FDIC Proposes New Bank Corporate Governance Standards
In October 2023, the Federal Deposit Insurance Corporation (FDIC) proposed new corporate governance guidelines that will impact board composition, board fiduciary duties, risk management procedures and other corporate governance standards for certain banks.
Banks Covered. The proposed rule will apply to banks with total assets of $10 billion or more that are non-members of the Federal Reserve System (i.e., $10+ billion banks that have the FDIC as their primary federal regulator). However, the FDIC is reserving the right to apply the rule to smaller nonmember banks that “are highly complex or present heightened risk.”
The rule will not apply to state-chartered Federal Reserve member banks or to national banks or federal savings associations. However, banks not in the rule’s targeted group may have an interest in the impact of the rule because of the possibility that its standards could eventually be incorporated into rules applicable to other banks, as well.
FDIC Board Dissent. The rule passed by a 3-2 vote of the FDIC Board. Each of the two Republican-affiliated Board members (Director McKernan and Vice Chairman Hill) issued a public dissenting statement citing concerns about the rule. Vice Chairman Hill questioned the rule’s focus on “process-related governance” rather than core risks to safety and soundness, while Director McKernan specifically questioned the legality of certain of the rule’s requirements and expressed concern about potential negative practical impact the rule may have.
Significant Requirements. The following is a list of some of the more significant requirements under the new rule:
- Board Majority Independence Requirement – Including Affiliate Independence. The rule requires a bank board to have a majority of “outside and independent” directors. Under the rule, an outside and independent director is defined as a director who is (a) not a “principal, member, officer, or employee” of the bank, AND (b) not a “principal, member, director, officer, or employee of any affiliate or principal shareholder” of the bank. [emphasis added]
This standard would, for example, disqualify independent members of a bank holding company board from qualifying as independent members of the subsidiary bank’s board. However, there is a carve-out for holding company directors, if the holding company “conducts limited or no additional business operations outside the [bank], … as long as [such director is] not a principal, member, director, officer, or employee of any other [bank] or holding company affiliates.”
- Diversity. The rule requires banks to consider the “diversity among board members” when selecting them – including “racial, ethnic, gender and age differences ...”
- “Constituency” Requirement – i.e., Fiduciary Duty Issue. The rule requires the bank board, in carrying out its duties, to “consider the interests of all its stakeholders, including shareholders, depositors, creditors, customers, regulators, and the public.” As FDIC Director McKernan points out in his dissent on the rule, this requirement could be at odds with bank directors’ fiduciary duties under applicable state law, for example, if a director voted against the interests of shareholders in order to serve the interests of customers or the “public.”
- Board Duties Regarding Management. Various requirements of the rule appear to expand the duties and role of a bank board beyond the traditional board oversight of management role and put specific management duties on the board itself, such as a duty on each bank board member to “confirm that the [bank] operates … in compliance with all laws and regulations.”
Interestingly, just six years ago, the Federal Reserve issued guidance about board duties with specific emphasis on keeping larger bank boards focused on “core responsibilities” and to “better distinguish between the roles and responsibilities of an institution’s board of directors and those of senior management.” 82 Fed. Reg. 37219 (Aug. 9, 2017). The new FDIC proposal appears to be taking a different approach.
- Self-Reporting Obligations. The rule requires the board of each bank to establish procedures requiring the bank to “report all violations of law or regulation” to the applicable federal regulatory agency – regardless of materiality or significance. Such a direct self-reporting obligation goes beyond the traditional approach of regulators considering self-reporting as a mitigating factor in a regulatory agency’s review of a violation.
- Board Committees and Other Requirements. The rule requires several specific committees to be established by the bank board: audit committee, compensation committee, risk committee and trust committee (if applicable). The rule also implements standards for a bank’s risk management program and requires a variety of other corporate governance and risk management policies, procedures and systems.
No Transition Period. The rule does not include a transition period for banks to adapt their boards, policies, procedures and systems to the rule requirements when the rule is issued in final form.
Potential Rule Revisions. The rule is not final at this point, and comments on the proposed version are due by Feb. 9, 2024. (This date was extended from the original deadline of Dec. 11, 2023.) The rule cannot become final until those comments are processed, and a final rule is issued and published. Such a final rule could include changes from the terms of the proposed rule, based on comments received on that proposed rule.