STATEMENT OF
ANDREW C. HOVE, JR.
ACTING CHAIRMAN
FEDERAL DEPOSIT INSURANCE CORPORATION
ON
THE YEAR 2000 PROBLEM
FOR THE
COMMITTEE ON BANKING AND FINANCIAL SERVICES
UNITED STATES HOUSE OF REPRESENTATIVES
2:00 PM, NOVEMBER 4, 1997
ROOM 2128 RAYBURN HOUSE OFFICE BUILDING
I would like to thank the Committee for the opportunity to provide a written statement for
the record on behalf of the Federal Deposit Insurance Corporation regarding the "Year
2000 problem" and its implications for the safety and soundness of the nation's financial
system. My statement will discuss Year 2000 issues as they relate to the banking
industry, and the FDIC's supervisory strategy, concerns and initiatives as primary
Federal regulator for approximately 6,200 financial institutions. I will discuss the FDIC's
contingency planning from the standpoint of our role as both supervisor and insurer, and
FDIC initiatives for meeting the Year 2000 computer challenge internally.
YEAR 2000 ISSUES AND THE BANKING INDUSTRY
The potential for problems related to the inability of computer systems to accurately
recognize dates beyond 1999 is a significant concern for the financial services industry
and financial institution regulators. Financial institutions face vulnerability to the Year
2000 problem in a number of areas, both internally and externally. Internally, data
processing systems -- including mainframe, network and personal computers -- may be
unable to record and process financial information accurately. Equipment that relies on
embedded computer chips to perform date driven functions, such as automated teller
machines, telephone switchboards, vault locks, security systems, elevators, heating,
ventilation and air conditioning systems, may also malfunction. Externally, data
exchanges with business partners outside the financial institution may be disrupted and
credit quality issues could arise as borrowers deal with these same vulnerabilities.
Finally, corrupt data creates the potential for fraud against the industry and its
customers.
To manage both internal and external Year 2000 efforts at the FDIC, I established an
oversight committee comprised of senior executives from key divisions and offices. This
oversight committee provides general management direction and feedback to FDIC staff
participating in various working groups such as interdivisional contingency planning
groups and interagency working groups. To coordinate our external efforts, we have
appointed a project manager responsible for coordinating all activities related to the
industry's Year 2000 remediation process. To handle the FDIC's internal efforts, we
established a separate project office within our Division of Information Resources
Management.
ANDREW C. HOVE, JR.
ACTING CHAIRMAN
FEDERAL DEPOSIT INSURANCE CORPORATION
ON
THE YEAR 2000 PROBLEM
FOR THE
COMMITTEE ON BANKING AND FINANCIAL SERVICES
UNITED STATES HOUSE OF REPRESENTATIVES
2:00 PM, NOVEMBER 4, 1997
ROOM 2128 RAYBURN HOUSE OFFICE BUILDING
I would like to thank the Committee for the opportunity to provide a written statement for
the record on behalf of the Federal Deposit Insurance Corporation regarding the "Year
2000 problem" and its implications for the safety and soundness of the nation's financial
system. My statement will discuss Year 2000 issues as they relate to the banking
industry, and the FDIC's supervisory strategy, concerns and initiatives as primary
Federal regulator for approximately 6,200 financial institutions. I will discuss the FDIC's
contingency planning from the standpoint of our role as both supervisor and insurer, and
FDIC initiatives for meeting the Year 2000 computer challenge internally.
YEAR 2000 ISSUES AND THE BANKING INDUSTRY
The potential for problems related to the inability of computer systems to accurately
recognize dates beyond 1999 is a significant concern for the financial services industry
and financial institution regulators. Financial institutions face vulnerability to the Year
2000 problem in a number of areas, both internally and externally. Internally, data
processing systems -- including mainframe, network and personal computers -- may be
unable to record and process financial information accurately. Equipment that relies on
embedded computer chips to perform date driven functions, such as automated teller
machines, telephone switchboards, vault locks, security systems, elevators, heating,
ventilation and air conditioning systems, may also malfunction. Externally, data
exchanges with business partners outside the financial institution may be disrupted and
credit quality issues could arise as borrowers deal with these same vulnerabilities.
Finally, corrupt data creates the potential for fraud against the industry and its
customers.
To manage both internal and external Year 2000 efforts at the FDIC, I established an
oversight committee comprised of senior executives from key divisions and offices. This
oversight committee provides general management direction and feedback to FDIC staff
participating in various working groups such as interdivisional contingency planning
groups and interagency working groups. To coordinate our external efforts, we have
appointed a project manager responsible for coordinating all activities related to the
industry's Year 2000 remediation process. To handle the FDIC's internal efforts, we
established a separate project office within our Division of Information Resources
Management.
