View original document

The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.

FEDERAL DEPOSIT INSURANCE CORPORATION
2019 ANNUAL REPORT

THIS PAGE INTENTIONALLY LEFT BLANK

FEDERAL DEPOSIT INSURANCE CORPORATION
2019 ANNUAL REPORT

ANNUAL
REPORT

FEDERAL DEPOSIT INSURANCE CORPORATION
550 17th Street NW, Washington, DC 20429

OFFICE OF THE CHAIRMAN

February 13, 2020

Dear Sir/Madam,
The Federal Deposit Insurance Corporation (FDIC) is pleased to submit its 2019 Annual Report (also referred to as
the Performance and Accountability Report), which includes the audited financial statements of the Deposit Insurance
Fund and the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund. This report is produced
in accordance with:
♦ Section 17(a) of the Federal Deposit Insurance Act,
♦ the Chief Financial Officers Act of 1990, Public Law 101-576,
♦ the Government Performance and Results Act of 1993 (as amended) and the GPRA Modernization Act of 2010,
♦ Section 5 (as amended) of the Inspector General Act of 1978,
♦ the Reports Consolidation Act of 2000, and
♦ the Fraud Reduction and Data Analytics Act of 2015.
In accordance with the Reports Consolidation Act of 2000, the FDIC assessed the reliability of the performance data
contained in this report. We found no material inadequacies and the data are considered to be complete and reliable.
Based on internal management evaluations, and in conjunction with the results of independent financial statement
audits, we can provide reasonable assurance that the objectives of Section 2 (internal controls) and Section 4 (financial
management systems) of the Federal Managers’ Financial Integrity Act of 1982 have been achieved, and that the FDIC
has no material weaknesses. We are committed to maintaining effective internal controls corporate-wide in 2020.
Sincerely,

Jelena McWilliams
Chairman

The President of the United States
The President of the United States Senate
The Speaker of the United States House of Representatives

2

2019

TA B L E O F C O N T E N T S
Mission, Vision, and Values........................................................................................................................................... 4
Message from the Chairman......................................................................................................................................... 5
Message from the Chief Financial Officer.................................................................................................................... 9
FDIC Senior Leaders.................................................................................................................................................... 10
In Memoriam..................................................................................................................................................................11
I. Management’s Discussion and Analysis.......................................................................................................... 13
Overview................................................................................................................................................................................... 15
Deposit Insurance...................................................................................................................................................................... 15
Supervision ............................................................................................................................................................................... 16
Supervision Policy..................................................................................................................................................................... 23
Innovation/Financial Technology .............................................................................................................................................. 28
Community Banking Initiatives................................................................................................................................................ 30
Activities Related to Large and Complex Financial Institutions................................................................................................. 34
Depositor and Consumer Protection......................................................................................................................................... 37
Failure Resolution and Receivership Management..................................................................................................................... 44
Information Technology............................................................................................................................................................ 46
Diversity and Inclusion.............................................................................................................................................................. 47
International Outreach ............................................................................................................................................................. 49
Effective Management of Strategic Resources............................................................................................................................. 50
II. Performance Results Summary........................................................................................................................ 53
Summary of 2019 Performance Results by Program.................................................................................................................. 55
Performance Results by Program and Strategic Goal.................................................................................................................. 55
Prior Years’ Performance Results................................................................................................................................................ 65
III. Financial Highlights............................................................................................................................................ 79
Deposit Insurance Fund Performance........................................................................................................................................ 81
IV. Budget and Spending......................................................................................................................................... 85
FDIC Operating Budget........................................................................................................................................................... 87
2019 Budget and Expenditures by Program .............................................................................................................................. 88
Investment Spending................................................................................................................................................................. 89
V. Financial Section................................................................................................................................................ 91
Deposit Insurance Fund (DIF).................................................................................................................................................. 92
FSLIC Resolution Fund (FRF)................................................................................................................................................ 106
Government Accountability Office Auditor’s Report............................................................................................................... 113
Management’s Report on Internal Control over Financial Reporting....................................................................................... 118
Management’s Response to the Auditor’s Report...................................................................................................................... 119
VI. Risk Management and Internal Controls........................................................................................................ 121
Program Evaluation................................................................................................................................................................. 123
Fraud Reduction and Data Analytics Act of 2015.................................................................................................................... 124
Management Report on Final Actions..................................................................................................................................... 124
VII. Appendices....................................................................................................................................................... 129
A. Key Statistics....................................................................................................................................................................... 131
B. More About the FDIC........................................................................................................................................................ 145
C. Office of Inspector General’s Assessment of the Management and Performance Challenges Facing the FDIC..................... 154
D. Acronyms and Initialisms................................................................................................................................................... 192
ANNUAL REPORT

3

MI SS IO N , V ISION, AND VA LUES
MISSION
The Federal Deposit Insurance Corporation (FDIC) is an independent agency created by the Congress
to maintain stability and public confidence in the nation’s financial system by:
♦

Insuring deposits,

♦

Examining and supervising financial institutions for safety and soundness and
consumer protection,

♦

Making large and complex financial institutions resolvable, and

♦

Managing receiverships.

VISION
The FDIC is a recognized leader in promoting sound public policies; addressing risks in the nation’s financial
system; and carrying out its insurance, supervisory, consumer protection, resolution planning, and receivership
management responsibilities.

VALUES
The FDIC and its employees have a tradition of distinguished public service. Six core values guide us in
accomplishing our mission:
Integrity

We adhere to the highest ethical and professional standards.

Competence

We are a highly skilled, dedicated, and diverse workforce that is empowered to
achieve outstanding results.

Teamwork

We communicate and collaborate effectively with one another and with other
regulatory agencies.

Effectiveness

We respond quickly and successfully to risks in insured depository institutions and
the financial system.

Accountability

We are accountable to each other and to our stakeholders to operate in a financially
responsible and operationally effective manner.

Fairness

We respect individual viewpoints and treat one another and our stakeholders with
impartiality, dignity, and trust.

FEDERAL DEPOSIT INSURANCE CORPORATION

4

2019

ME S S A G E F RO M T H E C H A IR MAN
Insurance Fund grew to over $110 billion at year end, and
the reserve ratio increased to 1.41 percent as of the third
quarter, the highest level since 1999.
During 2019, 13 new banks opened their doors while
only four banks failed, and the FDIC approved nine
applications for deposit insurance.
Over the past year, the FDIC has focused on three
overarching goals:
1. Strengthening the banking system as it continues to
evolve;
2. Tailoring regulations to ensure that our rules are
commensurate with the risk profile of the institutions
we supervise; and
3. Encouraging innovation at the FDIC and community
banks.

STRENGTHENING THE
BANKING SYSTEM
Over the past year, the FDIC has worked to strengthen
the banking system by modernizing our approach to
supervision and regulation. These efforts seek to enhance
efficiency and transparency while maintaining the safety
and soundness of the system.
2019 was my first full year as Federal Deposit Insurance
Corporation (FDIC) Chairman, and I am proud of all
that we have accomplished thanks to the hard work and
dedication of the FDIC’s talented workforce. We continue
to fulfill our vital mission to maintain stability and public
confidence in the nation’s financial system by achieving
high standards in all areas of operation: insuring deposits,
examining and supervising financial institutions for safety
and soundness and consumer protection, making large and
complex financial institutions resolvable, and managing
receiverships.
The banking industry remains strong and well-positioned
to support economic growth. In 2019, net income, net
operating revenue, and loan growth were positive, and
the number of banks on the FDIC’s problem bank list
declined to its lowest level since 2007. The Deposit

When I joined the agency, I asked staff to identify rules
and regulations that have not been updated in 10 or more
years. To have a strong financial system – and strong
economic growth – banks must be able to meet the needs
of consumers and businesses across the nation. This
ability, in turn, requires that regulators modernize our
rules as the industry evolves.
Last year, we began a comprehensive review of our
longstanding regulatory framework for brokered deposits,
which was implemented in 1989. Those regulations have
not been revised to meaningfully address the significant
changes in technology, business models, and products
across the financial services industry over those 30 years.
Our review resulted in a proposal that would establish a
new, transparent framework for determining what qualifies

MESSAGE FROM THE CHAIRMAN

5

ANNUAL
REPORT
as a brokered deposit. These changes would have a real
impact on how banks deliver products and services to
consumers, including the more than 20 million unbanked
Americans who could have greater access to banking
services.
We also worked with our regulatory partners to issue
a proposal to modernize our regulations under the
Community Reinvestment Act (CRA), which have not
been substantively updated for nearly 25 years. The
proposal, which seeks to encourage greater lending and
investment in low- and moderate-income communities
where there is significant need for credit, would clarify
what activities qualify for CRA credit. In addition, the
proposal would recognize the evolution of the banking
system, including the emergence of digital banks, by
adding a test to determine whether banks need to establish
additional CRA assessment areas. We look forward
to receiving feedback on these proposals as we work to
improve and finalize them in 2020.
With respect to supervision, FDIC examination teams are
leveraging technology to reduce the amount of time they
spend on-site at supervised institutions. This reduces the
compliance burden for institutions – especially community
banks – without sacrificing the quality of our supervision.
We also took several steps to support de novo bank
formation, including revamping our internal processes to
provide more transparency and help organizers navigate
the deposit insurance application process. The results we
have seen thus far are encouraging with nine new deposit
insurance applications approved in 2019 and 14 in 2018 –
the largest numbers since 2008.
In addition, we established two new subcommittees to our
Community Bank Advisory Committee:
♦ Subcommittee on Supervision Modernization,
comprised of bankers, technologists, former
regulators, and legal experts to consider how the
FDIC can improve the efficiency of the examination
process; and
♦ Subcommittee on Minority Depository Institutions
(MDIs), comprised of FDIC-regulated institutions
to focus on the unique nature, needs and benefits
of MDIs and a supervisory framework that can
support them.

TAILORING REGULATIONS
As we continue to think about ways to strengthen the
banking system, the appropriate calibration of our
regulatory framework remains a top priority. It is critical
that regulators continuously evaluate whether our rules are
appropriately addressing risks in our financial system as
the system itself and the regulated entities within it evolve
over time.
In 2019, the FDIC completed all of its statutorily
mandated rules pursuant to the Economic Growth,
Regulatory Relief, and Consumer Protection Act,
including an interagency rule that establishes four riskbased categories for determining capital and liquidity
requirements. This framework better aligns our regulatory
requirements for large banks with their risk profiles, taking
into account their size and complexity. In addition, we
issued a rule to improve the efficiency and effectiveness
of the resolution planning process. Under both rules, the
largest, most systemically important institutions remain
subject to the most stringent standards, and requirements
for all other institutions are tiered based on each bank’s
risk profile.
Simultaneously, we are taking steps to reduce regulatory
burden at community banks, recognizing that community
bankers should focus more time on the business of
banking and less time navigating complex regulatory
issues. In November, we issued a rule that establishes a
simple leverage ratio for qualifying community banks.
The rule provides meaningful regulatory compliance
burden relief by allowing these banks to avoid complex
risk-based capital calculations and reporting. In addition,
we issued a rule that simplifies the Call Report for
community banks and expands eligibility to file the
streamlined Call Report.

FOSTERING INNOVATION
Perhaps no issue is more important – or more central to
the future of banking – than technological innovation.
Regulators must be proactive in engaging with all
stakeholders, including banks, consumer groups, trade
associations, and technology companies to understand
and help foster the safe adoption of technology across the
banking system, especially at community banks.
The cost of innovation and regulatory uncertainty are
the two primary hurdles that are keeping community
banks from developing and utilizing new technologies.

6

MESSAGE FROM THE CHAIRMAN

2019
Partnerships with financial technology companies, or
fintechs, can help community banks overcome the first
hurdle, but in order for them to overcome the second, the
FDIC must ensure that our regulatory framework enables
those partnerships.
In 2019, we established a new office – the FDIC Tech Lab,
or FDiTech – to address these issues. FDiTech’s goal is
to eliminate regulatory uncertainty through engagement
and technical assistance, while encouraging the market
to develop technology that improves the operations of
financial institutions. Through events like tech sprints and
pilot programs, FDiTech will collaborate with banks and
technology companies to tackle difficult challenges facing
the financial services industry and the FDIC.
Importantly, FDiTech will also engage directly with
community banks to discuss how technological
developments could impact their businesses. As part of
this effort and to further expand on the efforts of the
Subcommittee on Supervision Modernization, we plan
to host a series of community bank-focused roundtables
that will bring bankers together with technologists and
technology service providers.
It is my goal that the FDIC lays the foundation for the
next chapter of banking by encouraging innovation
that meets consumer demand, promotes community
banking, reduces compliance burdens, and modernizes our
supervision.

commitment to diversity and inclusion, we have created
an executive-level taskforce on diversity to help to ensure
our recruiting resources, hiring decisions, interviewing
processes, retention efforts, and advancement pools reflect
a purposeful and intentional effort to leverage diversity to
maintain a high-performing workforce.
The racial and gender diversity of the FDIC workforce
continues to increase, and we will work to consistently
improve diversity at all levels of the agency, fostering an
environment without barriers in which all employees feel
welcomed, valued, respected, and engaged.

LOOKING AHEAD
When I joined the FDIC, I committed to visiting all
50 states to engage with bankers, state regulators, and
consumers on their own turf. Through the end of 2019,
I had visited 28 states and received invaluable feedback
regarding the challenges banks face in different parts of
the country. In 2020, we will continue to advance the
goals of strengthening our banking system, fostering
innovation, and ensuring that banks can meet the needs of
businesses and consumers across the nation.
These are ambitious goals, and I know that the dedicated
employees of the FDIC will rise to the challenge. I remain
honored to serve alongside the men and women of the
FDIC who endeavor every day to fulfill our vital mission.
Sincerely,

PROMOTING DIVERSITY
AND INCLUSION
My personal and professional experiences have
underscored the importance of a workplace that is free
from discrimination and that supports diversity and
inclusion. In furtherance of the FDIC’s longstanding

Jelena McWilliams

MESSAGE FROM THE CHAIRMAN

7

THIS PAGE INTENTIONALLY LEFT BLANK

2019

M E S S A GE F R O M T H E
C H I E F F I N A N C IA L O F F IC E R
I am pleased to present the
FDIC’s 2019 Annual Report,
which covers financial
and program performance
information and summarizes
our successes for the year.
For 28 consecutive years,
the U.S. Government
Accountability Office has
issued unmodified audit
opinions for the two funds
administered by the FDIC: the Deposit Insurance Fund
(DIF) and the Federal Savings and Loan Insurance
Corporation (FSLIC) Resolution Fund (FRF). We take
pride in our accomplishments and continue to consistently
demonstrate discipline and accountability as stewards
of these funds. We remain proactive in the execution of
sound financial management and in providing reliable and
timely financial data to enhance decision-making.

2019 FINANCIAL AND
PROGRAM RESULTS
The DIF balance rose to a record $110.3 billion as of
December 31, 2019, compared to the year-end 2018
balance of $102.6 billion. The Fund balance increase
was primarily due to assessment revenue, earnings on
investments, and reductions in losses from prior year
failures. Four insured financial institutions failed in 2019,
with total assets of $209 million.
The DIF U.S. Treasury securities investment portfolio
balance was $100.1 billion as of December 31, 2019, an
increase of $7.4 billion over the year-end 2018 portfolio
balance of $92.7 billion. Interest revenue on DIF
investments was $2.1 billion for 2019, compared to
$1.6 billion for 2018.

In 2019, the FDIC continued to reduce operating
costs. The FDIC Operating Budget for 2019 totaled
approximately $2.04 billion—a decrease of $49 million
(2.3 percent) from 2018. Actual 2019 spending totaled
approximately $1.86 billion. The FDIC Board of Directors
recently approved a 2020 FDIC Operating Budget totaling
$2.02 billion, down $26 million (1.3 percent) from the
2019 budget. Including 2020, the annual operating
budget has declined for ten consecutive years, consistent
with a steadily declining workload.
The FDIC also continues to reduce staffing levels as
internal resource needs are realigned to reflect banking
industry changes and conditions. The FDIC’s authorized
full-time equivalent staffing dropped from 6,083 in 2018
to 5,915 in 2019, a 2.8 percent reduction. Authorized
staffing for 2020 is 5,755 full-time equivalent positons, a
2.7 percent reduction from 2019.
The FDIC continued to implement its enterprise risk
management (ERM) program in 2019 by communicating
a risk appetite statement to all employees, developing a
corporate risk profile and risk inventory, and initiating an
ERM training program. We will continue to enhance the
ERM program in 2020 through regional office outreach
and by further integrating the program into the FDIC’s
strategic planning and budgeting processes.
I appreciate the FDIC professionals who plan, execute, and
account for the agency’s resources. Their commitment
to ensuring sound financial management provides the
foundation for our strong stewardship and ensures reliable
financial information is available to our stakeholders.
Sincerely,

Bret D. Edwards

MESSAGE FROM THE CHIEF FINANCIAL OFFICER

9

ANNUAL
REPORT

F D I C SE N IO R L E A D E R S

Seated (left to right): Howard G. Whyte, Bret D. Edwards, Director Martin J. Gruenberg, Chairman Jelena McWilliams, Arleas Upton Kea,
Arthur J. Murton, and Doreen R. Eberley.
Standing 1st Row (left to right): Mark E. Pearce, Kymberly K. Copa, Zachary N. Brown, Jay N. Lerner, Chad Davis, Ricardo Delfin, Nicholas Podsiadly,
and Brandon Milhorn.
2nd Row (left to right): Suzannah L. Susser, Diane Ellis, Russell G. Pittman, Saul Schwartz, M. Anthony Lowe, Robert D. Harris, and Andy Jiminez.
Not pictured: Maureen E. Sweeney and Amy C. Thompson.

10

FDIC SENIOR LEADERS

2019

I N ME MOR IA M
ANDREW C. HOVE
in as Vice Chairman in 1990 against the backdrop of the
banking and savings and loan crises, he also served as
Acting Chairman three times. Throughout, Mr. Hove
steered the FDIC into safer waters, prompting stability not
only within the financial services industry, but within the
FDIC itself.
Mr. Hove brought three decades of experience as
a community banker to the FDIC, and guided the
Corporation from the perilous depths of the dual crises
to a period of recovery for both industries. Under
his leadership as Acting Chairman, the FDIC’s Bank
Insurance Fund recovered from a $7 billion deficit in
1991 to reach nearly $22 billion in 1994.

We at the FDIC were saddened by the August 18, 2019,
passing of Andrew C. Hove, former FDIC Vice Chairman.
Mr. Andrew “Skip” Hove served as the FDIC’s first Vice
Chairman and as its longest-serving Acting Chairman
during the years of the banking and savings and loan crises
and their aftermath.
Mr. Hove demonstrated calm, thoughtful, decisive, and
collegial leadership throughout his FDIC tenure. Sworn

Mr. Hove also prevented a potential panic during the
1992 election cycle, when fears of a “December surprise”
—that a meltdown in the banking industry similar to
what had occurred in the savings and loan industry would
follow the November election—began to mount. To
counter such fears, Mr. Hove pre-emptively led a public
information campaign to assure Congress, the media, and
depositors that the banking industry had in fact turned
a corner. Mr. Hove was proven right; no meltdown
occurred. A downward spiral in public confidence had
been averted.
Vice Chairman Hove was honored for his years of service
and his enthusiastic support of training and education
when the FDIC dedicated the Hove Auditorium at
Virginia Square. He was admired as a man of integrity,
honesty, wisdom, kindness, modesty, and generosity. He
was a public servant in the truest sense of the word. The
FDIC mourns the loss of a faithful public servant.

IN MEMORIAM

11

THIS PAGE INTENTIONALLY LEFT BLANK

I.

MANAGEMENT'S DISCUSSION AND ANALYSIS

THIS PAGE INTENTIONALLY LEFT BLANK

2019
OVERVIEW
During 2019, the FDIC continued to fulfill its missioncritical responsibilities. In addition, the agency is
working to further strengthen the banking system,
modernize its approach to supervision, and increase
transparency surrounding its programs. The FDIC also
continued to engage in several community banking and
community development initiatives.

assessment rates that will become effective when the
reserve ratio exceeds 2.0 percent and 2.5 percent.
State of the Deposit Insurance Fund

Cybersecurity remained a high priority for the FDIC in
2019; the agency worked to strengthen infrastructure
resiliency, enhance data governance, help financial
institutions mitigate risk, and respond to cyber
threats. This Annual Report highlights these and other
accomplishments during the year.

Four small institutions with total assets of $209 million
failed in 2019. Despite these failures, the fund balance
continued to grow through 2019, as it has every quarter
after the end of 2009. Assessment revenue was the
primary contributor to the increase in the fund balance,
while earnings on investments, unrealized gains on
investment securities held by the DIF, and a reduction in
losses from past failures were also significant contributors
to growth in 2019. The fund reserve ratio rose to
1.41 percent at September 30, 2019, from 1.36 percent
a year earlier.

DEPOSIT INSURANCE

Minimum Reserve Ratio

As insurer of bank and savings association deposits, the
FDIC must continually evaluate and effectively manage
how changes in the economy, financial markets, and
banking system affect the adequacy and the viability of
the Deposit Insurance Fund (DIF).

Section 334 of the Dodd-Frank Wall Street Reform and
Consumer Protection Act (Dodd-Frank Act), which
increased the minimum reserve ratio of the DIF from
1.15 percent to 1.35 percent, mandates that the reserve
ratio reach that level by September 30, 2020.

Long-Term Comprehensive Fund
Management Plan
In 2010 and 2011, the FDIC developed a comprehensive,
long-term DIF management plan designed to reduce
the effects of cyclicality and achieve moderate, steady
assessment rates throughout economic and credit cycles,
while also maintaining a positive fund balance, even
during a banking crisis.
Under the long-term DIF management plan, to increase
the probability that the fund reserve ratio (the ratio of
the fund balance to estimated insured deposits) would
reach a level sufficient to withstand a future crisis, the
FDIC Board set the Designated Reserve Ratio (DRR) of
the DIF at 2.0 percent. The FDIC views the 2.0 percent
DRR as a long-term goal and the minimum level needed
to withstand future crises of the magnitude of past crises.
In December 2019, the Board voted to maintain the 2.0
percent ratio for 2020.
Additionally, as part of the long-term DIF management
plan, the FDIC has suspended dividends indefinitely
when the fund reserve ratio exceeds 1.5 percent. In lieu
of dividends, the plan prescribes progressively lower

To achieve this ratio, the FDIC imposed surcharges on the
quarterly assessments of insured depository institutions
(IDIs) with total consolidated assets of $10 billion or more
(i.e., large banks). The surcharge equaled an annual rate of
4.5 basis points applied to an institution’s regular quarterly
deposit insurance assessment base after subtracting
$10 billion, with additional adjustments for banks with
affiliated IDIs.
As of September 30, 2018, the reserve ratio exceeded the
required minimum of 1.35 percent, and the surcharges
were suspended.
Application of Small Bank Assessment Credits
Because the Dodd-Frank Act mandates that the FDIC
offset the effect of the increase in the reserve ratio on
small banks (i.e., banks with assets less than $10 billion),
these banks were exempt from the surcharges. Also in
accordance with the Dodd-Frank Act, FDIC regulations
provide assessment credits to small banks for the portion
of their regular assessments that contributed to growth in
the reserve ratio between 1.15 percent and 1.35 percent.
The FDIC awarded these banks an aggregate amount of
approximately $765 million in credits after the reserve

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

15

ANNUAL
REPORT
ratio surpassed 1.35 percent as of September 30, 2018.
The FDIC notified all eligible banks of their respective
assessment credit amounts in January 2019.
FDIC regulations provide that the FDIC will
automatically apply assessment credits to reduce a small
bank’s regular assessment up to the entire amount
beginning in the first assessment period in which the
reserve ratio is at least 1.38 percent. The reserve ratio
increased to 1.40 percent as of June 30, 2019, thereby
exceeding 1.38 percent for the first time since small
bank assessment credits were awarded, and was 1.41
percent as of September 30, 2019. As a result, the FDIC
automatically applied approximately $559 million of small
bank assessment credits to offset banks’ second and third
quarter 2019 assessments. After applying these credits,
$206 million in small bank credits remain.
In November 2019, the FDIC approved a final rule
amending the deposit insurance assessment regulations
that govern the use of small bank assessment credits
and one-time assessment credits (OTACs) by certain
IDIs.1 Under the final rule, the FDIC will apply small
bank assessment credits to quarterly deposit insurance
assessments as long as the DIF reserve ratio is at least 1.35
percent (instead of, as originally provided, 1.38 percent).
In addition, after small bank assessment credits have been
applied for four quarterly assessment periods, and as long
as the reserve ratio is at least 1.35 percent, the FDIC will
remit the full nominal value of any remaining small bank
assessment credits and OTACs in lump-sum payments
to each IDI holding such credits in the next assessment
period.

SUPERVISION
Supervision and consumer protection are cornerstones of
the FDIC’s efforts to ensure the stability of, and public
confidence in, the nation’s financial system. The FDIC’s
supervision program promotes the safety and soundness
of FDIC-supervised financial institutions, protects
consumers’ rights, and promotes community investment
initiatives.

Examination Program
The FDIC’s strong bank examination efforts are at the
core of its supervisory program. As of December 31,
2019, the FDIC was the primary federal regulator for
3,347 FDIC-insured, state-chartered institutions that were
not members of the Federal Reserve System (generally
referred to as “state nonmember” institutions). Through
risk management (safety and soundness), consumer
compliance, Community Reinvestment Act (CRA),
and other specialty examinations, the FDIC assesses an
institution’s operating condition, management practices
and policies, and compliance with applicable laws
and regulations.
As of December 31, 2019, the FDIC conducted 1,458
statutorily required risk management examinations,
including reviews of Bank Secrecy Act (BSA) compliance,
and all required follow-up examinations for FDICsupervised problem institutions, within prescribed time
frames. The FDIC also conducted 1,147 statutorily
required CRA/consumer compliance examinations
(933 joint CRA/consumer compliance examinations, 210
consumer compliance-only examinations, and four CRAonly examinations). In addition, the FDIC performed
3,270 specialty examinations (which include reviews for
BSA compliance) within prescribed time frames.
The table on the following page illustrates the number of
examinations by type, conducted from 2017 through 2019.
Risk Management
All risk management examinations have been conducted
in accordance with statutorily-established time frames.
As of September 30, 2019, 55 insured institutions with
total assets of $48.8 billion were designated as problem
institutions—defined as those institutions having a
composite CAMELS2 rating of 4 or 5—for safety and
soundness purposes. By comparison, on September 30,
2018, there were 71 problem institutions with total assets
of $53.3 billion. This represents a 23 percent decline
in the number of problem institutions and an 8 percent
decrease in problem institution assets.

The Federal Deposit Insurance Reform Act of 2005 (FDI Reform Act) required the FDIC to provide OTACs to IDIs that existed on December 31, 1996, and paid
a deposit insurance assessment prior to that date, or that were successors to such an institution. The purpose of the OTAC, which was described as a “transitional”
credit when it was enacted, was to recognize the contributions that certain institutions made to capitalize the Bank Insurance Fund and Savings Association
Insurance Fund, which had been recently merged into the DIF.

1

2
The CAMELS composite rating represents an institution's adequacy of Capital, quality of Assets, capability of Management, quality and level of Earnings,
adequacy of Liquidity, and Sensitivity to market risk, and ranges from “1” (strongest) to “5” (weakest).

16

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
FDIC EXAMINATIONS
Risk Management (Safety and Soundness):
State Nonmember Banks
Savings Banks
State Member Banks
Savings Associations
National Banks
Subtotal–Risk Management Examinations
CRA/Consumer Compliance Examinations:
Consumer Compliance/Community Reinvestment Act
Consumer Compliance-only
CRA-only
Subtotal–CRA/Compliance Examinations
Specialty Examinations:
Trust Departments
Information Technology and Operations
Bank Secrecy Act
Subtotal–Specialty Examinations
TOTAL
For the 12 months ended September 30, 2019, 28
institutions with aggregate assets of $4.5 billion were
removed from the list of problem financial institutions,
while 12 institutions with aggregate assets of $1.6 billion
were added to the list. The FDIC is the primary federal
regulator for 39 of the 55 problem institutions, with total
assets of $4.4 billion.
In 2019, the FDIC’s Division of Risk Management
Supervision (RMS) initiated 100 formal enforcement
actions and 119 informal enforcement actions.
Enforcement actions against institutions included, but
were not limited to, 17 actions under Section 8(b) of the
Federal Deposit Insurance Act (FDI Act), one of which
was a notice of charges, three civil money penalties
(CMPs), and 83 memoranda of understanding (MOUs).
Of these enforcement actions against institutions, five
consent orders, three CMPs and 18 MOUs were based,
in whole or in part, on apparent violations of BSA and
anti-money laundering (AML) laws and regulations. In
addition, enforcement actions were also initiated against
individuals. These actions included, but were not limited
to, 34 removal and prohibition actions under Section
8(e) of the FDI Act (33 consent orders and one notice of
intention to remove/prohibit), five actions under Section

2019

2018

2017

1,310

1,333

1,440

148

159

171

0

0

0

0

0

0

0

0

0

1,458

1,492

1,611

933

876

770

210

337

393

4

2

5

1,147

1,215

1,168

313

308

347

1,466

1,503

1,627

1,491

1,523

1,640

3,270

3,334

3,614

5,875

6,041

6,393

8(b) of the FDI Act, and 10 CMPs, (nine orders to pay
restitution and one notice of assessment), including two
CMPs related to BSA.
The FDIC conducts risk examination through a riskfocused, forward-looking supervision program. The
objective of a risk-focused examination is to evaluate
the safety and soundness of the financial institution by
assessing its risk management systems, financial condition,
and compliance with applicable laws and regulations,
while focusing on the bank’s highest risks. The riskfocused examination process seeks to strike an appropriate
balance between evaluating the condition of an institution
at a certain point in time and evaluating the soundness of
the institution’s processes for managing risk in all phases
of the economic cycle. By evaluating an institution’s
risk management practices, examiners look beyond the
financial condition of a bank at a point in time, to how
well it can respond to changing market conditions given its
particular risk profile.
Examiners communicate their views about changes
needed in its practices, operations or financial condition
through supervisory recommendations, including
Matters Requiring Board Attention (MRBA). A

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

17

ANNUAL
REPORT
principal purpose of supervisory recommendations is to
communicate supervisory concerns to a bank so that it
can make appropriate changes in its practices, operations,
or financial condition and thereby avoid more formal
remedies in the future, such as enforcement actions. RMS
tracks bank managements’ responsiveness to MRBAs
through examination follow up activities.
For example, in 2019, a total of 312 institutions were
assigned a composite CAMELS rating of 2 and had
MRBAs identified in the examination reports. To ensure
that MRBAs are being appropriately addressed at these
institutions, the FDIC timely reviews progress reports
and follows up with bank management as needed. More
specifically, within six months of issuing the examination
reports, the FDIC conducted appropriate follow up and
review of these MRBAs at 301 (96.5 percent) of these
institutions. Follow up and review of the MRBAs at the
remaining 11 institutions (3.5 percent) occurred more than
six months after issuing the examination reports primarily
due to delayed responses from some banks, as well as the
need for additional information in order to complete a
full review.
Consumer Compliance
As of December 31, 2019, 36 insured state nonmember
institutions (collectively, with total assets of $33 billion),
about 1 percent of all supervised institutions, were problem
institutions for consumer compliance, CRA, or both. All
of the problem institutions for consumer compliance were
rated “4” for consumer compliance purposes, with none
rated “5.” For CRA purposes, the majority were rated
“Needs to Improve”; only two were rated “Substantial
Noncompliance.” As of December 31, 2019, all follow-up
examinations for problem institutions were performed
on schedule.
As of December 31, 2019, the FDIC conducted and
achieved all required consumer compliance and CRA
examinations and, when violations were identified,
completed follow-up visits and implemented appropriate
enforcement actions in accordance with FDIC policy.
In completing these activities, the FDIC achieved its
internally established time standards for the issuance of
final examination reports and enforcement actions.
Overall, FDIC examiners concluded that the vast majority
of FDIC-supervised institutions were rated satisfactory
or better for consumer compliance and demonstrated the
ability to maintain effective programs to manage their

18

consumer compliance responsibilities. Some noteworthy
issues that emerged from 2019 consumer compliance
examinations include continuing concerns about banks’
monitoring of third-party service providers and their
implementation of the Truth in Lending Act (TILA) –
Real Estate Settlement Procedures Act (RESPA) Integrated
Disclosure Rule (TRID). The TRID implementation
issues were the most frequently cited violations of TILA
in 2019. In response, the FDIC developed and hosted
a banker teleconference on Understanding the TRID
Rule (see discussion under the Technical Assistance
Program section).
As of December 31, 2019, the FDIC’s Division of
Depositor and Consumer Protection (DCP) initiated 19
formal enforcement actions and 15 informal enforcement
actions to address consumer compliance examination
findings. This included three consent orders to strengthen
consumer compliance management systems, 16 CMPs,
and 11 MOUs. The CMPs were issued against institutions
to address violations of the Flood Disaster Protection
Act, the RESPA, and Section 5 of the Federal Trade
Commission Act for unfair or deceptive acts or practices.
The CMP orders totaled in excess of $2.1 million. In
addition to the consumer refunds resulting from the
assistance provided by the FDIC’s Consumer Response
Center (see discussion under the Consumer Complaints
and Inquiries section), consumer compliance examination
findings resulted in banks making voluntary restitution of
approximately $4.7 million to over 19,000 consumers and
TILA reimbursements of approximately $1.3 million to
more than 6,000 consumers.
Consumer Compliance Supervision Strategic Plan
DCP has established a Supervision Strategic Plan to
identify near-term initiatives that are aligned with
long-term objectives. The Supervision Strategic Plan
for consumer compliance is built around four pillars:
Technology and Financial Innovation, Supervisory
Efficiency, Emerging Risk Identification, and
Communication Effectiveness. DCP established 20
key near-term initiatives in alignment with these pillars,
and set forth strategies to leverage technology, expand
industry engagement, and efficiently conduct risk-focused
examination activities to pursue these initiatives. DCP
will continue to advance these strategic priorities, and is
updating the plan to reflect 2021 – 2024 initiatives and
goals. Current development of plans for 2021 – 2024
initiatives will continue to advance strategic priorities.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
External stakeholders—in particular, community banks—
will benefit from the plan through continued transparency
in the supervisory process, which includes changes to
examination report formats, access to information and
resources, tools that will improve the exchange of data
and documents with the FDIC, and increased engagement
with the FDIC’s exceptionally knowledgeable and wellequipped examiners.

Large Bank Supervision Program
The Large Bank Supervision Branch (LBSB) within
RMS addresses the growing complexity of large banking
organizations with assets from $10 billion to $100 billion
of all charters, plus all FDIC-supervised banks over
$10 billion. This branch is responsible for supervisory
oversight and ongoing monitoring, while supporting the
insurance business line. For state nonmember banks with
assets exceeding $10 billion, the FDIC generally applies a
continuous examination program, whereby dedicated staff
conduct ongoing on-site supervisory examinations and
institution monitoring.
The Large Insured Depository Institution (LIDI)
Program remains the primary instrument for off-site
monitoring of IDIs supervised by LBSB, as well as
select banks supervised by the Division of Complex
Institution Supervision and Resolution (CISR) where the
FDIC has on-site examination staff. The LIDI Program
provides a comprehensive process to standardize data
capture and reporting for large and complex institutions
nationwide, allowing for quantitative and qualitative
risk analysis. In 2019, the LIDI Program covered 122
institutions with total assets of $6.8 trillion. The LIDI
Program supports effective large bank supervision by
using individual institution information to focus resources
on higher-risk areas, determine the need for supervisory
action, and support insurance assessments and resolution
planning.
The Shared National Credit (SNC) Program is an
interagency initiative administered jointly by the FDIC,
the Office of the Comptroller of the Currency (OCC), and
the Federal Reserve Board (FRB) to promote consistency
in the regulatory review of large, syndicated credits, as
well as to identify risk in this market, which comprises a
large volume of domestic commercial lending. In 2019,

outstanding credit commitments identified in the SNC
Program totaled $4.8 trillion. The FDIC, FRB, and
OCC report the results of their review in an annual, joint
public statement.
In the third and fourth quarter of 2018, the LBSB
completed a horizontal commercial loan underwriting
review at 32 large FDIC-supervised institutions to
further understand and assess recent commercial loan
underwriting practices. In July 2019, the overall findings
and observations from that review were shared via a letter
to each covered bank’s Chief Executive Officer.

Operational Risk Supervision Program
Information Technology and Cybersecurity
The FDIC examines information technology (IT),
including cybersecurity, at each bank it supervises as part
of the risk management examination. Examiners assign
an IT rating using the Federal Financial Institutions
Examination Council’s (FFIEC) Uniform Rating System
for Information Technology (URSIT), and the IT rating
is incorporated into the management component of
the CAMELS rating, in accordance with the FFIEC’s
Uniform Financial Institutions Rating System.
During 2019, the FDIC collaborated with the FRB
and state banking departments to enhance the
Information Technology Risk Examination (InTREx)
Program used to conduct financial institution IT
examinations. For example, the InTREx information
technology profile used to risk-focus IT examinations
was streamlined, and redundancies in examiner questions
were eliminated.
The FDIC also enhanced its examinations of service
providers. For example, the interagency Cybersecurity
Examination Program became a standard component of
the most significant service provider examinations. The
FDIC, FRB, and OCC, also horizontally reviewed the
contracts between financial institutions and large service
providers to evaluate how well the agreements provide for
protecting customer nonpublic personal information.
The FDIC collaborated with the other FFIEC member
entities3 to update the FFIEC IT Examination Handbook
booklet titled Business Continuity Management.

FFIEC member agencies include the FDIC, FRB, National Credit Union Administration (NCUA), OCC, and Consumer Financial Protection Bureau (CFPB).
The FFIEC also includes a State Liaison Committee (SLC) as a voting member; the SLC includes representatives from the Conference of State Bank Supervisors
(CSBS), American Council of State Savings Supervisors (ACSSS), and National Association of State Credit Union Supervisors (NASCUS).

3

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

19

ANNUAL
REPORT
Examiners use this booklet as a reference, and it contains
detailed procedures for examining more complex
entities. Finally, the FDIC, FRB, and OCC conducted
IT examinations of services provided to banks by third
parties, with a particular focus on the strength of the
contracts between banks and their service providers.
The FDIC also continued to build its IT examination
workforce. For example, an entry-level IT and Cyber
Risk Management Analyst position was created. The new
analysts will focus only on IT (including cybersecurity)
examinations, and are expected to reach proficiency at
those tasks quicker than examiners who have broader
responsibilities. The FDIC also updated its advanced IT
training for safety and soundness examiners. Examiners
take this training to prepare them to examine the most
complex institutions and service providers.
The FDIC actively engages with both the public and
private sectors to assess emerging cybersecurity threats
and other operational risk issues. The information
obtained from these engagements is shared with financial
institutions and examiners, when appropriate. FDIC
staff meet regularly with the Financial and Banking
Information Infrastructure Committee (FBIIC), the
Financial Services Sector Coordinating Council for
Critical Infrastructure Protection, the Department
of Homeland Security (DHS), the Financial Services
Information Sharing and Analysis Center, other regulatory
agencies, and law enforcement to share information
regarding emerging issues and to coordinate responses.
For example, in June 2019, the FDIC sent a DHS
cybersecurity alert to all FDIC-supervised institutions
highlighting the need for them to defend against a rise
in malicious cyber activity directed at the United States.
Additionally, in October 2019, the FDIC and other FFIEC
members conducted a webinar to raise awareness about
the increased frequency of email compromise fraud. The
webinar featured a guest speaker from the Financial
Crimes Enforcement Network (FinCEN), which has
researched this type of fraud.
Bank Secrecy Act/Anti-Money Laundering
Throughout 2019, the FDIC, FRB, and OCC and the
Department of the Treasury (including FinCEN), focused
on improving the efficiency and effectiveness of the Bank
Secrecy Act/Anti-Money Laundering (BSA/AML) regime.
In July 2019, the agencies issued a joint statement to clarify
the risk-focused approach to BSA/AML supervision. The
FDIC, FRB, OCC, Treasury, and FinCEN also issued

20

a statement on providing financial services to customers
engaged in hemp-related businesses.
The FFIEC made significant progress in updating the
FFIEC BSA/AML Examination Manual that is expected
to be released in early 2020. Revised sections of the
manual reinforce instructions to examiners regarding
depository institutions’ policies, procedures, and processes
designed to reasonably meet the requirements of the
BSA and safeguard institutions from money laundering,
terrorist financing, and other illicit financial activity.
The manual emphasizes that examiners should tailor the
BSA/AML examination scope and planned procedures to
the money laundering/terrorist financing risk profile of the
depository institution.
Cyber Fraud and Financial Crimes
The FDIC has undertaken a number of initiatives in 2019
to protect the banking industry from criminal financial
activities. These include developing a financial crimes
conference that will be held in 2020 for examiners,
lawyers, and others from federal banking and law
enforcement agencies. Another initiative helped financial
institutions identify and shut down “phishing” websites
that attempt to fraudulently obtain an individual’s
confidential personal or financial information. Finally, in
August 2019, the FDIC published a Consumer News article
that offered tips consumers can use to protect themselves
from fake check scams.

Examiner Training and Development
Examiner training continued to be a top priority in 2019.
The FDIC strives to deliver effective and efficient onthe-job, classroom, and computer-based instruction. A
cadre of highly trained and skilled instructors provides
classroom learning to FDIC examination staff, as well as
staff of regulatory partners from international and state
agencies. Oversight of the training program is provided by
senior and mid-level management to ensure that content
and delivery are effective, appropriate, and current. The
FDIC works in collaboration with partners across the
organization and with the FFIEC to ensure that emerging
risks and topics are incorporated and conveyed timely.
Examination staff at all levels benefit from targeted and
tenure-appropriate content. The FDIC also recognizes
the critical role peer-to-peer knowledge transfer plays in
preserving institutional knowledge and experience, and
encourages opportunities for employees to learn from
each other.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
In 2019, the FDIC held training for all of its
commissioned risk management examiners and case
managers on a variety of topics, including root cause
analysis, emerging technologies, model risk management,
and operational risk. In addition, the FDIC launched
refresher foundational training for all examinationrelated staff on the Bank Secrecy Act; this training will be
completed in first quarter 2020.

In addition, a Current Expected Credit Losses (CECL)
Examiner Training and Development Plan was launched
in 2018 to begin a multi-year initiative to ensure
examination staff understand the requirements of the
new credit losses accounting standard, and are consistent
in conveying the FDIC’s expectations with respect to
banks’ CECL implementation efforts.
The FDIC has also undertaken a multi-year project
to expand and strengthen its examiner development
programs for specialty areas, such as IT, BSA/AML, trust,
capital markets, and accounting. As banks become more
specialized, enhancing examiner skills in these areas is
key to ensuring an effective examination program. The
goal of this project is to standardize the skills needed to
examine banks of varying levels of risk and complexity
in each specialty area, and to develop on-the-job training
(OJT) programs to provide opportunities for examiners to
acquire higher-level competencies in these specialty areas.
In 2019, the FDIC released the second of its IT OJT
programs and continued to develop specialty OJT
programs in accounting, capital markets, BSA/AML,
and trust.

Minority Depository Institution Activities
The preservation and promotion of minority depository
institutions (MDIs) remains a long-standing and high
priority for the FDIC. In 2019, the FDIC expanded
engagement with MDIs and continued to promote and
support MDI and Community Development Financial
Institution (CDFI bank) industry-led strategies to
better serve their communities. These strategies include
increasing collaboration between MDIs and other financial
institutions; partnering to share costs, raise capital, or
pool loans; and making innovative use of available federal
programs. The FDIC supports these efforts through
research, outreach, and engagement to better understand
MDI issues, as well as by providing technical assistance
and education and training for MDI and CDFI banks.

During 2019, the FDIC published a research study,
Minority Depository Institutions: Structure, Performance,
and Social Impact that explores changes in FDIC-insured
MDIs, their role in the financial services industry, and
their impact on the communities they serve. The study
showed that MDI financial performance improved
significantly over the past five years; MDIs consolidated
significantly, but more gradually than community banks
overall; and MDIs are important service providers to lowor moderate-income and minority communities.
The FDIC established a new MDI Subcommittee of the
Advisory Committee on Community Banking (CBAC),
which held its inaugural meeting in December 2019.
The subcommittee provides an opportunity for minority
bankers to discuss key issues and share feedback directly
with FDIC Board Members and senior management.
In addition, the FDIC added additional MDI bankers to
the CBAC membership to further bring MDI perspectives
and issues to the table.
Throughout 2019, the FDIC hosted three roundtables
with large banks and MDI bankers to foster collaboration
in support of the continued vibrancy of MDIs and
their communities. During the roundtables, executives
from 29 large banks and 24 MDIs discussed potential
partnerships including financial support, lending activities,
or service activities including technical assistance.
Each roundtable outlined how both MDIs and other
institutions may realize business and regulatory benefits
by developing partnerships, drawing upon the FDIC’s
Resource Guide for Collaboration with Minority Depository
Institutions published in December 2017. In addition,
the FDIC clarified how relationships with MDIs receive
consideration under the Community Reinvestment Act.
The FDIC is following up to monitor the outcomes of
the roundtables and highlight successful partnerships at
future roundtables.
One of the FDIC’s statutory goals is to preserve the
minority character of MDIs in failed bank acquisitions.
In 2019, the FDIC hosted three workshops and two
webinars with MDI bankers to discuss the failed bank
bidding process and special marketing procedures for
MDIs. In addition, the FDIC implemented a new
marketing procedure that provides a two-week window
exclusively for MDIs. During this window, the FDIC
contacts all qualified MDIs on the bid list to ensure they
received an invitation to bid, and provides full access to

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

21

ANNUAL
REPORT

FDIC Chairman McWilliams is introduced to Alden J. McDonald’s son,
Todd McDonald at the June 2019 Interagency MDI and CDFI Bank
Conference. Alden McDonald founded Liberty Bank and Trust in 1972
in New Orleans, Louisiana.

the data room if an MDI is interested. The FDIC also
describes in detail the failing bank transaction and offers
to provide technical assistance on the bidding process.
Following the two-week period, the FDIC invites all other
qualified bidders to the failing bank project.
One MDI failed in 2019, and the acquirer was another
MDI. In fact FDIC’s research shows that over a 17-year
period, most of the assets of merged and failed MDIs have
been acquired by other MDIs. Of the nearly $23 billion
in MDI failed-bank assets during this period, 86 percent
were acquired by another minority bank.
In June 2019, the FDIC hosted the interagency MDI and
CDFI bank conference, Focus on the Future: Prospering
in a Changing Industry, in collaboration with the OCC
and FRB. The conference featured a dialogue with
federal leadership, who provided updates on programs
and policies that can help MDI and CDFI banks achieve
their goals. Minority bank CEOs discussed strategies for
their customers, employees, and communities in order
to succeed in today’s marketplace. Experts discussed
innovation, collaboration, supervision, and FDIC
research. Interactive workshops addressed topics such as
cybersecurity and threat-monitoring tools and resources,
understanding MDIs and their markets, succession
management, federal programs supporting MDIs, the
benefits of participating in the CDFI Fund’s programs,
and preserving the minority character in failing bank
transactions.
The FDIC also continuously pursued efforts to improve
communication and interaction with MDIs and to
respond to the concerns of minority bankers in 2019.

22

The FDIC maintains active outreach with MDI trade
groups and offers to arrange annual meetings between
FDIC regional management and each MDI’s board of
directors to discuss issues of interest. The FDIC routinely
contacts MDIs to offer return visits and technical
assistance following the conclusion of FDIC safety and
soundness, consumer compliance, CRA, and specialty
examinations to help bank management understand
and implement examination recommendations. These
return visits, normally conducted within 90 to 120 days
after the examination, are intended to provide useful
recommendations or feedback for improving operations,
not to identify new issues.
Through its public website (www.fdic.gov), the FDIC
invites inquiries and provides contact information for any
MDI to request technical assistance at any time.
In 2019, the FDIC provided 134 individual technical
assistance sessions on nearly 50 risk management,
consumer compliance, and resolution topics, including:
♦ Accounting,
♦ Bank Secrecy Act and Anti-Money Laundering,
♦ Community Reinvestment Act,
♦ Compliance management,
♦ Funding and liquidity,
♦ Information technology risk management
and cybersecurity,
♦ Internal audit, and
♦ Failed bank acquisition.

Chairman McWilliams (center) in discussion with John Hope Bryant,
founder, Chairman and CEO of Operation HOPE, and Evelyn Smalls,
President and CEO of United Bank of Philadelphia at the National
Bankers Association Annual Convention in October 2019.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
The FDIC also held outreach, training, and educational
programs for MDIs through conference calls and regional
banker roundtables. In 2019, topics of discussion for
these sessions included many of those listed above, as well
as collaboration and partnerships, the CECL accounting
methodology, IT vendor management, cybersecurity,
CRA, innovation, BSA, CDFI Fund Programs, and
emerging technology.

SUPERVISION POLICY
The goal of supervision policy is to provide clear,
consistent, meaningful, and timely information to
financial institutions and examiners.

Risk-Focused Supervision Program
During 2019, the FDIC undertook an effort to
memorialize its long-standing practices regarding riskfocused, forward-looking supervision. The result of this
effort was referenced in RMS’s August 2019 update to
the Risk Management Manual of Examination Policies,
which incorporated a new section titled “Risk-Focused,
Forward-Looking Safety and Soundness Supervision.”
The new section describes the FDIC’s long-standing
philosophy and methods for supervising institutions by
focusing on institutions and the areas within institutions
presenting the greatest risks. It also describes principles for
communication, risk-tailoring of examination procedures,
examination planning, and off-site examination
activities that are followed during safety and soundness
examinations.
As part of this effort, RMS also implemented more
robust examination planning procedures, including
increasing the amount of notice bankers are provided
before examinations begin and allowing examiners more
time to understand the institution and tailor procedures
to the institution’s risk profile accordingly. Additionally,
procedures for loan review have been enhanced and
electronic document-transfer systems with institutions
have been improved.

Current Expected Credit Losses
Implementation
In June 2016, the Financial Accounting Standards Board
(FASB) introduced the CECL methodology for estimating
allowances for credit losses, replacing the current incurredloss methodology.

Since then, the FDIC has worked collaboratively with the
FRB, OCC, FASB, Securities and Exchange Commission
(SEC), and CSBS to answer questions regarding the
implementation of CECL.
♦ The FDIC participated on the FFIEC Task Force
on Reports that developed revisions to the Call
Report and other FFIEC reports to address the
changes in the accounting for credit losses under
the new standard. Because the standard could be
early adopted by institutions effective January 1,
2019, these revisions were implemented for quarterly
reports as of March 31, 2019, and take effect for
annual reports as of December 31, 2019. Institutions
were notified of the final reporting changes in an
interagency FFIEC Financial Institution Letter (FIL)
and an FDIC-only FIL.
♦ In December 2018, the FDIC, FRB and OCC issued
the CECL Regulatory Capital final rule revising the
regulatory capital rules for the implementation of,
and capital transition to, the CECL methodology.
The final rule allows banks to transition the day-one
effects of the credit losses accounting standard on
regulatory capital over three years. The final rule also
revises the agencies’ regulatory capital rule and other
rules to take into consideration differences between
the new accounting standard and existing U.S.
generally accepted accounting principles.
♦ In April 2019, the FDIC, FRB, OCC, and NCUA
issued an updated set of frequently asked questions
(FAQs) that focus on the application of the new credit
losses accounting standard and related regulatory
reporting. This updated set includes the initial set of
FAQs issued in December 2016 and the second set
of FAQs issued in September 2017. Certain of the
previously issued FAQs were updated in response to
recent developments. An appendix includes links to
relevant resources that are available to institutions to
assist with the implementation of CECL.
♦ In April 2019, the FDIC, FRB, OCC, NCUA, FASB,
SEC, and CSBS conducted a webinar covering one
possible simplified method of calculating allowances
under CECL, which is known as the Weighted
Average Remaining Maturity (WARM) Method.
In January 2019, the FASB issued a Staff questions
and answers (Q&A) document confirming that the
WARM method is one of many acceptable methods
that can be used to estimate allowances for less

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

23

ANNUAL
REPORT
complex financial asset pools under CECL. The
webinar also discussed the use of reasonable and
supportable forecasts when estimating allowances.

Management of Credit Risk, Liquidity
Risk, and Interest-Rate Risk
The economy is in its eleventh year of expansion. Amid
increasing competition for loans, a large majority of
insured institutions continue to grow their loan portfolios,
albeit more slowly than in prior years. Some institutions
have increased existing concentrations, leaving them with
greater exposure to market sector changes.
Loan growth, accompanied by a reduction in holdings
of liquid assets and increased reliance on funding
sources other than traditionally stable deposits, is
particularly prevalent among institutions with rising or
elevated concentration levels. Competition for deposits
is increasing and intensified by long-term trends like
declining rural populations and consumers’ adoption of
innovative financial technology.
A lengthy period of historically low interest rates and
tightening net interest margins have created incentives for
insured depository institutions to reach for yield in their
lending and investment portfolios by extending portfolio
durations, potentially increasing their vulnerability to
higher interest rates. Long-term rates have been falling in
recent years, resulting in a flatter yield curve and, in 2019,
the yield curve temporarily inverted. The uncertainty in
the direction of rates and shape of the yield curve create
a challenging environment for managing exposure to
interest-rate risk.
Through regular on-site examinations and interim contacts
with state nonmember institutions, FDIC staff regularly
engage in dialogue with institution management about the
need to ensure that their practices to manage credit risk,
liquidity risk, and interest-rate risk are effective. Where
appropriate, FDIC staff work with institutions that have
significant exposure to these risks and encourage them to
take appropriate risk-mitigating steps. The FDIC employs
off-site monitoring to help identify institutions that may
have heightened exposure to these risks, and follows up
with them to better understand their risk profiles.
Throughout 2019, the FDIC conducted outreach and
offered technical assistance regarding these risk issues.
The FDIC also published Supervisory Insights articles on

24

the risks associated with potential transitions in financial
instrument reference rates and the risk management
practices of insured banks with commercial real estate loan
concentrations and leveraged lending. FDIC examiners
continue to assess how well banks are managing the
risks associated with credit and funding concentrations.
The findings of these assessments are shared with bank
management in the Report of Examination.

CAMELS Request for Information
In October 2019, the FDIC and FRB issued a request
for information and comments from interested parties
regarding the consistency of ratings assigned by the
agencies under the Uniform Financial Institutions Rating
System (more commonly known as CAMELS ratings).
The agencies are also requesting feedback on the use of
CAMELS ratings by the agencies in their bank application
and enforcement action processes. Comments are due by
February 28, 2020.

Applications Procedures Manual
During 2019, the FDIC issued updated, public facing
sections of the Applications Procedures Manual. The
manual provides comprehensive direction to FDIC staff
assigned to review and process applications, notices, and
other requests (collectively, applications) submitted to the
FDIC. In June, 17 sections of the manual were released,
and in December an additional 18 sections were released.
As part of Chairman McWilliams’ “Trust Through
Transparency” initiative, making the manual publicly
available provides greater transparency to the banking
industry and other interested parties regarding the FDIC’s
application processes. As appropriate, the manual will be
updated periodically for changes in laws, regulations, and
processes. FDIC-insured institutions and other interested
parties may access application-related information through
the FDIC’s Bank Applications webpage located at https://
www.fdic.gov/regulations/applications/.

Supervisory Guidance
Regulatory Relief - Areas Affected by Severe Storms

During 2019, the FDIC issued eight advisories through
FILs to provide guidance to financial institutions in areas
affected by hurricanes, tornadoes, flooding, wildfires,
and other severe storms, and to facilitate recovery. In

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
these advisories, the FDIC encouraged banks to work
constructively with borrowers experiencing financial
difficulties as a result of natural disasters, and clarified
that prudent extensions or modifications of loan terms
in such circumstances can contribute to the health
of communities and serve the long-term interests of
lending institutions.
Allowance for Credit Losses
On October 17, 2019, the three banking agencies and the
NCUA, with input from CSBS, issued for public comment
a proposed Interagency Policy Statement on Allowances for
Credit Losses (ACLs) in response to CECL, the new credit
losses accounting standard. The proposed policy statement
would replace the agencies’ December 2006 Interagency
Policy Statement on the Allowance for Loan and Lease
Losses (ALLL) and the July 2001 Policy Statement on
Allowance for Loan and Lease Losses Methodologies
and Documentation for Banks and Savings Institutions
(collectively, the 2006 and 2001 ALLL Policy Statements).
The comment period closed December 16, 2019.
♦ The principles outlined in the policy statement on
ACLs would become of interest to an institution
upon the institution’s adoption of the CECL.
♦ Once CECL is effective for all institutions, the
agencies will rescind the 2006 and 2001 ALLL
Policy Statements.
♦ The proposed new policy statement addresses most of
the topics covered in the 2006 and 2001 ALLL Policy
Statements, but in the context of CECL. Thus, the
new policy statement describes:
• The measurement of expected credit losses under
CECL and the accounting for impairment
on available-for-sale (AFS) debt securities in
accordance with the new credit losses accounting
standard;
• Principles related to designing, documenting,
and validating expected credit loss estimation
processes, including the internal controls over
these processes;
• Maintaining appropriate ACLs;
• The responsibilities of boards of directors and
management; and
• Examiner reviews of ACLs.
Credit Risk Review

In October 2019, the FDIC, jointly with the FRB, OCC,
and NCUA, issued a request for comment on proposed
Guidance for Credit Risk Review Systems. The proposed
supervisory guidance updates and reaffirms, as a standalone document, the elements of an effective credit risk
review system currently contained in the Interagency
Policy Statement on the Allowance for Loan and Lease Losses
(Attachment 1 - Loan Review Systems), issued in 2006.
The proposed supervisory guidance also reflects current
industry credit review practices and terminology associated
with the CECL methodology. The comment period closed
on December 16, 2019.
Codification of Section 19 Statement of Policy
On November 18, 2019, the FDIC approved an NPR to
codify the Section 19 Statement of Policy (SOP) in the
FDIC’s regulations and seek public comment on all
aspects of the Section 19 SOP. Section 19 of the FDI
Act generally prohibits individuals convicted of certain
crimes from becoming employed by, or participating in
the affairs of, an IDI. Specifically, the proposal seeks
comment on whether and how the FDIC should expand
the criteria for what constitutes a de minimis offense.
This proposal also supports the ongoing initiative among
the federal financial regulators to address the appropriate
role of supervisory guidance compared to notice and
comment rulemakings. The comment period closes on
March 16, 2020.

