The Federal Reserve Board's Proposed New Risk Management Requirements For Firms Requiring Enhanced Supervision

The Fed Inserts Itself into Corporate Governance Above State Corporate Law, Federal Law and Stock Exchange Requirements

Much has been written about the increasing responsibilities of the Board of Directors for risk oversight and the changes in corporate governance that these additional responsibilities often require. The question of how management should best be organized to respond to the imperative to more carefully assess, identify and mitigate risk across the enterprise has also received significant attention.

Significant deficiencies in risk management in the banking industry contributed to and exacerbated the recent financial crisis. In response, the Board of Governors of the Federal Reserve System ("Federal Reserve") has issued Proposed Enhanced Prudential Standards and Early Remediation Requirements for Covered Companies to implement Section 165(b)(i)(A) and Section 165(h) of the Dodd-Frank Act (the "Proposed Rule").1 The Proposed Rule introduces enhanced risk management standards for both: (i) "covered companies"; and (ii) bank holding companies with total consolidated assets of $10 billion or more that are publicly traded and are not covered companies ("over $10 billion public bank holding companies").(collectively, "Covered Institutions").2 These standards require all Covered Institutions to establish a Board of Directors level risk management committee, a requirement that is somewhat inconsistent with the corporate governance standards of the various national securities exchanges. Covered companies must also appoint a Chief Risk Officer. These proposed requirements represent clearly emerging trends in corporate governance. If adopted in their current form, over time, they also will likely become best practices for many other companies that are not subject to the Federal Reserve's Dodd-Frank risk management requirements.

Statutory Impetus of the Proposed Rule

As mentioned above, the two primary risk management requirements in the Proposed Rule are issued pursuant to statutory mandates under the Dodd-Frank Act. First, Section 165(b)(1)(A) of the Dodd-Frank Act requires the Federal Reserve to establish overall risk management requirements as part of the prudential standards to ensure that strong risk management standards are part of the regulatory and supervisory framework for covered companies, as defined by the Dodd-Frank Act.3 Second, Section 165(h) of the Dodd-Frank Act directs the Federal Reserve to issue regulations requiring Covered Institutions to establish Risk Committees.4 Section 165(h) of the Dodd-Frank Act further mandates that such Risk Committees be responsible for the oversight of the enterprise-wide risk management practices of the company and include such number of independent directors as the Federal Reserve may determine appropriate. The Risk Committee must include at least one risk management expert with experience in identifying, assessing, and managing risk exposures of large, complex financial firms.

In addition, consistent with Section 165(b)(1)(A)(iii) of the Dodd-Frank Act, §252.126(d) of the Proposed Rule requires covered companies to appoint a Chief Risk Officer and describe the role and responsibilities, expertise, and reporting lines of such Chief Risk Officer.

The specific requirements regarding Risk Committees and Chief Risk Officers are discussed in detail below.

Risk Committees

The Proposed Rules requires Covered Institutions to establish an enterprise-wide Risk Committee of the Board of Directors. When reviewing the Risk Committee requirements, it becomes clear that the Federal Reserve borrowed heavily from Securities and Exchange Commission ("SEC") and national securities exchange requirements applicable to Audit Committees..

  1. Independent Committee Chair. Section 252.126(b) of the Proposed Rule establishes requirements governing the membership and proceedings of a company's Risk Committee and proposes that a Covered Institution's Risk Committee must be chaired by an independent director.5 The Federal Reserve noted that it views the active involvement of independent directors "as vital to robust oversight of risk management and encourages companies generally to include additional independent directors as members of their Risk Committees."6

    Director independence is a fundamental concept in federal securities law, the corporate governance listing standards of the national securities exchanges and in corporate governance principles generally. The Federal Reserve recognized this and has proposed to refer to the definition of "independent director" in the SEC's Regulation S-K for companies that are publicly traded in the United States. Under this definition, the Federal Reserve would not consider a director to be independent unless the company indicates in its securities filings that the director satisfies the applicable independence requirements of the national securities exchange on which the company's securities are listed.7

    The Federal Reserve goes on to provide that "in the case of a director of a covered company that is not publicly traded in the United States, the Proposed Rule would provide that the director is independent only if the company demonstrates to the satisfaction of the Federal Reserve that such director would qualify as an independent director under the listing standards of a securities exchange, if the company were publicly traded on such an exchange."8 Presumably, these determinations would be on a case-by-case basis, as appropriate, analyzing the indicia of independence in the applicable national securities exchange's requirements, including compensation limitations and business relationship prohibitions, in the same way that Boards of Directors currently make such determinations pursuant to SEC requirements.

  2. Risk Management Expertise. Similar to federal securities laws and national securities exchange requirements for Audit Committees, the Proposed Rule requires at least one member of a Risk Committee to have risk management expertise that is commensurate with the company's capital structure, risk profile, complexity...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT