[Federal Register: October 13, 1998 (Volume 63, Number 197)]
[Notices]
[Page 54704-54711]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr13oc98-83]
=======================================================================
-----------------------------------------------------------------------
FEDERAL FINANCIAL INSTITUTIONS EXAMINATION COUNCIL
Uniform Interagency Trust Rating System
AGENCY: Federal Financial Institutions Examination Council.
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: The Federal Financial Institutions Examination Council (FFIEC)
is revising the Uniform Interagency Trust Rating System (UITRS),
commonly referred to as the trust rating system. The revisions update
the rating system to reflect changes that have occurred in the
fiduciary services industry and in supervisory policies and procedures
since the rating system was first adopted in 1978. The changes revise
the definitions for the numerical ratings to conform to the language
and tone of the Uniform Financial Institutions Rating System (UFIRS)
rating definitions, commonly referred to as the CAMELS rating system;
reformat and clarify the component rating descriptions; reorganize the
account administration and conflicts of interest components into a new
component addressing compliance; emphasize the quality of risk
management processes in each of the rating components, particularly in
the management component; add language in composite rating definitions
to parallel the changes in the component rating descriptions; and
explicitly identify the types of risk that are considered in assigning
component ratings.
The term ``financial institution'' refers to those FDIC insured
depository institutions whose primary Federal supervisory agency is
represented on the FFIEC. Uninsured trust companies that are chartered
by the OCC, members of the Federal Reserve System, or subsidiaries of
registered bank holding companies or insured depository institutions
are also covered by this notice. The Federal supervisory agencies
participating in this notice are: the Board of Governors of the Federal
Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC),
the Office of the Comptroller of the Currency (OCC), and the Office of
Thrift Supervision (OTS).
DATES: Effective October 13, 1998.
FOR FURTHER INFORMATION CONTACT:
FRB: William R. Stanley, Supervisory Trust Analyst, Specialized
Activities, (202) 452-2744, Division of Banking Supervision and
Regulation, Board of Governors of the Federal Reserve System, Mail Stop
175, 20th and C Streets, NW, Washington, D.C. 20551
FDIC: John F. Harvey, Trust Review Examiner, (202) 898-6762, Division
of Supervision, Federal Deposit Insurance Corporation, Room F2078, 550
17th Street, NW, Washington, D.C. 20429.
OCC: Laurie A. Edlund, National Bank Examiner, (202) 874-3828, Division
of Asset Management, Office of the Comptroller of the Currency, 250 E
Street, SW, Mail Stop 7-7, Washington, D.C., 20219.
OTS: Larry A. Clark, Senior Manager, Compliance and Trust Programs,
(202) 906-5628, Gary C. Jackson, Program Analyst, (202) 906-5653,
Compliance Policy, Office of Thrift Supervision, 1700 G Street, NW,
Washington, D.C. 20552.
SUPPLEMENTARY INFORMATION:
Background information
On February 17, 1998, the FFIEC published a notice in the Federal
Register (February Notice), 63 FR 7802, requesting comment on proposed
revisions to the Uniform Interagency Trust Rating System (UITRS). The
UITRS is an internal supervisory examination rating system used by the
Federal supervisory agencies for evaluating the administration of
fiduciary activities of financial institutions and uninsured trust
companies on a uniform basis and for identifying those institutions
requiring special supervisory attention. The UITRS was adopted on
September 21, 1978 by the Office of the Comptroller of the Currency
(OCC), the Federal Deposit Insurance Corporation (FDIC), and the Board
of Governors of the Federal Reserve System (FRB), and in 1988 by the
Federal Home Loan Bank Board, predecessor agency to the Office of
Thrift Supervision (OTS).
Under the UITRS, each institution is assigned a composite rating
based on an evaluation and rating of essential components of an
institution's fiduciary activities. The composite rating reflects the
overall condition of an institution's fiduciary activities and is used
by the Federal supervisory agencies to monitor aggregate trends in the
overall administration of fiduciary activities. Under the former UITRS,
each financial institution or trust company was assigned a composite
rating based on an evaluation and rating of six essential components of
an institution's fiduciary activities. These components addressed: the
capability of management; the adequacy of operations, controls and
audits; the management of fiduciary assets; the adequacy of account
administration practices; the adequacy of practices relating to self-
dealing and conflicts of interest; and the quality and level of
earnings. Both the composite and component ratings are assigned on a 1
to 5 numerical scale. A 1 indicates the strongest performance and
management practices, and the least degree of supervisory concern,
while a 5 indicates the weakest performance and management practices
and,
[[Page 54705]]
therefore, the highest degree of supervisory concern.
The UITRS has proven to be an effective way for the Federal
supervisory agencies to determine the condition of an institution's
fiduciary activities. A number of changes, however, have occurred in
the fiduciary industry and in supervisory policies and procedures since
the rating system was first adopted. As a result, the FFIEC is making
certain enhancements to the rating system, but is retaining its basic
framework. The UITRS enhancements:
Realign the UITRS rating definitions to bring them in line
with UFIRS.
Reduce the component rating categories from six to five,
combining the Account Administration and Conflicts of Interest
components into a new Compliance component.
Require Earnings to be rated only in institutions with
more than $100 million in total trust assets, and in all non-deposit
trust companies. An earnings rating is not required for the remaining
institutions (those institutions not required to file Schedule E
1); however, each Federal supervisory agency has the option
of requiring the earnings of these institutions to be rated using the
alternate rating definitions where applicable.
