On 1/21/2022, the Federal Financial Institutions Examination Council issued a statement announcing best practices for requesting examination information from supervised entities, and a common authentication solution for secure access to the FFIEC members’ supervision systems. According to FFIEC’s release, the statement presents the results of the final phase of the Examination Modernization Project in which its members addressed the feedback provided by supervised entities regarding examination requests and authentication requirements for its members’ supervision systems.

As a result of these efforts, the FFIEC members have identified the following principles as best practices for requesting examination information from financial institutions:

• Information requests should be risk-focused and relevant to the examination.

• Supervised institutions should be given sufficient time to produce new or additional requested information.

• Examiners should coordinate information requests among the examination team to avoid duplicative and/or redundant requests.

• Information requests should be made through the supervised institution’s designated regulatory examination point-of-contact, if applicable, to avoid placing burden on other institution staff.

• Information requests and supplemental information requests should be clearly articulated in writing.

Finally, to address the feedback related to authentication requirements to supervision systems, the FFIEC Task Force on Supervision approved a common authentication solution for secure access to the FFIEC members’ supervision systems. This will allow supervised institutions and the FFIEC member agencies to securely authenticate to supervision systems, while eliminating the need for multiple credentials to access regulator systems.

See FFIEC’s announcement here.

Read FFIEC’s full statement here.