Each depositor insured to at least $250,000 per insured bank

Thank you, Chairman Leach, Congressman LaFalce and members of the Committee, for this opportunity to present the views of the Federal Deposit Insurance Corporation (FDIC) on how insured depository institutions are assessing and managing risk and to discuss the ways that the FDIC is working to make our risk assessment processes more effective. I have detailed written testimony to submit for the record and will, this morning, briefly describe our risk assessment effort.

That effort has never been more important. Innovations in technology and information systems, financial delivery systems, and new financial products and activities provide new opportunities for risk-taking and for increasing the level of risk exposure. We are discovering that the underlying risks in banking, even the new "emerging" ones, remain largely unchanged, but technological and other innovations in products and the delivery of services have vastly accelerated the flow of risks through the system. Our risk assessment procedures are constantly being evaluated and refined to keep pace with these important developments.

I want to make three important points today:

Point number one:

The programs and approaches described in my testimony today do not reflect a fundamental change in the FDIC's traditional approach to risk assessment -- they are designed instead to enhance that approach. Our goal is to use common sense, together with available data, experience and expertise, to help banks and thrifts in their efforts to respond to existing and emerging risks. Recent developments in supervision recognize that it is the responsibility of each insured financial institution to assure that it has internal controls in place to monitor and control the risks to which the institution is exposed. Historically, the FDIC has supported safe and sound supervisory efforts that focus on identifying risks and their underlying causes within the structure of the CAMEL rating system, but the approach in the past has been somewhat static. A more dynamic approach to risk assessment will take into account the variety of risks within each CAMEL component and the effectiveness of internal controls, as well as perhaps new components to CAMEL -- such as market risk or interest rate risk -- where special attention is required.

Disclosing the components of CAMEL to the managements and boards of directors of banks would be beneficial because it would add more discipline to the rating process -- requiring examiners to justify the component ratings for each institution -- and it would give bank managements and boards of directors more direction on specific supervisory concerns before a composite rating declines. As part of this process, the FDIC will continue to work on the interagency effort to refine the CAMEL system.

Point number two:

the key to enhancing our risk assessment programs is our ability to leverage existing statistical and analytical resources, both within and outside the FDIC. We have a treasury of data on the banking and thrift industries that we and our sister agencies testifying today have generated, including a data base the FDIC is developing on the causes of the large number of failing and failed institutions in the 1980s and early 1990s. We have created a Division of Insurance to analyze risks to the insurance funds from a more comprehensive perspective.

Our goal is to "bridge the gap" that currently separates the "macro" perspective of economics and market trends from the "micro" perspective of bank examinations in ways that will translate data into guidance that examiners can use in assessing and monitoring risks and internal controls in institutions with differing levels and types of risk exposure.

We are using the data that we gather to design a more diagnostic and graduated approach to bank examinations -- keyed to the level of risk and the quality of internal controls in individual institutions through the use of decision charts. This will result in examinations tailored to the risks an institution presents and a more accurate assessment of an institution's ability to manage its risks.

The information we collect on risk will provide a basis for notices to banks on trends that may affect the way they do business. We want to help banks respond to changing circumstances before problems arise.

Point number three:

We are analyzing our existing approach to supervision and finding ways to improve it. We are improving pre- examination planning techniques to make examinations more effective and more efficient. We are creating the position of case manager -- examiners who will specialize in specific institutions and who will review all off-site data and regulatory findings concerning individual banks to assess the risks posed to the insurance fund. In addition, we are creating risk specialists on our examination staff -- experts who will assist other examiners in analyzing complex transactions and activities in emerging risk areas, including capital markets investments and accounting, sales of nondeposit investment products and interest rate risk -- and the internal controls for monitoring those risks. We are also creating a unit to focus efforts more directly on risks in international banking activities.

In conclusion, we will continue to increase our ability to identify, measure, and monitor the risks in the banking system -- and the internal controls that institutions are required to have in place to address those risks -- from the familiar risks that travel through traditional brick-and-mortar institutions to the exotic risks that arise from the technological super-highway. By improving what we do, we all benefit from keeping banks open and operating safely and soundly so that they can continue to serve their communities.

Thank you, Mr. Chairman, Congressman LaFalce and members of the committee, I would be happy to address your questions.

Thank you for the opportunity to present the views of the Federal Deposit Insurance Corporation (FDIC) on the assessment and management of risk by insured depository institutions and to discuss the ways that the FDIC is working to make our risk assessment processes more effective. The FDIC brings a unique perspective to this issue as deposit insurer, federal supervisor of state nonmember banks and savings institutions, and receiver for failed depository institutions. This perspective is enriched by the treasury of historical and current data on the banking and thrift industries that we have generated with our sister agencies, the Federal Reserve Board, the Comptroller of the Currency and the Office of Thrift Supervision. In addition, our wealth of economic and analytical expertise provides us with valuable tools to assist banks and thrifts in their ongoing efforts to identify, measure, monitor and control risks.

