The Federal Financial Institutions Examination Council (FFIEC) has issued the attached statement to supplement previously issued interagency statements on Year 2000 readiness. The guidance addresses frequently asked questions about material in those statements. The statement focuses on requests for further clarification of the April 1998 interagency statement "Guidance Concerning Testing for Year 2000 Readiness." The answers provided are intended to address testing issues in general terms. Institution-specific queries should be directed to your Federal Deposit Insurance Corporation (FDIC) Division of Supervision Regional Office. The FDIC considers the testing phase the most critical stage of the Year 2000 project management process. Failure to properly identify and correct remediation errors and omissions could affect the viability of a financial institution. The FDIC acknowledges that each financial institution is unique and that the institution's management is in the best position to judge what testing strategies and plans are appropriate. This decision should be made after considering the size of the institution, the complexity of its operation, and an acceptable level of business risk exposure. The FDIC expects each financial institution to meet the following key milestones in the Year 2000 testing process by the date indicated:
In addition, your institution's activities regarding customer risk are subject to the following deadlines:
Other topics addressed in the question and answer statement include data processing system or service provider conversions, external review of the project management process, infrastructure risk involving telecommunications and power suppliers, service provider and software vendor assessments, and contingency planning. Institutions should refer to the seven previously issued FFIEC Interagency Statements addressing Year 2000 readiness for a comprehensive discussion of these topics. Management is encouraged to actively utilize the services of its internal audit process and external audit programs. A well-coordinated review and reporting process should substantially lessen the risk that problems will go undetected. The FDIC and state banking authorities will continue to review the efforts of all FDIC-supervised banks to become Year 2000 ready. An institution's failure to appropriately address Year 2000 readiness problems may result in supervisory action, including formal and informal enforcement actions, denials of applications filed pursuant to the Federal Deposit Insurance Act, civil money penalties, reductions in the institution's management component or composite ratings, and increased risk-related premiums. The attached interagency statement and related information on Year 2000 issues are available on the Internet via the World Wide Web at /news/financial-institution-letters/ or http://www.ffiec.gov .
Distribution: FDIC-Supervised Banks (Commercial and Savings) NOTE: Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 801 17th Street, NW, Room 100, Washington, DC 20434 (800-276-6003 or (703) 562-2200). |