Banking regulation in the United States is described as a “dual” banking system that is comprised of separate federal and state systems of regulation and supervision.  Under this dual system, U.S. depository institutions may be either state- or federally-chartered institutions.  A state-chartered depository institution may or may not be a member of the Federal Reserve System.

A state-chartered banking organization is subject to the primary supervision and regulation of the state banking authority of the state in which it is chartered, as well as either the Federal Deposit Insurance Corporation (“FDIC”), for non-member banks, or the Board of Governors of the Federal Reserve System (the “Federal Reserve”), for member banks.  Federally-chartered banking entities are subject to the primary supervision of and regulation by the Office of the Comptroller of the Currency (“OCC”).  While state- and federally-chartered banking organizations are subject to many similar laws, regulations, and supervisory expectations, there are differences in the requirements applicable to banking organizations with different charters and primary regulators.

Many U.S. banking organizations, particularly larger banking organizations, are part of a broader corporate group that is controlled by a top-tier bank holding company.  The Federal Reserve is the umbrella regulator responsible for the consolidated supervision of a bank holding company and all of its bank and nonbank subsidiaries.  In this role, the Federal Reserve will coordinate its supervision with the primary regulator of the subsidiary bank (unless the bank subsidiary is a state member bank that is directly regulated by the Federal Reserve) as well as other regulators of any other regulated entities, such as the Securities and Exchange Commission (“SEC”), the Commodity Futures Trading Commission (“CFTC”), or state insurance supervisors.

The Federal Reserve, OCC, and FDIC carry out their statutory mandates to ensure the safety and soundness of the banking sector by conducting examinations, issuing rulemakings and supervisory guidance, reviewing proposed expansionary activities and transactions, and enforcing applicable laws and regulations through formal and informal supervisory actions.

In 2010, the Dodd-Frank Act established the Consumer Financial Protection Bureau (“CFPB”) as an independent bureau within the Federal Reserve System responsible for regulating the offering and provision of consumer financial products and services under the federal consumer financial laws and protecting consumers from abusive financial services practices.  The CFPB has supervisory authority over depository institutions with greater than $10 billion in assets and their affiliates, as well as certain types of nonbank financial service providers.

Bank Regulation

Under the National Bank Act, the OCC is responsible for chartering, regulating, and supervising national banks.  In addition, the OCC supervises federal savings associations and licenses and supervises the federal branches and agencies of foreign banks.  Unlike state member and non-member banks, federally-chartered banking institutions can take advantage of the preemption of certain state laws that limit the powers and activities of federally-chartered banking institutions.

As the supervisor of federal banking entities, the OCC reviews proposals by federal banking entities to open or close branches, engage in new or different business lines or activities, take certain capital actions, or make other changes to its corporate or banking structure, including through mergers and acquisitions.  The OCC also has authority to bring enforcement actions against federal banking entities that do not comply with applicable laws or otherwise engage in unsafe or unsound practices.

The FDIC, in addition to being the primary regulator of state non-member banks, is primarily responsible for the resolution of insured banks under the Federal Deposit Insurance Act and systemically important financial institutions under the Orderly Liquidation Authority set forth in Title II of the Dodd-Frank Act.  The OCC is responsible for the resolution of uninsured national banks, such as national trust banks and special purpose national banks without FDIC deposit insurance.

Bank Holding Company Regulation

The Bank Holding Company Act (“BHC Act”) provides a statutory framework for the Federal Reserve to supervise and regulate U.S. and foreign companies that control insured depository institutions. The principal goals of the BHC Act are to ensure the separation of banking and commerce and to protect the safety and soundness of the banking sector.

To achieve these purposes, the BHC Act generally restricts the activities of bank holding companies in the United States to activities that are “closely related to banking”, with limited exceptions.  Accordingly, a bank holding company (“BHC”) and its subsidiaries are generally prohibited from engaging in commercial or industrial activities.  However, BHCs may invest in any nonbanking company, directly or indirectly, provided the investment does not exceed 5 percent of the outstanding voting shares, and represents less than one-third of the total equity, of such company.