SUPERVISORY STRATEGY
We are using a five step framework to ensure that FDIC-supervised institutions and the
FDIC achieve readiness for the Year 2000. The five steps are: awareness; assessment;
follow-up; enforcement; and failure resolution.
Awareness
The FDIC and other agencies are working to increase financial institutions' awareness
of the importance of remediating systems to achieve Year 2000 readiness. It is critical
that each insured institution understand which of its systems may be affected and
develop a plan for upgrading or replacing systems that will fail to function properly in the
new millennium. Virtually every financial institution will be affected to some degree.
Insured institutions that perform the work themselves will incur the expense of
upgrading their computer systems and ensuring that they function properly. Institutions
that rely on a data processing servicer or bank software vendor must share the
responsibility of making sure that all their systems function properly and cannot rely on
vague reassurances that the problem will be solved. All banks also are responsible for
evaluating all of their systems, including equipment and data exchanges with parties
outside the bank, and reviewing how the Year 2000 problem may affect their borrowers.
To improve the industry's awareness, the FDIC, in cooperation with the other Federal
depository institution regulatory agencies and state supervisory authorities, has taken
steps to highlight the importance of Year 2000 issues. On May 5, 1997, the Federal
Financial Institutions Examination Council (FFIEC) issued an updated interagency
statement on Year 2000 project management. This statement outlines five project
management phases essential to the Year 2000 remediation process: awareness;
assessment; renovation; validation and implementation. The statement also includes
target dates designed to ensure timely completion of the remediation process. The
statement discusses three areas of potential risk that are external to a financial
institution's data processing system: vendor reliance; exchanging data electronically
with external parties; and lending relationships. Also, the statement presents a general
outline of the agencies' supervisory approach which includes on-site Year 2000
supervisory reviews for all insured financial institutions by mid-1998.
Other interagency efforts include hosting an outreach meeting with the major industry
trade associations and giving numerous speeches in various industry forums. On an
informal basis, we have raised the Year 2000 issue at gatherings with members of
several state bankers associations. In addition, we are hosting a vendor conference
which will take place on November 10 and are undertaking negotiations with trade
groups on a series of additional presentations for early 1998.
To help educate consumers on the Year 2000 issue, the FDIC is developing a public
awareness campaign. This campaign will include development of questions for
consumers to ask their financial institution regarding Year 2000.
We are using a five step framework to ensure that FDIC-supervised institutions and the
FDIC achieve readiness for the Year 2000. The five steps are: awareness; assessment;
follow-up; enforcement; and failure resolution.
Awareness
The FDIC and other agencies are working to increase financial institutions' awareness
of the importance of remediating systems to achieve Year 2000 readiness. It is critical
that each insured institution understand which of its systems may be affected and
develop a plan for upgrading or replacing systems that will fail to function properly in the
new millennium. Virtually every financial institution will be affected to some degree.
Insured institutions that perform the work themselves will incur the expense of
upgrading their computer systems and ensuring that they function properly. Institutions
that rely on a data processing servicer or bank software vendor must share the
responsibility of making sure that all their systems function properly and cannot rely on
vague reassurances that the problem will be solved. All banks also are responsible for
evaluating all of their systems, including equipment and data exchanges with parties
outside the bank, and reviewing how the Year 2000 problem may affect their borrowers.
To improve the industry's awareness, the FDIC, in cooperation with the other Federal
depository institution regulatory agencies and state supervisory authorities, has taken
steps to highlight the importance of Year 2000 issues. On May 5, 1997, the Federal
Financial Institutions Examination Council (FFIEC) issued an updated interagency
statement on Year 2000 project management. This statement outlines five project
management phases essential to the Year 2000 remediation process: awareness;
assessment; renovation; validation and implementation. The statement also includes
target dates designed to ensure timely completion of the remediation process. The
statement discusses three areas of potential risk that are external to a financial
institution's data processing system: vendor reliance; exchanging data electronically
with external parties; and lending relationships. Also, the statement presents a general
outline of the agencies' supervisory approach which includes on-site Year 2000
supervisory reviews for all insured financial institutions by mid-1998.
Other interagency efforts include hosting an outreach meeting with the major industry
trade associations and giving numerous speeches in various industry forums. On an
informal basis, we have raised the Year 2000 issue at gatherings with members of
several state bankers associations. In addition, we are hosting a vendor conference
which will take place on November 10 and are undertaking negotiations with trade
groups on a series of additional presentations for early 1998.
To help educate consumers on the Year 2000 issue, the FDIC is developing a public
awareness campaign. This campaign will include development of questions for
consumers to ask their financial institution regarding Year 2000.