The Federal Reserve on December 20 issued its proposal to implement heightened prudential requirements for the largest US financial institutions as a result of the ongoing financial crisis. These institutions will have to design and implement compliance, recordkeeping and reporting procedures for the new standards in addition to the multitude of new restrictions imposed by such reforms as the Volcker Rule. The following summarizes the new proposal, identifies the portions applicable to various types of covered financial institutions and outlines the various requirements applicable to each type. Covered institutions may take some solace, though perhaps not much, in the fact that many of the requirements are consistent with emerging international standards for supervision of large financial companies.
The Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”) requires that the Board of Governors of the Federal Reserve System (“Federal Reserve”) impose enhanced supervisory requirements on the largest bank holding companies – in general, those with at least $50 billion, but with respect to certain requirements, those with at least $10 billion assets – and those nonbank financial companies designated as requiring supervision as though they were bank holding companies.  The Federal Reserve’s proposal (the “Proposal”) provides detail on how several of the requirements would be implemented.  Comments are due by March 31, 2012.
The Proposal is notable for what it does not require. In this sense it is an exception to the general run of proposals to implement Dodd-Frank such as the Volcker Rule proposal, which carries compliance and reporting requirements to the extreme. In many cases the Federal Reserve has chosen to hold its fire in the Proposal, apparently in order to gain more insight into the effect of all of the new requirements before imposing more of them. In that sense, the Proposal is salutary. Thus:
- 1. The Proposal has no requirement to immediately comply with the new capital adequacy regime and liquidity requirements promulgated by the Basel Committee on Bank Supervision (“BCBS”), commonly known as “Basel III”. This is delayed until all of the bank regulatory agencies agree on the adoption of Basel III and a phase-in schedule for US institutions, which is generally expected to be consistent with the target timetable set by the BCBS.
- 2. The Federal Reserve is authorized, but not required, to impose requirements that the largest institutions issue contingent capital, make specific public disclosures, and comply with limits on their short-term debt. It chose not to do so, leaving such issues for another day.
- 3. The Proposal does not apply to non-US banking institutions except it does generally apply to intermediate US bank holding companies or subsidiary State member banks of non-US institutions, noting that application of the requirements to non-US institutions outside of the US based bank holding company is “difficult”. The requirements applicable to non-US institutions generally will be issued “shortly”. 
- 4. The Proposal only applies one set of requirements — to conduct stress tests — to large savings and loan holding companies (“SLHCs”) (that are not otherwise designated as SIFIs), which became subject to Federal Reserve supervision last July pursuant to another provision of Dodd-Frank. And even those requirements have been delayed until the Federal Reserve adopts capital adequacy requirements for SLHCs. 
- 5. The Proposal would apply in general terms to non-bank financial institutions (e.g., insurance companies, securities companies, and captive finance companies) that are to be designated as systemically important (called “SIFIs”), and thereby become subject to Federal Reserve supervision, by the Financial Stability Oversight Council (“FSOC”), another Dodd-Frank creation. However, no such institutions have yet been designated; the mechanism for making those designations has been proposed and may be finalized shortly.  The Proposal indicates that some adjustments will be needed in order to cover SIFIs in order to take into account industry or institution-specific business models, capital structure and risk profiles.
The intent of this particular Dodd-Frank requirement is to accomplish two ends: to strengthen existing supervisory requirements imposed on all bank holding companies with at least $50 billion in total assets in order to address the “too-big-to-fail” issue for the largest ones, and to incorporate systemic considerations into those requirements so as to reduce threats posed by the largest companies to the stability of the financial system as a whole. If the Proposal is adopted in its original form, the entire scope of enhanced regulatory and supervisory requirements applicable to the largest institutions will become clearer. The requirement to prepare a “living will” pursuant to Dodd-Frank has already been adopted in final form, and the authority to resolve SIFIs pursuant to Title II of Dodd-Frank and the capital plan requirement for large bank holding companies are in effect. However, other requirements — perhaps most importantly, the Volcker Rule as well as credit exposure reporting requirements — remain to be finalized. Until all these requirements are in place, the effect of Dodd-Frank on the largest institutions, and whether it deals effectively with the “too-big-to-fail” issue, will remain hazy.