Under the Gramm-Leach-Bliley Act, enacted in 1999, a BHC may elect to be a financial holding company (“FHC”) if all of the depository institutions and BHCs controlled by the top-tier BHC are well capitalized, well managed, and its depository institutions subsidiaries have at least a “satisfactory” rating at the most recent examination of the institution under the Community Reinvestment Act.  FHCs may engage in a broader range of activities that are financial in nature or incidental to a financial activity, including insurance and securities activities, as well as so-called “merchant banking activities.”

The Federal Reserve also supervises state chartered commercial banks that elect to become members of the Federal Reserve System (so-called “state member banks”).  In addition, the Federal Reserve supervises foreign banking organizes that have U.S. branches or agencies.  Generally, the U.S. activities and investments of foreign banking organizations are subject to the same limitations as domestic BHCs under a policy of so-called “national treatment.”

Generally, a U.S. banking institution is engaged in one or more “core” banking activities, which include making loans, accepting deposits, and paying checks.  The most unique of these functions is the power to accept FDIC-insured deposits.  Recent litigation in U.S. federal courts challenged whether the OCC is permitted to charter a national bank that is not engaged in all three core banking functions.  While the cases were dismissed without a final resolution on the merits, there is clear statutory authority to charter national banks engaged in more limited activities, such as bankers’ banks and non-depository trust banks.  Trust banks engage in trust and fiduciary activities and may or may not accept insured deposits.  Non-depository trust banks can also be chartered under state law.

In addition, non-depository companies engaged in commercial or consumer lending activity may be subject to state licensing requirements.

Although the banking services that require a license can vary depending upon the state in which an entity is located, generally an entity may obtain a federal banking charter in order to accept deposits, make loans, and pay checks.  A federal banking charter may also be obtained to engage in certain fiduciary activities.

Beyond a traditional full-service bank charter, state laws also provide for various licenses for entities engaged in narrower business models.  For example, certain states require licenses for entities engaging in specific activities, such as mortgage loan origination, commercial lending, installment lending, and money transmission, among others.  State licensure requirements vary among states and licensees may be subject to differing requirements and examination by separate regulators in each of the states in which they are licensed. Overlapping and burdensome state licensure requirements can serve as a significant challenge to companies that provide financial services nationwide. One of the primary benefits of a federal bank charter is that the chartered entity may be exempt from the patchwork of different state licensure requirements.

Under federal law, a national bank is permitted to engage in any activity that qualifies as within the “business of banking”.  A national bank is also permitted, with OCC approval, to engage in fiduciary activities, which is governed by OCC’s 12 CFR 9 regulations. The OCC has noted that “the business of banking” is an evolving concept and has published a list of permissible “business of banking” activities, which is available here: https://www.occ.gov/publications-and-resources/publications/banker-education/files/pub-activities-permissible-for-nat-banks-fed-saving.pdf.

A state-chartered insured bank’s authority to engage in activities is governed under applicable state law; however, a state-chartered insured bank may not engage in any activities that are impermissible for a national bank, absent a determination by the Federal Reserve or the FDIC, as applicable, that such activities do not pose significant risks to the Deposit Insurance Fund and that the institution meets applicable capital standards.

Under restrictions adopted under the Glass-Steagall Act that continue to be in effect today, insured banks are prohibited from engaging in certain activities involving the issuing, underwriting, selling, or distributing of stocks, bonds, debentures, notes, or other securities, with limited exceptions.  However, bank holding companies that have elected to be treated as financial holding companies are permitted to engage in broker-dealer and other securities activities in non-bank subsidiaries.

There is no broad “sandbox” or “license light” regimes under U.S. federal banking law.  However, certain federal and state financial regulators have adopted “sandbox” programs.  The OCC established an “Office of Innovation,” which, among other things, runs a process for OCC participation in bank-run pilot programs.

Sandboxes also exist at the state level.  For example, Utah’s Regulatory Sandbox program allows participants to test innovative financial products or services on a limited basis without otherwise being licensed or authorized to engage in such activities under Utah law.

The U.S. legal requirements applicable to cryptocurrencies and other digital assets continues to be a fragmented and evolving area of the law.  For example, the OCC, the CFTC, the SEC, the Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”), the Internal Revenue Service (“IRS”), and various state regulators (such as New York’s Department of Financial Services) have issued guidance, interpretations, and, in some cases, licensure requirements, relating to cryptocurrency and other digital asset activities.  There continues to be debate within the United States over how cryptocurrencies and other digital assets should be classified under various U.S. legal regimes, which implicates the legal requirements applicable to market participants engaged in cryptocurrency and other digital asset activities.

