I am pleased to present the latest in our series of online reports to the financial services industry about the issues and problems raised to the FDIC Office of the Ombudsman (OO). This report covers the period January 1 through June 30, 2007.

During this six-month period, most bankers expressed overall satisfaction with the FDIC. Even so, many who contacted the OO had concerns with regulatory topics such as the Bank Secrecy Act (BSA), FDIC deposit insurance assessments, the FDIC applications process and the FDIC Special Alerts system. Follow-up on previous issues, such as fraudulent cashiers’ checks and FDIC efforts to keep bankers informed, are included in this report. Problems with the FDIC examination process, especially the lack of communication with bankers, replaced burdensome regulations as the most frequently expressed concern. Also addressed in this report is the importance of designating an FDICconnect coordinator so that institutions have immediate access to FDICconnect transactions, including invoices for FDIC deposit insurance assessments.

In July, Linda Beavers – a 29-year FDIC veteran – was named our Regional Ombudsman for the Atlanta and New York regions, as well as for the Memphis Area states (Arkansas, Louisiana, Mississippi and Tennessee). Ms. Beavers’ previous positions include case manager in the Memphis Area Office and risk-management examiner in the Kansas City Region, where she focused on commercial real estate, large banks, problem banks, trust examinations and information technology reviews. Ms. Beavers is a graduate of the University of Missouri with an M.S. in Economics, and the Stonier Graduate School of Banking. With her diversified background and extensive FDIC experience, Ms. Beavers is well suited to address the variety of concerns brought to the OO. She can be reached at (678) 916-2385 or by e-mail at LBeavers@fdic.gov.

I recently had the privilege of speaking to FDIC examiners at an FDIC Dallas Regional training conference. I was happy to report that their efforts have contributed to the FDIC’s largely positive reputation with the institutions we supervise. I conveyed concerns raised by representatives of minority depository institutions that the markets these banks serve present challenges in the areas of loan underwriting and BSA compliance. Unique markets often require unique solutions, and I asked the examiners to be open to suggestions that you offer.

Having concluded our five-year industry outreach program at the end of 2006, our outreach efforts have shifted to minority and de novo institutions. All institutions are welcome to confidentially report to the OO their concerns and suggestions about the FDIC in its regulatory role. The OO reports the concerns and suggestions without attribution to allay any fear of retaliation or reprisal. OO employees are available to assist with any matter regardless of your location. Visit our Ombudsman web site for more information.

What You Told Us:

During the first half of 2007, 433 bankers contacted us with requests for assistance. In addition, OO staff spoke with 109 financial industry representatives through outreach visits, telephone calls and industry-sponsored conferences. This report summarizes your comments, suggestions and questions, and provides new information on issues addressed in previous reports.

Bank Secrecy Act/Anti-Money Laundering (BSA/AML): BSA/AML has consistently been the subject of many comments and complaints received by the OO over the past several years. In our last report, the OO noted a significant drop in the number of negative comments, and the reduced number of comments and complaints continues. Although the number of comments has been reduced, the issue has not disappeared and bankers continued to express concerns about BSA in terms of burden and the high costs of training and implementation. Bankers also complained about not receiving feedback about Suspicious Activity Report (SAR) filings, which gives rise to a concern that the data are not used. Although we cannot address how law enforcement authorities use SAR information, the FDIC routinely reviews SARs as part of its examination and off-site monitoring processes. The OO offers these hyperlinks (underlined and in blue font) to publications that respond to those concerns.

• SAR Information and Publications: SAR Activity Reviews, available at the linked web site, discuss the preparation, use and value of SARs, and explain that law enforcement feedback cannot be provided when it might jeopardize ongoing cases. Recent SAR Activity Reviews expanded the discussion of law enforcement cases to better demonstrate the importance and value of BSA data to the law enforcement community. The May 2007 issue presents a comparative analysis of depository institutions’ SAR filings related to reporting unlicensed/unregistered money services businesses prior to and following April 2005 FinCEN guidance.
• Understanding BSA Violations: The Winter 2006 edition of the FDIC’s Supervisory Insights highlights recent USA PATRIOT Act changes, discusses the types of BSA-related violations cited in examination reports, and clarifies the difference between a significant BSA program breakdown and technical problems. The Supervisory Insights article also provides examples of best practices for maintaining strong BSA and Anti-Money Laundering compliance programs.

