Filtered by Tag: corporate governance

The FDIC’s Proposed Standards for Corporate Governance and Risk Management

POMERANTZ MONITOR | NOVEMBER DECEMBER 2023

On October 11, 2023, the Federal Deposit Insurance Corporation published for comment in the Federal Register proposed standards for corporate governance and risk management (“Proposed Standards”) for the financial institutions it regulates that have $10 billion or more in total assets (“covered institutions”). Under its safety and soundness powers in Section 39 of the Federal Deposit Insurance Act, the FDIC is able to publish such standards that go beyond mere guidance. The new standards are part of the FDIC’s regulatory response to the bank failures that took place in the spring of 2023. Referring to the post-mortem evaluations conducted by the FDIC and the Federal Reserve Board following the Signature Bank and Silicon Valley Bank failures, the preamble to the Proposed Standards asserts that poor governance and risk management practices were contributing factors that led to the collapse of those banks.

The FDIC’s Proposed Standards are based on the principles set forth in the Office of the Comptroller of the Currency’s Guidelines Establishing Heightened Standards for Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches (the “Heightened Standards”), but with key differences. The Proposed Standards include more details on what the FDIC expects from the boards of directors as well as the banks that the FDIC regulates. They also set a notably lower minimum asset threshold (five times lower) than the OCC’s Heightened Standards to determine which banks are covered.

The Proposed Standards were approved 3-2: Chairman Gruenberg, CFPB Director Chopra, and acting Comptroller Hsu voted in support; Vice Chairman Hill and Director McKernan voted against the proposal.

Comments on the Proposed Standards are due by February 9, 2024. (This date was extended from the original deadline of December 11, 2023).

Background

The FDIC’s Proposed Standards delve into legal issues that—in the case of banks that do not have a federal charter—have typically been determined by state law. These include the duties and responsibilities of bank boards, directors, and management, including their duties of care and loyalty, as well as related concepts such as the business judgment rule.

While banks are primarily governed by state corporate governance law, there are instances in which federal oversight is enforced. For example, federal law imposes audit standards and a gross negligence “floor” on the conduct of bank directors and officers. Federal law also requires that federal banking regulators impose operational and managerial standards, compensation standards, and appropriate standards relating to asset quality, earnings, and stock valuation.

Specifically, following the poor risk management that led to the 2008 financial crisis, federal banking regulators enacted increased oversight of the governance and risk management of banks. The OCC initially imposed heightened expectations for the governance and oversight of the larger banks that it regulated and, in 2014, it adopted those Heightened Standards as a specialized standard for safety and soundness at larger federally chartered banks. Also in 2014, the Federal Reserve implemented part of the Dodd-Frank Act by establishing several risk management requirements for larger bank holding companies. This was followed in 2021 by expectations for effective governance by larger bank boards.

Proposed Guidelines

Note that in some specific instances, a covered institution may leverage its parent company’s risk management program or board to meet the standards of the Proposed Guidelines.

Obligations Covered directors would have a duty to safeguard the interests of the bank, confirming that the bank operates in a safe and sound manner and in compliance with applicable federal and state law. In supervising the bank, a board should consider the interests of all of its so-called stakeholders, going beyond shareholders and depositors to include creditors, customers and even the regulators themselves.

Composition The Proposed Guidelines set out minimum standards for board composition, requiring a majority of its members to be independent and outside directors. Boards would also be expected to consider the diversity of their members, including social, seniority, and educational differences, among others. The Proposed Guidelines also caution against excessive influence from a “dominant policymaker.”

Duties Covered boards would need to (i) set an appropriate tone and establish a responsible, ethical corporate culture; (ii) evaluate and approve a strategic plan; (iii) approve and annually review policies; (iv) establish and annually review a written code of ethics; (v) actively oversee the bank’s activities, including all material risk-taking activities; (vi) exercise independent judgment; (vii) select and appoint qualified executive officers; (viii) establish and adhere to a formal training program; (ix) conduct an annual self-assessment of its effectiveness; and (x) establish and annually review compensation and performance management programs.

Committees The Proposed Guidelines require boards to maintain a risk committee and compensation committee in addition to the audit committee required by Section 36 of the FDI Act and Part 363 of the FDIC’s regulations. Risk committees would need to meet at least quarterly and maintain records of their proceedings, including risk management decisions.

Risk Management The Proposed Standards would impose expectations for the risk management program that a bank should develop and maintain. These expectations largely match the OCC’s Heightened Standards. For example, like the Heightened Standards, the Proposed Guidelines would require covered institutions to adopt a three-lines-of-defense risk management framework with a front-line unit (exclusive of the legal department), an independent risk management unit led by a Chief Risk Officer, and an internal audit unit led by a Chief Audit Officer.