---------------------------------------------------------------------------
\1\ Schedule E is the Trust Income Statement of the FFIEC Annual
Report of Trust Assets (FFIEC 001). Schedule E is required to be
filed by each financial institution with total trust assets of more
than $100 million as reported on line 18, column F of Schedule A,
and by all non-deposit trust companies, whether or not they report
any assets on Schedule A.
---------------------------------------------------------------------------
Explicitly refer to the quality of risk management
processes in the management component, and the identification of risk
elements within the composite and component rating definitions.
Comments Received and Changes Made
The FFIEC received two public comments from industry trade
associations regarding the proposed revisions to the UITRS. Both
commenters generally favored the changes made, in particular the
emphasis on risk management, the changes to the UITRS to conform to the
language and tone of the UFIRS, and the considerations given to the
earnings component when evaluating a small trust department.
Examiners field tested the revised rating system during 61 bank and
thrift fiduciary examinations conducted between February and May 1998.
The examiners provided comments regarding the revised rating system.
Examiner response was generally favorable, and no significant problems
or unanticipated rating differences were encountered between the former
and updated UITRS. Some of the examiner comments recommended clarifying
changes to various aspects of the revised rating system.
The FFIEC carefully considered each comment and examiner response
and made certain changes. The following discussion describes the
comments received (both through public comment and agency field
testing) and changes made to the UITRS in response to those comments.
The updated UITRS is included at the end of this Notice.
February Notice Specific Questions
In addition to requesting general comments regarding the proposed
system, the FFIEC invited comments on four specific questions:
(1) Does the proposal capture the essential risk areas of the
fiduciary services industry?
The majority of the responses to this question were positive, and
no changes were made.
(2) Does the proposed management component adequately assess the
quality of the board of directors' and management's oversight regarding
its fiduciary responsibility and its ability to identify and manage all
areas of risk involved in the exercise of its fiduciary powers?
The majority of the responses to this question were positive, and
no changes were made.
(3) Are there any components which should be added to or deleted
from the proposal?
The majority of the responses received regarding the components
were favorable. A number of examiners recommended strengthening the
conflict of interest section of the Compliance component. Several
examiners also requested clarification of the application of the
optional earnings rating to the Earnings component. These concerns are
addressed later in this Notice.
(4) Are the definitions for the individual components and the
composite numerical ratings in the proposal consistent with the
language and tone of the UFIRS definitions?
The majority of the responses to this question were positive. The
agencies received several examiner comments recommending changes to
address minor inconsistencies in wording throughout the UITRS. Many of
these minor wording changes were made to improve the consistency of the
rating system.
Compliance Component
The February notice combined the former Account Administration and
Conflicts of Interest components into a new Compliance component. The
new component assesses the institution's compliance with the terms of
governing instruments, applicable laws and regulations, sound fiduciary
principles, and internal policies and procedures. In addition, the new
component addresses compliance with applicable laws, regulations, and
internal policies and procedures on a broader, institution-wide basis
by focusing on compliance and strategic risk.
Several examiners expressed concern that the new rating component
de-emphasizes the seriousness of self-dealing and conflicts of
interest. The FFIEC emphasizes that self-dealing and other conflicts of
interest, and the associated risks to the institution, continue to be
areas of great importance and concern. The intent of the new Compliance
component was not to de-emphasize the seriousness or importance of
self-dealing or other conflicts of interest. Accordingly, the
description of the new component and its rating definitions has been
revised and expanded to clarify the importance of these issues.
Earnings Component
Under the former UITRS, an Earnings rating was required for all
institutions. The February notice proposed several changes to the
Earnings component. An earnings rating would be required for
institutions with more than $100 million in total trust assets (as
reported on FFIEC 001 Schedule A, line 18, column F) and for non-
deposit trust companies. An earnings rating would not be required for
the remaining institutions (those institutions not required to file
Schedule E of FFIEC 001); however, each Federal supervisory agency
would have the option of requiring the earnings of these institutions
to be rated using either the rating definitions designated for Schedule
E filers or, in accordance with the agency's implementing guidelines,
the definitions for the alternate ratings.
The majority of the comments received on the Earnings component
changes were positive; however, several examiners requested that the
FFIEC clarify various aspects of this component. In response, the FFIEC
added an evaluation factor section for the alternate earnings rating,
and separated the two rating definitions. In addition, each agency will
issue implementing guidance addressing the
[[Page 54706]]
applicability of the Earnings rating to its supervised institutions.
Implementation Date
The FFIEC recommends that the Federal supervisory agencies
implement the updated UITRS January 1, 1999. This date ensures that
institutions with examinations commenced in 1999 will be assessed under
the updated UITRS.
Text of the Revised Uniform Interagency Trust Rating System
Uniform Interagency Trust Rating System
Introduction
The Uniform Interagency Trust Rating System (UITRS) was adopted on
September 21, 1978 by the Office of the Comptroller of the Currency
(OCC), the Federal Deposit Insurance Corporation (FDIC), and the Board
of Governors of the Federal Reserve System (FRB), and in 1988 by the
Federal Home Loan Bank Board, predecessor agency to the Office of
Thrift Supervision (OTS). Over the years, the UITRS has proven to be an
effective internal supervisory tool for evaluating the fiduciary
activities of financial institutions on a uniform basis and for
identifying those institutions requiring special attention.
