Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official. 
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure. 
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
INACTIVE
This page is no longer active. Its content has expired or been rescinded by the FDIC.
Financial Institution Letter

Year 2000 Risk


TO: CHIEF EXECUTIVE OFFICER
SUBJECT: Interagency Guidance on Institution Due Diligence Concerning Service Provider and Software Vendor Year 2000 Readiness, and Year 2000 Impact on Customers

The Federal Financial Institutions Examination Council (FFIEC) has issued the attached statements to provide guidance to the industry on the risks associated with Year 2000 readiness for a financial institution's service providers and software vendors, as well as for its customers. The statements supplement the FFIEC's statement "Year 2000 Project Management Awareness," issued May 5, 1997.

The interagency statement on "Guidance Concerning Institution Due Diligence in Connection with Service Provider and Software Vendor Year 2000 Readiness" clarifies the importance of developing and executing a due-diligence process for each mission-critical service and product supplied by service providers or software vendors. This process should enable an institution's management to identify the obligations of the institution and its service providers and software vendors, to establish an effective monitoring program of the renovation phase, to establish a process for testing the renovated products and services, and to adopt contingency plans in the event of information systems disruptions. The statement emphasizes the importance of user groups in the monitoring and testing stages of a Year 2000 readiness plan. Additionally, where institutions engage the same service providers or software vendors, they should consider joining forces to enlist third parties to assess the Year 2000 readiness progress of these service providers and software vendors.

The interagency statement on "Guidance Concerning the Year 2000 Impact on Customers" provides guidance that should enable a financial institution's management to effectively assess the Year 2000 readiness of the institution's fund takers, fund providers, and capital markets/asset management counter parties. The statement further provides guidelines for controlling both general and specific risks related to an institution's customers.

The FDIC and state banking authorities will continue to review the efforts of all FDIC-supervised banks to become Year 2000 ready. An institution's failure to appropriately address Year 2000 readiness problems may result in supervisory actions, including formal and informal enforcement actions, denials of applications filed pursuant to the Federal Deposit Insurance Act, civil money penalties, and reductions in the institution's management component or composite ratings.

The attached interagency statements and related information on Year 2000 issues are available on the Internet via the World Wide Web at /banknews/fils or http://www.ffiec.gov.

The FFIEC will make additional guidance on testing and contingency planning available over the next few months.

For further information, please contact your Division of Supervision Regional Office.

Nicholas J. Ketcha Jr.
Director

Attachment: FFIEC Interagency Statements

Distribution: FDIC-Supervised Banks (Commercial and Savings)

NOTE: Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 801 17th Street, N.W., Room 100, Washington, D.C. 20434 (800-276-6003 or (703) 562-2200).


FIL-29-98

Last Updated: March 18, 1998