submit a revised capital restoration plan within the time specified by the FDIC. Upon receiving notice that its capital restoration plan has not been approved, any undercapitalized bank (as defined in § 325.103(b) of this subpart) shall be subject to all of the provisions of section 38 and this subpart applicable to significantly undercapitalized institutions. These provisions shall be applicable until such time as a new or revised capital restoration plan submitted by the bank has been approved by the FDIC.

(e) Failure to submit capital restoration plan. A bank that is undercapitalized (as defined in § 325.103(b) of this subpart) and that fails to submit a written capital restoration plan within the period provided in this section shall, upon the expiration of that period, be subject to all of the provisions of section 38 and this subpart applicable to significantly undercapitalized institutions.

(f) Failure to implement capital restoration plan. Any undercapitalized bank that fails in any material respect to implement a capital restoration plan shall be subject to all of the provisions of section 38 and this subpart applicable to significantly undercapitalized institutions.

(g) Amendment of capital restoration plan. A bank that has filed an approved capital restoration plan may, after prior written notice to and approval by the FDIC, amend the plan to reflect a change in circumstance. Until such time as a proposed amendment has been approved, the bank shall implement the capital restoration plan as approved prior to the proposed amendment.

(h) Performance guarantee by companies that control a bank—(1) Limitation on liability—(i) Amount limitation. The aggregate liability under the guarantee provided under section 38 and this subpart for all companies that control a specific bank that is required to submit a capital restoration plan under this subpart shall be limited to the lesser of:

(A) An amount equal to 5.0 percent of the bank's total assets at the time the bank was notified or deemed to have notice that the bank was undercapitalized; or

(B) The amount necessary to restore the relevant capital measures of the bank to the levels required for the bank to be classified as adequately capitalized, as those capital measures and levels are defined at the time that the bank initially fails to comply with a capital restoration plan under this subpart.

(ii) Limit on duration. The guarantee and limit of liability under section 38 and this subpart shall expire after the FDIC notifies the bank that it has remained adequately capitalized for each of four consecutive calendar quarters. The expiration or fulfillment by a company of a guarantee of a capital restoration plan shall not limit the liability of the company under any guarantee required or provided in connection with any capital restoration plan filed by the same bank after expiration of the first guarantee.

(iii) Collection on guarantee. Each company that controls a given bank shall be jointly and severally liable for the guarantee for such bank as required under section 38 and this subpart, and the FDIC may require and collect payment of the full amount of that guarantee from any or all of the companies issuing the guarantee.

(2) Failure to provide guarantee. In the event that a bank that is controlled by any company submits a capital restoration plan that does not contain the guarantee required under section 38(e)(2) of the FDI Act, the bank shall, upon submission of the plan, be subject to the provisions of section 38 and this subpart that are applicable to banks that have not submitted an acceptable capital restoration plan.

(3) Failure to perform guarantee. Failure by any company that controls a bank to perform fully its guarantee of any capital plan shall constitute a material failure to implement the plan for purposes of section 38(f) of the FDI Act. Upon such failure, the bank shall be subject to the provisions of section 38 and this subpart that are applicable to banks that have failed in a material respect to implement a capital restoration plan.

§ 325.105 Mandatory and discretionary supervisory actions under section 38. (a) Mandatory supervisory actions(1) Provisions applicable to all banks. All banks are subject to the restrictions contained in section 38(d) of the FDI Act on payment of capital distributions and management fees.

(2) Provisions applicable to undercapitalized, significantly undercapitalized, and critically undercapitalized banks. Immediately upon receiving notice or being deemed to have notice, as provided in § 325.102 of this subpart, that the bank is undercapitalized, significantly undercapitalized, or critically undercapitalized, the bank shall become subject to the provisions of section 38 of the FDI Act:

(i) Restricting payment of capital distributions and management fees (section 38(d));

(ii) Requiring that the FDIC monitor the condition of the bank (section 38(e)(1));

(iii) Requiring submission of a capital restoration plan within the schedule established in this subpart (section 38(e)(2));

(iv) Restricting the growth of the bank's assets (section 38(e)(3)); and (v) Requiring prior approval of certain expansion proposals (section

38(e)(4)).

(3) Additional provisions applicable to significantly undercapitalized, and critically undercapitalized banks. In addition to the provisions of section 38 of the FDI Act described in paragraph (a)(2) of this section, immediately upon receiving notice or being deemed to have notice, as provided in § 325.102 of this subpart, that the bank is significantly undercapitalized, or critically undercapitalized, or that the bank is subject to the provisions applicable to institutions that are significantly undercapitalized because the bank failed to submit or implement in any material respect an acceptable capital restoration plan, the bank shall become subject to the provisions of section 38 of the FDI Act that restrict compensation paid to senior executive officers of the institution (section 38(f)(4)).