A number of changes have occurred in both the banking industry and
the Federal supervisory agencies' policies and procedures which
prompted a review and revision of the 1978 rating system. The revisions
to the UITRS:
Realign the UITRS rating definitions to bring them in line
with the Uniform Financial Institutions Rating System (UFIRS).
Reduce the component rating categories from six to five,
combining the Account Administration and Conflicts of Interest
components into a new Compliance component.
Require Earnings to be rated only in institutions with
more than $100 million in total trust assets, and in all non-deposit
trust companies. An earnings rating is not required for the remaining
institutions (those institutions not required to file FFIEC 001
Schedule E); 2 however, each Federal supervisory agency has
the option of requiring the earnings of these institutions to be rated
using the alternate rating definitions where applicable.
---------------------------------------------------------------------------
\2\ Schedule E is the Trust Income Statement of the FFIEC Annual
Report of Trust Assets (FFIEC 001). Schedule E is required to be
filed by each financial institution with total trust assets of more
than $100 million as reported on line 18, column F of Schedule A,
and by all non-deposit trust companies, whether or not they report
any assets on Schedule A.
---------------------------------------------------------------------------
Explicitly refer to the quality of risk management
processes in the management component, and the identification of risk
elements within the composite and component rating definitions.
These revisions are intended to promote and complement efficient
examination processes. The revisions update the rating system but
retain its basic framework. Consequently, the revised rating system
will not result in additional regulatory burden to institutions or
require additional policies or processes.
The UITRS considers certain managerial, operational, financial and
compliance factors that are common to all institutions with fiduciary
activities. Under this system, the supervisory agencies endeavor to
ensure that all institutions with fiduciary activities are evaluated in
a comprehensive and uniform manner, and that supervisory attention is
appropriately focused on those institutions exhibiting weaknesses in
their fiduciary operations.
Overview
Under the UITRS, the fiduciary activities of financial institutions
are assigned a composite rating based on an evaluation and rating of
five essential components of an institution's fiduciary activities.
These components address the following: the capability of management;
the adequacy of operations, controls and audits; the quality and level
of earnings; compliance with governing instruments, applicable law
(including self-dealing and conflicts of interest laws and
regulations), and sound fiduciary principles; and the management of
fiduciary assets.
Composite and component ratings are assigned based on a 1 to 5
numerical scale. A 1 is the highest rating and indicates the strongest
performance and risk management practices and the least degree of
supervisory concern. A 5 is the lowest rating and indicates the weakest
performance and risk management practices and, therefore, the highest
degree of supervisory concern. Evaluation of the composite and
components considers the size and sophistication, the nature and
complexity, and the risk profile of the institution's fiduciary
activities.
The composite rating generally bears a close relationship to the
component ratings assigned. However, the composite rating is not
derived by computing an arithmetic average of the component ratings.
Each component rating is based on a qualitative analysis of the factors
comprising that component and its interrelationship with the other
components. When assigning a composite rating, some components may be
given more weight than others depending on the situation at the
institution. In general, assignment of a composite rating may
incorporate any factor that bears significantly on the overall
administration of the financial institution's fiduciary activities.
Assigned composite and component ratings are disclosed to the
institution's board of directors and senior management.
The ability of management to respond to changing circumstances and
to address the risks that may arise from changing business conditions,
or the initiation of new fiduciary activities or products, is an
important factor in evaluating an institution's overall fiduciary risk
profile and the level of supervisory attention warranted. For this
reason, the management component is given special consideration when
assigning a composite rating.
The ability of management to identify, measure, monitor, and
control the risks of its fiduciary operations is also taken into
account when assigning each component rating. It is recognized,
however, that appropriate management practices may vary considerably
among financial institutions, depending on the size, complexity and
risk profiles of their fiduciary activities. For less complex
institutions engaged solely in traditional fiduciary activities and
whose directors and senior managers are actively involved in the
oversight and management of day-to-day operations, relatively basic
management systems and controls may be adequate. On the other hand, at
more complex institutions, detailed and formal management systems and
controls are needed to address a broader range of activities and to
provide senior managers and directors with the information they need to
supervise day-to-day activities.
All institutions are expected to properly manage their risks. For
less complex institutions engaging in less risky activities, detailed
or highly formalized management systems and controls are not required
to receive strong or satisfactory component or composite ratings.
The following two sections contain the composite rating
definitions, and the descriptions and definitions for the five
component ratings.
Composite Ratings
Composite ratings are based on a careful evaluation of how an
institution conducts its fiduciary activities. The
[[Page 54707]]
review encompasses the capability of management, the soundness of
policies and practices, the quality of service rendered to the public,
and the effect of fiduciary activities upon the soundness of the
institution. The five key components used to assess an institution's
fiduciary activities are: the capability of management; the adequacy of
operations, controls and audits; the quality and level of earnings;
compliance with governing instruments, applicable law (including self-
dealing and conflicts of interest laws and regulations), and sound
fiduciary principles; and the management of fiduciary assets. The
composite ratings are defined as follows:
Composite 1. Administration of fiduciary activities is sound in
every respect. Generally all components are rated 1 or 2. Any
weaknesses are minor and can be handled in a routine manner by
management. The institution is in substantial compliance with fiduciary
laws and regulations. Risk management practices are strong relative to
the size, complexity, and risk profile of the institution's fiduciary
activities. Fiduciary activities are conducted in accordance with sound
fiduciary principles and give no cause for supervisory concern.
