,304
297,548
281,304
260,495
247,589
242,445
225,507
219,393
212,226
203,195
193,466

Est. Insured
Deposits
1,510,496
1,393,421
1,268,332
1,134,221
988,898
948,717
808,555
760,706
692,533
628,263
569,101
520,309
465,600
419,756
374,568
349,581
313,085
296,701
261,149
234,150
209,690
191,787
177,381
170,210
160,309
149,684
142,131
137,698
127,055
121,008
116,380
110,973
105,610

Insurance Fund as
a Percentage of

Percentage
of Domestic
Deposits
76.5
77.2
75.0
73.4
70.2
71.6
65.9
66.4
65.9
66.7
65.0
62.4
60.7
60.2
61.3
64.1
63.1
60.4
58.2
58.4
55.6
55.0
56.6
57.2
57.0
57.5
57.4
56.8
56.3
55.2
54.8
54.6
54.6

Deposit
Insurance
Fund
17,956.9
16,529.4
15,429.1
13,770.9
12,246.1
11,019.5
9,792.7
8,796.0
7,992.8
7,268.8
6,716.0
6,124.2
5,615.3
5,158.7
4,739.9
4,379.6
4,051.1
3,749.2
3,485.5
3,252.0
3,036.3
2,844.7
2,667.9
2,502.0
2,353.8
2,222.2
2,089.8
1,965.4
1,850.5
1,742.1
1,639.6
1,542.7
1,450.7

Total
Domestic
Deposits
0.91
0.92
0.91
0.89
0.87
0.83
0.80
0.77
0.76
0.77
0.77
0.73
0.73
0.74
0.78
0.80
0.82
0.76
0.78
0.81
0.80
0.82
0.85
0.84
0.84
0.85
0.84
0.81
0.82
0.79
0.77
0.76
0.75

Est. Insured
Deposits
1.19
1.19
1.22
1.21
1.24
1.16
1.21
1.16
1.15
1.16
1.18
1.18
1.21
1.23
1.27
1.25
1.29
1.26
1.33
1.39
1.45
1.48
1.50
1.47
1.47
1.48
1.47
1.43
1.46
1.44
1.41
1.39
1.37

2018
ESTIMATED INSURED DEPOSITS AND THE DEPOSIT INSURANCE FUND,
DECEMBER 31, 1934, THROUGH SEPTEMBER 30, 20181 (continued)
Dollars in Millions (except Insurance Coverage)

Deposits in Insured
Institutions2

Year
1952
1951
1950
1949
1948
1947
1946
1945
1944
1943
1942
1941
1940
1939
1938
1937
1936
1935
1934

Insurance
Coverage2
10,000
10,000
10,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000

Total Domestic
Deposits
188,142
178,540
167,818
156,786
153,454
154,096
148,458
157,174
134,662
111,650
89,869
71,209
65,288
57,485
50,791
48,228
50,281
45,125
40,060

Est. Insured
Deposits
101,841
96,713
91,359
76,589
75,320
76,254
73,759
67,021
56,398
48,440
32,837
28,249
26,638
24,650
23,121
22,557
22,330
20,158
18,075

Insurance Fund as
a Percentage of

Percentage
of Domestic
Deposits
54.1
54.2
54.4
48.8
49.1
49.5
49.7
42.6
41.9
43.4
36.5
39.7
40.8
42.9
45.5
46.8
44.4
44.7
45.1

Deposit
Insurance
Fund
1,363.5
1,282.2
1,243.9
1,203.9
1,065.9
1,006.1
1,058.5
929.2
804.3
703.1
616.9
553.5
496.0
452.7
420.5
383.1
343.4
306.0
291.7

Total
Domestic
Deposits
0.72
0.72
0.74
0.77
0.69
0.65
0.71
0.59
0.60
0.63
0.69
0.78
0.76
0.79
0.83
0.79
0.68
0.68
0.73

Est. Insured
Deposits
1.34
1.33
1.36
1.57
1.42
1.32
1.44
1.39
1.43
1.45
1.88
1.96
1.86
1.84
1.82
1.70
1.54
1.52
1.61

For 2018, figures are as of September 30; all other prior years are as of December 31. Prior to 1989, figures are for the Bank Insurance Fund (BIF) only and exclude
insured branches of foreign banks. For 1989 to 2005, figures represent the sum of the BIF and Savings Association Insurance Fund (SAIF) amounts; for 2006 to 2018,
figures are for DIF. Amounts for 1989-2018 include insured branches of foreign banks. Prior to year-end 1991, insured deposits were estimated using percentages
determined from June Call and Thrift Financial Reports.

The year-end 2008 coverage limit and estimated insured deposits do not reflect the temporary increase to $250,000 then in effect under the Emergency Economic
Stabilization Act of 2008. The Dodd-Frank Wall Street Reform and Consumer Protection (Dodd-Frank) Act made this coverage limit permanent. The year-end 2009
coverage limit and estimated insured deposits reflect the $250,000 coverage limit. The Dodd-Frank Act also temporarily provided unlimited coverage for non-interest
bearing transaction accounts for two years beginning December 31, 2010. Coverage for certain retirement accounts increased to $250,000 in 2006. Initial coverage
limit was $2,500 from January 1 to June 30, 1934.

APPENDICES

139

ANNUAL REPORT
INCOME AND EXPENSES, DEPOSIT INSURANCE FUND, FROM BEGINNING OF OPERATIONS,
SEPTEMBER 11, 1933, THROUGH DECEMBER 31, 2018
Dollars in Millions

Income

Year

Total

Assessment
Income

TOTAL

Expenses and Losses

Assessment
Credits

Investment
and Other

Effective
Assessment
Rate1

Total

Provision
for
Ins. Losses

Admin.
and
Operating
Expenses2

Interest
& Other Ins.
Expenses

Funding
Transfer
from the
FSLIC
Resolution Fund

Net Income/
(Loss)

$253,463.9

$185,121.7

$11,392.9

$79,735.1

$150,511.3

$107,728.6

$33,313.7

$9,469.1

$139.5

$103,092.1

2018

11,170.8

9,526.7

0.0

1,644.1

0.0627%

1,205.2

(562.6)

1,764.7

3.1

9,965.6

2017

11,663.7

10,594.8

0.0

1,068.9

0.0716%

1,558.2

(183.1)

1,739.4

2.0

10,105.5

2016

10,674.1

9,986.6

0.0

687.5

0.0699%

150.6

(1,567.9)

1,715.0

3.5

10,523.5

2015

9,303.5

8,846.8

0.0

456.7

0.0647%

(553.2)

(2,251.3)

1,687.2

10.9

9,856.7

2014

8,965.1

8,656.1

0.0

309.0

0.0663%

(6,634.7)

(8,305.5)

1,664.3

6.5

15,599.8

2013

10,458.9

9,734.2

0.0

724.7

0.0775%

(4,045.9)

(5,659.4)

1,608.7

4.8

14,504.8

2012

18,522.3

12,397.2

0.2

6,125.3

0.1012%

(2,599.0)

(4,222.6)

1,777.5

(153.9)

21,121.3

2011

16,342.0

13,499.5

0.9

2,843.4

0.1115%

(2,915.4)

(4,413.6)

1,625.4

(127.2)

19,257.4

2010

13,379.9

13,611.2

0.8

0.1772%

75.0

(847.8)

1,592.6

(669.8)

13,304.9

2009

24,706.4

17,865.4

148.0

6,989.0

0.2330%

60,709.0

57,711.8

1,271.1

1,726.1

(36,002.6)

2008

7,306.3

4,410.4

1,445.9

4,341.8

0.0418%

44,339.5

41,838.8

1,033.5

1,467.2

(37,033.2)

2007

3,196.2

3,730.9

3,088.0

2,553.3

0.0093%

1,090.9

95.0

992.6

3.3

2,105.3

2006

2,643.5

31.9

0.0

2,611.6

0.0005%

904.3

(52.1)

950.6

5.8

1,739.2

2005

2,420.5

60.9

0.0

2,359.6

0.0010%

809.3

(160.2)

965.7

3.8

1,611.2

2004

2,240.3

104.2

0.0

2,136.1

0.0019%

607.6

(353.4)

941.3

19.7

1,632.7

2003

2,173.6

94.8

0.0

2,078.8

0.0019%

(67.7)

(1,010.5)

935.5

7.3

2,241.3

2002

2,384.7

107.8

0.0

2,276.9

0.0023%

719.6

(243.0)

945.1

17.5

1,665.1

2001

2,730.1

83.2

0.0

2,646.9

0.0019%

3,123.4

2,199.3

887.9

36.2

2000

2,570.1

64.3

0.0

2,505.8

0.0016%

945.2

28.0

883.9

33.3

1,624.9

1999

2,416.7

48.4

0.0

2,368.3

0.0013%

2,047.0

1,199.7

823.4

23.9

369.7

1998

2,584.6

37.0

0.0

2,547.6

0.0010%

817.5

(5.7)

782.6

40.6

1,767.1

1997

2,165.5

38.6

0.0

2,126.9

0.0011%

247.3

(505.7)

677.2

75.8

1,918.2

1996

7,156.8

5,294.2

0.0

1,862.6

0.1622%

353.6

(417.2)

568.3

202.5

6,803.2

1995

5,229.2

3,877.0

0.0

1,352.2

0.1238%

202.2

(354.2)

510.6

45.8

5,027.0

1994

7,682.1

6,722.7

0.0

959.4

0.2192%

(1,825.1)

(2,459.4)

443.2

191.1

9,507.2

1993

7,354.5

6,682.0

0.0

672.5

0.2157%

(6,744.4)

(7,660.4)

418.5

497.5

14,098.9

1992

6,479.3

5,758.6

0.0

720.7

0.1815%

(596.8)

(2,274.7)

614.83

1,063.1

35.4

7,111.5

1991

5,886.5

5,254.0

0.0

632.5

0.1613%

16,925.3

15,496.2

326.1

1,103.0

42.4

(10,996.4)

1990

3,855.3

2,872.3

0.0

983.0

0.0868%

13,059.3

12,133.1

275.6

650.6

56.1

(9,147.9)

1989

3,494.8

1,885.0

0.0

1,609.8

0.0816%

4,352.2

3,811.3

219.9

321.0

5.6

(851.8)

1988

3,347.7

1,773.0

0.0

1,574.7

0.0825%

7,588.4

6,298.3

223.9

1,066.2

(4,240.7)

1987

3,319.4

1,696.0

0.0

1,623.4

0.0833%

3,270.9

2,996.9

204.9

69.1

1986

3,260.1

1,516.9

0.0

1,743.2

0.0787%

2,963.7

2,827.7

180.3

(44.3)

296.4

1985

3,385.5

1,433.5

0.0

1,952.0

0.0815%

1,957.9

1,569.0

179.2

209.7

1,427.6

1984

3,099.5

1,321.5

0.0

1,778.0

0.0800%

1,999.2

1,633.4

151.2

214.6

1,100.3

1983

2,628.1

1,214.9

164.0

1,577.2

0.0714%

969.9

675.1

135.7

159.1

1,658.2

1982

2,524.6

1,108.9

96.2

1,511.9

0.0769%

999.8

126.4

129.9

743.5

1,524.8

140

APPENDICES

(230.5)

(393.3)

48.5

2018
INCOME AND EXPENSES, DEPOSIT INSURANCE FUND, FROM BEGINNING OF OPERATIONS,
SEPTEMBER 11, 1933, THROUGH DECEMBER 31, 2018 (continued)
Dollars in Millions

Income

Expenses and Losses

Assessment
Income

Assessment
Credits

Investment
and Other

Effective
Assessment
Rate1

Total

Provision
for
Ins. Losses

Admin.
and
Operating
Expenses2

Interest
& Other Ins.
Expenses

Funding
Transfer
from the
FSLIC
Resolution Fund

Net Income/
(Loss)

Year

Total

1981

2,074.7

1,039.0

117.1

1,152.8

0.0714%

848.1

320.4

127.2

400.5

1,226.6

1980

1,310.4

951.9

521.1

879.6

0.0370%

83.6

(38.1)

118.2

3.5

1,226.8

1979

1,090.4

881.0

524.6

734.0

0.0333%

93.7

(17.2)

106.8

4.1

996.7

1978

952.1

810.1

443.1

585.1

0.0385%

148.9

36.5

103.3

9.1

803.2

1977

837.8

731.3

411.9

518.4

0.0370%

113.6

20.8

89.3

3.5

724.2

1976

764.9

676.1

379.6

468.4

0.0370%

212.3

28.0

180.4

3.9

552.6

1975

689.3

641.3

362.4

410.4

0.0357%

97.5

27.6

67.7

2.2

591.8

1974

668.1

587.4

285.4

366.1

0.0435%

159.2

97.9

59.2

2.1

508.9

1973

561.0

529.4

283.4

315.0

0.0385%

108.2

52.5

54.4

1.3

452.8

1972

467.0

468.8

280.3

278.5

0.0333%

65.7

10.1

49.6

6.0 5

401.3

1971

415.3

417.2

241.4

239.5

0.0345%

60.3

13.4

46.9

0.0

355.0

1970

382.7

369.3

210.0

223.4

0.0357%

46.0

3.8

42.2

0.0

336.7

1969

335.8

364.2

220.2

191.8

0.0333%

34.5

1.0

33.5

0.0

301.3

1968

295.0

334.5

202.1

162.6

0.0333%

29.1

0.1

29.0

0.0

265.9

1967

263.0

303.1

182.4

142.3

0.0333%

27.3

2.9

24.4

0.0

235.7

1966

241.0

284.3

172.6

129.3

0.0323%

19.9

0.1

19.8

0.0

221.1

1965

214.6

260.5

158.3

112.4

0.0323%

22.9

5.2

17.7

0.0

191.7

1964

197.1

238.2

145.2

104.1

0.0323%

18.4

2.9

15.5

0.0

178.7

1963

181.9

220.6

136.4

97.7

0.0313%

15.1

0.7

14.4

0.0

166.8

1962

161.1

203.4

126.9

84.6

0.0313%

13.8

0.1

13.7

0.0

147.3

1961

147.3

188.9

115.5

73.9

0.0323%

14.8

1.6

13.2

0.0

132.5

1960

144.6

180.4

100.8

65.0

0.0370%

12.5

0.1

12.4

0.0

132.1

1959

136.5

178.2

99.6

57.9

0.0370%

12.1

0.2

11.9

0.0

124.4

1958

126.8

166.8

93.0

53.0

0.0370%

11.6

0.0

11.6

0.0

115.2

1957

117.3

159.3

90.2

48.2

0.0357%

9.7

0.1

9.6

0.0

107.6

1956

111.9

155.5

87.3

43.7

0.0370%

9.4

0.3

9.1

0.0

102.5

1955

105.8

151.5

85.4

39.7

0.0370%

9.0

0.3

8.7

0.0

96.8

1954

99.7

144.2

81.8

37.3

0.0357%

7.8

0.1

7.7

0.0

91.9

1953

94.2

138.7

78.5

34.0

0.0357%

7.3

0.1

7.2

0.0

86.9

1952

88.6

131.0

73.7

31.3

0.0370%

7.8

0.8

7.0

0.0

80.8

1951

83.5

124.3

70.0

29.2

0.0370%

6.6

0.0

6.6

0.0

76.9

1950

84.8

122.9

68.7

30.6

0.0370%

7.8

1.4

6.4

0.0

77.0

1949

151.1

122.7

0.0

28.4

0.0833%

6.4

0.3

6.1

0.0

144.7

1948

145.6

119.3

0.0

26.3

0.0833%

7.0

0.7

6.36

0.0

138.6

1947

157.5

114.4

0.0

43.1

0.0833%

9.9

0.1

9.8

0.0

147.6

1946

130.7

107.0

0.0

23.7

0.0833%

10.0

0.1

9.9

0.0

120.7

1945

121.0

93.7

0.0

27.3

0.0833%

9.4

0.1

9.3

0.0

111.6

1944

99.3

80.9

0.0

18.4

0.0833%

9.3

0.1

9.2

0.0

90.0

APPENDICES

141

ANNUAL REPORT
INCOME AND EXPENSES, DEPOSIT INSURANCE FUND, FROM BEGINNING OF OPERATIONS,
SEPTEMBER 11, 1933, THROUGH DECEMBER 31, 2018 (continued)
Dollars in Millions

Income

Year

Total

Expenses and Losses

Assessment
Income

Assessment
Credits

Investment
and Other

Effective
Assessment
Rate1

Total

Provision
for
Ins. Losses

Admin.
and
Operating
Expenses2

Interest
& Other Ins.
Expenses

Funding
Transfer
from the
FSLIC
Resolution Fund

Net Income/
(Loss)

1943

86.6

70.0

0.0

16.6

0.0833%

9.8

0.2

9.6

0.0

76.8

1942

69.1

56.5

0.0

12.6

0.0833%

10.1

0.5

9.6

0.0

59.0

1941

62.0

51.4

0.0

10.6

0.0833%

10.1

0.6

9.5

0.0

51.9

1940

55.9

46.2

0.0

9.7

0.0833%

12.9

3.5

9.4

0.0

43.0

1939

51.2

40.7

0.0

10.5

0.0833%

16.4

7.2

9.2

0.0

34.8

1938

47.7

38.3

0.0

9.4

0.0833%

11.3

2.5

8.8

0.0

36.4

1937

48.2

38.8

0.0

9.4

0.0833%

12.2

3.7

8.5

0.0

36.0

1936

43.8

35.6

0.0

8.2

0.0833%

10.9

2.6

8.3

0.0

32.9

1935

20.8

11.5

0.0

9.3

0.0833%

11.3

2.8

8.5

0.0

9.5

1933-34

7.0

0.0

7.0

N/A

10.0

0.2

9.8

0.0

(3.0)

The effective assessment rate is calculated from annual assessment income (net of assessment credits), excluding transfers to the Financing Corporation (FICO),
Resolution Funding Corporation (REFCORP) and FSLIC Resolution Fund, divided by the average assessment base. Figures represent only BIF-insured institutions
prior to 1990, and BIF- and SAIF-insured institutions from 1990 through 2005. After 1995, all thrift closings became the responsibility of the FDIC and amounts are
reflected in the SAIF. Beginning in 2006, figures are for the DIF.
The annualized assessment rate for 2018 is based on full year assessment income divided by a four quarter average of 2018 quarterly assessment base amounts. The
assessment base for fourth quarter 2018 was estimated using the third quarter 2018 assessment base and an assumed quarterly growth rate of one percent.

deposits, effective the start of 1996. In 1996, the SAIF collected
a one-time special assessment of $4.5 billion. Subsequently,
assessment rates for the SAIF were lowered to the same range as
the BIF, effective October 1996. This range of rates remained
unchanged for both funds through 2006.

