The proposed guidelines that the Board of Governors of the Federal Reserve System (the Board) recently issued for public notice and comment mark the latest development on one of the most important policy questions for the U.S. financial system today: who is entitled to have a master account? Having an account at one of the twelve Federal Reserve Banks (a master account) is necessary for an institution to have direct access to the Federal Reserve’s payment systems and to settle transactions with other participants in central bank money.[1] “With technology driving rapid change in the payments landscape,” Governor Lael Brainard states in the Board’s press release, the proposed guidelines “would ensure requests for access to the Federal Reserve payments system from novel institutions are evaluated in a consistent and transparent manner that promotes a safe, efficient, inclusive, and innovative payment system, consumer protection, and the safety and soundness of the banking system.”
Section 13 of the Federal Reserve Act states that “Any Federal Reserve Bank may receive [deposits] from any of its member banks, or other depository institutions.” (Emphasis added.) Under this statutory authority, master accounts are available only to banks that are members of the Federal Reserve System and other depository institutions, and only if they satisfy any additional criteria established by the particular Federal Reserve Bank.[2] The preamble to the proposed guidelines states that their purpose is to “help foster consistent evaluation of access requests, from both risk and policy perspectives, across all twelve Reserve Banks.” In particular, the proposed guidelines are designed to provide “a more transparent and consistent approach” to “requests for access to accounts and services,” especially in light of the “recent uptick in novel charter types being authorized or considered across the country.” The preamble expresses the hope that “the proposed guidelines would reduce the potential for forum shopping across Reserve Banks and mitigate the risk that individual decisions by Reserve Banks could create de facto System policy for a particular business model or risk profile.”
The proposed guidelines’ preamble acknowledges that, while decisions as to any particular request for a master account are made by individual Federal Reserve Banks, their decisions have implications across a wide range of the Federal Reserve’s policies and objectives. The preamble recognizes that decisions made by one Federal Reserve Bank could set a precedent that affects the Board’s ability to achieve its policy goals now and in the future, and that “a structured, transparent, and detailed framework for evaluating access requests would benefit the financial system broadly.” The guidelines set forth six principles that are intended to support consistency across the Federal Reserve Banks while maintaining each Federal Reserve Bank’s flexibility to grant or deny requests based on the facts and circumstances of any particular request for access.
A research note from Isaac Boltansky at Compass Point predicts “a deluge of comments from all corners of financial services” on the proposed guidelines, and number of informed commentators have already expressed initial views. According to Mr. Boltansky, “At first blush, the Fed’s principles appear to set a relatively high hurdle for access, but outlining these standards provides a welcome degree of clarity considering recent charter uncertainty.” PwC offered a similar perspective: “While some digital asset firms will appreciate the clarity provided by the proposal, many will have a long way to go to meet its stringent requirements, in particular those around liquidity risk, BSA/AML, and cybersecurity.” Bank Policy Institute President and CEO Greg Baer, while echoing appreciation for the Board’s request for comments, struck a different note: “Historically, only regulated and supervised banks have been permitted access, and if Big Tech and FinTech firms seek that right, the question is whether they ought to shoulder the traditionally associated responsibilities and whether further protections are warranted given that they are uninsured and lightly regulated, and therefore inherently riskier to the system.”
The proposal was approved with all members of the Board voting in favor and no abstentions. Comments on the proposal are due 60 days after its publication in the Federal Register, which is scheduled for May 11, 2021. The following sections of this memorandum provide an overview of the process for the Federal Reserve Banks’ consideration of requests for master accounts and the six principles in the proposed guidelines.
Process for Evaluating Requests for a Master Account
The process begins when an institution submits its request for a master account, with any required supporting documentation, to a Federal Reserve Bank. The Federal Reserve Banks evaluate each request on a case-by-case basis.[3] The proposed guidelines are “centered on a foundation of risk management and mitigation” and identify the factors that the Federal Reserve Banks should consider when evaluating an institution against the type of risk targeted by each of the six principles. The evaluation is supposed to cover “risk mitigation strategies adopted by the institution (including capital, risk frameworks, compliance with regulations, and supervision) and by the Reserve Bank (including account agreement provisions, restrictions on financial services accessed, account risk controls, and denial of access requests).”
The proposed guidelines state that when applying the factors the Federal Reserve Banks should, to the extent possible, incorporate the assessments of an institution’s federal or state supervisors into their own independent assessment of the institution’s risk profile. Because the proposed guidelines use factors that are already broadly applied to federally insured depository institutions, the preamble states that application of the guidelines to insured institutions “would be fairly straightforward in most cases.” In contrast, “assessments of access requests from non-federally-insured institutions . . . may require more extensive due diligence.”
Principle #1: Legal Eligibility
“Each institution requesting an account or services must be eligible under the Federal Reserve Act or other federal statute to maintain an account at a Reserve Bank and receive Federal Reserve services and should have a well-founded, clear, transparent, and enforceable legal basis for its operations.”
