14814 Federal Register / Vol. 84, No. 70 / Thursday, April 11, 2019 / Proposed Rules
1 12 CFR part 370.
2 12 U.S.C. 1821(f)(1); 12 U.S.C. 1823(c)(4).
3 12 CFR 360.9. See 73 FR 41180 (July 17, 2008).
4 12 U.S.C. 1819(a) (Tenth), 1820(g),
1821(d)(4)(B)(iv).
5 12 U.S.C. 1821(a)(1)(C), 1821(a)(1)(E).
6 12 U.S.C. 1822(c), 12 CFR 330.5.
7 12 U.S.C. 1817(a)(9).
FEDERAL DEPOSIT INSURANCE
CORPORATION
12 CFR Part 370
RIN 3064–AF03
Recordkeeping for Timely Deposit
Insurance Determination
AGENCY: Federal Deposit Insurance
Corporation (FDIC).
ACTION: Notice of proposed rulemaking.
SUMMARY: The FDIC is seeking comment
on a proposed rule that would to make
certain substantive revisions to
‘‘Recordkeeping for Timely Deposit
Insurance Determination,’’ to clarify the
rule’s requirements, better align the
burdens of the rule with its benefits, and
make technical corrections.
DATES: Comments must be received by
May 13, 2019.
ADDRESSES: You may submit comments
on the notice of proposed rulemaking,
identified by RIN number, by any of the
following methods:
• Agency Website: http://
www.FDIC.gov/regulations/laws/federal.
Follow instructions for submitting
comments on the agency website.
• Email: Comments@FDIC.gov.
Include RIN 3064–AF03 in the subject
line of the message.
• Mail: Robert E. Feldman, Executive
Secretary, Attention: Comments, Federal
Deposit Insurance Corporation, 550 17th
Street NW, Washington, DC 20429.
• Hand Delivery/Courier: Guard
station at the rear of the 550 17th Street
Building (located on F Street) on
business days between 7:00 a.m. and
5:00 p.m.
Public Inspection: All comments
received, including any personal
information provided, will be posted
without change to http://www.fdic.gov/
regulations/laws/federal/.
FOR FURTHER INFORMATION CONTACT:
Marc Steckel, Deputy Director, Division
of Resolutions and Receiverships, (571)
858–8224; Teresa J. Franks, Associate
Director, Division of Resolutions and
Receiverships, (571) 858–8226; Shane
Kiernan, Counsel, Legal Division, (703)
562–2632, skiernan@fdic.gov; Karen L.
Main, Counsel, Legal Division, (703)
562–2079, kamain@fdic.gov; James P.
Sheesley, Counsel, Legal Division, (703)
562–2047; Andrew J. Yu, Senior
Attorney, (703) 562–2784.
SUPPLEMENTARY INFORMATION:
I. Policy Objectives
The policy objective of the proposed
rule is to reduce compliance burdens for
insured depository institutions (IDIs)
covered by the FDIC’s rule entitled
‘‘Recordkeeping for Timely Deposit
Insurance Determination’’ 1 (part 370 or
the Rule) while continuing to support
the FDIC’s ability to promptly determine
deposit insurance coverage in the event
a covered institution fails. Part 370
requires each IDI with two million or
more deposit accounts (each a covered
institution) to (1) configure its
information technology system (IT
system) to be capable of calculating the
insured and uninsured amount in each
deposit account by right and capacity,
for use by the FDIC in making deposit
insurance determinations in the event of
the institution’s failure, and (2)
maintain complete and accurate
information needed by the FDIC to
determine deposit insurance coverage
with respect to each deposit account,
except as otherwise provided. After the
Rule was adopted and while covered
institutions began preparing to
implement it, the FDIC received
feedback from covered institutions,
industry consultants, information
technology service providers, and agents
placing deposits on behalf of others,
who identified components of the Rule
that are insufficiently clear or unduly
burdensome. The proposed rule
addresses these issues by: Establishing
the option to extend the part 370
compliance date for certain institutions;
simplifying the process for requesting
exception from the Rule’s requirements;
amending the scope of certain
provisions; and making technical
amendments. The proposed
amendments are likely to reduce
compliance burdens for covered
institutions while still ensuring that
covered institutions implement the
recordkeeping and IT system
capabilities needed by the FDIC to make
a timely deposit insurance
determination for an IDI of such size
and scale.