Historical Assessment Rates:
1934 – 1949

The statutory assessment rate was 0.0833 percent.

1950 – 1984

The effective assessment rates varied from the statutory rate
of 0.0833 percent due to assessment credits provided in those
years.

1985 – 1989
1990

As part of the implementation of the Federal Deposit Insurance
Reform Act of 2005, assessment rates were increased to a range
of 0.05 percent to 0.43 percent of assessable deposits effective
at the start of 2007, but many institutions received a one-time
assessment credit ($4.7 billion in total) to offset the new
assessments.

2009 – 2011

For the first quarter of 2009, assessment rates were increased to
a range of 0.12 percent to 0.50 percent of assessable deposits.
On June 30, 2009, a special assessment was imposed on all
insured banks and thrifts, which amounted in aggregate to
approximately $5.4 billion. For 8,106 institutions, with $9.3
trillion in assets, the special assessment was 5 basis points of
each insured institution’s assets minus tier one capital; 89
other institutions, with assets of $4.0 trillion, had their special
assessment capped at 10 basis points of their second quarter
assessment base. From the second quarter of 2009 through the
first quarter of 2011, initial assessment rates ranged between
0.12 percent and 0.45 percent of assessable deposits. Initial
rates are subject to further adjustments.

The statutory assessment rate was 0.0833 percent (no credits
were given).
The statutory rate increased to 0.12 percent.

1991 – 1992

The statutory rate increased to a minimum of 0.15 percent.
The effective rates in 1991 and 1992 varied because the FDIC
exercised new authority to increase assessments above the
statutory minimum rate when needed.

1993 – 2006

Beginning in 1993, the effective rate was based on a risk-related
premium system under which institutions paid assessments
in the range of 0.23 percent to 0.31 percent. In May 1995,
the BIF reached the mandatory recapitalization level of 1.25
percent. As a result, BIF assessment rates were reduced to a
range of 0.04 percent to 0.31 percent of assessable deposits,
effective June 1995, and assessments totaling $1.5 billion were
refunded in September 1995. Assessment rates for the BIF
were lowered again to a range of 0 to 0.27 percent of assessable

142

2007 – 2008

APPENDICES

2018
2011 – 2016

Beginning in the second quarter of 2011, the assessment
base changed to average total consolidated assets less average
tangible equity (with certain adjustments for banker’s banks
and custodial banks), as required by the Dodd-Frank Act. The
FDIC implemented a new assessment rate schedule at the
same time to conform to the larger assessment base. Initial
assessment rates were lowered to a range of 0.05 percent to
0.35 percent of the new base. The annualized assessment
rates averaged approximately 17.6 cents per $100 of assessable
deposits for the first quarter of 2011 and 11.1 cents per $100 of
the new base for the last three quarters of 2011 (which is shown
in the table).

2016

Beginning July 1, 2016, initial assessment rates were lowered
from a range of 5 basis points to 35 basis points to a range of 3
basis points to 30 basis points, and an additional surcharge was
imposed on large banks (generally institutions with $10 billion
or more in assets) of 4.5 basis points of their assessment base
(after making adjustments).

2018

The 4.5 basis point surcharge imposed on large banks ended
effective October 1, 2018. The annualized assessment rates
averaged approximately 7.2 cents per $100 of the assessable base
for the first three quarters of 2018 and 3.5 cents per $100 of
the assessment base for the last quarter of 2018. The full year
annualized assessment rate averaged 6.3 cent per $100 (which
is shown in the table).

These expenses, which are presented as operating expenses in the Statement of Income and Fund Balance, pertain to the FDIC in its corporate capacity only and do not
include costs that are charged to the failed bank receiverships that are managed by the FDIC. The receivership expenses are presented as part of the “Receivables from
Resolutions, net” line on the Balance Sheet. The narrative and graph presented on page 91 of this report shows the aggregate (corporate and receivership) expenditures
of the FDIC.

Includes $210 million for the cumulative effect of an accounting change for certain postretirement benefits (1992).

Includes a $106 million net loss on government securities (1976).

This amount represents interest and other insurance expenses from 1933 to 1972.

Includes the aggregate amount of $81 million of interest paid on capital stock between 1933 and 1948.

APPENDICES

143

ANNUAL REPORT
RECOVERIES AND LOSSES BY THE DEPOSIT INSURANCE FUND ON DISBURSEMENTS
FOR THE PROTECTION OF DEPOSITORS, 1934 - 2018
Dollars in Thousands
Bank and Thrift Failures1
Year2
2018
2017
2016
2015
2014
2013
2012
2011
20107
20097
20087
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
1990
1989
1988
1987
1986
1985
1984
1983
1982
1981
1980
1934 - 1979

144

Number
of Banks/
Thrifts
2,623
0
8
5
8
18
24
51
92
157
140
25
3
0
0
4
3
11
4
7
8
3
1
6
6
13
41
120
124
168
206
200
184
138
116
78
44
32
7
10
558

APPENDICES

Total
Assets3
$946,643,412
5,081,737
277,182
6,706,038
2,913,503
6,044,051
11,617,348
34,922,997
92,084,988
169,709,160
371,945,480
2,614,928
0
0
170,099
947,317
2,872,720
1,821,760
410,160
1,592,189
290,238
27,923
232,634
802,124
1,463,874
3,828,939
45,357,237
64,556,512
16,923,462
28,930,572
38,402,475
6,928,889
7,356,544
3,090,897
2,962,179
3,580,132
1,213,316
108,749
239,316
8,615,743

Total
Deposits3
$712,938,506
4,683,360
268,516
4,574,170
2,691,485
5,132,246
11,009,630
31,071,862
78,290,185
137,835,121
234,321,715
2,424,187
0
0
156,733
901,978
2,512,834
1,661,214
342,584
1,320,573
260,675
27,511
230,390
776,387
1,397,018
3,509,341
39,921,310
52,972,034
15,124,454
24,152,468
26,524,014
6,599,180
6,638,903
2,889,801
2,665,797
2,832,184
1,056,483
100,154
219,890
5,842,119

Funding4
$586,979,457
4,589,179
262,017
4,564,024
2,682,954
5,022,388
11,041,622
30,714,170
82,305,089
136,081,390
205,833,992
1,920,159
0
0
139,244
883,772
1,567,805
21,131
297,313
1,308,316
293,117
25,546
201,533
609,043
1,224,769
3,841,658
14,541,476
21,501,749
10,812,484
11,443,281
10,432,655
4,876,994
4,632,121
2,154,955
2,165,036
3,042,392
545,612
114,944
152,355
5,133,173

Recoveries5
$416,409,979
1,712,445
12,907
848,530
475,347
323,205
1,782,176
3,267,259
55,641,718
95,397,606
184,490,213
1,474,822
0
0
134,978
812,933
1,711,173
1,138,677
265,175
718,057
69,575
20,520
140,918
524,571
1,045,718
3,209,012
10,866,760
15,496,730
8,040,995
5,247,995
5,055,158
3,014,502
2,949,583
1,506,776
1,641,157
1,973,037
419,825
105,956
121,675
4,752,295

Estimated
Additional
Recoveries
$63,951,764
1,724,535
204,981
2,858,451
1,815,118
3,470,020
6,822,310
20,988,008
10,456,842
14,071,401
3,204,012
285,662
0
0
349
8,192
(557,357)
(1,410,011)
0
4,233
1,937
0
0
0
0
0
567
2,512
0
0
0
0
0
0
0
0
0
0
0
0

Final and
Estimated
Losses6
$106,617,718
1,152,198
44,129
857,043
392,489
1,229,163
2,437,136
6,458,902
16,206,529
26,612,383
18,139,767
159,676
0
0
3,917
62,647
413,989
292,465
32,138
586,027
221,606
5,026
60,615
84,472
179,051
632,646
3,674,149
6,002,507
2,771,489
6,195,286
5,377,497
1,862,492
1,682,538
648,179
523,879
1,069,355
125,787
8,988
30,680
380,878

2018
RECOVERIES AND LOSSES BY THE DEPOSIT INSURANCE FUND ON DISBURSEMENTS
FOR THE PROTECTION OF DEPOSITORS, 1934 - 2018 (continued)
Dollars in Thousands
Assistance Transactions1
Year2

Number
of Banks/
Thrifts

Total
Assets3

Total
Deposits3

Funding4

Recoveries5

2018
2017
2016
2015
2014
2013
2012
2011
2010
20098
20088
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
1990
1989
1988

154
0
0
0
0
0
0
0
0
0
8
5
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
3
1
1
80

$3,317,099,253
0
0
0
0
0
0
0
0
0
1,917,482,183
1,306,041,994
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
33,831
78,524
14,206
4,438
15,493,939

$1,442,173,417
0
0
0
0
0
0
0
0
0
1,090,318,282
280,806,966
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
33,117
75,720
14,628
6,396
11,793,702

$11,630,356
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1,486
6,117
4,935
2,548
1,730,351

$6,199,875
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1,236
3,093
2,597
252
189,709

Estimated
Additional
Recoveries
$0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0

Final and
Estimated Losses6
$5,430,481
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
250
3,024
2,338
2,296
1,540,642

APPENDICES

145

ANNUAL REPORT
RECOVERIES AND LOSSES BY THE DEPOSIT INSURANCE FUND ON DISBURSEMENTS
FOR THE PROTECTION OF DEPOSITORS, 1934 - 2018 (continued)
Dollars in Thousands
Assistance Transactions1 (continued)
Year2
1987
1986
1985
1984
1983
1982
1981
1980
1934-1979

Number
of Banks/
Thrifts
19
7
4
2
4
10
3
1
4

Total
Assets3
2,478,124
712,558
5,886,381
40,470,332
3,611,549
10,509,286
4,838,612
7,953,042
1,490,254

Total
Deposits3
2,275,642
585,248
5,580,359
29,088,247
3,011,406
9,118,382
3,914,268
5,001,755
549,299

Funding4
160,877
158,848
765,732
5,531,179
764,690
1,729,538
774,055
0
0

Recoveries5
713
65,669
406,676
4,414,904
427,007
686,754
1,265
0
0

Estimated
Additional
Recoveries
0
0
0
0
0
0
0
0
0

Final and
Estimated Losses6
160,164
93,179
359,056
1,116,275
337,683
1,042,784
772,790
0
0

Institutions for which the FDIC is appointed receiver, including deposit payoff, insured deposit transfer, and deposit assumption cases.

For 1990 through 2005, amounts represent the sum of BIF and SAIF failures (excluding those handled by the RTC); prior to 1990, figures are only for the BIF. After
1995, all thrift closings became the responsibility of the FDIC and amounts are reflected in the SAIF. For 2006 to 2018, figures are for the DIF.

Assets and deposit data are based on the last Call Report or TFR filed before failure.

Funding represents the amounts provided by the DIF to receiverships for subrogated claims, advances for working capital, and administrative expenses paid on their
behalf. Beginning in 2008, the DIF resolves failures using whole-bank purchase and assumption transactions, most with an accompanying shared-loss agreement
(SLA). The DIF satisfies any resulting liabilities by offsetting receivables from resolutions when receiverships declare a dividend and/or sending cash directly to
receiverships to fund an SLA and other expenses.

Recoveries represent cash received and dividends (cash and non-cash) declared by receiverships.

Final losses represent actual losses for unreimbursed subrogated claims of inactivated receiverships. Estimated losses generally represent the difference between the
amount paid by the DIF to cover obligations to insured depositors and the estimated recoveries from the liquidation of receivership assets.

Includes amounts related to transaction account coverage under the Transaction Account Guarantee Program (TAG). The estimated losses as of December 31, 2018,
for TAG accounts in 2010, 2009, and 2008 are $372 million, $1.1 billion, and $12 million, respectively.

Includes institutions where assistance was provided under a systemic risk determination.

146

APPENDICES

2018
NUMBER, ASSETS, DEPOSITS, LOSSES, AND LOSS TO FUNDS OF INSURED
THRIFTS TAKEN OVER OR CLOSED BECAUSE OF FINANCIAL DIFFICULTIES,
1989 THROUGH 19951
Dollars in Thousands

Year

Number of Institutions

Assets

Deposits

Final
Receivership
Loss2

Total

748

$393,986,574

$318,328,770

$75,977,846

$81,580,554

1995

423,819

414,692

28,192

27,750

1994

136,815

127,508

11,472

14,599

1993

6,147,962

5,708,253

267,595

65,212

1992

44,196,946

34,773,224

3,286,908

3,832,145

1991

144

78,898,904

65,173,122

9,235,967

9,734,263

213

129,662,498

98,963,962

16,062,685

19,257,578

318

134,519,630

113,168,009

47,085,027

48,649,007

1990
1989

Loss to
Fund3

Beginning in 1989 through July 1, 1995, all thrift closings were the responsibility of the Resolution Trust Corporation (RTC). Since the RTC was terminated on
December 31, 1995, and all assets and liabilities transferred to the FSLIC Resolution Fund (FRF), all the results of the thrift closing activity from 1989 through 1995
are now reflected on the FRF’s books. Year is the year of failure, not the year of resolution.

The Final Receivership Loss represents the loss at the fund level from receiverships for unreimbursed subrogated claims of the FRF-RTC and unpaid advances to
receiverships from the FRF-RTC.

The Loss to Fund represents the total resolution cost of the failed thrifts in the FRF-RTC fund. In addition to the receivership losses, this includes corporate revenue
and expense items such as interest expense on Federal Financing Bank debt, interest expense on escrowed funds, administrative expenses, and interest revenue on
advances to receiverships.

Total for 1989 excludes nine failures of the former FSLIC.

APPENDICES

147

ANNUAL REPORT
B. MORE ABOUT THE FDIC
FDIC Board of Directors
Jelena McWilliams

Martin J. Gruenberg

Jelena
McWilliams
is the 21st
Chairman of
the FDIC. She
was nominated
by President
Donald J.
Trump on
November
30, 2017, and
confirmed by
the Senate
on May 24,
2018, to serve a six-year term on the FDIC Board of
Directors, and designated as Chairman for a term of
five years.

Martin J. Gruenberg
is the 20th Chairman
of the FDIC, receiving
Senate confirmation on
November 15, 2012, for
a five-year term. Mr.
Gruenberg served as
Vice Chairman and
Member of the FDIC
Board of Directors
from August 22, 2005,
until his confirmation
as Chairman. He served as Acting Chairman from
July 9, 2011, to November 15, 2012, and also from
November 16, 2005, to June 26, 2006.