Regulatory Tailoring
Tailoring of Capital and Liquidity Standards
In October 2019, the FDIC, FRB and OCC approved
a final rule to tailor the regulatory capital and liquidity
requirements for large depository institution holding
companies, U.S. intermediate holding companies
of foreign banking organizations (U.S. IHCs), and
certain depository institutions. Under the final rule, the
requirements for U.S. Global-Systemically Important
Banks (U.S. G-SIBs) are unchanged and these institutions
remain subject to the most stringent standards. However,
the final rule tailors the capital and liquidity requirements
for all other banking organizations with greater than $100
billion in total consolidated assets, commensurate with
their size, complexity, and potential systemic risks. The
final rule is consistent with considerations and factors
set forth under section 165 of the Dodd-Frank Act, as
amended by the Economic Growth, Regulatory Relief, and
Consumer Protection Act (EGRRCPA).

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

25

ANNUAL
REPORT
The final rule established risk-based categories for
determining the tailored regulatory capital and
liquidity requirements applicable to large U.S. banking
organizations and the U.S. IHCs. Under the final rule,
banking organizations fall into one of four categories
based on five risk-based indicators: total assets, crossjurisdictional activity, short-term wholesale funding,
nonbank assets, and off-balance sheet exposure.
In addition to tailoring the agencies’ capital requirements,
the final rule tailors the application of the liquidity
coverage ratio, which was finalized in 2014 and requires
large banking organizations to hold a minimum amount
of high-quality liquid assets that can be easily and
quickly converted into cash to meet net cash outflows
over a 30-day stress period. The final rule will also tailor
the application of the net stable funding ratio, which the
agencies plan to finalize in 2020 and would apply a
one-year liquidity standard that examines the stability
of a bank’s funding profile.
Capital Simplifications
In May 2019, the FDIC, FRB, and OCC approved
a final rule to simplify aspects of the capital rule for
non-advanced approaches banking organizations, which
responds to industry feedback on the Economic Growth
and Regulatory Paperwork Reduction Act (EGRPRA).
The final rule simplifies the treatment of threshold
deduction items and increases the individual common
equity tier 1 deduction thresholds for mortgage servicing
assets, certain deferred tax assets, and investments in the
capital of other financial institutions. The final rule also
simplifies the calculation of minority interests includable
in regulatory capital and makes a number of technical
corrections.
Volcker Rule
In July 2019, the FDIC, FRB, OCC, SEC, and
Commodity Futures Trading Commission (CFTC)
published a final rule pursuant to Section 203 of
EGRRCPA to amend Section 13 of the Bank Holding
Company Act, commonly referred to as the Volcker Rule,
by exempting community banks from the requirements
of the rule. To qualify for the exclusion, neither the
bank nor any controlling company may have more than
$10 billion in total consolidated assets, or total trading
assets and trading liabilities of more than 5 percent of
total consolidated assets, as reported on the most recent

26

regulatory filing. The final rule also implements Section
204 of EGRRCPA to amend the restrictions applicable
to the naming of a hedge fund or private equity fund to
permit certain banking entities that are not banks or bank
holding companies to share a name with the fund under
certain circumstances.
In November 2019, the FDIC, FRB, OCC, SEC, and
CFTC published a final rule to simplify and tailor
requirements under the Volcker Rule, which generally
prohibits banking entities from engaging in proprietary
trading and from owning or controlling hedge funds or
private equity funds. The final rule tailors compliance
requirements based on the size of a firm’s trading assets
and liabilities, with the most stringent requirements
applied to banking entities with the most trading
activity. The rule also provides greater clarity, certainty,
and objectivity about what activities are prohibited by
the Volcker Rule. The final rule has an effective date of
January 1, 2020, and a compliance date of January 1,
2021. However, a banking entity may voluntarily comply,
in whole or in part, with the changes to the rule prior to
January 1, 2021.
A pending Notice of Proposed Rulemaking (NPR) is
planned for early 2020 to address the outstanding issues
related to the prohibitions and restrictions on investments
in private equity and hedge funds (i.e., “covered funds”).
Brokered Deposits
In the thirty years since Congress enacted restrictions on
brokered deposits, the banking industry has undergone
dramatic changes. Technology, law, business models, and
product ranges have evolved. In 2018, the FDIC decided
to undertake a comprehensive review of its brokered
deposits regulation. The FDIC approved an advance
notice of proposed rulemaking (ANPR) on December
18, 2018, to seek comment on both the brokered deposit
regulation and restrictions on interest rates. The ANPR
was published in the Federal Register on February 6, 2019.
The FDIC accepted comments on the ANPR until May 7,
2019, and received more than 130 comments. The FDIC
then divided the brokered deposit rulemaking process into
two sections: the first will address possible changes in the
interest rate restrictions; the second will address specific
brokered deposit issues. The FDIC approved an NPR on
brokered deposits in December 2019 that would establish
a new framework for regulating brokered deposits.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
The FDIC will be seeking comments for 60 days after
publication in the Federal Register.
Interest Rate Restrictions
On August 20, 2019, the FDIC approved an NPR on
interest rate restrictions applicable to institutions that
are less than well capitalized. The NPR was published
in the Federal Register on September 4, 2019. In the
NPR, the FDIC proposed changing the calculation of the
national rate cap, as well as greatly simplifying the local
rate cap for less than well-capitalized institutions
in areas where prevailing rates may exceed the national
rate or cap. The FDIC accepted comments through
November 8, 2019.
Community Bank Leverage Ratio
In November 2019, the FDIC, FRB, and OCC approved
a final rule to implement Section 201 of EGRRCPA
to establish a community bank leverage ratio (CBLR)
framework designed to reduce burden for qualifying
community banks that opt into the framework. The
framework provides a simple measure of capital adequacy
for qualifying community banks and allows them to
alleviate the burden of calculating and reporting risk-based
capital ratios. If a qualifying community bank exceeds
a CBLR of 9 percent, it is deemed to meet the generally
applicable leverage and risk-based capital requirements and
the well-capitalized ratio requirements under the prompt
corrective action regulatory capital framework. Eligible
banks may elect to adopt the framework beginning
in 2020 and do so simply through reporting on their
quarterly Call Report.
In September 2019, the FDIC approved a final rule
amending the deposit insurance assessment system to
address the application of the leverage ratio for qualifying
community banks.
Appraisal Threshold for Residential Real Estate Loans
In October 2019, the FDIC, FRB, and OCC published
a final rule to amend the agencies’ regulations requiring
appraisals for certain real estate-related transactions. The
final rule raises the threshold from $250,000 to $400,000
at which appraisals are required for residential real estaterelated transactions. The final rule also makes conforming
changes to exempt certain transactions secured by
residential property in rural areas from the agencies’
appraisal requirement pursuant to the EGRRCPA.

Pursuant to the Dodd-Frank Act, the final rule amends
the agencies’ appraisal regulations to require institutions
to subject appraisals performed for federally related
transactions to appropriate review for compliance with the
Uniform Standards of Professional Appraisal Practice.
Federal Interest Rate Authority
In November 2019, the FDIC approved an NPR to clarify
the federal law governing interest rates state banks may
charge their customers. The FDIC’s proposal would
codify longstanding legal interpretations of the FDI Act
and provides that a permissible interest rate on a loan, as
permitted by the law where the bank is located, would not
be affected by subsequent events, such as a change in state
law, a change in the relevant commercial paper rate, or the
sale/assignment/transfer of the loan. Comments will be
accepted on this proposal until February 4, 2020.
Management Interlocks
Part 348 of the FDIC’s Rules and Regulations generally
restricts the ability of a management official to serve
at more than one depository organization to foster
competition. Since 1996, the Major Assets Prohibition
prevented a management official of a bank with total assets
greater than $2.5 billion from serving at an unaffiliated
bank with total assets of $1.5 billion. On October 10,
2019, the FDIC, FRB, and OCC finalized a rule to
increase both lower and upper thresholds to $10 billion.
Thus, only banks above the threshold are required to
seek an exemption to permit a prohibited management
interlock.
Supplementary Leverage Ratio
In November 2019, the FDIC approved a final rule for
custodial banking organizations, pursuant to Section 402
of EGRRCPA, which amends the Supplementary Leverage
Ratio of the regulatory capital rule. The final rule allows
large banking organizations predominantly engaged
in custody, safekeeping, and asset-servicing activities
to exclude certain central bank deposits from total
leverage exposure when calculating their supplementary
leverage ratio.
High Volatility Commercial Real Estate
In November 2019, the FDIC approved a final rule to
revise the risk-based capital definition for high volatility
commercial real estate (HVCRE) loans, which are a subset

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

27

ANNUAL
REPORT
of acquisition, development, and construction loans. The
final rule implements the changes outlined in Section
214 of EGRRCPA and provides interpretation on certain
aspects of the HVCRE exposure definition. The final
rule also addresses the public comments received on a July
2019 interagency proposal that clarifies whether certain lot
development loans qualify for the 1-4 family exemption.
Derivatives
In November 2019, the FDIC, FRB, and OCC approved
the Standardized Approach for Counterparty Credit Risk
(SA-CCR) final rule. The framework provided in the
SA-CCR final rule is required for banking organizations
subject to the advanced approaches, but other institutions
may elect to use it. The SA-CCR final rule amends the
regulatory capital rule and implements a new approach for
calculating the exposure amount for derivative contracts.
Specifically, the final rule implements a new framework
for calculating derivatives’ exposure at default, in addition
to the previously available Current Exposure Method
and Internal Models Method (IMM). The final rule also
amends capital requirements associated with the IMM,
bank exposures to central counterparties, and the leverage
ratio to the degree they are impacted, and introduces a
number of derivatives-related technical amendments.
In November 2019, the FDIC, FRB, OCC, Federal
Housing Finance Agency (FHFA), and Farm Credit
Administration (FCA) published a proposed rule that
would amend the swap margin rule, which establishes
capital and margin requirements for non-cleared swaps.
Specifically, the proposal would:
♦ Preserve the status quo for legacy swaps transferred to
or by a covered swap entity in the event of the U.K.
withdrawal from the E.U. without a Withdrawal
Agreement (i.e., Brexit);
♦ Preserve the status quo for legacy swaps amended as
part of the London Inter-bank Offered Rate (LIBOR)
transition;
♦ Modify inter-affiliate margin treatment to repeal
initial margin requirements but retain the variation
margin requirements; and
♦ Extend the compliance period for certain smaller
counterparties and clarifies the existing trading
documentation requirements in the swap
margin rule.

28

Office of Thrift Supervision Regulations
The FDIC also streamlined and clarified certain
regulations through the Office of Thrift Supervision
(OTS) rule integration process. Under Section 316(b) of
the Dodd-Frank Act, former OTS rules remain in effect
“until modified, terminated, set aside, or superseded in
accordance with applicable law” by the relevant successor
agency, a court of competent jurisdiction, or operation
of law. When the FDIC republished the transferred
OTS regulations as new FDIC regulations applicable to
state savings associations, the FDIC stated in the Federal
Register notice that its staff would evaluate the transferred
OTS rules and might later recommend incorporating them
into other FDIC rules, amending them, or rescinding
them. This process began in 2013 and continues,
involving publication in the Federal Register of a series of
NPRs and final rules.
In June 2019, the FDIC removed a transferred rule
regarding lending and investment that is duplicative
of standards in existing FDIC regulations. The final
rulemaking also removed rules related to the registration
of residential mortgage loan originators in light of Title X
of the Dodd-Frank Act, which transferred this authority
to the CFPB. In November 2019, the FDIC removed
transferred rules regarding the maintenance of depositrelated records and, in December 2019, removed the
transferred rules regarding regulatory reporting standards
and accounting requirements and operations of state
savings associations. The final rulemaking also made
conforming amendments to existing FDIC regulations
so that all FDIC-supervised institutions would follow
substantially the same regulations and guidance regarding
their operation. Staff will continue to review the
remaining six transferred regulations.

INNOVATION/FINANCIAL
TECHNOLOGY
The FDIC continuously monitors developments in
technology to better understand how it may affect the
financial industry.

FinTech and the Future of
Banking Conference
In April 2019, the FDIC and Duke University’s Fuqua
School of Business and Innovation and Entrepreneurship
Initiative jointly sponsored the Fintech and the Future of

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
♦ Conduct “tech sprints” and pilot projects to test
emerging technologies in cooperation with states and
affected federal regulators;
♦ Support and promote the adoption of new
technologies by financial institutions, particularly at
community banks; and
♦ Expand banking services to the unbanked,
underbanked, and individuals in underserved
communities through new technologies.

Treasury Secretary Steven Mnuchin and FDIC Chairman McWilliams in
discussion at the April 2019 Fintech and the Future of Banking Conference.

Banking conference. The event drew broad interest from
representatives of banks, nonbanks, technology service
providers, federal regulatory and other government
agencies, Congress, nonprofit organizations, and research
institutions, with approximately 275 people in attendance.
Treasury Secretary Steven Mnuchin and FDIC
Chairman Jelena McWilliams opened the conference
with a conversation about the role of financial technology
and innovation in banking, and Comptroller of the
Currency Joseph M. Otting followed with a discussion
of fintech from a regulatory perspective. Throughout
the conference, prominent academic experts presented
highlights from research focused on technology’s impact
on lending, financial advice, and competition alongside
the perspectives of senior leaders in policy and industry.
Separate policy discussions also explored the topics of
regulatory innovation and fintech funding.

FDiTech and FDIC Emerging
Technology Steering Committee
In 2019, Chairman McWilliams established the
FDIC Tech Lab, or FDiTech. The FDIC is currently
seeking a Chief Innovation Officer to lead this new
office, and has worked over the last year to establish
a concept of operations to support engagement with
stakeholders and innovative approaches to technology
development to support the FDIC and the financial
services industry. Through these efforts, FDiTech will
focus on its mission to:
♦ Engage bankers, fintechs, technologists, and other
regulators on innovations that will lay the foundation
for banking’s future;

In addition to FDiTech, the FDIC’s Emerging Technology
Steering Committee has provided focused resources on
the importance of technology on the financial services
landscape. The committee is comprised of the Directors
of RMS, DCP, Division of Insurance and Research
(DIR), Division of Resolutions and Receiverships (DRR),
and Division of Complex Institution Supervision and
Resolution, as well as the General Counsel, the Chief
Risk Officer, the Chief Financial Officer and the Chief
Information Officer.
In 2019, the Emerging Technology Steering Committee
continued work on its established objectives:
♦ Comprehend, assess, and monitor the current
emerging technology activities, risks, and trends;
♦ Evaluate the projected impact to the banking system,
the deposit insurance system, effective regulatory
oversight, economic inclusion, and consumer
protection;
♦ Oversee internal working groups monitoring
particular aspects of emerging technology;
♦ Recommend follow-up actions, as appropriate, and
monitor implementation; and
♦ Help formulate strategies to respond to opportunities
and challenges presented by emerging technology,
and to ensure developments align with regulatory
goals.
The FDIC also participates on several working groups
related to financial technology:
♦ The Basel Committee on Banking Supervision’s Task
Force on Financial Technology, which focuses on the
impact of financial technology on banks’ business
models, risk management, and implications for bank
supervision;
♦ The Financial Stability Oversight Council (FSOC)
Digital Assets Working Group, which is examining

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

29

ANNUAL
REPORT
The CFR also developed and maintained many financial
models used throughout the FDIC, including off-site
models that inform the examination process. CFR
economists also provided ongoing support to RMS
through on-site examinations.
In September 2019, the CFR and the Journal of Financial
Services Research jointly sponsored the 19th Annual Bank
Research Conference. FDIC Chairman McWilliams
kicked-off the conference by highlighting the importance
of scholarly research in providing a solid foundation on
which to make good public policy. The conference has
become a premier forum in its field.
The 19th Annual Bank Research Conference featured a poster session with
six additional papers. Here, an attendee listens to a researcher as he describes
his project.

potential policy areas as they relate to digital assets
and the application of distributed ledger technology;
♦ An interagency fintech discussion forum, which
focuses on issues related to consumer compliance;
♦ The Global Financial Innovation Network, which
seeks to provide a more efficient way for innovative
firms to interact with regulators, helping them
navigate between countries as they look to scale
new ideas;
♦ The US-UK Financial Innovation Partnership, which
focuses on regulatory and commercial engagements
by encouraging collaboration in the private sector,
sharing information and expertise about regulatory
practices, and promoting growth and innovation; and
♦ The Financial Stability Board Financial Innovation
Network, which looks at FinTech innovations from
the perspective of financial stability.

Center for Financial Research
The FDIC’s Center for Financial Research (CFR)
encourages, supports, and conducts innovative research
on topics that inform the FDIC’s key functions of deposit
insurance, supervision, and the resolution of failed banks.
CFR researchers published papers in leading banking,
finance, and economics journals, including the American
Economic Review, the Review of Economic Dynamics, and
The Journal of Law and Economics. In addition, CFR
researchers presented their research at major conferences,
regulatory institutions, and universities.

30

Conference organizers received more than 400 submissions
for the 25 available presentation slots, and approximately
200 participants attended. Discussion sessions focused
on capital regulation, the effect of regulation on banks,
deposit insurance, resolution of failed banks, liquidity
regulation, systemic risk, fintech, and leveraged lending,
among other topics.

COMMUNITY BANKING
INITIATIVES
Community banks provide traditional, relationship-based
banking services in their local communities, and as the
primary federal supervisor for the majority of community
banks, the FDIC has a particular responsibility for the
safety and soundness of this segment of the banking
system.
As defined for FDIC research purposes, community banks
made up 92 percent of all FDIC-insured institutions at
mid-year 2019. While these banks hold just 12 percent of
banking industry assets, community banks are of critical
importance to the U.S. economy and local communities
across the nation. They hold 41 percent of the industry’s
small loans to farmers and businesses, making them the
lifeline to entrepreneurs and small enterprises of all types.
They hold the majority of bank deposits in U.S. rural
counties and micropolitan counties with populations up to
50,000. In fact, as of June 2019, community banks held
more than 75 percent of deposits in more than 1,200 U.S.
counties. In more than 600 of these counties, the only
banking offices available to consumers were those operated
by community banks.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
Community Banking Research
The FDIC pursues an ambitious, ongoing agenda of
research and outreach focused on community banking
issues. Since the 2012 publication of the FDIC
Community Banking Study, FDIC researchers have
published more than a dozen additional studies on topics
ranging from small business financing to the factors that
have driven industry consolidation over the past 30 years.
The FDIC Quarterly Banking Profile (QBP) includes
a section focused specifically on community bank
performance, providing a detailed statistical picture of
the community banking sector that can be accessed by
analysts, other regulators, and bankers themselves. The
most recent report shows that net income at community
banks continued to grow at a healthy annual rate in the
first nine months of 2019.
The long-term trend of consolidation has done little to
diminish the role of community banks in the banking
industry. Just over 71 percent of the community banks
that merged during the period September 2018 through

September 2019 were acquired by other community
banks. On a merger-adjusted basis, loan growth at
community banks exceeded growth at noncommunity
banks in every year between 2012 and 2019. (See the
chart below.) From June 2018 to June 2019, currently
operating noncommunity banks closed far more offices
than they acquired. In contrast, currently operating
community banks acquired offices and opened more
offices, on net, during the year. (See the table on the
following page.)
Community Bank Advisory Committee
The FDIC’s CBAC is an ongoing forum for discussing
current issues and receiving valuable feedback from the
industry. The committee, which met three times during
2019, is composed of as many as 18 community bank
executives from around the country. It is a valuable
resource for information on a wide range of topics,
including examination policies and procedures, capital
and other supervisory issues, credit and lending practices,
deposit insurance assessments and coverage, and regulatory
compliance issues.

COMMUNITY BANK LOAN GROWTH HAS OUTPACED
NONCOMMUNITY BANK LOAN GROWTH
FOR EIGHT CONSECUTIVE YEARS
Merger Adjusted Annual Growth in Total Loans and Leases
15%
15
11.2%

10%
10

9.5% 9.3% 9.0%

8.6%

8.6%

7.0%
5.0%

5%
5
2.1%

0%
0

-0.3%
-2.1%

7.7%

4.8%

3.9%

6.5%
4.1%

6.0%
4.4%

2.1%

-0.9%
-2.3%

-5%
-5
-10%
-10

3.4%
2.9%
2.0%

4.7%

8.3%

6.0%

Community Banks
Noncommunity Banks

-8.9%

2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

Source: FDIC.
Note: Data as of third quarter for 2019, data as of year-end for all other years.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

31

ANNUAL
REPORT
COMMUNITY BANKS ADDED OFFICES WHILE NONCOMMUNITY BANKS
CLOSED OFFICES FROM JUNE 2018 TO JUNE 2019
Offices of
CurrentlyOperating
Banks in
June 2018

Community Banks
Noncommunity Banks
TOTAL

Offices of
Acquired
Banks

Number of
Offices in
June 2018
(Mergeradjusted)

New
Offices
Opened

Offices
Closed

Net Offices
Purchased
or Sold

Number of
Offices in
June 2019

29,092

518

29,610

628

401

26

29,863

56,990

1,426

58,416

498

2,387

-26

56,501

86,082

1,944

88,026

1,126

2,788

0

86,364

Source: FDIC Summary of Deposits Data as of June 2019

At each of the 2019 Advisory Committee meetings,
there was a discussion of local banking conditions, an
update from the FDIC Ombudsman, a supervisory policy
update, and an update on the Supervision Modernization
Subcommittee. Further, at the March meeting,
representatives from FinCEN provided a briefing on the
use of bank filings required by the BSA, and FDIC staff
discussed the 2017 FDIC National Survey of Unbanked
and Underbanked Households. At the July 2019 meeting,
discussion included FDIC and U.S. Small Business
Administration (SBA) collaboration efforts; the FDIC’s
Money Smart financial education materials; and findings
of the 2019 research study, Minority Depository Institutions:
Structure, Performance, and Social Impact. At the October
2019 meeting, FDIC staff also discussed the 2019 Risk
Review, current financial performance of community
banks, small bank assessment credits, and tools and
resources relating to Opportunity Zones.

The subcommittee is evaluating recommendations to
explore technology solutions that would use advanced
data analytics in loan reviews, update and enhance
several existing software platforms, expand the learning
and development experience to include a virtual learning
environment for the current and future examination
workforce, and evaluate hiring specialists to examine
advanced data analytics and new technology that exists
today. The subcommittee will make its recommendations
to the CBAC early in 2020.

Supervision Modernization Subcommittee

Throughout 2019, the FDIC continued multiple initiatives
aimed at streamlining the deposit insurance application
process. Based on feedback received in response to a
2018 Request for Information and a nationwide series of
six roundtable events, the FDIC clarified that applicants
need not identify a specific location for the proposed
institution’s main office or all senior executive officers at
the time an application is submitted. These changes can
significantly reduce the costs of the application process,
while not impeding the FDIC’s review of the application
or the public’s ability to comment on the application.

In 2019, the FDIC established the Subcommittee on
Supervision Modernization to support the CBAC. The
subcommittee, which met three times during 2019, is
composed of individuals from technology firms, academia,
and banks. The subcommittee considered how the FDIC
can leverage technology and refine processes to make the
examination program more efficient, as well as manage
and train a geographically dispersed workforce.
As part of the subcommittee, a working group reviewed
workflows of the consumer compliance and risk
management examination processes from planning an
examination through conducting examination completion
activities, while identifying concerns and opportunities for
improvement in the current processes. At the September
2019 meeting, the working group considered the types
of data used and data availability in presenting their
recommendations to subcommittee members.

32

MDI Subcommittee
As noted in the “Minority Depository Institutions
Activities” section, the FDIC established a new MDI
Subcommittee of the CBAC to bring forward the
perspectives of minority bankers and to focus on the
issues, tools, and resources that are unique to MDIs.
De Novo Banks

In addition, after revising the process for reviewing
deposit insurance proposals to provide initial feedback
to organizers on draft applications prior to submission,
the FDIC began engaging in more fulsome pre-filing
discussions with organizers.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
The FDIC also updated its delegations of authority so
that the vast majority of deposit insurance applications
for traditional community banks can be approved at the
Regional Office level without requiring input from the
Washington Office. Consistent with the FDIC’s updated
timeframes and guidelines, Regional Offices should issue
most decisions on deposit insurance applications for
traditional community banks within 120 days from receipt
of a substantially complete application.
To help organizers through the application process,
the FDIC issued updated versions of its Applying for
Deposit Insurance – A Handbook for Organizers of De
Novo Institutions, and Deposit Insurance Applications
Procedures Manual, and released a supplement to FDIC
procedures to address non-community and nonbank
deposit insurance proposals. The handbook addresses
organizers’ informational needs, and offers information for
navigating the application process. The manual provides
comprehensive instructions to staff regarding the deposit
insurance application process.
The FDIC also updated and publicly issued its Applications
Procedures Manual, which includes an overview section
that conveys important instructions regarding the review
and processing of deposit insurance applications and
other types of filings. This information should also prove
helpful to organizers as they consider and develop a filing.

for webinars and teleconferences. Based in part on the
feedback received, the FDIC expects to announce several
new or revised technical assistance initiatives in 2020.
In 2019, the FDIC hosted Directors’ College events in five
of its six regions. These events were typically conducted
jointly with state trade associations, and addressed
issues such as corporate governance, regulatory capital,
community banking, concentrations management,
consumer protection, BSA, and interest-rate risk, among
other topics.
The FDIC also offers a series of banker events, in order
to maintain open lines of communication and to keep
bank management and staff informed regarding
important banking regulatory and emerging issues of
interest to community bankers. In 2019, the FDIC
offered 14 teleconferences or webinars focused on the
following topics:
♦ Understanding Reasonably Expected Market Area
(REMA) and Community Reinvestment Act (CRA)
Assessment area,
♦ Liquidity and funding risk management,
♦ Current Expected Credit Losses (CECL) accounting
methodology,
♦ The impact of rising interest rates on asset/liability
management,

Technical Assistance Program

♦ Money Smart for Small Businesses,

As part of the Community Banking Initiative, the FDIC
continued to provide a robust technical assistance program
for bank directors, officers, and employees. The technical
assistance program includes Directors’ College events held
across the country, industry teleconferences and webinars,
and a video program.

♦ Regulatory and accounting update,

In 2019, to better understand the needs of community
banks, the FDIC issued a Request for Information seeking
feedback on the FDIC’s methods and efforts to provide
technical assistance. The FDIC requested information
on additional steps the agency could take to support
effective management and operation of FDIC-supervised
institutions through technical assistance and collaboration
on safety and soundness and consumer compliance
matters. The agency received 18 responses. Responses
affirmed the value of the technical assistance videos,
commented favorably on a pilot topic-based resource
page for bankers, and provided valuable suggestions

♦ Common exam findings,
♦ Update on consumer compliance and CRA,
♦ Information sharing on standardized export of
imaged loan documents,
♦ Building collaboration between financial institutions
and law enforcement to prevent and address elder
financial abuse,
♦ Understanding and mitigating RESPA Section
8(a) risks,
♦ Understanding the requirements of the Truth
In Lending Act (Regulation Z) and Real Estate
Settlement Procedures Act (Regulation X) Integrated
Disclosure Rule (TRID Rule),
♦ Final Private Flood Insurance Rule (along with the
OCC, FRB, and FCA), and
♦ Fair Lending interagency webinar.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

33

ANNUAL
REPORT
Economic Growth and Regulatory
Paperwork Reduction Act
EGRPRA directs the federal banking agencies and the
FFIEC to conduct a joint review of regulations every 10
years to determine whether any of those regulations are
outdated or unnecessary.
In March 2017, the FFIEC submitted a report to Congress
describing actions the member entities had already taken
to address comments received during the EGRPRA
process as well as actions they planned to take in the
future. During 2019, the FDIC along with the other
FFIEC member entities, continued to work together to
reduce burden in the areas of Capital Simplifications,
Management Interlocks, and OTS Regulations, which
were raised during the EGRPRA review process.

ACTIVITIES RELATED TO
LARGE AND COMPLEX
FINANCIAL INSTITUTIONS
The FDIC is committed to addressing the unique
challenges associated with the supervision, insurance,
and potential resolution of large and complex financial
institutions (LCFIs). The agency’s ability to analyze
and respond to risks in these institutions is particularly
important, as they comprise a significant share of banking
industry assets and deposits. In order to centralize
and integrate the FDIC’s operations related to the
supervision and resolution of large and complex financial
institutions, including systemically important financial
institutions (SIFIs), financial market utilities (e.g.,
central counterparties), and all FDIC-insured depository
institutions with assets above $100 billion for which the
FDIC is not the primary federal regulatory authority,
the FDIC’s Chairman formed the Division of Complex
Institution Supervision and Resolution (CISR) effective
July 21, 2019. At CISR’s inception, the then–Office of
Complex Financial Institutions (OCFI), RMS, and DRR
transferred to CISR all branches having responsibility for
supervision and monitoring and resolution planning and
execution for LCFIs in the CISR portfolio.
The FDIC’s Complex Financial Institution (CFI) Group
and Large Bank Supervision Branch, now both within
CISR, perform ongoing risk monitoring of Global
Systemically Important Banks (G-SIBs), large Foreign

34

Banking Organizations (FBOs), and FSOC-designated
nonbank financial companies; provide backup supervision
of the firms’ related IDIs; and evaluate the firms’ required
resolution plans. The CFI Group also performs certain
analyses that support the FDIC’s role as an FSOC
member.

Resolution Plans – Title I Living Wills
In 2018, the EGRRCPA revised the application of
resolution planning requirements by raising the $50 billion
asset threshold to $250 billion, and provided the FRB with
discretion to apply resolution planning requirements to
firms with $100 billion or more and less than $250 billion
in total consolidated assets.
In November 2019, the FDIC and FRB published a
final rule to implement EGRRCPA by establishing three
categories of firms for purposes of resolution planning:
(1) U.S. and foreign banking organizations with $250
billion or more in total consolidated assets, (2) U.S.
banking organizations identified as U.S. G-SIBs, and
(3) any designated nonbank financial companies that the
FSOC has determined under section 113 of the DoddFrank Act should be supervised by the FRB.
In the resolution plan rule, the FRB determined to
exercise its discretion under EGRRCPA to apply resolution
planning requirements to the following firms:
♦ U.S. bank holding companies with a) average total
consolidated assets equal to $100 billion or more
and less than $250 billion and b) $75 billion or more
in any of the following risk-based indicators: crossjurisdictional activity, total nonbank assets, weighted
short-term wholesale funding, or off-balance sheet
exposure; and
♦ Foreign banking organizations with a) total global
assets equal to $100 billion or more and less than
$250 billion, b) average combined U.S. assets equal
to $100 billion or more, and c) $75 billion or more in
any of the four risk-based indicators measured based
on combined U.S. operations.
The final rule uses categories established by the agencies’
tailoring rule to separate firms into three filing groups for
the purpose of calibrating the timing of resolution plan
submissions, and plan content.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
Large Bank Holding Companies with
Substantial Nonbank Assets
The eight domestic G-SIBs—Bank of America
Corporation, Bank of New York Mellon Corporation,
JPMorgan Chase & Co., State Street Corporation, Wells
Fargo & Company, Goldman Sachs Group, Inc., Morgan
Stanley, and Citigroup, Inc.—submitted resolution plans
on or before July 1, 2019. On December 17, 2019, the
FDIC and FRB issued letters to the eight firms providing
their review findings and information about areas where
additional work needs to be done to improve resolvability.
On July 26, 2019, the agencies extended the next full
resolution plan submission date for four of the FBOs—
Barclays PLC, Credit Suisse Group AG, Deutsche Bank
AG, and UBS AG—to July 21, 2021. These banks
remain required to submit limited plans by July 1, 2020,
describing how they have addressed the shortcomings
identified in December 2018 and providing updates
concerning certain resolution projects.
Other Large Bank Holding Company Filers
In December 2018, 82 foreign-based banking
organizations submitted resolution plans. In July 2019,
the FDIC, jointly with the FRB, provided feedback and
extensions of the next due date for resolution plans to July
2021. At the same time, 15 domestic firms also received
extensions to July 2021. These extensions will give the
banks additional time to prepare their plans in light of
resolution plan rule changes proposed by the agencies in
April 2019.

Insured Depository Institution
Resolution Plans
Section 360.10 of the FDIC Rules and Regulations
requires an IDI with total assets of $50 billion or more, to
periodically submit to the FDIC a plan for its resolution
in the event of its failure (the “IDI rule”). The IDI
rule requires covered IDIs to submit a resolution plan
that would allow the FDIC, as receiver, to resolve the
institution under Sections 11 and 13 of the FDI Act in
an orderly manner that enables prompt access to insured
deposits, maximizes the return from the sale or disposition
of the failed IDI’s assets, and minimizes losses realized
by creditors. The resolution plan must also describe how
a proposed strategy will be least costly to the Deposit
Insurance Fund.

Forty-one large insured banks covered by the IDI rule
submitted their resolution plans by July 1, 2018. In April
2019, the FDIC issued an ANPR seeking comments on
ways to tailor the IDI rule requirements and deferred
future IDI Plan submissions until the completion of
revisions to the rule.

Monitoring and Measuring
Systemic Risks
The FDIC monitors risks related to G-SIBs and large
FBOs at the firm level and industry wide to inform
supervisory planning and response, policy and guidance
considerations, and resolution planning efforts. As part
of this monitoring, the FDIC analyzes each company’s
risk profile, governance and risk management capabilities,
structure and interdependencies, business operations and
activities, management information system capabilities,
and recovery and resolution capabilities.
The FDIC continues to work closely with the other federal
banking agencies to analyze institution-specific and
industry-wide conditions and trends, emerging risks and
outliers, risk management, and the potential risk posed
to financial stability by G-SIBs and large FBOs and large
nonbank financial companies. To support risk monitoring
that informs supervisory and resolution planning efforts,
the FDIC has developed systems and reports that make
extensive use of structured and unstructured data.
Monitoring reports are prepared on a routine and adhoc basis and cover a variety of aspects that include risk
components, business lines and activity, market trends,
and product analysis.
Additionally, the FDIC has implemented and continues
to expand upon various monitoring systems, including
the Systemic Monitoring System (SMS) and the SIFI
Risk Report (SRR). The SMS provides an individual risk
profile and assessment for each G-SIB and large FBO by
evaluating the level and change in metrics that serve as
important indicators of overall risk. The SMS supports
the identification of emerging and outsized risks within
individual firms and the prioritization of supervisory and
monitoring activities. The SMS also serves as an early
warning system of financial vulnerability. Information
from SMS and other FDIC-prepared reports is used to
prioritize activities relating to SIFIs and to coordinate
supervisory and resolution-related activities with the other
banking agencies. The SRR identifies key vulnerabilities
of systemically important firms, gauges the proximity

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

35

ANNUAL
REPORT
of these firms to a resolution event, and independently
assesses the appropriateness of supervisory CAMELS
ratings for the insured deposit institutions held by
these firms.
The FDIC also conducts semi-annual “Day of Risk”
meetings to present, discuss, and prioritize the review of
emerging risks. In some cases, these discussions can lead
to shifts in supervisory focus or priorities.

Back-up Supervision Activities for
IDIs of Systemically Important
Financial Institutions
Risk monitoring is enhanced by the FDIC’s back-up
supervision activities. In its back-up supervisory role,
as outlined in Sections 8 and 10 of the FDI Act, the
FDIC has expanded resources and has developed and
implemented policies and procedures to guide back-up
supervisory activities. These activities include performing
analyses of industry conditions and trends, supporting
insurance pricing, participating in supervisory activities
with other regulatory agencies, and exercising examination
and enforcement authorities when necessary.
At institutions where the FDIC is not the primary federal
regulator, FDIC staff work closely with other regulatory
authorities to identify emerging risks and assess the overall
risk profile of large and complex institutions. The FDIC
has assigned dedicated staff to IDIs of G-SIBs and large
FBOs and certain other large IDIs to enhance riskidentification capabilities and facilitate the communication
of supervisory information. These individuals work with
the staff of the FRB and OCC in monitoring risk at their
assigned institutions.
Through December 2019, FDIC staff participated in 117
targeted examination activities with the FRB or OCC
in G-SIBS, large FBOs, and large regional banks. The
reviews included, but were not limited to, engagement
in the evaluation of corporate governance, BSA/AML
compliance, credit risk, model risk management, market
risk, interest rate risk, capital adequacy, asset management,
and third party risk management. FDIC staff also
participated in various interagency horizontal review
activities, including the FRB’s Comprehensive Capital
Analysis and Review, Comprehensive Liquidity Analysis
and Review, as well as reviews of model risk management,
risk appetite and risk limits, and cyber and operational
resiliency.

36

Title II Orderly Liquidation Authority
Under the Dodd-Frank Act, failed or failing financial
companies are expected to file for reorganization or
liquidation under the U.S. Bankruptcy Code, similar to
what any failed or failing nonfinancial company would
file. If resolution under the Bankruptcy Code would result
in serious adverse effects to U.S. financial stability, Title
II of the Dodd-Frank Act provides a back-up authority
for resolving a company for which the bankruptcy process
is not viable. There are strict parameters on the use of
the Title II Orderly Liquidation Authority, however,
and it can only be invoked under a statutorily prescribed
recommendation and determination process, coupled with
an expedited judicial review process.
Resolution Strategy Development
The FDIC has undertaken institution-specific strategic
planning to carry out its orderly liquidation authorities
with respect to the largest G-SIBs operating in the
United States. The strategic plans and optionality being
developed for these firms are informed by the Title
I plan submissions. Further, the FDIC is updating
its systemic resolution framework to incorporate
enhanced firm capabilities established through the
Title I planning process and other domestic and foreign
resolution planning and policy developments. The
FDIC continues to build out process documents to
facilitate the implementation of a Title II resolution. In
addition, work continues in the development of resolution
strategies for financial market utilities, particularly central
counterparties (CCPs).
Cross-Border Efforts
Cross-border cooperation and advance planning are
critical components of resolution planning for G-SIBs
due to the international nature of their services and
their extensive operations overseas. In 2019, the FDIC
continued its robust engagement with foreign authorities
to deepen mutual understanding of the complex legal
and operational issues related to cross-border resolution.
This work is underpinned by an understanding that
transparency and confidence in resolution planning will
serve as a stabilizing force during times of stress.
The FDIC continued to enhance cooperation on crossborder resolution through institution specific engagement
as well as through bilateral and multilateral outreach,
including through international forums such as the

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
Financial Stability Board’s Resolution Steering Group and
its subgroups on banks, insurance, and financial market
infrastructures.
With regard to the FDIC’s institution specific engagement,
the FDIC co-chaired cross-border crisis management
groups (CMGs) of supervisors and resolution authorities
for U.S. G-SIBs and participated as a host authority in
CMGs for foreign G-SIBs. This year, as part of the CMG
work for U.S. G-SIBs, FDIC and FRB staff launched a
pilot workshop to provide additional background to host
CMG members regarding the U.S. bankruptcy framework
and resolution under Title II of the Dodd-Frank Act.
These CMG efforts improve resolution preparedness
by strengthening our working relationships with key
authorities, providing a forum to share institution-specific
concerns and plans for the resolution, and supporting
information-sharing arrangements.
The FDIC continued its bilateral and multilateral
outreach through ongoing resolution-related dialogues
with key foreign counterparts. In April 2019, the FDIC
hosted senior officials representing resolution, regulatory,
and supervisory authorities; central banks; and finance
ministries from the U.S., U.K., and the European Banking
Union for a planned exercise to enhance understanding
of one another’s resolution regimes and strengthen
coordination on cross-border resolution. This meeting
built upon two prior trilateral exercises in 2014 and
2016 and continued staff work across the jurisdictions
is on-going.
The FDIC also participated in the joint U.S.-E.U.
Financial Regulatory Forum meetings and the U.S.-U.K.
Financial Regulatory Working Group meetings, discussing
cross-border issues relevant to bank and CCP resolution
and financial stability. The FDIC also progressed
resolution planning for CCPs by working with domestic
and international supervisors and resolution authorities to
understand risks and to try to identify resolution options
for U.S. CCPs, in addition to working within international
groups on related issues.

Systemic Resolution Advisory
Committee
The FDIC created the Systemic Resolution Advisory
Committee (SRAC) in 2011 to receive advice and
recommendations on a broad range of issues regarding the

resolution of systemically important financial companies
pursuant to the Dodd-Frank Act.
Members of the SRAC have a wide range of experience,
including managing complex firms, serving as bankruptcy
judges, and working in the legal system, accounting field,
and academia. The SRAC Charter was renewed in 2019.
Planning continues for the next SRAC meeting, which is
tentatively scheduled for the first quarter of 2020.

DEPOSITOR AND CONSUMER
PROTECTION
A major component of the FDIC’s mission is to ensure
that financial institutions treat consumers and depositors
fairly, and operate in compliance with federal consumer
protection, anti-discrimination, and community
reinvestment laws. The FDIC also promotes economic
inclusion to build and strengthen positive connections
between insured financial institutions and consumers,
depositors, small businesses, and communities.

Promoting Economic Inclusion
The FDIC is strongly committed to promoting access
to a broad array of responsible and sustainable banking
products to meet consumers’ financial needs. In support
of this goal, the FDIC:
♦ Conducts research on unbanked and underbanked
populations;
♦ Researches strategies, products, and services that
banks can use to meet the needs of lower-income
consumers;
♦ Supports partnerships to promote consumer access to
and use of banking services;
♦ Advances financial education and literacy; and
♦ Facilitates partnerships to support community and
small business development.
Advisory Committee on Economic Inclusion
The Advisory Committee on Economic Inclusion
(ComE-IN) provides the FDIC with advice and
recommendations on important initiatives to expand
access to mainstream banking services to underserved
populations. This includes reviewing basic retail financial
services (e.g., low-cost, SAFE transaction accounts;

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

37

ANNUAL
REPORT

Appalachia Working Group members.

affordable small-dollar loans; and savings accounts), as
well as demand-side factors such as consumers’ perceptions
of mainstream financial institutions. In October 2019,
the ComE-IN held a meeting that included discussions
of opportunities to engage underserved populations, an
update on mortgage markets, and developments with the
potential to expand access to consumer credit.
FDIC National Survey of Unbanked and
Underbanked Households and Related Research

https://economicinclusion.gov, that features survey results
and data, and provides users with the ability to generate
custom tabulations and access a wide range of preformatted information, including new five-year estimates
that provide additional granularity for state and
local results.

Public Awareness of Deposit
Insurance Coverage

As part of its ongoing commitment to expanding
economic inclusion in the United States, the FDIC works
to fill the research and data gap regarding household
participation in mainstream banking and the use of
nonbank financial services. In addition, Section 7 of
the Federal Deposit Insurance Reform Conforming
Amendments Act of 2005 mandates that the FDIC
regularly report on underserved populations and
bank efforts to bring individuals and families into the
mainstream banking system. In response, the FDIC
regularly conducts and reports on surveys of households
and banks to inform the public and enhance the
understanding of financial institutions, policymakers,
regulators, researchers, academics, and others.

An important part of the FDIC’s deposit insurance
mission is to ensure that bankers and consumers have
access to accurate information about the FDIC’s rules for
deposit insurance coverage. The FDIC has an extensive
deposit insurance education outreach program consisting
of seminars for bankers, a web-based calculator for
estimating deposit insurance coverage as well as written
and other web-based resources targeted to both bankers
and consumers. For example, bankers and consumers
can use the FDIC’s BankFind tool to verify whether a
website is operated by a legitimate FDIC-member bank.
Through December 31, 2019, the FDIC identified and
took appropriate action on more than 65 websites, some
of which included the Member FDIC logo but were not
operated by FDIC-member banks.

In 2019, the FDIC finalized and administered the 2019
FDIC National Survey of Unbanked and Underbanked
Households. This version of the survey includes revisions
intended to improve data quality by streamlining the
survey instrument and provide additional insights into the
experiences of unbanked and underbanked consumers.
The FDIC continued to maintain a dedicated website at

During 2019, the FDIC continued its efforts to educate
bankers and consumers about the rules and requirements
for FDIC insurance coverage. For example, as of
December 31, 2019, the FDIC conducted four telephone
seminars for bankers on deposit insurance coverage,
reaching an estimated 4,725 bankers participating at

38

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
approximately 1,350 bank sites throughout the country.
The FDIC also features deposit insurance training videos
that are available on the FDIC’s website and YouTube
channel. Additionally, the FDIC operated the Electronic
Deposit Insurance Estimator (EDIE), which had 751,418
user sessions in 2019.
As of December 31, 2019, the FDIC Call Center received
99,835 telephone calls, of which 25,365 were identified
as deposit insurance-related inquiries. In addition to
telephone inquiries about deposit insurance coverage, the
FDIC received 1,524 written inquiries from consumers
and bankers. Of these inquiries, 99 percent received
responses within two weeks, as required by corporate
policy.

Rulemaking and Guidance
Loans in Areas Having Special Flood Hazards
In February 2019, the FDIC, OCC, FRB, NCUA, and
FCA issued a final private flood insurance rule to amend
regulations regarding Loans in Areas Having Special Flood
Hazards pursuant to the Biggert-Waters Flood Insurance
Reform Act (the B-W Act).4
The final rule requires regulated lending institutions to
accept a private flood insurance policy that meets both 1)
the statutory definition of “private flood insurance,” and
2) the mandatory purchase requirement. The final rule
includes a streamlined compliance aid provision to assist
regulated lending institutions with evaluating policies.
In addition, the final rule provides that institutions may
accept private flood insurance policies that do not meet
the B-W Act’s criteria for mandatory acceptance, provided
certain conditions are met, including that the policy (1)
provides coverage in the amount required by the flood
insurance purchase requirement, (2) is issued by an insurer
that is licensed, admitted, or not disapproved by a state
insurance regulator, (3) covers both lenders and borrowers
as loss payees, and (4) provides sufficient protection of
the loan consistent with general safety and soundness
principles, which is documented in writing.
Furthermore, the final rule allows lending institutions
to accept certain flood coverages provided by mutual aid
societies as long as certain conditions are met, including
a determination by an institution’s primary supervisory
4

agency that such policies meet the requirement for
flood insurance for purposes of federal flood insurance
legislation.
Home Mortgage Disclosure Act
In April 2019, the FDIC and other FFIEC members
issued a revised version of A Guide to HMDA Reporting:
Getting It Right. The 2019 edition applies to 2019 HMDA
data reported in 2020 and includes a summary of the
EGRRCPA amendments to HMDA and the 2018 HMDA
rule. The guide was designed to help financial institutions
better understand the HMDA requirements, including
data collection and reporting provisions.
Consumer Compliance Supervisory Highlights
The inaugural issue of the FDIC Consumer Compliance
Supervisory Highlights was released in June 2019. The
purpose of this publication is to enhance transparency
regarding the FDIC’s consumer compliance supervisory
activities. The publication includes a high-level overview
of consumer compliance issues identified during 2018
through the FDIC’s supervision of state non-member
banks and thrifts. Additionally, this issue features articles
of interest to examiners, bankers, and supervisors. It
provides examples that may be useful in mitigating risks
and serves as a resource for supervised institutions to help
stay up-to-date on issues identified during examinations.

Transparency and Accountability Report
The first annual Transparency and Accountability Report was
published in spring 2019. This report highlights the public
outreach activities of the Consumer Response Center and
Deposit Insurance section. It details consumer contacts
about deposit insurance coverage and account-titling
specifics. It also references summary data on the various
consumer contacts about operating financial institutions
under FDIC jurisdiction. The report focuses on the public
interactions along with providing educational insight to
the public.
Additionally, metrics on requests from the public for
FDIC assistance are updated and published monthly on
the FDIC’s Transparency and Accountability webpage
(https://www.fdic.gov/transparency/consumers.html).
Included on the webpage is the volume of public inquiries
and the timeliness in responding to those requests.

84 FR 4953 (Feb. 20, 2019).

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

39

ANNUAL
REPORT
Updated Examination Procedures
Updated examination procedures were communicated
through revisions to the FDIC Consumer Compliance
Examination Manual that is publicly available on the
FDIC’s website, including procedures on:
♦ Interagency Home Mortgage Disclosure Act
Examination Procedures: These procedures
incorporate amendments to HMDA made by the
EGRRCPA, the 2018 HMDA rule, and amendments
to Regulation C made by CFPB’s final rules issued
in 2015 and 2017. The procedures also incorporate
the FFIEC HMDA Examiner Transaction
Testing Guidelines.
♦ Loans in Areas Having Special Flood Hazards:
These procedures reflect statutory and regulatory
amendments made by the B-W Act and the agency’s
final rule on private flood insurance, including
provisions pertaining to the mandatory and
discretionary acceptance of private flood insurance
by financial institutions, and the qualification and
acceptance of mutual aid society plans in satisfaction
of the flood insurance purchase requirement.
♦ Protecting Tenants at Foreclosure Act: These
procedures address the permanent reinstatement of
the Protecting Tenants at Foreclosure Act (PTFA)
due to the enactment of the EGRRCPA. Examiners
will use the procedures in assessing the quality of
an institution’s compliance management system
regarding the PTFA, including notice requirements
and the timing of eviction.
♦ Fair Lending Scope and Conclusions Memorandum:
Sections and questions of the memorandum were
revised to reflect changes to pre-examination
interview questions and information requests made
during the examination planning process.
♦ Consumer Compliance Examinations and ThirdParty Risk: These sections were updated to add
information on the Interagency Statement Clarifying
the Role of Guidance and make minor conforming
technical changes.
♦ Truth in Lending Act and Electronic Fund Transfer
Act: These chapters were updated to incorporate the
CFPB’s amendments to Regulation E and Regulation
Z related to Prepaid Accounts, effective April 1,
2019. Subsequently, the FDIC adopted the revised
interagency examination procedures to incorporate
these amendments.

40

Community and Small Business
Development and Affordable
Mortgage Lending
As of December 31, 2019, the FDIC engaged with banks
and community organizations through more than 230
outreach events. These events increased shared knowledge
and supported collaboration between financial institutions
and other community, housing, and small business
development resources.
The FDIC’s work emphasized sharing information to
support bank efforts to prudently provide affordable
mortgages, small business credit, and access to SAFE
accounts and financial education. As part of this effort,
the FDIC launched the Affordable Mortgage Lending
Center in 2016, a website (https://www.fdic.gov/
consumers/community/mortgagelending) that houses
various resources, including the Affordable Mortgage
Lending Guide, a three-part guide designed to help
community banks identify affordable mortgage products.
The Affordable Mortgage Lending Center had more than
19,497 subscribers as of December 31, 2019. Materials
from the center have been downloaded more than 15,600
times, and the site has had more than 82,000 page views
since its inception.
In addition, the FDIC sponsored sessions with the
FRB and OCC covering basic and advanced CRA
training for banks. The agencies also offered basic CRA
training for community-based organizations as well as
seminars on establishing effective bank and community
collaborations. The FDIC also focused on encouraging
community development initiatives in rural communities.
This work included workshops to highlight housing
needs and programs, economic development programs,
and community development financial institution
collaborations, such as those serving Native American
communities. The FDIC Community Affairs Branch
and SBA Office of Entrepreneurial Development signed a
MOU in April 2019 to continue efforts focused on small
business. As of December 31, 2019, the FDIC sponsored
69 small business events and activities with more than
1,500 attendees.

Advancing Financial Education
Effective financial education helps people gain the skills
and confidence necessary to establish and sustain a
banking relationship, achieve financial goals, and improve

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
financial well-being. Through Money Smart, the FDIC
offers non-copyrighted, high-quality, free financial
education resources for banks, community organizations,
and other stakeholders to train people of all ages and
small businesses. First launched in 2001 as an instructorled curriculum for adults, it now features materials to
train people of all ages. Regular updates ensure that
Money Smart benefits from user feedback and current
instructional best practices. The FDIC helps organizations
effectively use the curriculum, including through the
Money Smart Alliance, which facilitates quarterly
webinars for the more than 1,400 member organizations.
Youth Financial Education
The FDIC released an enhanced Money Smart for Young
People curriculum in December 2019, providing updated
tools to engage educators, parents, and young people in
the financial education process. The curriculum now
benefits from insights that we received from 26 educators
who taught 83 sessions using Money Smart for Young
People as part of a special project in 2018. In addition,
as part of our ongoing collaboration with the CFPB, the
curriculum helps educators identify opportunities to use
some of the CFPB’s Building Blocks Activities, which the
CFPB developed through research to help promote lifelong
learning and financial skills development.
Money Smart for Older Adults
The CFPB and the FDIC also released an updated
Spanish-language version of the Money Smart for Older
Adults curriculum. Its goal is to help prevent elder
financial exploitation by raising awareness of fraud and
scams among older adults and their caregivers. Money
Smart for Older Adults also encourages advance planning
and informed financial decision-making. The updates
provide new information and resources to help older adults
and their caregivers recognize and prevent fraud, scams,
and other types of financial exploitation. More than one
million copies of the curriculum have been ordered in
English or Spanish since its original release in 2013.
Recognizing the impact of Money Smart for Older Adults,
the American Society on Aging honored the curriculum
with the 2019 Gloria Cavanaugh Award for Excellence
in Training and Education. The award is presented to an
individual or program that has demonstrated continued
excellence in training and education in the field of
aging. One non-profit in Texas that regularly uses

Money Smart for Older Adults provided feedback from
dozens of participants who offered comments such as, “[t]
his course was a lifesaver for me,” “[n]o other place that
I know of to get all this information,” “the information
helped to initiate conversations with friends who may be
unaware of steps to take care for themselves,” and “the
information opened my eyes to things I was not aware of.”
Money Smart for Adults
The FDIC expanded the reach of the updated Money
Smart for Adults, which was released in late 2018, through
several enhancements in response to requests by users.
Updated curricula were released in Chinese, Korean,
Spanish, and Vietnamese. The Financial Industry
Regulatory Authority (FINRA) also reviewed the
curriculum and confirmed its consistency with FINRA
standards, a step pursued in response to feedback to
make it easier for FINRA-regulated entities to conduct
educational workshops with the curriculum.
A self-paced online learning game, “How Money Smart Are
You?” is set for release in 2020. Using a gameshow format,
the new product will allow people to build their financial
skills and knowledge at their own pace, with an option
to receive certificates of completion. The website for the
new game will also include a financial glossary, frequently
asked questions, and fillable tools to augment financial
knowledge. Insights from users in targeted audiences of
adults with low- to moderate-incomes have helped improve
the product, as field testing of draft games was conducted
in Phoenix, Arizona; Atlanta, Georgia; Bethesda,
Maryland; Columbus, Ohio; and at the World Institute on
Disability in Berkeley, California.
Money Smart for Small Business
Money Smart for Small Business is a product developed
jointly by the FDIC and the SBA. For several months,
the SBA and FDIC worked with other federal agencies;
entrepreneurs; and small business training, counseling,
and lending organizations, including financial institutions,
to update the Banking Services and Credit Building
modules. The purpose of the revision was to address
important information gaps identified by entrepreneurs
and organizations serving small businesses and to provide
practical tools to enhance the learning experience, such as
the addition of a case study, checklists, a more attractive
graphic design, and other useful features.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

41

ANNUAL
REPORT
Money Smart Outreach
During 2019, more than 4,000 prospective trainers
were trained on how to use Money Smart, including
representatives of banks, Volunteer Income Tax Assistance
program sites, nonprofit program managers, and others.
For example, the FDIC collaborated with a national bank
to deliver two Money Smart webinar training sessions
for more than 300 bank employees on Money Smart for
Adults so that they can effectively use it throughout the
communities they serve.
The FDIC leads the Money Smart Alliance to scale
promising practices through periodic webinars and
facilitate collaboration between members. More than 327
organizations joined the Alliance during 2019, bringing
the total number of members to 1,409. One example of
how Alliance members use Money Smart includes the
University of Wyoming Extension’s use of Money Smart for
Adults with its Master Money Manager Coach initiative to
help financially at-risk individuals improve their financial
situation across Wyoming. Another example involves a
community bank in Pennsylvania collaborating with a
non-profit organization to provide Money Smart for Adults
training to non-violent offenders finishing jail sentences.
This program offers to connect the participants with
appropriate basic banking services, which assists with their
reintegration into society.
The FDIC also builds the capacity of organizations to use
Money Smart through Money Smart News, a publication
for financial educators to provide updates and ideas
for implementation. For example, the publication
highlighted Bank On South Alabama, a group of financial
institutions, community groups, and government entities
that promotes greater bank account access. Partnering
financial institutions and their employees volunteer to help
nonprofits bring the Money Smart program to their clients
in shelters, substance abuse centers, and other locations.
As an example, once a week for five weeks, bankers taught
Money Smart to students participating in a summer youth
program. These sessions helped people who might not
otherwise have had an opportunity to engage with a bank
to learn about finances and how to open a bank account.
Another Money Smart News article highlighted one bank’s
advice for other trainers based on its experience having
conducted 1,000 Money Smart workshops during the
previous year.

