Contents

---

Page
Background	2
Causes of Failure and Material Loss	3
ADC Loan Concentrations	3
Board and Management Oversight	5
The FDIC’s Supervision of United Security	9
Supervisory History	10
Supervisory Response to Key Risks	11
Implementation of PCA	15
Supervisory Lessons Learned	16
Corporation Comments	18
Appendices
1. Objectives, Scope, and Methodology	19
2. Glossary of Terms	21
3. Acronyms	23
4. Corporation Comments	24
Tables
1. Financial Information for United Security, 2005 to 2009	2
2. United Security’s ADC Concentrations Compared to Peer Group	4
3. United Security’s Adversely Classified Assets and ALLL, 2004 to 2009	7
4. United Security’s Examination History, 2004 to 2009	10
5. United Security’s Offsite Monitoring, September 2007 to September 2008	11
Figure
Composition of United Security’s Loan Portfolio, 2003 to 2009	3

As required by section 38(k) of the Federal Deposit Insurance (FDI) Act, the FDIC Office of Inspector General (OIG) conducted a material loss¹ review of the failure of United Security Bank (United Security), Sparta, Georgia. The Georgia Department of Banking and Finance (DBF) closed United Security on November 6, 2009 and named the FDIC as receiver. On November 20, 2009, the FDIC notified the OIG that United Security's total assets at closing were $153.7 million and the estimated loss to the Deposit Insurance Fund (DIF) was $57.3 million. As of May 14, 2010, the estimated loss to the DIF had increased to $64.9 million.

When the DIF incurs a material loss with respect to an insured depository institution for which the FDIC is appointed receiver, the FDI Act states that the Inspector General of the appropriate federal banking agency shall make a written report to that agency. The report is to consist of a review of the agency’s supervision of the institution, including the agency’s implementation of FDI Act section 38, Prompt Corrective Action (PCA); a determination as to why the institution’s problems resulted in a material loss to the DIF; and recommendations to prevent future losses.

The objectives of this material loss review were to (1) determine the causes of United Security’s failure and the resulting material loss to the DIF and (2) evaluate the FDIC’s supervision² of United Security, including the FDIC’s implementation of the PCA provisions of section 38 of the FDI Act. This report presents our analysis of United Security’s failure and the FDIC’s efforts to ensure that the Board of Directors (Board) and management operated the institution in a safe and sound manner. The report does not contain formal recommendations. Instead, as major causes, trends, and common characteristics of financial institution failures

---

¹As defined by section 38(k)(2)(B) of the FDI Act, a loss is material if it exceeds the greater of $25 million or 2 percent of an institution’s total assets at the time the FDIC was appointed receiver.
²The FDIC’s supervision program promotes the safety and soundness of FDIC-supervised institutions, protects consumers’ rights, and promotes community investment initiatives by FDIC-supervised insured depository institutions. The FDIC’s Division of Supervision and Consumer Protection (DSC) (1) performs examinations of FDIC-supervised institutions to assess their overall financial condition, management policies and practices (including internal control systems), and compliance with applicable laws and regulations and (2) issues related guidance to institutions and examiners.

are identified in our material loss reviews, we will communicate those to management for its consideration. As resources allow, we may also conduct more in-depth reviews of specific aspects of DSC’s supervision program and make recommendations, as warranted.³ Appendix 1 contains details on our objectives, scope, and methodology. Appendix 2 contains a glossary of key terms and Appendix 3 contains a list of acronyms. Appendix 4 contains the Corporation’s comments on this report.

Background

United Security was a state-chartered nonmember bank that was established on September 12, 1932. The bank was a full-service community bank headquartered in Sparta, Georgia, a small rural town located 105 miles east of Atlanta in central Georgia and the only incorporated municipality in Hancock County. Faced with declining loan demand in the Sparta market, the bank decided to expand and opened a branch office in Woodstock, Georgia (Woodstock branch) in July 2002 to serve Cherokee, Cobb, and Fulton counties, which are part of the Atlanta metropolitan area. The Woodstock branch operated under the trade name, The Bank of Woodstock, a Division of United Security Bank. After the addition of the Woodstock branch, the bank’s lending focused on commercial real estate (CRE), specifically, acquisition, development, and construction (ADC), including out-of-state loan participations. Table 1 provides details on United Security’s financial condition as of September 30, 2009 and for the 4 preceding calendar years.

Table 1: Financial Information for United Security, 2005 to 2009

Financial Measure	Sept-2009	Dec-2008	Dec-2007	Dec-2006	Dec-2005
Total Assets ($000s)	153,639	153,718	136,457	129,867	113,957
Total Loans ($000s)	109,354	119,960	116,212	112,332	94,596
Total Deposits ($000s)	149,616	137,582	117,326	108,270	101,911
Net Income ($000s) (Loss)	(7,007)	(730)	762	3,166	2,260

Source: Uniform Bank Performance Reports (UBPR) for United Security.