Ms. McWilliams was Executive Vice President, Chief
Legal Officer, and Corporate Secretary for Fifth
Third Bank in Cincinnati, Ohio. Prior to joining
Fifth Third Bank, Ms. McWilliams worked in the
United States Senate for six years, most recently as
Chief Counsel and Deputy Staff Director with the
Senate Committee on Banking, Housing and Urban
Affairs, and previously as Assistant Chief Counsel
with the Senate Small Business and Entrepreneurship
Committee. From 2007 to 2010, Ms. McWilliams
served as an attorney at the Federal Reserve Board
of Governors. Before entering public service, she
practiced corporate and securities law at Morrison
& Foerster LLP in Palo Alto, California, and Hogan
& Hartson LLP (now Hogan Lovells LLP) in
Washington, D.C.

Mr. Gruenberg joined the FDIC Board after broad
congressional experience in the financial services and
regulatory areas. He served as Senior Counsel to
Senator Paul S. Sarbanes (D-MD) on the staff of the
Senate Committee on Banking, Housing, and Urban
Affairs from 1993 to 2005. Mr. Gruenberg advised
the Senator on issues of domestic and international
financial regulation, monetary policy, and trade.
He also served as Staff Director of the Banking
Committee’s Subcommittee on International Finance
and Monetary Policy from 1987 to 1992. Major
legislation in which Mr. Gruenberg played an active
role during his service on the Committee includes
the Financial Institutions Reform, Recovery, and
Enforcement Act of 1989 (FIRREA); the Federal
Deposit Insurance Corporation Improvement Act of
1991 (FDICIA); the Gramm-Leach-Bliley Act; and
the Sarbanes-Oxley Act of 2002.

Ms. McWilliams graduated with highest honors from
the University of California at Berkeley with a B.S. in
political science, and earned her law degree from U.C.
Berkeley School of Law.

Mr. Gruenberg served as Chairman of the Executive
Council and President of the International Association
of Deposit Insurers (IADI) from November 2007 to
November 2012.

148

APPENDICES

2018
Mr. Gruenberg holds a J.D. from Case Western
Reserve Law School and an A.B. from Princeton
University, Woodrow Wilson School of Public and
International Affairs.

Kathleen L. Kraninger
Kathy Kraninger
became Director of the
Consumer Financial
Protection Bureau
(CFPB) in December,
2018. From her
early days as a Peace
Corps volunteer, to
her role establishing
the Department of
Homeland Security
(DHS), to her policy
work at the Office of Management and Budget
(OMB) to the CFPB, Director Kraninger has
dedicated her career to public service.
Director Kraninger came to the CFPB from OMB,
where as a Policy Associate Director she oversaw
the budgets for executive branch agencies including
the Departments of Commerce, Justice, DHS,
Housing and Urban Development, Department
of Transportation (DOT), and the Department
of Treasury, in addition to 30 other government
agencies.
Previously she worked in the U.S. Senate, where
she was the Clerk for the Senate Appropriations
Subcommittee on Homeland Security, which
provides DHS with its $40 billion discretionary
budget. On Capitol Hill, she also worked for the
House Appropriations Subcommittee on Homeland
Security as well as the Senate Homeland Security and
Governmental Affairs Committee.
Ms. Kraninger also served in executive branch
posts with DOT. There, after the terrorist attacks
on September 11, 2001, she volunteered to join the
leadership team that set up the newly created DHS.

Her work at DHS led to awards including the
Secretary of Homeland Security’s Award of
Exceptional Service, the International Police and
Public Safety 9/11 Medal, and the Meritorious Public
Service Award from the United States Coast Guard.
Ms. Kraninger graduated magna cum laude from
Marquette University and earned a law degree from
Georgetown University Law Center. She served as a
U.S. Peace Corps Volunteer in Ukraine.

Joseph M. Otting
Joseph M. Otting was sworn
in as the 31st Comptroller of
the Currency on November
27, 2017.
The Comptroller of the
Currency is the administrator
of the federal banking system
and chief officer of the
Office of the Comptroller
of the Currency (OCC).
The OCC supervises nearly
1,400 national banks, federal savings associations,
and federal branches and agencies of foreign banks
operating in the United States. The mission of the
OCC is to ensure that national banks and federal
savings associations operate in a safe and sound
manner, provide fair access to financial services, treat
customers fairly, and comply with applicable laws and
regulations.
The Comptroller also serves as a director of the
Federal Deposit Insurance Corporation and member
of the Financial Stability Oversight Council and the
Federal Financial Institutions Examination Council.
Prior to becoming Comptroller of the Currency, Mr.
Otting was an executive in the banking industry. He
served as President of CIT Bank and Co-President of
CIT Group.
Mr. Otting previously was President, Chief Executive
Officer, and a member of the Board of Directors
of OneWest Bank, N.A. Prior to joining OneWest
APPENDICES

149

ANNUAL REPORT
Bank, he served as Vice Chairman of U.S. Bancorp,
where he managed the Commercial Banking Group
and served on the Bancorp’s executive management
committee. He also served as a member of U.S.
Bank’s main subsidiary banks’ Board of Directors.

Mick Mulvaney
Mick Mulvaney, former
Acting Director of the
Consumer Financial
Protection Bureau,
resigned from the FDIC
Board of Directors as
of December 11, 2018.
Mr. Mulvaney had been
a Board member since
November 25, 2017.

From 1986 to 2001, Mr. Otting was with Union Bank
of California, where he was Executive Vice President
and Group Head of Commercial Banking. Before
joining Union Bank, he was with Bank of America
and held positions in branch management, preferred
banking, and commercial lending.
Mr. Otting has played significant roles in charitable
and community development organizations. He has
served as a board member for the California Chamber
of Commerce, the Killebrew-Thompson Memorial
foundation, the Associated Oregon Industries, the
Oregon Business Council, the Portland Business
Alliance, the Minnesota Chamber of Commerce,
and Blue Cross Blue Shield of Oregon. He was also a
member of the Financial Services Roundtable, the Los
Angeles Chamber of Commerce, and the Board and
Executive Committee of the Los Angeles Economic
Development Corporation.
Mr. Otting holds a bachelor of arts in management
from the University of Northern Iowa and is a
graduate of the School of Credit and Financial
Management, which was held at Dartmouth College
in Hanover, New Hampshire.

150

APPENDICES

Thomas M. Hoenig
Thomas M. Hoenig,
former Vice Chairman,
resigned on April 30,
2018. Mr. Hoenig
served a six-year term as
FDIC Vice Chairman
and member of the
Board of Directors.

Director

Saul Schwartz

Zachary Brown

CISO

OFFICE OF MINORITY AND
WOMEN INCLUSION *

Suzannah L. Susser

APPENDICES

Director

Ricardo (Rick) Delfin
Andy Jiminez
Director

OFFICE OF COMPLEX
FINANCIAL INSTITUTIONS

Director

Diane Ellis

DIVISION OF INSURANCE
AND RESEARCH

Director

Bret D. Edwards

DIVISION OF RESOLUTIONS
AND RECEIVERSHIPS

Arthur Murton

DEPUTY TO THE CHAIRMAN
FOR POLICY

Travis Hill

SENIOR ADVISOR

Brandon Milhorn

CHIEF OF STAFF

OFFICE OF
LEGISLATIVE AFFAIRS

Director

M. Anthony Lowe

OFFICE OF
THE OMBUDSMAN

David Barr

Assitant Director

OFFICE OF
COMMUNICATIONS

Chad Davis

DEPUTY TO THE CHAIRMAN
FOR EXTERNAL AFFAIRS

Administrative Law Judge

C. Richard Miserendino

OFFICE OF FINANCIAL
INSTITUTION ADJUDICATION **

Chief Learning Officer

CORPORATE
UNIVERSITY

Arleas Upton Kea

Jay N. Lerner

Inspector General

Chairman

Jelena McWilliams
FDIC

BOARD OF DIRECTORS

OFFICE OF INSPECTOR GENERAL

DEPUTY TO THE CHAIRMAN
AND CHIEF OPERATING OFFICER
AND
DIVISION OF ADMINISTRATION

Board Member

Martin J. Gruenberg
FDIC

OFFICE OF
CHIEF INFORMATION
SECURITY OFFICER

Director

Craig R. Jarvill

Russell G. Pittman

Director

DIVISION OF
FINANCE

Steven O. App

Howard Whyte

DIVISION OF
INFORMATION TECHNOLOGY

DEPUTY TO THE
CHAIRMAN AND
CHIEF FINANCIAL OFFICER

CHIEF INFORMATION
OFFICER AND
CHIEF PRIVACY OFFICER

Vice Chairman

Vacant
FDIC

Director

Mark E. Pearce

Doreen R. Eberley
Director

DIVISION OF
DEPOSITOR AND
CONSUMER PROTECTION

DIVISION OF
RISK MANAGEMENT
SUPERVISION

Board Member

Kathleen L. Kraninger
CFPB

* OMWI Director reports directly to the Chairman
** ALJs are supported administratively within the Legal Division

Charles Yi

General Counsel

LEGAL DIVISION

Charles Yi

GENERAL COUNSEL

Board Member

Joseph Otting
OCC

FDIC ORGANIZATION CHART/OFFICIALS

2018

151

ANNUAL REPORT
CORPORATE STAFFING
STAFFING TRENDS 2009-2018
9,000

6,000

3,000

2009

2010

2011

2012

2013

2014

2015

2016

2017

2018

6,557

8,150

7,973

7,476

7,254

6,631

6,385

6,096

5,880

5,693

FDIC Year–End On-Board Staffing
Notes: 2009-2018 staffing totals reflect year-end full time equivalent staff.

152

APPENDICES

2018
NUMBER OF EMPLOYEES BY DIVISION/OFFICE 2017 AND 2018 (YEAR-END)1
Total
Division or Office:

Washington

Regional/

2018

2017

2018

2017

2018

2017

2,499

2,558

207

197

2,293

2,361

816

831

122

120

694

711

387

457

119

134

268

323

474

506

314

326

160

180

353

358

246

108

112

280

276

216

219

204

217

197

211

204

194

168

157

164

166

160

162

126

Executive Offices3

Executive Support Offices4

5,693

5,880

1,994

2,019

3,699

3,861

Division of Risk Management Supervision
Division of Depositor and Consumer Protection
Division of Resolutions and Receiverships
Legal Division
Division of Administration
Division of Information Technology
Corporate University
Division of Insurance and Research
Division of Finance
Office of the Chief Information Security Officer2
Office of Inspector General
Office of Complex Financial Institutions

TOTAL
1

The FDIC reports staffing totals using a full-time equivalent methodology, which is based on an employee’s scheduled work hours. Division/Office staffing has been
rounded to the nearest whole FTE. Totals may not foot due to rounding.

Formerly known as the Information Security and Privacy Staff.

Includes the Offices of the Chairman, Vice Chairman, Director (Appointive), Chief Operating Officer, Chief Financial Officer, Chief Policy Officer, External Affairs,
and Chief lnformation Officer.

Includes the Offices of Legislative Affairs, Communications, Ombudsman, Financial Adjudication, and Minority and Women Inclusion.

APPENDICES

153

ANNUAL REPORT
SOURCES OF INFORMATION
FDIC Website

www.fdic.gov
A wide range of banking, consumer, and financial
information is available on the FDIC’s website. This
includes the FDIC’s Electronic Deposit Insurance
Estimator (EDIE), which estimates an individual’s
deposit insurance coverage; the Institution Directory,
which contains financial profiles of FDIC-insured
institutions; Community Reinvestment Act
evaluations and ratings for institutions supervised by
the FDIC; Call Reports, which are bank reports of
condition and income; and Money Smart, a training
program to help individuals outside the financial
mainstream enhance their money management skills
and create positive banking relationships. Readers
also can access a variety of consumer pamphlets,
FDIC press releases, speeches, and other updates on
the agency’s activities, as well as corporate databases
and customized reports of FDIC and banking
industry information.

FDIC Call Center
Phone:

877-275-3342 (877-ASK-FDIC)
703-562-2222
Hearing Impaired:
800-925-4618
703-562-2289
The FDIC Call Center in Washington, DC, is
the primary telephone point of contact for general
questions from the banking community, the public,
and FDIC employees. The Call Center directly, or
with other FDIC subject-matter experts, responds to
questions about deposit insurance and other consumer
issues and concerns, as well as questions about FDIC
programs and activities. The Call Center also refers
callers to other federal and state agencies as needed.
Hours of operation are 8:00 a.m. to 8:00 p.m.,
Eastern Time, Monday – Friday, and 9:00 a.m. to
5:00 p.m., Saturday – Sunday. Recorded information
about deposit insurance and other topics is available
24 hours a day at the same telephone number.
As a customer service, the FDIC Call Center has
many bilingual Spanish agents on staff and has access
to a translation service, which is able to assist with
over 40 different languages.

154

APPENDICES

Public Information Center
3501 Fairfax Drive
Room E-1021
Arlington, VA 22226
Phone:

877-275-3342 (877-ASK-FDIC),
703-562-2200
Fax:
703-562-2296
FDIC Online Catalog: https://catalog.fdic.gov
E-mail: publicinfo@fdic.gov
Publications such as FDIC Quarterly and Consumer
News and a variety of deposit insurance and
consumer pamphlets are available at www.fdic.gov
or may be ordered in hard copy through the FDIC
online catalog. Other information, press releases,
speeches and congressional testimony, directives to
financial institutions, policy manuals, and FDIC
documents are available on request through the Public
Information Center. Hours of operation are 9:00 a.m.
to 4:00 p.m., Eastern Time, Monday – Friday.

Office of the Ombudsman
3501 Fairfax Drive
Room E-2022
Arlington, VA 22226
Phone: 877-275-3342 (877-ASK-FDIC)
Fax:
703-562-6057
E-mail: ombudsman@fdic.gov
The Office of the Ombudsman (OO) is an
independent, neutral, and confidential resource and
liaison for the banking industry and the general
public. The OO responds to inquiries about the
FDIC in a fair, impartial, and timely manner. It
researches questions and fields complaints from
bankers and bank customers. OO representatives
are present at all bank closings to provide accurate
information to bank customers, the media, bank
employees, and the general public. The OO also
recommends ways to improve FDIC operations,
regulations, and customer service.

2018
REGIONAL AND AREA OFFICES
Atlanta Regional Office

Chicago Regional Office

Michael J. Dean, Regional Director
10 Tenth Street, NE
Suite 800
Atlanta, Georgia 30309
(678) 916-2200

John P. Conneely, Regional Director
300 South Riverside Plaza
Suite 1700
Chicago, Illinois 60606
(312) 382-6000

Alabama
Florida
Georgia
North Carolina
South Carolina
Virginia
West Virginia

Illinois
Indiana
Kentucky
Michigan
Ohio
Wisconsin

Dallas Regional Office

Memphis Area Office

Kristie K. Elmquist, Regional Director
1601 Bryan Street
Dallas, Texas 75201
(214) 754-0098

Kristie K. Elmquist, Director
6060 Primacy Parkway
Suite 300
Memphis, Tennessee 38119
(901) 685-1603

Colorado
New Mexico
Oklahoma
Texas

Arkansas
Louisiana
Mississippi
Tennessee

Kansas City Regional Office

New York Regional Office

James D. LaPierre, Regional Director
1100 Walnut Street
Suite 2100
Kansas City, Missouri 64106
(816) 234-8000

John F. Vogel, Regional Director
350 Fifth Avenue
Suite 1200
New York, New York 10118
(917) 320-2500

Iowa
Kansas
Minnesota
Missouri
Nebraska
North Dakota
South Dakota

Delaware
District of Columbia
Maryland
New Jersey
New York
Pennsylvania
Puerto Rico
Virgin Islands
APPENDICES

155

ANNUAL REPORT

Boston Area Office

San Francisco Regional Office

John F. Vogel, Director
15 Braintree Hill Office Park
Suite 100
Braintree, Massachusetts 02184
(781) 794-5500

Kathy L. Moe, Regional Director
25 Jessie Street at Ecker Square
Suite 2300
San Francisco, California 94105
(415) 546-0160

Connecticut
Maine
Massachusetts
New Hampshire
Rhode Island
Vermont

Alaska
American Samoa
Arizona
California
Federated States of Micronesia
Guam
Hawaii
Idaho
Montana
Nevada
Oregon
Utah
Washington
Wyoming

156

APPENDICES

2018
C. OFFICE OF INSPECTOR GENERAL’S ASSESSMENT OF THE MANAGEMENT
AND PERFORMANCE CHALLENGES FACING THE FDIC

Top Management and Performance Challenges
Facing the Federal Deposit Insurance Corporation

February 2019


Federal Deposit Insurance Corporation
Office of Inspector General

APPENDICES

157

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT
INTRODUCTION
Each year, Federal Inspectors General are required to identify and report on the top challenges
facing their respective agencies, pursuant to the Reports Consolidation Act of 2000. The Office
of Inspector General (OIG) is therefore issuing this report, which identifies the Top Management
and Performance Challenges (TMPC) facing the Federal Deposit Insurance Corporation (FDIC).
This TMPC report is based upon the OIG’s experience and observations from our oversight
work, reports by other oversight bodies, review of academic and other relevant literature,
perspectives from Government agencies and officials, and information from private-sector
entities. We considered this body of information in light of the current operating environment
and circumstances and our independent judgment.
The FDIC faces Challenges in several critical areas, a number of which remain from previous
years:










Enhancing Oversight of Banks’ Cybersecurity Risk;
Adapting to Financial Technology Innovation;
Strengthening FDIC Information Security Management;
Preparing for Crises;
Maturing Enterprise Risk Management;
Sharing Threat Information with Banks and Examiners;
Managing Human Capital;
Administering the Acquisitions Process; and
Improving Measurement of Regulatory Costs and Benefits.

