Financial Services Law

Still Your Father’s Oldsmobile? Stale Bank Holding Company 10-K Sup & Reg Sections

It has been apparent for years that the common boilerplate Supervision and Regulation discussion in most bank holding company Form 10-K Annual Reports could be trimmed down and updated. Instead of rehashing longstanding banking laws and regulations, financial institutions should shed unnecessary text and instead emphasize those recent developments which are directly relevant to the company. This year’s 10-K season was no different. Old habits die hard and the culprit may more likely be disinterest in changing content or format for what has seemed “tried and true.”

The following short paragraph and a bullet points list of key laws arguably would be sufficient to satisfy the SEC Reg S-K requirement that bank holding company 10-K filers describe any required government approval of principal products and services and the effect of existing or probable government regulations on their business:

State and federal banking laws and the regulations of the bank regulatory agencies (the Federal Reserve, FDIC, etc.) govern the products the Company and the Bank may offer and the activities in which we may engage, the investments we may make, the aggregate amount of loans that may be granted to one borrower, when we may pay dividends to shareholders and if we can make acquisitions. Further, various consumer protection and compliance laws govern the Bank’s operations to ensure it is managed in a safe and sound manner and with adequate capital to protect depositors. Key statutes include the Bank Holding Company Act, the Federal Deposit Insurance Act, the Bank Secrecy Act and recent legislation like the Dodd-Frank Act that amends these and other statutes.

The following might be added to cover the current regulatory environment:

In the exercise of their supervisory and examination authority, the bank regulatory agencies have emphasized corporate governance, stress testing, enterprise risk management and other board responsibilities; anti-money laundering compliance and enhanced high risk customer due diligence; vendor management; cyber security and fair lending and other consumer compliance obligations.

Beyond this, the Sup & Reg sections should include details only on those laws, regulations and regulatory developments that are materially impacting or are likely to impact the company rather than giving a history lesson on a collection of banking laws adopted over several decades.

There certainly are enough current issues deserving of comment in financial institution 10-Ks. However, the detail provided should be driven by their potential impact on the company and its banking operations. These would include:

  • The new Basel III capital rules and whether the company would be in compliance today if all requirements were fully implemented.
  • Liquidity requirements now rival the new capital rules for attention.
  • Permissible nonbanking or financial activities being conducted (insurance agency, investment advisor, etc.).
  • Enforcement actions in place or their termination.
  • Actions taken to improve Board governance and Enterprise Risk Management.
  • Results of any stress testing undertaken.
  • Experience with privacy breaches and cyber security incursions.
  • CFPB examination, if over or near $10 Billion in assets.
  • The Volcker Rule and Living Wills/Resolution Plans to the extent they apply.

Here are some suggestions for streamlining and updating your Sup & Reg section:

  • Update statements on the competitive and consolidating financial services industry and at least drop “savings and loans” and perhaps add “online and alternative lenders” as examples of non-bank competitors.
  • Delete the common reference to the “recent” financial crisis and the ongoing recovery—unless the bank has not recovered. Speak forward not back.
  • Leave old laws and acronyms behind—FIRREA, FDICIA, even maybe GLBA.
  • Dodd-Frank’s full implementation is now fairly predictable. Dilute or discard the qualification that management continues to evaluate its uncertain impact
  • No longer trace the history of Basel back to the 1988 Accord.
  • Riegle-Neal and interstate banking are rarely relevant except for mega-mergers.
  • Reduce the discussion of financial holding company status where it simply is not used.
  • The history and formula details for FDIC assessments are not required and most banks will pay less post-Dodd-Frank not more. The increase in coverage to $250,000 is yesterday’s news.
  • Don’t dwell on interchange fees, qualified mortgages or servicing rights if they are not key bank products or revenue.
  • Cover Trups and TARP only if they are still relevant to the company.
  • Get to the point on Volcker: Does the company engage in any proprietary trading or fund sponsorship or investments?
  • Shorten the text on “undercapitalized” institutions subject to prompt corrective action—unless the bank has such capital issues.
  • Go light on the details of 23A/B; few banks have any affiliates other than their holding company.
  • Given recent examinations, Fair Lending compliance may deserve more attention.
  • Discuss interest rates, net interest margins and monetary policy and their impact on profitability in the short term instead in the MD&A.
  • Consider deleting that the bank maintains reserves with the Federal Reserve and may be an investing member of a Federal Home Loan Bank. Everybody knows that.
  • Redraft Incentive Compensation discussion to be less about being a hindrance to retaining management and more about discouraging inappropriate risk taking.
  • Recraft CRA compliance as a proactive commitment rather than a potential bar to acquisitions.
  • Rather than noting the Fed must approve any new activities and over 5% investments in other banks, which is well known, instead address any of the myriad of permissible nonbanking activities the company or bank does or may engage in.
  • Be careful not to overstate the bank’s privacy compliance, cybersecurity and vendor management as some retrenching may be necessary if the bank is subject to a customer data breach like Target or Sony.
  • Instead of saying there may be new legislation or regulations with impact management cannot predict, assert that pending and proposed legislation and regulations are monitored and commented upon as appropriate.
  • Establish post-Choke Point policies on banking third-party payment processors and the cannabis and digital currency industries. You will need them!

The 10-K Sup & Reg section needs to be refreshed annually to address those developments and new issues that are priorities for management and boards of directors. A similar refreshment of boilerplate regulatory risk factor language and the Forward Looking Statement also are encouraged.

Reproduced with permission from Accounting Policy and Practice Report, 11 appr 13, 06/19/2015. Copyright [1] 2015 by The Bureau of National Affairs, Inc. (800-372-1033)

back to top



pursuant to New York DR 2-101(f)

© 2023 Manatt, Phelps & Phillips, LLP.

All rights reserved