June 14, 2017
By Niall Twomey, CRCM
Effective April 1, 2017, a recently finalized rule from the Federal Deposit Insurance Corp. (FDIC) requires institutions with 2 million or more deposit accounts to design and implement a deposit insurance calculation system that will facilitate quick determination of deposit insurance coverage in the event of a bank failure. According to FDIC call report data as of June 30, 2016, the rule applies to 38 institutions, each with more than 2 million deposit accounts. This rule raises the stakes for top bank executives with its requirement that by the end of a three-year implementation period, covered banks’ CEOs or chief operating officers (COOs) must personally certify compliance with the rule.
According to the final rule, “Recordkeeping for Timely Deposit Insurance Determination,” banks must, at the end of the implementation period, be able to determine account balances, identify insured deposits, aggregate account and balance information for depositors, and calculate insurance coverage within 24 hours after a failure.
To do this, covered banks will have to update IT systems, including core deposit and customer information systems, and develop a model for calculating deposit insurance using inputs from across the organization. Many banks will need to modernize or completely revamp multiple, separate IT systems containing account and customer information, all of which have likely been set up at different times and with varying levels of sophistication.
A Five-Step Process to Get Your System Up to Snuff
Considering the numerous inputs and systems involved in achieving compliance, banks must begin evaluating and updating systems now – not later. The five-step process described here outlines the major actions banks should take as they begin to grapple with the new ruling.
- Design and implement a deposit calculation model. At the crux of the FDIC’s final rule is a requirement that banks establish a deposit calculation model that will pull data from each deposit and customer information system to determine the insured and uninsured amount of deposits in each account. The FDIC has not provided specific guidelines for what the tool should look like. It has instead required that the tool must be tested and validated for reliability and that the CEO or COO must sign off on the tool’s soundness.
- Inventory all deposit and customer information systems. Banks for whom this ruling applies have many lines of business, including trust services, wealth management, private banking, regular deposits, retirement accounts, business accounts, and more. Each business line might have its own separate customer information system, or the bank might have a single global system containing information for all customer types. The contents, functionality, and interrelation of deposit and customer information systems need to be inventoried, and all deposit systems that maintain FDIC-insured deposits must be considered.
- Determine if each identified system maintains the necessary fields. Banks must be able to provide the FDIC detailed and specific information about accounts and account holders. The calculation model will incorporate dozens of input fields including customer identification (such as name, social security number or other government ID, address, phone number, email) and account type and status (such as a single or jointly held account, any holds on the account, account balance, accrued interest amount). Banks also need to assess whether the fields necessary for the calculation model are present in the bank’s systems and accurately labeled.
- Determine whether the procedures and controls are set up to instill confidence in data accuracy. Systems vary in terms of age as well as origin and maintenance – that is, whether developed and maintained in house or vendor-managed. These variances can lead to data discrepancies. Banks must evaluate whether a process exists to address discrepancies and inconsistencies between systems and to determine which system should be relied upon when inconsistencies occur.
Banks also need to establish procedures and controls to make certain that data is accurately maintained over time. Problems in the data could arise in countless ways. Governance protocols must be in place to maintain the integrity and accuracy of dynamic customer and account data.
- Perform ongoing compliance testing and validation. The calculation tool must be validated upon any significant changes to the model or underlying systems. Compliance testing from the FDIC will begin after the expiration of the rule’s implementation period.
Don’t Be Lulled Into Complacency
Three years may seem like a lengthy implementation period, but given the number and complexity of systems that will feed into the calculation model required by the FDIC’s final rule, banks should begin the process of assessing systems, ensuring data integrity, and, ultimately, developing the calculation model today.