We believe that the FDIC should focus its attention on these Challenges, and we hope that this
document informs policymakers, including the FDIC and Congressional oversight bodies, and
the American public about the programs and operations at the FDIC and the Challenges it
faces.

158

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
1 | ENHANCING OVERSIGHT OF BANKS’ CYBERSECURITY RISK
Cybersecurity continues to be a critical risk facing the financial sector. Cyber risks can affect
the safety and soundness of institutions and lead to the failure of banks, thus causing losses
to the FDIC’s Deposit Insurance Fund. For example, a cybersecurity incident could disrupt
services at a bank, resulting in the exploitation of personal information in fraudulent or other
illicit schemes, and an incident could start a contagion that spreads through established
interconnected banking relationships. Despite increased spending on cybersecurity, banks
are encountering difficulties in getting ahead of the increased frequency and sophistication
of cyberattacks. The FDIC’s information technology (IT) examinations should ensure strong
management practices within financial institutions and at their service providers.
According to the Group of 7 industrialized countries, “cybersecurity risks to the global financial
system are of critical concern,” and attacks in cyberspace are “increasing in sophistication,
frequency, and persistence, cyber risks are growing more dangerous and diverse, threatening to
disrupt our interconnected global financial systems and the institutions that operate and support
those systems.”1 The Office of the Comptroller of the Currency (OCC) echoed this sentiment in
its Semiannual Risk Perspective (Fall 2018), finding that cybersecurity threats “target
operational vulnerabilities that could expose large quantities of personally identifiable
information and proprietary intellectual property, facilitate misappropriation of funds and data at
the retail and wholesale levels, corrupt information, and disrupt business activities.”2 The
Financial Stability Oversight Council (FSOC) similarly recognized in its 2018 Annual Report that
as financial institutions increase their reliance on technology, there is an increased risk that a
cybersecurity event could have “severe negative consequences, potentially entailing systemic
implications for the financial sector and the U.S. economy.”3
In February 2018, the White House Council of Economic Advisors estimated that the United
States economy loses between $57 and $109 billion per year to malicious cyber activity.
Cyberattacks—such as distributed denial of service and ransomware—may be global in nature
and have disrupted financial services in several countries around the world.4 Verizon
Communications conducted its annual review of global data breaches across multiple sectors,
including the financial sector, and reported that there were more than 53,000 security incidents
and 2,200 data breaches across 65 countries between April 2017 and April 2018.5 This review
also found that these cyberattacks happen very quickly, and often surreptitiously; nearly
1

Group of 7, Fundamental Elements of Cybersecurity for the Financial Sector, (October 2016). The Group of 7—
Canada, France, Germany, Italy, Japan, The United Kingdom, and the United States— meet annually to discuss
issues of global economic governance.
2
OCC Semiannual Risk Perspective, (Fall 2018), 16.
3
The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 established the FSOC, which has
responsibility for identifying risks and responding to emerging threats to financial stability. The FSOC brings together
the expertise of Federal financial regulators (including the FDIC), an independent insurance expert, and state
regulators.
4
World Bank Group, Financial Sector’s Cybersecurity: Regulations and Supervision (2018), 1.
5
Verizon Communications Inc., 2018 Verizon Communications Data Breach Investigations Report, 11th Edition
(April 2018).

APPENDI3
CES

159

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
90 percent of the reported breaches occurred within seconds, and about 70 percent went
undiscovered for months.
The American Bankers Association also noted that “as businesses ramp up their cybersecurity
efforts, threat vectors such as ransomware have become more frequent and potent, affecting
companies in nearly every sector and posing significant risk to financial institutions.”6 One study
by the U.S. Chamber of Commerce and FICO (Fair Isaac Corporation) evaluated the cyber risk
at 2,574 U.S. firms across ten sectors, including the financial sector. This study provided
cybersecurity ranking scores from 300 (high risk) to 850 (low risk) for each sector as well as a
national average. The cyber risks faced by the finance and banking sector exceeded eight
other sectors and the national average, as shown in Figure 1.
Figure 1: Cyber Risk Scores Across Ten Sectors

Source: U.S. Chamber of Commerce and FICO, Assessment of Business Cybersecurity (Q4 2018).

IT Examination Programs and Resources
The FDIC Rules and Regulations, Part 364, Appendix B contains Interagency Guidelines
Establishing Information Security Standards for bank regulators that state that an insured
financial institution must “implement a comprehensive written information security program that
includes administrative, technical, and physical safeguards appropriate to the size and
complexity of the institution and the nature and scope of its activities.”7 The FDIC and other
regulators conduct IT examinations using the Uniform Rating System for Information
6

American Bankers Association Journal, Top Bank Risks in 2018 (December 11, 2017).
12 C.F.R. Part 364, Appendix B. The FDIC, OCC, and Board of Governors of the Federal Reserve issued the
Interagency Guidelines Establishing Information Security Standards.

160

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Technology created by the Federal Financial Institutions Examination Council (FFIEC).8 The
primary purpose of the rating system is to assess risks introduced by information technology at
institutions and service providers, and to identify those institutions requiring supervisory
attention.9 When examinations identify risks and weak management practices at institutions,
regulators may use enforcement procedures to address such risks.10
The FDIC uses the Information Technology Risk Examinations (InTREx) work program to
conduct IT examinations at financial institutions. The FDIC introduced InTREx in 2016 to
enhance IT supervision by providing examiners with more efficient and risk-focused examination
procedures.11 From January 2016 through October 2018, FDIC examiners conducted more
than 3,000 InTREx examinations by reviewing bank documentation, interviewing key personnel,
testing controls, and observing. According to the Division of Risk Management Supervision
(RMS) officials, FDIC personnel and other regulators are considering InTREx enhancements to
increase the effectiveness of the work program. One example would be using data to review
and understand cybersecurity risks across all institutions.
InTREx examinations required more hours than the prior examination methodology and
impacted the FDIC’s ongoing challenge to ensure that it has an appropriate number of IT
examiners. For example, the New York Regional Office stated that the InTREx examination
process increased an average of 67 percent over the prior IT examinations, thus adding an
extra 80 hours to the examination. In its operating budget for 2019, the FDIC added
23 positions to its IT examination workforce in recognition of growing cybersecurity risks,
including those posed by TSPs.
Another challenge is keeping examiner skills current and up-to-date. The FDIC aims to match
examiner skills with the complexity and sophistication of IT environments at banks. Changes in
technology can affect the risk profile of an individual bank. For example, in the planning phase
of an IT examination, the FDIC may find that the risk profile of a bank has increased and is
greater than previous FDIC projections. Therefore, the FDIC may be required to shift
examination staffing resources on short notice. We have work underway to review IT
examination staffing and the effectiveness of IT examinations.
Third-Party Service Providers
In addition, banks frequently hire third-party Technology Service Providers (TSP) to perform
operational functions on behalf of the bank—such as IT operations and business product lines.
8

The FFIEC was established on March 10, 1979, pursuant to title X of the Financial Institutions Regulatory and
Interest Rate Control Act of 1978, Public Law 95-630. The Council is an interagency body empowered to prescribe
uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of
Governors of the Federal Reserve System, the FDIC, the National Credit Union Administration, the OCC, and the
Bureau of Consumer Financial Protection and to make recommendations to promote uniformity in the supervision of
financial institutions.
9
FFIEC, Uniform Rating System for Information Technology, 64 Fed. Reg. 3109 (January 20, 1999).
10
FDIC, Risk Management Manual of Examination Policies, Part I 1.1 Basic Examination Concepts and Guidelines
and Part IV Administrative Enforcement Actions.
11
Financial Institution Letter-43-2016, Information Technology Risk Examination (InTREx) Program (June 30, 2016).

APPENDICES

161

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
TSPs may further sub-contract services to other vendors. According to the OCC, banks are
increasingly reliant upon TSPs and sub-contractors, and such dependence creates a high level
of risk for the banking industry.12 The OCC indicates that TSPs are increasingly targets for
cybercrimes and espionage and may provide avenues for bad actors to exploit a bank’s
systems and operations. For example, on December 20, 2018, two Chinese nationals were
charged with computer intrusion offenses related to more than 45 service providers whose
clients included the banking and finance industry and the U.S. Government. The
hackers targeted service providers in order to gain unauthorized access to the computer
networks of their clients and steal intellectual property and confidential business information. 13
A financial institution must manage the interconnections, system interfaces, and systems
access of TSPs and sub-contractors and must implement appropriate controls.14 Significant
consolidation among TSPs caused large numbers of banks—especially community banks
supervised by the FDIC—to rely on a few large service providers for core systems and
operations support.15 As a result, a cybersecurity incident at one TSP has the potential to affect
multiple financial institutions.16
FDIC examiners assess financial institutions’ management of TSP risk through InTREx IT
examinations.17 The Interagency Guidelines Establishing Information Security Standards
require that financial institutions:





Exercise appropriate due diligence in selecting TSPs;
Require TSPs to implement appropriate measures to meet the Interagency
Guidelines objectives related to protecting against unauthorized access to, or use of,
sensitive customer information; and
Monitor contract compliance by the TSPs, including service provider audits, test
results summaries, or other evaluations.18

A financial institution’s Board of Directors and senior managers are responsible for the oversight
of activities conducted by a TSP on their behalf to the same extent as if the activity were
handled within the institution.19

The FFIEC described the term TSP to include “independent third parties, joint venture/limited liability corporations,
and bank and credit union service corporations that provide processing services to financial institutions.” Supervision
of Technology Service Providers, FFIEC IT Examination Handbook InfoBase.
13
Department of Justice Press Release, Two Chinese Hackers Associated With the Ministry of State Security
Charged with Global Computer Intrusion Campaigns Targeting Intellectual Property and Confidential Business
Information (December 20, 2018).
14
OCC Semiannual Risk Perspective (Spring 2018), 18.
15
OCC Semiannual Risk Perspective (Spring 2018), 18.
16
OCC Semiannual Risk Perspective (Spring 2018), 18.
17
TSPs are also subject to interagency examination by Federal regulators, including the FDIC. See Federal
Regulatory Agencies’ Administrative Guidelines, Implementation of Interagency Programs for the Supervision of
Technology Service Providers (October 2012).
18
These Interagency Guidelines can be found in the FDIC Rules and Regulations, Part 364, Appendix B.
19
Financial Institution Letter 44-2008, Guidance for Managing Third-Party Risk (June 6, 2008).

162

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
In our prior OIG report entitled Technology Service Provider Contracts with FDIC-Supervised
Institutions (2017), we did not see evidence, in the form of risk assessments or contract due
diligence, that sampled financial institutions fully considered and assessed the potential impact
and risk of TSPs. We made two recommendations to the FDIC. Although both remain
unimplemented at the time of completion of this Top Challenges report, the FDIC has been
working to address the recommendations.20 We plan to conduct additional work in this area to
assess whether FDIC programs ensure that institutions are properly managing risks associated
with third-party relationships.
The FDIC plays an important role in addressing financial institutions’ cybersecurity risk which, if
left unchecked, could threaten the safety and soundness of institutions as well as the stability of
the financial system. The FDIC must ensure that IT examinations assess how financial
institutions manage cybersecurity risks, including risks associated with TSPs, and address such
risks through effective supervisory strategies.

2 | ADAPTING TO FINANCIAL TECHNOLOGY INNOVATION
FDIC policymakers and examiners must keep pace with the adoption of new financial
technology to assess its impact on the safety and soundness of institutions and the stability
of the banking system. The pace of change and breadth of innovation requires that the
FDIC create agile and nimble regulatory processes, so that it can respond to, and adjust
policies, examination processes, supervisory strategies, preparedness and readiness, and
resolution approaches, as needed.
The Group of Twenty’s Financial Stability Board (FSB) defined financial technology as
“innovation that could result in new business models, applications, processes, or products with
an associated material effect on financial markets and institutions and the provision of financial
services.”21 Financial technology innovation includes, for example, mobile wallets, digital
currencies, and digital financial advice.22 The rapid pace of financial technology is being driven

The FDIC's OIG's Report on Unimplemented Recommendations contains information about recommendations from
our audits and evaluations that the OIG has not closed because our Office has not determined that the FDIC has fully
implemented recommended corrective actions. The status of each recommendation is subject to change due to the
FDIC’s ongoing efforts to implement them, and the OIG’s independent review of information about those efforts. The
Unimplemented Recommendations listing is updated monthly.
21
Financial Stability Implications from FinTech, Supervisory and Regulatory Issues That Merit Authorities’ Attention,
(June 27, 2017), 7. The FSB was chartered by the Group of Twenty (G20) on September 25, 2009. The G20
Members include Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan,
Republic of Korea, Mexico, Russia, Saudi Arabia, South Africa, Turkey, the United Kingdom, the United States, and
the European Union (plus Hong Kong, Singapore, Spain and Switzerland). The FSB charter aims to promote global
financial stability by coordinating the development of regulatory, supervisory, and other financial sector policies and
conducts outreach to non-member countries. The G20 members represent about two-thirds of the world’s population,
85 percent of global gross domestic product, and over 75 percent of global trade.
22
Basel Committee on Banking, Sound Practices – Implications of Fintech Developments for Banks and Bank
Supervisors (February 2018).

A P P E N D I7C E S

163

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
by capital investment, demand for speed and convenience, and digitization.23 According to the
Department of the Treasury (Treasury Department), from 2010 to 2017, more than 3,330 new
technology companies were formed to serve the financial industry.24 The Treasury Department
also estimated that one-third of online U.S. consumers use at least two financial technology
services—including financial planning, savings and investment, online borrowing, or some form
of money transfer and payment.25 Further, KPMG estimated that global investment in financial
technology was $57.9 billion in just the first 6 months of 2018.26
Regulators Need Nimble Approach to Financial Innovation
The Treasury Department encouraged “an agile approach to regulation that can evolve with
innovation” and stated that regulators, including the FDIC, must be nimble to adapt regulatory
approaches to banks’ adoption and use of emerging technology, without creating barriers to
innovation.27 According to the Basel Committee on Banking Supervision, financial technology
innovation poses three main risks to the banking sector and consumers.28
Cybersecurity Risk – Financial technology companies are interconnected with IT
systems at banks, yet these technology companies may not be subjected to regulatory
requirements for safety and soundness and may not be examined by financial
regulators. Certain banks reported that between 20 and 40 percent of online banking
logins are attributable to financial technology companies, and many banks represented
that they cannot distinguish among computer logins, as to whether they originate from
consumers, data aggregators, or even malicious actors.29 IT system interconnections
may provide a pathway for a cybersecurity incident at a financial technology company to
infect the banking system.
Operational Risk – When institutions have multiple technology services and
relationships, they face ambiguity and uncertainty as to the applicability of certain
privacy rules, the Bank Secrecy Act (BSA) provisions and regulations, and Anti-Money
Laundering (AML) standards. Banks may be unsure as to whether they or the service
provider implement rules, regulations, and requirements. Moreover, financial institutions
face challenges to have sufficient skilled staff and capabilities to monitor these risks and
23
Department of the Treasury, A Financial System That Creates Economic Opportunities: Nonbank Financials,
Fintech, and Innovation July 2018); Basel Committee on Banking, Sound Practices – Implications of Fintech
Developments for Bank and Bank Supervisors (February 2018).
24
A Financial System That Creates Economic Opportunities: Nonbank Financials, Fintech, and Innovation (July
2018).
25
A Financial System That Creates Economic Opportunities: Nonbank Financials, Fintech, and Innovation (July
2018).
26
KPMG, The Pulse of Fintech 2018: Biannual Global Analysis of Investment in Fintech (July 2018). KPMG is a
professional services company.
27
A Financial System That Creates Economic Opportunities: Nonbank Financials, Fintech, and Innovation, 9 and 13;
and Sound Practices – Implications of Fintech Developments for Banks and Bank Supervisors (February 2018), 24.
28
Basel Committee on Banking, Sound Practices – Implications of Fintech Developments for Banks and Bank
Supervisors (February 2018).
29
Lael Brainard, Member, Board of Governors of the Federal Reserve System, Where Do Banks Fit in the Fintech
Stack? Remarks delivered at the Northwestern Kellogg Public-Private Interface Conference on “New Developments
in Consumer Finance: Research & Practice” (April 29, 2017).