Following is a summary of the particular types of requirements that would be imposed by the Proposal on the largest institutions, a listing of the requirements that apply to particular types of institutions, and the information-gathering that each type of institution will have to perform in order to comply with each of the particular requirement types.
There are seven specific types of requirements:
As noted above, the Proposal does not immediately impose the Basel III regime for risk-based capital and leverage but indicates that the Federal Reserve expects to do so, and to include the additional capital surcharge for so-called global systemically important banks (“G-SIBs”) and other requirements, including capital conservation measures, recommended by the BCBS on internationally agreed timetables. However, until that regime is in place, covered institutions are required to comply with the existing requirement for large bank holding companies to prepare a capital plan annually. The Federal Reserve issued its regulation requiring capital plans in November. 
The plan must show that the institution has a forward-looking capital planning process tailored to the particular risks of its businesses and that the institution would be able to maintain capital above minimum regulatory capital ratios and a tier 1 common equity ratio in excess of 5 percent over a nine-quarter planning horizon under both expected and stressed conditions. Failure to prepare a plan satisfactory to the Federal Reserve would cause the institution to face limits on its ability to make capital distributions. Plans would have to be submitted on a set schedule geared to the conduct of capital stress tests, outlined below. Covered institutions would be expected to integrate their capital planning process with their stress test process so that the test results can be addressed in the plan.
Non-bank SIFIs would have to comply with the capital requirements within six months of being designated by FSOC and would have to submit capital plans for the calendar year in which designated if the designation occurs on or before March 30.
The Proposal requires that covered institutions prepare a liquidity plan and conduct stress tests for liquidity in a manner similar to the requirement for capital adequacy above. Once finalized by the BCBS and implemented by the US banking agencies, the quantitative liquidity requirements of Basel III are expected to supplement the requirements established by the Proposal (at least for a subset of covered financial companies). Under Basel III, the shorter term liquidity standards (the “Liquidity Coverage Ratio”) is due to come into effect by 2015 and the longer term liquidity standard (the “Net Stable Funding Ratio”) is due to come into effect by 2018.
In the meantime, covered institutions would have to (a) comply with existing regulatory guidance on liquidity management, (b) conduct stress tests at least monthly to measure their liquidity needs at overnight, 30-day, 90-day and one-year intervals during times of instability, and (c) hold certain eligible liquid and unencumbered assets sufficient to cover 30-day stressed net cash outflows under their scenarios (i.e., a “liquidity buffer”). They would have to establish liquidity risk tolerances and monitor compliance with those tolerances, and maintain contingency liquidity plans in the event of serious problems.
Single-Counterparty Credit Limits
Dodd-Frank requires that large institutions limit their total aggregate net credit exposure on a consolidated basis to counterparties to 25 percent of an institution’s total capital. This requirement constitutes the largest single portion of the Proposal; the amount of detail needed in order to implement the requirement begins to rival the Volcker Rule proposal.
It provides for a definition of “exposures” for this purpose, permitted reductions in total exposures due to the existence of collateral and other risk-mitigation techniques, and exclusions from coverage for certain exposures. Because Dodd-Frank does not define the key term “credit exposure,” the Federal Reserve has a relatively free hand to define it for purposes of these limits as it believes appropriate.  The Proposal also defines consolidated organizations, both for the large institutions and for the counterparties, as entities that are consolidated for accounting purposes or of which the parent owns or controls 25 percent or more of a class of stock or 25 percent or more of total equity. 
