|
|
|
|
|
|
|
|||||
|
|||||
| Appendix B: Risk Profile and Scope Memorandum Template; Sample Risk Profile and Scope Memorandum |
Risk Profile and Scope Memorandum Template; Sample Risk Profile and Scope Memorandum RISK PROFILE AND SCOPE MEMORANDUM
COMPLIANCE EXAMINATION Pre-Examination Planning Memorandum Data Sheet
_____________________________________________________________________________________ Name of Institution:................................... City, State:........................................... Cert. No............................................... # of Open Offices (including Main Office).............. SHARP Examination No................................... Total Assets (xx/xx/xxxx).............................. Field Office of Institution............................ Field Office Performing Examination.................... Examiner-In-Charge (Current Examination)............... _____________________________________________________________________________________
LAST EXAMINATION INFORMATION _____________________________________________________________________________________ Type PROC Date Rating # Examiners Hours EIC
_____________________________________________________________________________________
OUTSTANDING ENFORCEMENT ACTION INFORMATION _____________________________________________________________________________________ EA Type Division Issue Date Supervisory Area
CURRENT EXAMINATION INFORMATION _____________________________________________________________________________________ PEP Start Date......................................... PEP Completion Date.................................... Anticipated Examination Date........................... Assigned Number of Examiners........................... Anticipated Compliance Hours........................... Anticipated CRA Hours.................................. Proposed Number of Community Contacts to be Performed.. Consumer Complaints received since the previous Examination?........................................... Has data requested from the Institution been received?. Is HMDA Applicable?....................................
Current SAER Exam Comment:
_____________________________________________________________________________________
REPORT OF CONDITION AND INCOME _____________________________________________________________________________________ Date................................................... Net Loans.............................................. Gross Loans............................................ _____________________________________________________________________________________
BREAK-DOWN OF LOAN PORTFOLIO _____________________________________________________________________________________ Loan Type Dollar Volume % of Portfolio
Consumer Loans Commercial Loans Farm Loans Multi-Family Loans Residential Loans Other _____________________________________________________________________________________
ASSET GROWTH
Call Date: Call Date: Total Assets: Total Assets:
_________________________________________________ DEPOSIT INFORMATION _____________________________________________________________________________________ Non-Interest Interest Bearing
_____________________________________________________________________________________
Summary of the risk profile of the institution
Risk Profile Matrix
(L) = Low Risk; (M) = Moderate Risk; (H) = High Risk
CMS Elements:
Oversight
Program
Audit
Operational Areas
Lending
Deposits
Specialty
Scope of the examination
Compliance Management System
Community Reinvestment Act (CRA)
Fair Lending Review
Complaints
Miscellaneous
Issues to be Investigated or Areas to be Targeted
All issues of special concern discussed under the two previous sections will be targeted. In addition, the following table indicates the specific regulations that will and will not be subject to transactional testing.
SAMPLE RISK PROFILE & SCOPE MEMORANDUM
The following section includes a sample Risk Profile & Scope Memorandum as it would appear at the conclusion of the examination. As such, there are comments included that were added by the EIC after the on-site portion of the examination commenced. For illustrative purposes these appear in bold and italicized font.
BANK OF ANYTOWN RISK PROFILE & SCOPE MEMORANDUM Examination Dated - January 13, 2003 ____________________________________
I. Summary of the risk profile of the institution
Bank/Cert: Bank of Anytown / ##### Assets/Facilities: $50 million / 3 locations Ownership: Johnson BHC, Anytown, Anystate Affiliates: Second Savings Bank, Otherville, Anystate Management: Michele J. Smith, President/CEO; and Douglas F. Grand, VP/Compliance Officer Previous Ratings: 122/2 Compliance (1-15-01) �Satisfactory� CRA (1-20-99) 22121/2 CAMELS (6-30-02) Enforcement Actions: None
Risk Profile Matrix
(L) = Low Risk; (M) = Moderate Risk; (H) = High Risk
CMS Elements:
Oversight - Board and Management Oversight demonstrates a low level of risk. � President Smith and Compliance Officer Grand are knowledgeable, committed to maintaining a strong CMS, and demonstrate a positive attitude toward consumer compliance issues. Prior examinations indicated a willingness to implement corrective action. � The Board recognizes that it has ultimate responsibility for compliance and reviews the results of the FDIC compliance exams promptly after receiving the Reports. � No changes in bank strategy, ownership, the directorate, or management since the prior exam and no significant changes in key personnel. � Commitment of resources dedicated to compliance, and the level of authority granted to President Smith and Compliance Officer Grand appear appropriate.
All bank officers have multiple responsibilities, so time available for compliance issues is limited and management has opted to keep the CMS as informal as possible in order to reduce the time spent generating reports and updating policies. This approach has not adversely affected the institution�s performance, but some concerns are evident.
� The Board of Directors minutes contain no references to compliance, other than reflecting that the last compliance examination results and recommendations were discussed. � The Board has received no compliance-related training.
The low level of Board involvement does not currently create any significant risk, given the strong management oversight. However, some additional reporting and general training would strengthen Board oversight and better prepare them to consider compliance-related business risks.
President Smith agreed that compliance had not been a frequent topic of discussion at board meetings. During the examination, Ms. Smith committed to having CO Grand provide brief, semi-annual compliance presentations to the board. The presentations will include a general status report, the results of the bank�s monitoring efforts, and overview-type compliance training.
Program - Program demonstrates a moderate level of risk.