164

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
operations of financial technology companies. In addition, banks may find it difficult to
authenticate customers under the BSA/AML requirements (“know your customer”), due
to increased automation and distribution of services and products. Such opacity may
lead to inadequate and deficient compliance with legal standards and requirements.
Strategic Risk – Traditional banks risk losing substantial market share and profits due
to financial innovation. For example, large-scale use of distributed ledger technology30
to process payments, such as the use of blockchain and Bitcoin, has the potential to
disrupt the banking sector’s payment system.
The FDIC should ensure that banks have proper governance and risk management practices
around these technologies. The FDIC may need to increase training and adjust staffing to
ensure examiners have the skills to effectively supervise the risks involved with new technology.
Further, the FDIC may need to modify examination policies and procedures that pre-date
financial innovation to improve supervision of financial innovation risk. The FDIC also must
monitor for potential disruption to the banking sector from technological change and anticipate
losses to the Deposit Insurance Fund.
The FDIC Chairman noted in October 2018 that “[w]hat is different today is the speed and
tremendous impact of technological innovation in and on banking, and the potential for
technology to disrupt not just an institution or two, but banking as we know it.” As such, the
FDIC Chairman announced that the agency was planning to set up an Office of Innovation,
which would review how the FDIC can promote technological development at community banks,
while still providing a safe regulatory environment.31 We will continue to monitor the
developments and activities of this new Office at the FDIC.
Financial technology innovation continues to grow and impact the banking system. Institutions
must have robust and effective governance and management practices to mitigate risks
associated with adoption of financial technology. The FDIC should evaluate the impact of these
innovations on banks, assess emerging risks, and expeditiously adjust its processes and
supervisory strategies.

30
According to the National Institute of Standards and Technology (NIST), distributed ledgers, such as blockchains,
are tamper-resistant digital records of transactions that once established cannot be changed. Blockchain Technology
Overview, NIST Internal Report 8202.
31
FDIC Chairman McWilliams noted her plans for an Office of Innovation in remarks at the Federal Reserve Bank of
Philadelphia, “Fintech and the New Financial Landscape” (November 13, 2018).

A P P E N D I9C E S

165

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
3 | STRENGTHENING FDIC INFORMATION SECURITY MANAGEMENT
The FDIC maintains thousands of terabytes of sensitive data within its IT systems and has
more than 180 IT systems that collect, store, or process Personally Identifiable Information
(PII) of FDIC employees; bank officials at FDIC-supervised institutions; and bank customers,
depositors, and bank officials associated with failed banks. FDIC systems also hold
sensitive supervisory data about the financial health of banks, bank resolution strategies,
and resolution activities. The FDIC must continue to strengthen its implementation of
governance and security controls around its IT systems to ensure that information is
safeguarded properly.
The U.S. Computer Emergency Readiness Team (US-CERT) reported 35,277 information
security incidents for Federal Executive Branch civilian agencies in 2017. In May 2018, the
Office of Management and Budget (OMB) and the Department of Homeland Security (DHS)
conducted a review of Federal cybersecurity capabilities at 96 civilian agencies across
76 metrics to determine each agency’s ability to identify, detect, respond, and recover from
cyber incidents. The review found that 74 percent (71 agencies) had cybersecurity programs
that were either “At Risk” or “High Risk.32
As a bank regulator, the FDIC collects and maintains a significant volume of sensitive PII, such
as names, home addresses, Social Security Numbers, dates and places of birth, bank account
numbers, and credit card information.33 The FDIC also maintains business proprietary
information that is sensitive, including banks’ internal operations regarding counterparties,
vendors, suppliers, and contractors.
The FDIC has encountered a number of information security incidents over the last several
years. In August 2011, the FDIC began to experience a sophisticated, targeted attack on its
own network whereby an entity gained unauthorized access to the network, escalated its
privileges, and maintained an ongoing presence in the network. The attacker penetrated more
than 90 workstations or servers within the FDIC’s network over a significant period of time,
including computers used by a former Chairman and other senior FDIC officials, and gained
unauthorized access to a significant quantity of sensitive data.
During late 2015 and early 2016, the FDIC experienced eight additional incidents as departing
employees improperly took sensitive information shortly before leaving the FDIC. Seven
incidents involved PII, including Social Security Numbers, and thus constituted data breaches.
In the eighth incident, the departing employee took highly sensitive components of resolution
32

Federal Cybersecurity Risk Determination Report and Action Plan (May 2018). “At Risk” meant that some
essential policies, processes, and tools were in place to mitigate overall cybersecurity risk, but significant gaps
remained; and “High Risk” meant that fundamental cybersecurity policies, processes, and tools were either not in
place or not deployed sufficiently.
33
PII is any information about an individual maintained by an agency, including (1) any information that can be used
to distinguish or trace an individual‘s identity, such as name, Social Security Number, date and place of birth,
mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual,
such as medical, educational, financial, and employment information.

166

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
plans submitted by certain large systemically important financial institutions without
authorization; this former FDIC employee was recently convicted for theft of government
property.34 Our OIG Special Inquiry35 regarding these breaches revealed systemic weaknesses
that hindered the FDIC’s ability to respond to multiple information security incidents and
breaches efficiently and effectively. We made 13 recommendations in our OIG Special Inquiry
report; of these recommendations, 5 remained unimplemented at the time of completion of this
Top Challenges report.

IT Governance
The FDIC relies extensively on IT to accomplish its mission and must subject its IT initiatives to
appropriate governance and oversight. IT governance provides organizations with a structured
process to support IT investment decisions while promoting accountability, due diligence, and
the efficient and economic delivery of IT services.36 As illustrated in Figure 2, the FDIC’s IT
governance structure consists of two principal elements:




The Governance
Framework. Reflects the
goals and priorities of the
FDIC through multiple
components, including the IT
Strategic Plan and
Enterprise Architecture.
The Governance
Processes. Consist of
controls and procedures to
make IT capital investments
and oversee individual
projects.

Figure 2: FDIC’s IT Governance Structure

Source: OIG analysis of IT governance documentation.

In our OIG report entitled The FDIC’s Governance of Information Technology Initiatives
(July 2018), we found that the FDIC faced a number of challenges and risks related to the
governance of its IT initiatives. For example, the FDIC did not fully develop a strategy to move
IT services and applications to the cloud or obtain the acceptance of key FDIC stakeholders
before taking steps to initiate cloud migration projects. The FDIC also had not implemented an
effective Enterprise Architecture to guide the three IT initiatives we reviewed or the FDIC’s
broader transition of IT services to the cloud. An ineffective Enterprise Architecture limited the
FDIC’s ability to communicate to business stakeholders how it intended to implement its new IT
strategies. In turn, this caused stakeholders to question the decision to adopt new cloud
technologies and the impact on business processes. We made eight recommendations to
34

United States Attorney’s Office, Eastern District of New York, Department of Justice Press Release, Former Senior
Employee at FDIC Convicted of Embezzling Confidential Documents (December 11, 2018).
35
OIG Special Inquiry Report, The FDIC’s Response, Reporting, and Interactions with Congress Concerning
Information Security Incidents and Breaches (April 2018).
36
OIG Report, The FDIC’s Governance of Information Technology Initiatives (July 2018).

A P P E N D11
ICES

167

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
improve the FDIC’s governance processes, two of which remained unimplemented at the time
of completion of this Top Challenges report.
Information Security Controls
In our annual Federal Information Security Modernization Act (FISMA) audit report, The FDIC’s
Information Security Program – 2018 (October 2018), we identified security control weaknesses
that limited the effectiveness of the FDIC’s information security program and practices and
placed the confidentiality, integrity, and availability of the FDIC’s information systems and data
at risk. Although the FDIC was working to address previously identified control weaknesses, the
FDIC had not yet completed corrective actions for eight prior recommendations (as of
December 2018). We made four additional recommendations in this report. The following
briefly describes the highest risk areas and weaknesses that can be described in a public report:

168



Information Security Risk Management. The FDIC had not fully defined or
implemented an enterprise-wide and integrated approach to identifying, assessing,
and addressing the full spectrum of internal and external risks, including those
related to cybersecurity and the operation of information systems. Notably, the FDIC
had not finalized a Risk Appetite, Risk Tolerance Level, and Risk Profile. Without
these fundamental elements, the FDIC faced difficulties integrating risk into its
budget, strategic planning, performance reporting, and internal controls.



Enterprise Security Architecture. The FISMA audit report issued in 2017
recommended that the FDIC develop an enterprise security architecture and
integrate it into an enterprise architecture consistent with the Federal Government’s
enterprise architecture requirements and the FDIC’s business and mission
requirements. According to NIST, an enterprise security architecture describes the
structure and processes of an organization’s security processes, information security
systems, and responsibilities of personnel and units, and shows their alignment with
the organization’s mission and strategic plans. The lack of an effective enterprise
security architecture increases the risk that the FDIC’s information systems could be
developed with inconsistent security controls that are costly to maintain. In
July 2018, the FDIC provided the OIG with documentation describing its enterprise
security architecture. The OIG is reviewing the corrective actions undertaken by the
FDIC at the time of this Top Challenges report.



Security Control Assessments. FISMA requires agencies to test and evaluate
their information security controls periodically to ensure they are effectively
implemented. We identified instances in which security control assessments
performed by contractors did not include testing of security control implementation.
Instead, assessors relied on narrative descriptions of the controls in FDIC policies,
procedures, and system security plans and/or interviews of FDIC or contractor
personnel. Without actual testing, assessors did not have a basis for concluding on
the effectiveness of security controls. Moreover, we found that the FDIC did not

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
have adequate oversight of security control assessments performed by contractor
personnel.


Patch Management. Software vendors release patches as needed or on a periodic
basis to address faults in operating systems or applications. Vendors may also issue
patches to alter functionality, address new security threats, or modify software
configurations to improve security. Effective patch management is, therefore, critical
to maintaining the integrity, availability, and security of the FDIC’s IT infrastructure
and the data that resides within it. We found that the FDIC’s patch management
processes were not always effective in ensuring that the FDIC implemented patches
within defined timeframes. Unpatched systems increase the risk of exposing the
FDIC’s network to a security incident.



Backup and Recovery. Our FISMA audit report issued in 2017 noted that the
FDIC’s IT restoration capabilities were limited, and that the FDIC had not taken
timely action to address limitations in its ability to maintain or restore critical IT
systems and applications during a disaster. The FDIC will continue to have limited
assurance that it can maintain and restore mission-essential functions within
applicable timeframes during an emergency, until the completion of the Backup Data
Center Migration Project in 2019.

The FDIC has increased the 2019 Operating Budget for the Office of the Chief Information
Security Officer by approximately $650,000 (1.3 percent), up to a total of $51 million. The
increased funding is intended to enhance the protection of the FDIC’s applications systems and
databases from breaches and intrusions, and improve the FDIC’s responsiveness and
resilience.
In another OIG report entitled Controls over System Interconnections with Outside
Organizations, (December 2018), we reviewed the FDIC’s controls for managing system
interconnections37 with Federal agencies and non-governmental entities. We found that the
FDIC’s policies and procedures did not define the types of technologies and configurations that
constituted a system interconnection and, therefore, required a written agreement. In addition,
the FDIC’s policies and procedures did not articulate the roles and responsibilities for all
stakeholders involved in managing system interconnections. Also, the FDIC did not establish
documentation requirements for key activities, and it did not create written agreements to
govern several of its system interconnections. Further, we identified instances in which written
agreements governing system interconnections had expired, even though the underlying
connections remained enabled. We made seven recommendations to improve the FDIC’s
policies, procedures, and contracts governing system interconnections.

37
NIST SP 800-47, Security Guide for Interconnecting Information Technology Systems, defines a “system
interconnection” as a direct connection of two or more information technology systems for the purpose of sharing data
and other information resources.

A P P E N D13
ICES

169

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
We have a number of planned and ongoing audits of the FDIC’s internal IT operations, including
the FDIC's privacy program and practices; security of a system that supports the FDIC’s bank
supervision and consumer compliance; and security of mobile devices.
The FDIC must safeguard information held within its IT systems, much of which contains
sensitive information about banks, depositors, and FDIC employees. Unauthorized access and
disclosure of this information could cause significant harm to individuals, banks, and the FDIC.
The FDIC must remain vigilant in its efforts to institute necessary controls and properly protect
the information entrusted to it.

4 | PREPARING FOR CRISES
Central to the FDIC’s mission is readiness to address crises in the banking system. The
FDIC must be prepared for a broad range of crises that could impact the banking sector.
These readiness activities should help to ensure the safety and soundness of institutions, as
well as the stability and integrity of our nation’s banking system.
Crisis readiness requires advanced preparation, regardless of whether the crisis results from
financial disruption in the markets, economic turmoil, a cyber attack, natural disaster, or other
event. “When the unexpected, enterprise-threatening crisis strikes, it is too late to begin the
planning process. Events will quickly spin out of control, further adding to the loss of reputation
and avoidable costs necessary to survive and recover with minimal damage.”38
Although crises may be
different in their cause or
complexity, implementation of
fundamental principles allows
agencies, such as the FDIC, to
plan and prepare for such
events. Figure 3 illustrates the
Crisis Management
Preparedness Cycle, which
includes the following five
components:39

Figure 3: Crisis Management Preparedness Continuous Cycle

Source: Federal Emergency Management Agency.

38
39

170

Hastings Business Law Journal, The Board’s Responsibility for Crisis Governance (Spring 2017), 290.
Federal Emergency Management Agency National Incident Management System.

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)







Plan – Supports effective operations by identifying objectives, describing
organizational structures, assigning tasks to achieve objectives, identifying
responsibilities to accomplish tasks, and contributing to the goals.
Organize – Identifies necessary skillsets and technical capabilities.
Train – Provides personnel with the knowledge, skills, and abilities to respond to a
crisis.
Exercise – Identifies strengths and weaknesses through an assessment of gaps and
shortfalls with plans, policies, and procedures to respond to a crisis.
Evaluate and Improve – Compiles lessons learned, develops improvement plans,
and tracks corrective actions to address gaps and deficiencies identified.

Early Risk Identification and Mitigation
The Financial Crisis Inquiry Commission stated that financial regulators “had ample power in
many arenas [to protect the financial system], and they chose not to use it,” thus rejecting the
regulators’ claim that they did not have the necessary authorities.40 The current FDIC Director
(former FDIC Chairman) noted that when banks are profitable, as in 2018, the FDIC and other
regulators must maintain supervisory vigilance.41
In 2011, the FDIC developed a Forward-Looking Supervision initiative as part of the lessons
learned from the financial crisis. The goal of the initiative was to “identify and assess the
potential impact of an institution’s new and/or growing risks and ensure early mitigation if
necessary.”42 In our OIG evaluation report, Forward-Looking Supervision (August 2018), we
found that the FDIC did not have a comprehensive policy guidance document on ForwardLooking Supervision and should clarify guidance associated with its purpose, goals, roles, and
responsibilities. We also found that examiners identified overall concentration risk management
conclusions and concerns in the examination report; however, only 27 percent of reports
sampled elevated concerns to the financial institution’s board of directors.
In addition, the FDIC uses other systems and risk-monitoring tools to identify financial institution
emerging risks. For example, the Offsite Review Program (ORP) analyzes quarterly financial
institution data against benchmark indicators developed by the FDIC. When an institution falls
outside these benchmarks, FDIC examiners must review the bank’s information, document the
risks, and select an appropriate supervisory strategy to address the risks. We are currently
conducting a review to examine the extent to which the ORP identifies supervisory concerns
and potential problems, and appropriately adjusts supervisory strategies.

