Pre-Exam Planning (PEP) Flashcards
What are the 3 phases of PEP?
Information Package
PEP 1
PEP2
What is the objective of PEP?
Collect necessary information to understand an institution and the risks of consumer harm prior to the start of an examination.
When does the IP letter need to be sent by?
No less than 90 calendar days before the projected start date of the exam.
What exceptions are there to the timing of sending the IP letter?
Exceptions to this timing requirement can occur on a limited basis when the FS or SE is unable to contact institution management due to unforeseen difficulties. In such circumstances, the FS or SE should send the IP as soon as possible and document reasons for the delay.
What is the purpose of the IP letter? (3)
increase banker awareness of the examination process prior to the examination;
to promote open communication with examination staff; and
to ensure that the institution’s management team knows what to expect during the examination and where to go in the event their expectations are not met.
What if the bank is unwilling to use EFX?
When the institution is unwilling to use secure applications for the electronic exchange of examination related information, the FS, SE, or designee should use an alternative delivery method (e.g., encrypted e-mail, express
mail courier service) that meets the security measures discussed in the FDIC’s policies for the exchange, use, and storage of information.
What is included in the IP letter? (4)
overview of the examination process;
discusses various resources available that explain the examination process;
identifies the appropriate communication channels
for any concerns about the examination process or the
resultant ratings;
and provides contact information for the FS
and/or the SE.
Under what circumstances would HMDA validations and outlier reviews be conducted prior to going onsite? (2)
For HMDA reporters with over 500 LAR lines.
CRA reporters.
When is the HMDA/CRA validation letter provided?
With or after the IP letter for HMDA validations conducted prior to the exam.
What is the purpose of PEP 1?
Start the process of identifying and documenting the bank’s inherent risk based on bank structure, supervisory history, financial performance, and market area.
What activities are conducted during PEP 1? (5)
Gather info about the bank Conduct PEP interview Prep and send CIDR and entry letter to bank Begin section 1 of the ARCH Begin Section 1 of the FLSC
When should PEP 1 begin?
No less than 45 calendar days prior to the exam start date.
How long does a bank have to complete the CIDR?
They must have 30 calendar days to complete the CIDR and provide requested documents.
What are the internal FDIC resources for PEP? (8)
DGT, RADD, SOURCE Prior exam ARCH, FLSC, ROE, CRA PE Supervisory plans Demographic Data UBPR, Call Reports FDIC monitoring Reports CRC Complaints Applications
What are the External Resources for PEP? (5)
Prior year HMDA and CRA Data disclosure reports Bank website Public records News or web articles Community Contacts
What is the purpose of the PEP interview?
Gather current information to understand the bank’s risk profile, size, complexity, and types of products or services offered.
When are PEP interview questions provided to the bank?
With the IP
True or False: Banks can provide written answers to the PEP interview questions prior to the actual interview?
True; however, staff cannot require the bank to provide written answers in advance. And the EIC is still expected to conduct an interview to verify or clarify responses.
What are the primary objectives to inviting directors to participate in exam meetings? (4)
Improve communication with Directors
Increase director knowledge of the exam process
opportunity for directors to discuss their views on bank matters
give examiners opportunity to gain insight into experience levels and leadership qualities of bank management.
What is in the Entry letter?
Information and instructions to the institution on how to deliver the materials from the CIDR to the EIC or examination team and in what format.
True or False: The bank only gets 30 days to complete the CIDR.
False: the bank must have AT LEAST 30 days, but may need more to ensure they have sufficient time to assemble information and the exam team has sufficient time to adequately review the materials.
True or False: the EIC may visit the institution prior to
the official start date either to pick up the documents or to review any documents that are confidential or too bulky to duplicate.
True: with supervisory approval.
What is the purpose of the ARCH? (2)
Documents scope of the exam
assists prioritizing efforts, time and resources towards PSRs with highest residual risk of consumer harm.
What is the Purpose of PEP 2? (3)
Conduct an initial assessment of the CMS to determine how effective the CMS is in identifying, addressing, and mitigating the potential for consumer harm.