The programs and approaches that I will describe in my testimony today do not reflect a fundamental change in the FDIC's traditional approach to risk assessment -- they are designed instead to enhance that approach. Our goal is to use common sense, together with available data, experience and expertise, to help banks and thrifts in their efforts to respond to existing and emerging risks. Our path is two-fold. First, we are working to "bridge the gap" that currently separates the "macro" perspective of economics and market trends from the "micro" perspective of bank examinations in ways that will translate data into guidance that examiners can use in assessing and monitoring risks in institutions with differing levels and types of risk exposure. Second, we are using the data that we gather to design a more diagnostic and structured approach to bank examinations in the future. This approach will combine the observations and factual findings from our analytical methods with technological innovations. The result will be a more effective and accurate assessment of an institution's ability to manage its risks within a structured framework, which will enhance safety and soundness -- and one that promotes communication between the FDIC and the management and boards of directors of the institutions that it supervises. I will describe these efforts in more detail below.

Changes in the Business of Banking and Emerging Risks

The business of banking is becoming increasingly complex, and the competitive landscape is undergoing rapid change. The nature and scope of risk within the banking and financial services industry is changing as a result.

Innovations in technology and information systems, financial delivery systems, and new financial products and activities provide novel opportunities for risk-taking, as well as for risk management. The explosive growth in the use of personal computers, the Internet and the World Wide Web, and on-line banking services, as well as the development of innovative payment and settlement systems, also present challenges and opportunities to the banking industry with regard to risk. While the types of risks presented by these new developments are largely familiar, such as credit risk, interest rate risk and market risk, these innovations have altered the nature and scope of the risks faced by the banking industry and the deposit insurance funds as well as the speed with which risk exposures can change.

The growth of trading activities and off-balance-sheet transactions, such as derivatives, highlights the rapidly changing nature of risk within the financial-services industry. Figure 1 shows how rapidly the notional amount of off-balance- sheet derivative products at insured commercial banks has grown in the past four years, from $7.3 trillion to $16.9 trillion. Trading gains and fee income attributable to off-balance-sheet derivatives activities also have exhibited volatility during the last nine quarters, ranging from as much as $2.6 billion to as little as $1.1 billion.

[Figures 1-5 are available from the FDIC Public Information Center, 801 17th Street N.W., Room 100, Washington, DC, 20434, phone (202) 416-6940.]

The need for effective supervisory measures to address these banking risks has become even more pronounced as insured institutions have confronted increased competition from non-banks in recent years. Commercial banks' share of domestic financial- sector assets has fallen from 40 percent in the mid-1970s to 25 percent at mid-year 1995 (Figure 2). Meanwhile, commercial paper and finance company loans increasingly have substituted for bank loans as funding vehicles for businesses. In 1980, the combined dollar amount of business loans made by finance companies and commercial paper issued by non-financial firms was just 30 percent of the dollar amount of commercial and industrial loans from commercial banks; at mid-year 1995, this figure exceeded 80 percent (Figures 3 and 4).

Insured institutions also face increasing competition from these non-bank firms for deposit funds. At year-end 1980, for example, investments in money-market mutual funds totaled only 16 percent of the amount invested in small time and savings deposits at commercial banks but, by mid-year 1995, this figure was approaching 50 percent (Figure 5).

This intense competition among insured institutions and other financial firms continues in the midst of rapid industry consolidation, interstate expansion of banking operations, and the rise of electronic banking. We recognize that our responses to these challenges will require innovative methods as well. Our risk assessment procedures are constantly being evaluated and refined to keep pace with these important changes.

BRIDGING THE GAP: ENHANCING EXISTING RISK ASSESSMENT PROGRAMS

We believe that the key to enhancing our risk assessment programs is our ability to leverage existing statistical and analytical resources, both within and outside the FDIC. By "bridging the gap" between macro economic and market trends and the micro perspective of individual bank examinations, we can use these resources to help examiners focus their efforts on conducting the most effective examination possible. We will provide a structure within which consistent guidance can be given to our examiners as they assess the levels and types of risk. Examiners will stay on site only as long as necessary to address the risks that individual institutions present. The information we collect on risk also will provide a basis for notices to banks on economic and other macro trends that may affect the way that institutions do business and help them respond to changing circumstances before problems arise. We have a number of initiatives underway that are designed to help in this regard.

Division of Insurance

As a first step in bridging the gap between the macro and micro concerns, I recently created a new division within the FDIC to enhance the FDIC's ability to analyze risks to the insurance funds from a more comprehensive perspective. The new Division of Insurance will identify and monitor emerging and existing risks by drawing on a wide variety of sources of information from the FDIC, other bank regulatory agencies, other government information and statistics, and analyses and data from the private sector related to economic, financial and banking trends. Today, an abundance of such "macro" information is available. The Division of Insurance will analyze this information from the unique perspective of the deposit insurer and translate the results into specific, useful guidance for examiners and financial analysts, senior FDIC managers, bankers, and others who monitor banking trends.