42

Money Smart News also highlighted the 75 banks in the
Youth Banking Network that continued to share ideas and
approaches on how to better connect financial education to
savings accounts for school-aged children. This diverse set
of banks includes those with assets just over $50 million
to those with assets over $350 billion, with a mix of
banks operating in rural, suburban, and urban areas. The
banks are at various stages, ranging from those building
an internal business case for pursuing youth savings
collaboration to banks with well-established programs that
are seeking to expand them in scope or quality. One bank
in the Network shared that its financial education efforts
have resulted in about $130 million of new deposits for the
bank from adults and youth.
FDIC staff encourage financial education to be used as
a tool for other work. For example, the FDIC and the
CFPB cohosted the “Building Collaboration between
Financial Institutions and Law Enforcement to Prevent
and Address Elder Financial Abuse” webinar on July 25,
2019, drawing more than 4,300 registrations. During the
presentation, Money Smart for Older Adults was promoted
as a tool to foster local collaboration and education, and
feedback after the session from banks confirmed examples
of its use. Moreover, the FDIC participated in a Twitter
event hosted by the Federal Emergency Management
Agency (FEMA) during Financial Capability Month.
The chat had more than 36 million potential impressions.
Furthermore, the Money Smart website was also redesigned
to improve the user experience, including new videos. The
Money Smart related webpages had more than 250,000
views during the year.
In addition to Money Smart, the FDIC’s Consumer News
is a monthly, digital educational publication that provides
practical guidance on how to become a smarter and safer
user of financial services. There were 13 issues published
online in 2019, including an extra, special edition issue
in February for America Saves Week. The FDIC is also
adding Consumer Resource Guides, which are plain
language educational materials to explain how banking
regulations impact consumers. Consumers can also take
advantage of the FDIC Information and Support Center’s
searchable Knowledge Center at https://ask.fdic.gov/
fdicinformationandsupportcenter/s/public-information,
where they can search for topics of interest and recent
news stories.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
Partnerships for Access to
Mainstream Banking
The FDIC supported community development and
economic inclusion partnerships at the local level by
providing technical assistance and information resources
throughout the country, with a focus on unbanked
and underbanked households and low- and moderateincome communities. Community Affairs staff support
economic inclusion through work with the Alliances for
Economic Inclusion (AEI), Bank On initiatives, and other
coalitions originated by local and state governments, and
in collaboration with federal partners and many local
and national non-profit organizations. The FDIC also
partners with other financial regulatory agencies to provide
information and technical assistance on community
development to banks and community leaders across
the country.
In the 12 AEI communities and in other areas, the
FDIC helped working groups of bankers and community
leaders develop responses to the financial capability
and services needs in their communities. To integrate
financial capability into community services more
effectively, the FDIC supported seminars and training
sessions for community service providers and assetbuilding organizations, workshops for financial coaches
and counselors, promotion of savings opportunities for
low- and moderate-income people and communities,
initiatives to expand access to savings accounts for all ages,
outreach to bring larger numbers of people to expanded
tax preparation assistance sites, and education for business
owners to help them become bankable.
The FDIC conducted three forums in Spanish in Los
Angeles and San Jose, California and Reno, Nevada
to inform and educate banks, and identify local
stakeholders to support community efforts to improve
financial resiliency of the Spanish-speaking community.
Additionally, the FDIC provided how-to guidance
in establishing an in-school bank branch at a Native
American Asset Building Conference in Niagara Falls,
New York.
The FDIC supports coalitions working on access and
use of SAFE and affordable accounts nationwide. In
2019, Community Affairs staff provided technical
assistance to 35 Bank On coalitions to promote banking
access. Specifically, the FDIC convened 20 outreach

events engaging 515 representatives from banks, local
governments, and community organizations to help them
understand opportunities and to advance strategies to
expand access to SAFE and affordable deposit accounts
and engage unbanked and underbanked consumers.
As of December 31, 2019, the FDIC hosted more than
54 events that provided opportunities for partners to
collaborate on increasing access to bank accounts and
credit services, opportunities to build savings and improve
credit histories, and initiatives to significantly strengthen
the financial capability of community service providers
that directly serve consumers with low or moderate
incomes and small businesses.

Consumer Complaints and Inquiries
The FDIC helps consumers by receiving, investigating,
and responding to consumer complaints about FDICsupervised institutions and answering inquiries about
banking laws and regulations, FDIC operations, and other
related topics. In addition, the FDIC provides analytical
reports and information on complaint data for internal
and external use, and conducts outreach activities to
educate consumers.
The FDIC recognizes that consumer complaints and
inquiries play an important role in the development of
strong public and supervisory policy. Assessing and
resolving these matters helps the agency identify trends or
problems affecting consumer rights, understand the public
perception of consumer protection issues, formulate policy
that aids consumers, and foster confidence in the banking
system by educating consumers about the protection
they receive under certain consumer protection laws
and regulations.
Consumer Complaints by Topic and Issue
The FDIC receives complaints and inquiries by telephone,
fax, U.S. mail, e-mail, and online through the FDIC’s
website. In 2019, the FDIC handled 18,401 written
and telephonic complaints and inquiries. Of the 12,943
involving written correspondence, 5,253 were referred
to other agencies and 7,690 were handled by the FDIC.
The FDIC responded to 99 percent of written complaints
within time frames established by corporate policy, and
acknowledged 100 percent of all consumer complaints
and inquiries within 14 days. As part of the complaint

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

43

ANNUAL
REPORT
and inquiry handling process, the FDIC works with the
other federal financial regulatory agencies to ensure that
complaints and inquiries are forwarded to the appropriate
agencies for response. The FDIC carefully analyzes the
topics and issues involved in complaints about FDICsupervised institutions. The number of complaints
received about a specific bank topic and issue can serve as
a red flag to prompt further review of practices that may
raise consumer protection or supervisory concerns.
In 2019, the four most frequently identified topics
in consumer complaints and inquiries about FDICsupervised institutions concerned checking accounts
(24 percent), consumer/business credit cards (17
percent), consumer lines of credit/installment loans
(14 percent), and residential real estate (9 percent).
Issues most commonly cited in correspondence about
checking accounts were concerns for refusing to provide
service, the error resolution process for disputes, and
account discrepancies or transaction errors. Consumer
correspondence about credit cards most often raised
issues regarding reporting of account information, billing
disputes, and fees. Consumer loan complaints and
inquiries most frequently described issues with reporting
of account information, collection practices, and billing
disputes. Correspondence regarding residential real estate
related to disclosures, inaccurate appraisal reports, and
foreclosure and modification issues.
The FDIC also investigated 51 Fair Lending complaints
alleging discrimination during 2019. The number of
discrimination complaints investigated has fluctuated
over the past several years but averaged approximately
69 complaints per year between 2014 and 2019. Over this
period, 48 percent of the issues identified in complaints
investigated alleged discrimination based on the race,
color, national origin, or ethnicity of the applicant or
borrower; 14 percent involved the sex of the applicant or
borrower; 13 percent related to discrimination allegations
based on age; and 7 percent concerned handicap.
Consumer refunds generally involve the financial
institution offering a voluntary credit to the consumer’s
account, often as a direct result of complaint investigations
and identification of a banking error or violation of law.
Through December 2019, consumers received more than
$412,426 in refunds from financial institutions as a
result of the assistance provided by the FDIC’s Consumer
Response Center.

44

FAILURE RESOLUTION AND
RECEIVERSHIP MANAGEMENT
The FDIC has the unique mission of protecting depositors
of insured banks and savings associations. No depositor
has ever experienced a loss on the insured amount of
his or her deposits in an FDIC-insured institution due
to a failure. When an institution closes, its chartering
authority—the state for state-chartered institutions
and the OCC for national banks and federal savings
associations—typically appoints the FDIC as receiver,
responsible for resolving the failed institution.
The FDIC employs a variety of strategies and business
practices to resolve a failed institution. These strategies
and practices are typically associated with either the
resolution process or the receivership process. Depending
on the characteristics of the institution, the FDIC may
utilize several of these methods to ensure the prompt
and smooth payment of deposit insurance to insured
depositors, to minimize the impact on the DIF, and to
speed dividend payments to uninsured depositors and
other creditors of the failed institution.
The resolution process involves evaluating and marketing
a failing institution, soliciting and accepting bids for the
sale of the institution, determining which bid (if any) is
least costly to the DIF, and working with the acquiring
institution through the closing process.
To minimize disruption to the local community, the
resolution process must be performed as quickly and
efficiently as possible. The FDIC uses two basic resolution
methods: purchase and assumption transactions and
deposit payoffs.
The purchase and assumption (P&A) transaction is the
most commonly used resolution method. Typically,
in a P&A transaction, a healthy institution purchases
certain assets and assumes certain liabilities of the failed
institution, including the option of acquiring either all
deposits or only the insured portion. Because each failing
bank situation is different, P&A transactions provide
flexibility to structure resolution transactions that result
in obtaining the highest value for the failed institution.
For example, a P&A transaction could include a sharedloss feature, in which the FDIC as receiver agrees to share
losses on certain assets with the acquirer for a specified
period of time (e.g., five to 10 years). The FDIC used
shared-loss P&A transactions extensively during periods

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
of economic distress, when asset values became highly
uncertain. Shared-loss P&A transactions have not been
offered since 2013; however, the FDIC continues to
monitor agreements that remain in place. At year-end
2019, there were 59 receiverships with active shared-loss
agreements. Total assets covered by shared-loss agreements
were reduced by $5.4 billion to $4.2 billion.

Financial Institution Failures
During 2019, there were four institution failures,
compared to no failures in 2018. In all four transactions,
the FDIC successfully contacted all known, qualified,
and interested bidders to market these institutions, and
all depositors had access to insured funds within one
business day.

As a result of the FDIC’s marketing and collection efforts,
the book value of assets in inventory decreased by $654
million (56 percent) in 2019. Total assets in liquidation
have not been lower than $1 billion since April 2008.
The following chart shows the beginning and ending
balances of these assets by asset type.

ASSETS-IN-LIQUIDATION INVENTORY
BY ASSET TYPE
Dollars in Millions
Asset Type

12/31/19

12/31/18

12/31/17

$10

$50

$160

Consumer Loans

0

0

8

Commercial Loans

1

34

50

Securities

Further, there were no losses on insured deposits, and no
appropriated funds were required to pay insured deposits.

Real Estate Mortgages

19

67

139

Other Assets/Judgments

44

151

260

The following chart provides a comparison of failure
activity over the past three years.

Owned Assets

3

3

47

31

19

157

416

854

1,449

$524

$1,178

$2,271

Net Investments in
Subsidiaries

FAILURE ACTIVITY
Dollars in Billions
2019

2018

2017

4

0

8

Total Assets of
Failed Institutions*

$0.2

$0.0

$5.1

Total Deposits of
Failed Institutions*

$0.2

$0.0

$4.7

$0.03

$0.0

$1.2

Total Institutions

Estimated Loss to the DIF

*Total assets and total deposits data are based on the last quarterly
report filed by the institution prior to failure.

Asset Management and Sales
As part of its resolution process, the FDIC tries to sell
as many assets as possible to an assuming institution.
Assets that are retained by the receivership are promptly
valued and liquidated in order to maximize the return to
the receivership estate. During 2019, for 95 percent of
failed institutions, at least 90 percent of the book value of
marketable assets was marketed for sale within 90 days of
an institution’s failure for cash sales, and within 120 days
for structured sales.
Cash sales of all assets for 2019 totaled $482 million in
book value.

Structured and
Securitized Assets
TOTAL

Receivership Management Activities
The FDIC, as receiver, manages failed insured depository
institutions and oversees their subsidiaries with the goal
of expeditiously winding up their affairs. The oversight
and prompt termination of receiverships help to preserve
value for the uninsured depositors and other creditors
by reducing overhead and other holding costs. Assets
remaining after resolution are liquidated by the FDIC
in an orderly manner, and the proceeds are used to
pay receivership claimants, including depositors whose
accounts exceeded the insurance limit. During 2019,
receiverships paid dividends of $1.2 million to depositors
whose accounts exceeded the insurance limit.
Once the assets of a failed institution have been sold
and its liabilities extinguished, the final distribution
of any proceeds is made, and the FDIC terminates
the receivership. In 2019, the total number of active
receiverships under management decreased by 28
(10 percent) to 248. Further, the FDIC terminated
more than 75 percent of new receiverships within three
years of the date of failure.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

45

ANNUAL
REPORT
The following chart shows overall receivership activity for
the FDIC in 2019.

RECEIVERSHIP ACTIVITY
Active Receiverships as of 12/31/18
New Receiverships

272

Receiverships Terminated
Active Receiverships as of 12/31/19

28

4
248

Professional Liability and
Financial Crimes Recoveries
The FDIC investigates bank failures to identify potential
claims against directors, officers, securities underwriters
and issuers, fidelity bond insurance carriers, appraisers,
attorneys, accountants, mortgage loan brokers, title
insurance companies, and other professionals who may
have caused losses to insured depository institutions and
FDIC receiverships. The FDIC will pursue meritorious
claims that are expected to be cost-effective.
During 2019, the FDIC recovered $626.4 million from
professional liability claims and settlements. The FDIC
authorized one professional liability lawsuit during 2019.
As of December 31, 2019, the FDIC’s caseload included 11
professional liability lawsuits (down from 21 at year-end
2018), eight residential mortgage malpractice and fraud
lawsuits (down from nine), and open investigations in 51
claim areas out of nine institutions. The FDIC completed
investigations and made decisions on 91 percent of the
investigations related to failures that reached the 18-month
point after the institution’s failure date in 2019, thereby
exceeding its annual performance target.
As part of the sentencing process, for those convicted
of criminal wrongdoing against an insured institution
that later failed, a court may order a defendant to
pay restitution or to forfeit funds or property to the
receivership. The FDIC, working with the U.S.
Department of Justice in connection with criminal
restitution and forfeiture orders issued by federal courts
and independently in connection with restitution orders
issued by the state courts, collected $9.96 million in
2019. As of December 31, 2019, there were 2,187 active
restitution and forfeiture orders (decreased from 2,346
at year-end 2018). This includes 56 orders held by the
Federal Savings and Loan Insurance Corporation (FSLIC)

46

Resolution Fund (i.e., orders arising out of failed financial
institutions that were in receivership or conservatorship by
the FSLIC or the Resolution Trust Corporation).

INFORMATION TECHNOLOGY
Information technology (IT) is an essential component
in virtually all FDIC business processes. This integration
with the business provides opportunities for efficiencies
but also requires an awareness of potential risks. In 2019,
the Chief Information Officer Organization (CIOO)
focused its efforts on managing information security risk,
strengthening infrastructure resiliency, and modernizing
FDIC applications and systems to support the FDIC’s
business processes and key stakeholders.

Managing Information Security Risk
The FDIC’s information security program is integral to
the agency’s ability to carry out its mission of maintaining
stability and public confidence in the nation’s financial
system.
The FDIC continues to strengthen its information security
functions in accordance with the Federal Information
Security Modernization Act of 2014 (FISMA) and in
alignment with the standards and guidance provided
by the National Institute of Standards and Technology
(NIST). For example, in 2019 the FDIC:
♦ Continued progress towards optimizing the Security
Operations Center (SOC) including implementation
of new capabilities to monitor and analyze network
traffic and cloud usage for indications of information
security risk;
♦ Implemented a Privacy Continuous Monitoring
(PCM) strategy, which strengthens privacy controls
and facilitates ongoing privacy reviews to ensure
personally identifiable information (PII) is effectively
managed and protected;
♦ Enhanced monitoring capabilities over platforms
supporting core business functions consistent with
leading risk management practices for information
security;
♦ Updated and published 34 System of Record Notices
(SORNs) in the Federal Register and implemented
delegation of SORN publication authority to align
with federal guidance; and

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
♦ Introduced new policies and procedures for patching,
risk assessments, remediation plans, and firewall and
network security to further strengthen information
security and privacy risk management.
Information Security continues to be a top management
priority at the FDIC.

Strengthening Infrastructure Resiliency
The FDIC must be able to provide and maintain an
acceptable level of service in the face of threats and
challenges to normal computer and network operations.
Threats and challenges for services can range from simple
misconfigurations to unforeseen large-scale natural
disasters or targeted attacks. The FDIC works to ensure
that its infrastructure can anticipate, absorb, adapt to, and/
or rapidly recover from a potentially disruptive event.
To continue to support a resilient and effective
infrastructure, in 2019, the FDIC executed a
comprehensive initiative to expand and enhance its
existing disaster recovery and business continuity
capabilities. The FDIC’s efforts were particularly focused
on ensuring that designated IT systems and applications
that support mission-essential functions could be recovered
within targeted timeframes. As part of this multi-year
project, the FDIC completed the migration of key IT
systems and applications to a new and larger backup
data center (BDC). This effort strengthens resiliency
by extending geographic proximity of the FDIC’s BDC
from its primary data center. The new facility introduced
new security capabilities including enterprise logging and
expanded data loss prevention.
Additional enhancements include rapid restoration
(failover) of mission-critical business applications.
Automated foundational restoration processes minimize
manual intervention, and equipment is maintained in a
higher availability mode to enable faster restoration. As
a result, the FDIC is better positioned to preempt and
rapidly recover from an outage or threat. The CIOO
completed a test of failover functionality in October 2019
that identified lessons that will continue to strengthen
the BDC.
The FDIC also implemented a Resiliency and Performance
Improvement Project to improve resiliency and
performance of its IT infrastructure. The project allows
faster restoration of network services and is part of
the series of controls in place to support effective
disaster recovery.

Modernizing IT and Enhancing
Data Governance
The FDIC is committed to promoting efficient operations,
treating data as a strategic asset, and providing IT
resources that support its workforce and improve the
FDIC’s engagement with regulated institutions. To meet
these key needs, in 2019 the FDIC:
♦ Developed and began implementing a comprehensive
integrated five-year IT Modernization Plan to support
several business drivers including Bank Supervision
Modernization, Financial Crisis Preparedness, and
the treatment of data as a corporate resource. The
IT Modernization Plan supports a cost-effective,
agile technology environment that fosters business
innovation and efficiencies.
♦ Completed an Enterprise Architecture Target
statement that outlines the basis for developing the
FDIC’s future IT environment in order to guide IT
decision-making and support the FDIC in executing
its mission.
♦ Launched a Cloud Technology Migration
Modernization project and migrated applications
for two of the Corporation’s Divisions (Division of
Resolutions and Receiverships and the Division of
Insurance and Research).
♦ Launched an Enterprise Data Governance Initiative
to provide strategic direction on the FDIC’s data
strategy, where trusted data are easily used and
securely shared to support the FDIC’s mission.
♦ Created a new Chief Data Officer position to provide
strategic leadership to the FDIC’s data strategy.

DIVERSITY AND INCLUSION
Consistent with the provisions of the Dodd-Frank Act, the
FDIC maintains its commitment to provide diversity and
inclusion in employment opportunities and all business
areas of the FDIC. The Office of Minority and Women
Inclusion (OMWI) supports the FDIC’s mission through
outreach efforts to ensure the fair inclusion and utilization
of minority- and women-owned businesses (MWOBs),
law firms (MWOLFs), and investors in contracting and
investment opportunities. OMWI is also responsible for
assessing the diversity policies and practices of FDICregulated financial institutions.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

47

ANNUAL
REPORT
The FDIC Diversity and Inclusion (D&I) Strategic Plan is
evaluated and updated regularly and delineates strategies
to promote workforce and workplace inclusion and
sustainability of diversity and inclusion efforts. The
D&I Executive Advisory Council (EAC) oversees the
plan’s implementation and promotes the coordination
and awareness of diversity and inclusion initiatives as an
FDIC priority. Additionally, employees provide input on
these efforts by serving on the regional and headquarters
Chairman’s Diversity Advisory Councils or joining one of
the nine Employee Resource Groups.

Minority- and Women-Owned
Business Outreach
OMWI’s outreach efforts also ensure the fair inclusion
and utilization of MWOBs, MWOLFs, and investors in
contracting and investment opportunities. In 2019, the
FDIC awarded 152 (29.3 percent) contracts to MWOBs
out of a total of 518 issued. The FDIC awarded contracts
with a combined value of $554.0 million in 2019, of which
31.3 percent ($173.5 million) were awarded to MWOBs,
compared to 24.5 percent for all of 2018. The FDIC paid
$98.3 million of its total contract payments (21.1 percent)
to MWOBs, under 287 MWOB contracts.
In 2019, the FDIC participated in a total of 18 business
expos, one-on-one matchmaking sessions, and panel
presentations. At these events, FDIC staff provided
information and responded to inquiries regarding FDIC
business opportunities for minorities and women. In
addition to targeting MWOBs, these efforts also
targeted veteran-owned and small disadvantaged
businesses. Vendors were provided with the FDIC’s
general contracting procedures, prime contractors’
contact information, and forecasts of possible upcoming
solicitations. Also, vendors were encouraged to register
through the FDIC’s Contractor Resource List (the
principal database for vendors interested in doing business
with the FDIC).
On December 5, 2019, the FDIC and the other
OMWI agencies partnered with the Minority Business
Development Agency and the Northern Virginia
Procurement Technical Assistance Center to host the
“Connections That Count” technical assistance event
in Arlington, Virginia. Technical assistance events are
designed to provide information, resources, and tools
to MWOBs in order to build and expand their federal

48

contracting opportunities. It is also a forum for MWOBs
to network with representatives from various sources of
business assistance, as well as OMWI representatives. In
addition, the sponsoring agencies and various procurement
trade organizations exhibited at the event.

Minority- and Women-Owned
Law Firm Outreach
The Legal Division’s legal contracting program endeavors
to maximize the participation of both minority- and
women-owned law firms (MWOLFs), minority and
women partners, and associates employed at majority
owned firms (Diverse Attorneys). This approach is
consistent with Section 342 of the Dodd-Frank Act that
encourages diversity and inclusion at all levels. For both
MWOLFs and Diverse Attorneys, FDIC legal matters
provide important learning and professional client
development opportunities that can be quite meaningful
to career advancement. For 2019, the Legal Division
had an aggregate 34.0 percent diversity and inclusion
participation rate in legal contracting as set forth below.
The FDIC made 20 referrals to MWOLFs, which
accounted for 32.2 percent of all legal referrals. Total
payments to MWOLFs were $3.4 million in 2019,
which is 10.7 percent of all payments to outside counsel,
compared to 7.7 percent for all of 2018. In 2019, Diverse
Attorneys earned $7.4 million in legal fees, which is
23.3 percent of all payments to outside counsel. Taken
together, FDIC paid $10.8 million to MWOLF firms and
Diverse Attorneys out of a total of $31.7 million dollars
spent on outside counsel services in 2019. This number
represents 34.0 percent of total outside counsel fees, which
is a significant increase from 2018, in which there was a
27.5 percent aggregate participation rate, despite the steep
decline in overall outside counsel spending.
The keystone of the Legal Division diversity and inclusion
outreach is the FDIC’s partnerships with minority bar
associations and specialized stakeholder organizations.
In 2019, the FDIC Legal Division participated in seven
minority bar association conferences and three stakeholder
events in support of maximizing the participation
of MWOLFs and Diverse Attorneys in FDIC legal
contracting. The Legal Division divided its stakeholder
event participation into events concentrating on outreach
to MWOLF firms and focusing on outreach to Diverse
Attorneys who work at majority owned law firms.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
In 2019, National Association of Minority and Women
Owned Law Firms again formally recognized the FDIC
in a press release as a principal member of, and major
contributor to, its Inclusion Initiative, a collaborative
program among law departments of major corporations
designed to increase the participation of MWOLF firms in
legal contracting. The FDIC participates in the Inclusion
Initiative along with major corporations.

FRB, CFPB, NCUA, SEC, and the Department of the
Treasury to further implement Section 342(b)(2)(C) of the
Dodd-Frank Act, which required the agencies to develop
standards to assess the diversity policies and practices of
the entities they regulate. After publishing Joint Standards
in 2015, the FDIC developed a diversity self-assessment
instrument to assist FDIC-regulated financial institutions
in systematically assessing their diversity programs.

The Legal Division understands the value of integrating
FDIC in-house counsel in its legal contracting diversity
and inclusion. Also in 2019, the Legal Division presented
a Legal Contracting Diversity and Inclusion Workshop for
the closed bank oversight attorneys at the Dallas Regional
Office. These attorneys are responsible for assigning work
to outside counsel. The program included a review of the
prior year’s legal contracting statistics, planned projects,
question and answers, and the solicitation of ideas from
the attorneys for improving the selection and retention of
outside counsel.

The FDIC began collecting voluntary self-assessments
from its regulated financial institutions in 2017. The
FDIC received 95 of 805 (11.8 percent) self-assessments in
2017 for the 2016 reporting period. In 2018, the FDIC
received 137 of 820 (16.7 percent) self-assessments from
its regulated institutions for the 2017 reporting period. In
2019, the FDIC received 133 of 784 (17 percent) selfassessments from its regulated institutions for the 2018
reporting period. OMWI analyzed the self-assessment
responses for the 2016 – 2018 reporting periods and
posted this analysis on its internal and external websites.

Pursuant to Section 342 of the Dodd-Frank Act, which
requires an assessment of legal contractors’ internal
workforce diversity practices, the Legal Division conducted
12 compliance reviews of the top-billing law firms (both
non-minority-owned and MWOLFs). The reviews
included questions that focused on associate and partner
recruitment, retention rates of minority and women
associates and partners, and partnership offers to minority
and women attorneys working on FDIC legal matters.
The reviews are instrumental in gathering diversity data
for ongoing monitoring efforts as well as the exchange of
ideas to enhance diversity initiatives.

OMWI hosted an outreach event on October 24, 2019,
jointly with the other OMWI agencies for their respective
regulated entities. The event was entitled “Financial
Regulatory Agencies Diversity Summit” and was held
in Chicago, Illinois. Additionally, on November 20,
2019, the FDIC participated in a webinar hosted by the
American Bankers Association titled, “What Bankers
Need to Know about the Diversity Self-Assessment.”
Both events focused on the value of conducting voluntary
self-assessments, annually submitting assessment results
to OMWI Directors, and making diversity information
transparent to the public. The OMWI agencies also
outlined how the self-assessments will be used to identify
leading trends and establish benchmarks that will assist
financial institutions in assessing and enhancing their
diversity programs.

In addition to the outreach efforts noted above, the Legal
Division continues to provide technical assistance to other
related government agencies on developing MWOLF
outreach programs that mirror the FDIC’s program.
The Legal Division evaluated and approved three new
MWOLF applications in 2019. Firms from various
geographic areas were added to the FDIC List of
Counsel Available in order to be eligible to receive legal
contracting work.

Financial Institution Diversity
The FDIC’s Financial Institution Diversity program is
responsible for assessing the diversity policies and practices
of FDIC-regulated financial institutions. The FDIC
OMWI worked closely with the OMWIs from the OCC,

Information related to diversity and inclusion at the FDIC
can be found at www.fdic.gov/about/diversity.

INTERNATIONAL OUTREACH
The FDIC continues to play a leading role in supporting
the global development of deposit insurance, bank
supervision, and bank resolution systems. This included
working closely with regulatory and supervisory authorities
from around the world, as well as international standardsetting bodies and multilateral organizations, such as the
International Association of Deposit Insurers (IADI),

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

49

ANNUAL
REPORT
the Association of Supervisors of Banks of the Americas
(ASBA), the Basel Committee on Banking Supervision
(BCBS), the Financial Stability Board (FSB), the
International Monetary Fund (IMF), and the World Bank.
The FDIC engaged with foreign regulatory counterparts
by hosting visiting officials, conducting training seminars,
delivering technical assistance abroad, and fulfilling the
commitments of FDIC membership in international
organizations. The FDIC also advanced policy objectives
with key jurisdictions by participating in high-level
interagency dialogues.
International Association of Deposit Insurers
FDIC officials and subject matter experts provided
continuing support for IADI programs in 2019. This
included chairing IADI’s Training and Conference
Technical Committee, which provided support for
developing and facilitating technical assistance workshops
for the African, European, Eurasian, Asia-Pacific,
Caribbean, North American, and Latin American regions
of IADI. The FDIC also chaired IADI’s Differential
Premium Systems Technical Committee, which is drafting
a paper evaluating the effectiveness of differential deposit
insurance premium systems. The FDIC also participated
in reviews of IADI members’ self-assessments of
compliance with the Core Principles. The FDIC assisted in
the development of IADI’s Biennial Research Conference,
which provides a forum for researchers and deposit
insurance and bank resolution practitioners to meet to
discuss issues facing deposit insurers. It also assisted in
development of the annual conference for officials and
senior management of deposit insurance authorities in
conjunction with the IADI Annual General Meeting.
Led and supported by FDIC executives and senior staff,
IADI technical assistance and training activities reached
approximately 500 participants during 2019.
Association of Supervisors of Banks of the Americas
Senior FDIC staff chaired the ASBA Training and
Technical Committee in 2019, which designs and
implements ASBA’s training strategy, promoting the
adoption of sound banking supervision policies and
practices among its members. The training program
reached more than 500 member participants in 2019.
Basel Committee on Banking Supervision
The FDIC supports and contributes to the development
of international standards, guidelines, and sound

50

practices for prudential regulation and supervision of
banks through its longstanding membership in BCBS.
The contribution includes actively participating in
many of the committee groups, working groups, and
task forces established by BCBS to carry out its work,
which focused on policy development, supervision and
implementation, macroprudential supervision, accounting,
and consultation.
International Capacity Building
During the year, the FDIC provided direct assistance
to many foreign organizations through the provision
of technical expertise. These engagements included
providing staff experts to provide training in bank
resolution and planning for the European Union’s Single
Resolution Board, assisting the Serbia Deposit Insurance
Agency in developing its target fund model, and assisting
the IMF in Manila, Philippines. The FDIC also hosted
more than 147 visiting regulators and other government
officials from 34 countries during the year. Two sessions
of “FDIC 101: An Introduction to Deposit Insurance,
Bank Supervision, and Resolutions,” a structured learning
program for senior foreign officials, were offered in 2019
and attended by 56 participants from more than 38
organizations. The FDIC piloted a new two-week training
program called “The Bank Resolution Experience,” which
is an in-depth training on the FDIC’s resolution functions
designed to educate staff-level practitioners from foreign
counterparts with resolution authority. The pilot was
attended by 22 participants from 15 organizations. The
FDIC’s Corporate University also makes supervisory
courses available to foreign participants and trained
89 students this year.

EFFECTIVE MANAGEMENT OF
STRATEGIC RESOURCES
The FDIC recognizes that it must effectively manage
its human, financial, and technological resources
to successfully carry out its mission and meet the
performance goals and targets set forth in its annual
performance plan. The FDIC must align these strategic
resources with its mission and goals and deploy them
where they are most needed to enhance its operational
effectiveness and minimize potential financial risks to the
DIF. Following are the FDIC’s major accomplishments
in improving operational efficiency and effectiveness
during 2019.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

2019
Human Capital Management

Examiner Recruiting, Hiring, and Training

The FDIC’s human capital management programs are
designed to attract, train, develop, reward, and retain a
highly skilled, diverse, and results-oriented workforce. In
2019, the FDIC workforce planning initiatives emphasized
the need to plan for employees to fulfill current and future
capability and leadership needs. This focus ensures that
the FDIC has a workforce positioned to meet today’s core
responsibilities and prepared to fulfill its mission in the
years ahead.

From 2005 through 2019, the FDIC’s Corporate Employee
Program (CEP) sponsored the development of newlyhired Financial Institution Specialists (FIS) in entrylevel positions. During the first-year rotation within the
program, FISs gained experience and knowledge in the
core business of the FDIC and then were placed within
RMS or DCP, where they continued their career path
to become commissioned examiners. More than 1,050
employees have become commissioned examiners after
successfully completing the program’s requirements.

Strategic Workforce Planning and Readiness
The FDIC understands that succession planning is critical
to ensure that gaps in employee aspiration, engagement,
and readiness for senior leadership positions are addressed.
The FDIC dedicates resources to strengthen and expand
its internal pipeline of employees who aspire to higherlevel positions, have the necessary leadership and technical
skills, and are prepared to assume future leadership roles.
The FDIC conducted succession planning survey
research that established a baseline of career aspirations,
engagement, and readiness of corporate graded (CG)
12-15 employees for mission-critical leadership positions.
In 2019, this baseline was used to inform FDIC’s career
development planning strategies and broader workforce
planning strategies and investments. In addition, the
baseline is being used to inform individual Divisions as
they plan and implement succession planning activities
tailored to meet their Divisions’ unique workforce needs.
During the past few years, the FDIC has witnessed an
uptick of retirements in management and leadership
positions, requiring a greater emphasis on knowledge
transfer and long-term succession planning. To ensure
that these critical skills are sustained, the FDIC is
developing new career paths that encompass emerging
skills, while offering leadership training and career
development opportunities designed to increase the
internal candidate pool of potential leaders at all levels.
The FDIC is also undertaking innovative approaches to
attract and retain entry-level examiners with specialty and
emerging skillsets.
Through these efforts, the FDIC workforce will be even
better positioned to respond to dynamic financial and
technological challenges, now and in the future.

In an effort to make the examination processes and
procedures more efficient and effective, evaluate the
training and commissioning processes, promote diversity
and engagement, and ensure that the vast institutional
knowledge held by examiners today is passed on to future
examiners, newly hired FISs now will be assigned directly
into a discipline: risk management or consumer protection.
After a centralized orientation, newly-hired FISs will
experience task-based, on-the-job training while working
toward commission.
Employee Learning and Development
The FDIC is committed to training and developing its
employees throughout their careers to enhance technical
proficiency and leadership capacity, supporting career
progression and succession management. The FDIC is
in the midst of modernizing learning and development,
including expanding virtual and online offerings,
integrating modern learning technology, and modernizing
the training center. The FDIC develops and implements
comprehensive curricula for its business lines to prepare
employees to meet new challenges. Such training, offered

Corporate University Associate Professor Dr. Alphronzo Moseley, right, leads
a roundtable discussion on the FDIC’s leadership development program for
first-line supervisors.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

51

ANNUAL
REPORT
via a range of delivery modes, positions the FDIC’s
Corporate University to be a virtual university with a
physical presence.
Employees working to become commissioned examiners or
resolutions and receiverships specialists attend a prescribed
set of specialized, internally developed and instructed
courses. Post-commission, employees continue to further
their knowledge in specialty areas with more advanced
courses. The FDIC is revising examiner classroom
training to better support on-the-job application and
is developing resolution and receivership training to
support readiness and compliance training and converting
instructor led courses to web-based training.
The FDIC also offers a comprehensive leadership
development program that combines core courses,
electives, and other enrichment opportunities to develop
employees at all levels. From new employees to new
executives, the FDIC provides employees with targeted
opportunities that align with key leadership competencies.
In addition to a broad array of internally developed and
administered courses, the FDIC provides its employees
with funds to participate in external training to support
their career development.
Employee Engagement
The FDIC continually evaluates its human capital
programs and strategies to ensure that it remains an
employer of choice, and that all of its employees are fully
engaged and aligned with the mission. The FDIC uses
the Federal Employee Viewpoint Survey mandated by
Congress to solicit information from employees, and takes
an agency-wide approach to address key issues identified
in the survey. The FDIC consistently scores highly in all
categories of the Partnership for Public Service Best Places
to Work in the Federal Government® list for mid-size federal

52

Photo credit: Partnership for Public Service
Internal Ombudsman Robert Harris and Deputy to the Chairman and
Chief Financial Officer Bret Edwards receive the award for one of the Best
Places to Work in the Federal Government for mid-sized federal agencies
from Max Stier, President and CEO of Partnership for Public Service.

agencies. In 2019, the FDIC was recognized for the
tenth consecutive year as one of the top federal agencies.
Effective leadership is the primary factor driving employee
satisfaction and commitment in the federal workplace,
according to a report by the Partnership for Public Service.
The FDIC engages employees through formal mechanisms
such as the TEAM (Transparency, Empowerment,
Accountability, Mission) FDIC initiative that empowers
employees to identify and implement short-term projects
that positively impact the FDIC workplace and support
the FDIC’s mission; Chairman’s Diversity Advisory
Councils; and Employee Resource Groups; and informally
through working groups, team discussions, and daily
employee-supervisor interactions. Employee engagement
plays an important role in empowering employees and
helps maintain, enhance, and institutionalize a positive
workplace environment.

M A N A G E M E N T ' S D I S C U S S I O N A N D A N A LY S I S

II.

PERFORMANCE RESULTS SUMMARY

THIS PAGE INTENTIONALLY LEFT BLANK

2019
SUMMARY OF 2019 PERFORMANCE RESULTS BY PROGRAM
The FDIC successfully achieved 48 of the 49 annual performance targets established in its 2019 Annual Performance Plan.
One target was not achieved, which involved a final rulemaking regarding a liquidity standard. There were no instances
in which 2019 performance had a material adverse effect on the successful achievement of the FDIC’s mission or its
strategic goals and objectives regarding its major program responsibilities.

PERFORMANCE RESULTS BY PROGRAM AND STRATEGIC GOAL
2019 INSURANCE PROGRAM RESULTS
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
#

1

2

ANNUAL
PERFORMANCE GOAL

Respond promptly to all
IDI closings and related
emerging issues.

Disseminate data and
analyses on issues and
risks affecting the financial
services industry to bankers,
supervisors, the public, and
other stakeholders on an
ongoing basis.

INDICATOR

TARGET

RESULTS

Number of business
days after an institution
failure that depositors
have access to insured
funds.

Depositors have access to insured
funds within one business day if the
failure occurs on a Friday.

ACHIEVED.
SEE PG. 45.

Insured depositor
losses resulting from
a financial institution
failure.

Depositors have access to insured
funds within two business days if the
failure occurs on any other day of the
week.

ACHIEVED.
SEE PG. 45.

Depositors do not incur any losses on
insured deposits.

ACHIEVED.
SEE PG. 45.

No appropriated funds are required to
pay insured depositors.
Disseminate results of research and
analyses in a timely manner through
regular publications, ad hoc reports,
and other means.

ACHIEVED.
SEE PG. 45.

Scope and timeliness
of information
dissemination on
identified or potential
issues and risks.

Undertake industry outreach
activities to inform bankers and other
stakeholders about current trends,
concerns, available resources, and
FDIC performance metrics.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED.
SEE PGS. 28-31.

ACHIEVED.
SEE PGS. 28-31.

55

ANNUAL
REPORT
2019 INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
#

3

4

ANNUAL
PERFORMANCE GOAL

INDICATOR

Monitor the status of the
DIF reserve ratio and analyze
the factors that affect fund
growth. Adjust assessment
rates, as necessary.

Updated fund balance
projections and
recommended changes
to assessment rates, as
necessary.

Expand and strengthen the
FDIC’s participation and
leadership role in supporting
robust and effective deposit
insurance programs,
resolution strategies, and
banking systems worldwide.

Activities to expand
and strengthen
engagement with
strategically important
foreign jurisdictions
and key international
organizations and
associations, and to
advance the FDIC’s
global leadership
and participation on
deposit insurance,
institution supervision,
resolution practices and
international financial
safety net issues.
Provision of technical
assistance and training
to foreign counterparts.

5

56

Ensure timely consideration
and efficient processing of
de novo deposit insurance
applications.

Updated policies,
procedures, and
guidance.

TARGET

RESULTS

Provide updated fund balance
projections to the FDIC Board of
Directors semiannually.

ACHIEVED.
SEE PGS. 15-16.

Recommend changes to deposit
insurance assessment rates to the
FDIC Board of Directors as necessary.
Foster strong relationships with
international banking regulators,
deposit insurers, and other relevant
authorities by engaging with
strategically important jurisdictions
and organizations on international
financial safety net issues.

ACHIEVED.
SEE PGS. 15-16.
ACHIEVED.
SEE PGS. 49-50.

Provide leadership and expertise to
key international organizations and
associations that promote sound
deposit insurance and effective bank
supervision and resolution practices.

ACHIEVED.
SEE PGS. 49-50.

Promote international standards
and expertise in financial regulatory
practices and stability through the
provision of technical assistance and
training to global financial system
authorities.
Conduct six regional roundtable
discussions to explain and solicit
feedback on the de novo application
process, and implement additional
changes, as appropriate, based on that
feedback.

ACHIEVED.
SEE PGS. 49-50.

Ensure the de novo deposit insurance
application process is streamlined and
transparent.

ACHIEVED.
SEE PGS. 32-33.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED.
SEE PGS. 32-33.

2019
2019 INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
#

6

7

ANNUAL
PERFORMANCE GOAL

Market failing institutions
to all known qualified and
interested potential bidders.
Provide educational
information to IDIs and
their customers to help
them understand the rules
for determining the amount
of insurance coverage on
deposit accounts.

INDICATOR

TARGET

RESULTS

Scope of qualified
and interested bidders
solicited.
Timeliness of responses
to deposit insurance
coverage inquiries.

Contact all known qualified and
interested bidders.

ACHIEVED.
SEE PG. 45.

Respond within two weeks to 95
percent of written inquiries from
consumers and bankers about FDIC
deposit insurance coverage.

ACHIEVED.
SEE PG. 39.

Initiatives to increase
public awareness of
deposit insurance
coverage changes.

Conduct at least four telephone or
in-person seminars for bankers on
deposit insurance coverage.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED
SEE PGS. 38-39.

57

ANNUAL
REPORT
2019 SUPERVISION PROGRAM RESULTS
Strategic Goal: FDIC-insured institutions are safe and sound.
#

1

2

58

ANNUAL
PERFORMANCE GOAL

Conduct on-site risk
management examinations
to assess the overall financial
condition, management
practices and policies, and
compliance with applicable
laws and regulations of
FDIC-supervised depository
institutions. When problems
are identified, promptly
implement appropriate
corrective programs and
follow up to ensure that
identified problems are
corrected.
Assist in protecting the
infrastructure of the U.S.
banking system against
terrorist financing, money
laundering, and other
financial crimes.

INDICATOR

TARGET

RESULTS

Percentage of required
examinations conducted
in accordance with
statutory requirements
and FDIC policy.

Conduct all required risk
management examinations within the
timeframes prescribed by statute and
FDIC policy.

ACHIEVED.
SEE PG.16.

Follow-up actions on
identified problems.

For at least 90 percent of IDIs that are
assigned a composite CAMELS rating
of 2 and for which the examination
report identifies “Matters Requiring
Board Attention” (MRBAs), review
progress reports and follow up with
the institution within six months of
the issuance of the examination report
to ensure that all MRBAs are being
addressed.
Percentage of required
Conduct all BSA examinations within
examinations conducted the timeframes prescribed by statute
in accordance with
and FDIC policy.
statutory requirements
and FDIC policy.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED.
SEE PGS. 17-18.

ACHIEVED.
SEE PG. 16.

2019
2019 SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
#

3

ANNUAL
PERFORMANCE GOAL

Establish regulatory capital
standards that ensure
institutions have sufficient
loss-absorbing capacity to
remain resilient under stress
while reducing complexity
and maximizing efficiency.

INDICATOR

Simplification of
capital standards for
community banks.

U.S. implementation of
internationally agreed
regulatory standards.

Implementation of
other changes to capital
requirements directed
by the Congress.

TARGET

RESULTS

Complete, by September 30, 2019,
rulemaking for a community bank
leverage ratio and conforming changes
to the deposit insurance assessment
process.

ACHIEVED.
SEE PG. 27.

Finalize aspects of the interagency
capital simplification proposal issued
in September 2017, including changes
to the regulatory capital treatment of
mortgage servicing assets, deferred
tax assets, investment in the capital
instruments of other financial
institutions, and minority interest.

ACHIEVED.
SEE PG. 26.

Issue interagency final rules to adopt
the statutory definition of high
volatility commercial real estate for
risk based capital.

ACHIEVED.
SEE PGS. 27-28.

Reevaluate and take appropriate
actions on Basel III requirements for
small banks that do not meet or are
not eligible for the community bank
leverage ratio.

ACHIEVED.
SEE PG. 26.

Issue a final rule, by December 31,
2019, to implement the Net Stable
Funding Ratio (NSFR).

NOT ACHIEVED.
SEE PG. 26.

Issue interagency final rules to tailor
capital requirements for large financial
institutions.

ACHIEVED.
SEE PGS. 25-26.

Issue interagency rulemaking
to remove certain central bank
deposits from the denominator of
the supplementary leverage ratio for
custodial banks.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED.
SEE PG. 27.

59

ANNUAL
REPORT
2019 SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
#

4

60

ANNUAL
PERFORMANCE GOAL

Implement strategies
to promote enhanced
cybersecurity and business
continuity within the
banking industry.

INDICATOR

TARGET

RESULTS

Enhance the
cybersecurity awareness
and preparedness of the
banking industry.

Continue to conduct horizontal
reviews that focus on the IT risks
in large and complex supervised
institutions and in technology service
providers.

ACHIEVED.
SEE PGS. 19-20.

Continue to use the Cybersecurity
Examination Program for the
most significant service provider
examinations.

ACHIEVED.
SEE PGS. 19-20.

Improve the analysis and sharing
of cybersecurity-related threat
information with financial
institutions.

ACHIEVED.
SEE PGS. 19-20.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2019
2019 SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Consumers’ rights are protected, and FDIC-supervised institutions invest in their communities.
#

1

2

ANNUAL
PERFORMANCE GOAL

INDICATOR

Conduct on-site CRA
and consumer compliance
examinations to assess
compliance with applicable
laws and regulations
by FDIC-supervised
institutions. When
violations are identified,
promptly implement
appropriate corrective
programs and follow up
to ensure that identified
problems are corrected.
Effectively investigate and
respond to written consumer
complaints and inquiries
about FDIC-supervised
financial institutions.

TARGET

RESULTS

Conduct all required examinations
Percentage of
examinations conducted within the timeframes established.
in accordance with the
timeframes prescribed
by FDIC policy.

ACHIEVED.
SEE PG. 18.

Implementation of
corrective programs.

ACHIEVED.
SEE PG. 18.

Timely responses to
written consumer
complaints and
inquiries.

Public availability
of information on
consumer complaints.

Conduct visits and/or follow-up
examinations in accordance with
established FDIC processes to
ensure that the requirements of
any corrective program have been
implemented and are effectively
addressing identified violations.
Respond to 95 percent of written
consumer complaints and inquiries
within timeframes established by
policy, with all complaints and
inquiries receiving at least an initial
acknowledgement within two weeks.

ACHIEVED.
SEE PGS. 43-44.

Publish, through the Consumer
Response Center (CRC), an annual
report regarding the nature of the
FDIC’s interactions with consumers
and depositors.

ACHIEVED.
SEE PG. 39.

Publish, on the FDIC’s website, and
regularly update metrics on requests
from the public for FDIC assistance.

ACHIEVED.
SEE PG. 39.

P E R F O R M A N C E R E S U LT S S U M M A R Y

61

ANNUAL
REPORT
2019 SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Consumers’ rights are protected, and FDIC-supervised institutions invest in their communities.
#

3

ANNUAL
PERFORMANCE GOAL

INDICATOR

Promote economic inclusion Completion of planned
and access to responsible
initiatives.
financial services through
supervisory, research, policy,
and consumer/community
affairs initiatives.

TARGET

Administer the 2019 Survey of
the Unbanked and Underbanked
Households.

ACHIEVED.
SEE PG. 38.

Conduct outreach to institutions
and the public to expand the
availability and usage of low-cost
transaction accounts tailored to the
needs of unbanked and underbanked
households.

ACHIEVED.
SEE PGS. 37-38.

Expand the reach of the new Money
Smart for Adults through online
resources, translating the curriculum
into other languages, and outreach.

ACHIEVED.
SEE PG. 41.

Strengthen connections between
small businesses and FDIC-insured
institutions.

ACHIEVED.
SEE PG. 40.

Increase engagement and
collaboration with, and provide
support for, Minority Depository
Institutions (MDIs).

62

RESULTS

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED.
SEE PGS. 21-23.

2019
2019 SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Large and complex financial institutions are resolvable under the Bankruptcy Code.
#

1

ANNUAL
PERFORMANCE GOAL

Identify and address risks
in large, complex financial
institutions, including those
designated as systemically
important.

INDICATOR

Rulemaking for
resolution planning
requirements.

Compliance with the
statutory and regulatory
requirements under
Title I of the DoddFrank Act and Section
360.10 of the FDIC
Rules and Regulations.

Risk monitoring of
large, complex financial
institutions, bank
holding companies, and
designated nonbanking
firms.

TARGET

RESULTS

Complete interagency rulemaking
with the FRB to tailor application
of resolution planning requirements
under Section 165(d) of the DoddFrank Act.

ACHIEVED.
SEE PG. 34.

Issue an ANPR to tailor and make
adjustments to the FDIC’s resolution
planning requirements for IDIs.

ACHIEVED.
SEE PG. 35.

In collaboration with the FRB,
review all resolution plans subject to
the requirements of Section 165(d)
of Dodd-Frank Act to ensure their
conformance to statutory and other
regulatory requirements. Identify
and provide feedback to firms on
potential impediments in those plans
to resolution under the Bankruptcy
Code.

ACHIEVED.
SEE PG. 35.

Review resolution plans subject to the
requirements of Section 360.10 of the
Insured Depository Institutions (IDI)
Rule to ensure their conformance to
other regulatory requirements.

ACHIEVED.
SEE PG. 35.

Conduct ongoing risk analysis and
monitoring of large, complex financial
institutions to understand and assess
their structure, business activities, risk
profiles, and resolution and recovery
plans.

ACHIEVED.
SEE PGS. 35-36.

P E R F O R M A N C E R E S U LT S S U M M A R Y

63

ANNUAL
REPORT
2019 RECEIVERSHIP MANAGEMENT PROGRAM RESULTS
Strategic Goal: Resolutions are orderly and receiverships are managed effectively.
#

ANNUAL
PERFORMANCE GOAL

1

Value, manage, and market
assets of failed institutions
and their subsidiaries in a
timely manner to maximize
net return.

2

Manage the receivership
estate and its subsidiaries
toward an orderly
termination.

3

Conduct investigations into
all potential professional
liability claim areas for all
failed IDIs and decide as
promptly as possible to
close or pursue each claim,
considering the size and
complexity of the institution.
Ensure the FDIC’s
operational readiness to
administer the resolution of
large financial institutions,
including those designated as
systemically important.

4

64

INDICATOR

TARGET

RESULTS

Percentage of the assets For at least 95 percent of insured
marketed for each failed institution failures, market at least
institution.
90 percent of the book value of the
institution’s marketable assets within
90 days of the failure date (for cash
sales) and within 120 days of the date
that the pool of similar assets is of
sufficient size to bring to market (for
structured sales).
Timely termination of
Terminate at least 75 percent of new
new receiverships.
receiverships that are not subject to
loss-share agreements, structured sales,
or other legal impediments within
three years of the date of failure.
Percentage of
For 80 percent of all claim areas,
investigated claim areas make a decision to close or pursue
for which a decision has professional liability claims within 18
been made to close or
months of the failure of an insured
pursue the claim.
depository institution.

ACHIEVED.
SEE PG. 45.

Refinement of
resolution plans and
strategies.

Continue to refine plans to ensure
the FDIC’s operational readiness to
administer the resolution of large,
complex financial institutions.

ACHIEVED.
SEE PG. 36.

Continued crossborder coordination
and cooperation in
resolution planning.

Continue to deepen and strengthen
bilateral working relationships
with key foreign jurisdictions, both
on a bilateral basis and through
multilateral fora.

ACHIEVED.
SEE PGS. 36-37.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED.
SEE PG. 45.

ACHIEVED.
SEE PG. 46.

2019
PRIOR YEARS’ PERFORMANCE RESULTS
Refer to the respective full Annual Report of prior years, located on the FDIC’s website for more information on
performance results for those years. Shaded areas indicate no such target existed for that respective year.

INSURANCE PROGRAM RESULTS
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Respond promptly to all insured financial institution
closings and related emerging issues.
♦ Depositors have access to insured funds within
one business day if the failure occurs on a Friday.
♦ Depositors have access to insured funds within two
business days if the failure occurs on any other day
of the week.
♦ Depositors do not incur any losses on
insured deposits.
♦ No appropriated funds are required to pay
insured depositors.
2. Disseminate data and analyses on issues and risks
affecting the financial services industry to bankers,
supervisors, the public, and other stakeholders on
an ongoing basis.
♦ Disseminate results of research and analyses in
a timely manner through regular publications,
ad hoc reports, and other means.
♦ Undertake industry outreach activities to inform
bankers and other stakeholders about current trends,
concerns, and other available FDIC resources.
3. Adjust assessment rates, as necessary, to achieve a
DIF reserve ratio of at least 1.35 percent of estimated
insured deposits by September 30, 2020.
♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2018, and
December 31, 2018.
♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2017, and
December 31, 2017.
♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2016, and
December 31, 2016.
♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2015, and
December 31, 2015.

2018

2017

2016

2015

2014

N/A – NO
FAILURES.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

N/A – NO
FAILURES.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

N/A – NO
FAILURES.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

N/A – NO
FAILURES.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED.

ACHIEVED.

65

ANNUAL
REPORT
INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
Annual Performance Goals and Targets

♦ Provide updated fund balance projections to the
FDIC Board of Directors by June 30, 2014, and
December 31, 2014.
♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2018, and December 31, 2018.
♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2017, and December 31, 2017.
♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2016, and December 31, 2016.
♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2015, and December 31, 2015.
♦ Provide progress reports to the FDIC Board of
Directors by June 30, 2014, and December 31, 2014.
♦ Recommend changes to deposit insurance assessment
rates to the FDIC Board of Directors as necessary.
4. Expand and strengthen the FDIC’s participation and
leadership role in supporting robust and effective deposit
insurance programs, resolution strategies, and banking
systems worldwide.
♦ Foster strong relationships with international banking
regulators, deposit insurers, and other relevant
authorities by engaging with strategically important
jurisdictions and organizations on international
financial safety net issues.
♦ Provide leadership and expertise to key international
organizations and associations that promote sound
deposit insurance and effective bank supervision and
resolution practices.
♦ Promote international standards and expertise in
financial regulatory practices and stability through the
provision of technical assistance and training to global
financial system authorities.
♦ Continue to play leadership roles within key
international organizations and associations and
promote sound deposit insurance, bank supervision,
and resolution practices.
♦ Promote continued enhancement of international
standards and expertise in financial regulatory
practices and stability through the provision of
technical assistance and training to global financial
system authorities.

66

2018

2017

2016

2015

2014

ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.
ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED.

ACHIEVED.

2019
INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
Annual Performance Goals and Targets

2018

2017

♦ Develop and foster closer relationships with bank
supervisors in the reviews through the provision of
technical assistance and by leading governance efforts
in the Association of Supervisors of Banks of the
Americas (ASBA).
♦ Maintain open dialogue with counterparts in
strategically important jurisdictions, international
financial organizations and institutions, and partner
U.S. agencies; and actively participate in bilateral
interagency regulatory dialogues.
♦ Maintain open dialogue with counterparts in
strategically important jurisdictions, international
financial organizations and institutions, and partner
U.S. agencies.
♦ Maintain a leadership position in the International
Association of Deposit Insurers (IADI) by conducting
workshops and performing assessments of deposit
insurance systems based on the methodology for
assessment of compliance with the IADI Core
Principles for Effective Deposit Insurance Systems
(Core Principles), developing and conducting training
on priority topics identified by IADI members, and
actively participating in IADI’s Executive Council
and Standing Committees.
♦ Maintain open dialogue with the Association of
Supervisors of Banks of the Americas (ASBA) to
develop and foster relationships with bank supervisors
in the region by providing assistance when necessary.
♦ Engage with authorities responsible for resolutions
and resolutions planning in priority foreign
jurisdictions and contribute to the resolution-related
agenda of the Financial Stability Board (FSB) through
active participation in the FSB’s Resolution Steering
Group (ReSG).
♦ Engage with authorities responsible for resolutions
and resolutions planning in priority foreign
jurisdictions.
♦ Contribute to the resolution-related agenda of the
Financial Stability Board (FSB) through active
participation in the FSB’s Resolution Steering Group
and its working groups.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2016

2015

2014

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

67

ANNUAL
REPORT
INSURANCE PROGRAM RESULTS (continued)
Strategic Goal: Insured depositors are protected from loss without recourse to taxpayer funding.
Annual Performance Goals and Targets

2018

2017

2016

♦ Actively participate in bilateral interagency regulatory
dialogues.
♦ Support visits, study tours, secondments, and longerterm technical assistance and training programs for
representatives for foreign jurisdictions to strengthen
their deposit insurance organizations, central banks,
bank supervisors, and resolution authorities.
5. Market failing institutions to all known qualified and
interested potential bidders.
♦ Contact all known qualified and interested bidders.

2015

2014

ACHIEVED.

N/A – NO
FAILURES.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

6. Provide educational information to insured depository
institutions and their customers to help them
understand the rules for determining the amount of
insurance coverage on deposit accounts.
♦ Respond within two weeks to 95 percent of written
ACHIEVED. ACHIEVED. ACHIEVED. ACHIEVED. ACHIEVED.
inquiries from consumers and bankers about FDIC
deposit insurance coverage.
♦ Conduct at least four telephone or in-person seminars
ACHIEVED. ACHIEVED. ACHIEVED. ACHIEVED.
for bankers on deposit insurance coverage.
♦ Conduct at least 12 telephone or in-person seminars
ACHIEVED.
for bankers on deposit insurance coverage.
♦ Complete and post on the FDIC website videos
ACHIEVED.
for bankers and consumers on deposit insurance
coverage.