United Security was wholly-owned by United Security Bancshares, Inc. (USBI),⁴ Woodstock, Georgia, a non-complex, one-bank holding company. USBI was 100 percent family-owned. Initially, USBI was a source of strength to the bank and demonstrated an ability to support the bank’s growth. However, as the bank’s financial condition weakened, the holding company could offer little financial support.

---

³For example, in May 2010, the FDIC OIG’s Office of Evaluations initiated a review of the role and federal regulators’ use of the Prompt Regulatory Action provisions of the FDI Act (section 38, PCA and section 39, Safety and Soundness Standards) in the banking crisis.
⁴USBI also had a small stock investment related to a Florida bank.

2

Causes of Failure and Material Loss

United Security failed because of loan concentrations in CRE, particularly ADC, that were a result of the Board and management’s decision to expand its operations outside the rural community of Sparta into the Atlanta metropolitan area. The Board and management, largely dominated by one individual, pursued a growth strategy without establishing a sound internal control system to support this strategy. Although initially profitable, United Security’s ADC concentrations, absent adequate underwriting and credit administration practices, created risks the bank was ill-equipped to manage. Further, the bank’s ADC concentrations and inadequate underwriting and credit administration practices materially increased the bank’s vulnerability to losses when the real estate market significantly declined in the Atlanta metropolitan area. DBF closed United Security after determining the bank was not viable due to deteriorating asset quality, poor earnings, and eroding capital.

ADC Loan Concentrations

After the Woodstock branch opened, United Security’s total assets increased from approximately $31 million as of December 31, 2002, to approximately $154 million by September 30, 2009, with much of the growth centered in ADC lending. The use of potentially volatile funding sources to fund this growth weakened the bank’s liquidity position as the bank’s financial condition deteriorated. In addition to loans it originated, United Security’s portfolio and adversely classified assets included a number of out-of-area loan participations. Further, the 2008 examination report questioned whether the lending staff had the expertise to analyze the out-of-area participations. The figure below illustrates the general composition and growth of United Security’s loan portfolio from 2003 to 2009.

[ D ]

3

In December 2006, Federal banking regulatory agencies issued guidance, entitled, Concentrations in Commercial Real Estate Lending, Sound Risk Management Practices (Joint Guidance) that reinforces existing regulations and guidelines for real estate lending and safety and soundness.⁵ The Joint Guidance points out that there are substantial risks posed by CRE concentrations, especially ADC concentrations. Such risks include unanticipated earnings and capital volatility during a sustained downturn in the real estate market.

Further, the December 2006 guidance defines institutions with significant CRE concentrations as those reporting loans for construction, land and development, and other land (i.e., ADC) representing 100 percent or more of total capital; or institutions reporting total CRE loans representing 300 percent or more of total capital, where the outstanding balance of CRE has increased by 50 percent or more during the prior 36 months. Due to the risks associated with CRE and ADC lending, regulators consider institutions with significant CRE and ADC concentrations to be of greater supervisory concern. United Security’s ADC concentrations significantly exceeded the criteria established in the guidance as well as peer group⁶ levels, as illustrated in Table 2.

Table 2: United Security’s ADC Concentrations Compared to Peer Group

Period Ending	ADC Loans as a Percentage of Total Capital		ADC Loans as a Percentage of Average Gross Loans
	United Security	Peer Group	United Security	Peer Group
Dec. 31, 2002	60.57	11.61	5.56	1.69
Dec. 31, 2003	148.48	10.89	13.22	1.65
Dec. 31, 2004	233.76	15.25	23.09	2.45
Dec. 31, 2005	270.82	26.73	23.88	4.01
Dec. 31, 2006	286.90	35.60	26.61	5.28
Dec. 31, 2007	434.10	39.87	31.44	5.95
Dec. 31, 2008	374.15	37.11	34.37	6.08
Sep. 30, 2009	513.82*	26.55	25.61	5.21

Source: UBPRs for United Security.
*The increase in risk exposure from ADC loans in 2009 was due primarily to the decline in the bank’s capital level.

According to information provided by FDIC officials, the decline in the housing market in the Atlanta metropolitan area began in the third quarter of 2006 and began to affect the performance of banks in this area, including United Security, in the second half of 2007. The overall condition of the bank was considered satisfactory until the 2008 examination, which was based on 2007 year-end financial information. Specifically, in that examination, the adversely classified items coverage ratio had increased from 44 percent in the prior examination, to 165 percent. This ratio is a measure of the asset risk and the ability of

---

⁵The guidance was issued jointly by the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, and the FDIC (collectively referred to as the agencies in the guidance).
⁶Institutions are assigned to 1 to 15 peer groups based on asset size, number of branches, and whether the institution is located in a metropolitan or non-metropolitan area. United Security’s peer group included institutions with assets between $100 million and $300 million in a non-metro area with two or fewer full-service offices.