To bridge the gap effectively, it is essential to establish a two-way flow of information between analysts and economists in the Division of Insurance and examiners in the field. Examinations will be more effective to the extent that the Division of Insurance provides guidance based upon timely analyses of relevant trends and business conditions affecting the institutions to be examined. The Division of Insurance will be more effective in identifying relevant trends and conditions to the extent that examiners convey, on a timely basis, what they are observing during the examination process.

The Division of Insurance will work closely with FDIC research economists and banking analysts, as well as with the staffs of other divisions of the FDIC and other bank regulatory agencies, along with economists and analysts in the private sector, to identify and address risks in the banking industry. The Division of Insurance also will analyze economic trends that warrant further investigation for potential risks to the insurance funds. To consider some current examples, the FDIC's most recent Quarterly Banking Profile, which is a quarterly publication of banking statistics, reported that personal bankruptcy filings compiled by the American Bankruptcy Institute have risen sharply over the past year, and may reach the one million mark for the first time ever during 1996. At the same time, credit-card balances at commercial banks have been expanding rapidly, at a growth rate of twelve percent annually since 1991, and unused credit-card commitments exceeded $1.1 trillion as of December 31, 1995. These trends have been accompanied by an increase in consumer loan delinquencies over the past six quarters. As deposit insurer and supervisor, the FDIC will continue to monitor these trends and is committed to having the proper resources and systems in place to evaluate such data thoroughly, and in a timely fashion, in order to provide useful guidance for bankers, supervisors and policymakers.

Finally, the new Division of Insurance will evaluate the effectiveness of the risk-based premium system for deposit insurance on an ongoing basis, explore refinements in response to new or evolving risks, and consider alternatives as necessary to ensure that premiums accurately reflect the risks posed to the insurance funds.

Historical Analysis of Banking Industry Experience and Macro Economic Data

The FDIC's experience in the 1980s and early 1990s in dealing with large numbers of failing and failed institutions has given us a wealth of valuable data on the factors that led to those failures. Speculation and excessive levels of credit risk, often influenced by regional and other macroeconomic conditions, were major contributing factors to the vast majority of these recent failures -- and they remain critical to our analysis of risk today. In order to benefit from the lessons of the past, we are conducting a comprehensive review of our experiences in the 1980s and early 1990s. This study will provide us with systematic information related to problem institutions, failures and recoveries. By synthesizing the results of our statistical research, together with the informed views of market participants, bank supervisors, policymakers, failed-bank resolution specialists and other experts, this historical study will help us gauge the effectiveness of different policies and procedures that have been applied during the recent past. Inturn, this will help focus our efforts to enhance our offsite monitoring capabilities, examination procedures, failed-bank resolution methods, asset disposition strategies and policies to maintain bank safety and soundness now and in the future.

An effort also is underway at the FDIC to enhance our failure-prediction capabilities by incorporating indicators of regional economic conditions and other relevant macroeconomic information into our failure-prediction models. Economic conditions clearly played a major role in the waves of bank failures that swept through the "farm belt," the energy-producing states and the northeast corridor during the 1980s and early 1990s. Careful analysis of the events that occurred during this period will provide us with an opportunity to design models that will employ economic indicators more systematically than has been done in the past in predictions of bank failures. We also can use the economic information to design supervisory procedures that may be taken to avert potential problems sooner. While it is difficult to predict turning points in the economy with precision, we will use our experience and expertise to "bridge the gap" and identify changes in economic conditions that may signal increased or changed risk exposure to banking institutions and the insurance funds.

FACING THE FUTURE: ENHANCED RISK ASSESSMENT PROGRAMS

Currently, the FDIC's risk assessment efforts with respect to examinations incorporate the use of the traditional approach to examining and supervising individual institutions. This process includes pre-examination planning, on-site examinations, offsite monitoring, internal and external audits and other programs designed to ensure a comprehensive and effective risk assessment program that can detect poor risk management or excessive risk-taking by an institution before losses occur. In each of these areas, the FDIC is working to develop a more dynamic approach to assessing the risks that are traditionally evaluated as part of FDIC examinations of financial institutions. These risks include credit risk, interest rate risk, market risk, liquidity risk, operational risk, legal risk and reputational risk. This approach integrates risk assessment with the components of the CAMEL rating system, which establishes a context for evaluating the performance of individual financial institutions over time and in relation to their peers. (note 1)

Briefly, I will describe our current supervisory and examination procedures and highlight how these procedures are designed to help assess, measure, monitor and control risk. Next, I will discuss some of the newer initiatives that we are implementing to improve on these systems and to assess and manage risk going forward. Each of these new programs is designed to improve the effectiveness and efficiency of the FDIC's current risk assessment efforts and enable us to use all of our available resources to improve the overall examination structure and the consistency of our assessment of risk. These risk assessment efforts will increasingly incorporate evaluations on macro or aggregate risks to the insurance funds by employing the studies and analyses that I discussed above.

Again, I want to stress that these programs are intended not to abandon or to alter dramatically our examination philosophy, policies or procedures, but rather to strengthen and build on existing procedures in order to conduct a more thorough assessment of an institutions ability to identify, measure, monitor and control its risk. Our goal is to develop a system that provides structure and consistency to the examination process, while at the same time encouraging examiners to think analytically rather than adhering to arbitrary checklists.