The Proposed Guidelines provide that the risk management program would need to address a wide variety of potential risk categories, ranging from credit, interest rate, and liquidity risks to anti-money laundering and third-party partnership and outsourcing risks. Further, material breaches of risk limits and emerging risks would need to be reported in a timely manner to the board and the chief executive officer.

Identifying and Reporting Violations of Law The Proposed Guidelines would require a covered institution’s board to establish and annually review processes that would require either front-line units or the independent risk unit to report all violations of applicable laws and regulations to law enforcement or any appropriate federal or state regulatory agency. This would represent a shift from the FDIC’s current practice of encouraging, but not requiring, self-reporting of violations.

Questions The FDIC asks multiple questions in order to scope banks that should be subject to the Proposed Guidelines, including whether FDIC-supervised institutions with $10 billion or more in total consolidated assets is an appropriate threshold and whether other financial institutions should fall under the definition of a covered institutions.

Implications and Objections

Collectively, the escalation of reporting requirements imposed by the proposal would appear to increase the likelihood of FDIC enforcement actions. The rule passed by a 3-2 vote of the FDIC Board. Each of the two Republican-affiliated Board members (Director McKernan and Vice Chairman Hill) issued a public dissenting statement.

Critics such as Director McKernan have pointed out that certain requirements in the Proposed Standards would exceed, or simply differ from, the Heightened Standards in prescriptiveness and stringency, creating confusion. For example, the FDIC sets its threshold for application ($10 billion or more in consolidated assets) much lower than the Heightened Standards (federally chartered banks with at least $50 billion in consolidated assets). The Proposed Standards also lean toward a rules-based approach to corporate governance, in contrast to the principles-based approach that is prevalent under state law. Critics have asserted that the Proposed Standards are presented as “good corporate governance” without appreciating that what is “good” for one bank may not be “good” for another with FDIC Vice Chairman Hill saying regulators need to resist “one-size-fits-all” best practices.

FDIC Director McKernan also asserted in his dissent that the requirement that the bank board “consider the interests of all its stakeholders, including shareholders, depositors, creditors, customers, regulators, and the public” could be at odds with bank directors’ fiduciary duties under applicable state law, for example, if a director voted against the interests of shareholders in order to serve the interests of customers or the “public.”

As mentioned above, the period for comment was extended to close on February 9, 2024.

Priorities for CEOs and Directors Implementing AI

Trailing behind the rapid progress of artificial intelligence (AI) are companies struggling to effectively implement the technology into everyday operations. Artificial intelligence is an umbrella term that covers a variety of capabilities such as machine learning, deep learning, natural language processing, voice recognition, and text analytics. AI technology aims to mimic human thinking by making assumptions, learning, reasoning, problem solving, or predicting with a high degree of autonomy. In the future, legal precedents will be instructive when navigating the implementation of AI in the corporate sphere, but in the interim, AI systems are being deployed without the legal guard rails of bright line rules. Environmental, social, and governance (ESG) protocols are a natural starting point for AI governance and risk mitigation. Corporate boards will become increasingly accountable for the legal compliance associated with implementing AI systems, and at this stage, the perspectives of CEOs both provide a picture of how legal regulations are taking shape as well as best practices for integrating AI into company operations in the absence of clear governmental guidance.

The Value of Saber-Rattling Proposals to Break the Shield of Business Judgment

POMERANTZ MONITOR | MAY JUNE 2021

By Michael J. Krzywicki

A once-in-a-century pandemic is not the only parallel between our current times and the Progressive Era of the late nineteenth and early twentieth centuries, a period of widespread social activism and political reform across the United States. A current progressive issue is shareholder action in response to racial equity and how it impacts shareholder value. Two related stories are now unfolding, as the U.S. Securities and Exchange Commission (“SEC”) blocks Amazon’s effort to stop shareholder votes for racial equity audits, and a Delaware lawsuit says Pinterest’s race and gender bias hurts business. These stories echo the political overtones of the labor disputes of the Progressive Era. In addition, they raise the question: does the business judgment rule survive in today’s political climate that values diversity more than ever?

The mere fact that shareholders are owners does not mean much under Delaware law: the business and affairs of every corporation are managed by or under the direction of the board of directors, not the shareholders. Shareholders have literally no say under state law, except in certain fundamental matters where the General Corporation Law gives them a vote, such as in the election of directors, amendment of charter and bylaws, and certain fundamental transactions. Under black letter law, directors not only can ignore the wishes of the shareholders, but also, they must actually exercise their own business judgment. The shareholders, for their part, can remove directors; but they cannot sue the directors for failing to do their bidding.

