Obtain and review the most recent OCC examination of the bank’s fiduciary operations:

• Discuss the findings and recommendations relating to CIF administration with OCC examiners and bank management.

• Determine whether the bank has followed through on its commitments to take corrective action or to follow other recommendations.

Obtain and analyze management information reports relating to transaction processing and reporting by CIF managers. Consider the following factors:

• The volume, type, and complexity of CIF transactions;

• The condition, security, capacity, and recoverability of systems;

• The complexity and volume of conversions, integrations, and system changes;

• The development of new products, services, technology, and delivery systems to maintain competitive position and to gain strategic advantage; and

• The volume and severity of operational, administrative, and accounting control exceptions and losses from fraud and operating errors.

Obtain and review the most recently completed information technology examination activity:

• Discuss the findings and recommendations relating to CIFs with management.

• Determine whether commitments to corrective action have been carried out and whether supervisory recommendations have been adequately addressed.

Obtain and analyze the types and significance of policy exceptions, internal control deficiencies, and legal violations that have been identified and reported internally. Review information from the following sources:

• Board and committee minutes and reports.

• Risk management and compliance division reports.

• Written CIF plans.

• Governing instruments for A2 funds providing federal tax exemption.

• Annual CIF audit reports.

• Control self-assessment reports.

• Internal and external audit reports.

• Other OCC examination programs.

Obtain and analyze the types and volume of litigation and customer complaints related to CIFs:

• Discuss significant litigation and complaints with management.

• Determine the risk to capital and the appropriateness of corrective action and follow-up processes.

If necessary, refer to the “Litigation and Other Legal Matters” booklet of the Comptroller’s Handbook for additional procedures.

Evaluate compliance with bank policies and operating procedures, and “applicable law” including:

• The governing instrument,

• 12 CFR 9.18,

• Court orders, and

• Federal laws, including securities, tax, and, when applicable, ERISA.

Discuss with management the impact of the factors listed below on the types of risk and quantity of risk generated by CIFs:

• The number and types of funds;

• Merger and acquisition plans and opportunities;

• Potential expansion through multi-state fiduciary operations;

• Potential or planned offering of new funds, particularly those that may test legal boundaries;

• Economic, industry, and market conditions;

• Legislative and regulatory change;

• Technological advances;

• Competition, particularly from investment companies, hedge funds, and other investment vehicles;

• The market or public’s perception of the bank’s financial stability; and

• The market or public’s perception of the CIFs offered by the bank.

Obtain and analyze conclusions from the CIF “Quality of Risk Management” examination procedures. Incorporate those conclusions into the risk assessment of CIFs.

Reach conclusions on the types of risk and quantity of risk generated by the administration of CIFs and forward this information to the “Examination Conclusions” section.