� Monitoring is performed in several areas. All consumer-related loan documentation is generated at the main office and is reviewed by Compliance Officer Grand or loan secretary Janet Applegate prior to being delivered to the customer. The bank maintains only cursory documentation of the findings of loan reviews, but discussions with Ms. Applegate revealed a strong understanding of the relevant regulations. Monitoring for compliance with Reg CC and Interest on Deposits is performed by Cashier Donna Reed and by the head tellers at each facility. A record of identified and corrected errors is maintained and reviewed with the appropriate staff monthly. � Discussions with President Smith and Compliance Officer Grand revealed that each has recently received compliance training, and that training of the bank's staff is conducted on a regularly recurring basis. Although no supporting documentation of training was available, discussions with various personnel in the bank revealed that the bank�s approach to training has been effective.
Primary areas of concern identified during the exam are related to the bank�s policies and internal monitoring efforts and involve, to varying degrees, all operational areas.
� The bank�s compliance program is currently a combination of written and unwritten policies. Although Compliance Officer Grand appears to be able to communicate to the bank�s staff all the regulatory requirements related to the bank�s product offering, examiners have some continuity concerns in the event that Mr. Grand should leave the bank. � Discussions with management revealed that some compliance procedures differ among the various locations, since the staff at the branches previously worked for a different institution.
Examiners provided guidance during the exam regarding suggested content for a written program, focused on the bank�s high risk areas, that would help provide for continuity and consistency in the application of the CMS. CO Grand agreed that the bank would benefit from such a document, and he committed to developing and adopting a written program within the next 6 months.
� No monitoring of advertising, TIS, or Privacy is performed. In the absence of internal or external audits as a compensating factor, the lack of monitoring in these areas is considered a deficiency.
Mr. Grand indicated that all areas will be included in either the internal monitoring or audit functions in the future.
Audit � The audit function demonstrates a moderate level of risk.
Compliance Officer Grand stated that internal audit procedures for compliance had been established, however as of this examination, they had not been implemented for any area other than flood insurance. Examiner review of the proposed audit structure suggested that the audit program is limited in scope, but seems to adequately address the areas of highest risk. Of particular concern are the areas which are not currently subject to internal monitoring, as well as those areas with violations at this and prior exams. Examiners urged the bank to implement the audit function as soon as possible for these areas.
Operational Areas
Lending � Significant violations were noted in the lending area at the previous examination. � The bank�s level of residential lending since the previous exam has increased substantially due to interest rate-driven refinance activity. � Lack of procedural uniformity among all facilities could result in loan-related violations. � The bank�s trade area includes special flood hazard areas.
Deposits � No history of significant violations in this area. � Very little staff turnover. � Discussions with personnel indicate effective training. � No new products or significant software changes since LX.
Specialty � No history of significant violations in these regulations. � The bank does not share customer information outside of the Privacy exceptions. � The bank does not sell any Non Deposit Products other than credit life and disability insurance. Discussions with management and loan officers indicate a full understanding of the notice requirements.
II. Scope of the examination
A joint Compliance/CRA examination is scheduled to begin its on-site activities on January 13th and conclude the week of January 20th. The on-site review will occur at the bank�s main facility at 123 Main Street, Anytown, Anystate. Due to internal control issues to be investigated, visits will be conducted to two branches (of ten) that were acquired from another institution since the last examination. The visits will review knowledge of and adherence to the bank�s compliance-related procedures.
The previous examination noted significant violations of TIL, ECOA, Flood Insurance, and EFT, and isolated violations of Reg CC. Program deficiencies noted were policies that had not been updated to address new products, and lack of internal monitoring and/or audit procedures.
Compliance Management System � Since the Board of Directors minutes reflected little information about the board's involvement in compliance, more discussion will be conducted with management to determine the board's participation in compliance decisions. � The weakness noted by the risk management examiners in the internal controls between the branches will be investigated from the compliance point of view. The RM examiners found that some branches, acquired since the last examination, were not yet following a number of the bank�s procedures. � In-depth discussions with appropriate personnel, such as loan officers and new accounts representatives, will be held to determine understanding of new regulatory requirements (Home Ownership Counseling, Privacy, NDIP, COPPA, and HPA).
Community Reinvestment Act (CRA) A CRA evaluation will be performed in conjunction with this compliance examination. The evaluation will be based on residential and consumer lending. The bank has two assessment areas, consisting of six middle-income census tracts. The bank will be evaluated as a �small institution.� The bank did not elect to have its investments and services considered as part of its CRA evaluation. The bank was rated a �Satisfactory� at the prior CRA evaluation. Two community contacts will be conducted.
Fair Lending Review The fair lending review will follow the FFIEC Interagency Fair Lending Procedures. Refer to the Fair Lending Memorandum for a description of the scope of review, the procedures followed and the conclusions reached.
Complaints The bank has received no written complaints since the prior examination, nor did the FDIC receive any complaints about the bank.
Staffing and Projected Hours The anticipated hours for review of the CMS is ____, for CRA is ____, and for Fair Lending is ____ (including _____ hours of training). Three examiners should be sufficient to perform the exam. EIC Mary Richards will perform the bulk of the CMS analysis. Examiner David Jones will perform the CRA evaluation. Assistant Examiner Barbara Heck will review Fair Lending and assist with CMS and/or CRA as necessary during the examination.
Miscellaneous � SHARP Exam Number - ##### � This is the first exam at this bank using the revised compliance exam procedures.
III. Issues to be Investigated or Areas to be Targeted
All issues of special concern discussed under the two previous sections will be targeted. In addition, the following table indicates the specific regulations that will and will not be subject to transactional testing.
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Last Updated 08/14/2003 | supervision@fdic.gov |
|
|
| Home Contact Us Search Help SiteMap Forms Freedom of Information Act Website Policies FirstGov.gov |