On the other hand, federal securities law acts as if shareholders have a right to express their preferences to directors. That is not exactly true under state law, but it is the law that governs shareholder access to the corporate proxy. The concerns investors raise over day-to-day business judgments versus corporate governance is more about federal securities law than it is about state corporate law. But federal securities law generally only allows for precatory shareholder proposals, not mandatory ones.

So much of why the issue of the connection between racial equity and shareholder value is intriguing involves the clash of several different legal principles and policy objectives, which seems to require expanding the narrow and unequivocal duty of care owed by directors.

The Use of Disclosed Interests in Business Judgment

There are at least two different contexts that might expand the narrow and unequivocal meanings of business judgment decisions by a board of directors.

The business judgment rule states that boards are presumed to act in “good faith”—absent evidence to the contrary—regarding the fiduciary duties of loyalty, prudence, and care owed to their shareholders. The general problem with interpreting the business judgment rule in the linguistic context of corporate governance has been well canvassed since the scandals at Enron, Global Crossing, ImClone, Tyco, and WorldCom. That is, the duty of care directed to maximize shareholder value must minimally ensure that the corporation remains a going concern. The cure for this problem is also well known: The board attends to the interest of other stakeholders such as employees, customers, and the economic community writ large.

Unfortunately, although this advice is reasonably sound, it is not very helpful. The advice—exercising judgment as a purposeful guide to careful decision making—is a broad generalization that itself must be decided. A rule for exercising judgment that itself demands judgment calls is not much help. This particular rule tells directors to attend to the “interest,” but the word “interest” is a word like any other word; it too is equivocal. In other words, the technique for exercising purpose appears to be a variant of the first possibility that directors use linguistic context. If this conclusion is correct, then the second possibility collapses into the first except for the distinction that one is expanding the linguistic context beyond the bounds of a single interest. Consequently, unless there is some way to broaden the scope of possible interests, the rule forecloses as many shareholder proposals as it considers. The SEC recently expanded on this point about the evidence that is used to discern business purpose.

Last August, for the first time in thirty years since Chancellor William Allen, of the Delaware Court of Chancery, famously remarked that “a corporation is not a New England town meeting,” the SEC revised the periodic disclosure requirements under Regulation S-K. In many instances, the new regulation replaces the formal prescriptive requirements with flexible guidelines intended to elicit company-specific and industry-wide information deemed material to investors’ understanding of the business purpose behind publicly traded companies. By the same token, the new regulation would appear to give directors new latitude under the purpose-based disclosure requirements to create and provide the information they see as material in this wider context. These broad mandates seem to fit the contours of the current transatlantic movement in unexpected ways. The events of 2020 turned the spotlight on corporate America’s role in creating and perpetuating societal inequities, a development reminiscent of the century-old disputes arising from a formalistic reliance on vested rights of property and freedom of contract by corporations to justify injunctions against labor reform activity and invalidation of labor-protective legislation. During the Progressive Era, Justice Oliver Wendell Holmes led the charge from the Supreme Court bench in dissent from the formalistic view and put enormous pressure on corporations to publicly adopt stakeholder-centric proposals.

The cases Holmes heard submerged a conflict not unlike the present issue between two legally acknowledged “rights”—the right to contract freely that courts recognized, and the right to compete freely that courts suppressed. Because the controversies involved two conflicting categories of “vested” rights, Holmes insisted that deductive reasoning could not neutrally decide the cases. Rather, resolution of the issue required a process of policy balancing. Holmes perhaps put the point best in dissent from the Court in Lochner, where he stated: “General propositions do not decide concrete cases.”

The highly concentrated institutional investiture in today’s stock market, coupled with widespread endorsement from asset managers and comptrollers backing the stakeholder model, may further drive boards to adopt an expanded view of corporate purpose in their decision making.

As Holmes wrote, “if we take the view of our friend the bad man, we shall find that he does not care two straws for the axioms or deductions, but he does want to know what the Massachusetts or English courts are likely to do in fact.” The new SEC disclosures allow shareholders to know in fact under federal securities law what may likewise be more amendable to the needs of modern society, if directors are more open about the non-shareholder value judgments that influenced board decisions, instead of instinctively trying to veil them behind a curtain of syllogistic formal business judgments. Otherwise, companies are likely to face future shareholder actions for their continued failure to disclose such material information.