Office of the Comptroller of the Currency - Ensuring a Safe and Sound Federal Banking System for All Americans Site Map | Text Size: S M L

To: Chief Executive Officers of All National Banks and Federal Savings Associations, Federal Branches and Agencies, Department and Division Heads, All Examining Personnel, and Other Interested Parties

Description: Notice of Proposed Rulemaking


The Office of the Comptroller of the Currency (OCC) has issued a notice of proposed rulemaking that would establish minimum standards for the design and implementation of a risk governance framework (framework) for large insured national banks, insured federal savings associations, and insured federal branches of foreign banks with average total consolidated assets of $50 billion or more (covered banks). The proposal also would establish minimum standards for an institution’s board of directors (board) in overseeing the framework’s design and implementation. Both sets of standards are issued pursuant to a federal statute that authorizes the OCC to prescribe, by guideline, operational and managerial standards for national banks and federal savings associations. The standards (referred to in this bulletin as guidelines) would be enforceable under the terms of that same statute.

In addition, as part of the agency’s ongoing efforts to integrate the regulations of both the OCC and the former Office of Thrift Supervision (OTS), the OCC is requesting comment on its proposal to make 12 CFR 30 and all of its respective appendixes applicable to federal savings associations and to remove part 170 of the OCC’s regulations as unnecessary. Parts 30 and 170 both implement the federal statute that authorizes the OCC’s issuance of the guidelines and are nearly identical, except that part 30 includes an appendix governing residential mortgage lending.

The comment period for the proposed rule ends March 28, 2014.


Risk Governance Framework

  • The proposal sets out the roles and responsibilities for the organizational units that are fundamental to the design and implementation of the framework. These units are front line units, independent risk management, and internal audit. Together they should establish an appropriate system to control risk taking. These units should also ensure that the board has sufficient information on a covered bank’s risk profile and risk management practices to provide credible challenges to management’s recommendations and decisions when appropriate.
  • The proposal provides that a covered bank should have a comprehensive written statement that articulates its risk appetite and serves as a basis for the framework (i.e., risk appetite statement). The term risk appetite refers to the aggregate level and types of risk that the board and management are willing to assume to achieve a covered bank’s strategic objectives and business plan, consistent with applicable capital, liquidity, and other regulatory requirements. The risk appetite statement should include both qualitative components and quantitative limits. The qualitative components of the risk appetite statement should describe a safe and sound risk culture and how a covered bank will assess and accept risks, including those that are difficult to quantify, on a consistent basis throughout the institution. Quantitative limits should incorporate sound stress testing processes, as appropriate, and should address a covered bank’s earnings, capital, and liquidity positions.

Board of Directors

  • The proposal provides that each member of the board has a duty to oversee a covered bank’s compliance with safe and sound banking practices. Consistent with this duty, the board should ensure that the covered bank establishes and implements an effective framework that complies with the guidelines. The board or its risk committee should also approve any changes to the framework.
  • The proposal provides that the board should actively oversee a covered bank’s risk-taking activities and hold management accountable for adhering to the framework. The board should also evaluate management’s recommendations and decisions by questioning, challenging, and, when necessary, opposing management’s proposed actions that could cause the covered bank’s risk profile to exceed its risk appetite or threaten the institution’s safety and soundness.
  • The proposal provides that at least two members of a covered bank’s board should be independent, i.e., they should not be members of the bank’s or the parent company’s management.

Enforceability of the Guidelines

  • The proposed guidelines would be enforceable pursuant to section 39 of the Federal Deposit Insurance Act (FDIA), 12 USC 1831p-1. If a covered bank fails to meet a standard prescribed by the guidelines, the OCC may require the institution to submit a plan specifying the steps it will take to comply with the standard. The OCC may issue an order enforceable under section 8 of the FDIA, 12 USC 1818(b), if an institution, after being notified that it is in violation of a standard, fails to submit an acceptable compliance plan or fails materially to comply with an OCC-approved plan.

Note for Community Banks

The proposed guidelines would generally apply to large banks with average total consolidated assets of $50 billion or more. As such, the proposed guidelines would not apply to community banks.

The OCC proposes to make part 30 and all of its respective appendixes applicable to all federal savings associations, including community banks. Appendixes A, B, and C to part 30 are currently applicable to national banks. Appendixes A and B to 12 CFR 170, which were issued on an interagency basis and currently apply to federal savings associations, are comparable to appendixes A and B to part 30. The proposal would apply appendix C to part 30, which contains guidelines for residential mortgage lending, to federal savings associations. The OCC also proposes to remove part 170, as it will no longer be necessary.


The financial crisis and the accompanying legislative response enacted in the Dodd-Frank Wall Street Reform and Consumer Protection Act of 20101 (Dodd-Frank) highlight the importance of strong bank supervision and regulation of the financial system. In particular, large, complex institutions that may have a significant impact on capital markets and the economy warrant enhanced supervision and regulation.

Following the financial crisis, the OCC developed a set of “heightened expectations” to enhance its supervision and strengthen the governance and risk management practices of large national banks. In 2010, the OCC began communicating and applying the heightened expectations to institutions in the Large Bank program2 through the agency’s supervisory function. The OCC also has applied aspects of the heightened expectations to institutions in the Midsize Bank program to promote stronger governance and risk management.

The OCC is proposing standards developed from the heightened expectations in the form of enforceable guidelines. The OCC is proposing to issue the guidelines as a new appendix D to part 30 of the OCC’s regulations. The proposal furthers the goal of Dodd-Frank to strengthen the financial system by focusing management and boards on strengthening risk management practices and governance, with a goal of minimizing the probability and impact of future crises.

Further Information

Please contact Molly Scherf, Deputy Comptroller, Large Bank Supervision, at (202) 649-7298; Stuart Feldstein, Director, or Andra Shuster, Senior Counsel, Legislative and Regulatory Activities Division, at (202) 649-5490; or Martin Chavez, Attorney, Securities and Corporate Practices Division, at (202) 649-5510 or (202) 649-5400.


Amy S. Friend
Senior Deputy Comptroller and Chief Counsel

 1 Public Law 111-203, 124 Stat. 1376 (2010).

 2 The OCC began applying the heightened expectations standards to federal savings associations in the Large Bank program in late 2011 after assuming supervisory responsibility for these institutions from the OTS pursuant to Dodd-Frank.

Related Link