OCC BULLETIN 2016-25
Subject: Corporate and Risk Governance
Date: July 29, 2016
To: Chief Executive Officers of All National Banks, Federal Savings Associations, and Federal Branches of Foreign Banks; Department and Division Heads; All Examining Personnel; and Other Interested Parties
Description: New Comptroller’s Handbook Booklet and Rescissions
The Office of the Comptroller of the Currency (OCC) issued today the “Corporate and Risk Governance” booklet of the Comptroller’s Handbook. This new booklet updates, consolidates, and rescinds the following Comptroller’s Handbook booklets:
- “Duties and Responsibilities of Directors,” issued in March 1990 (and examination procedures issued in January 1998).
- "Employee Benefits,” issued in March 1990.
- “Management and Board Processes,” issued in March 1990 (and examination procedures issued in March 1998).
- “Management Information Systems,” issued in May 1995.
- “Risk Management and Insurance,” issued in March 1990.
- Portions of “Internal Control Questionnaires and Verification Procedures,” issued in December 2007.
The new booklet also replaces section 310, “Corporate Governance and Oversight by the Board of Directors,” issued in January 2009, and section 330, “Management Assessment,” issued in November 2004. These sections were part of the former Office of Thrift Supervision Examination Handbook for the examination of federal savings associations (FSA).
The new booklet provides examiners with an overview of corporate and risk governance, the associated risks, the board and management’s roles in these activities, and examination procedures to use during supervisory activities that focus on evaluating national banks’ and FSAs’ (collectively, banks) corporate and risk governance.
Note for Community Banks
The “Corporate and Risk Governance” booklet applies to the examination of all OCC-supervised banks.
- discusses the board’s and management’s authority and responsibilities for governing the bank’s structure, operations, and risks.
- explains enterprise risk management and the importance of viewing risk in a comprehensive, integrated manner.
- discusses a risk governance framework as a means to manage a bank’s risks enterprise-wide.
- describes risk culture and risk appetite in the context of a risk governance framework.
- expands the discussion on risk management systems to include the three lines of defense—front line units, independent risk management, and internal audit.
- provides guidance to examiners on strategic, capital, and operational planning.
- highlights 12 CFR 30, appendix D (heightened standards guidance for covered banks), in text boxes.
- contains information similar to what is included in The Director’s Book: Role of Directors for National Banks and Federal Savings Associations.
For further information, contact the Operational Risk Policy Division at (202) 649-6550.
Grace E. Dailey
Senior Deputy Comptroller and Chief National Bank Examiner