4

capital to protect against that risk. A lower ratio is desirable because a higher ratio indicates exposure to poor-quality assets and less ability for the bank’s capital to absorb any losses associated with those assets. By the 2009 examination, the bank’s ADC portfolio accounted for 79 percent of the approximately $17.8 million in adversely classified loans. Also, 97 percent of the other real estate owned portfolio⁷ was ADC-related.

Board and Management Oversight

The DSC Risk Management Manual of Examination Policies (Examination Manual) states that the quality of an institution’s management, including its Board of Directors and executive officers, is perhaps the single most important element in the successful operation of a bank. According to the Examination Manual, the Board has overall responsibility and authority for formulating sound policies and objectives for the bank and for effectively supervising the institution’s affairs. The continuing health, viability, and vigor of the bank are dependent upon an interested, informed, and vigilant board of directors.

The establishment of the Woodstock branch represented a strategic shift that provided the bank with an opportunity to increase its loan portfolio, which had been declining due to low loan demand in the Sparta market. However, United Security’s Board and management failed to establish an adequate internal control system, including risk management practices commensurate with the size and complexity of the loan portfolio generated from the Woodstock branch.

Risk Management Practices

The Joint Guidance reiterates that concentrations in CRE lending, coupled with weak loan underwriting and depressed CRE markets, contributed to significant credit losses in the past. Earlier guidance on ADC lending⁸ emphasized that management’s ability to identify, measure, monitor, and control portfolio risk through effective underwriting policies, systems, and internal controls was crucial to a sound ADC lending program.

United Security failed to implement adequate credit risk management practices to handle the institution’s expanded business plan or cope with the competitive market conditions that prevailed in the Woodstock trade area. Poor economic conditions, coupled with weaknesses in United Security Bank’s loan underwriting and credit administration, contributed to the significant deterioration of the bank’s asset quality after 2007. As further evidence of poor risk management practices, the bank was consistently cited for violations of law and/or to be in contravention of supervisory policy, including policy related to the Allowance for Loan Lease Losses (ALLL).

---

⁷Other real estate owned is property taken over by a bank through loan foreclosures.
⁸
Financial Institution Letter (FIL)-110-98, entitled, Internal and Regulatory Guidelines for Managing Risks Associated with Acquisition, Development, and Construction Lending, dated October 8, 1998.

5

Loan Underwriting and Credit Administration Practices. Examiners identified the following weaknesses in the bank’s loan underwriting and credit administration practices:

• The 2008 examination report noted that United Security’s loan policy did not define or set parameters on industry concentrations. Additionally, examiners recommended that the loan policy should provide guidance to define acceptable levels of out-of-area loans. The loan policy was updated, but according to the 2009 examination report, the newly-established limits appeared to be too liberal. Further, the condition of the loan files, the number of technical exceptions found, and missing loan approvals illustrated that policy guidelines were not always followed.
• The 2008 examination report stated that the loan review and grading procedures were inadequate as evidenced by the number of classified loans that were not on the bank’s watch list.
• According to the 2008 and 2009 examination reports, loan files were disorganized and appeared to be incomplete since the loans were originated. The 2009 examination noted documentation deficiencies in 79 percent of the loan files reviewed.
• According to the 2009 examination report, loan officers performed a limited loan analysis during initial underwriting, and the analysis often focused on the collateral rather than the borrower’s debt service ability and liquidity. Updated financial information on borrowers was rarely obtained, and complex relationships did not include global cash flow analyses that would consider the entire lending relationship, including outstanding obligations to other institutions.

In addition, according to the 2008 and 2009 examination reports, examiners found that the loan files for participations did not contain sufficient analysis. According to the Examination Manual, institutions purchasing participations must make a thorough, independent evaluation of the transaction and risks involved before committing any funds. Institutions should also apply the same standard of prudence, credit assessment, approval criteria, and “in-house” limits that would be employed if the purchasing organization were originating the loan.

Further, United Security did not perform market analysis for the various geographic markets represented in its portfolio as called for in the Joint Guidance. This type of analysis would have been useful had the bank performed portfolio-level stress tests or sensitivity analyses to quantify the impact of the changing economic conditions on asset quality, earnings, and capital.

Apparent Violations and Contraventions of Interagency Policy Statements. According to the Examination Manual, it is important for a financial institution’s Board to ensure that bank management is cognizant of applicable laws and regulations, develops a system to effect and monitor compliance and, when violations do occur, makes corrections as quickly as possible. Although regulators viewed the Board and management to be knowledgeable of banking activities, between 2006 and 2009, the FDIC and the DBF cited

6

United Security for apparent violations of state and federal laws, including violations related to the Bank Secrecy Act (BSA), state legal lending limits, and appraisal requirements and/or contraventions of regulatory guidance. Examiners found that management would correct cited violations but in a subsequent examination would be cited for other apparent violations or other contraventions of regulatory guidance. In a few instances, examiners noted repeat contraventions. The 2008 examination characterized the number of violations of law and regulations as being excessive, reflecting poorly on management’s ability.