In implementing these programs, we also want to ensure that we maintain open lines of communication with an institutions management and board of directors with respect to risk assessment issues. We believe that an individual institution's management and board is in the best position to assess, monitor and manage its own risk.

Existing Examination Procedures

The FDIC currently uses pre-examination planning procedures that are designed to identify institution-specific risks deserving more in-depth, onsite attention. Proper preexamination planning enhances the orderliness and efficiency of onsite examinations and reduces the burden on institutions by identifying areas that pose potential risks or problems. (note 2)

Our existing planning process includes an evaluation of statistical and other data, both public and proprietary, relative to an institutions condition and performance; (note 3) a review of potential significant events such as changes in control or management; an assessment of the effectiveness and adequacy of previously enacted corrective programs, and an evaluation of pending applications. Through the preparation of a pre- examination report setting forth the intended scope of the examination, onsite staffing requirements are minimized, resulting in a less intrusive process.

Onsite examinations are designed to identify and evaluate the risks in an institutions capital level, asset type and quality, level and trend of earnings, liquidity position, and adequacy of management. Onsite examinations continue to provide the most effective means of evaluating an institution and the effectiveness and suitability of its management. The quality of management is probably the single most important element in the successful operation of a bank. It is extremely important for all members of bank management to be aware of the responsibilities entrusted to them and discharge those responsibilities in a manner that will ensure stability and soundness of the institution.

While much has recently been written about risks resulting from involvement in non-traditional investments, our experience has been that managing exposure to credit risk remains the predominant area of concern for most insured institutions. Mismanagement of credit risk and resultant loss exposure is the principal deficiency found in most of the 193 institutions (with aggregate assets of $31 billion) on the FDIC's problem institution list at year-end 1995. Credit risk also was the primary cause leading to the failure of a majority of the institutions that have failed since 1980. As a result, we continue to devote substantial attention during the examination process to the assessment of credit risk, including evaluation of an institutions loan and credit administration policies, underwriting practices, documentation and adequacy of allowances for loan and lease losses.

In order to embrace a more proactive assessment of exposure to and management of credit risks, beginning in early 1995 FDIC examiners have been completing an "underwriting standards" survey at each examination. The survey reflects an examiners view of managements ability to identify, measure, monitor and control credit risks in various types of lending. This focus on new loan underwriting standards is designed to serve as an early-warning mechanism for identifying future problems. The results of the survey for 1995, which will be released shortly, should be helpful to examiners and bankers in providing a framework for discussion and feedback to bank management and boards of directors. The survey will continue with 1995, a year of substantial bank profitability, as the benchmark. The FDIC expects to release the results semiannually in 1996 and thereafter.

In addition to the traditional emphasis on assessment of exposure to and management of credit and other risk, the FDIC works to insure that adequate administration, supervision and internal controls are in place to address new or changing risks. These controls are essential to successful risk management in all risk areas. FDIC examiners prepare a written assessment of an institution's "Administration, Supervision and Controls" as part of every examination report. The written assessment analyzes the effectiveness of policies and procedures in twelve specific areas (see Attachment A). This analysis enables examiners to arrive at a prospective and proactive assessment of an institutions policies and practices as administered by management and supervised by the board of directors. The findings are shared with an institutions management and board of directors.

The FDIC also utilizes offsite monitoring programs to supplement and guide the onsite examination process. Monitoring programs can provide an early indication that an institutions risk profile may be changing. Offsite monitoring systems using quarterly Reports of Condition and Income data have been developed to identify institutions that are experiencing rapid loan growth or reporting unusual levels or trends in:

Volume of nonaccrual or delinquent loans;
Investment activities;
Off-balance-sheet transactions;
Earnings structure;
Funding strategies; and,
Capital levels.

In addition to these systems designed to "screen" banks for "outliers," the FDIC uses the "Uniform Bank Performance Report" (UBPR) for offsite monitoring. The UBPR is an analytical tool incorporating data generated from quarterly Reports of Condition and Income. The report presents information on: (1) the individual banks financial reports and summary ratios; (2) a peer group of banks similar in size and operating characteristics; and, (3) percentile rankings that give an indication of how high or low an institution's ratio is in relation to its peer group. The FDIC also uses the Federal Reserve System's "Bank Holding Company Performance Report" (BHCPR) for ratio analysis of certain larger holding companies in its offsite monitoring and pre-examination planning processes.

The FDIC's unique position as deposit insurer requires a careful and continuing analysis of the condition and risk profiles of all FDIC-insured institutions, in particular larger insured institutions where the FDIC is not the primary federal regulator. While there are only 582 insured institutions with total assets of $1 billion or more, these institutions account for 75 percent of the $5.3 trillion in total assets held by insured institutions. For these reasons, the FDIC conducts quarterly offsite reviews of each insured institution with $1 billion or more in total assets. These quarterly reviews involve analysis of all available public and regulatory data, as well as information that may be provided directly by the institution or its auditors.