The Proposal would also impose a lower limit for the very largest institutions of 10 percent for exposures to other very-largest institutions (defined as designated SIFIs and banking institutions, including foreign banks not yet subject to these rules, with $500 billion or more in total assets). Dodd-Frank authorizes the Federal Reserve to impose a limit lower than 25 percent, and the rationale for this decision is to limit the interconnectedness of these very largest institutions. It appears that fewer than 10 US institutions would currently be in this category.
The counterparty credit limits would have to be complied with on a daily basis and monthly reports would need to be prepared demonstrating daily compliance.
Risk Management and Risk Committee Requirements
Covered institutions would have to adopt enterprise-wide risk management practices and establish a committee of the board of directors charged with the responsibility to oversee the program. The committee chair would have to satisfy independence requirements and at least one member must have appropriate levels of expertise and stature. The committee would also have responsibility for monitoring compliance with the capital, liquidity and stress test requirements of the Proposal.
Stress Testing Requirements — Supervisory and Internal
Two types of stress test would have to be conducted regularly: (i) supervisory stress tests, for which each institution would have to gather specified information and provide it to regulatory agencies to run an annual stress test and (ii) internal stress tests, in which each institution must conduct its own stress test on either an annual or semi-annual basis and report the results to the appropriate regulatory agency.
The supervisory stress test would be based on an institution’s financial data as of September 30. The format for the information, which would be prepared by the institution, remains to be developed. The Federal Reserve would then process the data based on a minimum of three different possible sets of economic and financial scenarios – baseline, adverse, and severely adverse – prepared by the Federal Reserve and report the results back to the institution by early March of the following year. A summary of the results would be publicly available by mid-April. The institution would be expected to incorporate the results in that year’s capital plan.
The internal stress test would be based on the institution’s own program based on its view of the risks faced by its businesses, using the Federal Reserve’s economic and financial scenarios (and for the largest institutions also using scenarios generated by the institution itself) issued by mid-November and showing the pro forma effects under each scenario for at least nine calendar quarters. The institution’s program is expected to be tailored to its particular businesses and risks, unlike the supervisory stress test, which would be generally uniform across all institutions. The results would be reported to the Federal Reserve by January 5 of each year, which would comment on them and, again, expect that they will be incorporated into that year’s capital plan. For certain larger institutions, tests would also have to be conducted semi-annually, with the mid-year stress test reported to the Federal Reserve by July 5.
Consistent with Dodd-Frank, covered institutions would not have to comply with new statutory limits on the ratio of debt-to-equity (set at 15-to-1) unless the FSOC were to notify the Federal Reserve that a particular institution poses a “grave threat” to US financial stability and imposition of the limit is deemed necessary to mitigate the risk that the institution poses. Thus, this authority is likely to be used sparingly.
Early Remediation Framework
Similar to the debt-to-equity limit, the requirements for early remediation of a significant problem are not automatically applicable and would not typically be imposed unless the institution is in a financially vulnerable state. The Proposal sets out a system of early warning signs (or designated “triggering events”) that an institution is in financial difficulty and a list of requirements and actions that would have to be taken if certain of those warning signs are triggered, with an elaborate set of requirements that would apply depending on how serious the institution’s difficulties seem to be. The first level of remediation is for the Federal Reserve to conduct a targeted supervisory review of the institution to determine whether it is in fact experiencing financial distress. Three additional levels would require increasingly stringent actions such as limiting capital distributions, growth in total assets, and the like.
Various of the types of requirements listed above apply to different classes of large institutions. Following is the breakdown of classes of institutions and the types of requirements applicable to each one.
Bank Holding Companies with Total Assets Equal to or Greater than $50 Billion and non-bank SIFIs
All of the requirements described above would apply to bank holding companies with total assets equal to or greater than $50 billion and non-bank SIFIs designated by the FSOC.  The amount of bank holding company assets is based on the average of a bank holding company’s four most recent quarterly reports to the Federal Reserve. The special single-party exposure limit of 10 percent would apply to those bank holding companies with total assets of $500 billion or more and to non-bank SIFIs.