68

P E R F O R M A N C E R E S U LT S S U M M A R Y

2019
SUPERVISION PROGRAM RESULTS
Strategic Goal: FDIC-insured institutions are safe and sound.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Conduct on-site risk management examinations to assess
the overall financial condition, management practices
and policies, and compliance with applicable laws and
regulations of FDIC-supervised depository institutions.
When problems are identified, promptly implement
appropriate corrective programs, and follow up to ensure
that identified problems are corrected.
♦ Conduct all required risk management examinations
within the time frames prescribed by statute and
FDIC policy.
♦ For at least 90 percent of institutions that are assigned
a composite CAMELS rating of 2 and for which the
examination report identifies “Matters Requiring
Board Attention” (MRBAs), review progress reports
and follow up with the institution within six months
of the issuance of the examination report to ensure
that all MRBAs are being addressed.
♦ Implement formal or informal enforcement
actions within 60 days for at least 90 percent of
all institutions that are newly downgraded to a
composite Uniform Financial Institutions Rating of
3, 4, or 5.
2. Assist in protecting the infrastructure of the U.S.
banking system against terrorist financing, money
laundering, and other financial crimes.
♦ Conduct all Bank Secrecy Act examinations within
the time frames prescribed by statute and FDIC
policy.
3. Ensure that regulatory capital standards promote banks’
resilience under stress and the confidence of their
counterparties.
♦ Finalize a Notice of Proposed Rulemaking (NPR)
for a simplified risk-based capital framework for
community banks.
♦ Finalize the Basel III Net Stable Funding Ratio
(NSFR).

2018

2017

2016

2015

2014

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED. ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

SUBSTANTIALLY
ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED. ACHIEVED.

NOT
ACHIEVED.
NOT
ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

69

ANNUAL
REPORT
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
Annual Performance Goals and Targets

2018

2017

2016

2015

2014

4. More closely align regulatory capital standards with risk
and ensure that capital is maintained at prudential levels.
♦ Issue a Notice of Proposed Rulemaking (NPR) for a
ACHIEVED.
simplified capital framework for community banks.
NOT
♦ Issue a final rule implementing the Basel III Net
ACHIEVED.
Stable Funding Ratio.
♦ Publish in 2016, a Notice of (proposed) Rulemaking
ACHIEVED.
on the Basel III Net Stable Funding Ratio.
♦ Publish by December 31, 2015, an interagency
NOT
Notice of Proposed Rulemaking on implementation
ACHIEVED.
of the Basel III Net Stable Funding Ratio.
♦ Finalize Basel III reporting instructions in time to
ensure that institutions that are using the advanced
ACHIEVED.
approaches can implement Basel III in the first
quarter of 2014 and that all IDIs can implement the
standardized approach in the first quarter of 2015.
♦ Publish a final Basel Liquidity Coverage Rule,
ACHIEVED.
in collaboration with other regulators by
December 31, 2014.
♦ Publish a final rule implementing the Basel III capital
ACHIEVED.
accord in collaboration with other regulators, by
December 31, 2014.
♦ Finalize, in collaboration with other regulators, an
ACHIEVED.
enhanced U.S. supplementary leverage ratio standard
by December 31, 2014.
5. Implement strategies to promote enhanced information
security, cybersecurity, and business continuity within
the banking industry.
♦ Continue implementation of a horizontal review
program that focuses on the IT risks in large and
ACHIEVED. ACHIEVED.
complex supervised institutions and Technology
Service Providers (TSPs).
♦ Continue implementation of the Cybersecurity
Examination Program for the most significant service ACHIEVED.
provider examinations.
♦ Revise and implement by December 31, 2017, the
ACHIEVED.
Cybersecurity Examination Tool for TSPs.
♦ Establish a horizontal review program that focuses
ACHIEVED.
on the IT risks in large and complex supervised
institutions and Technology Service providers (TSPs).

70

P E R F O R M A N C E R E S U LT S S U M M A R Y

2019
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
Annual Performance Goals and Targets

2018

2017

♦ Complete by June 30, 2016, examiner training and
implement by September 30, 2016, the new IT
examination work program to enhance focus on
information security, cybersecurity, and business
continuity.
♦ Enhance the technical expertise of the IT supervisory
workforce.
♦ Working with FFIEC counterparts, update
and strengthen IT guidance to the industry on
cybersecurity preparedness.
♦ Working with the FFIEC counterparts, update
and strengthen IT examination work programs for
institutions and technology service providers (TSPs)
to evaluate cybersecurity preparedness and cyber
resiliency.
♦ Improve information sharing on identified
technology risks among the IT examination
workforces of FFIEC member agencies.
♦ In coordination with the FFIEC, implement
recommendations to enhance the FDIC’s supervision
of the IT risks at insured depository institutions and
their technology service providers.
6. Identify and address risks in financial institutions
designated as systemically important.
♦ Conduct ongoing risk analysis and monitoring of
SIFIs to understand their structure, business activities
and risk profiles, and their resolution and recovery
capabilities.
♦ Complete, in collaboration with the Federal
Reserve Board and in accordance with statutory and
regulatory timeframes, all required actions associated
with the review of resolution plans submitted by
financial companies subject to the requirements of
Section 165 (d) of the Dodd-Frank Act.
♦ Hold at least one meeting of the Systemic Resolution
Advisory Committee to obtain feedback on resolving
SIFIs.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2016

2015

2014

ACHIEVED.

ACHIEVED.
ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

71

ANNUAL
REPORT
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Consumers’ rights are protected, and FDIC-supervised institutions invest in their communities.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Conduct on-site CRA and consumer compliance
examinations to assess compliance with applicable
laws and regulations by FDIC-supervised depository
institutions. When violations are identified, promptly
implement appropriate corrective programs and follow
up to ensure that identified problems are corrected.
♦ Conduct all required examinations within the time
frames established by FDIC policy.
♦ Conduct visits and/or follow-up examinations in
accordance with established FDIC policies to ensure
that the requirements of any required corrective
program have been implemented and are effectively
addressing identified violations.
♦ Conduct 100 percent of required examinations
within the time frames established by FDIC policy.
2. Effectively investigate and respond to written consumer
complaints and inquiries about FDIC-supervised
financial institutions.
♦ Respond to 95 percent of written consumer
complaints and inquiries within time frames
established by policy, with all complaints and
inquiries receiving at least an initial acknowledgment
within two weeks.
3. Promote economic inclusion and access to responsible
financial services through supervisory, research, policy,
and consumer/community affairs initiatives.
♦ Publish the results of the 2017 FDIC National
Survey of Unbanked and Underbanked Households.
♦ Complete planning for the 2019 FDIC National
Survey of Unbanked and Underbanked Households.

72

2018

2017

2016

2015

2014

SUBSTANTIALLY
ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

SUBSTANTIALLY
ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED. ACHIEVED.

SUBSTANTIALLY
ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.
ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

ACHIEVED. ACHIEVED.

2019
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
Annual Performance Goals and Targets

2018

2017

2016

2015

2014

♦ Continue to promote broader access to and use of
low-cost transaction and savings accounts to build
banking relationships that will meet the needs of
ACHIEVED.
unbanked and underbanked households by increasing
the current level of engagement from 10 communities
to 15 communities.
♦ Launch the revised Money Smart for Adults
ACHIEVED.
curriculum.
♦ Revise and administer the 2017 FDIC National
ACHIEVED.
Survey of Unbanked and Underbanked Households.
♦ Continue and expand efforts to promote broader
awareness of the availability of low-cost transaction
ACHIEVED.
accounts consistent with the FDIC’s Model SAFE
transaction account template.
♦ Complete and pilot a revised, instructor-led Money
ACHIEVED.
Smart for Adults product.
♦ Publish the results of the 2015 FDIC National
ACHIEVED.
Survey of Unbanked and Underbanked Household.
♦ Complete and present to the Advisory Committee
on Economic Inclusions (ComE-IN) a report on the
ACHIEVED.
pilot Youth Savings Program (YSP) conducted jointly
with the CFPB.
♦ Revise, test, and administer the 2015 FDIC National
ACHIEVED.
Survey of Unbanked and Underbanked Household.
♦ Publish the results of the 2013 FDIC National Survey
ACHIEVED.
of Unbanked and Underbanked Households (conducted
jointly with the U.S. Census Bureau).
♦ Promote broader awareness of the availability of lowACHIEVED.
cost transaction accounts consistent with the FDIC’s
Model SAFE transaction account template.
♦ Support the Advisory Committee on Economic
Inclusion in expanding the availability and awareness
ACHIEVED.
of low-cost transaction accounts, consistent with the
FDIC’s SAFE account template.
♦ Implement the strategy outlined in the work plan
approved by the Advisory Committee on Economic
ACHIEVED.
Inclusion to support the expanded availability of
SAFE accounts and the responsible use of technology,
to expand banking services to the underbanked.

P E R F O R M A N C E R E S U LT S S U M M A R Y

73

ANNUAL
REPORT
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: FDIC-insured institutions are safe and sound.
Annual Performance Goals and Targets

2018

2017

♦ In partnership with the Consumer Financial
Protection Bureau, enhance financial capability
among school-age children through (1) development
and delivery of tailored financial education materials;
(2) resources and outreach targeted to youth, parents,
and teachers; and (3) implementation of a pilot youth
savings program.
♦ Facilitate opportunities for banks and community
stakeholders to address issues concerning access to
financial services, community development, and
financial education.

74

P E R F O R M A N C E R E S U LT S S U M M A R Y

2016

2015

2014

ACHIEVED.

ACHIEVED.

2019
SUPERVISION PROGRAM RESULTS (continued)
Strategic Goal: Large and complex financial institutions are resolvable in an orderly manner under bankruptcy.
ANNUAL PERFORMANCE GOALS AND TARGETS

2018

2017

2016

2015

2014

1. Identify and address risks in large and complex financial
institutions, including those designated as systemically
important.
♦ In collaboration with the FRB continue to review
all resolution plans subject to the requirements
of Section 165(d) of the DFA to ensure their
ACHIEVED. ACHIEVED. ACHIEVED.
conformance to statutory and other regulatory
requirements. Identify potential impediments in
those plans to resolution under the Bankruptcy Code.
♦ Continue to review all resolution plans subject
to the requirements of Section 360.10 of the IDI
rule to ensure their conformance to statutory and
ACHIEVED. ACHIEVED. ACHIEVED.
other regulatory requirements. Identify potential
impediments to resolvability under the Federal
Deposit Insurance (FDI) Act.
♦ Conduct ongoing risk analysis and monitoring of
large, complex financial institutions to understand
ACHIEVED. ACHIEVED. ACHIEVED.
and assess their structure, business activities, risk
profiles, and resolution and recovery plans.
♦ Conduct ongoing risk analysis and monitoring of
large, complex financial institutions to understand
ACHIEVED.
and assess their structure, business activities, risk
profiles, and resolution and recovery plans.
♦ Complete, in collaboration with the FRB and in
accordance with statutory and regulatory time frames,
a review of resolution plans submitted by individual
ACHIEVED.
financial companies subject to the requirements of
section 165 (d) of DFA and Part 360.10 of the FDIC
Rules and Regulations.

P E R F O R M A N C E R E S U LT S S U M M A R Y

75

ANNUAL
REPORT
RECEIVERSHIP MANAGEMENT PROGRAM RESULTS
Strategic Goal: Resolutions are orderly and receiverships are managed effectively.
ANNUAL PERFORMANCE GOALS AND TARGETS

1. Value, manage, and market assets of failed institutions
and their subsidiaries in a timely manner to maximize
net return.
♦ For at least 95 percent of insured institution failures,
market at least 90 percent of the book value of the
institution’s marketable assets within 90 days of the
failure date (for cash sales) or 120 days of the date
that the pool of similar assets is of sufficient size to
bring to market (for structured sales).
♦ For at least 95 percent of insured institution failures,
market at least 90 percent of the book value of the
institution’s marketable assets within 90 days of the
failure date (for cash sales) or 120 days of the failure
date (for structured sales).
2. Manage the receivership estate and its subsidiaries
toward an orderly termination.
♦ Terminate at least 75 percent of new receiverships
that are not subject to loss-share agreements,
structured sales, or other legal impediments, within
three years of the date of failure.
3. Conduct investigations into all potential professional
liability claim areas for all failed insured depository
institutions, and decide as promptly as possible, to
close or pursue each claim, considering the size and
complexity of the institution.
♦ For 80 percent of all claim areas, make a decision
to close or pursue professional liability claims within
18 months of the failure date of an insured depository
institution.
4. Ensure the FDIC’s operational readiness to administer
the resolution of large financial institutions, including
those designated as systemically important.
♦ Continue to refine plans to ensure the FDIC’s
operational readiness to administer the resolution
of large financial institutions under Title II of the
DFA, including those nonbank financial companies
designated as systemically important.
♦ Refine plans to ensure the FDIC’s operational
readiness to administer the resolution of large
financial institutions including those designated as
systemically important.

76

2018

2017

2016

2015

2014

ACHIEVED.

ACHIEVED.

ACHIEVED. ACHIEVED.

N/A – NO
FAILURES.

ACHIEVED.

ACHIEVED.

ACHIEVED. ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED. ACHIEVED.

ACHIEVED.

ACHIEVED.

N/A – NO
FAILURES.

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2019
RECEIVERSHIP MANAGEMENT PROGRAM RESULTS (continued)
Strategic Goal: Resolutions are orderly and receiverships are managed effectively.
Annual Performance Goals and Targets

♦ Continue to deepen and strengthen bilateral working
relationships with key foreign jurisdictions.
♦ Hold a meeting of the Systemic Resolution Advisory
Committee in early 2016 to obtain feedback on
resolving SIFIs.
5. Ensure the FDIC’s operational readiness to resolve a
large, complex financial institution using the orderly
liquidation authority in Title II of the DFA.
♦ Update and refine firm-specific resolutions plans and
strategies and develop operational procedures for the
administration of a Title II receivership.
♦ Prepare for an early 2016 meeting of the Systemic
Resolution Advisory Committee to obtain feedback
on resolving SIFIs.
♦ Continue to deepen and strengthen bilateral working
relationships with key foreign jurisdictions.

2018

2017

2016

ACHIEVED.

ACHIEVED.

ACHIEVED.

P E R F O R M A N C E R E S U LT S S U M M A R Y

2015

2014

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

ACHIEVED.

77

THIS PAGE INTENTIONALLY LEFT BLANK

III.

FINANCIAL HIGHLIGHTS

THIS PAGE INTENTIONALLY LEFT BLANK

2019
In its role as insurer of bank and savings association
deposits, the FDIC promotes the safety and soundness of
insured depository institutions. The following financial
highlights address the performance of the Deposit
Insurance Fund.

DEPOSIT INSURANCE
FUND PERFORMANCE
The DIF balance was $110.3 billion at December 31, 2019,
an increase of $7.7 billion from the year-end 2018 balance
of $102.6 billion. The DIF’s comprehensive income totaled
$7.7 billion for 2019 compared to comprehensive income
of $9.9 billion during 2018. The $2.2 billion year-overyear decrease was primarily due to a $4.6 billion decrease
in assessment revenue partially offset by a $1.8 billion
increase in interest and unrealized gains on U.S. Treasury
securities.
Assessment revenue was $4.9 billion for 2019, compared
to $9.5 billion for 2018. The $4.6 billion year-overyear decrease was primarily due to the cessation of the
surcharge assessment on large institutions effective
October 1, 2018, as a result of the reserve ratio exceeding
the required minimum of 1.35 percent as of September
30, 2018. In addition, assessment revenue was reduced in
2019 for actual and expected small bank assessment credit
usage of $704 million.
The DIF’s interest revenue on U.S. Treasury securities
for 2019 was $2.1 billion, compared to $1.6 billion
in 2018. The $484 million year-over-year increase
resulted primarily from a steady growth in the investment
portfolio balance.

In addition, the DIF recognized an unrealized gain on
U.S. Treasury securities of $1.2 billion, up from a $136
million unrealized loss in 2018. The unrealized gain in
2019 was the result of yields declining across all maturity
sectors of the Treasury yield curve, resulting in increases in
the securities’ market values relative to their book values.
The provision for insurance losses was a negative $1.3
billion for 2019, compared to negative $563 million
for 2018. The negative provision for 2019 primarily
resulted from a decrease to the estimated losses for
prior year failures, attributable to: (1) a decrease in
receivership shared-loss liability cost estimates of $575
million primarily due to lower-than-anticipated losses on
covered assets, reductions in shared-loss cost estimates
from expirations and early terminations of shared-loss
agreements during the year, and higher true-up recoveries
(projected to be received at expiration if actual losses
at expiration are lower than originally estimated); (2)
$465 million of unanticipated recoveries received by
receiverships from litigation settlements and professional
liability claims; and (3) a $118 million reduction in future
receivership expense estimates.
The DIF’s cash, cash equivalents, and U.S. Treasury
investment portfolio balances increased by $7.6 billion
during 2019 to $106.1 billion at year-end 2019, from $98.5
billion at year-end 2018. This increase was primarily due
to assessment collections of $5.1 billion, interest received
on U.S. Treasury securities of $2.0 billion, and recoveries
from resolutions of $1.7 billion, less operating expenses
paid of $1.7 billion.

FINANCIAL HIGHLIGHTS

81

ANNUAL
REPORT
ESTIMATED DIF INSURED DEPOSITS
$8,000

Dollars in Billions

$7,000
$6,000
$5,000
$4,000
$3,000
$2,000
$1,000
9
9-1
9
6-1
9
3-1
-18
12
8
9-1
8
6-1
8
3-1
-17
12
7
9-1
7
6-1
7
3-1
-16
12
6
9-1
6
6-1
6
3-1
-15
12
5
9-1
5
6-1
5
3-1
-14
12
4
9-1
4
6-1
4
3-1
-13
12
3
9-1
3
6-1
3
3-1
-12
12
2
9-1
2
6-1
2
3-1
-11
12
1
9-1

1
6-1
1
3-1

0

SOURCE: Commercial Bank Call and Thrift Financial Reports
Note: Beginning in fourth quarter 2010 through fourth quarter 2012, estimated insured deposits include the entire balance of noninterestbearing transaction accounts.

DEPOSIT INSURANCE FUND RESERVE RATIOS

Fund Balance as a Percent
of Estimated Insured Deposits

1.4
1.2
1.0
0.8
0.6
0.4
0.2
0.0
-0.2
9
9-1
9
6-1
9
3-1
-18
12
8
9-1
8
6-1
8
3-1
-17
12
7
9-1
7
6-1
7
3-1
-16
12
6
9-1
6
6-1
6
3-1
-15
12
5
9-1
5
6-1
5
3-1
-14
12
4
9-1
4
6-1
4
3-1
-13
12
3
9-1
3
6-1
3
3-1
-12
12
2
9-1
2
6-1
2
3-1
-11
12
1
9-1
1
6-1
1
3-1

82

FINANCIAL HIGHLIGHTS

2019
DEPOSIT INSURANCE FUND SELECTED STATISTICS
Dollars in Millions
For the years ended December 31
2019

2018

2017

$7,095

$11,171

$11,664

1,796

1,765

1,739

(1,282)

(560)

(181)

Net Income

6,582

9,966

10,105

Comprehensive Income

7,738

9,861

9,586

Insurance Fund Balance

$110,347

$102,609

$92,747

1

1.41%

1.36%

1.30%

5,2561

5,406

5,670

55

1

60

95

$48,7791

$48,489

$13,939

4

0

8

$209

$0

$5,082

248

272

338

Financial Results
Revenue
Operating Expenses
Insurance and Other Expenses (includes provision for losses)

Fund as a Percentage of Insured Deposits (reserve ratio)
Selected Statistics
Total DIF-Member Institutions2
Problem Institutions
Total Assets of Problem Institutions
Institution Failures
Total Assets of Failed Institutions in Year

3

Number of Active Failed Institution Receiverships
1

As of September 30, 2019.

2

Commercial banks and savings institutions. Does not include U.S. insured branches of foreign banks.

3

Total Assets data are based upon the last Call Report filed by the institution prior to failure.

FINANCIAL HIGHLIGHTS

83

THIS PAGE INTENTIONALLY LEFT BLANK

IV.

BUDGET AND SPENDING

THIS PAGE INTENTIONALLY LEFT BLANK

2019
FDIC OPERATING BUDGET
The FDIC segregates its corporate operating budget
and expenses into three discrete components: ongoing
operations, receivership funding, and the Office of
Inspector General (OIG). The receivership funding
component represents expenses resulting from financial
institution failures and is, therefore, largely driven by
external forces and is less controllable and estimable.
FDIC operating expenditures totaled $1.9 billion in 2019,
including $1.8 billion in ongoing operations, $75 million
in receivership funding, and $38 million for the OIG.
This represented approximately 96 percent of the approved
budget for ongoing operations, 43 percent of the approved
budget for receivership funding, and 88 percent of the
approved budget for the OIG for the year.
The approved 2020 FDIC Operating Budget of
approximately $2.0 billion consists of $1.9 billion for
ongoing operations, $75 million for receivership funding,

and $43 million for the OIG. The level of approved
ongoing operations budget for 2020 is approximately
$74 million (4.1 percent) higher than the 2019 ongoing
operations budget, while the approved receivership
funding budget is $100 million (57 percent) lower than
the 2019 receivership funding budget. The 2020 OIG
budget is unchanged from the 2019 OIG budget.
As in prior years, the 2020 budget was formulated
primarily on the basis of an analysis of projected workload
for each of the FDIC’s three major business lines and its
program support functions. The most significant factor
contributing to the decrease in the FDIC Operating
Budget is the improving health of the industry and
the resultant reduction in failure related workload.
Although savings in this area are being realized, the
2020 receivership funding budget provides resources for
contractor support should workload in these areas require
an immediate response.

FDIC EXPENDITURES
Dollars in Millions

$3,500
$3,000
$2,500
$2,000
$1,500
$1,000
$500
$0

2010

2011

2012

2013

2014

2015

BUDGET AND SPENDING

2016

2017

2018

2019

87

ANNUAL
REPORT
The FDIC’s Strategic Plan and Annual Performance Plan
provide the basis for annual planning and budgeting for
needed resources. The 2019 aggregate budget (for ongoing
operations, receivership funding, OIG, and investment
spending) was $2.04 billion, while actual expenditures for
the year were $1.86 billion, about $34 million less than
2018 expenditures.

Over the past decade the FDIC’s expenditures have
varied in response to workload. During the last several
years, expenditures have fallen, largely due to decreasing
resolution and receivership activity. To a lesser extent
decreased expenses have resulted from supervision-related
costs associated with the oversight of fewer troubled
institutions.

2019 BUDGET AND EXPENDITURES BY PROGRAM
(Support Allocated)
Dollars in Millions

$1,200
Budget

Expenditures

$900
$600
$300
$0

Supervision
and Consumer
Protection
Program

Receivership
Management
Program

Insurance
Program

General and
Administrative

2019 BUDGET AND
EXPENDITURES BY PROGRAM

or 13 percent, to Corporate General and Administrative
expenditures.

(Excluding Investments)

Actual expenditures for the year totaled $1.86 billion.
Actual expenditures amounts were allocated as follows:
$1.06 billion, or 57 percent, to the Supervision and
Consumer Protection program; $252 million, or
14 percent, to the Receivership Management program;
$324 million, or 17 percent, to the Insurance program;
and $225 million, or 12 percent, to Corporate General
and Administrative expenditures.

The FDIC budget for 2019 totaled approximately $2.04
billion. Budget amounts were allocated as follows: $1.06
billion, or 52 percent, to the Supervision and Consumer
Protection program; $394 million, or 19 percent, to the
Receivership Management program; $323 million, or 16
percent, to the Insurance program; and $264 million,

88

BUDGET AND SPENDING

2019
INVESTMENT SPENDING

approval and monitoring processes also enable the FDIC
to be aware of risks to the major capital investment
projects and facilitate appropriate, timely intervention to
address these risks throughout the development process.
An investment portfolio performance review is provided to
the FDIC’s Board of Directors on a quarterly basis. From
2010-2019, investment spending totaled $103 million and
is estimated at $11 million for 2020.

The FDIC instituted a separate Investment Budget in
2003 to provide enhanced governance of major multiyear development efforts. It has a disciplined process
for reviewing proposed new investment projects and
managing the construction and implementation of
approved projects. Proposed IT projects are carefully
reviewed to ensure that they are consistent with the
FDIC’s enterprise architecture. The project

INVESTMENT SPENDING
Dollars in Millions

$25
$20
$15
$10
$5
$0

2010

2011

2012

2013

2014

2015

2016

BUDGET AND SPENDING

2017

2018

2019

89

THIS PAGE INTENTIONALLY LEFT BLANK

V.

FINANCIAL SECTION

ANNUAL
REPORT

DEPOSIT INSURANCE FUND (DIF)
Federal Deposit Insurance Corporation

Deposit Insurance Fund Balance Sheet

As of December 31
(Dollars in Thousands)

ASSETS

Cash and cash equivalents

Investment in U.S. Treasury securities (Note 3)

$

Assessments receivable (Note 9)

Receivables from resolutions, net (Note 4)
Total Assets
LIABILITIES

Accounts payable and other liabilities
Liabilities due to resolutions (Note 6)

92,708,356

1,020,947

549,791

329,828

1,376,341
3,058,241

328,530

103,795,254

$

214,451 $

198,072

289,462

235,935

Guarantee payments and litigation losses (Notes 7 and 8)

346,271

Commitments and off-balance-sheet exposure (Note 13)

FUND BALANCE

Accumulated Net Income

ACCUMULATED OTHER COMPREHENSIVE INCOME

Unrealized gain (loss) on U.S. Treasury securities, net (Note 3)
Unrealized postretirement benefit (loss) (Note 12)

113,936

977,720

1,186,330

109,820,102

103,238,013

Total Fund Balance
$

33,611

587,268

(615,549)

526,836

(629,089)

(60,432)

Total Accumulated Other Comprehensive Income (Loss)

604,776

93,505
34,031

Total Liabilities

FINANCIAL SECTION

100,071,880

111,324,658 $

Anticipated failure of insured institutions (Note 7)

92

5,773,995

$

Contingent liabilities:

The accompanying notes are an integral part of these financial statements.

5,990,765 $

2,669,270

Postretirement benefit liability (Note 12)

Total Liabilities and Fund Balance

2018

1,241,968

Interest receivable on investments and other assets, net
Property and equipment, net (Note 5)

2019

(13,540)

110,346,938

102,608,924

111,324,658 $

103,795,254

2019
DEPOSIT INSURANCE FUND (DIF)
Federal Deposit Insurance Corporation

Deposit Insurance Fund Statement of Income and Fund Balance

For the Years Ended December 31
(Dollars in Thousands)

REVENUE

Assessments (Note 9)

$

Interest on U.S. Treasury securities
Other revenue

2019

2018

4,939,063 $

9,526,723

2,116,504

39,745

Total Revenue

EXPENSES AND LOSSES

Operating expenses (Note 10)

Provision for insurance losses (Note 11)
Total Expenses and Losses
Net Income
OTHER COMPREHENSIVE INCOME

Unrealized gain (loss) on U.S. Treasury securities, net

11,208

7,095,312

11,170,794

1,795,605

1,764,748

3,149

3,102

(1,285,531)

Insurance and other expenses

1,632,863

(562,622)

513,223

1,205,228

6,582,089

9,965,566

1,202,817

(136,187)

Total Other Comprehensive Income (Loss)

1,155,925

(104,137)

Comprehensive Income

7,738,014

9,861,429

102,608,924

92,747,495

Unrealized postretirement benefit (loss) gain (Note 12)

Fund Balance - Beginning
Fund Balance - Ending

(46,892)

$

110,346,938 $

32,050

102,608,924

The accompanying notes are an integral part of these financial statements.

FINANCIAL SECTION

93

ANNUAL
REPORT

DEPOSIT INSURANCE FUND (DIF)
Federal Deposit Insurance Corporation

Deposit Insurance Fund Statement of Cash Flows

For the Years Ended December 31

2019

(Dollars in Thousands)

OPERATING ACTIVITIES
Provided by:

Assessments

$

Interest on U.S. Treasury securities

Recoveries from financial institution resolutions

5,079,563 $
1,988,763
1,674,857

Miscellaneous receipts

27,895

Used by:

Operating expenses

Disbursements for financial institution resolutions

Net Cash Provided by Operating Activities

10,766,890

1,837,400
3,254,230

18,290

(1,746,598)

(1,744,274)

(2,262)

(3,694)

(256,773)

Miscellaneous disbursements

2018

(353,448)

6,765,445

13,775,394

Maturity of U.S. Treasury securities

34,250,000

27,354,816

Purchase of U.S. Treasury securities

(40,749,953)

(37,140,141)

(6,548,675)

(9,830,597)

INVESTING ACTIVITIES
Provided by:
Used by:

Purchase of property and equipment

(48,722)

Net Cash (Used) by Investing Activities
Net Increase in Cash and Cash Equivalents
Cash and Cash Equivalents - Beginning
Cash and Cash Equivalents - Ending

$

The accompanying notes are an integral part of these financial statements.

94

FINANCIAL SECTION

(45,272)

216,770

3,944,797

5,773,995

1,829,198

5,990,765 $

5,773,995

2019
DEPOSIT INSURANCE FUND

NOTES TO THE FINANCIAL STATEMENTS
December 31, 2019 and 2018
1.

Operations of the Deposit Insurance Fund

OVERVIEW
The Federal Deposit Insurance Corporation (FDIC) is the
independent deposit insurance agency created by Congress
in 1933 to maintain stability and public confidence in the
nation’s banking system. Provisions that govern the FDIC’s
operations are generally found in the Federal Deposit
Insurance (FDI) Act, as amended (12 U.S.C. 1811, et seq). In
accordance with the FDI Act, the FDIC, as administrator of the
Deposit Insurance Fund (DIF), insures the deposits of banks
and savings associations (insured depository institutions). In
cooperation with other federal and state agencies, the FDIC
promotes the safety and soundness of insured depository
institutions (IDIs) by identifying, monitoring, and addressing
risks to the DIF. Commercial banks, savings banks and savings
associations (known as “thrifts”) are supervised by either the
FDIC, the Office of the Comptroller of the Currency, or the
Federal Reserve Board.
In addition to being the administrator of the DIF, the FDIC is
the administrator of the FSLIC Resolution Fund (FRF). The FRF
is a resolution fund responsible for the sale of the remaining
assets and the satisfaction of the liabilities associated with the
former Federal Savings and Loan Insurance Corporation
(FSLIC) and the former Resolution Trust Corporation. The
FDIC maintains the DIF and the FRF separately to support their
respective functions.
Pursuant to the Dodd-Frank Wall Street Reform and
Consumer Protection Act of 2010 (Dodd-Frank Act), the FDIC
also manages the Orderly Liquidation Fund (OLF). Established
as a separate fund in the U.S. Treasury (Treasury), the OLF is
inactive and unfunded until the FDIC is appointed as receiver
for a covered financial company. A covered financial company
is a failing financial company (for example, a bank holding
company or nonbank financial company) for which a systemic
risk determination has been made as set forth in section 203
of the Dodd-Frank Act.
The Dodd-Frank Act (Public Law 111-203) granted the FDIC
authority to establish a widely available program to guarantee
obligations of solvent IDIs or solvent depository institution
holding companies (including affiliates) upon the systemic
risk determination of a liquidity event during times of severe
economic distress. The program would not be funded by the
DIF but rather by fees and assessments paid by all participants
in the program. If fees are insufficient to cover losses or
expenses, the FDIC must impose a special assessment on

participants as necessary to cover the shortfall. Any excess
funds at the end of the liquidity event program would be
deposited in the General Fund of the Treasury.
The Dodd-Frank Act also created the Financial Stability
Oversight Council of which the Chairman of the FDIC is a
member and expanded the FDIC’s responsibilities to include
supervisory review of resolution plans (known as living wills)
and backup examination authority for systemically important
bank holding companies and nonbank financial companies
supervised by the Federal Reserve Board. The living wills
provide for an entity’s rapid and orderly resolution in the
event of material financial distress or failure.
OPERATIONS OF THE DIF
The primary purposes of the DIF are to (1) insure the deposits
and protect the depositors of IDIs and (2) resolve failed IDIs
upon appointment of the FDIC as receiver in a manner that
will result in the least possible cost to the DIF.
The DIF is primarily funded from deposit insurance
assessments and interest earned on investments in U.S.
Treasury securities. Other available funding sources, if
necessary, are borrowings from the Treasury, the Federal
Financing Bank (FFB), Federal Home Loan Banks, and IDIs. The
FDIC has borrowing authority of $100 billion from the
Treasury and a Note Purchase Agreement with the FFB, not to
exceed $100 billion, to enhance the DIF’s ability to fund
deposit insurance.
A statutory formula, known as the Maximum Obligation
Limitation (MOL), limits the amount of obligations the DIF can
incur to the sum of its cash, 90 percent of the fair market value
of other assets, and the amount authorized to be borrowed
from the Treasury. The MOL for the DIF was $209.5 billion and
$201.8 billion as of December 31, 2019 and 2018, respectively.
OPERATIONS OF RESOLUTION ENTITIES
The FDIC, as receiver, is responsible for managing and
disposing of the assets of failed institutions in an orderly and
efficient manner.
The assets held by receiverships,
conservatorships, and bridge institutions (collectively,
resolution entities), and the claims against them, are
accounted for separately from the DIF assets and liabilities to
ensure that proceeds from these entities are distributed
according to applicable laws and regulations. Therefore,
income and expenses attributable to resolution entities are

FINANCIAL SECTION

1

95

ANNUAL
REPORT
DEPOSIT INSURANCE FUND
accounted for as transactions of those entities. The FDIC, as
administrator of the DIF, bills resolution entities for services
provided on their behalf.
2.

Summary of Significant Accounting Policies

GENERAL
The financial statements include the financial position, results
of operations, and cash flows of the DIF and are presented in
accordance with U.S. generally accepted accounting principles
(GAAP). These statements do not include reporting for assets
and liabilities of resolution entities because these entities are
legally separate and distinct, and the DIF does not have any
ownership or beneficial interests in them. Periodic and final
accounting reports of resolution entities are furnished to
courts, supervisory authorities, and others upon request.
USE OF ESTIMATES
The preparation of the financial statements in conformity with
GAAP requires management to make estimates and
assumptions that affect the reported amounts of assets and
liabilities, revenue and expenses, and disclosure of contingent
liabilities. Actual results could differ from these estimates.
Where it is reasonably possible that changes in estimates will
cause a material change in the financial statements in the near
term, the nature and extent of such potential changes in
estimates have been disclosed.
The more significant
estimates include the assessments receivable and associated
revenue; the allowance for loss on receivables from
resolutions (which considers the impact of shared-loss
agreements); the guarantee obligations for structured
transactions; the postretirement benefit obligation; and the
estimated losses for anticipated failures.
CASH EQUIVALENTS
Cash equivalents are short-term, highly liquid investments
consisting primarily of U.S. Treasury Overnight Certificates.
INVESTMENT IN U.S. TREASURY SECURITIES
The FDI Act requires that the DIF funds be invested in
obligations of the United States or in obligations guaranteed
as to principal and interest by the United States. The Secretary
of the Treasury must approve all such investments in excess
of $100,000 and has granted the FDIC approval to invest the
DIF funds only in U.S. Treasury obligations that are purchased
or sold exclusively through the Treasury’s Bureau of the Fiscal
Service’s Government Account Series program.
The DIF’s investments in U.S. Treasury securities are classified
as available-for-sale (AFS). Securities designated as AFS are
shown at fair value. Unrealized gains and losses are reported
as other comprehensive income. Any realized gains and
losses are included in the Statement of Income and Fund

96

Balance as components of net income. Income on securities
is calculated and recorded daily using the effective interest or
straight-line method depending on the maturity of the
security (see Note 3).
REVENUE RECOGNITION FOR ASSESSMENTS
Assessment revenue is recognized for the quarterly period of
insurance coverage based on an estimate. The estimate is
derived from an institution’s regular risk-based assessment
rate and assessment base for the prior quarter adjusted for
certain changes in supervisory examination ratings for larger
institutions, modest assessment base growth and average
assessment rate adjustment factors, and any assessment
credits expected to be applied. At the subsequent quarterend, the estimated revenue amounts are adjusted when actual
assessments for the covered period are determined for each
institution (see Note 9).
CAPITAL ASSETS AND DEPRECIATION
The FDIC buildings are depreciated on a straight-line basis
over a 35- to 50-year estimated life. Building improvements
are capitalized and depreciated over the estimated useful life
of the improvements.
Leasehold improvements are
capitalized and depreciated over the lesser of the remaining
life of the lease or the estimated useful life of the
improvements, if determined to be material. Capital assets
depreciated on a straight-line basis over a five-year estimated
useful life include mainframe equipment; furniture, fixtures,
and general equipment; and internal-use software. Computer
equipment is depreciated on a straight-line basis over a threeyear estimated useful life (see Note 5).
PROVISION FOR INSURANCE LOSSES
The provision for insurance losses primarily represents
changes in the allowance for losses on receivables from
closed banks and the contingent liability for anticipated
failure of insured institutions (see Note 11).
REPORTING ON VARIABLE INTEREST ENTITIES
The receiverships engaged in structured transactions, some of
which resulted in the issuance of note obligations that were
guaranteed by the FDIC, in its corporate capacity. As the
guarantor of note obligations for several structured
transactions, the FDIC, in its corporate capacity, holds an
interest in many variable interest entities (VIEs). The FDIC
conducts a qualitative assessment of its relationship with each
VIE as required by the Financial Accounting Standards Board
(FASB) Accounting Standards Codification (ASC) Topic 810,
Consolidation.
These assessments are conducted to
determine if the FDIC, in its corporate capacity, has (1) the
power to direct the activities that most significantly affect the
economic performance of the VIE and (2) an obligation to
absorb losses of the VIE or the right to receive benefits from

FINANCIAL SECTION

2

2019
NOTES TO THE FINANCIAL STATEMENTS
the VIE that could potentially be significant to the VIE. When
a variable interest holder has met both of these
characteristics, the enterprise is considered the primary
beneficiary and must consolidate the VIE. In accordance with
the provisions of FASB ASC Topic 810, an assessment of the
terms of the legal agreement for each VIE was conducted to
determine whether any of the terms had been activated or
modified in a manner that would cause the FDIC, in its
corporate capacity, to be characterized as a primary
beneficiary. In making that determination, consideration was
given to which, if any, activities were significant to each VIE.
Often, the right to service collateral, to liquidate collateral, or
to unilaterally dissolve the VIE was determined to be the most
significant activity. In other cases, it was determined that the
structured transactions did not include such significant
activities and that the design of the entity was the best
indicator of which party was the primary beneficiary.
The conclusion of these analyses was that the FDIC, in its
corporate capacity, has not engaged in any activity that would
cause the FDIC to be characterized as a primary beneficiary to
any VIE with which it was involved as of December 31, 2019
and 2018. Therefore, consolidation is not required for the
December 31, 2019 and 2018 DIF financial statements. In the
future, the FDIC, in its corporate capacity, may become the
primary beneficiary upon the activation of provisional
contract rights that extend to the FDIC if payments are made
on guarantee claims. Ongoing analyses will be required to
monitor consolidation implications under FASB ASC Topic
810.
The FDIC’s involvement with VIEs is fully described in Note 8
under FDIC Guaranteed Debt of Structured Transactions.
RELATED PARTIES
The nature of related parties and a description of related party
transactions are discussed in Note 1 and disclosed
throughout the financial statements and footnotes.
APPLICATION OF RECENT ACCOUNTING STANDARDS
In June 2016, the FASB issued ASU 2016-13, Financial
Instruments—Credit Losses (Topic 326): Measurement of Credit
Losses on Financial Instruments. The ASU will replace the
incurred loss impairment model with a new expected credit
loss model for financial assets measured at amortized cost
and for off-balance-sheet credit exposures. The guidance
also amends the AFS debt securities impairment model by
requiring the use of an allowance to record estimated credit
losses (and subsequent recoveries) related to AFS debt
securities. In November 2019, the FASB issued ASU 2019-10,
Financial Instruments—Credit Losses (Topic 326), Derivatives
and Hedging (Topic 815), and Leases (Topic 842): Effective
Dates, that changed the effective date of ASU 2016-13 for the
DIF to January 1, 2023. The FDIC does not expect the ASU to

have a material effect on the DIF’s financial position and
results of operations. However, changes to the balance sheet
and certain disclosures will be required.
Other recent accounting standards have been deemed not
applicable or material to the financial statements as
presented.
3.

Investment in U.S. Treasury Securities

The “Investment in U.S. Treasury securities” line item on the
Balance Sheet consisted of the following components by
maturity (dollars in millions).
December 31, 2019

Yield at
Maturity
Purchase
U.S. Treasury notes and bonds
Within 1 year

After 1 year
through 5 years

Face
Value

Net
Carrying
Amount

Unrealized
Holding
Gains

Unrealized
Holding
Losses

Fair
Value

1.93% $

45,550 $

45,928 $

50 $

(11) $

45,967

2.08%

52,900

53,557

555

(7)

54,105

98,450 $

99,485 $

605 $

Total

$

(18) (a) $

100,072

(a) These unrealized losses occurred as a result of temporary changes in market interest rates.
The FDIC does not intend to sell the securities and is not likely to be required to sell them
before their maturity date, thus, the FDIC does not consider these securities to be other than
temporarily impaired at December 31, 2019. As of December 31, 2019, securities with a
continuous unrealized loss position of less than 12 months had an aggregate related fair
value and unrealized loss of $8.6 billion and $8 million, respectively. For those with a
continuous unrealized loss position of 12 months or longer, their aggregate related fair value
and unrealized losses were $13.1 billion and $10 million, respectively.

December 31, 2018

Yield at
Maturity
Purchase
U.S. Treasury notes and bonds
Within 1 year 1.90% $
After 1 year
through 5 years

Total

2.08%
$

Face
Value

Net
Carrying
Amount

28,950 $

28,997 $

64,650

64,327

93,600 $

93,324 $

Unrealized
Holding
Gains

Unrealized
Holding
Losses
0 $

Fair
Value

(104) $

28,893

137

(649)

63,815

137 $

(753) (a) $

92,708

(a) These unrealized losses occurred as a result of temporary changes in market interest rates.
The FDIC does not intend to sell the securities and is not likely to be required to sell them
before their maturity date, thus, the FDIC does not consider these securities to be other than
temporarily impaired at December 31, 2018. As of December 31, 2018, securities with a
continuous unrealized loss position of less than 12 months had an aggregate related fair
value and unrealized loss of $21.6 billion and $77 million, respectively. For those with a
continuous unrealized loss position of 12 months or longer, their aggregate related fair value
and unrealized losses were $53.1 billion and $676 million, respectively.

4.

Receivables from Resolutions, Net

The receivables from resolutions result from DIF payments to
cover obligations to insured depositors (subrogated claims),
advances to resolution entities for working capital, and
administrative expenses paid on behalf of resolution entities.
Any related allowance for loss represents the difference
between the funds advanced and/or obligations incurred and
the expected repayment. Estimated future payments on

FINANCIAL SECTION

3

97

ANNUAL
REPORT
DEPOSIT INSURANCE FUND
losses incurred on assets sold to an acquiring institution
under a shared-loss agreement (SLA) are factored into the
computation of the expected repayment. Assets held by
resolution entities (including structured transaction-related
assets; see Note 8) are the main source of repayment of the
DIF’s receivables from resolutions. The “Receivables from
resolutions, net” line item on the Balance Sheet consisted of
the following components (dollars in thousands).

December 31
Receivables from closed banks

$

Total

$

Allowance for losses

2019

63,981,989 $

(61,312,719)

2,669,270 $

December 31
2018

68,267,737

(65,209,496)
3,058,241

As of December 31, 2019, the FDIC, as receiver, managed 248
active receiverships; four new receiverships were established
in 2019. The resolution entities held assets with a book value
of $3.4 billion as of December 31, 2019, and $5.1 billion as of
December 31, 2018 (including $2.9 billion and $4.0 billion,
respectively, of cash, investments, receivables due from the
DIF, and other receivables).
Estimated cash recoveries from the management and
disposition of assets that are used to determine the allowance
for losses are based on asset recovery rates from several
sources, which may include the following: actual or pending
institution-specific asset disposition data, failed institutionspecific asset valuation data, aggregate asset valuation data
on several recently failed or troubled institutions, sampled
asset valuation data, and empirical asset recovery data based
on failures since 2007. Methodologies for determining the
asset recovery rates incorporate estimating future cash
recoveries, net of applicable liquidation cost estimates, and
discounting based on market-based risk factors applicable to
a given asset’s type and quality. The resulting estimated cash
recoveries are then used to derive the allowance for loss on
the receivables from these resolutions.
For failed institutions resolved using a whole bank purchase
and assumption transaction with an accompanying SLA, the
projected shared-loss payments and the end of agreement
true-up recoveries on the covered residential and commercial
loan assets sold to the acquiring institution under the
agreement are considered in determining the allowance for
loss on the receivables from these resolutions. The sharedloss cost projections are based on the covered assets’ intrinsic
value, which is determined using financial models that
consider the quality and type of covered assets, current and
future market conditions, risk factors, and estimated asset
holding periods. True-up recoveries are projected to be
received at expiration in accordance with the terms of the SLA,

98

if actual losses at expiration are lower than originally
estimated.
For December 31, 2019, the shared-loss cost estimates were
updated for 59 receiverships with active SLAs. Note that all
commercial asset shared-loss coverage expired as of year-end
2018. The updated shared-loss cost projections on the $4.2
billion of remaining residential shared-loss covered assets
were based on the FDIC’s historical loss experience that also
factors in the remaining time period of shared-loss coverage.
In 2019, there were three changes to the calculation of the
allowance for loss on receivables from resolutions. The
calculation for estimating the servicing fee component of the
true-up recoveries was updated from an upfront estimate of
initial assets to an estimate based on actual asset balances
over the life of the agreement to more closely reflect end-ofagreement expected results. In addition, shared-loss cost
projections are based on the FDIC’s historical loss experience
and no longer include pending sales activity; this change was
made to address the seasoned nature of this portfolio. Finally,
the projection of future receivership expenses was adjusted to
reflect lower expected liquidation cost estimates. The effect
of these changes resulted in a reduction of $213 million to the
estimated losses for failed institutions.
Note that estimated asset recoveries are regularly evaluated
during the year, but remain subject to uncertainties because
of potential changes in economic and market conditions,
which may cause the DIF’s actual recoveries to vary
significantly from current estimates.
WHOLE
BANK
PURCHASE
AND
ASSUMPTION
TRANSACTIONS WITH SHARED-LOSS AGREEMENTS
Since the beginning of 2008 through 2013, the FDIC resolved
304 failures using whole bank purchase and assumption
resolution transactions with accompanying SLAs on total
assets of $215.6 billion purchased by the financial institution
acquirers. The acquirer typically assumed all of the deposits
and purchased essentially all of the assets of a failed
institution. The majority of the commercial and residential
loan assets were purchased under an SLA, where the FDIC
agreed to share in future losses and recoveries experienced
by the acquirer on those assets covered under the agreement.
Losses on the covered assets of failed institutions are shared
between the acquirer and the FDIC, in its receivership
capacity, when losses occur through the sale, foreclosure, loan
modification, or charge-off of loans under the terms of the
SLA. The majority of the agreements cover commercial and
single-family loans over a five- to ten-year shared-loss period,
respectively, with the receiver covering 80 percent of the
losses incurred by the acquirer and the acquiring institution

FINANCIAL SECTION

4

2019
NOTES TO THE FINANCIAL STATEMENTS
covering 20 percent. Prior to March 26, 2010, most SLAs
included a threshold amount, above which the receiver
covered 95 percent of the losses incurred by the acquirer.
Recoveries by the acquirer on covered commercial and singlefamily SLA losses are also shared over an eight- to ten-year
period, respectively. Note that future recoveries on SLA losses
are not factored into the DIF allowance for loss calculation
because the amount and timing of such receipts are not
determinable.
The estimated shared-loss liability is accounted for by the
receiver and is included in the calculation of the DIF’s
allowance for loss against the corporate receivable from the
resolution. As shared-loss claims are asserted and proven,
receiverships satisfy these shared-loss payments using
available liquidation funds and/or by drawing on amounts
due from the DIF for funding the deposits assumed by the
acquirer (see Note 6).
Receivership shared-loss transactions are summarized as
follows (dollars in thousands).
December 31
Remaining shared-loss covered assets
Shared-loss payments made to date,

$

December 31

2019

4,205,256 $

2018

9,602,069

$

29,116,846 $

29,088,461

Estimated remaining shared-loss liability $

31,458 $

566,194

net of recoveries

Estimated true-up recoveries

$

(477,130) $

(390,987)

net of true-up recoveries

$

(445,672) $

175,207

Projected shared-loss payments,

The $5.4 billion reduction in the remaining shared-loss
covered assets from 2018 to 2019 is primarily due to the
liquidation of covered assets from active SLAs and natural or
early termination of SLAs impacting 22 receiverships during
2019. As of December 31, 2019, the shared-loss coverage
period has expired for $3.8 billion or 91 percent of the total
remaining covered assets, however, related balances are
included in the above table pending receipt and disposition
of final claim certificates. Projected remaining shared-loss
payments are less than estimated end-of-agreement true-up
recoveries in 2019 as the majority of the expected shared-loss
payments by receiverships with SLAs nearing expiration have
already been paid.
CONCENTRATION OF CREDIT RISK
Financial instruments that potentially subject the DIF to
concentrations of credit risk are receivables from resolutions.
The repayment of these receivables is primarily influenced by
recoveries on assets held by receiverships and payments on

the covered assets under SLAs. Of the $519 million of assets
in liquidation and $4.2 billion of shared-loss covered assets as
of December 31, 2019, 19 percent or $900 million, were
related to receiverships that have fully repaid DIF’s
subrogated claims, thereby mitigating further loss exposure.
The remaining assets primarily originated from failed
institutions located in California ($3.2 billion).
5.

Property and Equipment, Net

Depreciation expense was $49 million and $51 million for
2019 and 2018, respectively. The “Property and equipment,
net” line item on the Balance Sheet consisted of the following
components (dollars in thousands).

Land
Buildings (including building and leasehold improvements)
Application software (includes work-in-process)
Furniture, fixtures, and equipment
Accumulated depreciation
Total
6.

December 31 December 31
2019
2018
$
37,352 $
37,352
342,071
328,787
108,006
103,543
66,970
66,889
(224,571)
(208,041)
$
329,828 $
328,530

Liabilities Due to Resolutions

As of December 31, 2019 and 2018, the DIF recorded liabilities
totaling $343 million and $601 million, respectively, to
resolution entities representing the agreed-upon value of
assets transferred from the receiverships, at the time of failure,
to the acquirers/bridge institutions for use in funding the
deposits assumed by the acquirers/bridge institutions.
Ninety-five percent of these liabilities are due to failures
resolved under whole-bank purchase and assumption
transactions, most with an accompanying SLA. The DIF
satisfies these liabilities either by sending cash directly to a
receivership to fund shared-loss and other expenses or by
offsetting receivables from resolutions when a receivership
declares a dividend.
In addition, there were $3 million and $4 million in unpaid
deposit claims related to multiple receiverships as of
December 31, 2019 and 2018, respectively. The DIF pays
these liabilities when the claims are approved.
7.

Contingent Liabilities

ANTICIPATED FAILURE OF INSURED INSTITUTIONS
The DIF records a contingent liability and a loss provision for
DIF-insured institutions that are likely to fail when the liability

FINANCIAL SECTION

5

99

ANNUAL
REPORT
DEPOSIT INSURANCE FUND
is probable and reasonably estimable, absent some favorable
event such as obtaining additional capital or merging. The
contingent liability is derived by applying expected failure
rates and loss rates to the institutions based on supervisory
ratings, balance sheet characteristics, and projected capital
levels.
The banking industry’s financial condition and performance
were generally positive in 2019. According to the most recent
quarterly financial data submitted by DIF-insured institutions,
the industry’s capital levels continued to improve, and the
percentage of total loans that were noncurrent at September
30 is at its lowest level since second quarter 2007. The
industry reported total net income of $180.3 billion for the
first nine months of 2019, an increase of 1.5 percent over the
comparable period one year ago.
Consistent with the positive performance of the banking
industry, the contingent liability remained relatively stable as
of December 31, 2019 compared to December 31, 2018. The
DIF recorded contingent liabilities totaling $94 million and
$114 million as of December 31, 2019 and 2018, respectively.
In addition to the recorded contingent liabilities, the FDIC has
identified risks in the financial services industry that could
result in additional losses to the DIF, should potentially
vulnerable insured institutions ultimately fail. As a result of
these risks, the FDIC believes that it is reasonably possible that
the DIF could incur additional estimated losses of
approximately $57 million as of December 31, 2019,
compared to $227 million as of year-end 2018. The actual
losses, if any, will largely depend on future economic and
market conditions and could differ materially from this
estimate.
Four financial institutions failed in 2019, with total assets of
$209 million and an estimated loss to the DIF at December 31,
2019, of $31 million.
The improvement in financial performance and condition of
the banking industry of the past year should continue if
market conditions remain favorable. However, the operating
environment poses several key challenges. Interest rates
declined in the first half of 2019, and there are signs of
growing credit and liquidity risk. Revenue growth and net
interest margins have benefited from interest rate hikes in
recent years; however, margins may be squeezed now as
short-term interest rates have declined. Economic conditions
that challenge the banking sector include the impact of slower
global economic growth; the impact of trade tariffs on
manufacturing and exports; the impact of continued weak
commodity prices on local markets; and the risk of market
volatility from global economic and geopolitical

100

developments. The FDIC continues to evaluate ongoing risks
to affected institutions in light of existing economic and
financial conditions, and the extent to which such risks may
put stress on the resources of the insurance fund.
LITIGATION LOSSES
The DIF records an estimated loss for unresolved legal cases
to the extent that those losses are considered probable and
reasonably estimable. The FDIC recorded probable litigation
losses of $200 thousand for the DIF as of December 31, 2019
and 2018. In addition, the FDIC has identified no reasonably
possible losses from unresolved cases as of December 31,
2019 and 2018.
8.

Other Contingencies

PURCHASE AND ASSUMPTION INDEMNIFICATION
In connection with purchase and assumption agreements for
resolutions, the FDIC, in its receivership capacity, generally
indemnifies the purchaser of a failed institution’s assets and
liabilities in the event a third party asserts a claim against the
purchaser unrelated to the explicit assets purchased or
liabilities assumed at the time of failure. The FDIC, in its
corporate capacity, is a secondary guarantor if a receivership
is unable to pay. These indemnifications generally extend for
a term of six years after the date of institution failure. The
FDIC is unable to estimate the maximum potential liability for
these types of guarantees as the agreements do not specify a
maximum amount and any payments are dependent upon the
outcome of future contingent events, the nature and
likelihood of which cannot be determined at this time. During
2019 and 2018, the FDIC, in its corporate capacity, made no
indemnification payments under such agreements, and no
amount has been accrued in the accompanying financial
statements with respect to these indemnification guarantees.
FDIC
GUARANTEED
DEBT
OF
STRUCTURED
TRANSACTIONS
The FDIC, as receiver, used structured transactions
(securitizations and structured sales of guaranteed notes
(SSGNs) or collectively, “trusts”) to dispose of residential
mortgage loans, commercial loans, and mortgage-backed
securities held by the receiverships.
For these transactions, certain loans or securities from failed
institutions were pooled and transferred into a trust structure.
The trusts issued senior and/or subordinated debt
instruments and owner trust or residual certificates
collateralized by the underlying mortgage-backed securities
or loans.

FINANCIAL SECTION

6

2019
NOTES TO THE FINANCIAL STATEMENTS
From March 2010 through March 2013, the receiverships
transferred a portfolio of loans with an unpaid principal
balance of $2.4 billion and mortgage-backed securities with a
book value of $6.4 billion to the trusts. Private investors
purchased the senior notes issued by the trusts for $6.2 billion
in cash and the receiverships held the subordinated debt
instruments and owner trust or residual certificates. In
exchange for a fee, the FDIC, in its corporate capacity,
guarantees the timely payment of principal and interest due
on the senior notes, with the last guarantee expected to
terminate in 2022. If the FDIC is required to perform under its
guarantees, it acquires an interest in the cash flows of the trust
equal to the amount of guarantee payments made plus
accrued interest. The subordinated note holders and owner
trust or residual certificate holders receive cash flows from the
trust only after all expenses have been paid, the guaranteed
notes have been satisfied, and the FDIC has been reimbursed
for any guarantee payments.
The following table provides the maximum loss exposure to
the FDIC, as guarantor, total guarantee fees collected,
guarantee fees receivable, and other information related to
the FDIC guaranteed debt for the trusts as of December 31,
2019 and 2018 (dollars in millions).
December 31
2019

Number of trusts
Initial
Current

December 31
2018

11
6

11
8

Trust collateral balances
Initial
Current

$
$

8,780 $
878 $

8,780
1,643

Guaranteed note balances
Initial
Current (maximum loss exposure)

$
$

6,196 $
195 $

6,196
404

Guarantee fees collected to date

$

166 $

163

Amounts recognized in Interest
receivable on investments and other
assets, net
Receivable for guarantee fees

Receivable for guarantee payments,
net
Amounts recognized in Contingent
liabilities: Guarantee payments and
litigation losses
Contingent liability for guarantee
payments
Amounts recognized in Accounts
payable and other liabilities

Deferred revenue for guarantee feesa

$

1$

4

$

32 $

28

$

34 $

33

$

1$

4

(a) All guarantee fees are recorded as deferred revenue and recognized as revenue primarily
on a straight-line basis over the term of the notes.