II. Background
In 2016, the FDIC adopted part 370 to
facilitate prompt payments of FDIC-
insured deposits when large IDIs fail. By
reducing the difficulties that the FDIC
would face in making a prompt deposit
insurance determination at a failed
covered institution, part 370 enhances
the ability of the FDIC to meet its
statutory obligation to pay deposit
insurance ‘‘as soon as possible’’
following failure and to resolve the
covered institution in the manner least
costly to the Deposit Insurance Fund
(DIF).2 Fulfilling these statutory
obligations is essential to the FDIC’s
mission. It also achieves significant
policy objectives: Maintaining public
confidence in the FDIC and the banking
system; enabling depositors to meet
their financial needs and obligations;
preserving the franchise value of the
failed covered institution and protecting
the DIF by allowing a wider range of
resolution options; and promoting long
term stability in the banking system by
reducing moral hazard. An earlier
regulation, the FDIC’s rule entitled
‘‘Large-Bank Deposit Insurance
Determination Modernization’’ (§ 360.9),
furthered these policy goals at IDIs
having at least $2 billion in domestic
deposits and either 250,000 deposit
accounts, or $20 billion in total assets.3
Part 370 provides the necessary
additional measures required by the
FDIC to ensure prompt and accurate
payment of deposit insurance to
depositors of the larger, more complex
IDIs that qualify as covered institutions.
The FDIC is authorized to prescribe
rules and regulations as it may deem
necessary to carry out the provisions of
the Federal Deposit Insurance Act (FDI
Act).4 To pay deposit insurance, the
FDIC uses a failed IDI’s records to
aggregate the amounts of all deposits
that are maintained by a depositor in the
same right and capacity and then
applies the standard maximum deposit
insurance amount (SMDIA) of
$250,000.5 The FDIC generally relies on
the failed institution’s deposit account
records to identify deposit owners and
the right and capacity in which deposits
are maintained.6 Section 7(a)(9) of the
FDI Act authorizes the FDIC to take
action as necessary to ensure that each
IDI maintains, and the FDIC receives on
a regular basis from such IDI,
information on the total amount of all
insured deposits, preferred deposits,
and uninsured deposits at the
institution.7 The requirements of part
370, obligating covered institutions to
maintain complete and accurate records
regarding the ownership and
insurability of deposits and to have an
IT system that can be used to calculate
deposit insurance coverage in the event
of failure, facilitate the FDIC’s prompt
payment of deposit insurance and
enhance the ability to implement the
least costly resolution of these
institutions.
Part 370 became effective on April 1,
2017, with a compliance date of April
1, 2020, for IDIs that became covered
VerDate Sep<11>2014 18:17 Apr 10, 2019 Jkt 247001 PO 00000 Frm 00002 Fmt 4701 Sfmt 4702 E:\FR\FM\11APP2.SGM 11APP2
amozie on DSK9F9SC42PROD with PROPOSALS2
1 12 CFR part 370.
2 12 U.S.C. 1821(f)(1); 12 U.S.C. 1823(c)(4).
3 12 CFR 360.9. See 73 FR 41180 (July 17, 2008).
4 12 U.S.C. 1819(a) (Tenth), 1820(g),
1821(d)(4)(B)(iv).
5 12 U.S.C. 1821(a)(1)(C), 1821(a)(1)(E).
6 12 U.S.C. 1822(c), 12 CFR 330.5.
7 12 U.S.C. 1817(a)(9).
FEDERAL DEPOSIT INSURANCE
CORPORATION
12 CFR Part 370
RIN 3064–AF03
Recordkeeping for Timely Deposit
Insurance Determination
AGENCY: Federal Deposit Insurance
Corporation (FDIC).
ACTION: Notice of proposed rulemaking.
SUMMARY: The FDIC is seeking comment
on a proposed rule that would to make
certain substantive revisions to
‘‘Recordkeeping for Timely Deposit
Insurance Determination,’’ to clarify the
rule’s requirements, better align the
burdens of the rule with its benefits, and
make technical corrections.
DATES: Comments must be received by
May 13, 2019.
ADDRESSES: You may submit comments
on the notice of proposed rulemaking,
identified by RIN number, by any of the
following methods:
• Agency Website: http://
www.FDIC.gov/regulations/laws/federal.
Follow instructions for submitting
comments on the agency website.
• Email: Comments@FDIC.gov.
Include RIN 3064–AF03 in the subject
line of the message.
• Mail: Robert E. Feldman, Executive
Secretary, Attention: Comments, Federal
Deposit Insurance Corporation, 550 17th
Street NW, Washington, DC 20429.
