In order to comply with FDIC Part 370, covered institutions will have to implement a change program that encompasses the people, processes, and technology necessary to manage and maintain customer and deposit data.
Once a bank has identified existing customer and deposit data and laid out a plan for remediating deficiencies, it must define a framework for the ongoing management and maintenance of that data. From initial data collection at account opening through the potential transmission of customer PII to the FDIC, this is both the most important aspect of a company’s response to Part 370 and the most likely to overlap with existing in-flight projects. It is also the most likely to generate additional benefits to the company.
Customer data is a key focus at most financial services institutions, so it is likely that there are already multiple projects focusing on enhancing, simplifying, unifying, or even productizing this data. Any effective response to Part 370 will have to identify those in-flight projects and determine how the FDIC’s new requirements either dovetail with or expand upon those efforts. For instance, many banks have already worked to uniquely identify customers with a party ID and eliminate multiple customer records. In this case, the bank will need to determine if its existing efforts satisfy or will satisfy the recordkeeping requirements laid out in section 370.4. For instance:
- Are all covered account holders part of this effort?
- Are beneficial owners included? What about grantors and beneficiaries for revocable trusts, if applicable?
- Are clients and accounts linked well enough in the data model to calculate aggregate balances?
- When will this effort be live in production, and what is the confidence in that timeline?
There are many additional considerations that should be part of this effort, such as security around customer PII, identification of accounts where alternative recordkeeping could be applied, and definitions of different ownership rights and capacities. Getting this phase of the response right will not only set a company on a path toward regulatory compliance, it can also accelerate them toward a holistic view of their clients if similar efforts have stalled in the past.
This project will have hooks into many parts of the organization. If managed correctly, it could create synergies between projects or groups that may currently be on separate or even diverging paths. On the other hand, if not given the proper resources and management backing, this project could not only fail to move the bank toward rule compliance, it could actually hinder progress on existing projects at the organization.
—
If you are interested in learning more about FDIC Part 370 and how we can help you comply with the rule, please download our comprehensive guide or complete the contact form at the bottom of this page.
