There is no question that bank failures in 2023, and corresponding risks taken by bank executives contributed to the new New York Department of Financial Services (DFS) enhanced due diligence rubric, emphasizing ongoing evaluation of “character and fitness.”
The final guidance, issued by DFS on January 22, 2024, requires “regular and rigorous” vetting of key personnel at banking organizations and non-depository institutions. It is clear, that DFS is focused on enhanced scrutiny of senior officers, who “participate in major policy-making functions,” and must continue after the hiring process.
Institutions subject to DFS oversight will need to revisit current policies and vetting procedures for certain senior level staff during onboarding and on a regular basis thereafter. A new framework for the review and assessment of character and fitness of directors, senior officers, and managers will need to be developed, implemented, and maintained.
Not surprisingly, banking institutions responded by touting already existing robust character and fitness policies. However, based on this new guidance, DFS is expecting a vigorously structured, and well organized, recurring assessment of senior staff and managers. Ultimately, DFS is looking for a “risk-based and proportionate approach” that considers the “complexity and risk profile of the institution.” For example, periodic examination whether “intervening circumstances” occurred since onboarding causing an individual to be unfit for a position. Or, whether a “new or materially different” conflict of interest arises in the course of employment that did not previously exist.
Factors to consider when evaluating current policies and procedures:
- Frequency – set a schedule to re-evaluate personnel, at least annually;
- Substance – develop a targeted inquiry unique to the function and title of each individual staff member; and
- Process – validate and independently conduct background research focused on individual responses from personnel and risk areas associate with their individual role at the institution.
As a result, institutions subject to DFS oversight will need to review existing procedures and should consider engaging a third-party provider with expertise conducting risk-based due-diligence, experience in banking, and familiarity with DFS compliance matters. Working with a third-party to support compliance will provide integrity and aid in assessing substantive cautionary flags to ensure DFS reporting requirements are met.