Except as presented above, the DIF records no other
structured transaction-related assets or liabilities on its
balance sheet.
ESTIMATED LOSS FROM GUARANTEE PAYMENTS
Any estimated loss to the DIF from the guarantees is based
on an analysis of the expected guarantee payments by the
FDIC, net of reimbursements to the FDIC for such guarantee
payments. The DIF recorded a contingent liability of $34
million as of December 31, 2019 for estimated payments
under the guarantee for one SSGN transaction, up from $33
million at December 31, 2018. As guarantor, the FDIC, in its
corporate capacity, is entitled to reimbursement from the
trust for any guarantee payments; therefore, a corresponding
receivable has been recorded. The related allowance for loss
on this receivable is $2 million and $5 million as of December
31, 2019 and 2018, reflecting the expected shortfall of
proceeds available for reimbursement after liquidation of the
SSGN’s underlying collateral at note maturity. Guarantee
payments are expected to be made at note maturity in
December 2020.
For all of the remaining transactions, the estimated cash flows
from the trust assets provide sufficient coverage to fully pay
the debts. To date, the FDIC, in its corporate capacity, has not
provided, and does not intend to provide, any form of
financial or other type of support for structured transactions
that it was not previously contractually required to provide.
9.

Assessments

The FDIC deposit insurance assessment system is mandated
by section 7 of the FDI Act and governed by part 327 of title
12 of the Code of Federal Regulations (12 CFR Part 327). The
risk-based system requires the payment of quarterly
assessments by all IDIs.
In response to the Dodd-Frank Act, the FDIC implemented
several changes to the assessment system, amended its
Restoration Plan (which is required when the ratio of the DIF
balance to estimated insured deposits, or reserve ratio, is
below the statutorily mandated minimum), and developed a
comprehensive, long-term fund management plan.
The Dodd-Frank Act established the minimum reserve ratio
for the DIF at 1.35 percent, up from the previous statutory
minimum of 1.15 percent. If the reserve ratio falls below 1.35
percent, or the FDIC projects that it will within 6 months, the
FDIC generally must implement a restoration plan that will
return the DIF to 1.35 percent within 8 years.
The long-term fund management plan is designed to restore
and maintain a positive fund balance for the DIF even during

FINANCIAL SECTION

7

101

ANNUAL
REPORT
DEPOSIT INSURANCE FUND
a banking crisis and achieve moderate, steady assessment
rates throughout any economic cycle. Summarized below are
key longer-term provisions of the plan.
• The FDIC Board of Directors designates a reserve ratio
for the DIF and publishes the designated reserve ratio
(DRR) before the beginning of each calendar year, as
required by the FDI Act. Accordingly, in December
2019, the FDIC published a notice maintaining the DRR
at 2 percent for 2020. The DRR is an integral part of
the FDIC’s comprehensive, long-term management
plan for the DIF and is viewed as a long-range,
minimum target for the reserve ratio.
•

The FDIC suspended dividends indefinitely, and, in lieu
of dividends, prescribes progressively lower
assessment rates when the reserve ratio exceeds 2
percent and 2.5 percent.

As noted above, the Dodd-Frank Act increased the minimum
reserve ratio from 1.15 percent to 1.35 percent. This increase
was required to be achieved by September 30, 2020, and the
Dodd-Frank Act mandated that the FDIC offset the effect of
increasing the minimum reserve ratio on institutions with less
than $10 billion in total assets (small banks). To implement
this requirement, the FDIC imposed a surcharge to the regular
quarterly assessments of IDIs with $10 billion or more in total
consolidated assets (large banks) beginning with the quarter
ending September 30, 2016, and provided for credits to small
banks for their contribution to the growth in the reserve ratio
from 1.15 percent to 1.35 percent.
As of September 30, 2018, the reserve ratio of the DIF
exceeded the required minimum of 1.35 percent by reaching
1.36 percent. As a result, the requirements of the amended
Restoration Plan were achieved, the surcharge assessment on
large banks ended effective October 1, 2018, and small bank
assessment credits of $765 million were awarded. As long as
the reserve ratio is at a prescribed level, small bank credits are
automatically applied to reduce the regular quarterly deposit
insurance assessment up to the full amount of the credits or
assessment, whichever is less.
In November 2019, the FDIC approved a final rule that
amended the requirements for applying small bank
assessment credits, effective beginning with the third quarter
2019 assessments. Under the rule, once the FDIC begins
applying small bank credits to quarterly assessments when
the reserve ratio is at least 1.38 percent, credits will be applied
for three additional quarters when the reserve ratio is at least
1.35 percent. The final rule also requires the FDIC to remit the
full nominal value of any remaining small bank credits to each
IDI holding such credits after four quarterly assessment

102

periods of application in the next assessment period in which
the reserve ratio is at least 1.35 percent.
In the second quarter of 2019, the reserve ratio rose to 1.40
percent and the FDIC began applying small bank credits
against quarterly assessments. Of the total $765 million
credits awarded, $559 million were applied in 2019 to reduce
assessments paid by small banks. In addition, the year-end
2019 assessment receivable and related assessment revenue
have been reduced by $145 million, reflecting expected credit
use in the fourth quarter assessment collection at the end of
March 2020. If the reserve ratio remains at least 1.35 percent
for the first quarter of 2020, an estimated $55 million in
assessment credits will be applied against the first quarter
assessment. The FDIC estimates that approximately $6 million
in small bank credits will be remitted.
ASSESSMENT REVENUE
Annual assessment rates averaged approximately 3.1 cents
per $100 of the assessment base during 2019. Annual
assessment rates averaged approximately 7.2 cents per $100
of the assessment base through September 30, 2018. Annual
assessment rates averaged approximately 3.5 cents per $100
for the fourth quarter of 2018, reflecting the end of surcharges
on larger institutions beginning October 1, 2018.
The
assessment base is generally defined as average consolidated
total assets minus average tangible equity (measured as Tier
1 capital) of an IDI during the assessment period.
The “Assessments receivable” line item on the Balance Sheet
of $1.2 billion and $1.4 billion represents the estimated
premiums due from IDIs for the fourth quarter of 2019 and
2018, respectively. The actual deposit insurance assessments
for the fourth quarter of 2019 will be billed and collected at
the end of the first quarter of 2020. During 2019 and 2018,
$4.9 billion and $9.5 billion, respectively, were recognized as
assessment revenue from institutions, including $3.8 billion in
surcharges from large IDIs in 2018. In total, surcharges of
$11.2 billion were collected over nine quarters.
PENDING LITIGATION FOR UNDERPAID ASSESSMENTS
On January 9, 2017, the FDIC filed suit in the United States
District Court for the District of Columbia (and amended this
complaint on April 7, 2017), alleging that Bank of America,
N.A. (BoA) underpaid its insurance assessments for multiple
quarters based on the underreporting of counterparty
exposures. In total, the FDIC alleges that BoA underpaid
insurance assessments by $1.12 billion, including interest for
the quarters ending March 2012 through December 2014.
The FDIC invoiced BoA for $542 million and $583 million
representing claims in the initial suit and the amended
complaint, respectively. BoA has failed to pay these past due
amounts. Pending resolution of this matter, BoA has fully

FINANCIAL SECTION

8

2019
NOTES TO THE FINANCIAL STATEMENTS
pledged security with a third-party custodian pursuant to a
security agreement with the FDIC. As of December 31, 2019,
the total amount of unpaid assessments (including accrued
interest) was $1.18 billion. For the years ending December 31,
2019 and 2018, the impact of this litigation is not reflected in
the financial statements of the DIF.

11. Provision for Insurance Losses

RESERVE RATIO
As of September 30, 2019 and December 31, 2018, the DIF
reserve ratio was 1.41 percent and 1.36 percent, respectively.

As described in Note 4, the estimated recoveries from assets
held by receiverships and estimated payments related to
assets sold by receiverships to acquiring institutions under
shared-loss agreements (SLAs) are used to derive the loss
allowance on the receivables from resolutions. Summarized
below are the three primary components that comprise the
majority of the decrease in estimated losses for prior year
failures.

ASSESSMENTS RELATED TO FICO
Assessments are levied on institutions for payments of the
interest on bond obligations issued by the Financing
Corporation (FICO). The FDIC collected the final FICO
assessment in March 2019 pursuant to a final rule issued in
December 2018 by the Federal Housing Finance Agency, the
agency authorized by Congress to prescribe regulations
relating to the FICO. The FICO was established as a mixedownership government corporation to function solely as a
financing vehicle for the former FSLIC. The FICO assessment
has no financial impact on the DIF and is separate from
deposit insurance assessments. The FDIC, as administrator of
the DIF, acts solely as a collection agent for the FICO. Interest
obligations collected and remitted to the FICO were $47
million and $460 million for 2019 and 2018, respectively.

The provision for insurance losses was a negative $1.3 billion
for 2019, compared to negative $563 million for 2018. The
negative provision for 2019 primarily resulted from a decrease
to the estimated losses for prior year failures.

•

Receivership shared-loss liability cost estimates
decreased $575 million primarily due to lower-thananticipated losses on covered assets, reductions in
shared-loss cost estimates from expirations and
early terminations of SLAs during the year, and
higher true-up recoveries (projected to be received
at expiration if actual losses at expiration are lower
than originally estimated).

•

Receiverships received $465 million of unanticipated
recoveries from litigation settlements and
professional liability claims. These recoveries are
typically not recognized in the allowance for loss
estimate until the cash is received by receiverships,
or collectability is assured, since significant
uncertainties surround their recovery.

•

Reduction in projected future receiverships
expenses, resulted in a loss estimate decrease of
$118 million.

10. Operating Expenses
The “Operating expenses” line item on the Statement of
Income and Fund Balance consisted of the following
components (dollars in thousands).

December 31
Salaries and benefits
Outside services

$

Travel

268,093

89,552

Software/Hardware maintenance

94,761

Depreciation of property and equipment

48,547

Other

27,175

Subtotal
Total

1,225,753 $
80,684

Buildings and leased space

Less: Expenses billed to resolution entities and others

2019

$

December 31
2018

1,221,138

268,693
89,443
86,795
83,276
51,316
26,666

1,834,565

1,827,327

1,795,605 $

1,764,748

(38,960)

(62,579)

12. Employee Benefits
PENSION BENEFITS AND SAVINGS PLANS
Eligible FDIC employees (permanent and term employees
with appointments exceeding one year) are covered by the
federal government retirement plans, either the Civil Service
Retirement System (CSRS) or the Federal Employees
Retirement System (FERS). Although the DIF contributes a
portion of pension benefits for eligible employees, it does not
account for the assets of either retirement system. The DIF
also does not have actuarial data for accumulated plan
benefits or the unfunded liability relative to eligible
employees. These amounts are reported on and accounted
for by the U.S. Office of Personnel Management (OPM).

FINANCIAL SECTION

9

103

ANNUAL
REPORT
DEPOSIT INSURANCE FUND
Under the Federal Thrift Savings Plan (TSP), the FDIC provides
FERS employees with an automatic contribution of 1 percent
of pay and an additional matching contribution up to 4
percent of pay. CSRS employees also can contribute to the
TSP, but they do not receive agency matching contributions.
Eligible FDIC employees may also participate in an FDICsponsored tax-deferred 401(k) savings plan with an automatic
contribution of 1 percent of pay and an additional matching
contribution up to 4 percent of pay. The expenses for these
plans are presented in the table below (dollars in thousands).

Civil Service Retirement System
Federal Employees Retirement System (Basic Benefit)
Federal Thrift Savings Plan
FDIC Savings Plan
Total

December 31 December 31
2019
2018
$
1,806 $
2,089
116,899
111,926
36,149
35,564
39,873
39,466
$
194,727 $
189,045

POSTRETIREMENT BENEFITS OTHER THAN PENSIONS
The DIF has no postretirement health insurance liability since
all eligible retirees are covered by the Federal Employees
Health Benefits (FEHB) program. The FEHB is administered
and accounted for by the OPM. In addition, OPM pays the
employer share of the retiree’s health insurance premiums.
The FDIC provides certain life and dental insurance coverage
for its eligible retirees, the retirees’ beneficiaries, and covered
dependents. Retirees eligible for life and dental insurance
coverage are those who have qualified due to (1) immediate
enrollment upon appointment or five years of participation in
the plan and (2) eligibility for an immediate annuity. The life
insurance program provides basic coverage at no cost to
retirees and allows for converting optional coverage to directpay plans. For the dental coverage, retirees are responsible
for a portion of the premium.
The FDIC has elected not to fund the postretirement life and
dental benefit liabilities. As a result, the DIF recognized the
underfunded status (the difference between the accumulated
postretirement benefit obligation and the plan assets at fair
value) as a liability. Since there are no plan assets, the plan’s
benefit liability is equal to the accumulated postretirement
benefit obligation.
Postretirement benefit obligation, gain and loss, and expense
information included in the Balance Sheet and Statement of
Income and Fund Balance are summarized as follows (dollars
in thousands).

104

December 31
2019
Accumulated postretirement benefit obligation
recognized in Postretirement benefit liability
Amounts recognized in accumulated other
comprehensive income: Unrealized postretirement
benefit loss
Cumulative net actuarial loss
Prior service cost
Total
Amounts recognized in other comprehensive income:
Unrealized postretirement benefit (loss) gain
Actuarial (loss) gain
Prior service credit
Total
Net periodic benefit costs recognized in Operating
expenses
Service cost
Interest cost
Net amortization out of other comprehensive
income
Total

December 31
2018

$

289,462 $

235,935

$

(60,432) $
0
(60,432) $

(13,155)
(385)
(13,540)

(47,277) $
385
(46,892) $

31,475
575
32,050

3,775 $
10,360

4,625
9,334

385
14,520 $

2,064
16,023

$

$
$

$

$

The year-over-year increase in the accumulated
postretirement benefit obligation as of December 31, 2019, is
primarily attributable to a decrease in the discount rate.
The annual postretirement contributions and benefits paid are
included in the table below (dollars in thousands).

December 31
December 31
2019
2018
$
7,885 $
7,354
$
871 $
846
$
(8,756) $
(8,200)

Employer contributions
Plan participants' contributions
Benefits paid

The expected contributions for the year ending December 31,
2020, are $9 million. Expected future benefit payments for
each of the next 10 years are presented in the following table
(dollars in thousands).

2020
$8,297

2021
$8,841

FINANCIAL SECTION

2022
$9,400

2023
$9,962

2024 2025-2029
$10,550
$60,730

10

2019
NOTES TO THE FINANCIAL STATEMENTS
Assumptions used to determine the amount of the
accumulated postretirement benefit obligation and the net
periodic benefit costs are summarized as follows.

December 31 December 31
2019
2018
3.46%
4.81%
3.49%
3.49%
4.81%
4.03%

Discount rate for future benefits (benefit obligation)
Rate of compensation increase
Discount rate (benefit cost)
Dental health care cost-trend rate
Assumed for next year
Ultimate
Year rate will reach ultimate

3.50%
3.50%
2020

3.80%
3.80%
2019

13. Commitments and Off-Balance-Sheet Exposure
COMMITMENTS:
Leased Space
The DIF leased space expense totaled $45 million and $44
million for 2019 and 2018. The FDIC’s lease commitments
total $134 million for future years. The lease agreements
contain escalation clauses resulting in adjustments, usually on
an annual basis. Future minimum lease commitments are as
follows (dollars in thousands).
2020

$42,603

2021

$33,603

2022

$20,774

2023

$18,304

2024

$16,824

2025/Thereafter
$1,724

OFF-BALANCE-SHEET EXPOSURE:
Deposit Insurance
Estimates of insured deposits are derived primarily from
quarterly financial data submitted by IDIs to the FDIC and
represent the accounting loss that would be realized if all IDIs
were to fail and the acquired assets provided no recoveries.
As of September 30, 2019 and December 31, 2018, estimated
insured deposits for the DIF were $7.7 trillion and $7.5 trillion,
respectively.
14. Fair Value of Financial Instruments

the receivables from resolutions, assessments receivable,
interest receivable on investments, other short-term
receivables, and accounts payable and other liabilities.
15. Information Relating to the Statement of Cash Flows
The following table presents a reconciliation of net income to
net cash from operating activities (dollars in thousands).

Operating Activities
Net Income:
$
Adjustments to reconcile net income to net cash provided
by operating activities:
Amortization of U.S. Treasury securities
Treasury Inflation-Protected Securities inflation adjustment
Depreciation on property and equipment
Loss on retirement of property and equipment
Provision for insurance losses
Unrealized (loss) gain on postretirement benefits
Change in Assets and Liabilities:
Decrease in assessments receivable
(Increase) in interest receivable and other assets
Decrease in receivables from resolutions
Increase (Decrease) in accounts payable and other liabilities
Increase (Decrease) in postretirement benefit liability
Increase (Decrease) in contingent liabilities guarantee payments and litigation losses
(Decrease) in liabilities due to resolutions
Net Cash Provided by Operating Activities
$

December 31
2019
6,582,089 $

December 31
2018
9,965,566

339,247
0
48,547
(1,124)
(1,285,531)
(46,892)

246,725
(2,980)
51,316
(524)
(562,622)
32,050

134,373
(470,766)
1,653,681
16,379
53,527

1,258,045
(43,889)
3,493,375
(38,899)
(23,381)

420
(258,505)
6,765,445 $

(904)
(598,484)
13,775,394

16. Subsequent Events
Subsequent events have been evaluated through February 6,
2020, the date the financial statements are available to be
issued. Based on management’s evaluation, there were no
subsequent events requiring disclosure.

As of December 31, 2019 and 2018, financial assets
recognized and measured at fair value on a recurring basis
include cash equivalents (see Note 2) of $6 billion and $5.7
billion, respectively, and the investment in U.S. Treasury
securities (see Note 3) of $100.1 billion and $92.7 billion,
respectively.
The valuation is considered a Level 1
measurements in the fair value hierarchy, representing
quoted prices in active markets for identical assets. Other
financial assets and liabilities, measured at amortized cost, are

FINANCIAL SECTION

105
11

ANNUAL
REPORT

FSLIC RESOLUTION FUND (FRF)
Federal Deposit Insurance Corporation

FSLIC Resolution Fund Balance Sheet

As of December 31

2019

(Dollars in Thousands)

ASSETS

Cash and cash equivalents

Other assets, net

Total Assets
LIABILITIES

Accounts payable and other liabilities

$

922,911 $

901,562

$

923,436 $

902,308

$

Total Liabilities

RESOLUTION EQUITY (NOTE 5)
Contributed capital

525

16 $

16

125,489,317

Accumulated deficit

(124,565,897)

Total Resolution Equity

923,420

Total Liabilities and Resolution Equity

$

The accompanying notes are an integral part of these financial statements.

106

2018

FINANCIAL SECTION

923,436 $

746

9

9

125,489,317

(124,587,018)
902,299

902,308

2019
FSLIC RESOLUTION FUND (FRF)
Federal Deposit Insurance Corporation

FSLIC Resolution Fund Statement of Income and Accumulated Deficit

For the Years Ended December 31

2019

(Dollars in Thousands)

REVENUE

Interest on U.S. Treasury securities

$

Other revenue (Note 6)

Total Revenue

EXPENSES AND LOSSES
Operating expenses

Recovery of tax benefits (Note 7)

2018
18,673 $
1,775

16,626

523

425

4

(313)

(673)

Total Expenses and Losses

21,121

Net Income
Accumulated Deficit - Beginning

$

Accumulated Deficit - Ending

808

20,448

(1,200)

Losses related to thrift resolutions

15,818

(124,587,018)

(124,565,897) $

0

112

16,514
(124,603,532)

(124,587,018)

The accompanying notes are an integral part of these financial statements.

FINANCIAL SECTION

107

ANNUAL
REPORT

FSLIC RESOLUTION FUND (FRF)
Federal Deposit Insurance Corporation

FSLIC Resolution Fund Statement of Cash Flows

For the Years Ended December 31

2019

(Dollars in Thousands)

OPERATING ACTIVITIES
Provided by:

Interest on U.S. Treasury securities

$

Recovery of tax benefits

Recoveries from thrift resolutions

Miscellaneous receipts

18,673 $
1,200

Operating expenses

Miscellaneous disbursements

15,818

0

1,835

832

(358)

(452)

0

Used by:

(1)

3

(19)

Net Cash Provided by Operating Activities

21,349

16,182

Net Increase in Cash and Cash Equivalents

21,349

16,182

Cash and Cash Equivalents - Beginning
Cash and Cash Equivalents - Ending

$

The accompanying notes are an integral part of these financial statements.

108

2018

FINANCIAL SECTION

901,562

922,911 $

885,380

901,562

2019
FSLIC RESOLUTION FUND

NOTES TO THE FINANCIAL STATEMENTS
December 31, 2019 and 2018
1.

Operations/Dissolution of the FSLIC Resolution Fund

OVERVIEW
The Federal Deposit Insurance Corporation (FDIC) is the
independent deposit insurance agency created by Congress
in 1933 to maintain stability and public confidence in the
nation’s banking system. Provisions that govern the FDIC’s
operations are generally found in the Federal Deposit
Insurance (FDI) Act, as amended (12 U.S.C. 1811, et seq). In
accordance with the FDI Act, the FDIC, as administrator of the
Deposit Insurance Fund (DIF), insures the deposits of banks
and savings associations (insured depository institutions). In
cooperation with other federal and state agencies, the FDIC
promotes the safety and soundness of insured depository
institutions (IDIs) by identifying, monitoring, and addressing
risks to the DIF.
In addition to being the administrator of the DIF, the FDIC is
the administrator of the FSLIC Resolution Fund (FRF). As such,
the FDIC is responsible for the sale of remaining assets and
satisfaction of liabilities associated with the former Federal
Savings and Loan Insurance Corporation (FSLIC) and the
former Resolution Trust Corporation (RTC).
The FDIC
maintains the DIF and the FRF separately to support their
respective functions.
The FSLIC was created through the enactment of the National
Housing Act of 1934. The Financial Institutions Reform,
Recovery, and Enforcement Act of 1989 (FIRREA) abolished
the insolvent FSLIC and created the FRF. At that time, the
assets and liabilities of the FSLIC were transferred to the FRF
– except those assets and liabilities transferred to the newly
created RTC – effective on August 9, 1989. Further, the FIRREA
established the Resolution Funding Corporation (REFCORP) to
provide part of the initial funds used by the RTC for thrift
resolutions by authorizing REFCORP to issue debt obligations.
The REFCORP issued debt obligations in the form of longterm bonds ranging in maturity from 2019 to 2030.
The RTC Completion Act of 1993 terminated the RTC as of
December 31, 1995. All remaining assets and liabilities of the
RTC were transferred to the FRF on January 1, 1996. Today,
the FRF consists of two distinct pools of assets and liabilities:
one composed of the assets and liabilities of the FSLIC
transferred to the FRF upon the dissolution of the FSLIC (FRFFSLIC), and the other composed of the RTC assets and
liabilities (FRF-RTC). The assets of one pool are not available
to satisfy obligations of the other.

OPERATIONS/DISSOLUTION OF THE FRF
The FRF will continue operations until all of its assets are sold
or otherwise liquidated and all of its liabilities are satisfied.
Any funds remaining in the FRF-FSLIC will be paid to the U.S.
Treasury. Any remaining funds of the FRF-RTC will be
distributed to the REFCORP to pay interest on the REFCORP
bonds.
In addition, the FRF-FSLIC has available until
expended $602 million in appropriations to facilitate, if
required, efforts to wind up the resolution activity of the FRFFSLIC.
The FDIC has extensively reviewed and cataloged the FRF's
remaining assets and liabilities. Some of the unresolved
issues are:
•

criminal restitution orders (generally have from 1 to
27 years remaining to enforce);

•

collections of judgments obtained against officers
and directors and other professionals responsible for
causing or contributing to thrift losses (generally
have up to 10 years remaining to enforce, unless the
judgments are renewed or are covered by the
Federal Debt Collections Procedures Act, which will
result in significantly longer periods for collection of
some judgments);

•

liquidation/disposition of residual assets purchased
by the FRF from terminated receiverships;

•

a potential tax liability associated with a fully
adjudicated goodwill litigation case (see Note 3); and

•

Affordable Housing Disposition Program monitoring
(the last agreement expires no later than 2045; see
Note 4).

The FRF could realize recoveries from criminal restitution
orders and professional liability claims.
However, any
potential recoveries are not reflected in the FRF’s financial
statements, given the significant uncertainties surrounding
the ultimate outcome.
On April 1, 2014, the FDIC concluded its role as receiver, on
behalf of the FRF, when the last active receivership was
terminated. In total, 850 receiverships were liquidated by the
FRF and the RTC. To facilitate receivership terminations, the
FRF, in its corporate capacity, acquired the remaining
receivership assets that could not be liquidated during the life

1
FINANCIAL SECTION

109

ANNUAL
REPORT
FSLIC RESOLUTION FUND

110

of the receiverships due to restrictive clauses and other
impediments. These assets are included in the “Other assets,
net” line item on the Balance Sheet.

CASH EQUIVALENTS
Cash equivalents are short-term, highly liquid investments
consisting primarily of U.S. Treasury Overnight Certificates.

During the years of receivership activity, the assets held by
receivership entities, and the claims against them, were
accounted for separately from the FRF’s assets and liabilities
to ensure that receivership proceeds were distributed in
accordance with applicable laws and regulations. Also, the
income and expenses attributable to receiverships were
accounted for as transactions of those receiverships. The
FDIC, as administrator of the FRF, billed receiverships for
services provided on their behalf.

RELATED PARTIES
The nature of related parties and a description of related party
transactions are discussed in Note 1 and disclosed
throughout the financial statements and footnotes.
APPLICATION OF RECENT ACCOUNTING STANDARDS
Recent accounting standards have been deemed not
applicable or material to the financial statements as
presented.

2.

3.

Summary of Significant Accounting Policies

Goodwill Litigation

GENERAL
The financial statements include the financial position, results
of operations, and cash flows of the FRF and are presented in
accordance with U.S. generally accepted accounting principles
(GAAP). During the years of receivership activity, these
statements did not include reporting for assets and liabilities
of receivership entities because these entities were legally
separate and distinct, and the FRF did not have any ownership
or beneficial interest in them.

In United States v. Winstar Corp., 518 U.S. 839 (1996), the
Supreme Court held that when it became impossible
following the enactment of FIRREA in 1989 for the federal
government to perform certain agreements to count goodwill
toward regulatory capital, the plaintiffs were entitled to
recover damages from the United States. The contingent
liability associated with the nonperformance of these
agreements was transferred to the FRF on August 9, 1989,
upon the dissolution of the FSLIC.

The FRF is a limited-life entity, however, it does not meet the
requirements for presenting financial statements using the
liquidation basis of accounting. According to Accounting
Standards Codification Topic 205, Presentation of Financial
Statements, a limited-life entity should apply the liquidation
basis of accounting only if a change in the entity’s governing
plan has occurred since its inception. By statute, the FRF is a
limited-life entity whose dissolution will occur upon the
satisfaction of all liabilities and the disposition of all
assets. No changes to this statutory plan have occurred since
inception of the FRF.

The FRF can draw from an appropriation provided by Section
110 of the Department of Justice Appropriations Act, 2000
(Public Law 106-113, Appendix A, Title I, 113 Stat. 1501A-3,
1501A-20), such sums as may be necessary for the payment
of judgments and compromise settlements in the goodwill
litigation. This appropriation is to remain available until
expended. Because an appropriation is available to pay such
judgments and settlements, any estimated liability for
goodwill litigation will have a corresponding receivable from
the U.S. Treasury and therefore have no net impact on the
financial condition of the FRF.

USE OF ESTIMATES
The preparation of the financial statements in conformity with
GAAP requires management to make estimates and
assumptions that affect the reported amounts of assets and
liabilities, revenue and expenses, and disclosure of contingent
liabilities. Actual results could differ from these estimates.
Where it is reasonably possible that changes in estimates will
cause a material change in the financial statements in the near
term, the nature and extent of such potential changes in
estimates have been disclosed. The estimates for other assets,
goodwill litigation, and indemnifications are considered
significant.

The last remaining goodwill case was resolved in 2015.
However, for another case fully adjudicated in 2012, an
estimated loss of $4 million as of December 31, 2019,
compared to $5 million as of year-end 2018, for the courtordered reimbursement of potential tax liabilities to the
plaintiff is reasonably possible.
The FRF-FSLIC paid goodwill litigation expenses incurred by
the Department of Justice (DOJ), the entity that defended
these lawsuits against the United States, based on a
Memorandum of Understanding dated October 2, 1998,
between the FDIC and the DOJ. These expenses were paid in
advance by the FRF-FSLIC and any unused funds were carried
over by the DOJ and applied toward the next fiscal year

FINANCIAL SECTION

2

2019
NOTES TO THE FINANCIAL STATEMENTS
charges. The DOJ returned all unused funds in September
2016 except for $250 thousand retained to cover future
administrative expenses. In September 2019, after reducing
for expenses incurred, the DOJ returned the remaining $234
thousand of unused funds to the FRF-FSLIC (see Note 6).
4.

Affordable Housing Disposition Program

Required by FIRREA under section 501, the Affordable
Housing Disposition Program (AHDP) was established in 1989
to ensure the preservation of affordable housing for lowincome households. The FDIC, in its capacity as administrator
of the FRF-RTC, assumed responsibility for monitoring
property owner compliance with land use restriction
agreements (LURAs). To enforce the property owners’ LURA
obligation, the RTC, prior to its dissolution, entered into
Memoranda of Understanding with 34 monitoring agencies
to oversee these LURAs. As of December 31, 2019, 24
monitoring agencies oversee these LURAs. The FDIC, through
the FRF, has agreed to indemnify the monitoring agencies for
all losses related to LURA legal enforcement proceedings.
From 2006 through 2018, two lawsuits against property
owners resulted in $23 thousand in legal expenses, which
were fully reimbursed due to successful litigation. In 2019,
new litigation against two property owners has thus far
resulted in legal expenses of $7 thousand. The maximum
potential exposure to the FRF cannot be estimated as it is
contingent upon future legal proceedings. However, loss
mitigation factors include: (1) the indemnification may
become void if the FDIC is not immediately informed upon
receiving notice of any legal proceedings and (2) the FDIC is
entitled to reimbursement of any legal expenses incurred for
successful litigation against a property owner.
AHDP
guarantees will continue until the termination of the last
LURA, or 2045 (whichever occurs first). As of December 31,
2019 and 2018, no contingent liability for this indemnification
has been recorded.
5.

Resolution Equity

As stated in the Overview section of Note 1, the FRF is
composed of two distinct pools: the FRF-FSLIC and the FRFRTC. The FRF-FSLIC consists of the assets and liabilities of the
former FSLIC. The FRF-RTC consists of the assets and liabilities
of the former RTC. Pursuant to legal restrictions, the two
pools are maintained separately and the assets of one pool
are not available to satisfy obligations of the other.

Contributed capital, accumulated deficit, and resolution
equity consisted of the following components by each pool
(dollars in thousands).
December 31, 2019
Contributed capital beginning

Contributed capital ending

FRF-FSLIC
$

Accumulated deficit
Total Resolution
Equity

$

December 31, 2018
Contributed capital beginning

Contributed capital ending

43,864,980 $

$

81,624,337 $

125,489,317

81,624,337

125,489,317

(42,986,401)

(81,579,496)

(124,565,897)

878,579 $

43,864,980 $

81,624,337 $

43,783

125,489,317
125,489,317

(81,580,554)
$

923,420

FRF Consolidated

81,624,337

(43,006,464)
858,516

44,841 $

FRF-RTC

43,864,980

$

FRF Consolidated

43,864,980

FRF-FSLIC

Accumulated deficit
Total Resolution
Equity

FRF-RTC

(124,587,018)
$

902,299

CONTRIBUTED CAPITAL
The FRF-FSLIC and the former RTC received $43.5 billion and
$60.1 billion from the U.S. Treasury, respectively, to fund
losses from thrift resolutions prior to July 1, 1995.
Additionally, the FRF-FSLIC issued $670 million in capital
certificates to the Financing Corporation (a mixed-ownership
government corporation established to function solely as a
financing vehicle for the FSLIC) and the RTC issued $31.3
billion of these instruments to the REFCORP. FIRREA
prohibited the payment of dividends on any of these capital
certificates. Through December 31, 2019, the FRF-FSLIC
received a total of $2.3 billion in goodwill appropriations, the
effect of which increased contributed capital.
Through December 31, 2019, the FRF-RTC had returned $4.6
billion to the U.S. Treasury and made payments of $5.1 billion
to the REFCORP. The most recent payment to the REFCORP
was in July of 2013 for $125 million. In addition, the FDIC
returned $2.6 billion to the U.S. Treasury on behalf of the FRFFSLIC in 2013. These actions reduced contributed capital.
ACCUMULATED DEFICIT
The accumulated deficit represents the cumulative excess of
expenses and losses over revenue for activity related to the
FRF-FSLIC and the FRF-RTC. Approximately $29.8 billion and
$87.9 billion were brought forward from the former FSLIC and
the former RTC on August 9, 1989, and January 1, 1996,
respectively. Since the dissolution dates, the FRF-FSLIC
accumulated deficit increased by $13.2 billion, whereas the
FRF-RTC accumulated deficit decreased by $6.3 billion.

FINANCIAL SECTION

3111

ANNUAL
REPORT
FSLIC RESOLUTION FUND
6.

9.

Other Revenue

Other revenue primarily represents recoveries from assets
acquired from terminated receiverships, such as professional
liability and criminal restitution claims, and unclaimed
property escheatments. Additionally, in 2019, the return of
unused goodwill litigation expense funds from the DOJ is
included. Other revenue was $2 million for 2019, compared
to $808 thousand for 2018.
7.

Recovery of Tax Benefits

Recovery of tax benefits represents receipts based on
underlying tax provisions from entities that either entered into
assistance agreements with the former FSLIC, or have
subsequently purchased financial institutions that had prior
agreements with the FSLIC. In 2019, FRF received $1 million
from the settlement of the last remaining FSLIC tax benefits
sharing agreement.
8.

Fair Value of Financial Instruments

At December 31, 2019 and 2018, the FRF’s financial assets
measured at fair value on a recurring basis are cash
equivalents (see Note 2) of $878 million and $857 million,
respectively. Cash equivalents are Special U.S. Treasury
Certificates with overnight maturities valued at prevailing
interest rates established by the U.S. Treasury’s Bureau of the
Fiscal Service.
The valuation is considered a Level 1
measurement in the fair value hierarchy, representing quoted
prices in active markets for identical assets.

112

Information Relating to the Statement of Cash Flows

The following table presents a reconciliation of net income to
net cash from operating activities (dollars in thousands).
December 31
Operating Activities
Net Income:

Change in Assets and
Liabilities:
Decrease (Increase) in
other assets
Increase (Decrease) in
accounts payable and
other liabilities
Net Cash Provided by
Operating Activities

10.

December 31

2019

$

$

21,121

2018

$

16,514

221

(249)

7

(83)

21,349

$

16,182

Subsequent Events

Subsequent events have been evaluated through February 6,
2020, the date the financial statements are available to be
issued. Based on management’s evaluation, there were no
subsequent events requiring disclosure.

FINANCIAL SECTION

4

2019
GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT

441 G St. N.W.
Washington, DC 20548

Independent Auditor’s Report
To the Board of Directors
The Federal Deposit Insurance Corporation
In our audits of the 2019 and 2018 financial statements of the Deposit Insurance Fund (DIF) and
of the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund (FRF), both of
which the Federal Deposit Insurance Corporation (FDIC) administers,1 we found
the financial statements of the DIF and of the FRF as of and for the years ended
December 31, 2019, and 2018, are presented fairly, in all material respects, in accordance
with U.S. generally accepted accounting principles;
FDIC maintained, in all material respects, effective internal control over financial reporting
relevant to the DIF and to the FRF as of December 31, 2019; and
with respect to the DIF and to the FRF, no reportable noncompliance for 2019 with
provisions of applicable laws, regulations, contracts, and grant agreements we tested.

•
•
•

The following sections discuss in more detail (1) our report on the financial statements and on
internal control over financial reporting and other information included with the financial
statements;2 (2) our report on compliance with laws, regulations, contracts, and grant
agreements; and (3) agency comments.
Report on the Financial Statements and on Internal Control over Financial Reporting
In accordance with Section 17 of the Federal Deposit Insurance Act, as amended,3 and the
Government Corporation Control Act,4 we have audited the financial statements of the DIF and
of the FRF, both of which FDIC administers. The financial statements of the DIF comprise the
balance sheets as of December 31, 2019, and 2018; the related statements of income and fund
balance and of cash flows for the years then ended; and the related notes to the financial
statements. The financial statements of the FRF comprise the balance sheets as of
December 31, 2019, and 2018; the related statements of income and accumulated deficit and of
cash flows for the years then ended; and the related notes to the financial statements. We also
have audited FDIC’s internal control over financial reporting relevant to the DIF and to the FRF
as of December 31, 2019, based on criteria established under 31 U.S.C. § 3512(c), (d),
commonly known as the Federal Managers’ Financial Integrity Act (FMFIA).

1A

third fund managed by FDIC, the Orderly Liquidation Fund, established by Section 210(n) of the Dodd-Frank Wall
Street Reform and Consumer Protection Act, Pub. L. No. 111-203, 124 Stat. 1376, 1506 (July 21, 2010), is unfunded
and did not have any transactions from its inception in 2010 through 2019.

2Other
3Act
431

information consists of information included with the financial statements, other than the auditor’s report.

of September 21, 1950, Pub. L. No. 797, § 2[17], 64 Stat. 873, 890, classified as amended at 12 U.S.C. § 1827.

U.S.C. §§ 9101-9110.

FINANCIAL SECTION

113

ANNUAL
REPORT

GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT (continued)
We conducted our audits in accordance with U.S. generally accepted government auditing
standards. We believe that the audit evidence we obtained is sufficient and appropriate to
provide a basis for our audit opinions.
Management’s Responsibility
FDIC management is responsible for (1) the preparation and fair presentation of these financial
statements in accordance with U.S. generally accepted accounting principles; (2) preparing and
presenting other information included in documents containing the audited financial statements
and auditor’s report, and ensuring the consistency of that information with the audited financial
statements; (3) maintaining effective internal control over financial reporting, including the
design, implementation, and maintenance of internal control relevant to the preparation and fair
presentation of financial statements that are free from material misstatement, whether due to
fraud or error; (4) evaluating the effectiveness of internal control over financial reporting based
on the criteria established under FMFIA; and (5) its assessment about the effectiveness of
internal control over financial reporting as of December 31, 2019, included in the accompanying
Management’s Report on Internal Control over Financial Reporting in appendix I.
Auditor’s Responsibility
Our responsibility is to express opinions on these financial statements and opinions on FDIC’s
internal control over financial reporting relevant to the DIF and to the FRF based on our audits.
U.S. generally accepted government auditing standards require that we plan and perform the
audits to obtain reasonable assurance about whether the financial statements are free from
material misstatement, and whether effective internal control over financial reporting was
maintained in all material respects. We are also responsible for applying certain limited
procedures to other information included with the financial statements.
An audit of financial statements involves performing procedures to obtain audit evidence about
the amounts and disclosures in the financial statements. The procedures selected depend on
the auditor’s judgment, including the auditor’s assessment of the risks of material misstatement
of the financial statements, whether due to fraud or error. In making those risk assessments, the
auditor considers internal control relevant to the entity’s preparation and fair presentation of the
financial statements in order to design audit procedures that are appropriate in the
circumstances. An audit of financial statements also involves evaluating the appropriateness of
the accounting policies used and the reasonableness of significant accounting estimates made
by management, as well as evaluating the overall presentation of the financial statements.
An audit of internal control over financial reporting involves performing procedures to obtain
evidence about whether a material weakness exists.5 The procedures selected depend on the
auditor’s judgment, including the assessment of the risk that a material weakness exists. An
audit of internal control over financial reporting also includes obtaining an understanding of
internal control over financial reporting and evaluating and testing the design and operating
effectiveness of internal control over financial reporting based on the assessed risk. Our audit of
internal control also considered FDIC’s process for evaluating and reporting on internal control
5A

material weakness is a deficiency, or combination of deficiencies, in internal control over financial reporting, such
that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be
prevented, or detected and corrected, on a timely basis. A deficiency in internal control exists when the design or
operation of a control does not allow management or employees, in the normal course of performing their assigned
functions, to prevent, or detect and correct, misstatements on a timely basis.

114

FINANCIAL SECTION

2019
GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT (continued)
over financial reporting based on criteria established under FMFIA. Our audits also included
performing such other procedures as we considered necessary in the circumstances.
We did not evaluate all internal controls relevant to operating objectives as broadly established
under FMFIA, such as those controls relevant to preparing performance information and
ensuring efficient operations. We limited our internal control testing to testing controls over
financial reporting. Our internal control testing was for the purpose of expressing an opinion on
whether effective internal control over financial reporting was maintained, in all material
respects. Consequently, our audit may not identify all deficiencies in internal control over
financial reporting that are less severe than a material weakness.
Definition and Inherent Limitations of Internal Control over Financial Reporting
An entity’s internal control over financial reporting is a process effected by those charged with
governance, management, and other personnel, the objectives of which are to provide
reasonable assurance that (1) transactions are properly recorded, processed, and summarized
to permit the preparation of financial statements in accordance with U.S. generally accepted
accounting principles, and assets are safeguarded against loss from unauthorized acquisition,
use, or disposition, and (2) transactions are executed in accordance with provisions of
applicable laws, regulations, contracts, and grant agreements, noncompliance with which could
have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent, or
detect and correct, misstatements due to fraud or error. We also caution that projecting any
evaluation of effectiveness to future periods is subject to the risk that controls may become
inadequate because of changes in conditions or that the degree of compliance with the policies
or procedures may deteriorate.
Opinions on Financial Statements
In our opinion,
•

•

the DIF’s financial statements present fairly, in all material respects, the DIF’s financial
position as of December 31, 2019, and 2018, and the results of its operations and its cash
flows for the years then ended, in accordance with U.S. generally accepted accounting
principles, and
the FRF’s financial statements present fairly, in all material respects, the FRF’s financial
position as of December 31, 2019, and 2018, and the results of its operations and its cash
flows for the years then ended, in accordance with U.S. generally accepted accounting
principles.

Opinions on Internal Control over Financial Reporting
In our opinion,
•
•

FDIC maintained, in all material respects, effective internal control over financial reporting
relevant to the DIF as of December 31, 2019, based on criteria established under FMFIA,
and
FDIC maintained, in all material respects, effective internal control over financial reporting
relevant to the FRF as of December 31, 2019, based on criteria established under FMFIA.

FINANCIAL SECTION

115

ANNUAL
REPORT

GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT (continued)
During our 2019 audit, we identified deficiencies in FDIC’s internal control over financial
reporting that we do not consider to be material weaknesses or significant deficiencies.6
Nonetheless, these deficiencies warrant FDIC management’s attention. We have communicated
these matters to FDIC management and, where appropriate, will report on them separately.
Other Matters
Other Information
FDIC’s other information contains a wide range of information, some of which is not directly
related to the financial statements. This information is presented for purposes of additional
analysis and is not a required part of the financial statements. We read the other information
included with the financial statements in order to identify material inconsistencies, if any, with
the audited financial statements. Our audit was conducted for the purpose of forming opinions
on the DIF’s and the FRF’s financial statements. We did not audit and do not express an opinion
or provide any assurance on the other information.
Report on Compliance with Laws, Regulations, Contracts, and Grant Agreements
In connection with our audits of the financial statements of the DIF and of the FRF, both of
which FDIC administers, we tested compliance with selected provisions of applicable laws,
regulations, contracts, and grant agreements consistent with our auditor’s responsibility
discussed below. We caution that noncompliance may occur and not be detected by these
tests. We performed our tests of compliance in accordance with U.S. generally accepted
government auditing standards.
Management’s Responsibility
FDIC management is responsible for complying with applicable laws, regulations, contracts, and
grant agreements.
Auditor’s Responsibility
Our responsibility is to test compliance with selected provisions of applicable laws, regulations,
contracts, and grant agreements that have a direct effect on the determination of material
amounts and disclosures in the financial statements of the DIF and of the FRF and to perform
certain other limited procedures. Accordingly, we did not test FDIC’s compliance with all
applicable laws, regulations, contracts, and grant agreements.
Results of Our Tests for Compliance with Laws, Regulations, Contracts, and Grant Agreements
Our tests for compliance with selected provisions of applicable laws, regulations, contracts, and
grant agreements disclosed no instances of noncompliance for 2019 that would be reportable,
with respect to the DIF and to the FRF, under U.S. generally accepted government auditing
standards. However, the objective of our tests was not to provide an opinion on compliance with
applicable laws, regulations, contracts, and grant agreements. Accordingly, we do not express
such an opinion.

6A significant deficiency is a deficiency, or a combination of deficiencies, in internal control over financial reporting
that is less severe than a material weakness, yet important enough to merit attention by those charged with
governance.

116

FINANCIAL SECTION

2019
GOVERNMENT ACCOUNTABILITY OFFICE
AUDITOR’S REPORT (continued)
Intended Purpose of Report on Compliance with Laws, Regulations, Contracts, and Grant
Agreements
The purpose of this report is solely to describe the scope of our testing of compliance with
selected provisions of applicable laws, regulations, contracts, and grant agreements, and the
results of that testing, and not to provide an opinion on compliance. This report is an integral
part of an audit performed in accordance with U.S. generally accepted government auditing
standards in considering compliance. Accordingly, this report on compliance with laws,
regulations, contracts, and grant agreements is not suitable for any other purpose.
Agency Comments
In commenting on a draft of this report, FDIC stated that it was pleased to receive unmodified
opinions on the DIF’s and the FRF’s financial statements, and noted that we reported that FDIC
had effective internal control over financial reporting and that there was no reportable
noncompliance with tested provisions of applicable laws, regulations, contracts, and grant
agreements. FDIC also stated that it recognizes the essential role a strong internal control
program plays in an agency achieving its mission and that its commitment to sound financial
management has been and will remain a top priority. The complete text of FDIC’s response is
reprinted in appendix II.

James R. Dalkin
Director
Financial Management and Assurance
February 6, 2020

FINANCIAL SECTION

117

ANNUAL
REPORT
Appendix I

MANAGEMENT’S REPORT ON INTERNAL CONTROL
OVER FINANCIAL REPORTING

118

FINANCIAL SECTION

2019
Appendix II

MANAGEMENT’S RESPONSE TO
THE AUDITOR’S REPORT

FINANCIAL SECTION

119

THIS PAGE INTENTIONALLY LEFT BLANK

VI.

RISK MANAGEMENT AND INTERNAL CONTROLS

THIS PAGE INTENTIONALLY LEFT BLANK

2019
The FDIC uses several means to identify and address
enterprise risks, maintain comprehensive internal controls,
ensure the overall effectiveness and efficiency of operations,
and otherwise comply as necessary with the following
federal standards, among others:
♦ Chief Financial Officers Act (CFO Act)
♦ Federal Managers’ Financial Integrity Act (FMFIA)
♦ Federal Financial Management Improvement Act
(FFMIA)
♦ Government Performance and Results Act (GPRA)
♦ Federal Information Security Modernization Act of
2014 (FISMA)
♦ OMB Circular A-123
♦ GAO’s Standards for Internal Control in the Federal
Government
As a foundation for these efforts, the Division of Finance,
Risk Management and Internal Controls Branch (DOFRMIC) oversees a corporate-wide program of risk
management and internal control activities and works
closely with FDIC division and office management.
The FDIC has made a concerted effort to identify and
assess financial, reputational, and operational risks and
incorporate corresponding controls into day-to-day
operations. The program also requires that divisions and
offices document comprehensive procedures, thoroughly
train employees, and hold supervisors accountable for
performance and results. Divisions and offices monitor
compliance through periodic management reviews
and various activity reports distributed to all levels of
management. The FDIC also takes seriously FDIC Office
of Inspector General and GAO audit recommendations
and strives to implement agreed upon actions promptly.
The FDIC has received unmodified opinions on its
financial statement audits for 28 consecutive years, and
these and other positive results reflect the effectiveness of
the overall internal control program.
In 2019, DOF-RMIC continued to enhance the FDIC’s
Enterprise Risk Management program. ERM program
accomplishments include, but were not limited to:

♦ Enhancing the ERM program’s governance structure,
♦ Confirming the FDIC’s risk appetite statement and
risk profile,
♦ Relaunching the Model Risk Management program,
and
♦ Providing Project Risk Manager support for certain
complex IT projects.
During 2020, DOF-RMIC will continue enhancing the
ERM program. DOF-RMIC will focus on raising ERM
awareness in the FDIC regional offices, better integrating
the ERM program with FDIC’s strategic planning and
budget process, enhancing the internal control program,
and exploring opportunities for process improvements.

PROGRAM EVALUATION
DOF-RMIC periodically evaluates selected program areas
responsible for achieving FDIC strategic objectives and
performance goals. During 2019, DOF-RMIC evaluated
DRR processes responsible for achieving two Insurance
Program strategic objectives and related performance
goals.
Strategic Objective and Related Performance
Goal Evaluated:
♦ The FDIC resolves failed IDIs in the manner leastcostly to the DIF.
• Market failing institutions to all known qualified
and interested potential bidders.
The FDIC maintains a database of qualified and interested
potential bidders for failed financial institutions. In
developing the potential bidders list, the FDIC identifies
well-capitalized and well-managed banks that are expected
to be interested in acquiring the failing institution.
During 2019, four financial institutions failed. FDIC
marketed these institutions using a secured web-based
virtual data room. This approach allowed the FDIC to
effectively and efficiently market the failing institution
and its assets to potential bidders in a confidential manner.
We confirmed in each case that the marketing process was
competitive and multiple interested banks submitted bids.

RISK MANAGEMENT AND INTERNAL CONTROLS

123

ANNUAL
REPORT
Strategic Objective and Related Performance
Goals Evaluated:
♦ Customers of failed IDIs have timely access to
insured funds and financial services.
• Depositors have access to insured funds within
one business day if the failure occurs on a Friday.
• Depositors have access to insured funds within
two business days if the failure occurs on any
other day of the week.
• Depositors do not incur any losses on insured
deposits.
• No appropriated funds are required to pay
insured depositors.
The FDIC has procedures in place to ensure that
customers have timely access to insured funds and
financial services, such as automated teller machines, safe
deposit boxes, and wire services. If an institution failure
occurs on a Friday, FDIC’s target for access to insured
funds by customers is one business day. If a failure occurs
on any other day of the week, the target is two business
days. We confirmed that procedures were up-to-date and
appropriate. In 2019, four banks failed. The acquiring
institution in three of the failures assumed all deposits
and the fourth acquiring institution assumed insured
deposits only. In all cases, DRR completed the deposit
insurance determination timely and the acquiring
institutions re-opened for business by the first business
day immediately following the Friday failure. Moreover,
no depositors incurred losses on insured deposits and no
appropriated funds were used to pay insured deposits.

FRAUD REDUCTION AND DATA
ANALYTICS ACT OF 2015
The Fraud Reduction and Data Analytics Act of 2015 was
signed into law on June 30, 2016. The law is intended
to improve federal agency financial and administrative
controls and procedures to assess and mitigate fraud risks,
and to improve federal agencies’ development and use of

124

data analytics for the purpose of identifying, preventing,
and responding to fraud, including improper payments.
The FDIC’s enterprise risk management and internal
control program considers the potential for fraud and
incorporates elements of Principle 8—Assess Fraud
Risk—from the GAO Standards of Internal Control in the
Federal Government. The FDIC implemented a Fraud Risk
Assessment Framework as a basis for identifying potential
financial fraud risks and schemes and ensuring that
preventive and detective controls are present and working
as intended. Examples of transactions more susceptible to
fraud include contractor payments, wire transfers, travel
card purchases, and cash receipts.
As part of the Framework, management identifies potential
fraud areas and implements and evaluates key controls as
proactive measures for fraud prevention. Although no
system of internal control provides absolute assurance,
the FDIC’s system of internal control provides reasonable
assurance that key controls are adequate and working
as intended. Monitoring activities include supervisory
approvals, management reports, and exception reporting.
FDIC management performs due diligence in areas of
suspected or alleged fraud. At the conclusion of due
diligence, the matter is either closed or referred to the
Office of Inspector General for investigation.
During 2019, there was no systemic fraud identified within
the FDIC.

MANAGEMENT REPORT ON
FINAL ACTIONS
As required under the provisions of Section 5 (as amended)
of the Inspector General Act of 1978, the FDIC must
report information on final action taken by management
on certain audit reports. The tables on the following
pages provide information on final action taken by
management on audit reports for the federal fiscal year
period October 1, 2018, through September 30, 2019.

RISK MANAGEMENT AND INTERNAL CONTROLS

2019
TABLE 1:
MANAGEMENT REPORT ON FINAL ACTION ON AUDITS
WITH DISALLOWED COSTS FOR FISCAL YEAR 2019
Dollars in Thousands
(There were no audit reports in this category.)

TABLE 2:
MANAGEMENT REPORT ON FINAL ACTION ON AUDITS WITH RECOMMENDATIONS
TO PUT FUNDS TO BETTER USE FOR FISCAL YEAR 2019
Dollars in Thousands
(There were no audit reports in this category.)

TABLE 3:
AUDIT REPORTS WITHOUT FINAL ACTIONS BUT WITH MANAGEMENT DECISIONS
OVER ONE YEAR OLD FOR FISCAL YEAR 2019
Report No. and
Issue Date

AUD-16-001
10/28/2015

AUD-17-001
11/2/2016

EVAL-17-007
9/18/2017

OIG Audit Recommendation

The Acting CIO should assess the
Information Security Manager (ISM)
Outsourced Information Service
Provider Assessment Methodology
processes supporting information service
provider assessments to determine and
implement any needed improvements to
ensure timely completion of assessments.
OIG recommends that the CIO should
review existing resource commitments
and priorities for addressing data
communications Plans of Action and
Milestones (POA&Ms) and take
appropriate steps to ensure they are
addressed in a timely manner.

Management Action

The CIOO updated its assessment
methodology to help ensure timely
completion of assessments and
completed assessments consistent with its
implementation plan.
Status: Completed.
Undergoing OIG review.
The CIOO developed and documented its
policy risk tolerance levels and timeframes
for remediating POA&Ms. The FDIC has
achieved a substantial reduction in several
aging POA&M performance metrics.
Additional time is needed to refine and
meet performance benchmarks.

Due Date: 6/26/2020.
The Director, DOA should incorporate DOA established procedures and protocols
a risk assessment of individual separating for incorporating an employee-specific risk
employees into the FDIC’s pre-exit
assessment as part of the pre-exit clearance
clearance process.
process.

Disallowed
Costs

$0

$0

$0

Status: Subsequently closed.

RISK MANAGEMENT AND INTERNAL CONTROLS

125

ANNUAL
REPORT
TABLE 3:
AUDIT REPORTS WITHOUT FINAL ACTIONS BUT WITH MANAGEMENT DECISIONS
OVER ONE YEAR OLD FOR FISCAL YEAR 2019 (continued)
Report No. and
Issue Date

AUD-18-001
10/25/2017

OIG Audit Recommendation

Management Action

The CIO should implement the
Information Security Risk Advisory
(ISRA) Council’s responsibilities to
develop a method and strategy for use
by FDIC divisions and offices in the
classification of risk ratings and risk
profiles of corporate applications and
systems.

The CIOO developed a new methodology
for categorizing applications and systems
based on their risk profile. However,
additional time is needed to fully
implement the new methodology.

The CIO should implement the ISRA
Council’s responsibilities to develop and
communicate the FDIC’s information
security risk tolerance level and risk
profile used to prioritize risk mitigation
activities.

The FDIC issued its Corporate Risk
Appetite Statement, which includes a
discussion of technology risk. The CIOO
developed risk tolerances and metrics for
monitoring key risk indicators.

The CIO should ensure that the
improvements to the FDIC’s patch
management process result in systems
being patched in accordance with
FDIC’s patch management policy and
National Institute of Standards and
Technology recommended practices.

The FDIC established patch management
risk tolerances and is monitoring to
ensure that systems are patched within
established timeframes. In addition,
the FDIC updated its patching policy
to incorporate a new process for
documenting deferrals and acceptances
of risk, when appropriate. Further, the
FDIC developed work instructions
to ensure the process of monitoring
vulnerabilities and tolerance levels is
repeatable.

Due Date: 1/31/2020

Due Date: 1/28/2020

Status: Subsequently closed.

126

RISK MANAGEMENT AND INTERNAL CONTROLS

Disallowed
Costs

$0

2019
TABLE 3:
AUDIT REPORTS WITHOUT FINAL ACTIONS BUT WITH MANAGEMENT DECISIONS
OVER ONE YEAR OLD FOR FISCAL YEAR 2019 (continued)
Report No. and
Issue Date

AUD-18-001
10/25/2017
(continued)

OIG Audit Recommendation

The CIO should review and enhance
the FDIC’s vulnerability scanning
processes to ensure that issues associated
with conducting credentialed scans are
resolved in a timely manner.

Management Action

The FDIC revised its standard operating
procedure for addressing authentication
failures. The procedure now requires
evidence of successful authentication
prior to closing change control tickets
generated as a result of authentication
failures. The FDIC still needs to
demonstrate consistent, effective
performance of the new procedures.

Disallowed
Costs

$0

Due Date: 5/29/2020
The CIO should develop an approach
and implementing procedures for
evaluating risk associated with known
security weaknesses and vulnerabilities
to ensure they collectively remain within
established risk tolerance levels.