Allowance for Loan and Lease Losses. The December 2006 Interagency Policy Statement on the Allowance for Loan and Lease Losses (ALLL Policy Statement) reiterated key concepts and requirements related to generally accepted accounting principles (GAAP)⁹ and existing supervisory guidance. According to the ALLL Policy Statement, the ALLL represents one of the most significant estimates in an institution’s financial statements and regulatory reports. An appropriate ALLL covers estimated credit losses on individually evaluated loans that are determined to be impaired as well as credit losses inherent in the remainder of the portfolio.

The 2008 examination report stated that United Security’s ALLL methodology was not consistent with GAAP and, as a result, an additional provision was required. Management subsequently worked with the external auditors to prepare an ALLL methodology that conformed to accounting standards. Although examiners found the ALLL methodology to be satisfactory during the 2009 examination, reserve levels were inappropriate because problem loans were not being identified in a timely manner. Further, a visitation in 2009 found the bank’s methodology once again to be flawed, resulting in an underfunded ALLL. Table 3 shows the ALLL amounts computed by United Security compared to the amounts calculated by examiners.

Table 3: United Security’s Adversely Classified Assets and ALLL, 2004 to 2009

Asset Quality (Dollars in Thousands)
Examination Date	Examiner Adversely Classified Asset Amounts				ALLL Amounts
	Substandard	Doubtful	Loss	Total Adversely Classified Items	ALLL Computed by United Security	Increase in ALLL Computed by Examiners
08/19/2004	$499	$0	$5	$504	$459	$0
03/06/2006	$597	$35	$79	$711	$938	$0
03/05/2007	$4,581	$6	$164	$4,751	$1,112	$0
04/28/2008	$19,254	$423	$191	$19,868	$1,192	$1,550
05/11/2009	$29,040	$0	$3,753	$32,793	$1,227	$3,130

Source: Reports of Examination (ROE) for United Security.

---

⁹Statement of Financial Accounting Standards (FAS) No. 5, Accounting for Contingencies and FAS No. 114, Accounting by Creditors for Impairment of a Loan.

7

Influence of a Dominant Official

Examiners attributed the lack of proper Board and management oversight to one individual who had a controlling interest in the bank since 1978, led the Board, and also functioned as a senior bank officer. Prior to 2008, this individual also effectively served as the bank’s senior credit officer. The 2008 examination criticized the bank for an advertisement in a local newspaper that implied that this individual was the lone member of the bank’s loan committee.

The Examination Manual characterizes this type of bank wherein the institution’s principal officer and stockholder dominates virtually all phases of the bank’s operations as a “One Man Bank”. According to the Examination Manual, there are at least two dangers inherent in a “One Man Bank” situation: (1) the incapacitation of the dominant official may deprive the bank of competent management and (2) problem situations resulting from mismanagement can be more difficult to solve through normal supervisory efforts because the bank’s problems are often attributed to the one individual that dominates the bank.

This individual garnered Board support because the other Board members included a family member and two long-standing business associates, all of whom served as officers in the bank. The two outside directors were from the Sparta area and had served on the bank’s Board for a number of years. The following summarizes key issues related to United Security’s Board and management structure that were identified by examiners beginning in 2008 and by a consultant hired by the bank to perform an independent assessment of Board and management in response to 2008 supervisory concerns:

• United Security’s Board was not sufficiently independent and was inadequate because of the limited number of outside independent directors. A small minority of outside directors limited perspective and objectivity when overseeing the bank’s operations and evaluating management recommendations. In response to the independent assessment report and recommendations made in the 2008 examination report, the Board sought to recruit additional outside directors who were more knowledgeable of the Woodstock market, but its efforts were unsuccessful due to the weak condition of the bank at that time.
• The independent assessment report also noted that the Board’s structure and composition limited the bank’s ability to have Board-level committees of sufficient size to operate independently of management. In that regard, the 2008 examination report stated that the objectivity was removed from the loan approval process because the Loan Committee was comprised of bank officers responsible for both originating and approving loans.
• Further, the outside directors, while knowledgeable of the Sparta market, were not necessarily sufficiently prepared to oversee the activities of the Woodstock branch. As noted in the independent assessment report, an ongoing director education program was

8

imperative for all directors but more so for outside directors to ensure they stayed abreast of laws, rules, and regulations as well as market conditions in the bank’s overall operating environment.

Notably, the dominant official at United Security was characterized by the FDIC as an experienced community banking executive who had previously served in a similar capacity in another bank of comparable size. However, FDIC officials stated that it became apparent that this individual, the management team, and other directors lacked the experience and expertise needed to manage the bank as the size and complexity of the portfolio increased, especially once the real estate market began to decline. FDIC officials eventually concluded that the Board and management were slow to react to the changing market because they were either incapable or reluctant to do so.

