The role of boards of directors – especially at large, complex banks - has been under scrutiny since the financial crisis.
As 2012 ended, the Federal Reserve Board of Governors, with little public fanfare, dramatically increased its expectations for active board engagement to unprecedented heights.
Boards of large institutions – bank holding companies and S&L holding companies with assets greater than $50 billion as well as foreign banking organizations with U.S. assets of $50 billion – need to be fully aware of these rising supervisory expectations. Then, they can take at least three actions to stay in step with, and hopefully ahead of, their financial regulators.
Soon after the passage of the Gramm-Leach-Bliley Act of 1999, which authorized financial holding companies, the Board issued a supervisory letter on its new risk-focused supervision of large complex financial institutions. Boards were mentioned briefly only twice; no specific board action was required.
In the continuing fallout from the financial crisis, however, the Federal Reserve now has issued a new manifesto with rising demands for large firms, instituting new and extraordinary obligations for boards.
The Federal Reserve's 1999 guidance was designed simply to promote a safe and sound banking system while assuring financial stability. The 2012 guidance goes much farther.
Its new twin objectives are: "enhancing the resiliency of a firm to lower the probability of its failure or inability to serve as a financial intermediary"; and "reducing the impact on the financial system and the broader economy in the event of a firm's failure or material weakness." The new framework strengthens its traditional microprudential role, while incorporating its new macroprudential role as the economy's financial stability regulator under Dodd-Frank.
Corporate governance is just one of four pillars to enhance a firm's resiliency. Now, boards are expected to provide "effective corporate governance with the support of senior management." Boards obviously did before, but the new emphasis is important, with management in a supporting role, and the board no longer leading behind the scenes. The board – not management – is expected to "establish and maintain the firm's culture, incentives, structure, and processes" that promote compliance.
Here's where it gets really interesting. Note the strikingly active verbs for a board of directors – as opposed to more passive words like "review" or "oversee" – used to describe this newly redefined role (emphasis added):
- "Maintain a clearly articulated corporate strategy and institutional risk appetite."
- "Ensure that the firm's senior management has the expertise and level of involvement required to manage."
- "Maintain a corporate culture that emphasizes the importance of compliance."
- "Ensure the organization's internal audit, corporate compliance, and risk management and internal controls functions are effective and independent."
- "Assign senior managers with the responsibility for ensuring that investments across business lines and operations align with corporate strategies, and that compensation arrangements and other incentives are consistent with the corporate culture and institutional risk appetite. …"
- "Ensure that MIS support the responsibilities of the board of directors to oversee the firm's core business lines, critical operations and other core areas of supervisory focus."
Taken to the extreme, boards will need to evolve into something close to shadow management to fulfill these new mandates. At a minimum, the traditional and distinct lines of corporate governance between boards and management continue to blur in our post-Dodd-Frank regulatory reality. Every director of every large bank needs to read the full letter.