Financial Crisis Inquiry Commission, Final Report of the National Commission on the Causes of the Financial and
Economic Crisis in the United States (January 21, 2011). The Financial Crisis Inquiry Commission was established
as part of the Fraud Enforcement and Recovery Act (Public Law 111-21) to examine the causes of the financial crisis.
41
“Financial Regulation: A Post-Crisis Perspective”, Remarks by Martin J. Gruenberg, then-Chairman of the FDIC,
Brookings Institution (November 14, 2017).
42
FDIC RMS Perspectives, Vol 1, Issue 2, (Second Quarter 2014).

A P P E N D15
ICES

171

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Crisis Preparedness and Planning
According to the FDIC’s analysis of the 2008-2011 financial crisis, the events unfolded more
quickly than the FDIC expected and were more severe than the FDIC’s planning efforts
anticipated.43 For example, in July 2008, the FDIC resolved IndyMac, the most expensive FDIC
failure, estimated to cost about $12.3 billion, and in September 2008, Washington Mutual, the
sixth-largest FDIC-insured institution, also failed. The FDIC had not planned for several large
and small banks to fail at the same time, and these failures occurred at a quicker pace than in
previous crises.
Consequently, the FDIC needed to hire staff quickly to manage the escalating workload
associated with what would ultimately be nearly 500 failed banks. To address its staffing
shortfall, the FDIC authorized funding for additional personnel during the crisis but faced
challenges expediting the hiring process to on-board needed staff. For example, in
September 2008, the Division of Resolutions and Receiverships had an authorized staff of 825,
but only 259 staff was on board.44
The FDIC also faced challenges dealing with the increased volume of contracts needed. During
the financial crisis, the FDIC awarded over 6,000 contracts totaling more than $8 billion. The
size of its acquisition staff was initially insufficient, which resulted in delays to modify existing
contracts and issue new contracts. The FDIC needed to rapidly hire and train personnel to
oversee the contracts.
Over the past several years, the FDIC developed goals and objectives to prioritize certain crisis
readiness planning activities. According to the FDIC 2018-2022 Strategic Plan, the agency
aims to “develop, test, and maintain contingency plans to ensure it is prepared to handle a wide
range of potential failure scenarios, including the failure of a large financial institution;
simultaneous, multiple failures; the failure of an institution with large international holdings; and
the failure of an insured institution that operates primarily through the internet.” The FDIC is
developed a draft “surge staffing” plan that addresses resources needs for concurrent
community bank failures in conjunction with the failure of a moderately large ($25 to $50 billion)
bank.
We are conducting an evaluation to assess the FDIC’s preparedness efforts to address future
crises. The scope of our evaluation includes examining the FDIC's crisis readiness plans, its
tools and mechanisms to implement the plans, roles and responsibilities, training on crisis
response, and actions to evaluate and improve readiness.
The FDIC’s ability to mitigate risk and resolve failed banks affects the safety and soundness of
institutions as well as the stability of the banking system. The FDIC should maintain robust
processes to plan, prepare, train, exercise, and maintain readiness for scenarios that could lead
to crises.
43
44

172

FDIC, Crisis and Response, An FDIC History, 2008-2013 (November 30, 2017).
Crisis and Response, An FDIC History, 2008-2013.

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
5 | MATURING ENTERPRISE RISK MANAGEMENT
Enterprise Risk Management (ERM) is a critical part of an agency’s governance, as it can
inform prudent decision-making at an agency, including strategic planning, budget
formulation, and capital investment. ERM program requirements include identifying risks
that could affect the organization (Risk Profile and Inventory), establishing the amount of risk
an organization is willing to accept (Risk Appetite), prioritizing strategies to address risks in
the proper sequence, and responding to and mitigating the risks. The FDIC established an
ERM program office in 2011, but has neither developed the underlying ERM program
requirements nor realized the benefits of a mature ERM program.
According to FDIC Directive 4010.3, Enterprise Risk Management and Internal Control
Program, “Congress, the Office of Management and Budget (OMB), and the Government
Accountability Office (GAO) have directed attention to the need for federal agencies to adopt
[Enterprise Risk Management (ERM)].” OMB introduced ERM through revised governmentwide circulars, including OMB Circular No. A-123, Management’s Responsibility for Enterprise
Risk Management and Internal Control. The FDIC Directive states that while not legally
obligated to follow executive directives, the FDIC “embrace[s] the spirit of ERM as outlined in
OMB Circular No. A-123.”45
According to OMB Circular No. A-123, Federal agencies face internal and external risks to
achieving their missions, including “economic, operational, and organizational change factors,
all of which would negatively impact an Agency’s ability to meet goals and objectives if not
resolved.”46 OMB Circular No. A-123 further requires that agencies take risk into account when
designing internal controls. ERM should be an element of the agency’s overall governance
process that focuses specifically on the identification, assessment, and management of risk,
and it should include these elements:




A risk management governance structure;
A methodology for developing a risk profile; and
A process, guided by an organization’s senior leadership, to consider risk appetite
and risk tolerance levels that serves as a guide to establish strategy and select
objectives.

OMB urges agencies to adopt an enterprise-wide view of ERM—a “big picture” perspective—
thus synthesizing the management of risks into the very fabric of the organization; it should not
be viewed in “silos” among different divisions or offices. ERM should integrate risk
management into the agency’s processes for budgeting, including strategic planning,
performance planning, and performance reporting practices.

45
OMB Circular No. A-123, Management’s Responsibility for Enterprise Risk Management and Internal Control,
(July 15, 2016).
46
OMB Circular No. A-123 (July 5, 2016), 7.

A P P E N D17
ICES

173

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Figure 4: Enterprise Risk Management Program

Figure 4 illustrates the manner
in which ERM should be
implemented in an organization,
and the junctures at which it
should be considered when
making decisions concerning
the agency’s strategy, budget,
program management, and
operations. Effective ERM
implementation starts with an
agency establishing a
customized ERM program that
fits its organizational mission,
culture, operating environment,
and business processes.
Source: Playbook: Enterprise Risk Management for the U.S. Federal Government.

GAO identified six essential elements to assist Federal agencies’ implementation of ERM,
including:47
1. Align the ERM process to agency goals and objectives – Ensuring that ERM
contributes to achieving mission and results.
2. Identify Risks – Assembling a list of risks and opportunities that could affect the agency
from achieving its goals and objectives.
3. Assess Risks – Prioritizing risk responses based on an assessment of the likelihood
and impact of a risk on the agency’s mission.
4. Select Risk Response – Selecting a strategy to respond to or mitigate risk based on
management’s risk appetite, such as acceptance, avoidance, reduction sharing, or
transfer of risk.
5. Monitor Risks – Determining whether risks are changing and if responses are
successful.
6. Report on Risks – Communicating with management and other stakeholders on the
status of addressing risks.
The FDIC’s Enterprise Risk Management Program
In June 2010, the FDIC hired a consulting firm to address five key issues regarding its ERM
program: Identification and management of risks; Organizational structure; Risk management
activities and processes; Capabilities and infrastructure for risk management; and Actionable
transparency. The consulting report identified gaps in all five areas, recommended that the
FDIC establish a Chief Risk Officer (CRO), and submitted several organizational options to be
evaluated by the FDIC. In response to the firm’s recommendations, the then-FDIC Chairman
47

174

GAO, Enterprise Risk Management: Selected Agencies’ Experiences Illustrate Good Practices in Managing Risk,
GAO-17-63 (December 1, 2016).

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
appointed a Risk Steering Committee to evaluate alternatives and recommend an organizational
structure for risk management.
The Risk Steering Committee recommended to the FDIC Board the establishment of an Office
of Corporate Risk Management (OCRM), headed by a CRO, with total staffing of 16. The Board
approved changes recommended by the Risk Steering Committee in January 2011. The
changes were intended to provide an office within the FDIC that was assigned to review internal
risks with a system-wide perspective; facilitate sharing of information regarding existing,
emerging, and potential risks; and instill risk governance as part of the FDIC’s culture.
By May 2016, the CRO had retired and only five staff remained in OCRM by 2017.
Consequently, in 2017, the FDIC initiated an organizational review of its existing ERM program
to assess whether changes to the program should be made based on its experience-to-date
with its ERM framework. In June 2017, the FDIC placed the CRO under the Division of Finance
(DOF) as a Deputy Director, and combined OCRM with the Corporate Management Control
Branch, to form a newly constituted Risk Management and Internal Controls Branch (RMIC)
within DOF. RMIC responsibilities included not only ERM, but also internal control as well as
management of risks in individual programs and projects.
The FDIC, in its 2018 Performance Goals, identified enterprise risk as a priority initiative.48
However, as noted above, we reported in our recent FISMA audit, The FDIC’s Information
Security Program – 2018 (October 2018) that the FDIC had not fully defined or implemented an
enterprise-wide and integrated approach to identifying, assessing, and addressing the full
spectrum of internal and external risks. The FDIC had not finalized its Risk Appetite, Risk
Tolerance Level, and Risk Profile. Without these key fundamental elements, the FDIC faced
difficulties integrating risk into its budget, strategic planning, performance reporting, and internal
controls. In addition, FDIC Divisions and Offices were not able to evaluate risk determinations
in the context of the agency’s overall risk levels, tolerance, and profile. As a result, the FDIC
could not be sure that its resources were being allocated toward addressing the most significant
risks in achieving strategic objectives.
The FDIC issued its revised Enterprise Risk Management and Internal Control Program Policy
(ERM Policy) in October 2018.49 This ERM Policy aims to “identify, assess, and address major
risks (including emerging risks) that have a potential broad impact to the FDIC’s ability to
achieve its goals, objectives, and mission.” The ERM Policy indicates that the agency’s ERM
would be implemented through the FDIC’s existing structure, and that FDIC Divisions and
Offices would identify key activities and risks, and take actions to address these risks.
The FDIC’s ERM Policy identified key requirements for the program, including establishing a
Risk Appetite and Risk Profile. The ERM Policy also requires that the FDIC establish a Risk
Inventory which is a “comprehensive, detailed list of risks that could affect the FDIC’s ability to

48
49

2018 FDIC Performance Goals, Priority 2018 Initiatives, Goal 6: Identify and address enterprise risk.
FDIC, Enterprise Risk Management and Internal Control Program, Directive 4010.3 (October 25, 2018).

A P P E N D19
ICES

175

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
meet its strategic objectives,” and that the ERM program includes the following essential
elements:







Process Alignment to Goals and Objectives;
Risk Identification;
Risk Assessment;
Risk Response Selection;
Risk Monitoring; and
Communication and Reporting.

We are initiating an evaluation of the FDIC’s ERM program to assess the extent to which the
FDIC has implemented an effective ERM program consistent with guidance and best practices.
The FDIC should develop an integrated approach to ERM. This ERM program should
synthesize the management of risks into the FDIC’s organizational culture, so that these risks
may be considered and incorporated into the FDIC’s budget, strategic planning, performance
reporting, and internal controls for the agency as a whole.

6 | SHARING THREAT INFORMATION WITH BANKS AND EXAMINERS
Federal Government agencies and private-sector entities share information about threats to
U.S. critical infrastructure sectors, including the financial sector. Sharing actionable and
relevant threat information among Federal and private-sector participants protects the
financial system by building threat awareness and allowing for informed decision-making.
The FDIC must ensure that relevant threat information is shared with its supervised
institutions and examiners as needed, in a timely manner, so that actions can be taken to
address the threats. Threat information also provides FDIC examiners with context to
evaluate banks’ processes for risk identification and mitigation strategies.
Presidential Policy Directive 21, Critical Infrastructure Security and Resilience, identified the
financial services sector as one of 16 critical infrastructure sectors vital to public confidence and
the nation’s safety, prosperity, and well-being. The FFIEC recognized that financial institutions
should be prepared to address a variety of threats, including terrorists attacks, pandemics, and
cybersecurity.50 For example, cyberattacks at financial institutions prevented public access to
websites, compromised personal information of tens of millions of customers, and millions of
dollars were lost due to systems breaches where criminals transferred funds from customer
accounts and from automated teller machines.51 Further, information such as that provided by
the Centers for Disease Control and Prevention allows financial institutions to monitor potential

FFIEC, Business Continuity Planning (February 2015).
GAO, Cybersecurity: Bank and Other Depository Regulators Need Better Data Analytics and Depository
Institutions Want More Usable Threat Information, GAO-15-509 (July 2015).
51

176

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
pandemic health outbreaks to ensure institutions have the capability to continue critical
operations when large numbers of staff are unavailable for prolonged periods of time.52
FSOC noted, in its 2018 Annual Report, the critical importance of sharing timely and actionable
threat information among the Federal Government and the private sector. FSOC stated that
Federal agencies should consider how to share information and when possible “declassify (or
downgrade classification) of information to the extent practicable, consistent with national
security needs.”53 GAO also identified various sources of threat information that could be
shared with financial institutions. Figure 5 illustrates how GAO captured threat information flows
from multiple sources.
Figure 5: Selected Sources of Threat Information

In July 2018, DHS launched a new initiative called the National Risk Management Center
(NRMC). According to DHS, the NRMC was established in response to “the increasingly
complex threat environment and corresponding demand from industry for greater integrated
support from the U.S. federal government.”54 The NRMC will work across industry sectors and
Federal agencies, including the banking sector, so that participants can have a more
comprehensive perspective on systemic risk; the goal is to promote collaborative risk strategies.
52

Centers for Disease Control and Prevention Pandemic Intervals Framework, (September 26, 2014); and FFIEC,
Business Continuity Planning, Appendix D: Pandemic Planning.
53
FSOC 2018 Annual Report, 7.
54
DHS, National Risk Management Center Fact Sheet (July 2018).

A P P E N D21
ICES

177

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
According to the FDIC’s 2017 Annual Report, the FDIC continues to engage with the Financial
and Banking Information Infrastructure Committee, Financial Services Sector Coordinating
Council for Critical Infrastructure Protection, DHS, and other regulatory agencies and law
enforcement to share information and coordinate responses.
Banks’ Access to and Use of Threat Information
In November 2014, the FDIC and other FFIEC members encouraged financial institutions to join
the Financial Services Information Sharing and Analysis Center (FS-ISAC), through its
Statement on Cybersecurity Threat and Vulnerability Monitoring and Sharing (Cybersecurity
Sharing Statement).55 FS-ISAC is a group of 7,000 member organizations, and its purpose is to
share timely, relevant, and actionable security threat information. The Cybersecurity Sharing
Statement also suggested using other resources such as the Federal Bureau of Investigation’s
(FBI) InfraGard,56 U.S. Computer Emergency Readiness Team,57 and Secret Service Electronic
Crimes Task Force.58
According to the FFIEC, financial institutions should have business continuity plans that
“[a]nalyze threats based upon the impact to the institution, its customers, and the financial
market it serves.”59 Further, the FFIEC notes that financial institutions should have “a means to
collect data on potential threats that can assist management in its identification of information
security risks.”60 FDIC-supervised institutions are links of the chain in the financial services
system interconnections; an incident involving one community bank has the potential to affect
the broader financial sector.61 Therefore, as part of its examination process, the FDIC must
ensure that supervised institutions can receive and access threat information, and that they
have business continuity plans to address such threats.
FDIC and Examiners’ Access to and Use of Threat Information
FDIC Headquarters staff has access to significant amounts of threat information held by the
U.S. Government, and much of the information is confidential and highly sensitive. The FDIC
should develop sound practices to review threat information and take necessary actions based
upon such information. In doing so, the agency should ensure that it develops and maintains
processes to assess the sensitivity and classification of this information.