The proposed guidelines expressly apply to any request from a member bank or other depository institution as defined by section 19(b) of the Federal Reserve Act, as well as Edge and Agreement corporations and branches and agencies of foreign banks. Section 19(b) defines the term “depository institution” to include “any insured bank” and “any bank which is eligible to make application to become an insured bank under section 5” of the Federal Deposit Insurance Act (FDI Act). (Emphasis added.) It defines the term “bank” as “any insured or non-insured bank, as defined in section 3 of the [FDI Act], other than a mutual savings bank or a savings bank as defined in such section.”[4] Under Section 3 of the FDI Act, the definition of the term “bank” includes “any national bank and State bank,” the term “insured bank” means “any bank . . . the deposits of which are insured in accordance with the [FDI Act]” and the term “noninsured bank” means “any bank the deposits of which are not so insured.” Thus, both insured and uninsured state or national banks are legally eligible for “a Federal Reserve account and services.” In addition, the preamble states that “[t]he Board is considering whether it may in the future be useful to clarify the interpretation of legal eligibility under the Federal Reserve Act for a Federal Reserve account and services.”
The proposed guidelines state that a Federal Reserve Bank’s assessment of an institution under this principle should also consider:
- the consistency of the institution’s activities and services with applicable laws and regulations, such as Article 4A of the Uniform Commercial Code and the Electronic Fund Transfer Act; and
- whether the design of the institution’s services would impede compliance by the institution’s customers with U.S. sanction programs, Bank Secrecy Act (BSA) and anti-money-laundering (AML) requirements or regulations, or consumer protection laws and regulations.
Principle #2: Safety and Soundness
“Provision of an account and services to an institution should not present or create undue credit, operational, settlement, cyber or other risks to the Reserve Bank.”
To meet the requirements of this principle, an institution should:
- have an effective risk management framework and governance arrangements that meet certain conditions and ensure that the institution operates in a safe and sound manner during both normal conditions and periods of idiosyncratic and market stress;
- be in substantial compliance with its primary supervisor’s regulatory and supervisory requirements;
- be able to demonstrate:
- an ability to comply, were it to obtain a master account, with Board orders and policies, and other applicable agreements, operating circulars and requirements of the Federal Reserve;
- sound financial condition, including adequate capital to continue as a going concern and to meet its current and projected operating expenses under a range of scenarios;
- its ability, on an ongoing basis, including during periods of idiosyncratic or market stress, to meet all of its obligations to remain a going concern and comply with its agreement for a master account, including by maintaining:
- sufficient liquid resources to meet its obligations to the Federal Reserve Bank under applicable agreements, operating circulars, and Board policies;
- operational capacity to ensure that such liquid resources are available to satisfy all such obligations to the Federal Reserve Bank on a timely basis; and
- settlement processes designed to appropriately monitor balances in its master account on an intraday basis, to process transactions through its account in an orderly manner and maintain/achieve a positive account balance before the end of the business day;
- an operational risk framework designed to ensure operational resiliency against events associated with processes, people, and systems, which should:
- identify the range of operational risks presented by the institution’s business model;
- establish sound operational risk management objectives to address such risks;
- establish sound governance arrangements, rules, and procedures;
- establish rules and procedures to carry out risk management objectives;
- employ the resources necessary to achieve risk management objectives and effectively implement rules and procedures; and
- support compliance with electronic access requirements, including security measures, outlined in the Federal Reserve Banks’ Operating Circular No. 5.
Principle #3: Risks to the Payment System
“Provision of an account and services to an institution should not present or create undue credit, liquidity, operational, settlement, cyber or other risks to the overall payment system.”
- The institution should have an effective risk management framework and governance arrangements to limit the impact of idiosyncratic stress, disruptions, outages, cyber incidents or other incidents at the institution on other institutions and the payment system broadly, including:
- clearly defined operational reliability objectives and policies and procedures;
- an adequate business continuity plan and a resiliency objective to ensure the institution can resume services in a reasonable timeframe; and
- policies and procedures for identifying risks that external parties may pose to sound operations, including interdependencies with affiliates, service providers, and others;
- The Federal Reserve Bank should consider:
- actual and potential interactions between the institution’s use of a master account and services and (other parts of) the payment system; and
- the extent to which the institution’s use of a master account might restrict funds from being available to support the liquidity needs of other institutions.
- The institution must also, in the Federal Reserve Bank’s judgment, meet standards of safety and soundness consistent with those set forth under principle #2 above.
Principle #4: U.S. Financial Stability
“Provision of an account and services to an institution should not create undue risk to the stability of the U.S. financial system.”
- The Federal Reserve Bank should determine, in coordination with the other Federal Reserve Banks and Board, whether the access to a master account by an institution itself or a group of like institutions could introduce financial stability risk to the U.S. financial system.
