In-house bank lawyers got a vote of confidence last week. The context was a comment submitted to the Office of the Comptroller of the Currency regarding proposed enforceable guidelines on the risk management practices for the nation’s largest banks. Last January, the OCC proposed the guidelines and asked for comments. Previously, risk management practices suggested by the OCC have been largely precatory.
The proposed guidelines suggest minimum standards for the design and implementation of a risk governance framework. While the proposed guidelines would apply to banking organizations with consolidated assets equal to or greater than $50 billion, once they are effective, they will be influential regarding the risk management practices of smaller banks. The guidelines document (Docket ID OCC-2014-0001) is available here.
The overall goal of the proposal is to help banking institutions in “defining and communicating an acceptable risk appetite across the organization.” The measures should address such things as the capital, earnings, and liquidity that may be at risk on a firm-wide basis, the risk that may be taken in each line of business, and each key risk category monitored by the institution. A bank’s risk management practices should cover the following categories of risk: credit risk, interest rate risk, liquidity risk, price risk, operational risk, compliance risk, strategic risk, and reputation risk.
The proposed guidelines define some organizational units as “fundamental” to the risk management. These units are “front-line units, independent risk management, and internal audit.”
The comment on the role of in-house lawyers came from a comment filed on March 26 by the Banking Committee of the Business Section of the American Bankers Association, a group populated by in-house lawyers, regulatory agency lawyers and outside counsel for banks, large and small, which suggested that the proposed guidelines fail to recognize the real role of in-house lawyers as an independent “line of defense.” Instead, the proposed guidelines considered the legal function to be one of a number of traditional business units that provide support to front-line business units.
The comment suggested: “The mission of the legal function is to provide independent professional advice to management and the board. It does not ‘provide services’ in the same sense the other front-line units do. Indeed, as the only internal organization that possesses the skills and the license to consider the applicability of laws, regulations and regulatory interpretations to the full spectrum of activities conducted by the bank, the legal function is in reality a fourth line of defense.” The comment goes on to suggest the OCC’s proposal could undermine attorney-client privilege and subject the legal function to oversight by internal audit and independent risk management.
The Banking Committee expressed its own views and not the views of the Business Section and not the views of the ABA. But it is an interesting and useful perspective on the way many banking organizations view their in-house lawyers. The comment period on the OCC’s proposal ended March 28th.