FFIEC, Statement on Cybersecurity Threat and Vulnerability Monitoring and Sharing.
InfraGard is a web-based portal that provides collaboration between the FBI and the private sector to exchange
information about critical infrastructure.
57
US-CERT is a component of the Department of Homeland Security; its mission is to reduce the nation’s risk of
systemic cybersecurity and communications challenges.
58
The Electronic Crimes Task Force is a nationwide network designed to support and assist state, local, and Federal
law enforcement agencies in order to combat criminal activity involving the use of new technology.
59
FFIEC, Business Continuity Planning Booklet, Risk Assessment, (Available on the FFIEC website).
60
FFIEC IT Examination Handbook Infobase, Information Security Booklet, II, Information Security Program
Management (Available on the FFIEC website).
61
Departments of the Treasury and of Homeland Security, Financial Services Sector-Specific Plan (2015), 9.
56

178

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
In addition, the FDIC should ensure that the threat information can be disseminated to specific
examiners as needed, and that such examiners are authorized to receive access to sensitive
threat information. For example, if the FDIC has access to threat information about a particular
FDIC-supervised bank, the examiners overseeing this institution should have access to such
threat information. Given the volume of information, the FDIC faces challenges to analyze,
distill, and convey relevant and actionable threat information from FDIC Headquarters to
examiners in the FDIC’s Regional and Field Offices.
Threat information can assist FDIC examiners in prioritizing and focusing their work on
emerging issues, and modifying the depth or scope of an examination. Understanding the
nature of threats provides context for examiners when evaluating financial institutions’
processes for identifying and considering relevant risks and implementing risk mitigation
strategies. Further, threat information may result in changes to examination policy or
procedures to address emerging issues.
RMS instituted Regional Cyber Incident Reporting and Response Guides (Reporting and
Response Guides) to outline the steps to be taken by Regional and Field Offices when banks
report threats and incidents. These steps include gathering information about an incident;
providing advice to the affected entity; determining whether the incident warrants escalation to
FDIC Headquarters; and conducting ongoing monitoring and communications. RMS also has a
Cyber Incident Response Plan for use by FDIC Headquarters staff to evaluate threats and
incidents reported by banks through the Field and Regional Offices. The Plan uses
predetermined criteria and thresholds to determine when threat and incident information should
be escalated to FDIC senior management.
Neither the RMS Cyber Incident Response Plan nor the Reporting and Response Guides
provide procedures for the FDIC to disseminate information to its Regional and Field Offices
and examiners. RMS officials stated that they review threat information from multiple sources
and regularly convey relevant information to Regional and Field Office examiners, depending
upon the criticality and sensitivity of the information.
Based on our research, as of the end of 2018, the FDIC did not have a policy that (i) defined
criteria for selecting relevant, actionable threat information, or (ii) outlined the process to share
such threat information among Headquarters, Regional Offices, and examiner personnel.
Without policies to guide those processes, information selection and dissemination is left to the
discretion of individuals, which may lead to inconsistencies, uncertainty, and a lack of uniformity
in sharing threat information. We have work planned to evaluate the effectiveness of the FDIC’s
procedures for the collection and dissemination of threat information.
Sharing threat information allows for the consideration of these risks in developing and
examining bank mitigation strategies and continuity plans. Absent such threat information,
financial institutions and examiners may not have a full understanding of the risks facing the
banks, and thus, risk mitigation and supervisory strategies might have gaps which could affect
the safety and soundness of institutions.

A P P E N D23
ICES

179

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
7 | MANAGING HUMAN CAPITAL
The FDIC relies on skilled personnel to fulfill its mission, and about 63 percent of the
FDIC’s operating budget for 2019 ($2 billion) was for salaries and associated benefits for
employees. Forty-two percent of FDIC employees are eligible to retire within 5 years, which
may lead to knowledge and leadership gaps. To ensure mission readiness, the FDIC should
find ways to manage this impending shortfall. In addition, the FDIC should seek to hire
individuals with advanced technical skills needed for IT examinations and supervision of
large and complex banks.
GAO has identified human capital management as a high risk since 2001 and noted that
“[m]ission-critical skills gaps within the federal workforce pose a high risk to the nation.” 62 GAO
noted that such gaps, if left unaddressed, can “impede the federal government from costeffectively serving the public and achieving results.” The percentage of FDIC employees
eligible to retire more than doubles (2.3 times) over the next 5 years, increasing from 18 percent
in 2018 to 42 percent in 2023, as shown in Figure 6.
Figure 6: FDIC Employees Eligible for Retirement between December 2018 and
December 2023
December 2018

December 2023

1,049 (18%)

2,477 (42%)

December 2021
2,044 (35%)
Source: OIG analysis of FDIC employee information as of July 31, 2018.

These figures could lead to a wave of retirements at the FDIC in the near term. As recognized
by GAO, retirement waves can result in leadership voids, which could impede the capabilities of
any agency to achieve its mission, unnecessarily delay decision-making, and reduce program
management and oversight.63 According to GAO, such agencies may face gaps in skillsets,
which could result in the agency not being able to complete its mission-critical work in a timely
manner. Further, retirements might have financial implications for the FDIC’s budget, since the
FDIC would be required to expend lump-sum payments based on accumulated annual leave.64
The FDIC should be prepared to address any resultant budget issues and gaps in skillsets and
leadership.
In addition, the FDIC faces an even higher rate of potential retirements among seasoned senior
and mid-level managers. As of July 31, 2018, approximately two-thirds of the Executive
62

GAO, High-Risk Series: Progress in Many High-Risk Areas, While Substantial Efforts Needed on Others, GAO-17317 (February 2017), 61.
63
GAO, High-Risk Series: Progress in Many High-Risk Areas, While Substantial Efforts Needed on Others, GAO-17317 (February 2017), 61.
64
Office of Personnel Management, Fact Sheet: Lump Sum Payment for Annual Leave.

180

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Management employees (66 percent) were eligible to retire within 5 years, and another
57 percent of FDIC Corporate Managers are eligible in that same timeframe. Without proper
succession planning strategies, these retirements can result in further leadership gaps.
Retirement Eligibility – Impact on Divisions (Headquarters and Regions)
Between 34 and 63 percent of employees in the following FDIC driver and primary support
Divisions were eligible to retire within 5 years (as of July 31, 2018):







63 percent of employees within the Division of Resolutions and Receiverships
(243 employees);
59 percent of employees within the Legal Division (268 employees);
57 percent of employees within the Division of Administration (201 employees);
45 percent of employees within the Division of Information Technology
(133 employees);
38 percent of employees within the Division of Risk Management Supervision
(929 employees); and
34 percent of employees within the Division of Depositor and Consumer Protection
(276 employees).

While employees do not always retire when first eligible,65 there is a risk that a wave of
retirements could lead to gaps in leadership positions and skillsets at the FDIC. Leadership
gaps can result in delayed decision-making, reduced program oversight, and failure to achieve
goals and agency missions when positions are unfilled or leaders remain in acting status.
Skillset gaps can undermine the ability of the FDIC to achieve its goals and missions.
In addition, in 2017, the Division of Insurance and Research (DIR) experienced higher than
normal attrition rates of 13 percent. Over this period of time, 27 individuals (out of 208 in DIR)
departed DIR, 74 percent of whom were specialized economists with advanced degrees. These
unique skillsets may be more difficult to replace in an expanding economy.
Retirement Eligibility – Impact on Regional Offices
In the six FDIC Regional Offices, more than one-third of employees are eligible to retire within
the next 5 years. Those retirements are predominantly for examination staff. Between 34 and
53 percent of employees in the FDIC Regional Offices were eligible to retire within this
timeframe (as of July 31, 2018):





53 percent of employees within the FDIC Dallas Regional Office (413 employees);
38 percent of employees within the FDIC Atlanta Regional Office (176 employees);
37 percent of employees within the FDIC San Francisco Regional Office
(164 employees);
34 percent of employees within the Chicago Regional Office (172 employees);

Our analysis shows that employees tend to remain with the FDIC for approximately 8 years after their retirement
eligibility date.

A P P E N D25
ICES

181

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)



34 percent of employees within the Kansas City Regional Office (169 employees);
and
34 percent of employees within the New York Regional Office (195 employees).

The FDIC is working to hire and train new examiners to address the retirement shortfall, but it
takes approximately 4 years from the time an employee is hired until that employee earns an
examination commission. Such commissioning requires that employees meet benchmarks,
training, and other technical requirements, including passing a Technical Examination.
In its review of the financial crisis of 2008-2011, the FDIC stated that one of its strengths was “a
core of seasoned examiners and supervisors.”66 These experienced employees were crucial in
tailoring “informal and formal enforcement actions that helped make it possible for many banks
to return to health.” As noted by the FDIC in its review, the crisis experience highlighted the
importance of a steady flow of new examiners who can benefit from the knowledge and
experience of seasoned examiners. The FDIC may be challenged to build on innovative
strategies used in prior crises for any future banking crisis without these experienced examiners
and supervisors or the transfer of their knowledge to newer examiners.
Even with additional hires, Regional Offices may not have sufficient experience among their
examiners. As a result, senior examiners may be required to travel more frequently in order to
supervise less experienced staff and sign reports of examination (since pre-commissioned
examiners cannot sign those reports). In addition, experienced examiners may be required to
travel more often, in order to fill staffing needs where there have been significant retirements.
This increase in travel requirements could be costly and may affect the morale of examiners,
since it has been cited as the top reason for voluntary attrition by examiners.
RMS also identified a need to build out skill sets. In 2012, RMS initiated a multi-year Subject
Matter Expert Project to build out workforce capacity and focus on developing advanced skills in
the areas of accounting, capital markets, information technology, and anti-money laundering
compliance. The FDIC also recently updated employees about a Field Office Modernization
initiative, aimed, in part, to maintain a reasonable work/life balance for field examiners.
In 2013, the FDIC established a Workforce Development Initiative (WDI) to address succession
planning and other workforce development challenges and opportunities. Five years after its
establishment, however, the FDIC noted, in its 2018 Annual Performance Plan, that the WDI is
“in the early stages of a multi-year effort to identify future workforce and leadership
requirements, assess current workforce capabilities, support employees who aspire to
leadership and management roles, and develop and source the talent to meet emerging
workforce needs.”
The management of human capital is critical to the FDIC’s achieving its mission. To meet its
goals and objectives, the FDIC must continue to focus on managing the life cycle of human
66

182

Crisis and Response, An FDIC History, 2008-2013 (November 30, 2017), 143-144.

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
capital activities – planning, recruitment, on-boarding, compensation, engagement, succession
planning, and retirement programs.

8 | ADMINISTERING THE ACQUISITIONS PROCESS
The FDIC relies heavily on contractors for support of its mission, especially for IT and
administrative support services. The average annual expenditure by the FDIC for contractor
services over the past 5 years has been approximately $587 million. The FDIC should
maintain effective controls to ensure proper oversight and management of such contracts
and should conduct regular reviews of contractors. In addition, the FDIC should also
perform due diligence to mitigate security risks associated with supply chains for goods and
services.
According to GAO’s Framework for Assessing the Acquisition Function at Federal Agencies,
agencies should effectively manage their acquisitions process in order to ensure that contract
requirements are defined clearly and all aspects of contracts are fulfilled.67 Agencies must
properly oversee contractor performance and identify any deficiencies.
In 2018, the Administration recognized the importance of improving Federal Government
acquisitions in finding that such acquisitions “often fail to achieve their goals because many
Federal managers lack the program management and acquisition skills to successfully manage
and integrate large and complex acquisitions into their projects.”68 In 2018, GAO reported that
agencies continue to award contracts warranting increased management attention.69 In
addition, GAO found that government contracting officials were carrying heavier workloads, and
thus, it was more difficult for these officials to oversee complex contracts and ensure that
contractors adhered to contract terms. Further, in the Framework for Assessing the Acquisition
Function at Federal Agencies, GAO noted the importance of agencies defining their contracting
needs and identifying, selecting, and managing providers of goods and services.
Federal Government agencies also should conduct due diligence to recognize potential threats
in supply chains for products and services. When an organization hires contractors who, in turn,
may sub-contract services to third-parties, the organization is likely to have reduced visibility,
understanding, and control of the underlying relationships, as illustrated in Figure 7.

GAO, Framework for Assessing the Acquisition Function at Federal Agencies, GAO-05-218G (September 2005).
The President’s Management Agenda: Modernizing Government for the 21st Century, 12.
69
GAO, Federal Acquisitions: Congress and the Executive Branch have Taken Steps to Address Key Issues, but
Challenges Endure, GAO-18-627 (September 2018).
68

A P P E N D27
ICES

183

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
If not managed properly, organizations may
face supply chain risks, including installation of
malicious or counterfeit hardware or software,
disruption of critical production, and reliance on
nefarious or unqualified service providers.70
Government agencies may not discover the
consequences of these risks until much later,
after the fraud or compromise

Figure 7: Supply Chain Risk View

Contract Oversight
The FDIC awarded $2.3 billion in contracts from
January 2015 through September 2018. For
the first 7 months of 2018, the FDIC issued
372 contract awards for a total of $383 million.
In addition, the FDIC budget for 2019 includes
more than $420 million in contracting expenses
for outside services.

Source: NIST Publication 800-161, Supply Chain Risk
Management Practices for Federal Information Systems and
Organizations.

Between January 2015 and September 2018, the
Divisions of Administration (DOA), Information Technology (DIT), and Resolutions and
Receiverships (DRR) accounted for 96 percent ($1.38 billion) of all contract awards through the
Acquisition Services Branch. Contracting Officers are responsible for ensuring the performance
of all actions necessary for efficient and effective contracting, compliance with contract terms,
and protection of the FDIC’s interests in all of its contractual relationships. In addition, FDIC
program offices develop contract requirements, and Oversight Managers and Technical
Monitors oversee the contractor’s performance and technical work.

Our OIG analysis indicates that there has been an increase in the average dollar amount per
contract awarded by the FDIC from 2016 to 2017. The average contract size has increased
18 percent during this time. Over the past 2 years, DRR and DIT oversaw 127 contracts valued
at $1 million or more each. Many of these contracts are for computer-related and administrative
services that range in value from $1 million to $98 million. According to GAO, these types of
contracts require increased oversight and management attention due to the risk that contractors
may perform tasks reserved for the Government.71
Our work has identified a number of issues related to the FDIC’s contract administration. In
our OIG report, The FDIC’s Failed Bank Data Services Project (March 2017), we reviewed
transition costs ($24.4 million) of a 10-year project to change information systems on failed
financial institutions. We found that the FDIC faced challenges related to defining contract
requirements, coordinating contracting and program office personnel, and establishing
70

GAO, Information Security: Supply Chain Risks Affecting Federal Agencies, GAO-18-667T (July 12, 2018), 7-8.
GAO, Federal Acquisitions: Congress and the Executive Branch have Taken Steps to Address Key Issues, but
Challenges Endure, GAO-18-627 (September 2018).

184

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
implementation milestones. We reported that FDIC personnel did not fully understand the
requirements for transitioning failed financial institution data and services to a new contractor,
or communicate these requirements to bidders in a comprehensive transition plan as part of
the solicitation. Further, the FDIC did not establish clear expectations in the contract
documents and did not implement a project management framework and plans.
In addition, our OIG report on the Follow-on Audit of the FDIC’s Identity, Credential, and
Access Management Program (June 2017) found that the FDIC did not maintain current,
accurate, and complete contractor personnel data needed to manage Personal Identity
Verification (PIV) cards, and management had not finalized and approved a plan for retiring the
FDIC’s legacy PIV card system.
In our OIG Memorandum, Infrastructure Support Contract 3 (ISC-3) with CSRA, Inc. (July 2018),
we concluded that based on limited testing, while we did not see instances of inaccurate or
unsupported invoices, there was an increased risk that both errors and fraudulent activity would
go undetected due to the complexity of CSRA’s accounting entries for contractor and
subcontractor billing. Of the seven DIT individuals overseeing the contract, two individuals
never took the required training on contract oversight, and the training certificates for two other
individuals had already expired in 2008.
In addition, in our OIG report, Payments to Pragmatics, Inc. (December 2018), we determined
that about 10 percent ($47,489) of the labor charges we reviewed were not adequately
supported or allowable under the contract and related task orders. The unsupported labor
charges were for hours billed by two subcontractor employees who did not access the FDIC’s
network or facilities on the days they charged the hours. In addition, we identified unallowable
labor charges for work performed offsite, away from FDIC facilities.
We currently have an ongoing evaluation to assess the FDIC’s contract management oversight
process. The evaluation objective includes assessing the monitoring of contracts; capacity of
oversight managers to oversee assigned contracts; oversight managers’ experience and
qualifications; and security risks posed by contractors and their personnel.
Security and Supply Chain Risk
The FDIC also must continue to ensure that its contractors and contracting personnel meet
security and suitability standards for employment and access to sensitive information. In
addition, contractors must meet criteria for integrity and fitness, including the elimination of
conflicts of interest, adherence to ethics obligations, and security of confidential information.72
These protections are important since the contractors often have access to FDIC space and
information and use FDIC equipment, including sensitive information related to bank closings,
as well as PII for bankers, bank customers, and FDIC employees. The FDIC’s DOA (Security
72

12 C.F.R. Part 366.

A P P E N D I C29
ES

185

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
and Emergency Preparedness Section) is responsible for establishing and implementing the
security policy for contractor personnel. DOA reviews include background investigations,
evaluation of any derogatory information, adjudication, and approvals and clearances.73
In addition, NIST identified the best practices for organizations to manage security risks
associated with supply chains of goods and services; these standards require the integration of
risk management throughout an organization.74 Currently, the FDIC does not have policy
guidance with respect to these supply chain risks. In addition, the duty of managing supply
chain risk is a collateral responsibility for the FDIC’s Insider Threat Program Manager.
The FDIC also faces challenges to mitigate supply chain risk if threats are reported through
highly sensitive security information. Currently, DOA acquisition staff does not have authorized
access to highly sensitive security information. Therefore, if the FDIC learns of or identifies a
threat to its supply chain through the receipt of such information, the FDIC would not have
contracting personnel to respond to the threat, as the current staff is not authorized to access
the underlying threat information.
The FDIC depends on contracts and contractors for its mission-critical systems and operations,
especially in times of crisis. The FDIC should maintain strong contracting oversight and
effective controls over its contractors. In addition, the FDIC should protect against supply chain
and other risks posed by goods and services procured through third-party contractors and
vendors.