Internal and External Audits

The FDIC's risk assessment efforts are augmented by an institution's own program of strong internal controls for monitoring risk that includes effective internal and external auditing programs. These programs provide an ongoing mechanism to identify potential risks and possible problems at insured institutions. Ideally, an institution's internal control and audit program should enable it to detect and resolve its own problems at an early stage. In addition, these programs are designed to provide, particularly at larger and more complex institutions, an ongoing, "arm's length" assessment of how management is identifying, measuring, monitoring, and controlling its risks.

Since the enactment of the Federal Deposit Insurance Corporation Improvement Act of 1991 (FDICIA), larger institutions also have been required to have an annual external audit performed by an independent public accountant. These annual reports include a review of internal controls. The FDIC set the threshold level for requiring an individual insured institution to have an external audit at $500 million in total assets. The FDIC's review of a depository institution's report on internal controls with respect to financial reporting and the accountants accompanying attestation as to the effectiveness of such controls provide a useful assessment of the institution's internal control system. Suggestions for improving controls are often described in the "management letter" submitted by the accountant to the institution. Our examiners evaluate these reports and look for areas within an organization's control structure where significant improvements are needed. As a result of pre-examination reviews, examiners may decide to place greater emphasis during the examination on reviewing an institutions internal control system and audit workpapers.

Using the methods described above, the FDIC works with institutions on an ongoing basis to identify and address any weaknesses that may exist in their internal systems and controls. When necessary, informal and formal corrective programs also are used to obtain the appropriate commitment from boards of directors and management to address an institution's problems. These corrective programs may address specific problems at individual institutions to assure that adequate internal controls are in place to monitor risks or to reduce excessive risks. Informal corrective programs, most frequently memoranda of understanding between the FDIC and an institution's board of directors, are appropriate if problems are recognized by the institution's management and there is confidence that good-faith efforts will be initiated to correct deficiencies. If stronger corrective action is necessary, the FDIC implements more formal actions, including cease-and-desist orders, capital directives and prompt corrective action directives, and suspension and removal actions that prohibit bank officers and directors or others from participating in a financial institutions affairs. Supervisory agencies also can impose fines on financial institutions and individuals for failure to comply with cease- and-desist orders or certain rules and regulations. Close supervision of problem institutions and the use of these corrective actions can reduce the level of anticipated losses arising from poor risk management.

Effective board and senior management oversight of an institution's risk is the cornerstone of sound risk management. With respect to Barings and Daiwa, there were clearly failures of internal control systems in the respective banks, which permitted the same employees to engage in trading activities and settle trades, thereby putting these employees in the position to be able to conceal trading losses. In addition, in the case of Daiwa, and probably also Barings, there was not an effective internal audit program. The FDIC's method of examination encourages bank examiners to evaluate all potential risks -- including those involving failures of internal controls and procedures -- and is intended to detect the types of problems exposed by Barings and Daiwa. We are nevertheless evaluating whether our examiners should engage in greater use of audit procedures in order to obtain external confirmations of a sample of trading activity during examinations of active trading departments. Such an enhancement of examination procedures would add to examination time and would increase the level of regulatory burden on institutions, so we are weighing this course of action very carefully. Regardless of these efforts, however, where fraud or collusion are contributing factors, control weaknesses are much more difficult to detect.

Risk-Based Premiums

In January 1993, the FDIC implemented a risk-based deposit insurance premium system that charges premium rates based on an insured institutions risk profile. The previous statutorily mandated flat-rate deposit insurance pricing structure provided an inherent inducement for increased risk-taking. The current risk-based assessment system more accurately quantifies the risks posed to the insurance funds. It rewards well-managed and well- capitalized institutions with lower premiums and, conversely, provides a strong financial incentive for institutions that are not well-managed and well capitalized to improve their management and operations.

For purposes of risk-based premiums, the FDIC evaluates an insured institution's risk profile using both objective and subjective factors, including the institution's capital level and the FDIC's supervisory judgment of the risks that the institution poses to the insurance funds. Each insured institution is assigned to one of three capital groups and one of three supervisory risk subgroups. The evaluations made by an institution's primary federal regulator are considered in conjunction with other relevant information. Each institution's risk classification is evaluated semi-annually when premium rates are reset. The implementation of the risk-based premium system introduced a significant new dimension to bank supervision, directly linking the institution's deposit insurance costs to its capital level and supervisory rating.

Measuring and Monitoring Capital

Together with the other federal banking regulators, the FDIC has adopted capital regulations that require institutions to have greater amounts of capital as the level of their risk increases. Off-balance-sheet activity also is considered in the risk-based capital assessment. If an institution's capital falls to inadequate levels, restrictions or corrective actions are required. Attachment B describes regulatory efforts to address both interest rate risk and market risk in the risk-based capital standards. In addition, existing capital standards require that, regardless of an institution's risk profile, an adequate amount of leverage capital be maintained in order to provide a minimum cushion against insolvency. The federal banking regulators recently proposed new rules to require banks with large trading portfolios to project their future trading losses more accurately. Under the proposal, banks will have to compare past estimates of market risk with actual results -- a process known as "backtesting." Banks that have been inaccurate in predicting market risks could be required to increase their capital levels. The goal of "backtesting" is to give banks incentives for understanding and addressing market risks without creating undue regulatory burdens. This proposal was developed in coordination with the OCC and the Federal Reserve Board. The FDIC has issued a proposed rule on this process; the OCC and the Federal Reserve are expected to issue similar proposals in the near future.