As it relates to national banks, the OCC has issued a series of interpretations providing that, among other things, cryptocurrency custody services, including holding unique cryptographic keys associated with cryptocurrency, is a modern form of traditional bank activities related to custody services that is permissible for national banks and federal savings associations.  In addition, national banks and federal savings associations are permitted by the OCC to participate in independent node verification networks and use stablecoins to conduct payment activities and other bank-permissible functions.

Subsequently, however, the OCC pared back these permissions, reminding banks that they are only allowed consistent with safe and sound banking practices, and with the OCC’s prior approval.  The FDIC and the Federal Reserve followed suit, requiring prior notice from covered institutions of any crypto related activities.  Following the previous year’s crypto market downturn, in January 2023, all three regulators released a joint statement expressing a high degree of skepticism about banks’ involvement in crypto activities or excessive exposure to the crypto sector.

Recently, the Federal Reserve curtailed the power of uninsured member banks to engage in crypto activities to equal that of insured member banks, in an effort to “level the playing field.”  This conditioned access to the Federal Reserve’s payment system, thus limiting the ability to leverage novel state bank charters, such as Wyoming’s special purpose depository institution charter, to engage in crypto activities.

As noted above, though they have quickly retreated, regulators initially permitted some state and national banks to engage in cryptocurrency custody services.  However, these arrangements generally do not resemble demand deposits.  The FDIC has taken the position that federal deposit insurance does not cover crypto assets.

That said, the novelty of these technologies may raise questions for regulators and courts to address in the coming years.  For example, where stablecoin reserves are held at an FDIC-insured bank, holders of the stablecoin might argue that they are eligible for “pass-through” deposit insurance. The FDIC recently adoped a new rule to amend the official FDIC sign and advertising statement and create an official digital version in an aim to prevent misrepresentations of deposit insurance coverage, particuarly by entities that operate entirely on the internet. Shortly after the adoption of the rule, the FDIC issued cease and desist letters to five entities, including some involved in crypto asset services, citing false and misleading statements about FDIC deposit insurance.    

Custodied crypto assets must be kept separate from the bank’s assets and those of other customers.

The U.S. does not prescribe specific rules for the capital treatment of crypto assets. However, banking regulators have issued statements cautioning against bank exposure to crypto assets. As noted above, in January 2023, the Federal Reserve, FDIC, and OCC issued a joint statement outlining key risks associated with crypto assets, in which the regulators stated that, “based on the agencies’ current understanding and experience to date, the agencies believe that issuing or holding as principal crypto-assets that are issued, stored, or transferred on an open, public, and/or decentralized network, or similar system is highly likely to be inconsistent with safe and sound banking practices.”

In December 2022, the Basel Committee on Banking Supervision finalized standards for banks to manage their exposure to crypto assets. These standards provide very conservative capital treatment for crypto asset exposures.  The standards are expected to be implemented by each jurisdiction’s regulators by January 1, 2025. It is important to note that, under the Basel standards, more volatile yet popular crypto asset exposures such as Bitcoin would receive a very onerous 1,250 percent risk weight, effectively “dollar-for-dollar capital treatment”. Whether and how these standards are adopted by U.S. regulators remains uncertain.

In March 2022, the SEC released Staff Accounting Bulletin No. 121, which expressed the SEC staff’s view on how custody of crypto assets should be accounted for under Generally Accepted Accounting Principles. The staff bulletin provides that entities that safeguard crypto assets should record such assets on their balance sheets. It is unclear what implication this interpretation would have for Regulatory Accounting Principles or the capital that a bank must hold with respect to custody services that it provides for crypto assets.

The general application process to obtain a bank license can vary depending upon whether the bank would have a federal or state charter, deposit insurance, and membership in the Federal Reserve System.  An applicant may be required to submit one or more applications to the OCC, the FDIC, and/or the Federal Reserve, as well as a state banking authority, depending upon the characteristics of the proposed bank.