Bank Holding Companies with Total Assets Greater than $10 Billion
Those bank holding companies with less than $50 billion but more than $10 billion in total assets, and are publicly traded, would have to comply with the risk management requirements. Also, those bank holding companies with less than $50 billion but more than $10 billion in total assets, whether or not publicly traded, would have to comply with the annual internal stress test requirement (the internal semi-annual stress test and the supervisory stress test requirement would not apply unless the bank holding company has at least $50 billion in assets). Dodd-Frank requires that the stress test provisions apply to any “financial entity” exceeding the $10 billion threshold subject to a bank regulatory agency’s jurisdiction.
State Member Banks with Total Assets Greater than $10 Billion
As with bank holding companies with more than $10 billion, the internal annual stress test requirement would apply to State banks that are members of the Federal Reserve System and have more than $10 billion in total assets. The Proposal indicates that the Federal Reserve has “consulted” with the Comptroller of the Currency, which regulate national banks, and the Federal Deposit Insurance Corporation, which regulates State banks insured by the FDIC and not Federal Reserve members, implying that those agencies will likely issue a similar requirement applicable to their institutions. 
SLHCs with Total Assets Greater than $10 Billion
As with bank holding companies with more than $10 billion, SLHCs with more than $10 billion will be subject to the internal stress test requirement. However, compliance is suspended until the Federal Reserve imposes capital adequacy requirements on SLHCs.
Tasks and Information
Each of the types of requirements imposed by the Proposal would require covered institutions to take a wide range of actions and obtain a large amount of information in order to be in compliance and prepare the requisite plans and reports. Following is a listing of the major tasks and categories of information that each requirement appears to require.
Capital Planning 
- Assessment of expected uses and sources of capital over the planning horizon, including estimates of projected revenues, losses, reserves and pro forma capital levels under expected conditions and under a range of stressed scenarios, how the institution will maintain above a pro forma 5 percent tier 1 common ratio over those scenarios and any planned capital actions
- Description of the institution’s process for assessing capital adequacy, including its plans to maintain capital and ready access to funding
- Capital policy and any expected changes to the institution’s business plan
- Data on financial condition, including off-balance-sheet exposures and other exposures sensitive to changes in market factors
- Risk management policies and procedures
- Liquidity profile and management
- Development of a liquidity program
- Contingency plan for liquidity in emergency situations
- Review and approval by the Risk Committee of the Board of Directors of the program and of regular reports on compliance, and of the liquidity costs of any new product or business line of the institution
- Detailed cash flow projections, including by business line, legal entity, or jurisdiction as appropriate
- Independent review function
- Stress test of the liquidity plan at least monthly
- Creation of a liquidity buffer, sufficient to meet projected cash needs over a range of liquidity stress scenarios for 30 days if existing funding sources are lost
- Development of a contingency funding plan to manage a liquidity stress event
- System to monitor liquidity status
- Development of system to calculate gross credit exposures to each counterparty (including all subsidiaries) and collateral and other transactions that are allowed to be deducted from a gross credit exposure
- System to assign market values on a daily basis to collateral and other transactions that are deducted from gross credit exposure
- System to apply conversion factor matrix to OTC derivative contracts and collateral haircuts to transactions and collateral that are deducted
- System to prepare report showing daily compliance with the limit to be submitted to the Federal Reserve monthly
- Appointment of risk management committee of the board of directors chaired by an independent director with at least one member with risk management expertise
- Preparation of risk management framework to be supervised by the committee
- Appointment of chief risk officer
Supervisory Stress Test
- System to obtain data for submission to the Federal Reserve to support the Federal Reserve’s conduct of the stress test
- Arrangement to incorporate results of test into capital plan
Internal Stress Test
- Develop stress test program appropriate to institution’s risk profile, lines of business, etc.
