Federal and state banking supervisors use enforcement actions to compel financial institution management and institution-affiliated parties to (i) restore financial institutions to a safe and sound condition, (ii) address weaknesses before they become pronounced, and/or (iii) comply with consumer and safety and soundness laws, regulations, and standards. The severity of the risk to the financial institution, the banking public, the insurance fund, and the monetary system all factor into the decision whether and to what extent to use the enforcement process.
Typically, enforcement actions are imposed as a result of findings during an on-site full scope or targeted examination or inspection. Formal enforcement actions may also be imposed when a Reserve Bank becomes aware of a problem at a bank that warrants immediate attention and correction. For example, problems can be detected through analysis of off-site surveillance information, such as data reported in the institution's regulatory filings or information filed in Suspicious Activity Reports (SARs).
As financial institutions have become larger and more complex, many operate along a national business line model as opposed to a legal entity model. In response, examination approaches for these organizations have changed, with increased reliance on continuous supervision of the entire organization, supplemented by targeted examinations of national business lines. All of this information is subsequently aggregated into full scope findings for the legal entity. With this shift in examination approach, enforcement actions, which are still imposed on the legal entity, are increasingly focused in specific areas.
Depending on the severity of the risk and expectations of management's ability to take corrective action, an enforcement action may either be an informal understanding between a financial institution and its supervisor(s) or a more formal action, enforceable in the courts. Generally, supervisors use a step approach when imposing enforcement actions, working through informal actionssuch as moral suasion, Board resolutions, commitments, and memoranda of understandingbefore imposing a formal action. In most cases, financial institution management responds appropriately to the informal action, correcting the deficiency(ies) and restoring the institution to compliance. Consequently, informal actions are the most common type of enforcement action.
Because informal actions are issued for less severe violations, they are prohibited by law from being made public by bank supervisors. However, upon recommendation of a CPA or legal firm or through a desire for increased transparency, many financial institutions typically do disclose informal actions.
Bank supervisors impose formal actions when (i) financial institution management does not respond appropriately to informal actions, (ii) the risks are significant, (iii) violations of law or regulations continue, (iv) a single violation of law involves Bank Secrecy Act rules and regulations, as enumerated in §208.63, (v) the financial institution violates a condition imposed in writing by the Board of Governors in connection with the granting of an application or any written agreement, and/or (vi) unsafe and abusive practices occur. Formal actions include written agreements, cease and desist orders, prohibition and removal orders, civil money penalties, and prompt corrective action directives. These formal enforcement actions are legally enforceable and, under the provisions of FIRREA and the Crime Control Act of 1990, are publicly disclosed.
A Historical Perspective
As would be expected, the number and type of enforcement actions fluctuates with changes in the economy and the banking environment. Chart 1 shows the trend in formal enforcement actions initiated by the Federal Reserve System from 1990 to 2003.1,2 "Company" enforcement actions were entered into with an institution supervised by the Federal Reserve System, while "individual" enforcement actions were entered into with an institution-affiliated party, such as an officer, director, employee, or other individual. It is clear that the increase in and subsequent peak of formal enforcement actions in 1991 and 1992 followed the 1990 recession. Accordingly, a similar increase in the number of enforcement actions would be expected in the years following the 2001 recession. And, in fact, from 2002 to 2003 the number of formal enforcement actions initiated by the Federal Reserve System increased 144 percent to 56, reaching a level not seen since the mid-1990s but nowhere near the level seen in 1992.
As shown in Chart 2, the number of informal enforcement actions peaked in 1992, following the 1990 recession, and again increased, although not as dramatically, since the 2001 recession.3 The 141 informal enforcement actions in 2003 represent a 21 percent increase over 2002.
