FHFA issued Orders to Fannie Mae and Freddie Mac (the Enterprises), along with the summary instructions and guidance, with respect to the stress test reporting as of December 31, 2020. The Orders mention that each Enterprise shall report to FHFA and to FED the results of the stress testing as required by the FHFA rule on stress testing of regulated entities (12 CFR 1238), in the form and with the content described therein and in the summary instructions and guidance, accompanying the Orders. In addition, US Agencies (FDIC, FED, NCUA, and OCC), including the Financial Crimes Enforcement Network (FinCEN), are requesting information on the extent to which the principles discussed in the interagency supervisory guidance on model risk management support bank compliance with the Bank Secrecy Act/Anti-Money Laundering (BSA/AML) and Office of Foreign Assets Control (OFAC) requirements.
The agencies seek this information to enhance their understanding of bank practices in these areas and determine whether additional explanation or clarification may increase transparency, effectiveness, or efficiency. Comments will be accepted for 60 days following publication of the request for information in the Federal Register. The US Agencies concurrently issued a joint statement to clarify that the risk management principles discussed in the supervisory guidance are appropriate considerations in the context of the BSA/AML statutory and regulatory requirements. The statement clarified the following key points
- The supervisory guidance on model risk management does not have the force and effect of law. Banks may use some or all of the principles in the supervisory guidance in their risk management processes to support meeting the regulatory requirements of an effective BSA/AML compliance program. Banks with limited model use may not have formal model risk management frameworks.
- The supervisory guidance is not meant to serve as a set of testing procedures, including with regard to BSA/AML systems.
- The supervisory guidance does not establish any requirements or supervisory expectations that banks have duplicative processes for complying with BSA/AML regulatory requirements.
- Certain processes and systems used in BSA/AML compliance may not be models. The determination by a bank of whether a system used for BSA/AML compliance is considered a model is bank-specific. When making this determination, a bank may consider the supervisory guidance model definition and the three components that characterize models.
- Banks assess different models in different ways. The nature of testing and analysis of models depends on the type of model and the context in which the models are used.
- The principles in supervisory guidance provide flexibility for banks in developing, implementing, and updating models. Banks may benefit from employing this flexibility, including for validation activities, to update BSA/AML models quickly in response to the evolving threat environment and to implement innovative approaches. Banks may establish policies that govern when the bank may implement less material changes to models without revalidation, or may choose to revalidate certain model components without revalidating the entire model.
- Banks may choose to use a third-party model. When doing so, banks may consider the principles discussed in the agencies’ third-party risk management issuances and the aspects of the supervisory guidance that address third-party models.
- Regardless of how a BSA/AML system is characterized, sound risk management is important, and banks may use the principles discussed in the supervisory guidance to establish, implement, and maintain their risk management framework.
- FHFA Notice
- Accompanying Guidance from FHFA
- Press Release on Supervisory Guidance
- Request for Information on BSA/AML Compliance (PDF)
- Statement on Model Risk Management (PDF)
Comment Due Date: FR+60 Days
Keywords: Americas, US, Banking, Reporting, Stress Testing, Fannie Mae, Freddie Mac, Dodd-Frank Act, AML, EGRRCP Act, COVID-19, Regulatory Capital, BSA, Model Risk Management, FHFS, US Agencies
Previous ArticleESMA Issues Notification Templates for STS Synthetic Securitizations
The European Commission (EC) published the Delegated Regulation 2022/786 with regard to the liquidity coverage requirements for credit institutions under the Capital Requirements Regulation (CRR).
The European Banking Authority (EBA) published the final draft regulatory technical standards specifying the criteria to identify shadow banking entities for the purposes of reporting large exposures.
The Office of the Superintendent of Financial Institutions (OSFI) published the strategic plan for 2022-2025 and the departmental plan for 2022-23.
The European Banking Authority (EBA) is consulting, until August 31, 2022, on the draft implementing technical standards specifying requirements for the information that sellers of non-performing loans (NPLs) shall provide to prospective buyers.
The European Council and the Parliament reached an agreement on the revised Directive on security of network and information systems (NIS2 Directive).
The European Banking Authority (EBA) published the final draft regulatory technical standards specifying information that crowdfunding service providers shall provide to investors on the calculation of credit scores and prices of crowdfunding offers.
The European Council published a draft Commission Delegated Regulation to amend the regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.
The European Securities and Markets Authority (ESMA) published a paper that examines the systemic risk posed by increasing use of cloud services, along with the potential policy options to mitigate this risk.
The Monetary Authority of Singapore (MAS) published amendments to Notice 635, which sets out requirements that a bank in Singapore has to comply with when granting an unsecured non-card credit facility to individuals.
The European Commission (EC) published a public consultation on the review of revised payment services directive (PSD2) and open finance.