• Hand Delivery/Courier: Guard
station at the rear of the 550 17th Street
Building (located on F Street) on
business days between 7:00 a.m. and
5:00 p.m.
Public Inspection: All comments
received, including any personal
information provided, will be posted
without change to http://www.fdic.gov/
regulations/laws/federal/.
FOR FURTHER INFORMATION CONTACT:
Marc Steckel, Deputy Director, Division
of Resolutions and Receiverships, (571)
858–8224; Teresa J. Franks, Associate
Director, Division of Resolutions and
Receiverships, (571) 858–8226; Shane
Kiernan, Counsel, Legal Division, (703)
562–2632, skiernan@fdic.gov; Karen L.
Main, Counsel, Legal Division, (703)
562–2079, kamain@fdic.gov; James P.
Sheesley, Counsel, Legal Division, (703)
562–2047; Andrew J. Yu, Senior
Attorney, (703) 562–2784.
SUPPLEMENTARY INFORMATION:
I. Policy Objectives
The policy objective of the proposed
rule is to reduce compliance burdens for
insured depository institutions (IDIs)
covered by the FDIC’s rule entitled
‘‘Recordkeeping for Timely Deposit
Insurance Determination’’ 1 (part 370 or
the Rule) while continuing to support
the FDIC’s ability to promptly determine
deposit insurance coverage in the event
a covered institution fails. Part 370
requires each IDI with two million or
more deposit accounts (each a covered
institution) to (1) configure its
information technology system (IT
system) to be capable of calculating the
insured and uninsured amount in each
deposit account by right and capacity,
for use by the FDIC in making deposit
insurance determinations in the event of
the institution’s failure, and (2)
maintain complete and accurate
information needed by the FDIC to
determine deposit insurance coverage
with respect to each deposit account,
except as otherwise provided. After the
Rule was adopted and while covered
institutions began preparing to
implement it, the FDIC received
feedback from covered institutions,
industry consultants, information
technology service providers, and agents
placing deposits on behalf of others,
who identified components of the Rule
that are insufficiently clear or unduly
burdensome. The proposed rule
addresses these issues by: Establishing
the option to extend the part 370
compliance date for certain institutions;
simplifying the process for requesting
exception from the Rule’s requirements;
amending the scope of certain
provisions; and making technical
amendments. The proposed
amendments are likely to reduce
compliance burdens for covered
institutions while still ensuring that
covered institutions implement the
recordkeeping and IT system
capabilities needed by the FDIC to make
a timely deposit insurance
determination for an IDI of such size
and scale.
II. Background
In 2016, the FDIC adopted part 370 to
facilitate prompt payments of FDIC-
insured deposits when large IDIs fail. By
reducing the difficulties that the FDIC
would face in making a prompt deposit
insurance determination at a failed
covered institution, part 370 enhances
the ability of the FDIC to meet its
statutory obligation to pay deposit
insurance ‘‘as soon as possible’’
following failure and to resolve the
covered institution in the manner least
costly to the Deposit Insurance Fund
(DIF).2 Fulfilling these statutory
obligations is essential to the FDIC’s
mission. It also achieves significant
policy objectives: Maintaining public
confidence in the FDIC and the banking
system; enabling depositors to meet
their financial needs and obligations;
preserving the franchise value of the
failed covered institution and protecting
the DIF by allowing a wider range of
resolution options; and promoting long
term stability in the banking system by
reducing moral hazard. An earlier
regulation, the FDIC’s rule entitled
‘‘Large-Bank Deposit Insurance
Determination Modernization’’ (§ 360.9),
furthered these policy goals at IDIs
having at least $2 billion in domestic
deposits and either 250,000 deposit
accounts, or $20 billion in total assets.3
Part 370 provides the necessary
additional measures required by the
FDIC to ensure prompt and accurate
payment of deposit insurance to
depositors of the larger, more complex
IDIs that qualify as covered institutions.
The FDIC is authorized to prescribe
rules and regulations as it may deem
necessary to carry out the provisions of
the Federal Deposit Insurance Act (FDI
Act).4 To pay deposit insurance, the
FDIC uses a failed IDI’s records to
aggregate the amounts of all deposits
that are maintained by a depositor in the
same right and capacity and then
applies the standard maximum deposit
insurance amount (SMDIA) of
$250,000.5 The FDIC generally relies on
the failed institution’s deposit account
records to identify deposit owners and
the right and capacity in which deposits
are maintained.6 Section 7(a)(9) of the
FDI Act authorizes the FDIC to take
action as necessary to ensure that each
IDI maintains, and the FDIC receives on
a regular basis from such IDI,
information on the total amount of all
insured deposits, preferred deposits,
and uninsured deposits at the
institution.7 The requirements of part
370, obligating covered institutions to
maintain complete and accurate records
regarding the ownership and
insurability of deposits and to have an
IT system that can be used to calculate
deposit insurance coverage in the event
of failure, facilitate the FDIC’s prompt
payment of deposit insurance and
enhance the ability to implement the
least costly resolution of these
institutions.