Finally, the banking regulators are working on an interagency and international basis to include other risks in the risk-based capital equation. Particular attention is being given to addressing interest rate risk and market risk in the risk- based capital standards. The Capital Accord of 1988 issued by the Basle Committee on Banking Supervision (Basle Committee), addressed some of the changes taking place in the financial industry by establishing minimum capital standards that apply to all internationally active banks. The resultant risk-based capital rules adopted by the FDIC and other U.S. regulators apply risk-weights based on potential credit risks posed by balance- sheet assets and certain off-balance-sheet items.

Interagency Efforts to Improve the CAMEL Rating System

In light of the developments discussed above, and in recognition of the renewed emphasis that must be placed on management's ability to assess and manage its own risk, interagency efforts are underway to improve the CAMEL rating system. (note 4) The current CAMEL system has served as a reasonably accurate measure of the condition of individual institutions and of the banking and thrift industries in general. It is understood by the banking industry and provides a framework within which institutions can understand the nature and scope of their risks. As such, it has aided the FDIC in making determinations about the adequacy of the insurance funds relative to industry conditions. However, the CAMEL rating system has its limitations. For example, CAMEL ratings track rather than lead changes in bank condition. As such, the lead time in failure predictions is not as great as we would like, as demonstrated by the fact that 47 percent of banks that failed between 1980 and 1994 were rated CAMEL "1" or "2" within two years prior to failure.

Another limitation is the fact that the management component can simply become the average of other components, rather than an assessment of management risk itself. Moreover, risk analysis can vary by examiner, field office, regional office, and across banking agencies. For these reasons, the federal regulators are looking at what we can do to build a better CAMEL. Clearly, an improved CAMEL will have more formal, explicit, and consistent indicators than the components currently have. Proposed changes to the current rating system likely will expand the current number of component rating factors to recognize more fully the industry's new and emerging activities and risk areas and increase the attention paid to the adequacy of risk management. In addition, enhancements to the system will describe risk factors more completely, add greater clarity to risk assessment, and provide additional guidance on the existing components to assure that they incorporate both a present and prospective consideration of risk. When finalized, a revised system will provide a better indication of a specific institution's condition. We envision an enhanced rating system that will improve regulatory communication with bank boards of directors, and one that will be a better prediction model for estimating the likely future condition of insured institutions on an industry-wide basis.

In addition to enhancing the existing CAMEL rating system, we believe the process would be more effective if examiners disclose to the examined institution the individual component ratings of CAMEL along with the composite rating. Federal regulators currently disclose only the composite rating, not the separate individual component ratings. However, twelve state authorities have disclosed the component ratings for some time with positive results. Providing management and boards of directors with each of the CAMEL component ratings would improve communication between bankers and examiners by assuring that emerging problems and risk perspectives are fully identified and communicated at an early stage. In addition, requiring examiners to disclose the components of the CAMEL rating to a bank's management and board of directors may provide additional discipline to the individual component ratings. A great benefit would be that weakness in a component, whether in actual performance or in potential risk, could be communicated earlier to an institution's management through disclosure of the CAMEL components, rather than when a lowering of the overall composite rating occurs. We plan to pursue disclosure of individual CAMEL components with our regulatory counterparts.

Other Initiatives

Other ongoing initiatives that are designed to enhance the traditional examination and supervisory processes and assist the FDIC in identifying, measuring and monitoring risk include:

Development of a graduated approach to risk assessment in examinations through the use of "decision charts" for examiners in each major risk area

As discussed above, the FDIC seeks to avoid a strict "check list" approach to examinations and other forms of risk assessment. We will continue to stress examiner judgment. However, we recognize that each institution is unique with differing levels and types of risk. In order to improve the structure and consistency of the examination process, a graduated approach to risk assessment in examinations is being taken through the development of "decision flow charts" for examiners for each major risk area. These decision flow charts aid examiners at critical junctures in their inquiry and decision- making process by helping to identify the types of risk that may exist in a particular institution and providing the examiners with possible information sources, both macro and micro, to address those identified risks.

Examiners will use these charts to enhance our graduated approach to risk assessment. The decision charts -- for credit risk, interest rate risk, operational risk, and so on -- outline a diagnostic process. This involves a graduated approach to examinations based upon the level of risk at the institution -- on a risk-by-risk basis. If no symptoms are found in one risk area, the examiner will shift attention to the next area. The charts are a tool that will lead to more analytical and more fact-based decision-making. In short, using this approach, the scope and focus of our bank examinations will become more a flow of risk assessments and evaluations -- some based on economic data and all based on the individual facts of each financial institution. Attachment C shows a draft risk assessment decision chart that we are considering to assist us in our evaluation of interest rate risk.