As part of the applications required to obtain a bank license, the organizing parties will be required to submit a significant amount of information to regulators about the proposed bank’s operations, including, but not limited to: biographical and financial information of the individuals filing the charter applications and the prospective management and directors of the bank, a comprehensive business plan, proposed levels of capital and liquidity, compliance program materials, and the proposed bank’s plans for meeting the credit needs of its community, including low- and moderate-income (“LMI”) neighborhoods.  Domestic de novo bank application and approval volumes have declined substantially since the Great Recession due in part to higher capital requirements and heightened scrutiny in the approval process. The entire process for obtaining a banking license can take a year or longer.

A foreign banking organization may establish a branch, agency, or commercial lending agency in the United Stated upon obtaining prior approval from the Federal Reserve.  In addition, the foreign banking organization may be required to obtain prior approval from the OCC or the state banking authority in which the branch is located.  A foreign banking organization with banking operations in the United States is treated as a bank holding company for purposes of the BHC Act and is subject to activities restrictions in the same manner as applicable to U.S. BHCs. Generally, the U.S. activities and investments of foreign banking organizations are subject to the same limitations as domestic BHCs under a policy of so-called “national treatment”.

Certain foreign banking organizations that directly or indirectly control a U.S. bank, or are required to establish an intermediate holding company under the Federal Reserve’s enhanced prudential standards, also are subject to various prudential and risk management requirements.

Similarly, U.S. banking organizations may establish foreign branches, make foreign investments, and engage in certain activities abroad, subject to the supervision and, in certain circumstances, prior approval of the relevant federal banking agency.

Typically, banks are corporations that are chartered by a state or, in the case of national banks, the OCC.  Less commonly, banks and bank holding companies can be structured in a mutualized form in which the organization is owned, wholly or partially, by the bank’s account holders.  National banks, regulated by the OCC, by statute must be a “body corporate,” which traditionally has excluded use of a partnership or limited liability company.

Under the National Bank Act, national banks are subject to a number of prescriptive requirements relating to governance and shareholder rights, including, among others, requirements relating to a national bank’s certificate of incorporation and bylaws, the issuance of common stock and other capital instruments, shareholder voting rights, and the structure and actions taken by the bank’s board of directors.  State-chartered banks may be subject to different requirements under applicable state law.

Banks are subject to regulatory requirements and supervisory expectations regarding their managerial resources and corporate governance, which are often tailored based on the size and complexity of an organization.  The federal banking regulators place significant emphasis on the role of a bank’s board of directors and management in maintaining a corporate and risk governance framework that facilitates the oversight and implementation of the bank’s strategic direction, risk culture, risk appetite, and organizational structure.  A bank’s corporate and risk governance framework should also provide for independent assessments of the quality, accuracy, and effectiveness of the bank’s risk management functions and compliance with laws and regulations.

The Dodd-Frank Act directed financial regulators to adopt rules that jointly prescribe regulations or guidelines aimed at prohibiting incentive compensation arrangements that might encourage inappropriate risks at financial institutions.  The financial regulators issued two separate executive compensation proposals, in 2011 and 2016, neither of which have been finalized.

There are also statutory restrictions on severance payments made to their institution-affiliated parties, which are referred to as “golden parachute” payments, which apply to an insured depository institution or its holding company if the institution or company is in a “troubled condition.”

Yes, the United States has implemented the Basel III framework with respect to regulatory capital.  Overall, the U.S. standards were assessed as “largely compliant” with the Basel III framework, although some deviations were noted. The most notable deviations would largely impact U.S. institutions negatively relative to foreign peers and are evidenced primarily as it relates to the credit and operational risk weighted assets calculations. For example, the U.S. proposal establishes an internal loss multiplier floor whereas the international standards do not. Another deviation involves real estate exposures where the U.S. proposal assigns harsher risk weights on lending products.

While the United States has not yet implemented so-called “Basel IV” requirements, also known as “Basel Endgame”, U.S. regulators jointly issued a notice of proposed rulemaking on the requirements on July 27, 2023. Implementation for this proposal is set for July 1, 2025, as part of a scaled 3-year period through June 30, 2028, to provide banking organizations sufficient time to meet their new capital requirements and to develop reporting and infrastructure requirements.