Part 370 became effective on April 1,
2017, with a compliance date of April
1, 2020, for IDIs that became covered
VerDate Sep<11>2014 18:17 Apr 10, 2019 Jkt 247001 PO 00000 Frm 00002 Fmt 4701 Sfmt 4702 E:\FR\FM\11APP2.SGM 11APP2
amozie on DSK9F9SC42PROD with PROPOSALS2
14815Federal Register / Vol. 84, No. 70 / Thursday, April 11, 2019 / Proposed Rules
8 81 FR 87734, 87738 (December 5, 2016); 12 CFR
370.2(d).
institutions on the effective date.8 The
FDIC has carried out a continuous
outreach program to covered
institutions, trade associations, and
other interested parties since issuing
part 370. The FDIC learned through its
interactions with these parties about
issues and challenges they face in
implementing the capabilities required
by part 370. These include: The need for
additional time to complete this
complex exercise; concerns regarding
the nature of the compliance
certification; the effect of mergers; the
scope of the definition of ‘‘transactional
features’’; and the covered institution’s
ability to certify performance by a third
party with respect to submission of
information to the FDIC within 24 hours
for deposit accounts with transactional
features that are insured on a pass-
through basis.
The FDIC acknowledges that the
burden of complying with some of the
requirements of part 370 with regard to
certain types of accounts is not
commensurate with the benefit of
improvements to prompt payment of
deposit insurance and resolvability that
such compliance achieves. Further,
practical difficulties in implementation
justify an extension of the initial
compliance date for those covered
institutions that became covered
institutions on the initial effective date
of the Rule. Accordingly, the FDIC is
issuing this notice of proposed
rulemaking (NPR) to amend part 370
(the proposal, proposed rule, or
proposed amendments) to provide for
elective extension of the compliance
date, revise the treatment of deposits
created by credit balances on debt
accounts, modify the requirements
relating to accounts with transactional
features, change the procedures
regarding exceptions, and clarify
matters relating to certification
requirements. The proposed
amendments would also make certain
technical changes to part 370 and
correct typographical errors. These
proposed amendments would better
align the burdens imposed by part 370
upon covered institutions with the
resultant benefits in terms of
achievement of the FDIC’s statutory
obligations and policy objectives.
III. Discussion of Proposed
Amendments and Request for Comment
A. Summary
The FDIC is undertaking this notice of
proposed rulemaking to amend part 370
in advance of the compliance date for
the first covered institutions. The FDIC
is proposing to make extensive changes
to part 370. Therefore, the FDIC is
proposing to revise the text of part 370
in full rather than prepare fragmentary
amendments. The proposal would,
among other things:
• Include an optional one-year
extension of the compliance date upon
notification to the FDIC;
• provide clarifications regarding
certification of compliance under
§ 370.10, and the effect of a change in
law or a merger on compliance;
• provide for voluntary compliance
with part 370;
• revise the actions that must be
taken under § 370.5(a) with respect to
deposit accounts with transactional
features that are insured on a pass-
through basis;
• amend the recordkeeping
requirements set forth in § 370.4 for
certain types of deposit relationships;
• clarify the process for exceptions
requested pursuant to § 370.8(b),
provide for published notice of the
FDIC’s responses, and provide that
certain exceptions may be deemed
granted; and
• make corrections and technical and
conforming changes.