Selection of "case managers" to consolidate analysis and communication

The FDIC is currently reorganizing its examination operations to create "case manager" positions through which report review, offsite analysis and application processing for each individual institution or banking company will be centralized. This initiative is designed to result in risk analysis that is more effective and timely by centralizing the overall analytical responsibility in one case manager. The case managers will become the authority on a given banking organization and will be responsible for its risk analysis regardless of its regional or geographic boundaries. The case managers also will serve as the initial contacts within the FDIC for a bank's management. Through this process, an individual banking organization's unique risk profile will be more fully assessed in a comprehensive manner and in coordination with other banking agencies.

Enhancement of examiner access to databases and automation of major portions of the examination process and report preparation

The FDIC also is expanding examiner access to internal and external agency databases to enhance pre-examination planning and provide for increased and more timely offsite analysis. Offsite data and information will allow us to target more efficiently risk issues for onsite review and to tailor the time each examiner spends in an institution to the level of risk presented by the institution. We also are reviewing comprehensive risk- analysis models that have been designed and implemented by some of the leading companies in the financial area. These models may offer tools that can be incorporated into the examination process to enhance the measurement of risks and allow examiners to perform their work more efficiently. In addition, we are increasing our use of technology to improve the efficiency of examinations through the development of an automated examination package that allows examiners to do a significant amount of analysis off-site, increasing the efficiency and rigor of time spent in an institution. The new automated package is currently being field-tested and is expected to be implemented early next year.

Risk assessment training

FDIC examiners continue to receive extensive training in a variety of courses that address the assessment of risk, including financial analysis, credit risk assessment, financial institution analysis, capital markets issues and other emerging issues. In addition, the FDIC sponsors seminars related to risk management issues. For example, a recent Capital Markets Symposium on derivatives was attended by regulators, industry representatives and Congressional staff. A video of the symposium will be made available to all FDIC field offices.

Development of risk specialists

The FDIC is developing and training risk specialists in emerging risk areas, including capital markets investments, accounting, sales of nondeposit investment products and interest rate risk. These specialists assist other examiners in analyzing complex transactions and activities.

For example, in response to the growth and increasing complexity of risks, the FDIC created a unit of capital markets specialists that includes individuals with extensive banking industry and trading experience as well as examination skills. This unit is charged with three primary responsibilities: to provide input on supervisory policy development in the capital markets related risk areas; to provide training to supervisory examination personnel; and to provide technical support to the FDIC examiners as they encounter unique securities as part of their day-to-day examination function. These specialists also provide a central reference point for complex regulatory and supervisory issues raised by the capital markets activities of insured institutions. They respond to the questions examiners raise in the course of examinations of institutions with exposure to capital markets instruments.

Through this group, the FDIC has issued guidance to assist examiners and bankers in assessing risks in complex derivatives, developing prudent investment policies and strategies and other guidance that addresses the risks associated with capital markets activities, mortgage derivative securities, structured notes, and interest-rate risk exposure. For example, on April 26, 1994, we issued guidance that discussed the seven fundamental risks in derivative financial instruments, namely: market risk, counterparty credit risk, liquidity risk, operating risk, legal risk, settlement risk and interconnection risk. These guidelines provide our examiners with the framework for assessing risks associated with these complex capital markets instruments. Attachment D defines these risks and describes the FDIC's announcements and guidance letters relating to capital markets issues.

Study of emerging technologies and electronic banking

While the full spectrum of risks resulting from new electronic banking and financial delivery systems are not yet known, the FDIC has established a New Technologies Task Force and chairs an interagency working group on electronic banking. These groups were created to work on analyzing many of the issues presented by new and emerging technologies. These efforts ensure proper coordination among the regulatory agencies as well as help the FDIC review issues that are critical to its own functions, such as deposit insurance coverage, insolvency and settlement risk, and consumer protection and disclosure issues. The FDIC also has established examiner training programs to expand our knowledge with respect to electronic banking issues and will be conducting a joint examination with the OTS of an existing "virtual bank" and with the OCC of a large data servicer that provides home banking services. The FDIC also will host a symposium on electronic banking on April 29, 1996, that will be sponsored by the Information Systems Subcommittee of the Federal Financial Institutions Examination Council. This symposium will address on-line banking concerns and will include other financial institution regulators and industry experts.

Expansion of risk assessment efforts in the area of international banking

The FDIC also is expanding and strengthening its ability to assess risks inherent in international banking activities. We are centralizing our in-house expertise in this area in order to assure greater coordination in assessing the nature and impact of these risks. This program will be staffed with examiners experienced in international banking matters. The unit will provide structure and consistency for the oversight of international banking operations. In addition, we are working with other U.S. and foreign regulators and supervisors to develop more coordinated supervisory strategies to respond to risks in international banking. An example of this coordination is the joint adoption with the other U.S. bank regulators of a revised program to analyze and rate foreign banking organizations that have a U.S. presence.