- The Federal Reserve Bank should confirm that the institution has an effective risk management framework and governance arrangements for managing liquidity, credit, and other risks that may arise in times of financial or economic stress.
- The Federal Reserve Bank should consider the extent to which, especially in times of financial or economic stress, liquidity or other strains at the institution may be transmitted to other segments of the financial system.
- The Federal Reserve Bank should consider the extent to which, especially during times of financial or economic stress, access to an account and services by an institution itself (or a group of like institutions) could affect deposit balances across U.S. financial institutions more broadly and whether any resulting movements in deposit balances could have a deleterious effect on U.S. financial stability.
- Balances held in master accounts are high-quality liquid assets, making them very attractive in times of financial or economic stress. For example, in times of stress, investors that would otherwise provide short-term funding to nonfinancial firms, financial firms, and state and local governments could rapidly withdraw that funding and instead deposit their funds with an institution holding mostly central bank balances. If the institution is not subject to capital requirements similar to a federally-insured institution, the potential for sudden and significant deposit inflows into that institution is particularly large, which could disintermediate other parts of the financial system, greatly amplifying stress.
- The interpretive gloss provided in the preamble may be particularly relevant to the application of principle #4. The Board states that the proposed guidelines “are designed as a risk management framework and, as such, the principles focus on risks that an institution’s access could pose,” but acknowledges that “an institution’s access could have net benefits to the financial system that are not a focus of the risk management framework.”
Principle #5: Prevention of Financial Crimes
“Provision of an account and services to an institution should not create undue risk to the overall economy by facilitating activities such as money laundering, terrorism financing, fraud, cybercrimes, or other illicit activity.”
- The institution should have an AML program consistent with the requirements in 31 CFR 1020.210(b) and comply with the Office of Foreign Assets Control (OFAC) regulations in 31 CFR Chapter V.
- These compliance programs should contain the following elements:
- a system of internal controls, including policies and procedures, to ensure ongoing BSA/AML and OFAC compliance;
- independent audit and testing of BSA/AML and OFAC compliance;
- senior management commitment to BSA/AML and OFAC compliance, including, at a minimum, the designation of a specific person or persons responsible for managing BSA/AML and OFAC compliance; senior management review and approval of the programs; sufficient authority and autonomy; and senior management taking and demonstrating that it will continue to take steps to ensure that the compliance unit receives adequate resources;
- ongoing training for appropriate personnel with a scope that is appropriate for the products and services the institution offers; and
- processes that allow for a risk-based classification of the customer base, including risk-based procedures for ongoing customer due diligence.
- These compliance programs should contain the following elements:
Principle #6: Monetary Policy
“Provision of an account and services to an institution should not adversely affect the Federal Reserve’s ability to implement monetary policy.”
- The Federal Reserve Bank should determine, in coordination with the other Federal Reserve Banks and the Board, whether access to a master account and services by an institution itself or a group of like institutions could have an effect on the implementation of monetary policy.
- The Federal Reserve Bank should consider, among other things, whether access to a master account by the institution could affect the level and variability of the demand for and supply of reserves, the level and volatility of key policy interest rates, the structure of key short-term funding markets, and the overall size of the consolidated balance sheet of the Federal Reserve Banks. The Reserve Bank should also consider the implications of providing an account to the institution in normal times as well as in times of stress. This consideration should occur regardless of the current monetary policy implementation framework in place.
ENDNOTES
[1] Questions about who can access the Federal Reserve’s payment system and transact in central bank money are also at the heart of the debate around central bank digital currencies (CBDC), and the potential design, availability and functionality of any CBDC issued by the Federal Reserve. We explore these issues more fully in our memo on Digital Dollars / Central Bank Digital Currencies, which we will update from time to time.
[2] Under the Federal Reserve Act and other federal statutes, master accounts and other types of accounts at Federal Reserve Banks are also available to the U.S. Department of the Treasury and certain government-sponsored entities, international organizations and financial market utilities, among others. The proposed guidelines do not apply to these types of institutions, and we accordingly do not address them in this memorandum.
[3] As discussed in the Federal Reserve’s Operating Circular No. 1, an institution has the option to settle transactions in its own master account or in the master account of another institution that has agreed to act as its correspondent. The proposed guidelines apply to requests for either type of arrangement. The Federal Reserve financial services included in the scope of the proposed guidelines, however, do not include transactions conducted as part of the Federal Reserve’s open market operations or the administration of the discount window.
[4] Section 19(b) separately provides that the term “depository institution” includes “any mutual savings bank” or “savings bank” as defined in section 3 of the FDI Act or any such savings bank which is eligible to make application to become an insured bank under section 5 of the FDI Act.
This post comes to us from Davis Polk & Wardwell LLP. It is based on the firm’s memorandum, “Proposed Guidelines: Who Can Have a Federal Reserve Master Account?” dated May 11, 2021.