The FDIC’s Supervision of United Security

Our review focused on FDIC and DBF supervisory oversight of United Security between 2004 and 2009. The FDIC and the DBF conducted timely and regular examinations of United Security and monitored its condition through the use of offsite monitoring mechanisms. Through its supervisory efforts, the FDIC and the DBF identified risks in United Security’s operations and brought these to the attention of the bank’s Board and management through examination reports and other correspondence. Such risks included the bank’s significant concentrations in CRE and ADC loans and poor Board and management oversight of key banking functions. Enforcement actions were taken in 2006 and 2008; however, United Security’s actions in response to the 2008 enforcement action were inadequate and the financial condition of the bank became critically deficient.

In hindsight, United Security’s expansion into the Atlanta metropolitan area, which altered the bank’s risk profile, and the presence of a dominant official should have elevated supervisory concerns about the sufficiency of the bank’s internal control system beginning as early as 2002. Further, the pursuit of an enforcement action in 2007 may have been appropriate, given examiners’ continued concerns about management and the significant deterioration in asset quality since the prior examination. We recognize that decisions regarding enforcement actions involve judgment based on information known at the time. In this case, the FDIC did consider taking an enforcement action but concluded that an action was not necessary based on written commitments from the Board to address deficiencies, the bank’s overall satisfactory regulatory history, its satisfactory financial performance over an extended period of time, and an expected capital infusion. Further, FDIC officials stated that the depth of the economic downturn that was a factor in the rapid deterioration of United Security’s loan portfolio was not evident at the time of the 2007 examination. However, in our view, the FDIC should have been more skeptical of the Board and management’s ability to adequately address the deficiencies because, prior to 2002, the bank had been operating in a vastly different market.

9

Supervisory History

The FDIC and the DBF conducted five examinations and one visitation of United Security between August 2004 and the bank’s failure. Table 4 summarizes key supervisory information.

Table 4: United Security’s Examination History, 2004 to 2009

Start Date	As of Date	Agency	Supervisory Ratings (UFIRS)*	Supervisory Action	Apparent Violation of Law or Contravention of Policy Reported
08/19/2004	06/30/2004	FDIC	211122/1	N/A	N/A
03/06/2006	12/31/2005	State	213122/2	Bank Board Resolution (BBR)
03/05/2007	12/31/2006	FDIC	223122/2	N/A
04/28/2008	12/31/2007	State	344333/4	Cease & Desist Order (C&D)
05/11/2009	03/31/2009	FDIC/State**	555555/5	C&D (Continued)

Source: ROEs for United Security.
*Financial institution regulators and examiners use the Uniform Financial Institutions Rating System (UFIRS) to evaluate a bank’s performance in six components represented by the CAMELS acronym: Capital adequacy, Asset quality, Management practices, Earnings performance, Liquidity position, and Sensitivity to market risk. Each component, and an overall composite score, is assigned a rating of 1 through 5, with 1 having the least regulatory concern and 5 having the greatest concern.
**A visitation was conducted in October 2009 to assess the accuracy of the bank’s internally calculated capital ratio and focused on transactions affecting capital after the May 2009 examination.

As shown in Table 5, in addition to the onsite examinations, United Security was flagged once for offsite review based on September 30, 2007 Call Report data and four times based on quarterly Call Report data in 2008. The offsite reviews identified increasing risk levels and resulted in interim contact with the bank. According to FDIC officials, acceleration of the onsite examination schedule was not warranted based on information obtained through contact with bank officials or because of planned or ongoing onsite examination activity.

10

Table 5: United Security’s Offsite Monitoring, September 2007 to September 2008

Call Report Date	Offsite Review Completion Date	Level of Risk	Risk Trend	Action Taken
09/30/2007	01/09/2008	Low	Increasing	Contacted bank management to discuss actions being taken in response to apparent deterioration in asset quality. The bank official contacted reported that problem loans principally consisted of two large participation loans and anticipated resolution of the problem loan participations by mid-2008. Further, bank management reported that it had curtailed ADC lending, hired an additional senior officer in the Woodstock branch to assist in problem loan work-out, and had no plans for substantial asset growth in 2008. Based on information provided by management, a $400,000 capital injection in November 2007, and analysis of other financial data, the supervisory plan was to maintain interim contact to monitor the bank.
12/31/2007	04/01/2008	Medium	Increasing	Contacted bank management and determined that the bank was taking appropriate actions to deal with asset quality problems. Onsite examination was scheduled to start on April 28, 2008. Accordingly, supervisory plan was to maintain interim contact to monitor the bank.
03/31/2008	07/03/2008	High	Increasing	No additional action taken because of ongoing onsite examination by DBF. DBF indicated CAMEL downgrades were likely because of the high level of adversely classified items.
06/30/2008	10/07/2008	High	Increasing	No additional action warranted because a C&D was being pursued by DBF.
09/30/2008	01/09/2009	High	Increasing	No action taken other than monitoring bank’s C&D progress reports. A joint examination was scheduled for the second quarter of 2009.

