The Federal Reserve Board is intensifying its scrutiny of computer systems used by rapidly expanding banks.
In a supervisory letter being sent out this week, the Fed said it will review the integrity, availability, and management of information- technology systems of banks that either are on acquisition binges or are entering new product lines.
Examiners will check whether these banks have plans to: merge computer systems, prevent compatibility problems from causing inaccurate reports to be produced, and ensure crucial data are quickly distributed to senior managers.
The Fed warned that computer problems at fast-growing banks could add to credit risk if computer models fail. Also, liquidity problems could arise if depositors withdraw funds because their banks are unable to produce accurate account statements. Finally, it said, opportunities for fraud rise if computer systems are not compatible because many more transactions require manual intervention to be completed.
Regulatory experts said the guidance, being sent to all bank holding companies and Fed-regulated state banks, is helpful.
"There is no question that technology risks are large and growing," said Jo Ann S. Barefoot, a partner in the consulting firm KPMG Barefoot Marrinan in Columbus, Ohio. "The banks need to be managing them very aggressively."
Robert G. Ballen, a partner in the Washington law firm of Schwartz & Ballen, said banks should take the advice seriously.
"The Fed is signaling very clearly that this is something that they will evaluate very closely when considering future acquisition and merger transactions," he said.
The Fed made no mention in the letter of recent megadeals, including Travelers Group's planned acquisition of Citicorp or NationsBank Corp.'s bid for BankAmerica Corp.
The merger guidance was part of a broader advisory on information technology risk. The agency said examiners will review the adequacy of management's planning, investment, and staffing of information-technology units. Examiners also will check the adequacy of the underlying information-technology architecture and the reliability of data sent to end-users, and they will review security precautions and contingency plans for computer system failures.
