In order to comply with FDIC Part 370, covered institutions will have to implement a change program that encompasses the people, processes, and technology necessary to identify data sources and remediate data.
For the largest and most complex depository institutions, account and customer data can be spread across dozens or even hundreds of backend systems. These could inhabit different geographies, different business or technology reporting lines, and different infrastructures. Many times, these systems were part of smaller banks that were acquired, and their data has never been fully integrated into the broader company’s ecosystem. The FDIC understands the challenges banks face in normalizing this data, and in fact, resolving these complexities lies at the heart of Part 370.
Given these realities, in order to start down the path toward Part 370 compliance, the bank must:
- Identify potential data sources for customer and account data for all covered accounts
- Identify gaps in current data with respect to rule requirements, both at an individual account and aggregate customer level
- Define golden source systems and data survivorship rules across systems
- Define data remediation steps, including possibly analyzing non-electronic sources for data
With this basic framework in place, a bank can begin charting a path to rule compliance and understand where it might need to pursue exceptions or exemptions. Starting this process as early as possible will give an institution the best chance of meeting the regulatory deadline.
—
If you are interested in learning more about FDIC Part 370 and how we can help you comply with the rule, please download our comprehensive guide or complete the contact form at the bottom of this page.