The CIOO developed standard risk
tolerances for information security
vulnerabilities, developed a framework
to quantify risk, and integrated these
items into the CIOO’s risk management
processes. Additionally, the CIOO
updated its Information Security Risk
Management directive to align roles,
responsibilities, and expectations for
reporting risk levels that approach or
exceed risk tolerance limits. The CIOO
will finalize and publish the directive once
the directives review process is complete.
Due Date: 5/29/2020

RISK MANAGEMENT AND INTERNAL CONTROLS

127

ANNUAL
REPORT
TABLE 3:
AUDIT REPORTS WITHOUT FINAL ACTIONS BUT WITH MANAGEMENT DECISIONS
OVER ONE YEAR OLD FOR FISCAL YEAR 2019 (continued)
Report No. and
Issue Date

AUD-18-004
7/26/18

OIG Audit Recommendation

Management Action

The CIO should implement an
enterprise architecture that is part of the
FDIC’s IT Governance Framework and
used to guide IT decision-making.

The CIO implemented an enterprise
architecture that is part of the FDIC’s IT
Governance Framework and used to guide
IT decision-making.

Disallowed
Costs

$0

Status: Subsequently closed.
The CIO should incorporate the revised The CIOO combined existing IT
IT governance processes into applicable governance policies into one overarching
FDIC policies, procedures, and charters. directive which will define the FDIC’s IT
decision-making framework for governing
and managing IT resources for enterprise
architecture, IT strategy, IT planning,
data management, and IT project
management. The CIOO will finalize and
publish the directive once the directives
review process is complete.
Due Date: 3/31/2020
The CIO should identify and document
the IT resources and expertise needed to
execute the FDIC’s IT Strategic Plan.

EVAL-18-004
8/8/2018

128

The CIOO developed a workforce
planning guide that outlines the process
that will be used to document the IT
resources and expertise needed to execute
the FDIC’s IT Strategic Plan. The CIOO
will perform the IT workforce assessment
against future IT workforce needs as
defined in the FDIC’s IT Modernization
Plan and target IT architecture.

Due Date: 9/30/2020
The Director, Division of Risk
RMS issued a comprehensive document
Management Supervision should
describing its risk-focused supervision
issue a comprehensive policy guidance
program, including how the FDIC
document defining Forward-Looking
implemented Forward-Looking
Supervision, including its purpose, goals, Supervision concepts.
roles, and responsibilities.
Status: Subsequently closed.

RISK MANAGEMENT AND INTERNAL CONTROLS

$0

VII.

APPENDICES

THIS PAGE INTENTIONALLY LEFT BLANK

2019
A. KEY STATISTICS
FDIC ACTIONS ON FINANCIAL INSTITUTIONS APPLICATIONS
Deposit Insurance
Approved1
Denied
New Branches
Approved
Denied
Mergers
Approved
Denied
Requests for Consent to Serve2
Approved
Section 19
Section 32
Denied
Section 19
Section 32
Notices of Change in Control
Letters of Intent Not to Disapprove
Disapproved
Brokered Deposit Waivers
Approved
Denied
Savings Association Activities3
Approved
Denied
State Bank Activities/Investments4
Approved
Denied
Conversion of Mutual Institutions
Non-Objection
Objection

2019

2018

2017

15

17

12

15

17

12

0

0

0

548

533

500

548

533

500

0

0

0

243

224

218

243

224

218

0

0

0

87

120

104

87

120

104

5

7

1

82

113

103

0

0

0

0

0

0

0

0

0

12

21

17

12

21

17

0

0

0

3

5

12

3

5

11

0

0

1

2

0

1

2

0

1

0

0

0

20

9

2

20

9

2

0

0

0

4

2

5

4

2

5

0

0

0

1

Includes deposit insurance application filed on behalf of (1) newly organized institutions, (2) existing uninsured financial services companies
seeking establishment as an insured institution, and (3) interim institutions established to facilitate merger or conversion transactions, and
applications to facilitate the establishment of thrift holding companies.

2

Under Section 19 of the Federal Deposit Insurance (FDI) Act, an insured institution must receive FDIC approval before employing a person
convicted of dishonesty or breach of trust. Under Section 32, the FDIC must approve any change of directors or senior executive officers at a
state nonmember bank that is not in compliance with capital requirements or is otherwise in troubled condition.

3

Section 28 of the FDI Act, in general, prohibits a federally-insured state savings association from engaging in an activity not permissible for a
federal savings association and requires notices or applications to be filed with the FDIC.

4

Section 24 of the FDI Act, in general, prohibits a federally-insured state bank from engaging in an activity not permissible for a national bank and
requires notices or applications to be filed with the FDIC.

APPENDICES

131

ANNUAL
REPORT
COMBINED RISK AND CONSUMER ENFORCEMENT ACTIONS
Total Number of Actions Initiated by the FDIC
Termination of Insurance
Involuntary Termination
Sec. 8a For Violations, Unsafe/Unsound Practices or Conditions
Voluntary Termination
Sec. 8a By Order Upon Request
Sec. 8p No Deposits
Sec. 8q Deposits Assumed
Sec. 8b Cease-and-Desist Actions
Notices of Charges Issued
Orders to Pay Restitution
Consent Orders
Personal Cease and Desist Orders
Sec. 8e Removal/Prohibition of Director or Officer
Notices of Intention to Remove/Prohibit
Consent Orders
Sec. 8g Suspension/Removal When Charged With Crime
Civil Money Penalties Issued
Sec. 7a Call Report Penalties
Sec. 8i Civil Money Penalties
Sec. 8i Civil Money Penalty Notices of Assessment
Sec. 10c Orders of Investigation
Sec. 19 Waiver Orders
Approved Section 19 Waiver Orders
Denied Section 19 Waiver Orders
Sec. 32 Notices Disapproving Officer/Director’s Request for Review
Truth-in-Lending Act Reimbursement Actions
Denials of Requests for Relief
Grants of Relief
Banks Making Reimbursement1
Suspicious Activity Reports (Open and closed institutions)1
Other Actions Not Listed2

2019

2018

2017

182

177

231

17

8

9

0

0

0

0

0

0

17

8

9

0

0

0

12

7

8

5

1

1

24

23

26

1

1

0

0

5

4

18

17

14

5

0

8

34

52

65

1

2

7

33

50

58

0

0

0

29

25

47

0

0

0

27

23

42

2

2

5

11

6

9

64

59

71

64

59

71

0

0

0

0

0

0

58

91

135

0

0

0

0

0

0

58

91

135

225,270

193,585

182,647

3

4

4

1

These actions do not constitute the initiation of a formal enforcement action and, therefore, are not included in the total number of actions initiated.

2

The Other Actions Not Listed were, in 2019: 3 Supervisory Prompt Corrective Action Directives and 1 Other Formal Action; in 2018: 2 Supervisory
Prompt Corrective Action Directives, 1 Temporary Cease and Desist Order and 1 Other Formal Action; and 2017: 1 Supervisory Prompt Corrective
Action Directive and 3 Other Formal Actions.

132

APPENDICES

2019
ESTIMATED INSURED DEPOSITS AND THE DEPOSIT INSURANCE FUND,
DECEMBER 31, 1934, THROUGH SEPTEMBER 30, 20191
Dollars in Millions (except Insurance Coverage)
Deposits in Insured
Institutions2
Year

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
1990
1989
1988
1987
1986

Insurance
Coverage2

$250,000
250,000
250,000
250,000
250,000
250,000
250,000
250,000
250,000
250,000
250,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000
100,000

Insurance Fund as
a Percentage of

Total Domestic
Deposits

Est. Insured
Deposits

Percentage
of Domestic
Deposits

Deposit
Insurance
Fund

Total
Domestic
Deposits

Est. Insured
Deposits

$13,018,939
12,659,395
12,129,503
11,693,371
10,952,922
10,410,687
9,825,479
9,474,720
8,782,291
7,887,858
7,705,354
7,505,408
6,921,678
6,640,097
6,229,753
5,724,621
5,223,922
4,916,078
4,564,064
4,211,895
3,885,826
3,817,150
3,602,189
3,454,556
3,318,595
3,184,410
3,220,302
3,275,530
3,331,312
3,415,464
3,412,503
2,337,080
2,198,648
2,162,687

$7,736,888
7,525,393
7,156,067
6,917,200
6,518,675
6,195,554
5,998,238
7,402,053
6,973,483
6,301,542
5,407,773
4,750,783
4,292,211
4,153,808
3,890,930
3,622,059
3,452,497
3,383,598
3,215,581
3,055,108
2,869,208
2,850,452
2,746,477
2,690,439
2,663,873
2,588,619
2,602,781
2,677,709
2,733,387
2,784,838
2,755,471
1,756,771
1,657,291
1,636,915

59.4
59.4
59.0
59.2
59.5
59.5
61.0
78.1
79.4
79.9
70.2
63.3
62.0
62.6
62.5
63.3
66.1
68.8
70.5
72.5
73.8
74.7
76.2
77.9
80.3
81.3
80.8
81.7
82.1
81.5
80.7
75.2
75.4
75.7

$108,939.7
102,608.9
92,747.5
83,161.5
72,600.2
62,780.2
47,190.8
32,957.8
11,826.5
(7,352.2)
(20,861.8)
17,276.3
52,413.0
50,165.3
48,596.6
47,506.8
46,022.3
43,797.0
41,373.8
41,733.8
39,694.9
39,452.1
37,660.8
35,742.8
28,811.5
23,784.5
14,277.3
178.4
(6,934.0)
4,062.7
13,209.5
14,061.1
18,301.8
18,253.3

0.84
0.81
0.76
0.71
0.66
0.60
0.48
0.35
0.13
(0.09)
(0.27)
0.23
0.76
0.76
0.78
0.83
0.88
0.89
0.91
0.99
1.02
1.03
1.05
1.03
0.87
0.75
0.44
0.01
(0.21)
0.12
0.39
0.60
0.83
0.84

1.41
1.36
1.30
1.20
1.11
1.01
0.79
0.45
0.17
(0.12)
(0.39)
0.36
1.22
1.21
1.25
1.31
1.33
1.29
1.29
1.37
1.38
1.38
1.37
1.33
1.08
0.92
0.55
0.01
(0.25)
0.15
0.48
0.80
1.10
1.12

APPENDICES

133

ANNUAL
REPORT
ESTIMATED INSURED DEPOSITS AND THE DEPOSIT INSURANCE FUND,
DECEMBER 31, 1934, THROUGH SEPTEMBER 30, 20191 (continued)
Dollars in Millions (except Insurance Coverage)
Deposits in Insured
Institutions2
Year

Insurance
Coverage2

1985
1984
1983
1982
1981
1980
1979
1978
1977
1976
1975
1974
1973
1972
1971
1970
1969
1968
1967
1966
1965
1964
1963
1962
1961
1960
1959
1958
1957
1956
1955
1954
1953
1952

100,000
100,000
100,000
100,000
100,000
100,000
40,000
40,000
40,000
40,000
40,000
40,000
20,000
20,000
20,000
20,000
20,000
15,000
15,000
15,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000

134

Total Domestic
Deposits

1,975,030
1,805,334
1,690,576
1,544,697
1,409,322
1,324,463
1,226,943
1,145,835
1,050,435
941,923
875,985
833,277
766,509
697,480
610,685
545,198
495,858
491,513
448,709
401,096
377,400
348,981
313,304
297,548
281,304
260,495
247,589
242,445
225,507
219,393
212,226
203,195
193,466
188,142

Insurance Fund as
a Percentage of

Est. Insured
Deposits

Percentage
of Domestic
Deposits

Deposit
Insurance
Fund

Total
Domestic
Deposits

Est. Insured
Deposits

1,510,496
1,393,421
1,268,332
1,134,221
988,898
948,717
808,555
760,706
692,533
628,263
569,101
520,309
465,600
419,756
374,568
349,581
313,085
296,701
261,149
234,150
209,690
191,787
177,381
170,210
160,309
149,684
142,131
137,698
127,055
121,008
116,380
110,973
105,610
101,841

76.5
77.2
75.0
73.4
70.2
71.6
65.9
66.4
65.9
66.7
65.0
62.4
60.7
60.2
61.3
64.1
63.1
60.4
58.2
58.4
55.6
55.0
56.6
57.2
57.0
57.5
57.4
56.8
56.3
55.2
54.8
54.6
54.6
54.1

17,956.9
16,529.4
15,429.1
13,770.9
12,246.1
11,019.5
9,792.7
8,796.0
7,992.8
7,268.8
6,716.0
6,124.2
5,615.3
5,158.7
4,739.9
4,379.6
4,051.1
3,749.2
3,485.5
3,252.0
3,036.3
2,844.7
2,667.9
2,502.0
2,353.8
2,222.2
2,089.8
1,965.4
1,850.5
1,742.1
1,639.6
1,542.7
1,450.7
1,363.5

0.91
0.92
0.91
0.89
0.87
0.83
0.80
0.77
0.76
0.77
0.77
0.73
0.73
0.74
0.78
0.80
0.82
0.76
0.78
0.81
0.80
0.82
0.85
0.84
0.84
0.85
0.84
0.81
0.82
0.79
0.77
0.76
0.75
0.72

1.19
1.19
1.22
1.21
1.24
1.16
1.21
1.16
1.15
1.16
1.18
1.18
1.21
1.23
1.27
1.25
1.29
1.26
1.33
1.39
1.45
1.48
1.50
1.47
1.47
1.48
1.47
1.43
1.46
1.44
1.41
1.39
1.37
1.34

APPENDICES

2019
ESTIMATED INSURED DEPOSITS AND THE DEPOSIT INSURANCE FUND,
DECEMBER 31, 1934, THROUGH SEPTEMBER 30, 20191 (continued)
Dollars in Millions (except Insurance Coverage)
Deposits in Insured
Institutions2
Year

Insurance
Coverage2

1951
1950
1949
1948
1947
1946
1945
1944
1943
1942
1941
1940
1939
1938
1937
1936
1935
1934

10,000
10,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000
5,000

Total Domestic
Deposits

178,540
167,818
156,786
153,454
154,096
148,458
157,174
134,662
111,650
89,869
71,209
65,288
57,485
50,791
48,228
50,281
45,125
40,060

Est. Insured
Deposits

96,713
91,359
76,589
75,320
76,254
73,759
67,021
56,398
48,440
32,837
28,249
26,638
24,650
23,121
22,557
22,330
20,158
18,075

Insurance Fund as
a Percentage of
Percentage
of Domestic
Deposits

54.2
54.4
48.8
49.1
49.5
49.7
42.6
41.9
43.4
36.5
39.7
40.8
42.9
45.5
46.8
44.4
44.7
45.1

Deposit
Insurance
Fund

1,282.2
1,243.9
1,203.9
1,065.9
1,006.1
1,058.5
929.2
804.3
703.1
616.9
553.5
496.0
452.7
420.5
383.1
343.4
306.0
291.7

Total
Domestic
Deposits

Est. Insured
Deposits

0.72
0.74
0.77
0.69
0.65
0.71
0.59
0.60
0.63
0.69
0.78
0.76
0.79
0.83
0.79
0.68
0.68
0.73

1.33
1.36
1.57
1.42
1.32
1.44
1.39
1.43
1.45
1.88
1.96
1.86
1.84
1.82
1.70
1.54
1.52
1.61

1

For 2019, figures are as of September 30; all other prior years are as of December 31. Prior to 1989, figures are for the Bank Insurance Fund
(BIF) only and exclude insured branches of foreign banks. For 1989 to 2005, figures represent the sum of the BIF and Savings Association
Insurance Fund (SAIF) amounts; for 2006 to 2019, figures are for DIF. Amounts for 1989-2019 include insured branches of foreign banks. Prior to
year-end 1991, insured deposits were estimated using percentages determined from June Call and Thrift Financial Reports.

2

The year-end 2008 coverage limit and estimated insured deposits do not reflect the temporary increase to $250,000 then in effect under the
Emergency Economic Stabilization Act of 2008. The Dodd-Frank Wall Street Reform and Consumer Protection (Dodd-Frank) Act made this
coverage limit permanent. The year-end 2009 coverage limit and estimated insured deposits reflect the $250,000 coverage limit. The Dodd-Frank
Act also temporarily provided unlimited coverage for non-interest bearing transaction accounts for two years beginning December 31, 2010.
Coverage for certain retirement accounts increased to $250,000 in 2006. Initial coverage limit was $2,500 from January 1 to June 30, 1934.

APPENDICES

135

ANNUAL
REPORT
INCOME AND EXPENSES, DEPOSIT INSURANCE FUND,
FROM BEGINNING OF OPERATIONS,
SEPTEMBER 11, 1933, THROUGH DECEMBER 31, 2019
Dollars in Millions
Income

Expenses and Losses

Year

Total

Assessment
Income

Assessment
Credits

Investment
and Other

TOTAL

$260,559.2

$190,764.4

$12,096.5

$81,891.3

2019

7,095.3

5,642.7

703.6

2,156.2

2018

11,170.8

9,526.7

0.0

2017

11,663.7

10,594.8

0.0

2016

10,674.1

9,986.6

2015

9,303.5

8,846.8

2014

8,965.1

2013

10,458.9

2012

Effective
Assessment
Rate1

Total

Provision
for
Ins. Losses

$151,024.5

$106,443.1

Admin.
and
Operating
Expenses2

Net Income/
(Loss)

$109,674.2

$9,472.2

$139.5

0.0313%

513.2

(1,285.5)

1,795.6

3.1

0

1,644.1

0.0626%

1,205.2

(562.6)

1,764.7

3.1

0

9,965.6

1,068.9

0.0716%

1,558.2

(183.1)

1,739.4

2.0

0

10,105.5

0.0

687.5

0.0699%

150.6

(1,567.9)

1,715.0

3.5

0

10,523.5

0.0

456.7

0.0647%

(553.2)

(2,251.3)

1,687.2

10.9

0

9,856.7

8,656.1

0.0

309.0

0.0663%

(6,634.7)

(8,305.5)

1,664.3

6.5

0

15,599.8

9,734.2

0.0

724.7

0.0775%

(4,045.9)

(5,659.4)

1,608.7

4.8

0

14,504.8

18,522.3

12,397.2

0.2

6,125.3

0.1012%

(2,599.0)

(4,222.6)

1,777.5

(153.9)

0

21,121.3

2011

16,342.0

13,499.5

0.9

2,843.4

0.1115%

(2,915.4)

(4,413.6)

1,625.4

(127.2)

0

19,257.4

2010

13,379.9

13,611.2

0.8

(847.8)

1,592.6

(669.8)

0

13,304.9

2009

24,706.4

17,865.4

148.0

2008

7,306.3

4,410.4

1,445.9

2007

3,196.2

3,730.9

2006

2,643.5

2005

2,420.5

2004
2003

6,582.1

0.1772%

75.0

6,989.0

0.2330%

60,709.0

57,711.8

1,271.1

1,726.1

0

(36,002.6)

4,341.8

0.0418%

44,339.5

41,838.8

1,033.5

1,467.2

0

(37,033.2)

3,088.0

2,553.3

0.0093%

1,090.9

95.0

992.6

3.3

0

2,105.3

31.9

0.0

2,611.6

0.0005%

904.3

(52.1)

950.6

5.8

0

1,739.2

60.9

0.0

2,359.6

0.0010%

809.3

(160.2)

965.7

3.8

0

1,611.2

2,240.3

104.2

0.0

2,136.1

0.0019%

607.6

2,173.6

94.8

0.0

2,078.8

0.0019%

(67.7)

2002

2,384.7

107.8

0.0

2,276.9

0.0023%

719.6

2001

2,730.1

83.2

0.0

2,646.9

0.0019%

3,123.4

2,199.3

2000

2,570.1

64.3

0.0

2,505.8

0.0016%

945.2

1999

2,416.7

48.4

0.0

2,368.3

0.0013%

2,047.0

1998

2,584.6

37.0

0.0

2,547.6

0.0010%

817.5

(5.7)

1997

2,165.5

38.6

0.0

2,126.9

0.0011%

247.3

(505.7)

1996

7,156.8

5,294.2

0.0

1,862.6

0.1622%

353.6

(417.2)

1995

5,229.2

3,877.0

0.0

1,352.2

0.1238%

202.2

1994

7,682.1

6,722.7

0.0

959.4

0.2192%

1993

7,354.5

6,682.0

0.0

672.5

0.2157%

1992

6,479.3

5,758.6

0.0

720.7

0.1815%

1991

5,886.5

5,254.0

0.0

632.5

0.1613%

1990

3,855.3

2,872.3

0.0

983.0

1989

3,494.8

1,885.0

0.0

1,609.8

1988

3,347.7

1,773.0

0.0

1987

3,319.4

1,696.0

1986

3,260.1

1,516.9

1985

3,385.5

1984

3,099.5

1983

2,628.1

136

(230.5)

$35,109.3

Interest
& Other
Ins.
Expenses

Funding
Transfer
from the
FSLIC
Resolution Fund

(353.4)

941.3

19.7

0

1,632.7

(1,010.5)

935.5

7.3

0

2,241.3

(243.0)

945.1

17.5

0

1,665.1

887.9

36.2

0

28.0

883.9

33.3

0

1,199.7

823.4

23.9

0

369.7

782.6

40.6

0

1,767.1

677.2

75.8

0

1,918.2

568.3

202.5

0

6,803.2

(354.2)

510.6

45.8

0

5,027.0

(1,825.1)

(2,459.4)

443.2

191.1

0

9,507.2

(6,744.4)

(7,660.4)

418.5

497.5

0

14,098.9

(596.8)

(2,274.7)

614.83

1,063.1

35.4

7,111.5

16,925.3

15,496.2

326.1

1,103.0

42.4

(10,996.4)

0.0868%

13,059.3

12,133.1

275.6

650.6

56.1

(9,147.9)

0.0816%

4,352.2

3,811.3

219.9

321.0

5.6

(851.8)

1,574.7

0.0825%

7,588.4

6,298.3

223.9

1,066.2

0

(4,240.7)

0.0

1,623.4

0.0833%

3,270.9

2,996.9

204.9

69.1

0

48.5

0.0

1,743.2

0.0787%

2,963.7

2,827.7

180.3

(44.3)

0

296.4

1,433.5

0.0

1,952.0

0.0815%

1,957.9

1,569.0

179.2

209.7

0

1,427.6

1,321.5

0.0

1,778.0

0.0800%

1,999.2

1,633.4

151.2

214.6

0

1,100.3

1,214.9

164.0

1,577.2

0.0714%

969.9

675.1

135.7

159.1

0

1,658.2

APPENDICES

(393.3)
1,624.9

2019
INCOME AND EXPENSES, DEPOSIT INSURANCE FUND,
FROM BEGINNING OF OPERATIONS,
SEPTEMBER 11, 1933, THROUGH DECEMBER 31, 2019 (continued)
Dollars in Millions
Income

Year

Total

Assessment
Income

Expenses and Losses

Assessment
Credits

Investment
and Other

Effective
Assessment
Rate1

Total

Provision
for
Ins. Losses

Admin.
and
Operating
Expenses2

Interest
& Other
Ins.
Expenses

Funding
Transfer
from the
FSLIC
Resolution Fund

Net Income/
(Loss)

1982

2,524.6

1,108.9

96.2

1,511.9

0.0769%

999.8

126.4

129.9

743.5

0

1,524.8

1981

2,074.7

1,039.0

117.1

1,152.8

0.0714%

848.1

320.4

127.2

400.5

0

1,226.6

1980

1,310.4

951.9

521.1

879.6

0.0370%

83.6

(38.1)

118.2

3.5

0

1,226.8

1979

1,090.4

881.0

524.6

734.0

0.0333%

93.7

(17.2)

106.8

4.1

0

996.7

1978

952.1

810.1

443.1

585.1

0.0385%

148.9

36.5

103.3

9.1

0

803.2

1977

837.8

731.3

411.9

518.4

0.0370%

113.6

20.8

89.3

3.5

0

724.2

1976

764.9

676.1

379.6

468.4

0.0370%

212.3

28.0

180.4

3.9

0

552.6

1975

689.3

641.3

362.4

410.4

0.0357%

97.5

27.6

67.7

2.2

0

591.8

1974

668.1

587.4

285.4

366.1

0.0435%

159.2

97.9

59.2

2.1

0

508.9

1973

561.0

529.4

283.4

315.0

0.0385%

108.2

52.5

54.4

1.3

0

452.8

1972

467.0

468.8

280.3

278.5

0.0333%

65.7

10.1

49.6

6.0 5

0

401.3

1971

415.3

417.2

241.4

239.5

0.0345%

60.3

13.4

46.9

0.0

0

355.0

1970

382.7

369.3

210.0

223.4

0.0357%

46.0

3.8

42.2

0.0

0

336.7

1969

335.8

364.2

220.2

191.8

0.0333%

34.5

1.0

33.5

0.0

0

301.3

1968

295.0

334.5

202.1

162.6

0.0333%

29.1

0.1

29.0

0.0

0

265.9

1967

263.0

303.1

182.4

142.3

0.0333%

27.3

2.9

24.4

0.0

0

235.7

1966

241.0

284.3

172.6

129.3

0.0323%

19.9

0.1

19.8

0.0

0

221.1

1965

214.6

260.5

158.3

112.4

0.0323%

22.9

5.2

17.7

0.0

0

191.7

1964

197.1

238.2

145.2

104.1

0.0323%

18.4

2.9

15.5

0.0

0

178.7

1963

181.9

220.6

136.4

97.7

0.0313%

15.1

0.7

14.4

0.0

0

166.8

1962

161.1

203.4

126.9

84.6

0.0313%

13.8

0.1

13.7

0.0

0

147.3

1961

147.3

188.9

115.5

73.9

0.0323%

14.8

1.6

13.2

0.0

0

132.5

1960

144.6

180.4

100.8

65.0

0.0370%

12.5

0.1

12.4

0.0

0

132.1

1959

136.5

178.2

99.6

57.9

0.0370%

12.1

0.2

11.9

0.0

0

124.4

1958

126.8

166.8

93.0

53.0

0.0370%

11.6

0.0

11.6

0.0

0

115.2

1957

117.3

159.3

90.2

48.2

0.0357%

9.7

0.1

9.6

0.0

0

107.6

1956

111.9

155.5

87.3

43.7

0.0370%

9.4

0.3

9.1

0.0

0

102.5

1955

105.8

151.5

85.4

39.7

0.0370%

9.0

0.3

8.7

0.0

0

96.8

1954

99.7

144.2

81.8

37.3

0.0357%

7.8

0.1

7.7

0.0

0

91.9

1953

94.2

138.7

78.5

34.0

0.0357%

7.3

0.1

7.2

0.0

0

86.9

1952

88.6

131.0

73.7

31.3

0.0370%

7.8

0.8

7.0

0.0

0

80.8

1951

83.5

124.3

70.0

29.2

0.0370%

6.6

0.0

6.6

0.0

0

76.9

1950

84.8

122.9

68.7

30.6

0.0370%

7.8

1.4

6.4

0.0

0

77.0

1949

151.1

122.7

0.0

28.4

0.0833%

6.4

0.3

6.1

0.0

0

144.7

1948

145.6

119.3

0.0

26.3

0.0833%

7.0

0.7

6.36

0.0

0

138.6

1947

157.5

114.4

0.0

43.1

0.0833%

9.9

0.1

9.8

0.0

0

147.6

1946

130.7

107.0

0.0

23.7

0.0833%

10.0

0.1

9.9

0.0

0

120.7

1945

121.0

93.7

0.0

27.3

0.0833%

9.4

0.1

9.3

0.0

0

111.6

APPENDICES

4

137

ANNUAL
REPORT
INCOME AND EXPENSES, DEPOSIT INSURANCE FUND,
FROM BEGINNING OF OPERATIONS,
SEPTEMBER 11, 1933, THROUGH DECEMBER 31, 2019 (continued)
Dollars in Millions
Income

Year

1

Assessment
Income

Total

Expenses and Losses

Assessment
Credits

Investment
and Other

Effective
Assessment
Rate1

Total

Provision
for
Ins. Losses

Admin.
and
Operating
Expenses2

Interest
& Other
Ins.
Expenses

Funding
Transfer
from the
FSLIC
Resolution Fund

Net Income/
(Loss)

1944

99.3

80.9

0.0

18.4

0.0833%

9.3

0.1

9.2

0.0

0

90.0

1943

86.6

70.0

0.0

16.6

0.0833%

9.8

0.2

9.6

0.0

0

76.8

1942

69.1

56.5

0.0

12.6

0.0833%

10.1

0.5

9.6

0.0

0

59.0

1941

62.0

51.4

0.0

10.6

0.0833%

10.1

0.6

9.5

0.0

0

51.9

1940

55.9

46.2

0.0

9.7

0.0833%

12.9

3.5

9.4

0.0

0

43.0

1939

51.2

40.7

0.0

10.5

0.0833%

16.4

7.2

9.2

0.0

0

34.8

1938

47.7

38.3

0.0

9.4

0.0833%

11.3

2.5

8.8

0.0

0

36.4

1937

48.2

38.8

0.0

9.4

0.0833%

12.2

3.7

8.5

0.0

0

36.0

1936

43.8

35.6

0.0

8.2

0.0833%

10.9

2.6

8.3

0.0

0

32.9

1935

20.8

11.5

0.0

9.3

0.0833%

11.3

2.8

8.5

0.0

0

9.5

1933-34

7.0

0.0

0.0

7.0

N/A

10.0

0.2

9.8

0.0

0

(3.0)

The effective assessment rate is calculated from annual assessment income (net of assessment credits), excluding transfers to the Financing
Corporation (FICO), Resolution Funding Corporation (REFCORP) and FSLIC Resolution Fund, divided by the average assessment base. Figures
represent only BIF-insured institutions prior to 1990, and BIF- and SAIF-insured institutions from 1990 through 2005. After 1995, all thrift closings
became the responsibility of the FDIC and amounts are reflected in the SAIF. Beginning in 2006, figures are for the DIF.
The annualized assessment rate for 2019 is based on full year assessment income divided by a four quarter average of 2019 quarterly
assessment base amounts. The assessment base for fourth quarter 2019 was estimated using the third quarter 2019 assessment base and an
assumed quarterly growth rate of one percent.
Historical Assessment Rates:

1934 – 1949

The statutory assessment rate was 0.0833 percent.

1950 – 1984

The effective assessment rates varied from the
statutory rate of 0.0833 percent due to assessment
credits provided in those years.

1985 – 1989

The statutory assessment rate was 0.0833 percent (no
credits were given).

1990
1991 – 1992

1993 – 2006

138

of 1996. In 1996, the SAIF collected a one-time special
assessment of $4.5 billion. Subsequently, assessment
rates for the SAIF were lowered to the same range as
the BIF, effective October 1996. This range of rates
remained unchanged for both funds through 2006.
2007 – 2008

As part of the implementation of the Federal Deposit
Insurance Reform Act of 2005, assessment rates
were increased to a range of 0.05 percent to 0.43
percent of assessable deposits effective at the start
of 2007, but many institutions received a one-time
assessment credit ($4.7 billion in total) to offset the new
assessments.

2009 – 2011

For the first quarter of 2009, assessment rates were
increased to a range of 0.12 percent to 0.50 percent
of assessable deposits. On June 30, 2009, a special
assessment was imposed on all insured banks and
thrifts, which amounted in aggregate to approximately
$5.4 billion. For 8,106 institutions, with $9.3 trillion in
assets, the special assessment was 5 basis points of
each insured institution’s assets minus tier one capital;
89 other institutions, with assets of $4.0 trillion, had
their special assessment capped at 10 basis points
of their second quarter assessment base. From the
second quarter of 2009 through the first quarter of 2011,
initial assessment rates ranged between 0.12 percent
and 0.45 percent of assessable deposits. Initial rates
were subject to further adjustments.

The statutory rate increased to 0.12 percent.
The statutory rate increased to a minimum of 0.15
percent. The effective rates in 1991 and 1992 varied
because the FDIC exercised new authority to increase
assessments above the statutory minimum rate when
needed.
Beginning in 1993, the effective rate was based on a
risk-related premium system under which institutions
paid assessments in the range of 0.23 percent to 0.31
percent. In May 1995, the BIF reached the mandatory
recapitalization level of 1.25 percent. As a result,
BIF assessment rates were reduced to a range of
0.04 percent to 0.31 percent of assessable deposits,
effective June 1995, and assessments totaling $1.5
billion were refunded in September 1995. Assessment
rates for the BIF were lowered again to a range of 0 to
0.27 percent of assessable deposits, effective the start

APPENDICES

2019
2011 – 2016

2016

Beginning in the second quarter of 2011, the
assessment base changed to average total
consolidated assets less average tangible equity (with
certain adjustments for banker’s banks and custodial
banks), as required by the Dodd-Frank Act. The FDIC
implemented a new assessment rate schedule at the
same time to conform to the larger assessment base.
Initial assessment rates were lowered to a range of
0.05 percent to 0.35 percent of the new base. The
annualized assessment rates averaged approximately
17.6 cents per $100 of assessable deposits for the first
quarter of 2011 and 11.1 cents per $100 of the new
base for the last three quarters of 2011 (which is shown
in the table).

2018

The 4.5 basis point surcharge imposed on large banks
ended effective October 1, 2018. The annualized
assessment rates averaged approximately 7.2 cents
per $100 of the assessable base for the first three
quarters of 2018 and 3.5 cents per $100 of the
assessment base for the last quarter of 2018. The full
year annualized assessment rate averaged 6.3 cents
per $100 (which is shown in the table).

2019

Assessment income for 2019 included the application
of small bank credits in the second, third, and fourth
quarters, for a total of $704 million.

Beginning July 1, 2016, initial assessment rates were
lowered from a range of 5 basis points to 35 basis
points to a range of 3 basis points to 30 basis points,
and an additional surcharge was imposed on large
banks (generally institutions with $10 billion or more in
assets) of 4.5 basis points of their assessment base
(after making adjustments).

2

These expenses, which are presented as operating expenses in the Statement of Income and Fund Balance, pertain to the FDIC in its corporate
capacity only and do not include costs that are charged to the failed bank receiverships that are managed by the FDIC. The receivership
expenses are presented as part of the “Receivables from Resolutions, net” line on the Balance Sheet. The narrative and graph presented on page
87 of this report shows the aggregate (corporate and receivership) expenditures of the FDIC.

3

Includes $210 million for the cumulative effect of an accounting change for certain postretirement benefits (1992).

4

Includes a $106 million net loss on government securities (1976).

5

This amount represents interest and other insurance expenses from 1933 to 1972.

6

Includes the aggregate amount of $81 million of interest paid on capital stock between 1933 and 1948.

APPENDICES

139

ANNUAL
REPORT
FDIC INSURED INSTITUTIONS CLOSED DURING 2019
Dollars in Thousands
Codes for Bank Class:
NM =
		
N
=

State-chartered bank that is not a member of
the Federal Reserve System
National Bank

Name and Location

Bank
Class

Number
of
Deposit
Accounts

SB =
SI =
		

Savings bank
Stock and Mutual
Savings Bank

Total
Assets1

Total Deposits1

Insured
Deposit Funding
and Other
Disbursements

SM =
		
SA =

State-chartered bank that is a member
of the Federal Reserve System
Savings Association

Estimated Loss
to
the DIF2

Date of
Closing
or Acquisition

Receiver/Assuming
Bank and Location

Purchase and Assumption - All Deposits
Louisa
Community Bank
Louisa, KY

NM

1,584

$28,163

$25,174

$24,673

$4,547

10/25/19

Kentucky Farmers
Bank Corporation
Catlettsburg, KY

Resolute Bank
Maumee, OH

SM

739

$23,292

$22,885

$21,227

$2,188

10/25/19

Buckeye State
Bank
Powell, OH

City National Bank
of New Jersey
Newark, NJ

N

10,312

$120,574

$111,234

$110,647

$2,491

11/01/19

Industrial Bank
Washington, DC

1,363

$36,738

$31,254

$31,094

$21,577

05/31/19

Legend Bank,
N.A.
Bowie, TX

Insured Deposit Transfer
Enloe State Bank
Cooper, TX

NM

1

Total Assets and Total Deposits data are based upon the last Call Report filed by the institution prior to failure.

2

Estimated losses are as of December 31, 2019. Estimated losses are routinely adjusted with updated information from new appraisals and
asset sales, which ultimately affect the asset values and projected recoveries. Represents the estimated loss to the DIF from deposit insurance
obligations.

140

APPENDICES

2019
RECOVERIES AND LOSSES BY THE DEPOSIT INSURANCE FUND
ON DISBURSEMENTS FOR THE PROTECTION OF DEPOSITORS, 1934 - 2019
Dollars in Thousands
Bank and Thrift Failures1
Year2

Number
of Banks/
Thrifts

Total
Assets3

Total
Deposits3

Funding4

Final and
Estimated
Losses6

2019
2018
2017
2016
2015
2014
2013
2012
2011
20107
20097
20087
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
1990
1989
1988
1987
1986
1985
1984
1983
1982
1981
1980
1934 - 1979

2,627
4
0
8
5
8
18
24
51
92
157
140
25
3
0
0
4
3
11
4
7
8
3
1
6
6
13
41
120
124
168
206
200
184
138
116
78
44
32
7
10
558

$946,852,179
208,767
0
5,081,737
277,182
6,706,038
2,913,503
6,044,051
11,617,348
34,922,997
92,084,988
169,709,160
371,945,480
2,614,928
0
0
170,099
947,317
2,872,720
1,821,760
410,160
1,592,189
290,238
27,923
232,634
802,124
1,463,874
3,828,939
45,357,237
64,556,512
16,923,462
28,930,572
38,402,475
6,928,889
7,356,544
3,090,897
2,962,179
3,580,132
1,213,316
108,749
239,316
8,615,743

$713,129,053
$190,547
0
4,683,360
268,516
4,574,170
2,691,485
5,132,246
11,009,630
31,071,862
78,290,185
137,835,121
234,321,715
2,424,187
0
0
156,733
901,978
2,512,834
1,661,214
342,584
1,320,573
260,675
27,511
230,390
776,387
1,397,018
3,509,341
39,921,310
52,972,034
15,124,454
24,152,468
26,524,014
6,599,180
6,638,903
2,889,801
2,665,797
2,832,184
1,056,483
100,154
219,890
5,842,119

$582,048,662
187,641
0
4,596,003
262,243
4,565,684
2,684,528
5,022,368
11,042,913
30,717,287
82,305,089
136,081,390
205,833,992
1,920,200
0
0
139,244
883,772
1,567,805
21,131
297,313
1,308,316
293,117
25,546
201,533
609,043
1,224,769
3,841,658
14,541,476
21,501,772
10,812,484
11,443,281
10,432,655
4,876,994
4,632,121
2,154,955
2,165,036
3,042,392
545,612
114,944
152,355
5,133,173

$104,976,605
30,803
0
1,163,650
42,464
851,681
394,526
1,217,721
2,411,932
6,433,638
15,874,775
25,988,291
17,862,077
158,534
0
0
3,917
62,647
413,989
292,465
32,138
586,027
221,606
5,026
60,615
84,472
179,051
632,646
3,674,149
6,001,595
2,771,489
6,195,286
5,377,497
1,862,492
1,682,538
648,179
523,879
1,069,355
125,787
8,988
30,680
380,878

APPENDICES

141

ANNUAL
REPORT
RECOVERIES AND LOSSES BY THE DEPOSIT INSURANCE FUND ON
DISBURSEMENTS FOR THE PROTECTION OF DEPOSITORS, 1934 - 2019 (continued)
Dollars in Thousands
Assistance Transactions1

142

Year2

Number
of Banks/
Thrifts

Total
Assets3

Total
Deposits3

Funding4

Recoveries5

Estimated
Additional
Recoveries

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
20098
20088
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
1990
1989
1988
1987

154
0
0
0
0
0
0
0
0
0
0
8
5
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
3
1
1
80
19

$3,317,099,253
0
0
0
0
0
0
0
0
0
0
1,917,482,183
1,306,041,994
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
33,831
78,524
14,206
4,438
15,493,939
2,478,124

$1,442,173,417
0
0
0
0
0
0
0
0
0
0
1,090,318,282
280,806,966
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
33,117
75,720
14,628
6,396
11,793,702
2,275,642

$11,630,356
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1,486
6,117
4,935
2,548
1,730,351
160,877

$6,199,875
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1,236
3,093
2,597
252
189,709
713

$0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0

APPENDICES

Final and
Estimated
Losses6

$5,430,481
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
250
3,024
2,338
2,296
1,540,642
160,164

2019
RECOVERIES AND LOSSES BY THE DEPOSIT INSURANCE FUND ON
DISBURSEMENTS FOR THE PROTECTION OF DEPOSITORS, 1934 - 2019 (continued)
Dollars in Thousands
Assistance Transactions1 (continued)
Year2

Number
of Banks/
Thrifts

1986
1985
1984
1983
1982
1981
1980
1934-1979

7
4
2
4
10
3
1
4

Total
Assets3

712,558
5,886,381
40,470,332
3,611,549
10,509,286
4,838,612
7,953,042
1,490,254

Total
Deposits3

585,248
5,580,359
29,088,247
3,011,406
9,118,382
3,914,268
5,001,755
549,299

Funding4

158,848
765,732
5,531,179
764,690
1,729,538
774,055
0
0

Recoveries5

Estimated
Additional
Recoveries

65,669
406,676
4,414,904
427,007
686,754
1,265
0
0

0
0
0
0
0
0
0
0

Final and
Estimated
Losses6

93,179
359,056
1,116,275
337,683
1,042,784
772,790
0
0

1

Institutions for which the FDIC is appointed receiver, including deposit payoff, insured deposit transfer, and deposit assumption cases.

2

For 1990 through 2005, amounts represent the sum of BIF and SAIF failures (excluding those handled by the RTC); prior to1990, figures are only
for the BIF. After 1995, all thrift closings became the responsibility of the FDIC and amounts are reflected in the SAIF. For 2006 to 2019, figures
are for the DIF.

3

Assets and deposit data are based on the last Call Report or TFR filed before failure.

4

Funding represents the amounts provided by the DIF to receiverships for subrogated claims, advances for working capital, and administrative
expenses paid on their behalf. Between 2008 and 2013, the DIF resolved failures using whole-bank purchase and assumption transactions, most
with an accompanying shared-loss agreement (SLA). The DIF satisfies any resulting liabilities by offsetting receivables from resolutions when
receiverships declare a dividend and/or sending cash directly to receiverships to fund an SLA and other expenses.

5

Recoveries represent cash received and dividends (cash and non-cash) declared by receiverships.

6

Final losses represent actual losses for unreimbursed subrogated claims of inactivated receiverships. Estimated losses generally represent the
difference between the amount paid by the DIF to cover obligations to insured depositors and the estimated recoveries from the liquidation of
receivership assets.

7

Includes amounts related to transaction account coverage under the Transaction Account Guarantee Program (TAG). The estimated losses as of
December 31, 2019, for TAG accounts in 2010, 2009, and 2008 are $363 million, $1.1 billion, and $12 million, respectively.

8

Includes institutions where assistance was provided under a systemic risk determination.

APPENDICES

143

ANNUAL
REPORT
NUMBER, ASSETS, DEPOSITS, LOSSES, AND LOSS TO FUNDS OF INSURED
THRIFTS TAKEN OVER OR CLOSED BECAUSE OF FINANCIAL DIFFICULTIES,
1989 THROUGH 19951
Dollars in Thousands
Year

Number of
Institutions

Assets

Total

748

$393,986,574

Deposits

Final
Receivership
Loss2

Loss to
Fund3

$318,328,770

$75,977,846

$81,579,496

1995

2

423,819

414,692

28,192

27,750

1994

2

136,815

127,508

11,472

14,599

1993

10

6,147,962

5,708,253

267,595

65,212

1992

59

44,196,946

34,773,224

3,286,908

3,832,145

1991

144

78,898,904

65,173,122

9,235,967

9,734,263

1990

213

129,662,498

98,963,962

16,062,685

19,257,578

19894

318

134,519,630

113,168,009

47,085,027

48,647,949

1

Beginning in 1989 through July 1, 1995, all thrift closings were the responsibility of the Resolution Trust Corporation (RTC). Since the RTC was
terminated on December 31, 1995, and all assets and liabilities transferred to the FSLIC Resolution Fund (FRF), all the results of the thrift closing
activity from 1989 through 1995 are now reflected on the FRF’s books. Year is the year of failure, not the year of resolution.

2

The Final Receivership Loss represents the loss at the fund level from receiverships for unreimbursed subrogated claims of the FRF-RTC and
unpaid advances to receiverships from the FRF-RTC.

3

The Loss to Fund represents the total resolution cost of the failed thrifts in the FRF-RTC fund. In addition to the receivership losses, this
includes corporate revenue and expense items such as interest expense on Federal Financing Bank debt, interest expense on escrowed funds,
administrative expenses, and interest revenue on advances to receiverships.

4

Total for 1989 excludes nine failures of the former FSLIC.

144

APPENDICES

2019
B. MORE ABOUT THE FDIC
FDIC Board of Directors

Seated: Jelena McWilliams
Standing (left to right) Joseph M. Otting, Martin J. Gruenberg, and Kathleen L. Kraninger

Jelena McWilliams
Jelena McWilliams was sworn in as the 21st Chairman
of the FDIC on June 5, 2018. She serves a six-year term
on the FDIC Board of Directors, and is designated as
Chairman for a term of five years.
Ms. McWilliams was Executive Vice President, Chief
Legal Officer, and Corporate Secretary for Fifth Third
Bank in Cincinnati, Ohio. At Fifth Third Bank she
served as a member of the executive management team
and numerous bank committees including: Management

Compliance, Enterprise Risk, Risk and Compliance,
Operational Risk, Enterprise Marketing, and
Regulatory Change.
Prior to joining Fifth Third Bank, Ms. McWilliams
worked in the U.S. Senate for six years, most recently as
Chief Counsel and Deputy Staff Director with the Senate
Committee on Banking, Housing and Urban Affairs, and
previously as Assistant Chief Counsel with the Senate
Small Business and Entrepreneurship Committee.

APPENDICES

145

ANNUAL
REPORT
From 2007 to 2010, Ms. McWilliams served as an attorney
at the Federal Reserve Board of Governors, where she
drafted consumer protection regulations, reviewed and
analyzed comment letters on regulatory proposals, and
responded to consumer complaints.
Before entering public service, she practiced corporate
and securities law at Morrison & Foerster LLP in Palo
Alto, California, and Hogan & Hartson LLP (now
Hogan Lovells LLP) in Washington, D.C. In legal
practice, Ms. McWilliams advised management and
boards of directors on corporate governance, compliance,
and reporting requirements under the Securities Act of
1933 and the Securities Exchange Act of 1934. She also
represented publicly- and privately-held companies in
mergers and acquisitions, securities offerings, strategic
business ventures, venture capital investments, and general
corporate matters.
Ms. McWilliams graduated with highest honors from the
University of California at Berkeley with a B.S. in political
science, and earned her law degree from U.C. Berkeley
School of Law.

Martin J. Gruenberg
Martin J. Gruenberg is the 20th Chairman of the FDIC,
receiving Senate confirmation on November 15, 2012, for
a five-year term. Mr. Gruenberg served as Vice Chairman
and Member of the FDIC Board of Directors from
August 22, 2005, until his confirmation as Chairman.
He served as Acting Chairman from July 9, 2011, to
November 15, 2012, and also from November 16, 2005,
to June 26, 2006.
Mr. Gruenberg joined the FDIC Board after broad
congressional experience in the financial services and
regulatory areas. He served as Senior Counsel to Senator
Paul S. Sarbanes (D-MD) on the staff of the Senate
Committee on Banking, Housing, and Urban Affairs from
1993 to 2005. Mr. Gruenberg advised the Senator on
issues of domestic and international financial regulation,
monetary policy, and trade. He also served as Staff
Director of the Banking Committee’s Subcommittee on
International Finance and Monetary Policy from 1987
to 1992. Major legislation in which Mr. Gruenberg
played an active role during his service on the Committee
includes the Financial Institutions Reform, Recovery,

146

and Enforcement Act of 1989 (FIRREA); the Federal
Deposit Insurance Corporation Improvement Act of
1991 (FDICIA); the Gramm-Leach-Bliley Act; and the
Sarbanes-Oxley Act of 2002.
Mr. Gruenberg served as Chairman of the Executive
Council and President of the International Association
of Deposit Insurers (IADI) from November 2007
to November 2012. In addition, Mr. Gruenberg
has served as Chairman of the Board of Directors
of the Neighborhood Reinvestment Corporation
(NeighborWorks America) since June 2019, and a member
of the Board since April 2018.
Mr. Gruenberg holds a J.D. from Case Western Reserve
Law School and an A.B. from Princeton University,
Woodrow Wilson School of Public and International
Affairs.

Kathleen L. Kraninger
Kathy Kraninger became Director of the Consumer
Financial Protection Bureau (CFPB) in December, 2018.
From her early days as a Peace Corps volunteer, to her
role establishing the Department of Homeland Security
(DHS), to her policy work at the Office of Management
and Budget (OMB) to the CFPB, Director Kraninger has
dedicated her career to public service.
Director Kraninger came to the CFPB from OMB, where
as a Policy Associate Director she oversaw the budgets
for executive branch agencies including the Departments
of Commerce, Justice, DHS, Housing and Urban
Development, Department of Transportation (DOT),
and the Department of Treasury, in addition to 30 other
government agencies.
Previously she worked in the U.S. Senate, where she was
the Clerk for the Senate Appropriations Subcommittee
on Homeland Security, which provides DHS with its
$40 billion discretionary budget. On Capitol Hill, she
also worked for the House Appropriations Subcommittee
on Homeland Security as well as the Senate Homeland
Security and Governmental Affairs Committee.
Ms. Kraninger also served in executive branch posts with
DOT. There, after the terrorist attacks on September 11,
2001, she volunteered to join the leadership team that set
up the newly created DHS.

APPENDICES

2019
Her work at DHS led to awards including the Secretary
of Homeland Security’s Award of Exceptional Service, the
International Police and Public Safety 9/11 Medal, and the
Meritorious Public Service Award from the United States
Coast Guard.
Ms. Kraninger graduated magna cum laude from
Marquette University and earned a law degree from
Georgetown University Law Center. She served as a U.S.
Peace Corps Volunteer in Ukraine.

Joseph M. Otting
Joseph M. Otting was sworn in as the 31st Comptroller of
the Currency on November 27, 2017.
The Comptroller of the Currency is the administrator of
the federal banking system and chief officer of the Office
of the Comptroller of the Currency (OCC). The OCC
supervises nearly 1,400 national banks, federal savings
associations, and federal branches and agencies of foreign
banks operating in the United States. The mission of the
OCC is to ensure that national banks and federal savings
associations operate in a safe and sound manner, provide
fair access to financial services, treat customers fairly, and
comply with applicable laws and regulations.
The Comptroller also serves as a director of the Federal
Deposit Insurance Corporation and member of the
Financial Stability Oversight Council and the Federal
Financial Institutions Examination Council.
Prior to becoming Comptroller of the Currency, Mr.
Otting was an executive in the banking industry. He
served as President of CIT Bank and Co-President of
CIT Group.

Mr. Otting previously was President, Chief Executive
Officer, and a member of the Board of Directors of
OneWest Bank, N.A. Prior to joining OneWest Bank,
he served as Vice Chairman of U.S. Bancorp, where he
managed the Commercial Banking Group and served on
the Bancorp’s executive management committee. He also
served as a member of U.S. Bank’s main subsidiary banks’
Board of Directors.
From 1986 to 2001, Mr. Otting was with Union Bank
of California, where he was Executive Vice President and
Group Head of Commercial Banking. Before joining
Union Bank, he was with Bank of America and held
positions in branch management, preferred banking, and
commercial lending.
Mr. Otting has played significant roles in charitable
and community development organizations. He has
served as a board member for the California Chamber
of Commerce, the Killebrew-Thompson Memorial
foundation, the Associated Oregon Industries, the Oregon
Business Council, the Portland Business Alliance, the
Minnesota Chamber of Commerce, and Blue Cross
Blue Shield of Oregon. He was also a member of the
Financial Services Roundtable, the Los Angeles Chamber
of Commerce, and the Board and Executive Committee of
the Los Angeles Economic Development Corporation.
Mr. Otting holds a bachelor of arts in management from
the University of Northern Iowa and is a graduate of the
School of Credit and Financial Management, which was
held at Dartmouth College in Hanover, New Hampshire.

APPENDICES

147

148

APPENDICES
DIVISION OF INSURANCE
AND RESEARCH

Diane Ellis

COMPLEX INSTITUTION
SUPERVISION AND
RESOULUTION

Ricardo (Rick) Delfin

OFFICE OF
THE OMBUDSMAN

M. Anthony Lowe

OFFICE OF
LEGISLATIVE AFFAIRS

Andy Jiminez

Saul Schwartz

Director

Director

Director

Director

Director

Director

Maureen Sweeney

OFFICE OF MINORITY AND
WOMEN INCLUSION *

Director

Amy Thompson

Chief Learning Officer

Suzannah L. Susser

CISO

Zachary Brown

DIVISION OF RESOLUTIONS
AND RECEIVERSHIPS

Arthur Murton

DEPUTY TO THE CHAIRMAN
FOR FINANCIAL STABILITY

OFFICE OF
COMMUNICATIONS

Chad Davis

DEPUTY TO THE CHAIRMAN
FOR EXTERNAL AFFAIRS

CORPORATE
UNIVERSITY

Bret D. Edwards

DIVISION OF FINANCE

DIVISION OF ADMINISTRATION

Arleas Upton Kea

DEPUTY TO THE CHAIRMAN
AND CHIEF FINANCIAL OFFICER

DEPUTY TO THE CHAIRMAN
AND CHIEF OPERATING OFFICER

Administrative Law Judges

(1) Christopher B. McNeil
(2) Jennifer Whang

OFFICE OF FINANCIAL
INSTITUTION ADJUDICATION **

Travis Hill

DEPUTY TO THE CHAIRMAN
FOR POLICY

CFPB

Director

Doreen R. Eberley

DIVISION OF
RISK MANAGEMENT
SUPERVISION

Board Member

Kathleen L. Kraninger

Chief Innvovation Officer

Vacant

FDiTECH

Director

Mark E. Pearce

DIVISION OF
DEPOSITOR AND
CONSUMER PROTECTION

Leonard Chanin

DEPUTY TO THE CHAIRMAN
FOR CONSUMER PROTECTION
AND INNOVATION

* OMWI Director reports directly to the Chairman
** ALJs are supported administratively within the Legal Division

General Counsel

Nicholas Podsiadly

LEGAL DIVISION

Nicholas Podsiadly

GENERAL COUNSEL

Brandon Milhorn

Board Member

OCC

Joseph M. Otting

DEPUTY TO THE CHAIRMAN AND
CHIEF OF STAFF

OFFICE OF
CHIEF INFORMATION
SECURITY OFFICER

Sylvia W. Burns

CHIEF INFORMATION OFFICER
AND CHIEF PRIVACY OFFICER
DIVISION OF
INFORMATION TECHNOLOGY

Jay N. Lerner

Inspector General

Chairman

FDIC

BOARD OF DIRECTORS
Jelena McWilliams

OFFICE OF INSPECTOR GENERAL

Board Member

FDIC

Vice Chairman

FDIC

Martin J. Gruenberg

Vacant

FDIC ORGANIZATION CHART/OFFICIALS

ANNUAL
REPORT

2019
CORPORATE STAFFING
STAFFING TRENDS
9,000

6,000

3,000

0
2010

2011

2012

2013

2014

2015

2016

2017

2018

2019

8,150

7,973

7,476

7,254

6,631

6,385

6,096

5,880

5,693

5,593

FDIC Year–End On-Board Staffing
Notes: 2010-2019 staffing totals reflect year-end full time equivalent staff.

APPENDICES

149

ANNUAL
REPORT
NUMBER OF EMPLOYEES BY DIVISION/OFFICE (YEAR-END)1
Total
Division or Office:

2019

Division of Risk Management Supervision
Division of Depositor and Consumer Protection
Legal Division
Division of Administration
Division of Resolutions and Receiverships
Division of Complex Institution Supervision and Resolution2
Division of Information Technology
Corporate University
Division of Insurance and Research
Division of Finance
Executive Support Offices 3
Office of the Chief Information Security Officer
Executive Offices4
Office of Inspector General
TOTAL

Washington

2018

2019

Regional/

2018

2019

2018

2,318

2,499

174

207

2,145

2,293

794

816

123

122

671

694

440

474

298

314

142

160

353

353

247

246

106

108

323

387

89

119

234

268

243

62

113

49

130

13

237

280

173

216

64

64

217

204

210

197

7

7

204

204

166

168

38

36

156

164

152

160

4

4

110

67

103

60

7

7

41

37

41

37

0

0

30

20

30

20

0

0

128

126

78

80

50

46

5,593

5,693

1,995

1,994

3,598

3,699

1

The FDIC reports staffing totals using a full-time equivalent methodology, which is based on an employee’s scheduled work hours. Division/Office
staffing has been rounded to the nearest whole FTE. Totals may not foot due to rounding.

2

In 2019, the Office of Complex Financial Institution merged with parts of Risk Management Supervision and Division of Resolutions and
Receivership to create this new Division.

3

Includes the Offices of the Legislative Affairs, Communications, Ombudsman, CIO Management Services, FDI Tech, Financial Adjudication and
Minority and Women Inclusion.

4

Includes the Offices of the Chairman, Vice Chairman, Director (Appointive), Chief Operating Officer, Chief Financial Officer, Chief Information
Officer, Consumer Protection and Innovation, External Affairs, Policy and Financial Stability.