(4) Additional provisions applicable to critically undercapitalized institutions. (i) In addition to the provisions

of section 38 of the FDI Act described in paragraphs (a)(2) and (a)(3) of this section, immediately upon receiving notice or being deemed to have notice, as provided in § 325.102 of this subpart, that the insured depository institution is critically undercapitalized, the institution is prohibited from doing any of the following without the FDIC's prior written approval:

(A) Entering into any material transaction other than in the usual course of business, including any investment, expansion, acquisition, sale of assets, or other similar action with respect to which the depository institution is required to provide notice to the appropriate Federal banking agency;

(B) Extending credit for any highly leveraged transaction;

(C) Amending the institution's charter or bylaws, except to the extent necessary to carry out any other requirement of any law, regulation, or order;

(D) Making any material change in accounting methods;

(E) Engaging in any covered transaction (as defined in section 23A(b) of the Federal Reserve Act (12 U.S.C. 371c(b));

(F) Paying excessive compensation or bonuses;

(G) Paying interest on new or renewed liabilities at a rate that would increase the institution's weighted average cost of funds to a level significantly exceeding the prevailing rates of interest on insured deposits in the institution's normal market areas; and

(H) Making any principal or interest payment on subordinated debt beginning 60 days after becoming critically undercapitalized except that this restriction shall not apply, until July 15, 1996, with respect to any subordinated debt outstanding on July 15, 1991, and not extended or otherwise renegotiated after July 15, 1991.

(ii) In addition, the FDIC may further restrict the activities of any critically undercapitalized institution to carry out the purposes of section 38 of the FDI Act.

(5) Exception for certain savings associations. The restrictions in paragraph (a)(4) of this section shall not apply, before July 1, 1994, to any insured savings association if:

(i) The savings association had submitted a plan meeting the requirements of section 5(t)(6)(A)(ii) of the Home Owners' Loan Act (12 U.S.C. 1464(t)(6)(A)(ii)) prior to December 19,

1991;

(ii) The Director of OTS had accepted the plan prior to December 19, 1991; and

(iii) The savings association remains in compliance with the plan or is operating under a written agreement with the appropriate federal banking

agency.

(b) Discretionary supervisory actions. In taking any action under section 38 that is within the FDIC's discretion to take in connection with:

(1) An insured depository institution that is deemed to be undercapitalized, significantly undercapitalized, or critically undercapitalized, or has been reclassified as undercapitalized, or significantly undercapitalized; or

(2) An officer or director of such institution, the FDIC shall follow the procedures for issuing directives under §§ 308.201 and 308.203 of this chapter, unless otherwise provided in section 38 or this subpart.

PART 326-MINIMUM SECURITY DEVICES AND PROCEDURES AND BANK SECRECY ACT 1 COMPLIANCE

Subpart A-Minimum Security Procedures

Sec.

326.0 Authority, purpose, and scope. 326.1 Definitions.

326.2 Designation of security officer. 326.3 Security program. 326.4 Reports.

Subpart B-Procedures for Monitoring Bank Secrecy Act Complianace

326.8 Bank Secrecy Act compliance. AUTHORITY: 12 U.S.C. 1813, 1815, 1817, 1818, 1819 [Tenth], 1881-1883; 31 U.S.C. 5311-5324.

In its original form, subchapter II of chapter 53 of title 31 U.S.C., was part of Pub. L. 91-508 which requires recordkeeping for and reporting of currency transactions by banks and others and is commonly known as the Bank Secrecy Act.

Subpart A-Minimum Security Procedures

SOURCE: 56 FR 13581, Apr. 3, 1991, unless otherwise noted.

§ 326.0 Authority, purpose, and scope.

(a) This part is issued by the Federal Deposit Insurance Corporation ("FDIC") pursuant to section 3 of the Bank Protection Act of 1968 (12 U.S.C. 1882). It applies to insured state banks that are not members of the Federal Reserve System. It requires each bank to adopt appropriate security procedures to discourage robberies, burglaries, and larcenies and to assist in identifying and apprehending persons who commit such acts.

(b) It is the responsibility of the bank's board of directors to comply with this part and ensure that a written security program for the bank's main office and branches is developed and implemented.

(Approved by the Office of Management and Budget under control number 30640095)

For the purposes of this part

(a) The term insured nonmember bank means any bank, including a foreign bank having a branch the deposits of which are insured in accordance with the provisions of the Federal Deposit Insurance Act, which is not a member of the Federal Reserve System. The term does not include any institution chartered or licensed by the Comptroller of the Currency, any District bank, or any savings association.

(b) The term banking office includes any branch of an insured nonmember bank, and, in the case of an insured state nonmember bank, it includes the main office of that bank.