The proposed U.S. Basel rules would lower the scope of application threshold to a level of $100 billion in total assets.

U.S. banking organizations are generally subject to a minimum 4 percent leverage ratio requirement, with limited exceptions, and a requirement to have at least 5 percent leverage ratio to be rated “well capitalized.”  In October 2019, the Federal Reserve, OCC, and FDIC finalized a rule allowing qualifying community banking organizations to adopt a simple leverage ratio to measure capital adequacy.  Qualifying community banking organizations that elect to use the community bank leverage ratio framework and that maintain a leverage ratio of greater than 9 percent are considered to have satisfied the risk-based and leverage capital requirements in the federal bank agencies’ generally applicable capital rules. Additionally, qualifying community banks that are insured depository institutions are deemed to have met the well-capitalized ratio requirements for purposes of the Federal Deposit Insurance Act’s “prompt corrective action” framework.

Currently, large, internationally active banking organizations that qualify as “Category I,” “Category II,” or “Category III” firms under the federal agencies’ capital rules are also subject to a supplementary leverage ratio of 3 percent.  In addition, “Category I” firms must meet an enhanced supplementary leverage ratio that is 2 percentage points greater than the supplementary leverage ratio.

As referenced above, the federal banking agencies’ capital rules delineate four categories of standards based on asset size and other factors such as the degree of a firm’s cross jurisdictional activity, reliance on short-term wholesale funding, nonbank assets, and off-balance sheet exposures. Further details are available here:

https://www.federalreserve.gov/aboutthefed/boardmeetings/files/tailoring-rule-visual-20191010.pdf.

The U.S. federal banking agencies have implemented the Liquidity Coverage Ratio (“LCR”) rule, as well as the Net Stable Funding Ratio (“NSFR”) rule.  The LCR rule requires covered institutions to achieve and maintain a sufficient level of high-quality liquid assets equal to total projected net cash outflows during a 30-day stress scenario.  Under the NSFR rule, covered institutions are required to maintain a minimum level of stable funding, relative to such institution’s assets, derivatives, and commitments.  The stringency of the LCR and NSFR rule are tailored to banking organizations based on several factors, including asset size, cross-jurisdictional activity, reliance on short-term wholesale funding, nonbank assets, and off-balance sheet exposure.

Banking organizations subject to the Federal Reserve’s so-called enhanced prudential standards are also subject to various other liquidity risk management requirements, including internal liquidity stress testing and liquidity risk-management requirements.  In addition, the resolution planning requirements implemented by the Federal Reserve and the FDIC incorporate certain liquidity requirements, which are often the binding liquidity constraint for subject institutions.

Every federal, state member, and insured state non-member banking institution is required to file Consolidated Reports of Condition and Income (which are generally referred to as “Call Reports”) on a quarterly basis.  These reports are publicly available on the Federal Financial Institution Examination Council (“FFIEC”) Central Data Repository’s Public Data Distribution website.  Call reports contain financial statement information that is used by the federal banking agencies to monitor the financial condition, performance, and risk profile of banking organizations.  The specific reporting requirements vary based upon the size of the institution, and the nature of its activities.

The federal banking agencies also collect information from banking organizations at the holding company level on a periodic basis, as well as event-based reporting for changes in an entity’s organizational structure. Holding company public financial data is also available on the FFIEC Central Data Repository website.

Under the BHC Act, the Federal Reserve is tasked with exercising consolidated supervision of a bank holding company and all of its bank and nonbank subsidiaries. Through consolidated supervision, the Federal Reserve monitors the financial and managerial strength and risks within the consolidated organization.  The Federal Reserve has broad authority to inspect and obtain reports from a BHC and its bank and nonbank subsidiaries to evaluate a company’s financial condition, managerial resources, and risk management and compliance program, as well as compliance with federal laws.

The Federal Reserve works in conjunction with other domestic and foreign bank supervisors, as well as functional regulators, like the SEC and CFTC, so that each supervisory agency is able to carry out its individual mission, while limiting the potential for duplication or unnecessary burden.