150

APPENDICES

2019
SOURCES OF INFORMATION
FDIC Website

Public Information Center

www.fdic.gov

3501 Fairfax Drive
Room E-1021
Arlington, VA 22226

A wide range of banking, consumer, and financial
information is available on the FDIC's website. This
includes the FDIC's Electronic Deposit Insurance
Estimator (EDIE), which estimates an individual’s deposit
insurance coverage; the Institution Directory, which
contains financial profiles of FDIC-insured institutions;
Community Reinvestment Act evaluations and ratings for
institutions supervised by the FDIC; Call Reports, which
are bank reports of condition and income; and Money
Smart, a training program to help individuals outside the
financial mainstream enhance their money management
skills and create positive banking relationships. Readers
also can access a variety of consumer pamphlets, FDIC
press releases, speeches, and other updates on the agency's
activities, as well as corporate databases and customized
reports of FDIC and banking industry information.

FDIC Call Center
Phone:

877-275-3342 (877-ASK-FDIC)
703-562-2222

Hearing Impaired:

Phone:

877-275-3342 (877-ASK-FDIC),
703-562-2200

Fax:

703-562-2296

FDIC Online Catalog:
E-mail:

https://catalog.fdic.gov

publicinfo@fdic.gov

Publications such as FDIC Quarterly and Consumer
News and a variety of deposit insurance and consumer
pamphlets are available at www.fdic.gov or may be ordered
in hard copy through the FDIC online catalog. Other
information, press releases, speeches and congressional
testimony, directives to financial institutions, policy
manuals, and FDIC documents are available on request
through the Public Information Center. Hours of
operation are 9:00 a.m. to 4:00 p.m., Eastern Time,
Monday – Friday.

Office of the Ombudsman

800-925-4618
703-562-2289

The FDIC Call Center in Washington, DC, is the primary
telephone point of contact for general questions from the
banking community, the public, and FDIC employees.
The Call Center directly, or with other FDIC subjectmatter experts, responds to questions about deposit
insurance and other consumer issues and concerns, as well
as questions about FDIC programs and activities. The
Call Center also refers callers to other federal and state
agencies as needed. Hours of operation are 8:00 a.m. to
8:00 p.m., Eastern Time, Monday – Friday, and 9:00 a.m.
to 5:00 p.m., Saturday – Sunday. Recorded information
about deposit insurance and other topics is available 24
hours a day at the same telephone number.
As a customer service, the FDIC Call Center has many
bilingual Spanish agents on staff and has access to a
translation service, which is able to assist with over 40
different languages.

3501 Fairfax Drive
Room E-2022
Arlington, VA 22226
Phone:

877-275-3342 (877-ASK-FDIC)

Fax:

703-562-6057

E-mail:

ombudsman@fdic.gov

The Office of the Ombudsman (OO) is an independent,
neutral, and confidential resource and liaison for the
banking industry and the general public. The OO
responds to inquiries about the FDIC in a fair, impartial,
and timely manner. It researches questions and fields
complaints from bankers and bank customers. OO
representatives are present at all bank closings to provide
accurate information to bank customers, the media,
bank employees, and the general public. The OO
also recommends ways to improve FDIC operations,
regulations, and customer service.

APPENDICES

151

ANNUAL
REPORT
REGIONAL AND AREA OFFICES
Atlanta Regional Office

Chicago Regional Office

Michael J. Dean, Regional Director
10 Tenth Street, NE
Suite 800
Atlanta, Georgia 30309
(678) 916-2200

John P. Conneely, Regional Director
300 South Riverside Plaza
Suite 1700
Chicago, Illinois 60606
(312) 382-6000

States Represented:
Alabama
Florida
Georgia
North Carolina
South Carolina
Virginia
West Virginia

States Represented:
Illinois
Indiana
Kentucky
Michigan
Ohio
Wisconsin

Dallas Regional Office

Memphis Area Office

Kristie K. Elmquist, Regional Director
1601 Bryan Street
Dallas, Texas 75201
(214) 754-0098

Kristie K. Elmquist, Director
6060 Primacy Parkway
Suite 300
Memphis, Tennessee 38119
(901) 685-1603

States Represented:
Colorado
New Mexico
Oklahoma
Texas

States Represented:
Arkansas
Louisiana
Mississippi
Tennessee

152

APPENDICES

2019
Kansas City Regional Office

New York Regional Office

James D. LaPierre, Regional Director
1100 Walnut Street
Suite 2100
Kansas City, Missouri 64106
(816) 234-8000

Frank R. Hughes, Regional Director
350 Fifth Avenue
Suite 1200
New York, New York 10118
(917) 320-2500

States Represented:
Iowa
Kansas
Minnesota
Missouri
Nebraska
North Dakota
South Dakota

States and Territories Represented:
Delaware
District of Columbia
Maryland
New Jersey
New York
Pennsylvania
Puerto Rico
Virgin Islands

Boston Area Office

San Francisco Regional Office

Frank R. Hughes, Director
15 Braintree Hill Office Park
Suite 200
Braintree, Massachusetts 02184
(781) 794-5500

Kathy L. Moe, Regional Director
25 Jessie Street at Ecker Square
Suite 2300
San Francisco, California 94105
(415) 546-0160

States Represented:
Connecticut
Maine
Massachusetts
New Hampshire
Rhode Island
Vermont

States and Territories Represented:
Alaska
American Samoa
Arizona
California
Federated States of Micronesia
Guam
Hawaii
Idaho
Montana
Nevada
Oregon
Utah
Washington
Wyoming

APPENDICES

153

ANNUAL
REPORT
C. OFFICE OF INSPECTOR GENERAL’S ASSESSMENT OF THE
MANAGEMENT AND PERFORMANCE CHALLENGES FACING THE FDIC

Top Management and Performance Challenges
Facing the Federal Deposit Insurance Corporation

February 2020


Federal Deposit Insurance Corporation
Office of Inspector General

154

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
INTRODUCTION
Each year, Federal Inspectors General are required to identify and report on the top challenges
facing their respective agencies, pursuant to the Reports Consolidation Act of 2000. The Office
of Inspector General (OIG) is therefore issuing this report, which identifies the Top Management
and Performance Challenges (TMPC) facing the Federal Deposit Insurance Corporation (FDIC).
This TMPC report is based upon the OIG’s experience and observations from our oversight
work, reports by other oversight bodies, review of academic and other relevant literature,
perspectives from Government agencies and officials, and information from private-sector
entities. We considered this body of information in light of the current operating environment
and circumstances and our independent judgment.
The FDIC faces Challenges in the following critical areas, a number of which remain from
previous years:










Keeping Pace with Emerging Financial Technologies;
Enhancing the FDIC’s Information Technology Security Program;
Ensuring the FDIC’s Readiness for Crises;
Sharing Threat Information with Banks and Examiners;
Strengthening the Governance of the FDIC;
Overseeing Human Resources;
Keeping FDIC Facilities, Information, and Personnel Safe and Secure;
Administering the Acquisition Process; and
Measuring Costs and Benefits of FDIC Regulations.

We believe that the FDIC should focus its attention on these Challenges, and we hope that this
document informs policy makers, including the FDIC and Congressional oversight bodies, and
the American public about the programs and operations at the FDIC and the Challenges it
faces.

APPENDICES

155

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
1|KEEPING PACE WITH EMERGING FINANCIAL TECHNOLOGIES
Technology is re-shaping consumers’ interactions with banks, changing the way banks do
business, and disrupting the banking industry. Emerging technologies promise potential benefits
but also introduce risk. Increased digital interconnections with multiple avenues to access
banking systems elevate cybersecurity risk because an incident at one digital juncture has the
potential to infect the entire banking system. The FDIC’s challenge is keeping pace with new
technology and the associated risks to banks, third-party service providers, and the banking
system. The key is for the FDIC to align supervisory guidance, examination procedures, and
supervisory strategies with rapidly evolving risks.
Use of financial technology is having a significant impact on banks and the banking industry.
Global investment in financial technologies was $37.9 billion in the first half of 2019. 1 More than
half of all consumers are interacting with banks through digital means. 2 Person-to-person
cashless transactions totaled more than $570 billion in 2018. 3 Consumers also prefer
connectivity among financial management applications and their bank accounts. 4
The FDIC Chairman has recognized that technology is “not simply transforming how customers
access financial services; it is transforming the business of banking both in the way consumers
interact with their financial institutions, and the way banks do business.” 5 Banks are
incorporating new technologies into bank processes and establishing partnerships with thirdparty financial technology companies. 6 Community banks, in particular, are working closely with
technology companies to develop solutions, such as reducing the time for loan underwriting and
digital credit applications. 7
Financial technologies offer banks potential benefits but also introduce a range of risks.
According to the Financial Stability Oversight Council (FSOC), 8 “[c]yber vulnerabilities in the
financial system include vulnerabilities to malware attacks, ransomware attacks, denial of
service attacks, data breaches, and other events. Such incidents have the potential to impact
tens or even hundreds of millions of Americans and result in financial losses of billions of dollars
due to disruption of operations, theft, and recovery costs.” 9
The FDIC Chairman stated that “[c]ybersecurity is the biggest threat facing America’s banks.” 10
The Office of the Comptroller of the Currency (OCC) similarly observed that “[o]perational risk is
elevated as banks adapt to a changing and increasingly complex operating environment,” and
key drivers are “the need to adapt and evolve current technology systems for ongoing

1

KPMG, The Pulse of Fintech 2019 – Biannual Global Analysis of Investment in Fintech, (July 31, 2019).
American Banker, 10 ways technology will change banking in 2019, (January 6, 2019).
3
Forbes, Venmo Versus Zelle: Who’s Winning the P2P Payments War?, (February 11, 2019).
4
American Banker, 10 ways technology will change banking in 2019, (January 6, 2019).
5
Jelena McWilliams, FDIC Chairman, Remarks at the CATO Summit on Financial Regulation, “If You Build It, They
Will Come,” (June 12, 2019).
6
American Banker, 10 ways technology will change banking in 2019, (January 6, 2019).
7
Bankrate, Community Banks Step Up Tech to Compete with Big Banks, Benefitting Customers, (May 31, 2019).
8
The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 established FSOC, which has
responsibility for identifying risks and responding to emerging threats to financial stability. FSOC brings together the
expertise of Federal financial regulators (including the FDIC), an independent insurance expert, and state regulators.
9
FSOC, 2019 Annual Report.
10
CNN Business, Banks could get fined for cyber breaches, top regulator says, (August 1, 2019).
2

156

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
cybersecurity threats.” 11 According to reports from the Department of the Treasury’s Financial
Crimes Enforcement Network (FinCEN), financial institutions reported 3,494 cyberattacks during
the first half of 2019. 12 Small banks (less than $1 billion in assets) were the victims of nearly
half (47 percent) of bank-related cybercrimes between 2012 and 2017. 13
In the Fall of 2019, the OCC recognized elevated cybersecurity risks as “malicious actors target
not only bank staff and processes but also bank customers and third parties.” 14 According to
Banking Technology Vision 2019 by the consulting firm Accenture, as interconnectivity among
banks, consumers, and third parties grows, “the potential points of weakness and vulnerability
also multiply.” 15 Hackers need only a single weakness to exploit and penetrate systems. 16
Banks’ use of advanced technology may also increase the risks of harm to consumers. For
example, the OCC noted that banks’ deployment of new technology may result in fair lending
issues. 17 When banks use artificial intelligence, they often use algorithm models and rules that
rely upon historical data. 18 If model rules are outdated or the data used in the algorithm models
are not representative of the current customer population, selection bias may occur. 19
Banks also face competitive risks from technology innovations of non-bank entities. The OCC
further noted that “[b]anks face strategic risks from non-depository financial institutions, use of
innovative and evolving technology, and progressive data analysis capabilities.” 20 According to
the Global Payments Pulse Survey 2019 conducted by Accenture, approximately $280 billion of
banks’ global payment revenue is likely to be displaced by non-bank competitors in the next
6 years. 21
Further, according to the Basel Committee on Banking Supervision, “[t]he estimated market
capitalization of crypto-assets reached a historical peak exceeding $800 billion in January
2018.” 22 Non-bank entities such as Facebook 23 and Walmart 24 have announced plans to
introduce cryptocurrencies. These privately controlled cryptocurrencies fall outside traditional

11

OCC, Semiannual Risk Perspective, (Fall 2019).
New York Times, Capital One Breach Shows a Bank Hacker Needs Just One Gap to Wreak Havoc,
(July 30, 2019).
13
Forbes, 5 Cybersecurity Myths Banks Should Stop Believing, (April 8, 2019).
14
OCC, Semiannual Risk Perspective, (Fall 2019).
15
Accenture, The Dawn of Banking in the Post-Digital Era – Banking Technology Vision 2019, (May 7, 2019).
16
New York Times, Capital One Breach Shows How a Bank Hacker Needs Just One Gap to Wreak Havoc,
(July 30, 2019).
17
OCC, Semiannual Risk Perspective, (Fall 2019).
18
American Banker, Don’t let AI trigger a fair-lending violation, (August 6, 2019).
19
American Banker, Don’t let AI trigger a fair-lending violation, (August 6, 2019).
20
OCC, Semiannual Risk Perspective, (Fall 2019).
21
Accenture, Global Payment Pulse Survey 2019.
22
Basel Committee on Banking Supervision, Discussion Paper: Designing a Prudential Treatment for Crypto-assets,
(December 2019).
23
Washington Post, Why governments around the world are afraid of Libra, Facebook’s cryptocurrency,
(July 12, 2019).
24
American Banker, Walmart crypto coin patent could be a back door to banking, (August 2, 2019). One bank, JP
Morgan Chase, plans to issue its own cryptocurrency called JPM Coin that will be used for international payments for
large institutional clients. See CNBC, JP Morgan is tolling out the first US bank-backed cryptocurrency to transform
payments business, (February 14, 2019).
12

APPENDICES

157

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
banking systems and may be beyond the reach of the current regulatory structures. 25 In
addition, certain banks are also testing the use of blockchain and distributed ledger
technologies, as well as digital currencies for cross-border transfers. 26
Modernizing FDIC Guidance and Understanding Risks of Financial Technology
FDIC policy makers should understand technology and its impact on the safety and soundness
of institutions in order to provide guidance to both bankers and examiners. Keeping policies
and guidance in step with technology is a challenge. According to the Department of the
Treasury, current financial statutes and regulations may not address new technology and
evolving business models. 27 Regulators should create an agile framework that encourages
innovation and sound risk management practices. 28 The FDIC Chairman has stated that:
In many cases, the cost to innovation is prohibitively high for community banks, which
often lack the expertise, information technology, and research and development budgets
to independent[ly] develop and deploy their own technology . . . [I]f our regulatory
framework does not evolve with technological advances in a manner that enables
partnerships between banks and fintechs, such innovation may not occur at community
banks. 29
Further, bank examiners need up-to-date examination procedures to effectively assess the risks
associated with new financial technologies.
The FDIC also faces challenges in issuing timely guidance that is consistent with other Federal
banking regulators. 30 The Board of Governors of the Federal Reserve System, the OCC, the
Consumer Financial Protection Bureau, and the FDIC share responsibility for Federal banking
regulation and supervision. 31 These regulatory agencies work through the Federal Financial

25

Washington Post, Facebook’s Zuckerberg takes broad lashing on Libra, 2020 election and civil rights at
congressional hearing, (October 23, 2019). See Commodity Futures Trading Corporation, Backgrounder on
Oversight of and Approach to Virtual Currency Futures Markets, (January 4, 2018), “US Law does not provide for
direct, comprehensive Federal oversight of underlying Bitcoin or virtual currency spot markets.” US regulation
includes (1) the Internal Revenue Service treating virtual currencies as property subject to capital gains tax, (2) the
Department of the Treasury Financial Crimes Enforcement Network monitoring virtual currency exchanges as money
transmitters for anti-money laundering purposes, and (3) the Securities and Exchange Commission treating virtual
currency issuances as securities issuances.
26
CNBC, JP Morgan Is Rolling Out the First US Bank-backed Cryptocurrency to Transform Payments Business,
(February 14, 2019). Reuters, Wells Fargo Tests Cryptocurrency for Internal Transactions, (September 17, 2019).
27
Department of the Treasury, A Financial System That Creates Economic Opportunities: Nonbank Financials,
Fintech, and Innovation, (July 2018).
28
Jelena McWilliams, FDIC Chairman, Remarks at the Institute of International Bankers’ Annual Washington
Conference; Washington, D.C., (March 11, 2019).
29
Statement of Jelena McWilliams, FDIC Chairman, on Oversight of Financial Regulators before the United States
Senate Committee on Banking, Housing, and Urban Affairs, (December 5, 2019).
30
American Banker, Regulators Must Issue AI Guidance or FDIC Will: McWilliams, (August 2, 2019); and American
Banker, Blockchain crypto tech need clear rules of the road, (August 7, 2019).
31
Jelena McWilliams, FDIC Chairman, "Principles of Supervision and Your Value to our Nation's Banking System,"
delivered at the Banking Institute sponsored by the University of North Carolina School of Law; Charlotte, North
Carolina, (March 21, 2019).

158

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Institutions Examination Council (FFIEC) 32 to promote uniformity in the supervision of financial
institutions. FDIC Chairman McWilliams recently noted her concern about the time required for
regulators to reach consensus on artificial intelligence guidance and indicated that the FDIC
may choose to issue its own guidance if regulators cannot agree on joint guidance. 33
In October 2018, the FDIC announced the development of a new FDIC Tech Lab to centralize
the FDIC’s knowledge of technology in order to focus on technologies in the financial services
sector, help the FDIC understand how innovation can contribute to the expansion of banking
services, and promote the adoption of technology. As of January 2020, the FDIC continued to
implement the operational foundation for the Tech Lab, including developing governing policies
and procedures and searching for a Chief Innovation Officer to lead this effort. 34 In addition, the
FDIC is seeking a range of other technologists—including data scientists, process engineers,
software developers, and network security experts—to join the agency. 35 We are monitoring the
FDIC’s progress in standing up the Tech Lab.
Ensuring Examinations Identify and Mitigate Technology Risks
According to the Interagency Guidelines Establishing Information Security Standards, 36 a
financial institution is responsible for the cybersecurity of its own information technology (IT)
systems. Similarly, responsibility for compliance with consumer protection laws and regulations
lies with the financial institution, regardless of whether the institution or a third-party service
provider controls the information. 37 The FDIC assesses whether bank management has
appropriate controls in place to mitigate cybersecurity risks and enhance consumer protections.
According to the OCC, bank examiners note that “the most common specific control
deficiencies” at banks relate to: Patch Management, Network Configuration, and Access
Management. 38 In addition, banks and service providers report that some of the common
attacks against institutions include: Phishing incidents; Compromised credentials; and
Automated Teller Machine exploits.
Since 2016, the FDIC has used the Information Technology Risk Examination (InTREX) work
program to conduct bank IT examinations and assess financial institutions’ management of
third-party service providers. The FDIC developed InTREX to enhance IT supervision by
providing examiners with risk-focused examination procedures. 39 Examiners use work
programs to observe and document processes, and test controls. The FDIC may undertake
32

The FFIEC was established on March 10, 1979, pursuant to title X of the Financial Institutions Regulatory and
Interest Rate Control Act of 1978, Public Law 95-630. The Council is an interagency body empowered to prescribe
uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of
Governors of the Federal Reserve System, the FDIC, the National Credit Union Administration, the OCC, and the
Bureau of Consumer Financial Protection and to make recommendations to promote uniformity in the supervision of
financial institutions.
33
Regulators Must Issue AI Guidance or FDIC Will: McWilliams, American Banker, (August 2, 2019). There is also a
need for regulatory clarity for blockchain and cryptocurrency. See Blockchain crypto tech need clear rules of the
road, American Banker, (August 7, 2019)
34
American Banker, FDIC Chairman, Regulators Need New Approach to Innovation, (October 4, 2019).
35
American Banker, FDIC Chairman, Regulators Need New Approach to Innovation, (October 4, 2019).
36
These Interagency Guidelines can be found in the FDIC Rules and Regulations, Part 364, Appendix B.
37
12 C.F.R. Part 364, Appendix B. The FDIC, OCC, and Board of Governors of the Federal Reserve issued the
Interagency Guidelines Establishing Information Security Standards. Financial Institution Letter 44-2008, Guidance
for Managing Third-Party Risk (June 6, 2008).
38
OCC, Semiannual Risk Perspective, (Fall 2019).
39
Financial Institution Letter 43-2016, Information Technology Risk Examination (InTREX) Program, (June 30, 2016).

APPENDICES

159

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
enforcement actions when examiners identify IT risks and weak management practices at the
institutions.
From 2016 to 2018, the FDIC conducted more than 3,000 IT examinations. Examiners
establish the scope of an IT examination consistent with a bank’s IT complexity and risk. For
example, the IT examination scope could be larger if new technology has been introduced, a
new material third-party technology service provider is added, or bank information security
testing identified material deficiencies.
Banks have expanded their use of advanced technologies such as person-to-person payments,
cloud computing, and blockchain. These developments increased the overall IT risk profile of
the banking industry and the complexity of FDIC IT examination work. As a result, the FDIC has
devoted an increasing number of examination hours to IT supervision. For example, according
to FDIC data for IT examinations completed by the FDIC between January 2017 and
August 2018, the average number of hours per examination increased 11 percent. For that
same period, the average IT examination hours for FDIC-identified banks with the highest IT risk
increased 46 percent.
The increase in IT examination hours has led to geographic examiner resource gaps requiring
examiners from one region to supplement examiners in another region. For example, the New
York Regional Office noted that it has shortages of examiners qualified to complete IT
examinations and required the assistance from other Regional Offices. The FDIC has a
nationwide IT On-The-Job training program to increase the pool of qualified examiners for
intermediate and advanced examinations. We have ongoing work to evaluate the FDIC’s
process for allocating examination staff, including examiner IT subject-matter experts, to safety
and soundness examinations. Also, we plan to conduct a review of the FDIC’s InTREX
examination program.
Mitigating Risks Associated With Third-Party Service Providers
According to the OCC, “[b]anks increasingly rely on third-party service providers for technology
and other solutions to compete in a rapidly evolving financial marketplace.” 40 In addition,
“cyber crime and espionage increasingly target third-party service providers because of the
potential to access multiple networks from a single point.” 41 For example, in July 2019, an
employee of a third-party provider of Capital One exploited a firewall and gained access to
sensitive information for approximately 106 million U.S. and Canadian customers. 42
The OCC also noted that banks are relying on the same pool of third-party service providers for
critical services such as payments, transaction processing, and maintenance of sensitive
information. “[C]onsolidation in the bank technology service provider industry has resulted in
fewer entities providing certain critical services.” 43 Thus, if one third-party provider experiences
a service disruption, operations at many banks may be affected.
The FDIC—through its supervisory examination processes—evaluates banks’ monitoring of the
security programs of their third-party providers. Bank management must exercise due diligence
before entering into third party relationships. Due diligence includes, for example,
40

OCC, Semiannual Risk Perspective, (Fall 2019).
OCC, Semiannual Risk Perspective, (Spring 2019).
42
CyberScoop, Capital One is a cautionary tale for companies rushing to embrace new tech, (July 31, 2019).
43
OCC, Semiannual Risk Perspective, (Fall 2019).
41

160

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
understanding the third-party’s risk and security controls, and ensuring clear lines of
responsibility between the third-party and the bank on actions to be taken in the case of an
incident. According to Banking Technology Vision 2019 by Accenture, 69 percent of
784 banking and IT executives surveyed did not know about the security at their third-party
service providers. 44 We plan to conduct a review to assess whether FDIC examination
processes evaluate institutions’ monitoring and management of risks associated with third-party
relationships.
The FDIC should understand risks associated with emerging technology to provide banks with
implementation guidance that balances banking sector safeguards with innovation. The FDIC
should also ensure that examinations effectively address technology risks.

2| ENHANCING THE FDIC’S INFORMATION TECHNOLOGY SECURITY
PROGRAM
The FDIC continues to increase its reliance on IT systems to fulfill its mission. As of June
2018, the FDIC had 338 IT systems that collect, store, or process Personally Identifiable
Information (PII) and sensitive information. A total of 174 of the FDIC’s 338 IT systems
contained what the Agency has determined to be “sensitive PII.” Further, the FDIC has legacy
systems that are becoming difficult and expensive to maintain. The FDIC is in the process of
modernizing its technology and must maintain the security of information within its systems as
the IT environment evolves.
According to the Office of Management and Budget (OMB), the Federal Government is a
significant target of cyberattacks, and in Fiscal Year 2018, Federal agencies experienced
31,107 cybersecurity incidents. 45 A recent report issued by the data protection firm, Veritas,
stated that “ransomware damage costs will reach $20 billion by 2021.” 46 Nearly 30 percent of
Federal agency respondents to the Veritas survey had been directly affected by ransomware
attacks in the past 3 years, and 80 percent of Federal respondents believed that ransomware
and malware will be as great a concern—if not a greater concern—within the next 12 months.
The report further noted that ransomware attacks at Federal agencies present risks to national
security, employee productivity loss, prolonged loss of services, and loss of institutional trust.
The Director of the Cybersecurity and Infrastructure Security Agency (CISA) 47 at the
Department of Homeland Security (DHS) noted that ransomware attacks are “only getting
worse.” 48 The actors are shifting their business models and going to more coordinated attacks.
Also, in June 2019, a Senate Committee on Homeland Security and Governmental Affairs
report 49 found that Federal agencies failed to comply with basic cybersecurity standards,
44

Accenture, Banking Technology Vision 2019, (May 7, 2019).
Federal Information Security Modernization Act of 2014 Annual Report to Congress, (August 2019).
Veritas, Ransomware Threats Is Your Agency Ready?, (December 2019).
47
On November 16, 2018, the President signed into law the Cybersecurity and Infrastructure Security Agency Act of
2018 (Act). The Act established the Cybersecurity and Infrastructure Security Agency (CISA) within the DHS to,
among other things, make the United States cyber and physical infrastructure more secure by sharing information at
all levels of Government and the private and non-profit sectors. Cybersecurity and Infrastructure Security Act of
th
2017, House Report 115-454, 115 Congress, (December 11, 2017).
48
FedScoop, Survey Indicates Federal Agencies Lack Adequate Planning to Recover from Ransomware Attacks,
(December 6, 2019).
49
Federal Cybersecurity: America’s Data At Risk, United States Senate Committee on Homeland Security and
Governmental Affairs Permanent Subcommittee on Investigations, (June 2019). The Subcommittee reviewed the
45
46

APPENDICES

161

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
including deficiencies related to:





Protecting PII; 50
Maintaining comprehensive and accurate lists of IT assets;
Installing required security patches; and
Ensuring systems had valid operating authorities.

This Senate Report also noted that agencies were at increased risk when they rely on aging
systems also called “legacy systems.” 51 These legacy IT systems are difficult to secure and
costly to maintain.
FDIC IT systems reflect a combination of legacy systems and new technologies. According to
the Government Accountability Office (GAO), use of legacy systems increases the cybersecurity
risk of those systems. 52 Further, the FDIC’s Chief Information Officer Organization recognized
that the “burden of maintaining the legacy environment limits the ability of staff to develop and
practice new skills and pursue innovation.” 53
The FDIC relies heavily on IT systems to carry out its responsibilities of insuring deposits,
supervising banks, and performing its resolution and receivership activities. The FDIC
maintains 338 IT systems that collect, store, or process PII and sensitive information. A total of
174 of the FDIC’s 338 IT systems contain what the agency has determined to be “sensitive
PII.” 54 For example, in its capacity as receiver for failed banks, the FDIC collects and maintains
a significant volume of PII such as names, home addresses, SSNs, dates and places of birth,
bank account numbers, and credit card information. The FDIC also maintains business
proprietary information that is sensitive, including banks’ information relating to internal
operations regarding counterparties, vendors, suppliers, and contractors.
In December 2019, the FDIC Chairman announced the departure of the Chief Information
Officer (CIO) who led the FDIC’s IT strategic planning and modernization efforts. On January
16, 2020 the Chairman named the Deputy CIO as the new CIO to continue leadership of the
implementation of the FDIC’s IT Modernization Plan. The appointment of the new CIO marks
the FDIC’s eighth CIO or Acting CIO in the last decade. These senior management changes
impact the direction of an organization because turnover affects management strategy,
planning, budgets, and staffing. As noted by the GAO, a high turnover rate in CIOs negatively

Department of Homeland Security, the Department of State, the Department of Transportation, the Department of
Housing and Urban Development, the Department of Agriculture, the Department of Health and Human Services, the
Department of Education, and the Social Security Administration.
50
PII is any information about an individual maintained by an agency, including (1) any information that can be used
to distinguish or trace an individual‘s identity, such as name, Social Security Number (SSN), date and place of birth,
mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual,
such as medical, educational, financial, and employment information.
51
U.S. Government Accountability Office, Information Technology: Agencies Need to Develop Modernization Plans
for Critical Legacy Systems, GAO-19-471, (June 2019).
52
U.S. Government Accountability Office, Information Technology: Agencies Need to Develop Modernization Plans
for Critical Legacy Systems, GAO-19-471, (June 2019).
53
FDIC Chief Information Officer Organization, FDIC IT Modernization Plan 2020-2024.
54
According to FDIC Circular 1360.9, Protecting Sensitive Information, (October 2015), sensitive PII is a subset of PII
that presents the highest risk of being misused for identity theft or fraud. Sensitive PII may be comprised of a single
item of information, such as an SSN, or a combination of two or more items, such as full name along with financial,
medical, criminal, or employment information.

162

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
impacts their effectiveness because there is limited time to put their agenda in place or form
close working relationships with agency leadership. 55
Maturing the FDIC’s IT Security Program and Practices
In our annual audit report, The FDIC’s Information Security Program—2019 (October 2019)
(FISMA Report) and other OIG reports, we identified weaknesses that limited the effectiveness
of the FDIC’s information security program and practices and placed the confidentiality, integrity,
and availability of the FDIC’s information systems and data at risk. In particular, we identified
the following weaknesses and deficiencies that pose the highest risks to FDIC IT systems:


Network Firewalls. According to the National Institute of Standards and Technology
(NIST) guidance, firewalls are essential devices or programs that help organizations
protect their networks and information systems from hostile attacks, break-ins, and
malicious software. 56 The FDIC deploys firewalls at both the perimeter and interior of its
network. These firewalls control the flow of inbound traffic from the internet through the
use of “ingress” rules that inspect traffic and permit or deny requests for access to FDIC
systems. The firewalls also control the type of traffic allowed to flow out of the network
using “egress” rules. Therefore, the FDIC’s firewalls are only as effective as the rules
that the FDIC defines for them.
In our audit report, Preventing and Detecting Cyber Threats (May 2019), we identified
weaknesses in the effectiveness of both FDIC firewalls and the Security Information and
Event Management tool that works in concert with firewalls to analyze network activity
and detect cyber threats. The FDIC had inadequate firewall policies and procedures that
led to firewall rules lacking documented justification, unnecessary firewall rules, and an
ineffective process to periodically review firewall rules. Unnecessary firewall rules pose
a security risk. The FDIC undertook significant steps to address these network firewall
weaknesses. However, the FDIC had not yet completed actions to document all existing
network firewall rules with an approval and mission/business need, including the
duration of that need, or implemented a firewall policy consistent with NIST guidance.



Privileged Account Management. The FDIC assigns certain network users
“administrative accounts” that have privileged access to systems and network IT
resources to perform maintenance and IT troubleshooting activities. The FDIC must
carefully control and monitor administrative accounts because hackers and other
adversaries often target them to perform malicious activity, such as exfiltrating sensitive
information.
In our audit report, Preventing and Detecting Cyber Threats, we found that the FDIC did
not always require administrators to uniquely identify and authenticate when they
accessed network firewalls. These vulnerabilities exposed the network firewalls to
increased risk of unauthorized access or malicious activity. The FDIC corrected these
vulnerabilities.



Security Control Assessments. Agencies are required to test and evaluate
information security controls periodically in order to ensure that they are effective. The

55

U.S. Government Accountability Office, Federal Chief Information Officers: Responsibilities, Reporting
Relationships, Tenure, and Challenges, GAO-04-823, (July 2004).
56
NIST SP 800-41, Guidelines on Firewalls and Firewall Policy, (September 2009).

APPENDICES

163

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
FDIC assessed its security controls following a risk-based schedule. However, in our
audit, Security Configuration Management of the Windows Server Operating System
(January 2019), we found instances in which security control assessors did not test the
implementation of security controls, when warranted. Instead, assessors relied on
narrative descriptions of controls in FDIC policies, procedures, and system security
plans and/or interviews of FDIC or contractor personnel. Without testing, assessors did
not have a basis for concluding on the effectiveness of security controls. We made eight
recommendations, one of which remains unimplemented at the time of this report.


Security and Privacy Awareness Training. FDIC policy requires employees and
contractor personnel with network access to complete security and privacy awareness
training within one week of employment, and annually thereafter. FDIC policy states that
users who fail to comply with this requirement must have their network access revoked.
We identified 29 network users who did not satisfy the FDIC’s awareness training
requirement but still had access to the network. We found that the FDIC was not aware
of the 29 users, among approximately 7,000 network users, because the system used to
monitor training compliance did not track all users required to take the annual security
and privacy awareness training.

The FDIC must continue to modernize its IT systems and mature security controls to minimize
risks of cyber incidents. Information security should remain a critical element of the FDIC’s plan
to modernize its IT systems.

3| ENSURING THE FDIC’S READINESS FOR CRISES
Banks face numerous significant risks that could affect the stability of the financial system, as well
as the safety and soundness of institutions. Central to the FDIC’s mission is readiness to address
crises impacting the banking system and mitigation of risk through supervision. The FDIC
identified two important lessons learned following the recent financial crisis: (i) the importance of
crisis readiness planning; and (ii) quickly addressing emerging supervisory risks. Crisis readiness
best practices identify the principles and elements of effective preparedness that collectively
provide a framework for crisis planning efforts. Adopting such a framework strengthens the FDIC’s
ability to respond to a crisis in a timely and effective manner.
The World Economic Forum identified five categories of risk to the world economy that also
impact the banking sector: (1) Technological risks, such as widespread economic disruption,
failure of the internet or satellites, or large-scale data fraud or theft; (2) Economic risks, such as
unsustainable prices for housing or commodities that result in sudden price drops; (3)
Environmental risks, such as extreme weather events, natural disasters, or man-made
disasters; (4) Geopolitical events, such as terrorist attacks or weapons of mass destruction; and
(5) Societal risks, such as infectious disease pandemics. 57
The FDIC plays an important role in supervising and regulating banks that may be affected by
these risks. The FDIC helps to stabilize financial markets through its examination of banks,
provision of deposit insurance, and resolution of failed banks. When the FDIC acts as the
receiver of a failed institution, the FDIC assumes responsibility for recovering funds through the
disposition of a bank’s assets. 58 The FDIC Chairman noted that during its 85-year history, the
57
58

164

th

The World Economic Forum, The Global Risks Report 2018, 13 Edition.
FDIC 2018-2023 Strategic Plan, Receivership Management Program.

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
FDIC “has resolved more than 2,700 institutions with assets of more than $1 trillion and almost
$800 billion in deposits.” 59
Planning for Crises and Resolution of Failed Banks
When early mitigation fails or events overtake mitigation efforts, the FDIC should be prepared to
address bank failures. In 2017, the FDIC published a study of the Agency’s response to the
financial crisis in 2008-2013. The FDIC study, Crisis and Response: An FDIC History, 20082013 (Crisis and Response Report), concluded that the financial crisis presented the FDIC with
unprecedented challenges and demanded creative and innovative responses from the FDIC
and other financial regulatory agencies. In addition, the crisis stretched the limits of the FDIC’s
capacity to supervise problem institutions, manage the Deposit Insurance Fund, and implement
orderly resolutions for failed financial institutions. The Crisis and Response Report concluded
that “[i]n hindsight, it might have been more effective if the FDIC, as part of its readiness
planning, had built a larger and more agile infrastructure—including staff, contracts, and
[information technology] systems—during the lull between the end of the previous crisis and the
start of this new one.” The
Figure 1: OIG Compilation of Crisis Readiness Framework
Crisis and Response Report
indicated that, as a result, one
of the most important lessons
learned from the prior financial
crisis was that “readiness
planning is essential.”60
Crisis readiness best
practices 61 identify seven
elements of a readiness
planning framework, as
depicted in Figure 1. A crisis
readiness framework identifies
the principles and elements of Source: FDIC OIG.
effective preparedness and
promotes a shared understanding and a common, integrated perspective of readiness across all
mission areas. 62
Specifically, the seven elements of a readiness framework that agencies such as the FDIC
should have include:


Policy and Procedures – Agencies should have a policy with defined readiness
authorities, roles, and responsibilities, including a committee responsible for overseeing

59

Jelena McWilliams, FDIC Chairman, Keynote Remarks delivered at the 2018 Annual Conference of The Clearing
House and Bank Policy Institute, (November 28, 2018).
60
The Crisis and Response Report indicated that, as part of maintaining readiness in a stable environment, the FDIC
could explore how other agencies with highly variable resource demands address their resource challenges. The
report cited FEMA as an example, noting the agency has developed readiness capabilities despite the unpredictable
need for disaster relief.
61
OIG-identified best practices included the Department of Homeland Security, National Preparedness Guidelines
(September 2007); Federal Emergency Management Agency (FEMA), FEMA Operational Planning Manual (FEMAP-1017) (June 2014); and the Organization for Economic Co-operation and Development, Strategic Crisis
Management (December 2012).
62
FEMA, National Disaster Recovery Framework website summary page https://www.fema.gov/national-disasterrecovery-framework (October 2018).

APPENDICES

165

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
readiness activities. This policy helps ensure that personnel understand and implement
management directives for readiness. Agencies should also have procedures for a
consistent crisis readiness planning process.


Plans – Agencies should have an agency-wide all-hazards readiness plan as well as
plans for specific hazards as needed based on risk. These plans improve the efficiency
of the readiness planning process and provide management and personnel with a
comprehensive understanding of readiness planning activities across an organization.



Training – Agencies’ plans should incorporate training requirements to ensure that
personnel understand the content of crisis readiness plans, including the task-related
responsibilities for executing the plans.



Exercises – Agencies should regularly test readiness plans, document the results of all
readiness plan exercises, and consistently incorporate such exercise requirements
within its plans.



Lessons Learned – Agencies should have a process to monitor the implementation of
lessons learned and related recommendations from readiness plan training, exercises
and execution during a crisis.



Maintenance – Agencies should regularly review and update their readiness plans and
incorporate such maintenance requirements within their plans.



Assessment and Reporting – Agencies should regularly assess and report on
Agency-wide progress on crisis readiness plans and activities to key decision makers
within an organization.

We have work ongoing to assess the FDIC’s crisis readiness planning efforts in the context of
this framework.
Promptly Identifying and Mitigating Banking Risks
An important step in avoiding crises is early risk identification and mitigation. In its review of the
financial crisis, the Financial Crisis Inquiry Commission stated that “[i]n case after case after
case, regulators continued to rate the institutions they oversaw as safe and sound even in the
face of mounting troubles, often downgrading them just before their collapse.” 63
The FDIC adopted a Forward-Looking Supervision initiative to identify and mitigate risk before it
impacts the financial condition of an institution. In our evaluation report, Forward-Looking
Supervision 64 (August 2018) we found that for 41 examination reports sampled, examiners
identified overall safety and soundness risk; however, only 27 percent of reports sampled (11 of
41) elevated concerns to the financial institution’s board of directors. Based on the financial
institutions’ risk, we believe that a greater number of these concerns warranted board attention.
Elevating concerns and recommendations provides greater visibility and awareness to the
financial institution’s board of directors and senior management.
63

Financial Crisis Inquiry Commission, Final Report of the National Commission on the Causes of the Financial and
Economic Crisis in the United States (January 21, 2011). Congress established the Financial Crisis Inquiry
Commission as part of the Fraud Enforcement and Recovery Act (Public Law 111-21) to examine the causes of the
financial crisis.
64
Forward-Looking Supervision, EVAL-18-004, (August 2018).

166

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
An institution’s financial condition may also change between examination intervals, making the
most recent examination rating outdated or inaccurate. The FDIC’s Offsite Review Program
(ORP) is designed for the early identification of emerging supervisory concerns and potential
problems so that supervisory strategies can be adjusted quickly. The ORP includes models and
other methodologies that review quarterly bank information 65 and produce the Offsite Review
List (ORL) of institutions with potential emerging supervisory concerns. FDIC Regional Offices
may add institutions that are not initially identified on the ORL based on Region-specific
concerns. The ORP also includes a Supplemental Review List for new or emerging risks to be
included in the quarterly offsite process.
In our evaluation report, Offsite Reviews of 1- and 2-Rated Institutions (December 2019), we
found that the ORP identified emerging issues concerning financial institutions’ rapid growth,
use of noncore funding, and deteriorating financial trends, but the FDIC should evaluate
additional methods and new technologies to identify financial institutions with other types of
emerging supervisory concerns. For example, the FDIC should assess whether innovative
technologies would provide predictive information on other types of emerging supervisory
concerns, such as those related to banks’ internal controls, credit administration, and
management practices. We recommended that the FDIC evaluate the feasibility of using new
technologies to identify institutions with emerging supervisory concerns.
The health of banks and the banking system depends upon the FDIC’s and other regulators’
early identification and mitigation of safety and soundness risk and the FDIC’s ability to respond
to banking crises. Establishing a robust readiness framework ensures the FDIC has the
organizational processes, individuals, resources, and integration necessary to respond to a
crisis.

4|SHARING THREAT INFORMATION WITH BANKS AND EXAMINERS
Federal Government agencies gather a substantial volume of information related to the safety
and soundness of financial institutions in the United States, and thus, relevant to FDIC
supervisory activities. For example, Government agencies collect information about cyber
threats, money laundering, and illicit financing activity. Bankers need to receive actionable
information in order to respond to threats in a timely manner. FDIC examiners responsible for
supervised institutions should be aware of threats directed toward those institutions to
understand their impact and make necessary supervisory adjustments. Further, examiners
should understand the nature of threats to evaluate potential gaps and determine the depth and
scope of an examination. FDIC policy makers should be aware of emerging threats to ensure
that relevant threat information is disseminated to banks and examiners; in addition, policy
makers can adjust examination policy and procedures and assess the need for supplementing or
modifying the regulatory scheme.
On April 30, 2019, the CISA identified consumer and commercial banking, and funding and
liquidity services as National Critical Functions which are “so vital to the United States that their
disruption, corruption, or dysfunction would have a debilitating effect on security, national
economic security, national public health or safety, or any combination thereof.” 66 The CISA
65

Banks reviewed through the ORP include FDIC-supervised institutions and institutions supervised by the Federal
Reserve Board or the Office of the Comptroller of the Currency.
66
DHS Cybersecurity and Infrastructure Security Agency, National Critical Functions – An Evolved Lens for Critical
Infrastructure and Security Resilience, (April 30, 2019).

APPENDICES

167

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
further stated that a key focus to support these National Critical Functions is collecting and
sharing threat information about natural occurrences or man-made actions that represent “the
potential to harm life, information, operations, the environment, and/or property.” 67
Similarly, the FSOC noted, in its 2019 Annual Report, the critical importance to the financial
sector of sharing timely and actionable threat information with Federal Government agencies
and the private sector. The FSOC stated that Federal agencies should “carefully consider how
to appropriately share information and, where possible, continue efforts to declassify (or
downgrade classification) to the extent practicable, consistent with national security
imperatives.” 68
FinCEN also stressed the importance of providing the financial sector with information about
illicit activity to help sector participants identify and report such activities to law enforcement. 69
This information is especially important to identify illicit actors who use virtual currency to
facilitate criminal activity, such as human or drug trafficking, child exploitation, fraud, terrorist
financing, or to support rogue regimes and facilitate sanctions evasion.
As shown in Figure 2, the GAO identified multiple sources of threat information.
Figure 2: Sources of Threat Information for Financial Institutions.

67

Department of Homeland Security, DHS Risk Lexicon, (September 2008).
FSOC 2019 Annual Report.
69
Financial Crimes Enforcement Network, Advisory on Illicit Activity Involving Convertible Virtual Currency,
(May 9, 2019).
68

168

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Disseminating Threat Information to Banks
The OCC noted that “[t]he potential for operational disruptions underscores the need for
effective controls and operational resilience to help ensure the ongoing delivery of financial
products and services in a safe and sound manner.” 70 The FFIEC provides instructions to
examiners on how to examine financial institutions’ business continuity plans. These
instructions note that threats should be analyzed “based upon the impact to the institution, its
customers, and the financial market it serves.” 71 The FFIEC notes that financial institutions
should have “a means to collect data on potential threats that can assist management in its
identification of information security risks.” The FDIC is responsible for evaluating bank
management’s processes to receive and assess threat information, and to act on such
information in order to mitigate risks.
The Cybersecurity Information Sharing Act (2015) required the Director of National Intelligence
(DNI) and other agency heads to develop and issue procedures to facilitate and promote the
sharing of cyber threat indicators and defensive measures. In February 2016, the DNI issued a
report entitled Sharing of Cyber Threat Indicators and Defensive Measures by the Federal
Government under the Cybersecurity Information Sharing Act of 2015 (Threat Sharing
Procedures), which outlined the procedures for Federal agencies to share cybersecurity
information with non-Federal entities such as financial institutions. 72 The Threat Sharing
Procedures promote sharing unclassified and classified information, and best practices related
to cyber security.
According to the Threat Sharing Procedures, Federal Government agencies are to make every
reasonable effort to share unclassified reports of cyber threats on a timely basis. The sharing of
classified threat information is dependent on the recipient’s security clearance level and must
protect sources, methods, operations, and investigations. The Threat Sharing Procedures
encourage Federal agencies to “downgrade, declassify, sanitize or make use of tearlines to
ensure dissemination of threat information to the maximum extent possible.” 73
Federal agencies may use Information Sharing and Analysis Centers (ISAC) to provide threat
information to other government agencies or non-Federal entities. 74 The goal of ISACs is to
provide members with accurate, actionable, and relevant information, and they are organized to
share sector-specific threat and vulnerability information with members.
The Financial Services Information Sharing and Analysis Center (FS-ISAC) was established to
serve financial institutions. FS-ISAC has 7,000 members and its purpose is to share timely,
relevant, and actionable security threat information. Federal financial-sector regulators
encourage financial institutions to gain access to threat information through FS-ISAC
membership. 75 Regulators also suggest that banks use other available resources from the
Federal Bureau of Investigation, Department of Homeland Security, and U.S. Secret Service in
70

OCC, Semiannual Risk Perspective, (Fall 2019).
FFIEC, Business Continuity Planning Booklet, Risk Assessment, (Available on the FFIEC website).
72
The Office of the Director of National Intelligence, The Department of Homeland Security, The Department of
Defense, and The Department of Justice, Sharing of Cyber Threat Indicators and Defensive Measures by the Federal
Government under the Cybersecurity Information Sharing Act of 2015, (February 16, 2016).
73
The Office of the Director of National Intelligence, The Department of Homeland Security, The Department of
Defense, and The Department of Justice, Sharing of Cyber Threat Indicators and Defensive Measures by the Federal
Government under the Cybersecurity Information Sharing Act of 2015, (February 16, 2016).
74
Presidential Policy Directive 63, Critical Infrastructure Protection, (May 22, 1998).
75
FFIEC, Cybersecurity and Threat and Vulnerability Monitoring and Sharing Statement, (November 3, 2014).
71

APPENDICES

169

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
order to identify and respond to cyber attacks. Bank “management is expected to monitor and
maintain sufficient awareness of cybersecurity threats and vulnerability information so they may
evaluate risk and respond accordingly.” 76
As part of the FDIC’s supervisory process, examiners evaluate banks’ processes for obtaining
and assessing threat information. Examiners may face challenges in assessing the
effectiveness of banks’ threat identification and mitigation processes when banks are not
receiving threat information through FS-ISAC membership.
Disseminating Threat Information to FDIC Policy Makers and Examiners
FDIC policy makers should be aware of threats to ensure relevant threat information is provided
to banks and examiners. Further, policy makers may need to adjust examination policy and
procedures to address emerging threat issues and assess the need for additional regulation.
FDIC examiners should be aware of threats directed toward those institutions to understand
their impact and make necessary supervisory adjustments. Understanding the nature of threats
to all banks provides context for examiners to evaluate potential gaps in an institution’s
processes for threat information gathering and continuity planning. Further, threat information
can assist examiners in prioritizing and focusing their work on emerging issues, and modifying
the depth or scope of an examination.
According to best practices, 77 recipients of threat information should have the following
processes in place to assess the significance of the information and ensure that actionable
information is disseminated to relevant parties:


Acquiring Threat information. Threat information may be obtained from a variety of
sources and methods, including information from open sources, confidential sources,
law enforcement, intelligence, public and private entities, as well as investigations,
assessments, and intelligence collection.



Analyzing Threat Information. The significance of the threat must be assessed in the
context of other threats and relevant information.



Disseminating and Using Actionable Threat Information. This step includes
distribution with a focus on timely delivery of relevant actionable threat information to the
appropriate people. Further, information must be “marked” to ensure proper
safeguarding and access restrictions.



Providing Feedback on Threat information. Establishing processes for lessons
learned improves the relevance, usefulness, and format of threat information.

The FDIC has access to threat information held by various Government agencies, and should
have formal processes to address the four steps, referenced above, for threat information
assessment and sharing. Without formal processes, the FDIC leaves the collection of
information, analysis, dissemination, and feedback to staff discretion, which may lead to
inconsistencies, uncertainty, and a lack of uniformity in sharing threat information.
76

FFIEC, Cybersecurity and Threat and Vulnerability Monitoring and Sharing Statement, (November 3, 2014).
OIG compilation based on a combination of DHS, Critical Infrastructure Threat Information Sharing Framework, A
Reference Guide for the Critical Infrastructure Community, (October 2016); and SANS Institute, Cyber Threat
intelligence Support to Incident Handling, (November 2017).
77

170

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
The FDIC is also challenged to set up the infrastructure needed to execute threat assessment
and sharing processes. FDIC Headquarters staff has access to significant amounts of threat
information held by the U.S. Government, and much of the information is confidential and highly
sensitive. Given the volume of information, the FDIC faces challenges in having the appropriate
number of personnel with the requisite security clearance levels to analyze, distill, and convey
relevant and actionable threat information. The FDIC is also challenged to convey classified
information to policy makers and examiners. In order to access, store, and handle classified
information, FDIC policy makers and examiners must have relevant security clearances and
secure facilities—or alternatively, the FDIC must have processes in place to declassify
information in a timely manner. We have ongoing work to evaluate the effectiveness of the
FDIC’s procedures for the collection and dissemination of threat information.
Timely and actionable threat information allows bank management to thwart threats and the
FDIC to quickly adjust supervisory strategies. Understanding the emerging threat landscape
across all banks provides examiners with context to review a bank’s processes to defend
against threats and provides perspective to adjust examination policies and procedures. Absent
information sharing, bank management, policy makers, and examiners may be unaware of
threats that could affect the safety and soundness of financial institutions.

5| STRENGTHENING THE GOVERNANCE OF THE FDIC
Effective governance is critical to ensure proper oversight of the FDIC. The Federal Deposit
Insurance Act vests the management of the FDIC to its Board of Directors (FDIC Board). The
FDIC Board has operated without a full membership since 2015. The FDIC Board delegates
authority to FDIC senior leaders to fulfill the Agency’s mission, including implementation of its
Enterprise Risk Management (ERM) program. The FDIC should ensure that it is identifying and
managing risks, and making data-driven acquisition decisions.
According to Principles of Corporate Governance issued by the Organization for Economic Cooperation and Development (OECD Governance Principles), “[t]he purpose of corporate
governance is to help build an environment of trust, transparency and accountability necessary
for fostering long-term investment, financial stability, and business integrity, thereby supporting
stronger growth, and more inclusive societies.” 78 As explained in the OECD Governance
Principles, a governance framework should ensure strategic guidance, effective monitoring of
management by the board, and the board’s accountability to stakeholders.
One area of importance for boards is oversight of the organization’s ERM. Such oversight
includes accountability and responsibilities for managing risks, specifying the types and degree
of risk that an organization is willing to tolerate, and the management of risks through operations
and relationships. ERM is a governance issue that falls within the oversight responsibility of
boards of directors. 79

78

OECD, G20/OECD Principles of Corporate Governance, (2015). The Principles are presented in six different
chapters. This document references two chapters: (1) Ensuring the basis for an effective corporate governance
framework and (2) The responsibilities of the Board.
79
Harvard Law School Forum on Corporate Governance and Financial Regulation, Risk Management and the Board
of Directors, (March 20, 2018).

APPENDICES

171

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
The Federal Deposit Insurance Act 80 vests management of the FDIC in the FDIC Board. The
FDIC Board consists of five members, all of whom are appointed by the President and
confirmed by the Senate: the Comptroller of the Currency; the Director of the Consumer
Financial Protection Bureau; and three “Appointive Directors,” including a Chairman and Vice
Chairman. 81 No more than three members of the Board may be from the same political party,
and one member “shall have State bank supervisory experience.” 82
Although the FDIC Board may delegate certain powers to officers of the FDIC, the FDIC Board
members should exercise oversight, remain informed about FDIC activities, and review financial
statements. 83
Maturing Enterprise Risk Management
According to OMB Circular Number A-123, Management’s Responsibility for Enterprise Risk
Management and Internal Control, 84 Federal agencies face internal and external risks to
achieving their missions, including “economic, operational, and organizational change factors.” 85
The OMB requires that Federal agencies implement ERM to assist agencies in identifying,
assessing, and mitigating internal and external risks.
The OMB defines ERM as “an effective Agency-wide approach to addressing the full spectrum
of the organization’s external and internal risks by understanding the combined impact of risks
as an interrelated portfolio, rather than addressing risks only within silos.” 86 The components of
ERM include a risk governance structure; a methodology for developing an agency’s risk profile;
and a process, guided by an organizations senior leadership, to consider risk appetite and risk
tolerance levels that serve as a guide for the agency to establish strategy and select objectives.
In June 2010, the FDIC hired a consulting firm to address five key issues regarding its ERM
program. In response to the firm’s recommendations, the then-FDIC Chairman appointed a
Risk Steering Committee to evaluate alternatives and recommend an organizational structure
for risk management. The Risk Steering Committee recommended to the FDIC Board the
establishment of an Office of Corporate Risk Management (OCRM), headed by a Chief Risk
Officer (CRO), with total staffing of 16. The Board approved the recommended changes, which
were intended to provide an office to review internal and external risks with a system-wide
perspective; facilitate sharing of information regarding existing, emerging, and potential risks;
and instill risk governance as part of the FDIC’s culture.
From 2011 to 2016, the ERM program was headed by a CRO who reported directly to the thenChairman. In May 2016, the CRO retired, and only five ERM program staff remained at the
80

12 U.S.C. § 1812(a)(1) (2019).
12 U.S.C. § 1812(a)(1) (2019); FDIC, Bylaws of the FDIC, (2018). Technically designated the Chairperson and
Vice Chairperson in the statute and bylaws, it is longstanding FDIC practice to refer to the positions as Chairman and
Vice Chairman.
82
12 U.S.C. § 1812(a)(1) (2019).
83
Bylaws of the Federal Deposit Insurance Corporation, Adopted by the Board of Directors, (September 17, 2019);
Wyoming Law Review, Director Oversight and Monitoring: The Standard of Care and the Standard of Liability PostEnron, (2006).
84
OMB Circular No. A-123, Management’s Responsibility for Enterprise Risk Management and Internal Control,
(July 15, 2016).
85
OMB Circular No. A-123, Management’s Responsibility for Enterprise Risk Management and Internal Control,
(July 15, 2016).
86
OMB Circular No. A-123, Management’s Responsibility for Enterprise Risk Management and Internal Control,
(July 15, 2016).
81

172

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
time. In June 2017, the FDIC reorganized the ERM program by placing the positon of CRO
under the Division of Finance as a Deputy Director, eliminating OCRM and moving the ERM
function to a newly constituted Risk Management and Internal Controls Branch.
In October 2018, the FDIC revised its Enterprise Risk Management and Internal Control Policy
(FDIC ERM Directive), which includes the ERM principles of OMB Circular Number A-123. 87
The FDIC ERM Directive vests the FDIC’s Operating Committee with oversight of the ERM
program, including “establishment of the agency’s risk profile, regular assessment of risk, and
development of appropriate risk response.” 88 The Operating Committee includes senior-level
officials, but it is not a decision-making body.
The FDIC ERM Directive instructs the CRO to work in partnership with FDIC Division and Office
leaders to ensure enterprise-wide coordination, training, policy, and maintenance of ERM
components (risk inventory, risk profile, and risk appetite statements). The FDIC ERM Directive
states that implementation of ERM should facilitate efforts of the FDIC Board to identify, assess,
and address risks. However, the FDIC ERM Directive does not envision an oversight role for
the FDIC Board, nor does it describe regular reporting requirements or communications for the
FDIC Board.
In our recent audit, The FDIC’s Information Security Program–2019 (October 2019), we found
that the ERM program developed a risk appetite statement establishing the amount of risk the
FDIC is willing to accept in pursuit of its mission. However, as of the time of our report, the
FDIC had not yet completed an inventory of risks facing the FDIC, or a risk profile to help
manage and prioritize risk mitigation activities.
Subsequent to our report, the FDIC completed a risk inventory and risk profile. FDIC
management is in the process of integrating its ERM program into the FDIC’s budget, strategic
planning, performance reporting, and internal control processes. We have ongoing work
evaluating the FDIC’s ERM program to assess the extent to which the FDIC has implemented
an effective ERM program consistent with guidance and best practices.
Operating Without a Full FDIC Board
The FDIC Board has been operating with four members since 2015. The Vice Chairman
position on the FDIC Board of Directors has been vacant since April 30, 2018. 89 In addition, the
FDIC has not had an independent Board member with “State bank supervisory experience”
since 2012. 90 Nearly 80 percent of banks in the United States (approximately 4,400 institutions)
are chartered by states, and the FDIC has authority to examine and supervise state-chartered
banks that are not part of the Federal Reserve System.
On January 30, 2019, a bipartisan group of fifteen Members of the House of Representatives
submitted a letter to the White House expressing concern that no current sitting FDIC Board

87

FDIC Directive 4010.3, Enterprise Risk Management and Internal Control Program (2018). The FDIC is not
required to follow OMB Circular No. A-123.
88
FDIC Directive 4010.3, Enterprise Risk Management and Internal Control Program (2018).
89
American Banker, Pressure Grows on Administration to Fill Fed, FDIC Seats, (November 3, 2019).
90
Former Comptroller of the Currency Thomas Curry, who served on the FDIC Board until May 2017, was formerly
the Massachusetts Banking Commissioner, but did not meet the statutory requirement for an independent Board
member with supervisory experience. See American Banker, FDIC Needs a State Regulator on Its Board,
(August 17, 2018).