- Arrangement to report results of test to the Federal Reserve and to incorporate results into capital plan
- System to monitor status with respect to the remediation triggering events
The likely effect of the Proposal, if adopted in generally this form, is unclear. In many cases, the largest US institutions already engage in the practices that would be mandated. For example, stress tests in some form are generally standard practice at least for the largest institutions previously subject to Federal Reserve initiated tests, as are liquidity management and contingency planning, risk management practices and the like. Also, the exposure limit is likely not to be restrictive on the largest institutions. For some of them, 25 percent of capital equals $30 billion or so, and it is hard to believe that any institution would have an unsecured exposure to any counterparty at that level, other than the US Government, which is exempt from this limit. However, the specific details of the Proposal may require significant changes in automated systems for monitoring and recording the institution’s activities and in operating procedures. The greater challenge is for non-bank financial companies designated as SIFIs to modify their practices and, indeed, their cultures to accommodate a new regime that will treat them as close substitutes for banks. Institutions should study the details of the Proposal to determine how great the changes would be and prepare comments accordingly.
The existence of the debt-limitation and early intervention authorities generally do not appear to require significant changes in systems or operations as a routine matter. However, institutions will need to consider the extent to which they discuss the possible effect of this authority on their disclosures to investors and others.
 Dodd-Frank is at Pub. L. No. 111-203, 124 Stat. 1376 (2010). The provisions authorizing the Proposal are at Sections 165 and 166, codified at 12 USC. §§ 5365, 5366.
 The Proposal can be found at www.federalreserve.gov/newsevents/press/bcreg/20111220a.htm.
 Proposal at page 11. Non-US banks with an intermediate US holding company that relies on a Federal Reserve rule allowing capital to be based on the parent bank are not subject to the capital-related and single-counterparty credit limit requirements until 2015. However, they would immediately be subject to the liquidity requirements, risk management requirements and debt-to-equity limit for companies that pose a “grave threat.”
 Proposal at page 12. The Proposal also states that the other enhanced-supervision requirements will be applied to large SLHCs with substantial banking operations in the future.
 If you are interested in reading more about the FSOC proposal, you may wish to consult our client publication, “The FSOC Re-Proposal of Rules for Designating SIFIs: Something Old and Something New” (Oct. 25, 2011).
 See the final regulation, codified at Section 225.8 of Regulation Y, at 76 Fed. Reg. 74631 (Dec. 1, 2011). The regulation applies to US bank holding companies with at least $50 billion in assets. Initial capital plans for covered bank holding companies are due on January 9, 2012.
 The term “credit exposure” is also used in other parts of Dodd-Frank without definition. It would likely reduce the complexity of understanding and complying with many of the Dodd-Frank regulations if the regulatory agencies were to define the term consistently in all of those parts, but whether they do so remains to be seen. For a discussion of this point, you may wish to review our client memorandum, “Dodd-Frank Act: Derivatives as Credit Extensions of Banks” (Aug. 16, 2010).
 The Proposal explicitly states that it does not incorporate the Federal Reserve’s full-blown control analysis for this purpose in order to avoid complexity. Determination of control under Federal Reserve precedent is very fact-specific and can, in many cases, be an extremely daunting exercise.
 The existing capital plan requirement applies to a US intermediate bank holding company controlled by a non-US bank unless the non-US bank took advantage of a 2001 Federal Reserve policy permitting such a company to rely on the parent bank’s capital, in which case the requirement does not apply until 2015.
 Proposal at p. 9, note 18. The Proposal states that it does not apply to non-US banks except to the extent they have intermediate US bank holding companies (page 6). However, a State member bank of the requisite size that is controlled by a non-US bank and not held through a US bank holding company would be subject to these requirements.
 The Proposal does not delineate the requirements for capital planning because of its incorporation of the existing capital plan requirement adopted in November (see note 8 above). Accordingly, the items below are based on the November requirement.