CONCLUSION

The financial services industry is undergoing fundamental and structural changes with respect to the nature and scope of risk. Non-bank competition, industry consolidation, product innovations, and emerging technologies are increasing the complexity and volatility of risk in the industry. The FDIC is prepared to deal with these changes. Extensive studies and projects are underway to enhance our existing risk assessment and monitoring programs and to bridge the gap between the macro and micro elements of these programs at the FDIC.

Common sense is shaping the FDIC's approach to risk assessment. The FDIC is leveraging its analytic and statistical resources to bridge the gap between the macro-economic analysis and the micro-examination of financial institutions. While in the past the regulatory agencies have found it difficult to bridge this gap -- we are seeking ways to translate data into directions that examiners can use in institutions with differing levels and types of risk exposures, while assuring communication from examiners to financial analysts and economists on findings in individual institutions.

We also have a number of initiatives underway to prepare us to meet the challenges of future innovations in products and technology, including the use of automated pre-examination and onsite examination packages; development of our graduated approach to risk assessment in examinations; creation of risk specialists and case managers; and improvements to the CAMEL rating system.

These initiatives are not designed to abandon or to alter dramatically our traditional examination philosophy, policies or procedures. We have found that risks are not always precisely quantifiable for each and every banking activity, and nothing will ultimately replace examiner judgment. We are, therefore, strengthening and building on our existing procedures so that we can conduct a more thorough assessment of an institution's ability to identify, measure, monitor, and control risk. Where we are headed is toward a more diagnostic approach to bank examinations -- a combination of observation with factual findings from our analytical and technological innovations. It is our intention that the result will be a more effective and accurate assessment program within a structured framework that promotes discussion of specific strengths, weaknesses, and possible improvements with management and boards of directors. It is our goal that this kind of communication will keep banks open and operating safely and soundly. This goal, rather than closing failed banks, is the mission of the FDIC as insurer of bank deposits.

This heightened emphasis on risk assessment is not new to us at the FDIC. We have always supported safe and sound supervisory efforts that focus on identifying risks and their underlying causes within the CAMEL rating system. We are discovering that the underlying risks in banking, even the new "emerging" ones, remain largely unchanged, but technological and other innovations in products and the delivery of services have vastly accelerated the flow of risks through the system. Whether we encounter the familiar risks that continue to travel through traditional brick- and-mortar institutions located on the main streets of small towns of our nation, or we evaluate the banking technological super-highways, we continue to stand prepared to assure structure and consistency in our efforts to identify, measure, monitor and help control risks in the banking system.

(note 1) For a description of the current CAMEL system and the proposed interagency efforts to improve that system, see pages 22-25.

(note 2) Beginning in March 1995, the FDIC initiated a banker outreach program to solicit bankers' opinions and suggestions on how to improve the quality and efficiency of our examination process. Approximately 95 percent of the respondents stated that examiners focused on the appropriate risk areas. In addition, 91 percent of the respondents indicated that pre-examination preparations and requests for information made by examiners enabled the examination to be conducted efficiently. This is an ongoing program that surveys banks as a follow-up to each examination.

(note 3) Examples of this data include: the CAEL Offsite Monitoring System (an acronym for four components of CAMEL -- capital, asset quality, earning performance and liquidity) that compares financial ratios and trends in Reports of Condition and Income to the findings of previous examination reports; the Uniform Bank Performance Report; financial analysis reports; and independent audit reports.

(note 4) On November 26, 1979, the FDIC adopted the "Uniform Financial Institutions Rating System" commonly referred to as the CAMEL rating system. The CAMEL rating system also was adopted by the other federal banking regulators. Each financial institution is assigned a uniform composite rating based on an evaluation of pertinent financial and operational standards, criteria and principles. Underlying the composite rating is an assessment and rating of five essential components of each institution's operations: adequacy of capital; quality of assets; ability and performance of management and administration; quantity and quality of earnings; and the level of liquidity. The composite and component ratings use a numerical scale of "1" through "5", with "1" indicating strength and "5" indicating the lowest, most critically deficient level of performance and the highest degree of supervisory concern.

ATTACHMENT A: Administration, Supervision, and Control Assessment

The Administration, Supervision, and Control Schedule of the FDIC's Report of Examination provides a forward-looking assessment by the examiners of twelve primary areas of institution management and administration. The schedule assesses the following primary administration, supervision, and control areas:

1. Loan policies and practices, including underwriting and credit administration procedures.
2. Loan review systems and methodology for determining the adequacy of the allowance for loan and lease losses.
3. Asset/liability management policies and administration (including liquidity and funding strategies, interest rate risk and investment guidelines).
4. Strategic planning and budgeting practices.
5. Internal controls, information systems, and internal audit programs.
6. External audit programs (independence, scope, and frequency).
7. Management's response to supervisory recommendations, as well as, knowledge and understanding of governing laws and regulations.
8. Ownership and control structure.
9. Holding company and/or affiliate relationships (and adverse trends regarding dividends, fees, or other financial dealings).
10. Type and extent of insider activity and dealings.
11. Information systems.