Composite 2. Administration of fiduciary activities is
fundamentally sound. Generally no component rating should be more
severe than 3. Only moderate weaknesses are present and are well within
management's capabilities and willingness to correct. Fiduciary
activities are conducted in substantial compliance with laws and
regulations. Overall risk management practices are satisfactory
relative to the institution's size, complexity, and risk profile. There
are no material supervisory concerns and, as a result, the supervisory
response is informal and limited.
Composite 3. Administration of fiduciary activities exhibits some
degree of supervisory concern in one or more of the component areas. A
combination of weaknesses exists that may range from moderate to
severe; however, the magnitude of the deficiencies generally does not
cause a component to be rated more severely than 4. Management may lack
the ability or willingness to effectively address weaknesses within
appropriate time frames. Additionally, fiduciary activities may reveal
some significant noncompliance with laws and regulations. Risk
management practices may be less than satisfactory relative to the
institution's size, complexity, and risk profile. While problems of
relative significance may exist, they are not of such importance as to
pose a threat to the trust beneficiaries generally, or to the soundness
of the institution. The institution's fiduciary activities require more
than normal supervision and may include formal or informal enforcement
actions.
Composite 4. Fiduciary activities generally exhibit unsafe and
unsound practices or conditions, resulting in unsatisfactory
performance. The problems range from severe to critically deficient and
may be centered around inexperienced or inattentive management, weak or
dangerous operating practices, or an accumulation of unsatisfactory
features of lesser importance. The weaknesses and problems are not
being satisfactorily addressed or resolved by the board of directors
and management. There may be significant noncompliance with laws and
regulations. Risk management practices are generally unacceptable
relative to the size, complexity, and risk profile of fiduciary
activities. These problems pose a threat to the account beneficiaries
generally and, if left unchecked, could evolve into conditions that
could cause significant losses to the institution and ultimately
undermine the public confidence in the institution. Close supervisory
attention is required, which means, in most cases, formal enforcement
action is necessary to address the problems.
Composite 5. Fiduciary activities are conducted in an extremely
unsafe and unsound manner. Administration of fiduciary activities is
critically deficient in numerous major respects, with problems
resulting from incompetent or neglectful administration, flagrant and/
or repeated disregard for laws and regulations, or a willful departure
from sound fiduciary principles and practices. The volume and severity
of problems are beyond management's ability or willingness to control
or correct. Such conditions evidence a flagrant disregard for the
interests of the beneficiaries and may pose a serious threat to the
soundness of the institution. Continuous close supervisory attention is
warranted and may include termination of the institution's fiduciary
activities.
Component Ratings
Each of the component rating descriptions is divided into three
sections: a narrative description of the component; a list of the
principal factors used to evaluate that component; and a description of
each numerical rating for that component. Some of the evaluation
factors are reiterated under one or more of the other components to
reinforce the interrelationship among components. The listing of
evaluation factors is in no particular order of importance.
Management. This rating reflects the capability of the board of
directors and management, in their respective roles, to identify,
measure, monitor and control the risks of an institution's fiduciary
activities. It also reflects their ability to ensure that the
institution's fiduciary activities are conducted in a safe and sound
manner, and in compliance with applicable laws and regulations.
Directors should provide clear guidance regarding acceptable risk
exposure levels and ensure that appropriate policies, procedures and
practices are established and followed. Senior fiduciary management is
responsible for developing and implementing policies, procedures and
practices that translate the board's objectives and risk limits into
prudent operating standards.
Depending on the nature and scope of an institution's fiduciary
activities, management practices may need to address some or all of the
following risks: reputation, operating or transaction, strategic,
compliance, legal, credit, market, liquidity and other risks. Sound
management practices are demonstrated by: active oversight by the board
of directors and management; competent personnel; adequate policies,
processes, and controls that consider the size and complexity of the
institution's fiduciary activities; and effective risk monitoring and
management information systems. This rating should reflect the board's
and management's ability as it applies to all aspects of fiduciary
activities in which the institution is involved.
The management rating is based upon an assessment of the capability
and performance of management and the board of directors, including,
but not limited to, the following evaluation factors:
The level and quality of oversight and support of
fiduciary activities by the board of directors and management,
including committee structure and adequate documentation of
committee actions.
The ability of the board of directors and management,
in their respective roles, to plan for, and respond to, risks that
may arise from changing business conditions or the introduction of
new activities or products.
The adequacy of, and conformance with, appropriate
internal policies, practices and controls addressing the operations
and risks of significant fiduciary activities.
The accuracy, timeliness, and effectiveness of
management information and risk monitoring systems appropriate for
the institution's size, complexity, and fiduciary risk profile.
The overall level of compliance with laws, regulations,
and sound fiduciary principles.
[[Page 54708]]
Responsiveness to recommendations from auditors and
regulatory authorities.
Strategic planning for fiduciary products and services.
The level of experience and competence of fiduciary
management and staff, including issues relating to turnover and
succession planning.
The adequacy of insurance coverage.
The availability of competent legal counsel.
