Federal Financial Institutions Examination Council

From Wikipedia, the free encyclopedia
Federal Financial Institutions Examination Council
Agency overview
FormedMarch 10, 1979 (1979-03-10)
Agency executive
Key document

The Federal Financial Institutions Examination Council (FFIEC) is a formal U.S. government interagency body composed of five banking regulators that is "empowered to prescribe uniform principles, standards, and report forms to promote uniformity in the supervision of financial institutions".[2] It also oversees real estate appraisal in the United States.[3] Its regulations are contained in title 12 of the Code of Federal Regulations.


FFIEC includes five banking regulators—the Federal Reserve Board of Governors (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB).


FFIEC was established March 10, 1979, pursuant to title X of the Financial Institutions Regulatory and Interest Rate Control Act of 1978 (FIRA).[2][4]

Housing and real estate[edit]

The FFIEC was given additional statutory responsibilities by section 340 of the Housing and Community Development Act of 1980 to facilitate public access to data that depository institutions must disclose under the Home Mortgage Disclosure Act of 1975 (HMDA) and the aggregation of annual HMDA data, by census tract, for each metropolitan statistical area (MSA). In accordance with HMDA, the FFIEC established an advisory State Liaison Committee composed of five representatives of state supervisory agencies.[3] The HMDA requires "most lenders to identify the race, sex, and income of loan applicants and borrowers",[3] so the FFIEC is able to deduce things like "the number of mortgages issued to black and Hispanic borrowers rose sharply", as it did in 1993.[5] In 2006, the State Liaison Committee was added to the Council as a voting member.[6]

The Appraisal Subcommittee (ASC) was established within the FFIEC pursuant to title XI of the Financial Institutions Reform, Recovery and Enforcement Act of 1989 (FIRREA). The ASC oversees The Appraisal Foundation, whose work is accomplished by three independent boards—the Appraiser Qualifications Board (AQB), the Appraisal Standards Board (ASB), and the Appraisal Practices Board (APB), who collectively regulate real estate appraisal in the United States.


Then Comptroller of the Currency and FFIEC Chair Thomas J. Curry stated on May 8, 2014, that "helping to make banks less vulnerable and more resilient to cyber-attacks" has been one of his top priorities.[7][8] In June 2014 FFIEC launched a new webpage on cybersecurity and announced that it was initiating a pilot for 500 member institutions that will focus on how these institutions manage cybersecurity and how prepared they are to mitigate cyber risks.[9] This was a welcome development since the FFIEC had previously relaxed their own guidance regarding cybersecurity. In guidance released in 2005, the body created rigorous standards that were to be enacted by subject institutions by the end of 2006 regarding multi-factor authentication.[10] The guidance called for strict measures to protect financial transactions that would combine biometrics with strong passwords and device fingerprinting, among other measures, as means of strong authentication. The document mentions biometrics fourteen separate times. The following year, the FFIEC released supplementary guidance that relaxed the strong authentication requirements, allowing institutions to add a "second authentication method" for layered security (not 2 factor authentication) – the supplement mentions biometrics only once.[11] Many institutions discontinued more costly two factor and biometric security measures in favor of what the FFIEC guidance had come to refer to as layered security. By the deadline, fully one third of banking and financial institutions had not complied.[12] When further guidance was released in 2011, it mentioned "strong authentication" only one time.[13]

On June 30, 2015 the FFIEC released the FFIEC Cybersecurity Assessment Tool [14] to enable regulated financial institutions to assess their cybersecurity readiness. This tool may be used as a self-assessment. Regulators may also review the completed assessment during their examination.[15]

Consumer Compliance[edit]

Consumer compliance in bank regulation is associated with the FFIEC’s Uniform Interagency Consumer Compliance Rating System (CC Rating System).[16] The FFIEC promotes compliance with federal consumer protection laws and regulations through each agency’s supervisory and outreach programs.


The FFIEC has six voting representatives of member agencies.[17] As of August 2021, FFIEC members include:[18][19]

See also[edit]


  1. ^ "Members of the FFIEC".
  2. ^ a b "About the FFIEC". FFIEC. Retrieved 7 July 2014.
  3. ^ a b c "History of the Home Mortgage Disclosure Act". Retrieved 7 July 2014.
  4. ^ Vértesy, László (2007). "The Place and Theory of Banking Law - Or Arising of a New Branch of Law: Law of Financial Industries". Collega. Rochester, NY. 2-3. XI. SSRN 3198092.
  5. ^ Bradsher, Keith (29 July 1994). "Minorities Get More Mortgages". The New York Times.
  6. ^ "Federal Financial Institutions Examination Council". Federal Register. Retrieved 10 March 2015.
  7. ^ Curry, Thomas J. (8 May 2014). "Remarks by Thomas J. Curry, Comptroller of the Currency, Before RMA's Governance, Compliance, and Operational Risk Conference, Cambridge, Massachusetts" (PDF). Office of the Comptroller of the Currency. p. 7.
  8. ^ Hoar, Sean B. (1 July 2014). "Federal Financial Institutions Examination Council Launches Cybersecurity Webpage and Begins Cybersecurity Assessments". Privacy & Security Law Blog. Davis Wright Tremaine LLP.
  9. ^ "FFIEC Launches Cybersecurity Web Page, Promotes Awareness of Cybersecurity Activities". FFIEC Press Release. 24 June 2014.
  10. ^ "FFIEC Press Release - October 12, 2005". www.ffiec.gov. Retrieved 2021-02-28.
  11. ^ "Supplement to Authentication in an Internet Banking Environment" (PDF). FFIEC.gov. 2006.
  12. ^ Inc, InfoWorld Media Group (2007-01-01). InfoWorld. InfoWorld Media Group, Inc. {{cite book}}: |last= has generic name (help)
  13. ^ "Supplement toAuthentication in an Internet Banking Environment" (PDF). FFIEC.gov. June 2011.
  14. ^ FFIEC. Cybersecurity Assessment Tool. Retrieved from https://www.ffiec.gov/cyberassessmenttool.htm
  15. ^ NCUA. FFIEC Releases Cybersecurity Assessment Tool. Press release. [Online] Available: https://www.ncua.gov/newsroom/Pages/NW20150630FFIEC.aspx
  16. ^ "FFIEC Issues Uniform Interagency Consumer Compliance Rating System" (PDF). FFIEC Press Release. 7 November 2016.
  17. ^ Werthan, Jeffrey M. (11 May 2014). "Federal Financial Institutions Examination Council (FFIEC) Member Agencies and State of New York to Focus Attention on Cybersecurity". National Law Review.
  18. ^ "Leadership of the Federal Financial Institutions Examination Council 1979-Present" (PDF). Retrieved 31 January 2020.
  19. ^ "Members of the FFIEC". Retrieved 10 August 2021.
  20. ^ "Harper Named NCUA Board Chairman". 25 January 2021. Retrieved 10 August 2021.
  21. ^ "OCC Leadership, Acting Conmptroller of the Currency". Retrieved 10 August 2021.
  22. ^ "David Uejio, Acting Director". Retrieved 10 August 2021.

External links[edit]