B. Elective Extension of the Compliance
Date
Section 370.2(d) establishes the initial
compliance date as the date that is three
years following either the effective date
of part 370 or the date on which an IDI
becomes a covered institution,
whichever is later. In order to comply
with part 370, covered institutions must
add a new set of capabilities in their IT
systems and a new level of regularity in
their recordkeeping. Part 370 became
effective on April 1, 2017, so each
insured depository institution that
became a covered institution on that
date has a compliance date of April 1,
2020. The FDIC recognizes that some of
these covered institutions may need
additional time to implement these new
capabilities. The FDIC has determined
that an extension of up to one year
would help these covered institutions
more efficiently focus their efforts on
complying with part 370 rather than on
seeking exceptions to compliance with
part 370. Accordingly, the FDIC
proposes to add a new paragraph (b)(2)
to § 370.6 that would provide covered
institutions that became covered
institutions on the effective date with
the option to extend their April 1, 2020,
compliance date by up to one year (as
late as April 1, 2021) upon notification
to the FDIC. The notification would
need to be provided to the FDIC prior
to the original April 1, 2020, compliance
date and state the total number of, and
dollar amount of deposits in, deposit
accounts for which the covered
institution expects its IT system would
not be able to calculate deposit
insurance coverage as of the original
April 1, 2020, compliance date. This
information would help the FDIC
understand the extent to which the
covered institution’s capabilities could
be utilized prior to the extended
compliance date should those
capabilities be needed. In connection
with this proposed amendment, the
definition of compliance date in
§ 370.2(d) would also be revised to
reference § 370.6(b).
Questions: The FDIC invites comment
on its proposal to allow insured
depository institutions that became
covered institutions on April 1, 2017, to
extend their compliance date by up to
one year. What are the advantages or
disadvantages of extending the
compliance date? Is this one-year
extension too long or too short? Why?
Should this extension option be
available to all current covered
institutions? What alternatives, if any,
should the FDIC consider?
C. Compliance
1. Part 370 Compliance Certification and
Deposit Insurance Summary Report
The proposed amendments to
§ 370.10(a)(1) address the requirements
for the certification of compliance that
a covered institution must submit to the
FDIC upon its initial compliance date
and annually thereafter. The FDIC is
proposing to clarify that the timeframe
within which a covered institution must
implement the capabilities needed to
comply with part 370 and test its IT
system is the ‘‘preceding twelve
months’’ rather than during the
‘‘preceding calendar year.’’ Because a
covered institution’s compliance date
might not coincide with the end of a
calendar year, there was confusion over
whether a covered institution’s self-test
must occur during the calendar year
before a covered institution’s
compliance date even if the compliance
date is in the next calendar year. This
proposed amendment is intended to
clarify that a covered institution must
certify that it has implemented the
capabilities required by part 370 and
has tested those capabilities at least
once during the preceding 12 months.
The FDIC proposes to revise the
testing standard for the certification
from confirmation that a covered
institution has ‘‘successfully tested’’ its
IT system to confirmation that ‘‘testing
indicates that the covered institution is
in compliance . . .’’ because
VerDate Sep<11>2014 18:17 Apr 10, 2019 Jkt 247001 PO 00000 Frm 00003 Fmt 4701 Sfmt 4702 E:\FR\FM\11APP2.SGM 11APP2
amozie on DSK9F9SC42PROD with PROPOSALS2
8 81 FR 87734, 87738 (December 5, 2016); 12 CFR
370.2(d).
institutions on the effective date.8 The
FDIC has carried out a continuous
outreach program to covered
institutions, trade associations, and
other interested parties since issuing
part 370. The FDIC learned through its
interactions with these parties about
issues and challenges they face in
implementing the capabilities required
by part 370. These include: The need for
additional time to complete this
complex exercise; concerns regarding
the nature of the compliance
certification; the effect of mergers; the
scope of the definition of ‘‘transactional
features’’; and the covered institution’s
ability to certify performance by a third
party with respect to submission of
information to the FDIC within 24 hours
for deposit accounts with transactional
features that are insured on a pass-
through basis.
The FDIC acknowledges that the
burden of complying with some of the
requirements of part 370 with regard to
certain types of accounts is not
commensurate with the benefit of
improvements to prompt payment of
deposit insurance and resolvability that
such compliance achieves. Further,
practical difficulties in implementation
justify an extension of the initial
compliance date for those covered
institutions that became covered
institutions on the initial effective date
of the Rule. Accordingly, the FDIC is
issuing this notice of proposed
rulemaking (NPR) to amend part 370
(the proposal, proposed rule, or
proposed amendments) to provide for
elective extension of the compliance
date, revise the treatment of deposits
created by credit balances on debt
accounts, modify the requirements
relating to accounts with transactional
features, change the procedures
regarding exceptions, and clarify
matters relating to certification
requirements. The proposed
amendments would also make certain
technical changes to part 370 and
correct typographical errors. These
proposed amendments would better
align the burdens imposed by part 370
upon covered institutions with the
resultant benefits in terms of
achievement of the FDIC’s statutory
obligations and policy objectives.