Source: DSC’s Virtual Supervisory Information on the Net (ViSION).

Supervisory Response to Key Risks

Although United Security was historically well-rated, in retrospect, certain key risks at the bank may have warranted elevated supervisory concerns and a stronger supervisory response.

2004 Supervisory Activities

United Security received a composite “1” CAMELS rating in the 2004 examination report, meaning it was considered to be sound in every respect. Examiners viewed the Board and management as capable of providing adequate oversight as evidenced by United Security’s strong financial performance and reported no concentrations. The examination report noted that management had hired a credit analyst in the Woodstock branch to help ensure the adequacy of the credit function. With respect to the Board structure, the examination

11

report noted that the Board elected a relative of the dominant official to the Board who was also serving as a bank officer at the Woodstock branch.

2006 Supervisory Activities

In 2006, the bank was downgraded to a composite “2” CAMELS rating based on concerns about apparent violations of state and federal laws but was still considered to be fundamentally sound with strong earnings and asset quality. As referenced earlier in this report, the examination report stated that management was knowledgeable of banking activities but was cited for numerous apparent violations related to BSA, state legal lending limits, and appraisal requirements. Consequently, examiners assigned a “3” rating to the management component. The examination report recommended that the Board adopt a resolution for corrective action to address:

• the apparent violations of legal lending limits,
• BSA training,
• resource needs at the Woodstock branch to provide for sufficient personnel to effectively coordinate and monitor compliance with the BSA,
• policies and procedures to monitor transactions for suspicious activity, and
• policies and procedures for the wire transfer function.

The Board adopted a BBR on May 23, 2006 to correct the violations and deficiencies noted and provided quarterly progress reports to the DBF and the FDIC.

The examination report also noted that the bank had experienced asset growth rates of 70 percent in 2005 and 36 percent in 2004 and that the funded total of ADC lending represented approximately 304 percent of Tier 1 Capital. Despite the bank’s growth, no changes to management or the Board had taken place and the report did not discuss the presence of a dominant official other than to describe the ownership structure of the holding company. The bank’s policies and procedures were found to adequately address credit administration and underwriting. In addition, examiners found United Security’s methodology and ALLL level to be adequate for the bank’s needs.

2007 Supervisory Activities

Based on its 2007 examination, the FDIC concluded that the overall condition of the bank was satisfactory – again, earnings were strong and capital remained satisfactory. However, the numerous management-related deficiencies identified in the report were a source of concern and were reflected in the management component rating remaining a “3”. Specifically, although management corrected most of the deficiencies identified in the 2006 examination, examiners identified additional violations and deficiencies requiring the Board’s and management’s attention. The report also recommended that management seek ways to improve its credit administration and underwriting procedures, including implementing a loan review program and enhancing due diligence on loan participations purchased. Further, examiners found the internal audit program to be inadequate and recommended expanding internal audit procedures, strengthening internal controls, and correcting weaknesses identified in United Security’s audit reports.

12

The 2007 examination reflected substantial deterioration in United Security’s asset quality since the prior examination as adversely classified assets increased from 8.24 percent to 43.84 percent. Nonetheless, the examination report stated management adequately monitored the ADC concentration and the ALLL appeared to be appropriate for the identified risks in the portfolio. The asset quality component rating was downgraded from a “1” to a “2”.

Examiners recommended that the 2006 BBR be terminated because management had substantially complied with the provisions. According to the 2007 examination report, the FDIC considered the issuance of a revised BBR given the lack of improvement in the composite CAMELS rating, the downgrade in the asset quality component, and the additional deficiencies noted in the examination. However, the FDIC decided not to pursue this action based on:

• the bank’s satisfactory financial performance over an extended period of time,
• documented commitments received from the Board and management,
• the bank’s overall satisfactory regulatory history, and
• expectations of an additional capital infusion.

USBI did subsequently inject $2 million of capital in June 2008, but as discussed later in this report, this step failed to improve the bank’s declining capital position. Although the FDIC decided against requiring a BBR, the Corporation’s transmittal letter to the Board accompanying the examination report did state that management and Board oversight was less than satisfactory in a number of key areas and highlighted matters requiring the Board’s attention. Further, the letter requested that the Board provide a written response to the FDIC within 30 days of the next regularly scheduled Board meeting, including a detailed discussion of plans for reducing adversely classified loans. The Board later submitted a written response to the FDIC as required.