The extent and nature of pending litigation associated
with fiduciary activities, and its potential impact on earnings,
capital, and the institution's reputation.
The process for identifying and responding to fiduciary
customer complaints.
Ratings. A rating of 1 indicates strong performance by management
and the board of directors and strong risk management practices
relative to the size, complexity and risk profile of the institution's
fiduciary activities. All significant risks are consistently and
effectively identified, measured, monitored, and controlled. Management
and the board are proactive, and have demonstrated the ability to
promptly and successfully address existing and potential problems and
risks.
A rating of 2 indicates satisfactory management and board
performance and risk management practices relative to the size,
complexity and risk profile of the institution's fiduciary activities.
Moderate weaknesses may exist, but are not material to the sound
administration of fiduciary activities, and are being addressed. In
general, significant risks and problems are effectively identified,
measured, monitored, and controlled.
A rating of 3 indicates management and board performance that needs
improvement or risk management practices that are less than
satisfactory given the nature of the institution's fiduciary
activities. The capabilities of management or the board of directors
may be insufficient for the size, complexity, and risk profile of the
institution's fiduciary activities. Problems and significant risks may
be inadequately identified, measured, monitored, or controlled.
A rating of 4 indicates deficient management and board performance
or risk management practices that are inadequate considering the size,
complexity, and risk profile of the institution's fiduciary activities.
The level of problems and risk exposure is excessive. Problems and
significant risks are inadequately identified, measured, monitored, or
controlled and require immediate action by the board and management to
protect the assets of account beneficiaries and to prevent erosion of
public confidence in the institution. Replacing or strengthening
management or the board may be necessary.
A rating of 5 indicates critically deficient management and board
performance or risk management practices. Management and the board of
directors have not demonstrated the ability to correct problems and
implement appropriate risk management practices. Problems and
significant risks are inadequately identified, measured, monitored, or
controlled and now threaten the continued viability of the institution
or its administration of fiduciary activities, and pose a threat to the
safety of the assets of account beneficiaries. Replacing or
strengthening management or the board of directors is necessary.
Operations, Internal Controls & Auditing. This rating reflects the
adequacy of the institution's fiduciary operating systems and internal
controls in relation to the volume and character of business conducted.
Audit coverage must assure the integrity of the financial records, the
sufficiency of internal controls, and the adequacy of the compliance
process.
The institution's fiduciary operating systems, internal controls,
and audit function subject it primarily to transaction and compliance
risk. Other risks including reputation, strategic, and financial risk
may also be present. The ability of management to identify, measure,
monitor and control these risks is reflected in this rating.
The operations, internal controls and auditing rating is based
upon, but not limited to, an assessment of the following evaluation
factors:
Operations and Internal Controls, including the adequacy of:
Staff, facilities and operating systems;
Records, accounting and data processing systems
(including controls over systems access and such accounting
procedures as aging, investigation and disposition of items in
suspense accounts);
Trading functions and securities lending activities;
Vault controls and securities movement;
Segregation of duties;
Controls over disbursements (checks or electronic) and
unissued securities;
Controls over income processing activities;
Reconciliation processes (depository, cash, vault, sub-
custodians, suspense accounts, etc.);
Disaster and/or business recovery programs;
Hold-mail procedures and controls over returned mail;
and,
Investigation and proper escheatment of funds in
dormant accounts.
Auditing, including:
The independence, frequency, quality and scope of the
internal and external fiduciary audit function relative to the
volume, character and risk profile of the institution's fiduciary
activities;
The volume and/or severity of internal control and
audit exceptions and the extent to which these issues are tracked
and resolved; and
The experience and competence of the audit staff.
Ratings. A rating of 1 indicates that operations, internal
controls, and auditing are strong in relation to the volume and
character of the institution's fiduciary activities. All significant
risks are consistently and effectively identified, measured, monitored,
and controlled.
A rating of 2 indicates that operations, internal controls and
auditing are satisfactory in relation to the volume and character of
the institution's fiduciary activities. Moderate weaknesses may exist,
but are not material. Significant risks, in general, are effectively
identified, measured, monitored, and controlled.
A rating of 3 indicates that operations, internal controls or
auditing need improvement in relation to the volume and character of
the institution's fiduciary activities. One or more of these areas are
less than satisfactory. Problems and significant risks may be
inadequately identified, measured, monitored, or controlled.
A rating of 4 indicates deficient operations, internal controls or
audits. One or more of these areas are inadequate or the level of
problems and risk exposure is excessive in relation to the volume and
character of the institution's fiduciary activities. Problems and
significant risks are inadequately identified, measured, monitored, or
controlled and require immediate action. Institutions with this level
of deficiencies may make little provision for audits, or may evidence
weak or potentially dangerous operating practices in combination with
infrequent or inadequate audits.
A rating of 5 indicates critically deficient operations, internal
controls or audits. Operating practices, with or without audits, pose a
serious threat to the safety of assets of fiduciary accounts. Problems
and significant risks are inadequately identified, measured, monitored,
or controlled and now threaten the ability of the institution to
continue engaging in fiduciary activities.
Earnings. This rating reflects the profitability of an
institution's fiduciary activities and its effect on the financial
condition of the institution. The use and adequacy of budgets and
earnings projections by functions, product lines and clients are
reviewed and evaluated.
[[Page 54709]]
Risk exposure that may lead to negative earnings is also evaluated.