9 | IMPROVING MEASUREMENT OF REGULATORY COSTS AND
BENEFITS
Before issuing a rule, the FDIC should ensure that the benefits accrued from a regulation
justify the costs imposed. The FDIC should establish a sound mechanism to measure both
costs and benefits at the time of promulgation, and it should continue to evaluate the costs
and benefits of a regulation on a regular basis, even after it has been issued.
In a report issued in February 2018, GAO noted that “representatives of community banks and
credit unions expressed concerns about the burden that additional regulations create for them,”
such as increasing their overall compliance burden and adversely affecting lending.75 In April
2018, the FDIC updated its Statement of Policy on the Development and Review of Regulations
and Policies, and the revised policy states that once the FDIC has found the need for a
regulation, “the FDIC evaluates benefits and costs, based on available information, and
73

FDIC, Circular 1610.2, Personnel Security Policy and Procedures for FDIC Contractors (January 2010).
NIST Publication 800-161, Supply Chain Risk Management Practices for Federal Information Systems and
Organizations, 7.
75
GAO, Community Banks and Credit Unions: Regulators Could Take Additional Steps to Address Compliance
Burdens, GAO-18-213 (February 2018), 1-2.
74

186

APPENDICES

2018
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
considers reasonable and possible alternatives.” While some regulations implement a statutory
requirement, the FDIC should develop and maintain strong processes to measure both costs
and benefits.
Analysis of Costs and Benefits
The difficulties of cost-benefit analysis lie in the uncertainty over how to measure and calculate
regulatory costs.76 For example, the FDIC experienced challenges in quantifying the costs and
benefits of a proposed rule on Recordkeeping for Timely Deposit Insurance Determination. The
FDIC engaged a contractor that initially estimated the costs of this rule at $328 million, to be
incurred by 36 financial institutions (80 cents per deposit account). However, the FDIC
encountered difficulties in determining the benefits of the rule, explaining that “[b]ecause there is
no market in which the value of these public benefits can be determined, it is not possible to
monetize these benefits.” Based upon the comments received on the proposed rule, the FDIC
revised the total cost in the final rule to $478 million (an increase of $150 million). The
estimated cost would be allocated to covered institutions at $386 million, while the remaining
costs of $92 million were to be borne by bank customers (depositors) and the FDIC.
In 2018, GAO reviewed regulatory procedures for the financial regulators and found several
weaknesses with analyses done by six financial regulators, including the FDIC.77 In particular,
the regulators did not account for the burden that certain rules would have on small entities.
The Regulatory Flexibility Act (RFA) requires that Federal agencies, including the financial
regulators, analyze the impact of proposed regulations on small entities and consider
alternatives that could lessen the regulatory burden. Alternatively, the head of the agency may
certify that the rule would not pose a significant impact on a substantial number of small entities.
The then-FDIC Chairman certified that a rule would not pose a significant impact on a
substantial number of small entities for over 75 percent of the rules issued by the FDIC between
2010 and 2016 that were subject to RFA requirements.78 GAO concluded that for two of the
three rules it sampled, the FDIC did not provide any supporting information for the
certifications. For example, GAO found that the FDIC did not include any of the Office of
Advocacy’s79 suggested components: (i) a description of the number of affected entities; (ii) the
size of the economic impacts; or (iii) the justification for the certification.80

Yale Law Journal, Cost-Benefit and Other Analysis Requirements in the Rulemaking Process, Congressional
Research Service (2014); Cost-Benefit Analysis of Financial Regulations Case Studies and Implications (2015).
77
GAO, Financial Services Regulations: Procedures for Reviews under Regulatory Flexibility Act Need to Be
Enhanced, GAO-18-256 (January 2018).
78
GAO focused only on the RFA sections and not the other regulatory analysis in the Federal Register notice, despite
agencies being allowed by statute to combine analysis to avoid duplication.
79
The Office of Advocacy is a component of the Small Business Administration and serves as a watchdog for the
RFA.
80
GAO, Financial Services Regulations: Procedures for Reviews under Regulatory Flexibility Act Need to Be
Enhanced, GAO-18-256 (January 2018).

A P P E N D31
ICES

187

ANNUAL REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
For the rules for which the FDIC did perform a regulatory flexibility analysis,81 GAO reported
that while the FDIC’s analyses described and quantified the rules compliance costs, they did
not include descriptions or assessments of regulatory alternatives, issues raised in public
comments, or steps to minimize effects on small entities.82 GAO recommended that the FDIC
adopt policies and procedures to comply with RFA requirements and key aspects of Office of
Advocacy and OMB guidance in order to improve consistency. The FDIC adopted additional
policies and procedures in 2018; however, the GAO recommendation remains
unimplemented.
In a subsequent report issued the following month, GAO found that there were additional
inadequacies in the financial regulators’ consideration of regulatory burden on small institutions
– particularly with respect to the quantification of data and cumulative effects of regulations.83
The Economic Growth and Regulatory Paperwork Reduction Act of 1996 (EGRPRA) requires
that at least every 10 years, the FDIC must review its rules and regulations to determine if any
are outdated, unnecessary, or unduly burdensome. However, GAO found that the regulators,
including the FDIC, did not conduct or report on quantitative analyses as part of their EGRPRA
review process. Instead, as GAO noted, “regulators generally only provided their arguments
against taking actions and did not cite analysis or data to support their narrative.” GAO further
found that “regulators ha[d] not assessed the ways that the cumulative burden of the regulations
they administer may have created overlapping or duplicative requirements.” According to GAO,
Congress specifically intended for EGRPRA to require regulators to measure the cumulative
effect of regulations.
In August 2018, the FDIC Chairman stated that a top priority for the agency was to examine the
regulatory burden on small banks. The following month, in September 2018, the FDIC issued a
proposal to retire 374 of 664 Financial Institution Letters (FIL) related to risk-management
supervision. These FILs contained outdated information or guidance that was available
elsewhere from the FDIC. In announcing this proposal, the FDIC committed to a review of the
remaining 290 FILs.84 We are currently conducting an evaluation to determine the effectiveness
of the FDIC’s cost-benefit analysis process for ensuring that rules are efficient and appropriately
tailored.
Financial regulations significantly affect financial institutions and bank customers, and before
imposing costs on such entities, the FDIC should ensure that the benefits of the rule justify the
costs associated with its implementation. To do so, the FDIC should obtain concrete, valid, and
reliable data, and analyze the information, so that it can accurately measure the costs and
benefits of a regulation.
81

For three of the four regulatory flexibility analyses it performed, the FDIC indicated that the rules were not subject
to the requirements of the RFA.
82
GAO, Financial Services Regulations: Procedures for Reviews under Regulatory Flexibility Act Need to Be
Enhanced, GAO-18-256 (January 2018).
83
GAO, Community Banks and Credit Unions: Regulators Could Take Additional Steps to Address Compliance
Burdens, GAO-18-213 (February 2018).
84
Financial Institution Letter 46-2018, FDIC Seeks Comment on Proposed Retirement of Certain Financial Institution
Letters (September 10, 2018).

188

APPENDICES

2018
D. ACRONYMS AND INITIALISMS
AEI

Alliance for Economic Inclusion

CMG

Crisis Management Group

AFS

Available-For-Sale

CMP

Civil Money Penalty

AIG

American International Group, Inc.

ComE-IN

AML

Anti-Money Laundering

Advisory Committee on
Economic Inclusion

AML/CFT

Anti-Money Laundering and
Countering the Financing
of Terrorism

CPI-U

Consumer Price Index for All
Urban Consumers

CRA

Community Reinvestment Act

ASBA

Association of Supervisors of Banks
of the Americas

CRE

Commercial Real Estate

ASC

Accounting Standards Codification

CSIRT

Computer Security Incident
Response Team

ASU

Accounting Standards Update

CSF

Cybersecurity Framework

BCBS

Basel Committee on Banking
Supervision

CSBS

Conference of State Bank Supervisors

BDC

Backup data center

CSRS

Civil Service Retirement System

BoA

Bank of America

DCP

Division of Depositor and
Consumer Protection

BSA

Bank Secrecy Act

DFA

Dodd-Frank Act

Call Report

Consolidated Reports of Condition
and Income

DIF

Deposit Insurance Fund

DIMIA

Capital adequacy; Asset quality;
Management quality; Earnings;
Liquidity; Sensitivity to market risks

Depository Institution Management
Interlocks Act

DIR

Division of Insurance and Research

DIT

Division of Information Technology

DLP

Data Loss Prevention

DOA

Division of Administration

DRR

Designated Reserve Ratio

CAMELS
rating scale

CAT

Cybersecurity Assessment Tool

CBAC

Advisory Committee on
Community Banking

CCP

Central Counterparties

DRR (FDIC)

CDFI

Community Development
Financial Institution

Division of Resolutions and
Receiverships

European Commission

CECL

Current Expected Credit Losses

EDIE

Electronic Deposit Insurance Estimator

CEO

Chief Executive Officer

EGRPRA

CEP

Corporate Employee Program

Economic Growth and Regulatory
Paperwork Reduction Act of 1996

CFI

Complex Financial Institution

EGRRCPA

CFO Act

Chief Financial Officers’ Act

Economic Growth, Regulatory Relief,
and Consumer Protection Act

CFPB

Consumer Financial Protection Bureau

European Union

CFR

Center for Financial Research

ERM

Enterprise Risk Management

CFTC

Commodity Futures
Trading Commission

FAQ

Frequently Asked Questions

FASB

Financial Accounting Standards Board

CIO

Chief Information Officer

FBIIC

CIOO

Chief Information Officer Organization

Financial and Banking Information
Infrastructure Committee

FBO

Foreign Bank Organization
APPENDICES

189

ANNUAL REPORT
GECC

General Electric Capital
Corporation, Inc.

GPRA

Government Performance and
Results Act

G-SIBs

Global Systemically Important Banks

G-SIFI

Global SIFIs

HMDA

Home Mortgage Disclosure Act

Federal Financial Management
Improvement Act

HQLA

High quality liquid asset

FHLB

Federal Home Loan Banks

IADI

FICO

Financing Corporation

International Association of
Deposit Insurers

FIL

Financial Institution Letter

ICIPC

FinCEN

Financial Crimes Enforcement Network

Intelligence and Critical Infrastructure
Protection Committee

FinTech

Financial Technology

IDI

Insured Depository Institution

FIRREA

Financial Institutions Reform,
Recovery and Enforcement Act

IMF

International Monetary Fund

IMFB

IndyMac Federal Bank

FIs

Financial Institutions

InTREx

FIS

Financial Institution Specialists

Information Technology Risk
Examination Program

FISMA

Federal Information Security
Modernization Act of 2014

ISM

Information Security Manager

Information Technology

FLEC

Federal Financial Literacy and
Education Commission

ITCIP

Insider Threat and Counterintelligence
Program

FMFIA

Federal Managers’ Financial
Integrity Act

ITSP

Information Technology Strategic Plan

LCR

Liquidity coverage ratio

FMSP

Financial Management
Scholars Program

LIBOR

London Inter-bank Offered Rate

FRB

Board of Governors of the Federal
Reserve System

LIDI

Large Insured Depository Institution

LLC

Limited Liability Company

FRF

FSLIC Resolution Fund

MDI

Minority Depository Institutions

FSB

Financial Stability Board

MOL

Maximum Obligation Limitation

FS-ISAC

Financial Services Information Sharing
and Analysis Center

MOU

Memoranda of Understanding

MRM

Model Risk Management

FSLIC

Federal Savings and Loan Insurance
Corporation

MRBA

Matters Requiring Board Attention

MWOB

Minority- and Women-Owned Business

FSOC

Financial Stability Oversight Council

MWOLF

FTE

Full-Time Employee

Minority- and Women-Owned
Law Firms

GAAP

Generally Accepted Accounting
Principles

NAMWOLF

National Association of Minority- and
Women-Owned Law Firms

GAO

U.S. Government Accountability Office

NCATS

GDP

Gross Domestic Product

National Cybersecurity and
Technical Services

NCUA

National Credit Union Administration

FDI Act

Federal Deposit Insurance Act

FDIC

Federal Deposit Insurance Corporation

FEHB

Federal Employees Health Benefits

FERS

Federal Employees Retirement System

FFB

Federal Financing Bank

FFIEC

Federal Financial Institutions
Examination Council

FFMIA

190

APPENDICES

2018
NITTF

National Insider Threat Task Force

SBA

Small Business Administration

NPR

Notice of Proposed Rulemaking

SCRA

Servicemembers Civil Relief Act

NSFR

Net Stable Funding Ratio

SEATAB

OCC

Office of the Comptroller
of the Currency

Security and Enterprise Architecture
Technical Advisory Board

SEC

Securities and Exchange Commission

OCFI

Office of Complex Financial
Institutions

SIFI

Systemically Important Financial
Institution

OIG

Office of Inspector General

SLA

Shared-Loss Agreement

OJT

On-the-Job Training

SME

Subject Matter Expert

OLA

Orderly Liquidation Authority

SMS

Systemic Monitoring System

OLF

Orderly Liquidation Fund

SNC

Shared National Credit Program

OMB

U.S. Office of Management and Budget

SRAC

OMWI

Office of Minority and Women
Inclusion

Systemic Resolution Advisory
Committee

SRR

SIFI Risk Report

Office of the Ombudsmen

SRB

Single Resolution Board

OPM

Office of Personnel Management

SSGN

Structured Sale of Guaranteed Note

ORE

Owned Real Estate

TILA

Truth in Lending Act

OTS

Office of Thrift Supervision

TIPS

Treasury Inflation-Protected Securities

P&A

Purchase and Assumption

TSP

Federal Thrift Savings Plan

PIV

Personal Identity Verification

TSP (IT-related) Technology Service Providers

Q&A

Question and Answer

UBPR

Uniform Bank Performance Report

QBP

Quarterly Banking Profile

UFIRS

QFC

Qualified Financial Contracts

Uniform Financial Institutions
Rating System

REMA

Reasonably Expected Market Area

United Kingdom

ReSG

FSB’s Resolution Steering Group

URSIT

RESPA

Real Estate Settlement Procedures Act

Uniform Rating System for Information
Technology

RMIC

Risk Management and Internal
Controls

VIEs

Variable Interest Entities

Workplace Excellence

RMS

Division of Risk Management
Supervision

WIOA

Workforce Investment Opportunity Act

YSP

Youth Savings Program

RTC

Resolution Trust Corporation

APPENDICES

191

N OT E S

2018

Federal Deposit
Insurance Corporation
This Annual Report was produced by talented and dedicated
staff. To these individuals, we would like to offer our sincere
thanks and appreciation. Special recognition is given to the
following for their contributions:
❏❏ Jannie F. Eaddy
❏❏ Barbara A. Glasby
❏❏ Pamela A. Brownfield
❏❏ Financial Reporting Section Staff
❏❏ Division and Office Points-of-Contact

H H H

FEDERAL DEPOSIT INSURANCE CORPORATION

550 17th Street, N.W.
Washington, DC 20429-9990
www.fdic.gov
FDIC-003-2019

H H H

Full text of Annual Report of the Federal Deposit Insurance Corporation : Annual Report, 2018

FRASER