2008 Supervisory Activities

The DBF’s 2008 examination found the overall condition of the bank to be unsatisfactory and downgraded the composite CAMELS rating from a “2” to a “4” because the bank was exhibiting unsafe and unsound practices. Asset quality had deteriorated substantially since the last onsite examination. The examination reported that adversely classified assets had increased at an alarming rate and cited numerous credit underwriting and loan administration deficiencies. The asset quality component was also downgraded from a “2” to a “4”. In addition, the number of violations of laws and regulations, including BSA-related violations, was found to be excessive and considered to reflect poorly on management, and resulted in the management component also being downgraded to a “4”.

The examination report stated that United Security’s present management team – unchanged from the prior examination – was unsatisfactory and the Board’s oversight was inadequate. The report stated that oversight of the institution was lacking based on United Security’s inadequate internal audit program, loan review and grading system, and ADC concentration

13

guidelines. Further, the examination report stated the present management team did not have the capability to correct criticisms. For the first time, this examination report explicitly stated that one official was a dominant force in management and policy formulation and unwilling to accept the reality of the bank’s severe problems.

Based on the results of the examination, the DBF, in consultation with the FDIC, issued a C&D to compel the bank to stop its unsafe and unsound practices and adopt a program of corrective action. Among other things, the C&D, effective on November 20, 2008, required the bank to:

• Increase the participation of the Board in the affairs of the bank, including a thirdparty assessment of the qualifications of the current members of the Board to determine whether individual Board members had the abilities needed to return the bank to a safe and sound condition.
• Ensure management had the qualifications and experience commensurate with his or her duties.
• Restore and maintain capital levels in such an amount as to equal or exceed 8 percent of total assets and develop a capital plan.
• Address classified assets, including charge-off or collection of all assets or portions of assets classified as loss or doubtful.
• Cease extensions of credit to certain borrowers.
• Review the adequacy of the ALLL.
• Address specific issues outlined in the order pertaining to lending practices.
• Adopt an effective system of loan review and grading to be conducted quarterly.
• Formulate and implement a written plan to improve and sustain earnings.
• Address issues outlined in the order pertaining to the bank’s fund management practices, which included revising the bank’s liquidity contingency plan.
• Prepare and submit a written strategic business plan.
• Cease use of the terms “One Man Loan Committee” in any advertisements.
• Eliminate and/or correct all violations of law and regulation outlined in the examination report.
• Restrict payment of cash dividends or bonuses without the prior written consent of the supervisory authorities.

The bank was also required to provide quarterly progress reports to the FDIC and the DBF and did so.

2009 Supervisory Activities

The 2009 joint examination found that United Security’s overall performance had continued to deteriorate, and, accordingly, the bank was downgraded to a composite “5” CAMELS rating. Near-term failure was considered likely based on the condition of the bank. The examination report stated that weak economic conditions and poor Board and senior management oversight exacerbated the risk in the bank’s ADC portfolio, resulting in high levels of adversely classified assets, large operating losses, rapid capital erosion, and tenuous liquidity. In addition, the report stated that oversight of the bank was critically deficient and that management had not demonstrated the ability to correct problems noted in previous

14

examinations or to implement appropriate risk management practices. Further, the examination found that the Board had not fully complied with the provisions of the C&D despite actions taken by the bank.

With regard to the involvement of the Board in the bank’s affairs, the examination report stated that, given a dominant influence in bank management and a Board with only two outside directors, there was an insufficient degree of independence to properly administer bank policy and supervise management. Additionally, the examination report criticized aspects of the bank’s independent third-party management assessment because the assessment did not thoroughly evaluate individuals’ capabilities to manage given the current condition of the bank. The independent assessment report only recommended the need for additional outside directors and development of a formal succession plan. The FDIC considered recommending amendments to the C&D but the bank failed before that action was finalized.

Implementation of PCA

Section 38, Prompt Corrective Action, of the FDI Act establishes a framework of mandatory and discretionary actions pertaining to all institutions. The section requires regulators to take progressively more severe actions, known as “prompt corrective actions,” as an institution’s capital levels deteriorate. The purpose of section 38 is to resolve problems of insured depository institutions at the least possible long-term cost to the DIF. Part 325, Capital Maintenance, of the FDIC Rules and Regulations defines the capital measures used in determining the supervisory actions that will be taken pursuant to section 38 for FDIC-supervised institutions. Part 325 also establishes procedures for the submission and review of capital restoration plans and for the issuance of directives and orders pursuant to section 38. Based on the supervisory actions taken with respect to United Security, the FDIC properly implemented applicable PCA provisions of section 38.

Specifically, United Security was considered Well Capitalized until the April 2008 DBF examination. This examination resulted in an additional ALLL provision to year-end 2007 financial data, which reduced United Security’s capital category to Adequately Capitalized despite the $2 million capital injection by USBI on June 30, 2008. The examination report noted that the bank, pursuant to section 29 of the FDI Act and section 337.6 of the FDIC Rules and Regulations, was subject to certain regulatory restrictions related to brokered deposits. After the 2008 examination was completed, United Security submitted a $4 million funding application under the U.S. Department of the Treasury’s Troubled Asset Relief Program. The bank subsequently withdrew its application on February 17, 2009.