Continue to identify and document inherent risk based on the banks business model and operations
Determine the exam scope and identify areas for transaction testing.
What activities are conducted during PEP 2?
• Reviewing the CIDR responses and requested
items;
• Completing the ARCH and completing the majority
of FLSC Section 1;
• Requesting additional documents for PSR
transaction testing or the fair lending review; and
• Getting the ARCH approved.
When should PEP 2 start?
Early enough to provide sufficient time for the bank to gather documents for transaction testing and for examiners to scope the exam.
What elements should be included in the transaction testing request?
Documents requested
timeframe of documents for review
sample sizes
True or False:
If the ARCH is changed to add a PSR subsequent to sending the TT Request to the institution, the EIC has the option to request necessary documents for the additional PSR(s) after the examination starts instead of sending another TT Request.
True
When should you perform a scope addendum?
If information is discovered during the examination that requires material changes to the originally approved ARCH.
Material changes are generally defined as a PSR change. This may occur when the EIC determines an approved PSR will not be reviewed or when the EIC identifies a new PSR not identified during PEP.
Where should the IP, HMDA/CRA Validation, and Entry letters be stored?
Correspondence folder in RADD
Where should the PEP interview Q&As be stored?
C-PREP, and Complete doc maintained as workpaper in RADD
Where should the complete CIDR be retained?
As a workpaper in RADD
Where should the completed ARCH be stored?
As an exam document in SOURCE
Where should the TT request be stored?
As a workpaper in RADD
Where should the completed and approved FLSC be stored?
As an exam document in SOURCE.
What is considered when determining the inherent risk of an Institution’s Structure? (4)
Significant factors or changes
Mergers or Acquisitions
Significant growth
Denovo status
What is considered when determining the inherent risk of Supervisory History? (6)
Current & Past Enforcement actions Reimbursement History History of FL compliance Exam Ratings & recommendations Consumer litigation Consumer complaints
What is considered when determining the inherent risk of Operations (PSRs)? (7)
Major Product lines New or Revised PSRs Applicable Regs Recent Case Law Growth in Operations Complexity of Operations Third Party Affiliations
In what areas can PSR risk exist? (9)
- Lending
- Deposits
- Retail Investment and Insurance Sales
- Privacy and Consumer Information
- Advertising, Marketing, and Social Media
- Debt Collection
- Third-Party Relationships
- Other Products
- Other Regulations or Supervisory Guidance
What is Product or Service Risk?
Risk depending on the bank’s size, market share, and portfolio concentration.
As well as, the complexity of products, likelihood for error, and third party relationships.
What is regulation risk?
Possible consequences to the bank and customers of noncompliance with specific regs.
Recognized the impact of noncompliance changes depending on the law or reg.
Consumer harm vs. Legal, reputational, and financial harm to bank.
What factors impact the level of regulation risk? (4)
Potential financial/reputation harm to consumers
Potential legal, reputation, and financial harm to bank
New laws & regulations
Volume of transactions subject to a reg.
What is the risk scoping formula?
Inherent risk - mitigating factors = residual risk
True or false: One element of a bank’s CMS may influence another area
True: Be aware of relationships and their mutual impact.
What other CMS element may be impacted in this example?
The initial review of institution practices identifies a lack of audit of loan denials
The examiner should look to see whether monitoring procedures are in place to mitigate the impact of the lack of audit procedures.
The existence of monitoring procedures may lead the examiner to determine that the absence of an audit
does not raise the institution’s risk profile
What other CMS element may be impacted in this example?
Initial review of policies and procedures identifies well organized, appropriate, and up to date guidelines for deposit compliance management.
Should also consider oversight of this area.
If deposit compliance has historically suffered from poor management oversight, then the existence of written procedures should be given less weight when determining the risk profile.
True or false: the questions in the ARCH cover every potential risk.
False: the questions set out a basic framework to assist examiners in assessing and documenting consumer harm.
But examiners are not limited to these questions, and should consider all relevant facts when evaluating a bank’s risk profile.
