FHFA issued Orders to Fannie Mae and Freddie Mac (the Enterprises), along with the summary instructions and guidance, with respect to the stress test reporting as of December 31, 2020. The Orders mention that each Enterprise shall report to FHFA and to FED the results of the stress testing as required by the FHFA rule on stress testing of regulated entities (12 CFR 1238), in the form and with the content described therein and in the summary instructions and guidance, accompanying the Orders. In addition, US Agencies (FDIC, FED, NCUA, and OCC), including the Financial Crimes Enforcement Network (FinCEN), are requesting information on the extent to which the principles discussed in the interagency supervisory guidance on model risk management support bank compliance with the Bank Secrecy Act/Anti-Money Laundering (BSA/AML) and Office of Foreign Assets Control (OFAC) requirements.
The agencies seek this information to enhance their understanding of bank practices in these areas and determine whether additional explanation or clarification may increase transparency, effectiveness, or efficiency. Comments will be accepted for 60 days following publication of the request for information in the Federal Register. The US Agencies concurrently issued a joint statement to clarify that the risk management principles discussed in the supervisory guidance are appropriate considerations in the context of the BSA/AML statutory and regulatory requirements. The statement clarified the following key points
- The supervisory guidance on model risk management does not have the force and effect of law. Banks may use some or all of the principles in the supervisory guidance in their risk management processes to support meeting the regulatory requirements of an effective BSA/AML compliance program. Banks with limited model use may not have formal model risk management frameworks.
- The supervisory guidance is not meant to serve as a set of testing procedures, including with regard to BSA/AML systems.
- The supervisory guidance does not establish any requirements or supervisory expectations that banks have duplicative processes for complying with BSA/AML regulatory requirements.
- Certain processes and systems used in BSA/AML compliance may not be models. The determination by a bank of whether a system used for BSA/AML compliance is considered a model is bank-specific. When making this determination, a bank may consider the supervisory guidance model definition and the three components that characterize models.
- Banks assess different models in different ways. The nature of testing and analysis of models depends on the type of model and the context in which the models are used.
- The principles in supervisory guidance provide flexibility for banks in developing, implementing, and updating models. Banks may benefit from employing this flexibility, including for validation activities, to update BSA/AML models quickly in response to the evolving threat environment and to implement innovative approaches. Banks may establish policies that govern when the bank may implement less material changes to models without revalidation, or may choose to revalidate certain model components without revalidating the entire model.
- Banks may choose to use a third-party model. When doing so, banks may consider the principles discussed in the agencies’ third-party risk management issuances and the aspects of the supervisory guidance that address third-party models.
- Regardless of how a BSA/AML system is characterized, sound risk management is important, and banks may use the principles discussed in the supervisory guidance to establish, implement, and maintain their risk management framework.
- FHFA Notice
- Accompanying Guidance from FHFA
- Press Release on Supervisory Guidance
- Request for Information on BSA/AML Compliance (PDF)
- Statement on Model Risk Management (PDF)
Comment Due Date: FR+60 Days
Keywords: Americas, US, Banking, Reporting, Stress Testing, Fannie Mae, Freddie Mac, Dodd-Frank Act, AML, EGRRCP Act, COVID-19, Regulatory Capital, BSA, Model Risk Management, FHFS, US Agencies
EC published the Implementing Regulation 2021/763 that lays down implementing technical standards for supervisory reporting and public disclosure of the minimum requirement for own funds and eligible liabilities (MREL).
APRA announced the standardization of quarterly reporting due dates for authorized deposit-taking institutions.
The private sector working group of ECB on euro risk-free rates published the recommendations to address events that would trigger fallbacks in the Euro Interbank Offered Rate (EURIBOR)-related contracts, along with the €STR-based EURIBOR fallback rates (rates that could be used if a fallback is triggered).
Bundesbank published a list of "EntryPoints" that are accepted in its reporting system; the list provides taxonomy version and name of the module against each EntryPoint.
EBA published the phase 1 of its reporting framework 3.1, with the technical package covering the new reporting requirements for investment firms (under the implementing technical standards on investment firms reporting).
Asia Pacific Australia Banking APS 111 Capital Adequacy Regulatory Capital Basel RBNZ APRA
ESMA published the final guidelines on outsourcing to cloud service providers.
EBA published annual data for two key concepts and indicators in the Deposit Guarantee Schemes (DGS) Directive—available financial means and covered deposits.
OSFI has set out the schedule for release of draft guidance on the management of technology risks by federally regulated financial institutions and private pension plans.
MAS updated rules for new housing loans by banks and finance companies.