Assessment Invoices Through FDICconnect: The Deposit Insurance Reform Act brought a number of changes to the method of assessing deposit insurance premiums, including a one percent per day penalty for late assessment payments. During the June assessment cycle, the first under the Deposit Insurance Reform Act changes, FDIC employees were surprised that a number of banks were not reviewing their assessment invoices on the FDICconnect secure web site. They found that a significant number of banks were not able to review their assessment invoices because they had not designated a replacement FDICconnect coordinator after the previous coordinator left.

FDICconnect is a valuable resource for bankers. The immediate electronic receipt of assessment invoices through this secure web site is just one of its benefits. FDICconnect offers an increasing number of opportunities to conduct business and exchange information with the FDIC efficiently and securely. The web site allows banks to electronically file branch applications, view Special Alerts, order FDIC signage, and transfer bank data for examinations, among other transactions.

Access to FDICconnect requires that each bank have an authorized coordinator who can log on to the web site and authorize access for other bank employees to conduct various transactions. If you are unsure who serves as your bank’s designated coordinator or you need to register a new coordinator, the FDICconnect Help Desk is ready to assist you. The Help Desk can be reached by calling 1-877-275-3342 (menu option 1, 1, 5) or by e-mail at FDICconnect@fdic.gov. Your e-mail should include your full name, the name and address of your institution, a work telephone number, and a full description of your question or problem. Information on the FDICconnect Business Center explains how to designate a new coordinator. The Designated Coordinator Registration Form is available from an FDIC examiner, FDIC regional or field office, or the FDICconnect Help Desk.

Enforcement Orders: Some bankers have reported difficulty in conducting pre-employment background screening on the Federal Financial Institutions Examination Council (FFIEC) Web site’s Enforcement Actions and Orders page because it requires a separate search of each regulator’s list. The FDIC is working on a project with other regulatory agencies to consolidate the enforcement orders. This new feature will allow users to search the Federal Reserve, FDIC, Office of the Comptroller of the Currency (OCC), Office of Thrift Supervision (OTS) and National Credit Union Administration (NCUA) enforcement decisions and orders simultaneously. This feature should be available in late 2007.

Pre-Examination Information Requests: Bankers remain concerned about the limited time they are allowed to respond to pre-examination requests and the volume of requested information. Some bankers also believe portions of the requested information have not been reviewed because examiners have requested the same information multiple times during examinations.

Most FDIC regions have implemented automated templates for tailoring information requests for risk examinations. These templates should reduce the amount of information requested which, in turn, may reduce duplicative information requests.

Special Alerts: Institutions frequently ask the OO how to report fraudulent cashier’s checks to the FDIC. An e-mail should be sent to alert@fdic.gov along with any details, your contact information, a copy of the fraudulent item, and a voided authentic check. A scanned copy is preferred because extraneous information can more easily be eliminated from a scanned version, and details on faxed checks are often difficult to read.

Copies of counterfeit and authentic checks are not included with the Special Alerts on the FDIC’s web site to prevent their use in fraudulent activity. However, they are available through FDICconnect and are included with the paper copies of Special Alerts mailed to financial institutions. Anyone may register for online subscriptions to Special Alerts and a variety of other useful publications at the FDIC's Subscriptions web page.

The growth in financial fraud is troubling. Of particular concern is the significant increase in the number of counterfeit cashier’s and official checks and the upsurge in phishing and pharming incidents.

• Fraudulent Cashier’s Checks: In 2004, the FDIC issued 106 Special Alerts primarily concerning counterfeit cashier’s checks. That number almost doubled to 202 in 2005, and more than tripled to 342 in 2006. The number of Special Alerts for counterfeit cashier’s checks issued through mid-August 2007 is 226.
• Phishing and Pharming: Incidents of phishing (e-mails asking for confidential personal information) and pharming (redirecting web traffic to fake web sites created to collect confidential personal information) have grown exponentially over the last several years. In 2004, financial institutions reported only 4 phishing incidents to the FDIC. In 2005, that number increased to 219, and the FDIC participated in shutting down 81 fake web sites. In 2006, the FDIC recorded 3,892 bank phishing incidents, and the FDIC participated in taking down 900 fake websites. The Consumer Alerts – Phishing Scam web page on the FDIC Web site was created to inform and warn consumers about phishing. This web page also lists related financial institution letters (FILs), press releases, brochures and FDIC Consumer News articles.

NOTE: If you have comments or suggestions about this semiannual report, please contact FDIC Ombudsman Cottrell Webster at (703) 562-6040, or by e-mail at cwebster@fdic.gov. To receive e-mail notifications of future OO semiannual reports as soon as they are posted to the FDIC's Web site, follow the instructions at the FDIC's Subscriptions web page.