An evaluation of earnings is required for all institutions with
fiduciary activities. An assignment of an earnings rating, however, is
required only for institutions that, at the time of the examination,
have total trust assets of more than $100 million, or are a non-deposit
trust company (those institutions that would be required to file
Schedule E of FFIEC 001).
For institutions where the assignment of an Earnings rating is not
required by the UITRS, the Federal supervisory agency has the option to
assign an earnings rating using an alternate set of ratings. A rating
will be assigned in accordance with implementing guidelines adopted by
the supervisory agency. The definitions for the alternate ratings are
included in the revised UITRS and may be found in the section
immediately following the definitions for the required ratings.
The evaluation of earnings is based upon, but not limited to, an
assessment of the following factors:
The profitability of fiduciary activities in relation
to the size and scope of those activities and to the overall
business of the institution.
The overall importance to the institution of offering
fiduciary services to its customers and local community.
The effectiveness of the institution's procedures for
monitoring fiduciary activity income and expense relative to the
size and scope of these activities and their relative importance to
the institution, including the frequency and scope of profitability
reviews and planning by the institution's board of directors or a
committee thereof.
For those institutions for which a rating of earnings is mandatory,
additional factors should include the following:
The level and consistency of profitability, or the lack
thereof, generated by the institution's fiduciary activities in
relation to the volume and character of the institution's business.
Dependence upon non-recurring fees and commissions,
such as fees for court accounts.
The effects of charge-offs or compromise actions.
Unusual features regarding the composition of business
and fee schedules.
Accounting practices that contain practices such as (1)
unusual methods of allocating direct and indirect expenses and
overhead, or (2) unusual methods of allocating fiduciary income and
expense where two or more fiduciary institutions within the same
holding company family share fiduciary services and/or processing
functions.
The extent of management's use of budgets, projections
and other cost analysis procedures.
Methods used for directors' approval of financial
budgets and/or projections.
Management's attitude toward growth and new business
development.
New business development efforts, including types of
business solicited, market potential, advertising, competition,
relationships with local organizations, and an evaluation by
management of risk potential inherent in new business areas.
Ratings. A rating of 1 indicates strong earnings. The institution
consistently earns a rate of return on its fiduciary activities that is
commensurate with the risk of those activities. This rating would
normally be supported by a history of consistent profitability over
time and a judgement that future earnings prospects are favorable. In
addition, management techniques for evaluating and monitoring earnings
performance are fully adequate and there is appropriate oversight by
the institution's board of directors or a committee thereof. Management
makes effective use of budgets and cost analysis procedures. Methods
used for reporting earnings information to the board of directors, or a
committee thereof, are comprehensive.
A rating of 2 indicates satisfactory earnings. Although the
earnings record may exhibit some weaknesses, earnings performance does
not pose a risk to the overall institution nor to its ability to meet
its fiduciary obligations. Generally, fiduciary earnings meet
management targets and appear to be at least sustainable. Management
processes for evaluating and monitoring earnings are generally
sufficient in relationship to the size and risk of fiduciary activities
that exist, and any deficiencies can be addressed in the normal course
of business. A rating of 2 may also be assigned to institutions with a
history of profitable operations if there are indications that
management is engaging in activities with which it is not familiar, or
where there may be inordinately high levels of risk present that have
not been adequately evaluated. Alternatively, an institution with
otherwise strong earnings performance may also be assigned a 2 rating
if there are significant deficiencies in its methods used to monitor
and evaluate earnings.
A rating of 3 indicates less than satisfactory earnings. Earnings
are not commensurate with the risk associated with the fiduciary
activities undertaken. Earnings may be erratic or exhibit downward
trends, and future prospects are unfavorable. This rating may also be
assigned if management processes for evaluating and monitoring earnings
exhibit serious deficiencies, provided the deficiencies identified do
not pose an immediate danger to either the overall financial condition
of the institution or its ability to meet its fiduciary obligations.
A rating of 4 indicates earnings that are seriously deficient.
Fiduciary activities have a significant adverse effect on the overall
income of the institution and its ability to generate adequate capital
to support the continued operation of its fiduciary activities. The
institution is characterized by fiduciary earnings performance that is
poor historically, or faces the prospect of significant losses in the
future. Management processes for monitoring and evaluating earnings may
be poor. The board of directors has not adopted appropriate measures to
address significant deficiencies.
A rating of 5 indicates critically deficient earnings. In general,
an institution with this rating is experiencing losses from fiduciary
activities that have a significant negative impact on the overall
institution, representing a distinct threat to its viability through
the erosion of its capital. The board of directors has not implemented
effective actions to address the situation.
Alternate Rating of Earnings. Alternate ratings are assigned based
on the level of implementation of four minimum standards by the board
of directors and management.
These standards are:
Standard No. 1--The institution has reasonable methods
for measuring income and expense commensurate with the volume and
nature of the fiduciary services offered.
Standard No. 2--The level of profitability is reported
to the board of directors, or a committee thereof, at least
annually.
Standard No. 3--The board of directors periodically
determines that the continued offering of fiduciary services
provides an essential service to the institution's customers or to
the local community.
Standard No. 4--The board of directors, or a committee
thereof, reviews the justification for the institution to continue
to offer fiduciary services even if the institution does not earn
sufficient income to cover the expenses of providing those services.
