In a speech on May 27, 2024, Acting Comptroller of the Currency, Michael J. Hsu, stated that expanding the application of the Office of the Comptroller of the Currency’s (“OCC”) recovery guidelines (the “Recovery Guidelines”) to all large banks under OCC oversight (i.e., national banks, federal savings banks and federal branches) with at least $100 billion in assets “warrants serious consideration.” The current version of the Recovery Guidelines (12 CFR 30, Appendix E) generally applies only to banks with average total consolidated assets equal to or greater than $250 billion, so this would represent a significant expansion of the scope of the guidelines.
Context
The expansion in the scope of the Recovery Guidelines would be another in a long line of recent regulatory and supervisory changes that have been proposed or discussed since the 2023 failures of Silicon Valley Bank and Signature Bank, which Hsu directly references as a motivation for this potential change. Last year, on August 29, 2023, the Federal Deposit Insurance Corporation, Federal Reserve Board and the OCC (the “Agencies”) issued proposed rules that would impose minimum long-term debt requirements and resolution planning requirements on a larger set of banking organizations (see our update here). On July 27, 2023, the Agencies also proposed stricter capital requirements on banking organizations with at least $100 billion in average total consolidated assets (see our update here). Hsu’s suggestion is thus not an outlier but a continuing trend by the Agencies to impose harsher standards on banks in response to the spring 2023 banking crisis.
Still, the OCC does not appear to be considering expanding the scope quite as far as its original finalization of the rule in 2016, $50 billion, which increased along with other minimums following the passage of the Economic Growth Regulatory Relief, and Consumer Protection Act in 2018 (though the Recovery Guidelines were not covered by such act).
What Is a Recovery Plan?
Recovery plans focus on events (“triggers”) that could indicate upcoming severe financial stress to an institution and the remedial measures (“options for recovery”) that the institution can undertake to address vulnerabilities to internal and external stress scenarios and recover its financial strength and viability (without relying on extraordinary government support).
Recovery planning is often described in combination with the better-known resolution planning requirements for large financial institutions, which is a product of the Dodd–Frank Wall Street Reform and Consumer Protection Act. Whereas resolution planning is focused on mitigating the risk to the markets’ financial stability when an institution fails and needs to be imminently liquidated or resolved, recovery planning is concerned with avoiding failure altogether by having a playbook to address stress situations and how the institution will respond. As Hsu notes, “Having actionable recovery options effectively creates new tracks that a bank can switch to when it is in stress, enabling it to avoid disorderly failure.”
What Are the Recovery Guidelines?
The Recovery Guidelines were first issued in 2016 and amended in 2018, as noted above, to raise the threshold for a “covered bank” from $50 billion in average total consolidated assets to $250 billion. The Recovery Guidelines are also laid out and expanded upon in a Comptroller’s Handbook, “Recovery Planning,” last updated in 2019. The Federal Reserve issued similar guidelines in 2014, but their guidelines applied at the holding company level and only to the U.S. GSIBs.
The Recovery Guidelines require covered banks to develop and maintain a recovery plan specific to such bank and appropriate for the bank’s “individual size, risk profile, activities, and complexity, including the complexity of its organizational and legal entity structure.”
Elements. Elements of the plan must include the following:
- Overview of covered bank. An overview of the covered bank, including its material entities, critical operations, core business lines and core management information systems;
- Triggers. Identification of triggers the bank will use to determine the risk or existence of severe stress that reflect the bank’s particular vulnerabilities. A breach of a trigger would be escalated to senior management or the board (or a board committee), as necessary, to initiate a response (more below);
- Options for recovery. A detailed description of credible options that a covered bank could take to ensure it can restore financial strength and viability and continue to operate as a going concern and avoid liquidation or resolution (more below);
- Impact assessments. An impact assessment at the time of the plan of each recovery option. The assessment should evaluate and describe how the options would affect the bank, specifying procedures the bank would take under each recovery option and legal or market impediments or regulatory requirements that must be addressed or satisfied. Each assessment must address the effect of the plan on: (i) capital, liquidity, funding and profitability; and (ii) material entities, critical operations and core business lines (more below);
- Escalation procedures. The process for escalating decision-making to senior management or the board (or a board committee) when a trigger is breached. This should include identifying the departments and persons responsible for executing the decisions made by senior management or the board (or a board committee);
- Management reports. Requirements to create reports with sufficient data and information for senior management and the board (or a board committee) to make decisions regarding actions to respond to a breach of a trigger;
- Communication procedures. The plan should (i) require notification to the OCC for a serious breach of a trigger; (ii) address communication of the bank’s actions under the plan to others in and out of the organization; and (iii) identify how the bank will obtain required regulatory or legal approvals; and
- Other information. Any other information required by the OCC.
Hsu’s speech focuses on three of these requirements: triggers, options for recovery and impact assessments.
Triggers. Triggers are meant to help prevent a bank from waiting too long to take action such that effective mitigation measures are no longer viable. Hsu notes that triggers can involve quantitative standards (e.g., capital ratios, liquidity ratios, stock price) or qualitative standards (e.g., credit downgrades, counterparty distress, operational risk events).
Options for Recovery. Options for recovery are contemplated actions during times of distress meant to help reduce uncertainty or simplify a banking organization’s operations. Ideally, options would be wide ranging and numerous, but Hsu emphasizes that options must be actionable. Simple assertions are not sufficient and must be accompanied by specifics, addressing the objects to be sold, potential bidders, legal and regulatory impediments and data room population.
This is a particular point of emphasis by Hsu and may speak to issues the OCC encountered in the past. Hsu notes that a bank can have a recovery plan on paper but not have engaged in actions to make that plan implementable, such as establishing contingent funding lines and engaging businesses to be marketed. Thus, while options need only be implemented fully when a trigger is breached, some steps may be necessary in advance of a trigger breach to ensure that an option is actionable.
Impact Assessments. Impact assessments are meant to help managers and the board in understanding the consequences of taking certain actions. For example, Hsu notes that if an option for recovery is to sell a portfolio of assets, a covered bank should consider whether this could lead to (i) lower capital or earnings; (ii) a ratings downgrade; or (iii) a disproportionate effect on a material legal entity. Hsu asserts that evaluating impacts would aid in planning and limit the risk of surprises when a bank is in stress.
Governance Considerations. The Recovery Guidelines also require that the plan be integrated into the covered bank’s risk government functions and be aligned with other plans of the bank (e.g., strategic, operational). The OCC Handbook states that recovery planning “should be a business-as-usual activity and an extension of current practices.” The plan should also be coordinated with the covered bank’s bank holding company.
Review. Management is advised to review the recovery plan annually and in response to a material event and to revise the plan as necessary for material changes, both internally at the bank and externally. The board is also advised to review the plan annually and as needed to address significant changes made by management.
Takeaways
While Hsu only stated that the expansion of the Recovery Guidelines to covered banks with at least $100 billion in average total consolidated assets “warrants serious consideration,” the trend of expanding the scope of other regulations suggests that this change (or an effort to implement this change) is in the cards. Banks that would be affected by the change need not pick up the pens at this point but may consider assessing whether the bank would be prepared to put together a recovery plan if this change is proposed.
Strong recovery plans should facilitate M&A and organic growth initiatives while minimizing the risk of the bank failure to the greatest degree possible.
***
To subscribe to the Debevoise FinReg and FinTech Blog, click here.
We would like to give a special thanks to Debevoise summer law clerk Jakob Wessel for his contributions to this article.