A person or company must file a notice under the Change in Bank Control Act (“CIBCA”) with the appropriate federal banking agency and receive a non-objection from the relevant agency prior to acquiring “control,” directly or indirectly, of an insured depository institution or BHC, unless the transaction is subject to the BHC Act.  The notice must be filed at least 60 days prior to the date the proposed transaction is completed.  A person or company (or persons or companies acting in concert) is rebuttably presumed to acquire control of an insured depository institution or BHC under the CIBCA if it will own, control, or hold with power to vote 10 percent or more (but less than 25 percent) of any class of voting securities of the institution and (i) the institution has registered securities under Section 12 of the Securities Exchange Act or (ii) no other person will own, control, or hold the power to vote a greater percentage of that class of voting securities immediately after the transaction.

A company that acquires 25 percent or more of any class of voting stock of an insured depository institution or BHC, or otherwise has the ability to exercise a controlling influence over the institution or BHC, becomes itself a BHC, subject to the prior approval of the Federal Reseve, and would become subject to the requirements of the BHC Act and the Federal Reserve’s regulations thereunder.  A company that acquires less than 24.9 percent of any class of voting stock of an insured depository institution or BHC may be deemed to “control” it, based on the investor’s equity ownership, board representation, officer or employee interlocks, significant business relationships, or limiting contractual rights with respect to the institution or BHC.  The Federal Reserve finalized a rulemaking in 2020 codifying its framework for determining whether a company has the ability to exercise a “controlling influence” over another company, which is available here:

https://www.federalreserve.gov/newsevents/pressreleases/bcreg20200130a.htm.

When a person or company is seeking to acquire “control” of an insured depository institution or BHC, the appropriate federal banking agency evaluating the filing will consider certain factors, including: the competitive effects of the acquisition; whether the financial condition of any acquiring person or the future prospects of the institution are such as might jeopardize the financial stability of the bank or prejudice the interests of the depositors of the bank; and whether the competence, experience, or integrity of any acquiring person or of any of the proposed management personnel indicate that it would not be in the interest of the bank’s depositors or the public to permit such person to control the bank.

The appropriate federal banking agency may require an individual (or the key decision makers of an acquirer that is a company) seeking to acquire “control” of the insured depository institution or BHC to submit certain biographical and financial information on the Interagency Biographical and Financial Report (“IBFR”) and to provide fingerprints, and the agency and may perform a background check on such persons.

There are no restrictions on foreign shareholders in banks under federal banking law.  However, if a foreign shareowner obtains control of a U.S. depository institution for purposes of the BHC Act or the CIBCA, the foreign shareholder would be required to obtain prior approval, as discussed in question 19.

The federal banking agencies have noted that a parallel-owned banking organization, which is created when at least one U.S. depository institution and one foreign bank are controlled either directly or indirectly by the same person or group of persons, can raise unique risks that may result in heightened supervisory scrutiny.

Yes.  Following the 2008-2009 financial crisis, the Federal Reserve has applied a number of enhanced prudential standards to U.S. BHCs, as well as foreign banking organizations and U.S. intermediate holding companies, exceeding certain asset thresholds, pursuant to section 165 of the Dodd-Frank Act. These enhanced prudential standards include capital planning requirements; supervisory and company-run stress testing; risk management and risk committee requirements; single counterparty credit limits; standardized liquidity requirements (including the LCR rule and the NSFR rule); liquidity risk management, stress testing, and buffer requirements; and recovery and resolution planning requirements.

Section 165 of the Dodd-Frank Act was amended in 2018 by the Economic Growth, Regulatory Relief, and Consumer Protection Act (“Reform Act”) with respect to the applicability of the enhanced prudential standards, most notably by raising the total asset threshold for general application of enhanced prudential standards from $50 billion to $250 billion. The Reform Act also authorized the Federal Reserve to apply enhanced prudential standards to banking organizations with between $100 and $250 billion in total assets, but only if the Federal Reserve first determines that a particular enhanced prudential standard is appropriate in consideration of various risk-based factors (including capital structure, riskiness, complexity, financial activities, size, and any other risk-related factors that the Federal Reserve deems appropriate).  Pursuant to the Reform Act, the federal banking agencies implemented rulemakings in 2019 that apply tailored enhanced prudential standards to banking organizations with at least $100 billion in assets, with varying levels of stringency across the four categories of banking organizations (discussed above).