(c) The term branch for a bank chartered under the laws of any state of the United States includes any branch bank, branch office, branch agency, additional office, or any branch place of business located in any state or territory of the United States, District of Columbia, Puerto Rico, Guam, American Samoa, the Trust Territory of the Pacific Islands, the Northern Mariana

Islands or the Virgin Islands at which deposits are received or checks paid or money lent. In the case of a foreign bank, as defined in 12 CFR 346.1(a), the term branch has the meaning given in 12 CFR 346.1(d).

§ 326.2 Designation of security officer.

Upon the issuance of federal deposit insurance, the board of directors of each insured nonmember bank 2 shall designate a security officer who shall have the authority, subject to the approval of the board of directors, to develop, within a reasonable time, but no later than 180 days, and to administer a written security program for each banking office.

§ 326.3 Security program.

(a) Contents of security program. The security program shall:

(1) Establish procedures for opening and closing for business and for the safekeeping of all currency, negotiable securities, and similar valuables at all times;

(2) Establish procedures that will assist in identifying persons committing crimes against the bank and that will preserve evidence that may aid in their identification and prosecution; such procedures may include, but are not limited to:

(i) Retaining a record of any robbery, burglary, or larceny committed against the bank;

(ii) Maintaining a camera that records activity in the banking office; and

(b) Security devices. Each insured nonmember bank shall have, at a minimum, the following security devices:

(1) A means of protecting cash or other liquid assets, such as a vault, safe, or other secure space;

(2) A lighting system for illuminating, during the hours of darkness, the area around the vault, if the vault is visible from outside the banking office;

(3) An alarm system or other appropriate device for promptly notifying the nearest responsible law enforcement officers of an attempted or perpetrated robbery or burglary;

(4) Tamper-resistant locks on exterior doors and exterior windows that may be opened; and

(5) Such other devices as the security officer determines to be appropriate, taking into consideration:

(i) The incidence of crimes against financial institutions in the area;

(ii) The amount of currency or other valuables exposed to robbery, burglary, and larceny;

(iii) The distance of the banking office from the nearest responsible law enforcement officers;

(iv) The cost of the security devices; (v) Other security measures in effect at the banking office; and

(vi) The physical characteristics of the structure of the banking office and its surroundings.

§ 326.4 Reports.

The security officer for each insured nonmember bank shall report at least annually to the bank's board of directors on the implementation, administration, and effectiveness of the security program.

Subpart B-Procedures for Monitoring Bank Secrecy Act Compliance

§ 326.8 Bank Secrecy Act compliance.

(a) Purpose. This subpart is issued to assure that all insured nonmember banks 3 establish and maintain proce

3 In regard to foreign banks, the programs and procedures required by § 326.8 need be instituted only at an insured branch as defined in 12 CFR 346.1(g) which is a State branch as defined in 12 CFR 346.1(f).

341-038 0-93-7

dures reasonably designed to assure and monitor their compliance with the requirements of subchapter II of chapter 53 of title 31 U.S.C., and the implementing regulations promulgated thereunder by the Department of Treasury at 31 CFR part 103.

(b) Compliance procedures. On or before April 27, 1987, each bank shall develop and provide for the continued administration of a program reasonably designed to assure and monitor compliance with recordkeeping and reporting requirements set forth in subchapter II of chapter 53 of title 31 U.S.C., and the implementing regulations promulgated thereunder by the Department of Treasury at 31 CFR part 103. The compliance program shall be reduced to writing, approved by the board of directors and noted in the minutes.

(c) Contents of compliance program. The compliance program shall, at a minimum:

(1) Provide for a system of internal controls to assure ongoing compliance; (2) Provide for independent testing for compliance to be conducted by bank personnel or by an outside party;

(3) Designate an individual or individuals responsible for coordinating and monitoring day-to-day compliance; and

(4) Provide training for appropriate personnel.

(Approved by the Office of Management and Budget under control number 30640087)

[52 FR 2860, Jan. 27, 1987, as amended at 53 FR 17917, May 19, 1988]

§ 327.1 Purpose and scope.

(a) Scope. This part 327 applies to any insured depository institution, including any insured branch of a foreign bank.

(b) Purpose. (1) Except as specified in paragraph (b)(2) of this section, this part 327 sets forth the rules for:

(i) The time and manner of filing certified statements by insured depository institutions;

(ii) The time and manner of pay. ment of the semiannual assessments by such institutions; and

(iii) The payment of assessments by depository institutions whose insured status has terminated.

(2) Deductions from the assessment base of an insured branch of a foreign bank are stated in part 346 of this chapter.

§ 327.2 Certified statements.

(a) Required. Each insured depository institution shall file a certified statement during each semiannual period.

(b) Form. The certified statement to be filed by an insured depository institution shall be in the form appropriate for such institution as prescribed by the Corporation.