WASHINGTON — The Federal Deposit Insurance Corp. warned officers and directors facing potential lawsuits from the agency not to remove internal documents from a failing bank's premises.
As it asserts blame for several failures in more than 20 lawsuits around the country, the FDIC has also butted heads with some former managers who before their bank's seizure made copies of sensitive records in order to start building legal defenses. But the FDIC has argued in court that those document transfers amount to security breaches.
In regulatory guidelines Monday, the FDIC said it was issuing a "reminder" that such practices could "violate applicable laws and regulations and contravene the financial institution's information security program."
The agency said although directors and officers do reserve access to bank records to operate the bank, "access to the institution's records is not appropriate in pursuit of the personal interests of those directors and officers."
"The FDIC as receiver has the unrestricted and sole right to possess and use the books, records and assets of a failed financial institution," the agency said in the letter to banks it supervises.
The FDIC said directors and officers have made unapproved copies in only "a limited number of instances." Still, the agency warned it will investigate actions where a manager has appeared "to violate confidentiality" and the FDIC will consider enforcement actions.
"The records have included confidential material such as loan files and other records containing bank customer personally identifiable information, reports of examination and supervisory correspondence, employee records, and suspicious activity reports," the FDIC's guidelines said.
Directors and officers can access bank files to prepare their defenses, but only after the bank has failed, the agency said.
"The FDIC is willing to address this need, but any such access must be arranged formally, after the financial institution is taken into receivership, and subject to a suitable confidentiality agreement with the FDIC as receiver, or other acceptable assurance of confidentiality such as a protective order."
But David Baris, a Washington-based attorney who runs an association of bank directors, called the guidelines "threatening" and said if the FDIC wants to officially block access to financial institution records it should do so with a proposed rulemaking or through new federal legislation. He said most state laws "permit bank directors to access and make copies of bank records that they need to do their job or defend themselves for what they did."
"The FDIC is going about this in entirely the wrong way," said Baris, a partner at BuckleySandler LLP and executive director of the American Association of Bank Directors. "If they want to change a fundamental right of a director to have access to and copies of bank records the FDIC should either go to Congress for a law to be passed or at least go through rulemaking proceedings under the Administrative Procedures Act."
He added that despite FDIC claims that the agency will make documents available through formal agreements, it is still unclear when the agency will allow access and when it will not.
"The problem is we don't know what those 'appropriate circumstances' are, and there is no assurance — and the FDIC is not providing any assurance — that the records will in fact be available to the director," Baris said.