As the number of both formal and informal enforcement actions is increasing, the nature of the corrective action required is also changing. In the early 1990s, many enforcement actions focused on correcting weaknesses in lending policies, practices, and portfolios, as asset quality concerns were significant. In contrast, a significant number of enforcement actions in the past three years focused on violations of regulations, weaknesses in audit and internal controls, and weaknesses in financial and regulatory reporting. Violations of the Bank Secrecy Act (BSA)including general BSA compliance, compliance with Office of Foreign Assets Control (OFAC) requirements, filing of Currency Transaction Reports (CTRs) and Suspicious Activity Reports (SARs), and other violationsand the provisions of the National Flood Insurance Act of 1968 and the Flood Disaster Protection Act of 1973, as articulated in §208.25 of Regulation H, were especially prominent in recent enforcement actions. These weaknesses were not driven by the level of economic activity; rather, they reflected breakdowns in processes and controls, which is an indication of a breakdown in corporate governance and board and management oversight. It is not surprising, therefore, that many formal enforcement actions during this period also required an independent review of management structure and board oversight.
Correlation Between Enforcement Actions and Bank
Not all institutions subject to formal enforcement actions are destined to fail; this is highly dependent on the underlying cause(s) of the enforcement action and management's ability to correct deficiencies. However, as would be expected, there is a correlation between enforcement actions and bank failures, both before and after the failure. This should not be surprising, since the required remedial measures in enforcement actions represent sound practices, and a lack of safe and sound practices can lead to failure.
Since 1992, 26 state member banks, which were supervised by the Federal Reserve System, failed.4 Of those 26 failures, 17 institutions had been placed under one or more formal enforcement actions in the months and years leading up to the failure.5 In addition, in some of those and other cases, individuals responsible for the failures were subject to civil money penalties and/or prohibitions from banking after the failures.
One reason that not all institutions under formal enforcement actions fail relates to the changing structure of many banking organizations. Diversification of both products and revenue sources can provide a financial cushion against weaknesses in operational areas. However, this very diversification has also led to more risk, as rapid growth and new products make risk measurement and management more complex. Corporate governance must keep pace with this rapid growth or management risks enforcement actions related to breakdowns in business processes and noncompliance, even when the safety and soundness of the institution is not immediately threatened.
Raising the Stakes
Increased interest in corporate malfeasance by criminal and civil authorities has raised the stakes of noncompliance with laws and unsafe or unsound operations. Today, a financial institution under an enforcement action might not only have to comply with the demands of federal and state bank regulatory authorities; it also might be subject to criminal and/or civil litigation and penalties. Criminal investigations and charges are more likely to accompany bank enforcement actions than in the past, particularly in light of tools that the Sarbanes-Oxley Act has given prosecutors. State regulators and attorneys general have become more active in enforcing consumer protection, civil, and criminal laws, particularly in subprime and predatory lending. Globalization and increased levels of international activity also mandate cooperation and coordination with international supervisors, which raises the stakes even higher.
The Public Response
When Congress mandated the publication of formal enforcement actions, many bank supervisors were concerned that this information could precipitate increased withdrawals from or deposit runs on affected financial institutions. A Federal Reserve Bank of St. Louis study published in 2000 investigated this hypothesis by comparing deposit growth rates and yield spreads before and after the announcements at a sample of state member banks placed under formal enforcement actions between 1990 and 1997.6 The study showed no evidence of unusual deposit withdrawals or spread increases at the sample banks following the announcements of formal actions. Since deposits up to $100,000 are FDIC insured and since the deposits of a failed institution are generally assumed immediately by a sound institution, this could be expected.
To date, core deposits have been a positive factor in allowing financial institutions to work through enforcement actions. However, institutions with more reliance on wholesale fundingwhether through Federal Home Loan Bank borrowings, other borrowings, or wholesale depositsmight see increased funding volatility, both in rates and volume, once under an enforcement action. In addition, with the possible imposition of criminal and civil penalties, depositor behavior might change in the future.
Instilling effective corporate governance and a strong compliance culture throughout the organization remains critical to an institution's health. An inability or failure to understand new products and their risks, recognize conflicts of interest, and know and comply with all laws and regulations, followed by the imposition of an enforcement action, would likely redirect significant management attention from the business of banking, causing strategies to be placed on hold and restricting the organization's growth during the remediation process. Understanding new products and their risks, recognizing conflicts of interest, and knowing and complying with all laws and regulations will help ensure that the institution operates in a safe and sound manner and retains its franchise value, allowing it to continue to grow, compete, and meet the needs of its customers and communities.
The views expressed in this article are those of the author and are not necessarily those of this Reserve Bank or the Federal Reserve System.