Ratings. A rating of 1 may be assigned where an institution has
implemented all four minimum standards. If fiduciary earnings are
lacking, management views this as a cost of doing business as a full
service institution and believes that the negative effects of not
offering fiduciary services are more significant than the expense of
administrating those services.
A rating of 2 may be assigned where an institution has implemented,
at a minimum, at least three of the four standards. This rating may be
assigned if the institution is not generating positive earnings or
where formal
[[Page 54710]]
earnings information may not be available.
A rating of 3 may be assigned if the institution has implemented at
least two of the four standards. While management may have attempted to
identify and quantify other revenue to be earned by offering fiduciary
services, it has decided that these services should be offered as a
service to customers, even if they cannot be operated profitably.
A rating of 4 may be assigned if the institution has implemented
only one of the four standards. Management has undertaken little or no
effort to identify or quantify the collateral advantages, if any, to
the institution from offering fiduciary services.
A rating of 5 may be assigned if the institution has implemented
none of the standards.
Compliance. This rating reflects an institution's overall
compliance with applicable laws, regulations, accepted standards of
fiduciary conduct, governing account instruments, duties associated
with account administration, and internally established policies and
procedures. This component specifically incorporates an assessment of a
fiduciary's duty of undivided loyalty and compliance with applicable
laws, regulations, and accepted standards of fiduciary conduct related
to self-dealing and other conflicts of interest.
The compliance component includes reviewing and evaluating the
adequacy and soundness of adopted policies, procedures, and practices
generally, and as they relate to specific transactions and accounts. It
also includes reviewing policies, procedures, and practices to evaluate
the sensitivity of management and the board of directors to refrain
from self-dealing, minimize potential conflicts of interest, and
resolve actual conflict situations in favor of the fiduciary account
beneficiaries.
Risks associated with account administration are potentially
unlimited because each account is a separate contractual relationship
that contains specific obligations. Risks associated with account
administration include: failure to comply with applicable laws,
regulations or terms of the governing instrument; inadequate account
administration practices; and inexperienced management or inadequately
trained staff. Risks associated with a fiduciary's duty of undivided
loyalty generally stem from engaging in self-dealing or other conflict
of interest transactions. An institution may be exposed to compliance,
strategic, financial and reputation risk related to account
administration and conflicts of interest activities. The ability of
management to identify, measure, monitor and control these risks is
reflected in this rating. Policies, procedures and practices pertaining
to account administration and conflicts of interest are evaluated in
light of the size and character of an institution's fiduciary business.
The compliance rating is based upon, but not limited to, an
assessment of the following evaluation factors:
Compliance with applicable federal and state statutes
and regulations, including, but not limited to, federal and state
fiduciary laws, the Employee Retirement Income Security Act of 1974,
federal and state securities laws, state investment standards, state
principal and income acts, and state probate codes;
Compliance with the terms of governing instruments;
The adequacy of overall policies, practices, and
procedures governing compliance, considering the size, complexity,
and risk profile of the institution's fiduciary activities;
The adequacy of policies and procedures addressing
account administration;
The adequacy of policies and procedures addressing
conflicts of interest, including those designed to prevent the
improper use of ``material inside information'';
The effectiveness of systems and controls in place to
identify actual and potential conflicts of interest;
The adequacy of securities trading policies and
practices relating to the allocation of brokerage business, the
payment of services with ``soft dollars'' and the combining,
crossing, and timing of trades;
The extent and permissibility of transactions with
related parties, including, but not limited to, the volume of
related commercial and fiduciary relationships and holdings of
corporations in which directors, officers, or employees of the
institution may be interested;
The decision making process used to accept, review, and
terminate accounts; and,
The decision making process related to account
administration duties, including cash balances, overdrafts, and
discretionary distributions.
Ratings. A rating of 1 indicates strong compliance policies,
procedures and practices. Policies and procedures covering conflicts of
interest and account administration are appropriate in relation to the
size and complexity of the institution's fiduciary activities. Accounts
are administered in accordance with governing instruments, applicable
laws and regulations, sound fiduciary principles, and internal policies
and procedures. Any violations are isolated, technical in nature and
easily correctable. All significant risks are consistently and
effectively identified, measured, monitored and controlled.
A rating of 2 indicates fundamentally sound compliance policies,
procedures and practices in relation to the size and complexity of the
institution's fiduciary activities. Account administration may be
flawed by moderate weaknesses in policies, procedures or practices.
Management's practices indicate a determination to minimize the
instances of conflicts of interest. Fiduciary activities are conducted
in substantial compliance with laws and regulations, and any violations
are generally technical in nature. Management corrects violations in a
timely manner and without loss to fiduciary accounts. Significant risks
are effectively identified, measured, monitored, and controlled.
A rating of 3 indicates compliance practices that are less than
satisfactory in relation to the size and complexity of the
institution's fiduciary activities. Policies, procedures and controls
have not proven effective and require strengthening. Fiduciary
activities may be in substantial noncompliance with laws, regulations
or governing instruments, but losses are no worse than minimal. While
management may have the ability to achieve compliance, the number of
violations that exist, or the failure to correct prior violations, are
indications that management has not devoted sufficient time and
attention to its compliance responsibilities. Risk management practices
generally need improvement.
A rating of 4 indicates an institution with deficient compliance
practices in relation to the size and complexity of its fiduciary
activities. Account administration is notably deficient. The
institution makes little or no effort to minimize potential conflicts
or refrain from self-dealing, and is confronted with a considerable
number of potential or actual conflicts. Numerous substantive and
technical violations of laws and regulations exist and many may remain
uncorrected from previous examinations. Management has not exerted
sufficient effort to effect compliance and may lack the ability to
effectively administer fiduciary activities. The level of compliance
problems is significant and, if left unchecked, may subject the
institution to monetary losses or reputation risk. Risks are
inadequately identified, measured, monitored and controlled.
A rating of 5 indicates critically deficient compliance practices.
Account administration is critically deficient or incompetent and there
is a flagrant disregard for the terms of the governing instruments and
interests of account beneficiaries. The institution frequently engages
in transactions that compromise
[[Page 54711]]
its fundamental duty of undivided loyalty to account beneficiaries.
There are flagrant or repeated violations of laws and regulations and
significant departures from sound fiduciary principles. Management is
unwilling or unable to operate within the scope of laws and regulations
or within the terms of governing instruments and efforts to obtain
voluntary compliance have been unsuccessful. The severity of
noncompliance presents an imminent monetary threat to account
beneficiaries and creates significant legal and financial exposure to
the institution. Problems and significant risks are inadequately
identified, measured, monitored, or controlled and now threaten the
ability of management to continue engaging in fiduciary activities.
Asset Management. This rating reflects the risks associated with
managing the assets (including cash) of others. Prudent portfolio
management is based on an assessment of the needs and objectives of
each account or portfolio. An evaluation of asset management should
consider the adequacy of processes related to the investment of all
discretionary accounts and portfolios, including collective investment
funds, proprietary mutual funds, and investment advisory arrangements.
The institution's asset management activities subject it to
reputation, compliance and strategic risks. In addition, each
individual account or portfolio managed by the institution is subject
to financial risks such as market, credit, liquidity, and interest rate
risk, as well as transaction and compliance risk. The ability of
management to identify, measure, monitor and control these risks is
reflected in this rating.
The asset management rating is based upon, but not limited to, an
assessment of the following evaluation factors:
The adequacy of overall policies, practices and
procedures governing asset management, considering the size,
complexity and risk profile of the institution's fiduciary
activities.
The decision making processes used for selection,
retention and preservation of discretionary assets including
adequacy of documentation, committee review and approval, and a
system to review and approve exceptions.
The use of quantitative tools to measure the various
financial risks in investment accounts and portfolios.
The existence of policies and procedures addressing the
use of derivatives or other complex investment products.
The adequacy of procedures related to the purchase or
retention of miscellaneous assets including real estate, notes,
closely held companies, limited partnerships, mineral interests,
insurance and other unique assets.
The extent and adequacy of periodic reviews of
investment performance, taking into consideration the needs and
objectives of each account or portfolio.
The monitoring of changes in the composition of
fiduciary assets for trends and related risk exposure.
The quality of investment research used in the
decision-making process and documentation of the research.
The due diligence process for evaluating investment
advice received from vendors and/or brokers (including approved or
focus lists of securities).
The due diligence process for reviewing and approving
brokers and/or counter parties used by the institution.
This rating may not be applicable for some institutions because
their operations do not include activities involving the management of
any discretionary assets. Functions of this type would include, but not
necessarily be limited to, directed agency relationships, securities
clearing, non-fiduciary custody relationships, transfer agent and
registrar activities. In institutions of this type, the rating for
Asset Management may be omitted by the examiner in accordance with the
examining agency's implementing guidelines. However, this component
should be assigned when the institution provides investment advice,
even though it does not have discretion over the account assets. An
example of this type of activity would be where the institution selects
or recommends the menu of mutual funds offered to participant directed
401(k) plans.
Ratings. A rating of 1 indicates strong asset management practices.
Identified weaknesses are minor in nature. Risk exposure is modest in
relation to management's abilities and the size and complexity of the
assets managed.
A rating of 2 indicates satisfactory asset management practices.
Moderate weaknesses are present and are well within management's
ability and willingness to correct. Risk exposure is commensurate with
management's abilities and the size and complexity of the assets
managed. Supervisory response is limited.
A rating of 3 indicates that asset management practices are less
than satisfactory in relation to the size and complexity of the assets
managed. Weaknesses may range from moderate to severe; however, they
are not of such significance as to generally pose a threat to the
interests of account beneficiaries. Asset management and risk
management practices generally need to be improved. An elevated level
of supervision is normally required.
A rating of 4 indicates deficient asset management practices in
relation to the size and complexity of the assets managed. The levels
of risk are significant and inadequately controlled. The problems pose
a threat to account beneficiaries generally, and if left unchecked, may
subject the institution to losses and could undermine the reputation of
the institution.
A rating of 5 represents critically deficient asset management
practices and a flagrant disregard of fiduciary duties. These practices
jeopardize the interests of account beneficiaries, subject the
institution to losses, and may pose a threat to the soundness of the
institution.
Dated: October 7, 1998
Keith J. Todd,
Executive Secretary, Federal Financial Institutions Examination
Council.
[FR Doc. 98-27328 Filed 10-9-98; 8:45 am]
BILLING CODE 6210-01-P 25%, 6720-01-P 25%, 6714-01-P 25%, 4810-33-P 25%