A firm categorized as a globally systemically important bank (“GSIB”) must maintain an additional capital buffer (known as its “GSIB surcharge”) based on the risks its failure or distress could pose to the U.S. financial system. A July 27, 2023 rule proposal would implement a number of changes to the GSIB surcharge calculation, including (i) measuring on an average basis over the full year the systemic indicators that are currently measured only as of year-end; (ii) measuring GSIB surcharges in 10-basis point increments instead of 50-basis point increments; and (iii) making improvements to the measurement of some systemic indicators to better align them with risk. This rule comment period ended in January 2024, with a yet to be disclosed effective date.

The federal banking agencies employ a range of formal and informal enforcement actions against regulated institutions in the case of a violation of banking regulations.  Generally, a federal banking agency will first identify a violation of law or supervisory concern in a formal examination report delivered to a regulated financial institution as a matter requiring attention or matter requiring immediate attention (“MRA” or “MRIA”).  If the violation of law or supervisory concern is not remediated, the regulator may take other informal actions, including entering into a memorandum of understanding or written agreement with the regulated institution.  For continued violations, regulators may undertake formal enforcement actions, including entering a cease and desist order and/or civil money penalties. There is no requirement that U.S. regulators follow this order of escalation, and a formal action may be the initial regulatory response depending on the severity of the issue(s).

The federal financial regulators may also pursue enforcement actions against a current or former institution-affiliated party in response to violations of laws, unsafe or unsound practices, or breaches of fiduciary duty.

The FDIC is the federal banking agency responsible for the orderly resolution of failed federally insured banks.  Unlike nonbank companies (including bank holding companies) that are resolved in bankruptcy under Chapter 7 or 11 of the U.S. Bankruptcy Code, federally insured banking organizations are resolved in receivership or, in limited cases, conservatorship that is administered by the FDIC.  The OCC is responsible for the resolution of uninsured national banks.

The FDIC, in its capacity as receiver, has a fiduciary obligation to all creditors of the receivership and to stockholders of the failed institution to maximize the amounts recovered as quickly as possible.  At the same time, the FDIC is statutorily mandated to choose the least costly option to the Deposit Insurance Fund when resolving a failed financial institution.  Typically, the FDIC uses two methods of resolution: (i) the FDIC facilitates a purchase and assumption transaction through which a buyer agrees to purchase some or all of the assets of the failed institution and assumes some or all of the liabilities, including all insured deposits, or (ii) through a deposit payoff, the FDIC, as insurer, pays all the insured depositors of the failed bank up to the insurance limit.

Under the Orderly Liquidation Authority (“OLA”), established in Title II of the Dodd-Frank Act, the FDIC may serve as the receiver in the resolution proceedings of certain systemically important financial institutions (which may include, for example, BHCs and nonbank financial companies supervised by the Federal Reserve).  The OLA is an alternative means of resolving systemically important financial institutions and it can only be invoked in limited circumstances upon specific findings and approvals by the U.S. Department of the Treasury and the appropriate federal regulatory agencies.

FDIC deposit insurance covers the depositors of a failed FDIC-insured depository institution. The standard insurance amount is $250,000 per depositor, per insured bank, for each account ownership category.  FDIC insurance covers all deposit accounts, including savings accounts, money market deposit accounts, checking accounts, and certificates of deposit.

In exceptional situations, U.S. regulators and the U.S. Department of the Treasury, with the concurrence of the U.S. President, can invoke additional powers to limit contagion effects of a banking crisis. One of these is the Systemic Risk Exception (“SRE”) which can be used to provide additional emergency support for failing financial institutions. The SRE has been increasingly used beginning with the Great Recession to protect depositors and bank asset values. In the most recent bank crisis in Spring 2023, the SRE was invoked to protect depositors above the FDIC insurance limit.

U.S. banking law does not include a bail-in tool in bank resolution.

