Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official. 
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure. 
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
INACTIVE
This page is no longer active. Its content has expired or been rescinded by the FDIC.
Financial Institution Letter

Year 2000 Questions and Answers


TO: CHIEF EXECUTIVE OFFICER
SUBJECT: Interagency Guidance on Common Questions About FFIEC Year 2000 Policy

The Federal Financial Institutions Examination Council (FFIEC) has issued the attached statement to supplement previously issued interagency statements on Year 2000 readiness. The guidance addresses frequently asked questions about material in those statements.

The statement focuses on requests for further clarification of the April 1998 interagency statement "Guidance Concerning Testing for Year 2000 Readiness." The answers provided are intended to address testing issues in general terms. Institution-specific queries should be directed to your Federal Deposit Insurance Corporation (FDIC) Division of Supervision Regional Office.

The FDIC considers the testing phase the most critical stage of the Year 2000 project management process. Failure to properly identify and correct remediation errors and omissions could affect the viability of a financial institution. The FDIC acknowledges that each financial institution is unique and that the institution's management is in the best position to judge what testing strategies and plans are appropriate. This decision should be made after considering the size of the institution, the complexity of its operation, and an acceptable level of business risk exposure.

The FDIC expects each financial institution to meet the following key milestones in the Year 2000 testing process by the date indicated:

June 30, 1998 Institutions should have completed the development of their written testing strategies and plans. These plans should be made available to supervisory authorities when requested.
September 1, 1998 Institutions processing in-house and service providers should have commenced testing of internal mission-critical systems, including those programmed in-house and those purchased from software vendors.
December 31, 1998 Testing of internal mission-critical systems should be substantially complete. Service providers should be ready to test with customers.
March 31, 1999 Testing by institutions relying on service providers for mission-critical systems should be substantially complete. External testing with material other third parties (customers, other financial institutions, business partners, payment system providers, etc.) should have begun.
June 30, 1999 Testing of mission-critical systems should be complete and implementation should be substantially complete.

In addition, your institution's activities regarding customer risk are subject to the following deadlines:

June 30, 1998 Develop an evaluation process designed to identify material customers and assess and control the Year 2000-related risks associated with funds providers, funds takers, and capital market/asset management counterparties.
September 30, 1998 The evaluation process of an institution's customers should be substantially complete.

Other topics addressed in the question and answer statement include data processing system or service provider conversions, external review of the project management process, infrastructure risk involving telecommunications and power suppliers, service provider and software vendor assessments, and contingency planning. Institutions should refer to the seven previously issued FFIEC Interagency Statements addressing Year 2000 readiness for a comprehensive discussion of these topics.

Management is encouraged to actively utilize the services of its internal audit process and external audit programs. A well-coordinated review and reporting process should substantially lessen the risk that problems will go undetected.

The FDIC and state banking authorities will continue to review the efforts of all FDIC-supervised banks to become Year 2000 ready. An institution's failure to appropriately address Year 2000 readiness problems may result in supervisory action, including formal and informal enforcement actions, denials of applications filed pursuant to the Federal Deposit Insurance Act, civil money penalties, reductions in the institution's management component or composite ratings, and increased risk-related premiums.

The attached interagency statement and related information on Year 2000 issues are available on the Internet via the World Wide Web at /news/financial-institution-letters/ or http://www.ffiec.gov .

Nicholas J. Ketcha Jr.
Director
Attachment: FFIEC Interagency Statement

Distribution: FDIC-Supervised Banks (Commercial and Savings)

NOTE: Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 801 17th Street, NW, Room 100, Washington, DC 20434 (800-276-6003 or (703) 562-2200).


FIL-93-98

Last Updated: August 28, 1998