APPENDICES

173

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
member satisfies the state banking supervisory experience requirement. 91 The Congressional
Members noted in the letter that state bank supervisory experience is important because both
state and FDIC regulators share concurrent responsibility for the safety and soundness of
certain state-chartered banks. Most state banking agencies participate in an examination
program under which certain examinations are performed on an alternating basis by the state
agency and the FDIC. The Members of Congress stated they believe that “having an FDIC
Board member with state bank experience is an important part of that coordination.”
Overseeing Investment Decisions
In order to properly oversee investment decisions at the FDIC, the FDIC Board and senior
managers should have quality data and processes. The FDIC awarded 2,400 contracts valued
at more than $1.5 billion over a 3-year period from 2016 to 2018. In our evaluation
report, Contract Oversight Management (October 2019), we found that the FDIC was
overseeing acquisitions on a contract-by-contract basis rather than on a portfolio basis and did
not have an effective contracting management information system to readily gather, analyze,
and report portfolio-wide contract information across the Agency. In addition, we found that the
FDIC’s contracting system did not maintain certain key data in a manner necessary to conduct
historical trend analyses, plan for future acquisition decisions, and assess risk in the FDIC’s
awarded contract portfolio. As a result, FDIC Board members or other senior management
officials were not provided with a portfolio-wide view or the ability to analyze historical
contracting trends across the portfolio, identify anomalies, and perform ad hoc analyses to
identify risk or plan for future acquisitions.
In our audit report, The FDIC’s Governance of Information Technology Initiatives, (July 2018),
we found that the FDIC faced a number of challenges and risks related to the governance of its
IT initiatives. For example, the FDIC did not fully develop a strategy to move IT services and
applications to the cloud or obtain the acceptance of key FDIC stakeholders before taking steps
to initiate cloud migration projects. The FDIC also had not implemented an effective Enterprise
Architecture to guide the three IT initiatives we reviewed or the FDIC’s broader transition of IT
services to the cloud. The FDIC has taken action to address six of our eight recommendations
and continues to work towards implementing the remaining two recommendations relating to:
(1) revising IT Governance Processes into FDIC policies and procedures; and (2) identifying
and documenting IT resources and expertise needed to execute the FDIC’s IT Strategic Plan.
The FDIC Board’s oversight of FDIC senior management is a critical component to promptly
identifying, assessing, and responding to risks to the FDIC, and overseeing contracting activities
and IT investment decisions.

91

The letter is available here. Congressman Barry Loudermilk, Congressman Denny Heck, Congressman Peter
King, Congressman Jim Hines, Congressman Frank Lucas, Congressman Scott Tipton, Congressman Tom Emmer,
Congressman Steve Stivers, Congressman Lee Zeldin, Congressman Alex Mooney, Congressman Ted Budd,
Congressman David Kustoff, Congressman Trey Hollingsworth, Congressman John Rose, and Congressman Denver
Lee Riggleman III.

174

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
6|OVERSEEING HUMAN RESOURCES
The FDIC relies on the talents and skills of its employees to accomplish its mission. Within the
next few years, the FDIC will need to navigate a potential wave of retirements, reverse attrition
trends among its core examination workforce, and hire staff with skills to match technology
innovation. Effective management of these challenges limits the impact of leadership and skill
gaps, and the loss of institutional experience and knowledge due to retirements. The FDIC
should position itself to recruit, retain, and develop future talent.
In March 2019, the GAO recognized strategic human capital management as a continuing
Government-wide area of high risk. 92 The GAO noted that 31.6 percent of the permanent
Federal workforce on board as of September 30, 2017 would be eligible to retire within the next
5 years. 93 The GAO identified the need for Federal agencies to measure and address existing
mission-critical skill gaps, and to use workforce analytics to predict and mitigate future gaps. 94
The GAO also identified five trends affecting the future Government workforce:
(1) Technological advances that will change the way work is performed;
(2) Increased reliance on contractors to achieve policy goals that will require new skills
and competencies;
(3) Fiscal constraints that will require agencies to review how they conduct business;
(4) Evolving mission requirements that will require agencies to adapt their work and
workforce; and
(5) Changing demographics and shifting attitudes towards work. 95
Without careful attention to strategic and workforce planning and other approaches to managing
and engaging personnel, reduced investments in human capital may have lasting effects on the
capacity of an agency’s workforce to meet its mission. 96
Forty-two percent of current FDIC employees (on board as of July 31, 2019) are eligible to retire
within the next 5 years. These retirement figures include retirement eligibility of 60 percent for
FDIC Executives and 58 percent for its Managers. Although historical FDIC projections show
that employees may not retire on their eligibility date, this wave of potential retirements could
deplete the FDIC’s institutional experience and knowledge, especially during a crisis. Without
proper succession planning strategies, these retirements can also result in leadership gaps.
Further, the FDIC’s budget for 2019 marked the ninth consecutive year of lower annual staffing
levels and operating budgets, reflecting the FDIC’s reduced bank failure workload. The FDIC’s
authorized staffing level at the beginning of 2019 of 5,901 positions represented a net reduction
of 182 positions from 2018 (approximately 3.1 percent) and the operating budget was reduced
by 2.3 percent for the same period.
92

GAO, High-Risk Series: Substantial Efforts Needed to Achieve Greater Progress on High-Risk Areas, GAO-19157SP, (March 2019).
93
GAO, Federal Workforce: Talent Management Strategies to Help Agencies Better Compete in a Tight Labor
Market, GAO-19-723T, (September 2019).
94
GAO, High-Risk Series: Substantial Efforts Needed to Achieve Greater Progress on High-Risk Areas, GAO-19157SP, (March 2019).
95
GAO, Federal Workforce: Key Talent Management Strategies for Agencies to Better Meet Their Missions, GAO19-181, (March 2019).
96
GAO, Federal Workforce: Key Talent Management Strategies for Agencies to Better Meet Their Missions, GAO19-181, (March 2019).

APPENDICES

175

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Retirements and attrition can create opportunities for employees and allow organizations to
restructure to meet program goals and fiscal realities. However, if turnover is not strategically
monitored and managed, gaps can develop in an organization’s institutional knowledge and
leadership. 97
Navigating the Upcoming Retirement Waves in the FDIC’s Primary Divisions
Approximately 91 percent of all FDIC employees work in one of the FDIC’s nine primary and
support Divisions. We analyzed the data regarding eligibility for retirement of the employees
within these Divisions as illustrated in Table A. Based on our review, we found that 30 to
67 percent of the FDIC staff in these Divisions is eligible to retire in the next 5 years. Notably,
all but one of the primary FDIC Divisions have retirement eligibility rates that are higher than the
Federal Government average of 31.6 percent.
FDIC Executives and Managers in the nine Divisions have retirement eligibility rates ranging
from 29 to 76 percent. For example, more than three-quarters of FDIC Executives and
Managers within the Division of Finance (76 percent) are eligible to retire in the next 5 years.
Similarly, 70 percent of Executives and Managers in the Division of Resolutions and
Receiverships can retire in the same timeframe.
The 5-year retirement rates of Executive Managers and Corporate Managers could result in
knowledge and leadership gaps at the FDIC. As recognized by the GAO, retirement waves may
result in leadership gaps. 98 These mission-critical skills gaps could impede the capabilities of
any agency to achieve its mission, unnecessarily delay decision-making, and reduce program
management and oversight. 99
Table A: Retirement Eligibility Statistics for Key FDIC Divisions

Division

Staff Eligible to
Retire in 2024

Division of Resolutions and Receiverships (DRR)
Division of Finance (DOF)
Legal Division
Division of Administration (DOA)
Division of Information Technology (DIT)
Division of Risk Management Supervision (RMS)
Division of Complex Institution Supervision &
Resolutions (CISR)
Division of Depositor and Consumer Protection
(DCP)
Division of Insurance and Research (DIR)

Executives and
Managers Eligible to
Retire in 2024

67 percent
61 percent
56 percent
53 percent
46 percent
39 percent
35 percent

70 percent
76 percent
44 percent
57 percent
52 percent
63 percent
29 percent

33 percent

51 percent

30 percent

39 percent

Source: OIG analysis of FDIC-provided data as of July 31, 2019.

97

GAO, Federal Workforce: Sustained Attention to Human Capital Leading Practices Can Help Improve Agency
Performance, GAO-17-627T, (May 2017).
98
GAO, High-Risk Series: Progress on Many High-Risk Areas, While Substantial Efforts Needed on Others, GAO17-317, (February 2017).
99
Southern California Law Review, Vacant Offices: Delays In Staffing Top Agency Positions, (2008).

176

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
The FDIC faces significant risks regarding retirement eligibility in key Divisions involved in crises
readiness efforts. For example, two-thirds of FDIC employees within DRR are eligible to retire
by 2024. DRR staff is responsible for managing resolutions and receiverships when banks fail,
including ensuring the prompt payment of deposit insurance funds to eligible bank customers.
During the financial crisis, the FDIC had the benefit of experienced DRR employees. Absent
seasoned employees with knowledge from past crises, the FDIC may not be sufficiently agile
and could delay decisions and resolution determinations.
DOF, the Legal Division, DOA, and DIT also play important roles to support DRR in a crisis
situation when banks fail. These Divisions also face 5-year staff retirement eligibility rates
ranging from 46 to 61 percent. DOF staff manages the liquidity of the Deposit Insurance Fund
to ensure that money is available to DRR to pay depositors quickly in the event of a bank failure,
and attorneys in the Legal Division assist DRR in structuring resolution agreements. DOA staff
provides contracting support for DRR, including, for example, the rapid hiring of temporary
personnel to address crisis staffing requirements, and DIT provides IT support for necessary
computers and servers during bank failures and crises.
A significant number of employees responsible for ensuring the safety and soundness of
institutions and protecting consumers are also eligible to retire. Specifically, 39 percent of RMS
staff is eligible to retire within 5 years, and more than 62 percent of its Executives and Managers
may retire over the same period. CISR similarly addresses supervisory and resolution risks for
banks with over $100 billion in assets. Staff in CISR has a 5-year retirement eligibility rate of
35 percent. In addition, DCP conducts examinations to ensure that banks meet certain
requirements for consumer protection, anti-discrimination, and community reinvestment. Thirtythree percent of its staff is eligible to retire within 5 years, and 51 percent of its Executives and
Managers may retire during this same timeframe. All supervision-related Divisions are
supported by the banking-sector research and analysis performed by DIR, which has a
retirement eligibility rate of 30 percent within the next 5 years.
The FDIC should continue to ensure that the institutional knowledge of retirement-eligible
employees is captured and passed on to new employees. The FDIC has programs underway to
review succession planning and we will monitor those efforts.
Navigating the Upcoming Retirement Wave in FDIC Regional Offices
The FDIC has six Regional Offices located throughout the country. Regional Offices include
members from all FDIC Divisions, but the largest representation of employees is RMS
examination staff. The FDIC faces risk due to staff retirement eligibility rates within each of its
Regional Offices.
Similar to the above analysis regarding each of the FDIC Divisions, we also assessed the data
regarding the eligibility for retirement of employees in the Regional Offices. Based on our
analysis, as shown in Table B, we found that FDIC employees in these Regional Offices are
eligible to retire in the next 5 years at rates ranging from 33 to 53 percent, and retirement rates
for Executives and Managers range from 44 to 77 percent. For example, in the Dallas Regional
Office alone, more than half of its staff is eligible to retire in the next 5 years, and more than
three-quarters of its Executives and Managers can do the same.

APPENDICES

177

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Table B: Retirement Eligibility Statistics for FDIC Regional Offices

Region

Staff Eligible to Retire in 2024

Executives and Managers
Eligible to Retire in 2024

53 percent
40 percent
39 percent
37 percent
36 percent
33 percent

77 percent
44 percent
47 percent
58 percent
60 percent
74 percent

Dallas
New York
Atlanta
San Francisco
Chicago
Kansas City

Source: OIG analysis of FDIC-provided data as of July 31, 2019.

Regional Office personnel are the critical interface between the FDIC and bank management.
Regional Office examiners evaluate bank management’s controls to maintain safety and
soundness, mitigate cybersecurity risks, and minimize harm to consumers. Regional Office
personnel also play a significant role during financial crises. The FDIC’s Dallas Regional Office
houses operational capabilities for large-scale bank failures, and it has among the highest rates
of retirement eligibility at the FDIC.
Addressing Attrition Among FDIC Examiners
As of July 31, 2019, 47 percent of FDIC employees were classified as examiners. These
examiners are deployed to four FDIC Divisions: RMS, DCP, DIR, and CISR, and to the FDIC’s
Corporate University. 100 As shown in Figure 3, at the end of 2019, 14 percent of examiners
were eligible to retire. However, that number of retirement-eligible examiners jumps to
25 percent within 3 years (2022) and increases further to 33 percent (one-third of the examiner
workforce) in 5 years (2024).
Figure 3: FDIC Examiner Retirement Eligibility

December 2019
383 (14%)

December 2024
884 (33%)

December 2022
660 (25%)
Source: OIG analysis of FDIC retirement data.

In addition, approximately 72 percent of all FDIC examiners are assigned to safety and
soundness and IT examination positions within RMS. In 2018, 11 percent of RMS examiners
resigned from their position, retired, or were promoted to non-examiners positions within the
FDIC; this figure represents a 9-percent increase from the prior year. According to RMS
surveys of managers of departing examiners, a significant portion of the attrition rate attributable
to resigning examiners was dissatisfaction with the amount of travel required to conduct
examinations. The FDIC has noted that safety and soundness examiners spent an average of
89 nights per year away from home, more than 24 percent of the year. 101
100

As of July 31, 2019, the FDIC’s Corporate University had 142 employees training for examiner commissions.
Examiners are assigned to Corporate University during their first year of training.
101
Statement of Jelena McWilliams, FDIC Chairman, on Oversight of Financial Regulators before the United States
Senate Committee on Banking, Housing, and Urban Affairs, (December 5, 2019).

178

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Examiner attrition is costly. The FDIC invests an average of $620,000 per person to train new
hires to become commissioned examiners over the period of 4 years (an average of
approximately $155,000 annually per examiner). 102 Historically, entry-level employees hired for
examination positions must progress through the FDIC’s Corporate Employee Program (CEP)
rotational year, be assigned to a Division, and then meet benchmarks, complete training, and
meet technical requirements to become commissioned examiners. 103
During the 4-year examiner pre-commissioning, the FDIC loses between 7 and 8 percent of
participants each year at an average cost of about $1.3 million per year. For example,
according to RMS statistics, for the five CEP cohorts from 5 years ago (the class of 2014),
35 percent of participants departed before completion of the 4-year commissioning process.
In August 2019, the FDIC announced changes to its approach for recruiting, hiring, and training
examiners. The planned changes are aimed at improving the process for hiring new examiners
and reducing the time for an examiner to attain commission by 6 to 8 months. We have ongoing
work to evaluate the FDIC’s allocation and retention of human capital for the examination
function.
The FDIC should also align its human capital strategy to meet the challenges of rapidly
changing bank technology. Community banking is increasingly dependent on a model that
relies on technology provided by third-party partners, such as credit bureaus and payment
networks, but it also includes new customer-facing and back-office collaborators. 104 The FDIC
should have examination staff that understands new technology in order to examine risks.
The FDIC should take a strategic approach to align its human capital management with current
and future mission requirements, including technology changes. Addressing human capital
holistically from planning through retirement allows the FDIC to maximize performance and
manage the waves of retirements and attrition.

7|KEEPING FDIC FACILITIES, INFORMATION, AND PERSONNEL SAFE AND SECURE
The FDIC is responsible for protecting approximately 6,000 employees and 3,000 contract
personnel who work at 94 FDIC-owned or leased facilities throughout the country. The FDIC is
also custodian of 338 systems containing sensitive information about banks and PII of employees,
contractors, bank management, and bank deposit holders. A total of 174 of the FDIC’s 338 IT
systems contain what the agency deems to be “sensitive PII.” The FDIC is challenged to have
appropriate processes in place to safeguard facilities, information, and personnel.
According to the Worldwide Threat Assessment of the US Intelligence Community 105 (2018)
(Threat Assessment), foreign intelligence agencies, terrorist groups, and criminal organizations
strive to gain access to proprietary information from the finance industry and attempt to recruit
sources such as trusted insiders. 106 According to Verizon’s 2018 Data Breach Investigations
102

Average costs per examiner are based on RMS calculations for the five cohorts of new hires for 2014.
The FDIC is eliminating the CEP program in 2020.
104
Accenture, Banking Technology Vision 2019. Governor Michelle W. Bowman, Community Banking in the Age of
Innovation, at the “Fed Family” Luncheon at the Federal Reserve Bank of San Francisco, San Francisco, California,
(April 11, 2019).
105
Statement for the Record: Worldwide Threat Assessment of the US Intelligence Community (February 13, 2018).
106
Statement for the Record: Worldwide Threat Assessment of the US Intelligence Community (February 13, 2018).
103

APPENDICES

179

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Report, one-third of all cyber breaches of government information is the result of privilege
misuse and errors by insiders. 107 A Carnegie Mellon University paper entitled Analytic
Approaches to Detect Insider Threats estimated the cost of an insider attack to be $445,000. 108
With an average of 3.8 insider attacks per organization per year across all industries, annual
costs to an organization can reach $1.7 million. 109
According to the GAO, a background investigation program should ensure the identification and
assessment of individuals with criminal histories and questionable behavior. 110 Background
investigations “minimize the risks of unauthorized disclosures of classified information and …
help ensure that information about individuals with criminal histories or other questionable
behavior is identified and assessed.” 111
Also, Federal managers and supervisors are responsible for assessing facility risk, assigning
facility security levels, and determining whether implemented countermeasures effectively
mitigate risk. 112 Further, Federal agencies must protect the PII and sensitive information they
possess. PII includes any information about an individual maintained by an agency, including
(1) any information that can be used to distinguish or trace an individual’s identity, such as
name, Social Security Number (SSN), date and place of birth, mother‘s maiden name, or
biometric records; and (2) any other information that is linked or linkable to an individual, such
as medical, educational, financial, and employment information. PII protection includes
information contained in IT systems as well as other forms. In March 2019, the GAO identified
the protection of privacy and sensitive data as a major challenge for the Federal Government. 113
As of June 2018, the FDIC reported that it maintained 338 information systems containing PII,
including 174 systems that contain what the agency deems to be “sensitive PII.”
Implementing Risk-Based Physical Security Management
The FDIC maintains 94 leased or owned facilities across the country that house approximately
9,000 FDIC employees and contractors. In our evaluation report, The FDIC’s Physical Security
Risk Management Process (April 2019), we assessed whether physical security risk
management processes met Federal standards and guidelines. We concluded that the FDIC
had not established an effective physical security risk management process to ensure that it met
ISC standards and guidelines.
We found that the FDIC frequently did not document its decisions regarding facility security risks
and countermeasures, and such decisions were not guided by defined policies or procedures.
Instead, FDIC officials relied on a few experienced employees to make important decisions
regarding physical security risks and countermeasures at facilities. Without documentation of
107

th

Verizon, 2018 Data Breach Investigations Report, (11 Edition).
Carnegie Mellon University Software Engineering Institute, Analytic Approaches to Detect Insider Threats,
(December 9, 2015).
109
Carnegie Mellon University Software Engineering Institute, Analytic Approaches to Detect Insider Threats,
(December 9, 2015).
110
GAO, High-Risk List: Substantial Efforts Need to Achieve Greater Progress on High-Risk Areas, GAO-19-157SP,
(March 6, 2019).
111
GAO, GAO Adds Government-wide Personnel Security Clearance Process to “High Risk List,” GAO Press
Release, (January 25, 2018).
112
In 1995, President Clinton, by Executive Order 12977 (October 19, 1995), created the Interagency Security
Committee (ISC) in order to issue standards, policies, and best practices to enhance the quality and effectiveness of
security in non-military Federal facilities in the United States.
113
GAO, High-Risk Series: Substantial Efforts Needed to Achieve Greater Progress on High-Risk Areas, GAO-19157SP, (March 6, 2019).
108

180

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
these decisions, FDIC executives and oversight bodies were unable to fully consider and review
the decisions.
We also found that the FDIC did not conduct key activities in a timely or thorough manner for
determining facility risk level, assessing security protections in the form of countermeasures,
mitigating and accepting risk, and measuring program effectiveness. For example, for one of its
medium-risk facilities, the FDIC began, but did not complete, an assessment more than
2½ years after the FDIC occupied the leased space. Collectively, these weaknesses limited the
FDIC’s assurance that it met Federal standards for physical security over its facilities. We made
nine recommendations to address the weaknesses in the FDIC’s physical security risk
management process, and five remained unimplemented at the time of this report.
Securing Sensitive and Personally Identifiable Information
During 2016, the FDIC reported a series of breaches to Congress as departing employees
improperly downloaded sensitive PII, including SSNs, to removable media devices shortly
before leaving the FDIC. Collectively, these breaches potentially affected over 121,000
individuals. We reported on the FDIC’s handling of these breaches and its associated controls
in four prior reports. 114 In our audit report, The FDIC’s Processes for Responding to Breaches
of Personally Identifiable Information (September 2017), we found that the FDIC had processes
to evaluate the harm to individuals affected by a breach, but the FDIC did not adequately
implement those processes. For example, it took the FDIC more than 9 months to notify
individuals affected by a breach. Further, in our OIG Special Inquiry 115 (April 2018) report we
noted systemic weaknesses that hindered the FDIC’s ability to respond to multiple information
security incidents and breaches efficiently and effectively. The FDIC addressed the
20 recommendations we made in these two reports.
In our audit report, The FDIC’s Privacy Program (December 2019), we assessed the
effectiveness of the FDIC’s Privacy Program and practices by determining whether the FDIC
complied with selected provisions in privacy-related statutes and OMB policy and guidance. 116
The FDIC’s Privacy Program was effective in certain areas. Specifically, the FDIC had
implemented a privacy awareness and training program; identified its privacy staffing and
budgetary needs; established privacy competency requirements for key staff; and took steps to
ensure contractor compliance with privacy programs. However, we found that the FDIC’s
controls and practices for its Privacy Program in four areas assessed were either partially
effective or not effective, because they did not comply with all relevant privacy laws and/or OMB
policy and guidance. Specifically, the FDIC did not:

114

See OIG Reports, The FDIC’s Process for Identifying and Reporting Major Information Security Incidents (FDIC
OIG AUD-16-004) (July 2016, revised February 2017); The FDIC’s Processes for Responding to Breaches of
Personally Identifiable Information (FDIC OIG AUD-17-006) (September 2017); Controls over Separating Personnel’s
Access to Sensitive Information (FDIC OIG EVAL-17-007) (September 2017); and The FDIC’s Response, Reporting,
and Interactions with Congress Concerning Information Security Incidents and Breaches (FDIC OIG-18-001)
(April 2018).
115
OIG Special Inquiry Report, The FDIC’s Response, Reporting, and Interactions with Congress Concerning
Information Security Incidents and Breaches (April 2018).
116
Privacy Act of 1974, 5 U.S.C. § 552a; Section 208 of the E-Government Act of 2002, Pub. L. No. 107-347, 116
Stat. 2899 (codified at 44 U.S.C. § 3501 note); Section 522 of the Consolidated Appropriations Act of 2005, Pub. L.
No. 108-447, 118 Stat. 2809, amended by Consolidated Appropriations Act of 2008, Pub. L. No. 110-161, 121 Stat.
1844 (codified as amended at 42 U.S.C. § 2000ee-2); Designation of Senior Agency Officials for Privacy (OMB
Memorandum M-05-08) (February 11, 2005); OMB Circular A-130, Managing Information as a Strategic Resource
(July 28, 2016).

APPENDICES

181

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)





Fully integrate privacy considerations into its risk management framework designed to
categorize information systems, establish system privacy plans, and select and
continuously monitor system privacy controls;
Adequately define the responsibilities of the Deputy Chief Privacy Officer or implement
Records and Information Management Unit responsibilities for supporting the Privacy
Program;
Effectively manage or secure PII stored in network shared drives and in hard copy, or
dispose of PII within established timeframes; and
Ensure that Privacy Impact Assessments 117 were always completed, monitored,
published, and retired in a timely manner.

Weaknesses in the FDIC’s Privacy Program increased the risk of PII loss, theft, and
unauthorized access or disclosure, which could lead to identity theft or other forms of consumer
fraud against individuals. In addition, weaknesses related to the management of Privacy Impact
Assessments reduced transparency regarding the FDIC’s practices for handling and protecting
PII. Our report contained 14 recommendations intended to strengthen the effectiveness of the
FDIC’s Privacy Program and practices.
In addition, in our audit report, The FDIC’s Information Security Program – 2019 (October 2019),
we noted that the FDIC did not adequately control access to sensitive information and PII stored
on its internal network and in hard copy. For example, we identified instances in which sensitive
information stored on internal network shared drives was not restricted to authorized users. We
also conducted unannounced walkthroughs of selected FDIC facilities and identified significant
quantities of sensitive hard copy information stored in unlocked filing cabinets and boxes in
building hallways.
The majority of unsecured sensitive information we found was stored in unlocked filing cabinets
and boxes in building hallways. Examples included:


Confidential bank examination information, such as Reports of Examination;



Suspicious Activity Reports;



Sensitive PII, such as reports containing names, SSNs, and dates of birth;



Legal documents, analyses, and correspondence pertaining to investigations, litigation,
claims, and settlements;



Portable storage media, including a computer hard drive and CDs/DVDs (one of which
was marked confidential); and



Contracting and procurement sensitive information.

We recommended that employees and contractor personnel properly safeguard sensitive
electronic and hardcopy information. The FDIC took immediate action to secure information
identified by the OIG.
117

The E-Government Act of 2002 requires, among other things, that Federal agencies conduct Privacy Impact
Assessments that analyze how personal information is collected, stored, shared, and managed in a Federal system.
See Government Accountability Office, Privacy: Federal Law Should Be Updated to Address Changing Technology
Landscape, GAO-12-961T, (July 31, 2012).

182

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Securing the FDIC’s Supply Chain

Figure 4: Supply Chain Risk View

According to the GAO, the supply chain is
“the set of organizations, people, activities,
and resources that create and move a
product from suppliers to end users.” 118 As
shown in Figure 4, an organization may
have reduced visibility, understanding, and
control of relationships with vendors who
rely on second- and third-tier suppliers and
service providers. Risks are realized when
the supply chain exploits existing
vulnerabilities though it may take years for
such exploitation to occur or for an agency
to discover the exploitation. 119
The GAO noted that key supply chain
threats include:







Source: NIST Publication 800-161, Supply Chain Risk
Management Practices for Federal Information Systems and
Organizations.

Installation of hardware or software
containing malicious logic causing significant damage by allowing attackers to take
control of entire systems and read, modify, or delete sensitive information, disrupt
operations, launch attacks against other organizations’ systems, or destroy systems.
Installation of counterfeit hardware or software threatening the integrity, trustworthiness,
and reliability of information systems because they fail more often and more quickly, and
provide an opportunity to insert a back door to give an intruder remote access.
Failure or disruption in the production or distribution of critical products, including
manmade and natural disruptions of the supply of IT products critical to federal agencies.
Reliance on a malicious or unqualified service provider who can use its access to
systems and data to gain access to information, commit fraud, disrupt operations, or launch
attacks against other computers or networks.
Installation of hardware or software that contains unintentional vulnerabilities such
that defects in code or misconfigurations can be exploited to gain access to information
systems and data and disrupt service. 120

An example of supply chain risk is the Federal Government’s limitation on the purchase of
telecommunications equipment from Huawei because of concern that the Chinese government
can access phone calls and information. 121
The FDIC does not have a comprehensive, FDIC-wide supply chain risk policy. The FDIC’s
Chief Information Officer Organization (CIOO) established a Policy on Supply Chain Risk
Management in July 2019 that applies to CIOO employees who “participate, support, and are
involved with the procurement and acquisition process of IT products.” Other FDIC Divisions
and Offices are not bound by and may not be aware of the CIOO Policy. The FDIC established
a Supply Chain Risk Management Steering Committee in 2019 to address this area of risk. We
have work planned to assess the FDIC’s supply chain risk mitigation.
118

GAO, Information Security: Supply Chain Risks Affecting Federal Agencies, GAO-18-667T, (July 12, 2018).
National Institute of Standards and Technology (NIST) Publication 800-161, Supply Chain Risk Management
Practices for Federal Information Systems and Organizations.
120
GAO, Information Security: Supply Chain Risks Affecting Federal Agencies, GAO-18-667T, (July 12, 2018).
121
The New York Times, U.S. Moves to Ban Huawei From Government Contracts, (August 7, 2019).
119

APPENDICES

183

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Sustaining a Work Environment Free from Discrimination, Harassment, and Retaliation
Federal facilities should also have working environments that are free from intimidating, hostile,
or offensive behaviors. Employee behaviors such as sexual harassment can undermine an
agency’s mission by creating a hostile work environment that lowers productivity and morale,
affects the agency’s authority and credibility, and exposes the agency to litigation risk and costs.
The FDIC reported receiving a total of just 9 allegations of sexual harassment over a 3½-year
period (January 2015 to June 2018). However, when the Merit Systems Protection Board
(MSPB) conducted a survey in 2016 (based on data from 2014 to 2016), the MSPB found that
approximately 9 percent of the 427 FDIC employees who responded to the survey
(40 employees) indicated they had experienced sexual harassment. We have ongoing work to
review the FDIC’s program for addressing sexual harassment allegations.
Conducting Background Investigations
During late 2015 and early 2016, the FDIC experienced eight incidents as departing employees
improperly took sensitive information shortly before leaving the FDIC. Seven incidents involved
PII, including Social Security Numbers, and thus constituted data breaches. In the eighth
incident, the departing employee took highly sensitive components of resolution plans submitted
by certain large systemically important financial institutions without authorization.
FDIC employees and contractors are subject to background investigations commensurate with
the sensitivity of their positions, scope of responsibility, and access to classified National
Security Information. 122 The FDIC’s Personnel Security and Suitability Program (PSSP) aims to
ensure that FDIC employees and contractors have suitable character, reputation, honesty,
integrity, and trustworthiness. A strong PSSP reduces the risk of employee or contractor
information breaches and identifies potential issues for the FDIC’s Insider Threat Program. 123
The FDIC does not have a policy to ensure proper coordination and collaboration among its
PSSP and its Insider Threat Program. As a result, program interconnections are made at the
discretion of program personnel. Absent standard criteria for the referral of potential insider
threat issues from the PSSP to the Insider Threat Program Manager, threat information may not
be shared. We have an evaluation underway to assess the current state of the FDIC’s
Personnel Security and Suitability Program.
The protection of employees, contractors, facilities, and information is paramount for the
execution of the FDIC’s mission and the protection of the privacy of FDIC personnel and
contractors as well as financial institution customers and employees. The FDIC should ensure
that it implements appropriate controls to assess the suitability of its employees and contractors
and provide them with safe facilities in which to conduct their work. FDIC employees and
contractors must also be responsible in protecting sensitive information and individual privacy.

122

FDIC Circular 1610.2, Personnel Security Policy and Procedures for FDIC Contractors; Circular 1600.3, National
Security Program; and Circular 2120.1, Personnel Suitability Program.
123
Security Executive Agent Directive 3, Reporting Requirements for Personnel with Access to Classified Information
or Who Hold a Sensitive Position, (June 12, 2017).

184

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
8|ADMINISTERING THE ACQUISITION PROCESS
The FDIC relies on contractors for day-to-day support of its mission. In 2018, the FDIC spent
nearly $500 million on contracts, with the largest expenditures for IT and administrative support
services. The FDIC currently oversees acquisitions on a contract-by-contract basis—rather than
on a portfolio-wide basis—and it does not have an effective contracting management information
system to readily gather, analyze, and report portfolio-wide contract information across the
Agency and does not maintain certain key data elements. Therefore, FDIC officials cannot readily
analyze historical contracting trends across the portfolio and identify anomalies. In addition,
contracting demands are expected to increase as the FDIC modernizes its IT program and
systems and moves to cloud computing. Further, FDIC contracting staff may experience
significant spikes in contracting work during periods of crises. FDIC contract oversight should
also include consideration of supply chain risks for acquired products and services.
According to the GAO, about 40 percent of the Government’s discretionary spending is for
goods and services contracts. 124 In Fiscal Year 2018, the Federal Government spent more than
$550 billion on these contracts, an increase of more than $100 billion from 2015. The
Administration found that major government acquisitions often failed to achieve their goals
because of project management skill shortcomings among Federal procurement staff. 125
Similarly, the GAO found that Federal agencies continue to award management support service
contracts but raised questions about agencies’ capacity to manage those contracts. 126
Specifically, the GAO identified three challenges aligned with the contracting life cycle:
(1) requirements definition, (2) competition and pricing, and (3) contractor oversight. The GAO
noted that heavy workloads of contract officials at one agency made it difficult for them to
oversee contracts and ensure contractors’ adherence to contract terms. 127
The FDIC procures goods and services to augment its internal resources and help the Agency
achieve its mission. FDIC contracting requirements increase significantly during times of crises
to address the FDIC’s receivership responsibilities. The FDIC DOA Acquisition Services Branch
(ASB) works with Oversight Managers (OMs) from FDIC Divisions and Offices to provide
oversight of FDIC procurements. As shown in Figure 5, ASB awarded more than
2,400 contracts valued at over $1.5 billion over a 3-year period from 2016 to 2018. The average
annual awarded amount per contract for these 3 years was more than $675,000.

124

GAO WatchBlog, Federal Government Contracting for Fiscal Year 2018 (infographic) posted May 28, 2019. GAO
launched its WatchBlog in January 2014, as part of its continuing effort to reach its audiences—Congress and the
American people—where they are currently looking for information.
125
President’s Management Agenda, (March 20, 2018).
126
GAO, Federal Acquisitions: Congress and the Executive Branch Have Taken Steps to Address Key Issues, but
Challenges Endure, GAO-18-627, (September 2018).
127
GAO, Federal Acquisitions: Congress and the Executive Branch Have Taken Steps to Address Key Issues, but
Challenges Endure, GAO-18-627, (September 2018) (Heavy workloads were noted for the Department of Veterans
Affairs.)

APPENDICES

185

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Figure 5: FDIC Total Dollar Value of Contract Awards 2016-2018

530,000,000
525,000,000
520,000,000
515,000,000
510,000,000
505,000,000
500,000,000
495,000,000
490,000,000
485,000,000

2016
2017
2018

Total Awarded Amount
Source: FDIC Analysis of FDIC Contract Awards.

In 2018, the FDIC’s DIT, DOA, and DRR accounted for over 96 percent of contracts and
contracting dollar awards. The Chief Information Officer Organization identified specific
acquisition strategies to sustain legacy systems, modernize information technology, and adapt
to change. DIT expects to increase contracting activity as it implements the FDIC’s IT
Modernization Plan.
Strengthening FDIC Contract Oversight
Our evaluation report, Contract Oversight Management (October 2019), concluded that the
FDIC must strengthen its contract oversight management. We found that the FDIC needed to
improve its contracting management information system, contract documentation, the training
and certification of certain OMs, and workload capacity of OMs for one Division.
Specifically, we found that the FDIC was overseeing acquisitions on a contract-by-contract basis
rather than on a portfolio basis and did not have an effective contracting management
information system to readily gather, analyze, and report portfolio-wide contract information
across the Agency. For example, the FDIC's contracting system did not maintain certain key
data in a manner necessary to conduct historical trend analyses, plan for future acquisition
decisions, and assess risk in the FDIC's awarded contract portfolio. As a result, FDIC Board
Members and other senior management officials were not provided with a portfolio-wide view or
the ability to analyze historical contracting trends across the portfolio, identify anomalies, and
perform ad hoc analyses to identify risk or plan for future acquisitions.
Additionally, 20 percent of the contracts executed between 2013 and 2017 (1,518 of 7,786) did
not have contract pricing arrangement information entered into the FDIC’s Automated
Procurement System. Without complete data, the FDIC cannot readily analyze the contract
pricing arrangements across the FDIC’s contract portfolio.
We also found that contract files maintained by OMs were often incomplete, and that OMs were
unable to produce the missing contract documentation, such as critical records relating to
inspection and acceptance. Without this documentation, the FDIC could incur additional costs
to recover or replace lost documentation and could have difficulty enforcing the contract in the
event of contractor noncompliance.
Further, OMs improperly uploaded contractor deliverable documentation containing PII to the
FDIC’s contacting system known as CEFile for one of our four sampled contracts covering

186

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
property management services for failed bank properties. Because CEFile was not identified as
a system to retain PII, the FDIC was not monitoring CEFile for PII. Therefore, there was a risk
that the PII in CEFile could be improperly accessed, printed, and removed. The FDIC
subsequently took action to remove the PII from CEFile.
We also found that the workload for OMs in DIT was 67-percent higher than another FDIC
Division with a similar-sized contract portfolio. DIT acknowledged that insufficient OM capacity
put it at risk for ineffective oversight. We made 12 recommendations in the Contract Oversight
Management report.
In two previous OIG evaluation reports, we identified similar issues involving DIT oversight.


In Payments to Pragmatics, Inc. (December 2018), we determined that about 10 percent
of the labor charges we reviewed were not adequately supported or allowable under the
contract and related task orders. The unsupported labor charges were for hours billed
by two subcontractor employees who did not access the FDIC’s network or facilities on
the days they charged the hours. In addition, we identified unallowable labor charges for
work performed offsite, away from FDIC facilities.



In the FDIC’s Failed Bank Data Services Project (March 2017), we reviewed transition
costs ($24.4 million) of a 10-year project to replace the FDIC’s information systems for
processing bank data for failed financial institutions. We found that the FDIC faced
challenges related to defining contract requirements, coordinating contracting and
program office personnel, and establishing implementation milestones. We reported that
FDIC personnel did not fully understand the requirements for transitioning failed financial
institution data and services to a new contractor, or communicate these requirements to
bidders in a comprehensive transition plan as part of the solicitation. Further, the FDIC
did not establish clear expectations in the contract documents and did not implement a
project management framework and plans.

Reviewing for Supply Chain Risk
When an agency contracts for goods and services that will be introduced into its environment,
the agency might encounter risks related to product and service supply chains. Management of
supply chain risk requires “ensuring the integrity, security, quality, and resilience of the supply
chain and its products and services.” 128
Supply chain risk is not limited to equipment. Contractor personnel also pose security risks to
organizations, especially contractors involved in systems development. Contractors with
malicious intent may be able to insert harmful hardware or malicious code into FDIC systems.
NIST advises organizations to take a holistic, enterprise-wide approach to managing supply
chain risks. 129 Organizational best practices include executive-level involvement in supply chain
risk management decision-making and cross-functional leadership structures to break down
silos. In addition, as required by statute, OMB has initiated a Federal Acquisition Security

128

NIST, Cyber Supply Chain Risk Management, (May 24, 2016).
NIST Special Publication 800-161, Supply Chain Risk Management for Federal Information Systems and
Organizations, (April 2015).
129

APPENDICES

187

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
Council to assist Federal agencies in determining supply chain risk, sharing supply chain risk
information, and deciding on actions to mitigate risk. 130
As mentioned previously, the FDIC does not have a comprehensive, FDIC-wide supply chain
risk policy. The FDIC’s CIOO has a supply chain risk policy applicable to CIOO IT
procurements. Thus, FDIC personnel outside the CIOO are not currently required to consider or
mitigate supply chain risks as part of procurement activities.
Further, the responsibility of managing FDIC supply chain risk is not within the FDIC’s
contracting staff but is a collateral duty for the FDIC’s Insider Threat Program Manager. As a
result, supply chain risk management is not the focus of those involved in the contracting
process. The FDIC established a Supply Chain Risk Management Steering Committee in 2019
to address this area of risk. We will be monitoring and assessing the FDIC’s efforts in this
regard.
Contracting is an important function at the FDIC because of the Agency’s reliance on
outsourced services, especially during times of crises. In order to establish an effective
contracting oversight program, the FDIC should maintain a contracting system that can readily
provide an adequate portfolio-wide view of the Agency’s acquisitions. In addition, the FDIC
should establish an effective program to manage and mitigate supply chain risks.

9|MEASURING COSTS AND BENEFITS OF FDIC REGULATIONS
Financial regulations significantly affect banks and their customers. The FDIC does not
currently have a consistent process in place to determine when and how to conduct cost benefit
analysis in order to ensure that the benefits of a regulation justify its costs. Further, the FDIC
does not have criteria in place to distinguish among rules which are sufficiently “significant” to
require cost benefit analysis. Absent clear processes and criteria, demonstrating that FDIC
regulations justify their costs remains a fundamental challenge. We also note that the FDIC
does not conduct retrospective cost benefit analyses on existing rules. Performing such
analyses would help the FDIC ensure that its rules are effective and achieve their intended
objectives/outcomes.
According to a study by the Federal Reserve Bank of St. Louis, regulatory compliance costs as
a percentage of overall non-interest expense for small banks are nearly twice those of larger
banks. 131 As shown in Figure 6, for the years of 2015 through 2017, small banks (less than
$100 million in assets) incurred total compliance costs at 9.8 percent of their noninterest
expenses. By comparison, banks with $1 to $10 billion in assets had compliance costs at
5.3 percent of their noninterest expenses for the same period.

130

Director of National Intelligence, Supply Chain Risk Management, National Supply Chain Integrity Month,
(April 24, 2019). See also The Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure
Technology Act of 2018, Public Law No. 115-390 (December 21, 2018) (“SECURE Technology Act”). Title II of the
Act established the Federal Acquisition Security Council (FASC).
131
Federal Reserve Bank of St. Louis, Compliance Costs, Economies of Scale and Compliance Performance,
Evidence from a Survey of Community Banks, (April 2018).

188

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
In August 2018, the FDIC Chairman
stated that a top priority for the Agency
was to review the regulatory burden on
small banks. 132 She further emphasized
the need to balance regulatory safety
and soundness requirements without
impeding banks’ ability to compete. The
challenge, she indicated, is to ensure
that FDIC regulations are appropriate to
the size and complexity of the banks
that the FDIC supervises. 133

Figure 6: Total Compliance Expenses as a Percentage
of Noninterest Expenses

Quantifying Costs and Benefits
According to the FDIC’s Statement of
Policy on the Development and Review
of Regulations and Policies, the FDIC
uses available information to evaluate
the costs and benefits of reasonable
and potential regulations or statements
Source: Federal Reserve Bank of St. Louis, April 2018.
of policy. Quantifying both the costs and
benefits of significant financial regulations is challenging, and it often may be imprecise and
unreliable. 134 Performing such analysis can be difficult, because it involves theory, modeling,
statistical analysis, and other tools to predict future outcomes based on certain assumptions. 135
For example, it may be difficult to estimate the cost of a financial crisis and the benefits of
regulations aimed to eliminate the crisis. 136 Congress acknowledged the difficulty in measuring
costs and benefits when introducing the Independent Agency Regulatory Analysis Act
(March 25, 2019). This Act requires agencies to “assess the costs and benefits of the intended
rule and, recognizing that some costs and benefits are difficult to quantify, propose or adopt a
rule only upon a reasoned determination that the benefits of the rule justify the costs.” 137
In our evaluation report, Cost Benefit Analysis Process for Rulemaking (February 2020), we
evaluated whether the FDIC’s cost benefit analysis process for rules was consistent with best
practices. We found that the FDIC’s cost benefit analysis was not consistent with best
practices, because the FDIC did not:






Establish and document a process to determine when and how to perform a cost benefit
analysis;
Leverage the expertise of its economists when rules were initially developed;
Require the FDIC Chief Economist to concur on the cost benefit analyses performed;
Disclose its cost benefit analyses to the public; and
Perform cost benefit analyses after final rule issuance.

132

Wall Street Journal, New FDIC Leader Joins Push to Re-Evaluate Banking Rulebook, (August 6, 2018).
Jelena McWilliams, FDIC Chairman, “Principles of Supervision,” delivered at the American Bar Association
Banking Law Committee Annual Meeting (January 11, 2019).
134
Yale Law Review, Cost-Benefit Analysis of Financial Regulation: A Reply, (January 22, 2015).
135
Congressional Research Service, Cost-Benefit Analysis and Financial Regulator Rulemaking, (April 12, 2017).
136
The University of Chicago Journal of Legal Studies, Challenges for Cost-Benefit Analysis of Financial Regulation,
(June 2014).
137
Independent Agency Regulatory Analysis Act, S. 869, United States Senate, (March 26, 2019).
133

APPENDICES

189

ANNUAL
REPORT
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
The FDIC’s rulemaking process resulted in inconsistent practices for conducting cost benefit
analyses. As shown in Figure 7, based on our review of rules promulgated by the FDIC from
January 2016 to December 2018, we found that the FDIC performed cost benefit analyses on
37 percent of the final rules published in the
Figure 7: Cost Benefit Analysis Performance
Federal Register. The FDIC did not explain in the
accompanying Federal Register notices why
15 rules needed a cost benefit analysis and the
other 25 rules did not. These rules lacking a cost
benefit analysis included both substantive rules
and technical modifications.
The FDIC also did not have an established
process for determining how to perform cost
benefit analyses. Based on our review, we found
that the FDIC performed an in-depth cost benefit
analysis 138 on only 10 percent of the final rules
published in the Federal Register.
Source: OIG analysis of FDIC rules published in the
In addition, the depth of analysis that the FDIC
Federal register.
performed did not always align with the rule’s
139
degree of significance.
We found substantive rules without corresponding cost benefit
analyses, and less substantive rules with cost benefit analyses. The process used by the FDIC
did not ensure that the Agency identified and defined a proposed rule’s degree of significance,
and that the Agency appropriately and consistently analyzed costs and benefits.

We also noted that the FDIC did not conduct retrospective cost benefit analyses on existing
rules. 140 Without performing cost benefit analyses of existing rules, the FDIC may not identify
duplicative, outdated, or overly burdensome rules in a timely manner. In addition, the FDIC may
not ensure that its rules are effective and achieve their intended objectives/outcomes. We
made five recommendations to the FDIC to improve the cost benefit analysis in its rulemaking
process.

138

The OIG defines an “in-depth” cost benefit analysis as a cost benefit analysis that contains supporting quantitative
and qualitative data and analysis of the proposed action and main alternatives identified.
139
Executive Order 12866 advises Federal agencies, not including the FDIC, to conduct in-depth cost benefit
analyses for certain significant regulatory actions. The order defines significant regulatory action as any regulatory
action that is likely to result in a rule that may: (1) have an annual effect on the economy of $100 million or more, or
adversely affect in a material way the economy, or a sector of the economy, productivity, competition, jobs, the
environment, public health or safety, or State, local, or tribal governments or communities; (2) Create a serious
inconsistency or otherwise interfere with an action taken or planned by another agency; (3) Materially alter the
budgetary impact of entitlements, grants, user fees, or loan programs or the rights and obligations of recipients
thereof; or (4) Raise novel legal or policy issues arising out of legal mandates, the President’s priorities, or the
principles set forth in this order.
140
Under the Economic Growth and Regulatory Paperwork Reduction Act of 1996 (EGRPRA) (12 U.S.C. § 3311
(1996)), the FFIEC and certain member agencies (Federal bank regulators – FDIC, OCC, and FRB), and the NCUA
(as a participating member), are directed to conduct a joint review of their regulations every 10 years and to consider
whether any of those regulations are outdated, unnecessary, or unduly burdensome. Since Congress enacted
EGRPRA in 1996, the FDIC (jointly with other agencies under the FFIEC) has completed two reviews and submitted
two reports to Congress – the first report was submitted in 2007 and the second report was submitted in 2017. The
FDIC performed these reviews over a period of several years, and commenced the second EGRPRA review in 2014.
The FDIC’s EGRPRA review process was a reactive review process that relied solely on public comments to identify
and initiate Agency action on rules that may be outdated, unnecessary, or unduly burdensome.

190

APPENDICES

2019
OFFICE OF INSPECTOR GENERAL’S
ASSESSMENT (continued)
On December 3, 2019, the FDIC issued a Request for Information seeking comment on
approaches to analyzing the effects of its regulatory actions and alternatives. In addition, on
November 4, 2019, the FDIC announced a reorganization that moved the regulatory analysis
function from the Office of the Chief Economist to the Research and Regulatory Analysis
Branch, which also houses the FDIC’s Center for Financial Research. We will continue to
monitor this realignment.
The FDIC should accurately measure costs and benefits to ensure that regulations strike the
proper balance between the safety and soundness at institutions and regulatory burden. Also,
the FDIC should have transparent processes in place to obtain and assess reliable information
to measure the impact of regulatory action. Absent such processes, FDIC rules may impose
burdensome costs on banks and consumers.

APPENDICES

191

ANNUAL
REPORT
D. ACRONYMS AND INITIALISMS
ACLs

Allowances for Credit Losses

CIO

Chief Information Officer

AEI

Alliance for Economic Inclusion

CIOO

Chief Information Officer Organization

AFS

Available-For-Sale

CISR

AHDP

Affordable Housing Disposition
Program

Division of Complex Institution
Supervision and Resolution

CMG

Crisis Management Group

ALLL

Allowance for Loan and Lease Losses

CMP

Civil Money Penalty

AML

Anti-Money Laundering

ComE-IN

ANPR

Advanced Notice of Proposed
Rulemaking

Advisory Committee on Economic
Inclusion

CRA

Community Reinvestment Act

ASBA

Association of Supervisors of Banks
of the Americas

CSBS

Conference of State Bank Supervisors

ASC

Accounting Standards Codification

CSRS

Civil Service Retirement System

BCBS

Basel Committee on Banking
Supervision

D&I

Diversity and Inclusion

DCP

BDC

Backup Data Center

Division of Depositor and Consumer
Protection

BoA

Bank of America

DFA

Dodd-Frank Act

BSA

Bank Secrecy Act

DHS

Department of Homeland Security

BSA/AML

Bank Secrecy Act/ Anti-Money
Laundering

DIF

Deposit Insurance Fund

DIR

Division of Insurance and Research

Call Report

Consolidated Reports of Condition and
Income

DIT

Division of Information Technology

DOA

Division of Administration

CAMELS

adequacy of Capital, quality of Assets,
capability of Management, quality and
level of Earnings, adequacy of Liquidity,
and Sensitivity to market risk

DOJ

Department of Justice

DRR

Designated Reserve Ratio

DRR (FDIC)

Division of Resolutions and
Receiverships

EAC

Executive Advisory Council

EDIE

Electronic Deposit Insurance Estimator

EGRPRA

Economic Growth and Regulatory
Paperwork Reduction Act of 1996

CBAC

Advisory Committee on Community
Banking

CBLR

Community Bank Leverage Ratio

CCP

Central Counterparties

CDFI

Community Development Financial
Institution

EGRRCPA

CECL

Current Expected Credit Losses

Economic Growth, Regulatory Relief,
and Consumer Protection Act

CEO

Chief Executive Officer

EU

European Union

CEP

Corporate Employee Program

ERM

Enterprise Risk Management

CFI

Complex Financial Institution

FAQ

Frequently Asked Questions

CFO Act

Chief Financial Officers’ Act

FASB

Financial Accounting Standards Board

CFPB

Consumer Financial Protection Bureau

FBIIC

Financial and Banking Information
Infrastructure Committee

CFR

Center for Financial Research

FBO

Foreign Bank Organization

CFTC

Commodity Futures Trading
Commission

FCA

Farm Credit Administration

192

APPENDICES

2019
FDI Act

Federal Deposit Insurance Act

G-SIBs

Global Systemically Important Banks

FDIC

Federal Deposit Insurance Corporation

HVCRE

FDiTech

FDIC Tech Lab

High Volatility Commercial Real
Estate

FEHB

Federal Employees Health Benefits

HMDA

Home Mortgage Disclosure Act

FEMA

Federal Emergency Management
Agency

IADI

International Association of Deposit
Insurers

FERS

Federal Employees Retirement System

IDI

Insured Depository Institution

FFB

Federal Financing Bank

IHCs

Intermediate Holding Companies

FFIEC

Federal Financial Institutions
Examination Council

IMF

International Monetary Fund

IMM

Internal Models Method

FFMIA

Federal Financial Management
Improvement Act

InTREx

Information Technology Risk
Examination Program

FHFA

Federal Housing Finance Agency

ISM

Information Security Manager

FICO

Financing Corporation

IT

Information Technology

FIL

Financial Institution Letter

LBSB

Large Bank Supervision Branch

FinCEN

Financial Crimes Enforcement Network

LCFIs

FINRA

Financial Industry Regulatory
Authority

Large and Complex Financial
Institutions

LIBOR

London Inter-bank Offered Rate

FinTech

Financial Technology

LIDI

Large Insured Depository Institution

FIRREA

Financial Institutions Reform, Recovery
and Enforcement Act

LURA

Land Use Restriction Agreement

FIS

Financial Institution Specialists

MDI

Minority Depository Institutions

FISMA

Federal Information Security
Modernization Act of 2014

MOL

Maximum Obligation Limitation

MOU

Memoranda of Understanding

FMFIA

Federal Managers’ Financial Integrity
Act

MRBA

Matters Requiring Board Attention

MWOB

Minority- and Women-Owned Business

FRB

Board of Governors of the Federal
Reserve System

MWOLF

Minority-and Women-Owned Law
Firms

FRF

FSLIC Resolution Fund

NCUA

National Credit Union Administration

FSB

Financial Stability Board

NIST

FS-ISAC

Financial Services Information Sharing
and Analysis Center

National Institute of Standards and
Technology

NPR

Notice of Proposed Rulemaking

FSLIC

Federal Savings and Loan Insurance
Corporation

NSFR

Net Stable Funding Ratio

OCC

FSOC

Financial Stability Oversight Council

Office of the Comptroller of the
Currency

FTE

Full-Time Equivalent

OCFI

GAAP

Generally Accepted Accounting
Principles

Office of Complex Financial
Institutions

OIG

Office of the Inspector General

GAO

U.S. Government Accountability Office

OJT

On-the-Job Training

GPRA

Government Performance and Results
Act

OLF

Orderly Liquidation Fund

OMB

U.S. Office of Management and Budget

APPENDICES

193

ANNUAL
REPORT
OMWI

Office of Minority and Women
Inclusion

SBA

Small Business Administration

OO

Office of the Ombudsman

SEC

Securities and Exchange Commission

OPM

U.S. Office of Personnel Management

SIFI

Systemically Important Financial
Institution

OTACs

One-Time Assessment Credits

SLA

Shared-Loss Agreement

OTS

Office of Thrift Supervision

SMS

Systemic Monitoring System

P&A

Purchase and Assumption

SNC

Shared National Credit Program

PCM

Privacy Continuous Monitoring

SOC

Security Operations Center

PII

Personally Identifiable Information

SORNs

System of Record Notices

PTFA

Protecting Tenants at Foreclosure Act

SRAC

Q&A

Questions and Answers

Systemic Resolution Advisory
Committee

QBP

Quarterly Banking Profile

SRR

SIFI Risk Report

REFCORP

Resolution Funding Corporation

SSGN

Structured Sale of Guaranteed Note

REMA

Reasonably Expected Market Area

TILA

Truth in Lending Act

ReSG

FSB’s Resolution Steering Group

TRID

RESPA

Real Estate Settlement Procedures Act

TILA RESPA Integrated Disclosure
Rule

RMIC

Risk Management and Internal
Controls

TSP

Federal Thrift Savings Plan

RMS

Division of Risk Management
Supervision

RTC

Resolution Trust Corporation

SA-CCR

Standardized Approach for
Counterparty Credit Risk

194

TSP (IT-related) Technology Service Providers
URSIT

Uniform Rating System for
Information Technology

VIEs

Variable Interest Entities

WARM

Weighted Average Remaining Maturity

YSP

Youth Savings Program

APPENDICES

N OT E S

NOT E S

2019

Federal Deposit
Insurance Corporation

This Annual Report was produced by talented and dedicated staff.
To these individuals, we would like to offer our sincere thanks
and appreciation. Special recognition is given to the following
for their contributions:
❏ Jannie F. Eaddy
❏ Barbara A. Glasby
❏ Financial Reporting Section Staff
❏ Division and Office Points-of-Contact

FEDERAL DEPOSIT INSURANCE CORPORATION

H H H

FEDERAL DEPOSIT INSURANCE CORPORATION

550 17th Street, N.W.
Washington, DC 20429-9990
www.fdic.gov
FDIC-003-2020

H H H