III. Discussion of Proposed
Amendments and Request for Comment
A. Summary
The FDIC is undertaking this notice of
proposed rulemaking to amend part 370
in advance of the compliance date for
the first covered institutions. The FDIC
is proposing to make extensive changes
to part 370. Therefore, the FDIC is
proposing to revise the text of part 370
in full rather than prepare fragmentary
amendments. The proposal would,
among other things:
• Include an optional one-year
extension of the compliance date upon
notification to the FDIC;
• provide clarifications regarding
certification of compliance under
§ 370.10, and the effect of a change in
law or a merger on compliance;
• provide for voluntary compliance
with part 370;
• revise the actions that must be
taken under § 370.5(a) with respect to
deposit accounts with transactional
features that are insured on a pass-
through basis;
• amend the recordkeeping
requirements set forth in § 370.4 for
certain types of deposit relationships;
• clarify the process for exceptions
requested pursuant to § 370.8(b),
provide for published notice of the
FDIC’s responses, and provide that
certain exceptions may be deemed
granted; and
• make corrections and technical and
conforming changes.
B. Elective Extension of the Compliance
Date
Section 370.2(d) establishes the initial
compliance date as the date that is three
years following either the effective date
of part 370 or the date on which an IDI
becomes a covered institution,
whichever is later. In order to comply
with part 370, covered institutions must
add a new set of capabilities in their IT
systems and a new level of regularity in
their recordkeeping. Part 370 became
effective on April 1, 2017, so each
insured depository institution that
became a covered institution on that
date has a compliance date of April 1,
2020. The FDIC recognizes that some of
these covered institutions may need
additional time to implement these new
capabilities. The FDIC has determined
that an extension of up to one year
would help these covered institutions
more efficiently focus their efforts on
complying with part 370 rather than on
seeking exceptions to compliance with
part 370. Accordingly, the FDIC
proposes to add a new paragraph (b)(2)
to § 370.6 that would provide covered
institutions that became covered
institutions on the effective date with
the option to extend their April 1, 2020,
compliance date by up to one year (as
late as April 1, 2021) upon notification
to the FDIC. The notification would
need to be provided to the FDIC prior
to the original April 1, 2020, compliance
date and state the total number of, and
dollar amount of deposits in, deposit
accounts for which the covered
institution expects its IT system would
not be able to calculate deposit
insurance coverage as of the original
April 1, 2020, compliance date. This
information would help the FDIC
understand the extent to which the
covered institution’s capabilities could
be utilized prior to the extended
compliance date should those
capabilities be needed. In connection
with this proposed amendment, the
definition of compliance date in
§ 370.2(d) would also be revised to
reference § 370.6(b).
Questions: The FDIC invites comment
on its proposal to allow insured
depository institutions that became
covered institutions on April 1, 2017, to
extend their compliance date by up to
one year. What are the advantages or
disadvantages of extending the
compliance date? Is this one-year
extension too long or too short? Why?
Should this extension option be
available to all current covered
institutions? What alternatives, if any,
should the FDIC consider?
C. Compliance
1. Part 370 Compliance Certification and
Deposit Insurance Summary Report
The proposed amendments to
§ 370.10(a)(1) address the requirements
for the certification of compliance that
a covered institution must submit to the
FDIC upon its initial compliance date
and annually thereafter. The FDIC is
proposing to clarify that the timeframe
within which a covered institution must
implement the capabilities needed to
comply with part 370 and test its IT
system is the ‘‘preceding twelve
months’’ rather than during the
‘‘preceding calendar year.’’ Because a
covered institution’s compliance date
might not coincide with the end of a
calendar year, there was confusion over
whether a covered institution’s self-test
must occur during the calendar year
before a covered institution’s
compliance date even if the compliance
date is in the next calendar year. This
proposed amendment is intended to
clarify that a covered institution must
certify that it has implemented the
capabilities required by part 370 and
has tested those capabilities at least
once during the preceding 12 months.
The FDIC proposes to revise the
testing standard for the certification
from confirmation that a covered
institution has ‘‘successfully tested’’ its
IT system to confirmation that ‘‘testing
indicates that the covered institution is
in compliance . . .’’ because
VerDate Sep<11>2014 18:17 Apr 10, 2019 Jkt 247001 PO 00000 Frm 00003 Fmt 4701 Sfmt 4702 E:\FR\FM\11APP2.SGM 11APP2
amozie on DSK9F9SC42PROD with PROPOSALS2