In December 2016, the Federal Reserve finalized rules that establish minimum required amounts of long-term debt and total loss-absorbing capacity (“TLAC”) for the top-tier U.S. bank holding companies of GSIBs.  For purposes of the minimum TLAC requirement, TLAC generally consists of Tier 1 regulatory capital, including Common Equity Tier 1 capital and Additional Tier 1 capital, and certain long-term debt. The rule aims to promote the financial stability of the United States by enhancing the resiliency and resolvability of covered GSIBs in the event of their failure or material financial distress without the need for government or taxpayer support. In October 2020, the Federal Reserve finalized a rule that prescribes more stringent regulatory capital treatment for debt issued under TLAC requirements. The rule is aimed at reducing the interconnectedness between the largest banking organizations.

On August 29, 2023, U.S. bank regulators proposed a rule effectively expanding TLAC components to smaller institutions. The proposal would require covered entities classified as Category II, III, and IV institutions to issue and hold minimum amounts of long-term debt as a component of their funding base, similar to the above requirements for Category I GSIBs. The rule has not yet been finalized but would have a 3-year phased implementation period.

In 2023, U.S. regulators have shown an aggressive propensity to issue new rule proposals across financial and non-financial areas following the Spring 2023 banking crisis. U.S. regulators have issued new rule proposals on capital, liquidity, mergers and acquisitions, and resolution plans, all in the final six months of the year. A consistent and noteworthy theme within many of these major rule proposals is setting or expanding the scope of coverage to much smaller institutions, down to the $100 billion in total assets threshold.

The Biden Administration has demonstrated a greater focus on consumer protection issues at banking organizations, including through actions aimed at advancing racial equity and support for underserved communities.  However, multiple initiatives by the CFPB have been stalled by court challenges which are unlikely to be fully resolved until the Supreme Court decides on the constitutionality of the CFPB’s funding structure in the case of the Community Financial Services Association v. CFPB. For example, the CFPB proposed a rule in September 2021 that would significantly increase the data reported for loans under the Equal Credit Opportunity Act; a preliminary injunction has since been issued prohibiting the CFPB from implementing the rulemaking pending the resolution of the CFSA case. Additionally, in March 2022 the CFPB changed its interpretation of discriminatory practices under the Unfair, Deceptive, or Abusive Acts or Practices (“UDAAP”) rules. A coalition of trade associations challenged the changes and won a summary judgement in September 2023, a decision which the CFPB has since appealed. Furthermore, banking regulators finalized a joint rulemaking in October 2023 to amend the Community Reinvestment Act regulations in an aim to expand access to banking in low and moderate-income communities.

Another likely trend in U.S. bank regulation will be a continued focus on how banking institutions can combat climate change and how these institutions should be managing climate-related considerations in their risk management frameworks.  For example, the Federal Reserve, along with the FDIC and the OCC, finalized principles for the safe and sound management of climate-related financial risks for large banking organizations in October 2023.

As discussed in question six above, federal bank regulators have struck a consistent and skeptical tone with respect to crypto activities, reversing course from the prior administration.  This posture is likely to persist following the collapse of crypto markets in 2022 and the influence crypto activities played in several of the large bank failures in 2023.

Credit risk, especially from commercial real estate (“CRE”) portfolios, has become an increasing risk factor.  The OCC, in its Fall 2023 Semiannual Risk Perspective, identified credit risk, as the top risk area, moving up from the number two risk area by supplanting liquidity risk. It is important for banks to recognize that the heightened risk environment could strain risk management functions, such as credit risk review and loan workout, and thus provide resources and heightened risk management across lending portfolios, especially those that represent a concentration of credit risk.

Regarding CRE, although delinquency rates in this sector have been low, they are beginning to increase. Some banks with CRE loan concentrations have reported adverse earnings as the pandemic’s impacts on office and other income producing sectors, along with higher sustained interest rates, have elevated risks.  CRE in metropolitan areas has been particularly weakened, as has some multifamily rental sectors. These effects will continue to weaken bank earnings and elevate regulatory oversight throughout the coming year.

The bank failures of 2023 showed the negative impact that persistently heightened interest rates have on some financial institutions. With inflation rates remaining above target levels, it will be difficult for the Federal Reserve to bring rates down in the near term. As such, interest rate risk will continue to pressure bank asset valuations and, as a result, impair liquidity. In order to manage this dynamic, some banks will need to focus on raising capital, strengthening short term assets in relation to volatile funding, and shifting away from less liquid to more liquid assets, and should review potential risks in their portfolios to ensure continued safety and soundness.