The FDIC sent United Security the following PCA notification letters:

• On November 17, 2008, the FDIC notified the bank that it remained Adequately Capitalized. The letter noted that the bank had been “technically” Adequately Capitalized since December 31, 2007 due to restatement of prior Call Reports made during the DBF’s 2008 examination.

15

The notification letter reiterated the restrictions related to brokered deposits pursuant to section 29 of the FDI Act.
• On February 6, 2009, the FDIC notified United Security that it was again Adequately Capitalized based on the bank’s December 31, 2008 Call Report.
• On August 7, 2009, the FDIC notified the bank that it was Significantly Undercapitalized as a result of the adjustments made to the ALLL during the May 2009 joint examination.
• On November 3, 2009, the FDIC notified the bank that it was Critically Undercapitalized based on a joint visitation conducted in October 2009 to assess the accuracy of the Bank’s internally calculated capital ratio. The notification letter outlined the restrictions associated with this capital category, including restrictions on asset growth, dividends, other capital distributions, and management fees. In addition, the bank was informed that it was required to file a written capital restoration plan.

As previously discussed in this report, the November 28, 2008 C&D included capital-related provisions, including a requirement that the bank adopt a capital plan to meet minimum risk-based capital requirements for a Well Capitalized institution. United Security never submitted an acceptable capital plan in response to the C&D or in response to the FDIC’s written notification of the bank’s Critically Undercapitalized status. The capital plan submitted in response to the C&D stated that the bank would strive to be Well Capitalized at all times and outlined a number of actions it could take to raise capital levels, including selling stock and loan participations in order to decrease assets; however, none of those planned actions materialized. The two principal stockholders indicated during the 2009 examination that they did not have funds available to purchase additional stock. After falling to Critically Undercapitalized, United Security started but did not complete another capital restoration plan because it determined that options for raising additional capital were not viable and the bank was closed on November 6, 2009.

Supervisory Lessons Learned

In hindsight, United Security’s 2002 change in business strategy, which ultimately altered the bank’s risk profile, and the existence of the “One Man Bank” scenario should have elevated supervisory concerns about the sufficiency of the bank’s internal control system. As institutions move into new markets and take on new types of financial risks, it is important that appropriate policies and procedures be put into place to measure and manage these risks. According to the FDIC’s Pocket Guide for Directors, a financial institution’s Board should adopt operating policies to achieve the bank’s objectives in a legal and sound manner and the policies should be monitored to ensure the policies conform with changes in laws and regulations, economic conditions, and the institution’s circumstances.

16

With respect to the “One Man Bank” situation, the Examination Manual emphasizes the need for examiners to review the risk profile and control environment of a bank that is controlled by a dominant official and to consider and assess whether potential controls are in place to mitigate the risk posed by the dominant official. When weaknesses are evident, as in United Security’s case, the Examination Manual states that internal policies and practices should be strengthened in order to mitigate the level of risk presented by the existence of such a dominant official. Examiners can consider pursuit of supervisory action to ensure appropriate controls are in place.

In addition, the following factors could have supported the pursuit of a supervisory action in 2007, notwithstanding the facts considered by the FDIC at the time, as previously discussed in this report:

• United Security’s expansion into the Atlanta metropolitan area represented a change in business strategy and increased the risk profile of the bank because of the shift from a rural market to the competitive Atlanta metropolitan market.
• The bank had ADC concentrations and weak risk management practices. As previously referenced in this report, according to the Joint Guidance, concentrations coupled with weak loan underwriting and depressed markets have contributed to significant credit losses in the past. We recognize that the real estate market was just beginning to soften in 2007; however, the risk profile of the bank warranted a more forward-looking supervisory approach in evaluating the bank’s ability to respond to declining market conditions, irrespective of its willingness to address problems.

Although the FDIC required the bank to outline actions taken in response to the recommendations made in the 2007 report, an enforcement action could have served to convey the significance of supervisory concerns, especially to the outside Board members. Further, an enforcement action would have required the Board to formally commit to a plan to strengthen risk management weaknesses and provided a means for the FDIC and DBF to better monitor the bank’s efforts to correct deficiencies at a critical time.

The FDIC has taken a number of actions to address issues discussed in this report based on lessons it has learned from recent failures. Of note, the FDIC recently completed a training initiative for its entire supervisory workforce that emphasizes the need to assess a bank’s risk profile using forward-looking supervision. The training addressed the need for examiners to consider management practices as well as the current financial performance or trends in assigning ratings as allowable under existing examination guidance. The training also covered methods for communicating weak management practices to the Board and management and tools being developed to monitor corrective actions.

17

Corporation Comments

After we issued our draft report, management provided additional information for our consideration, and we revised our report to reflect this information, as appropriate. On May 18, 2010, the Director, DSC, provided a written response to the draft report. That response is provided in its entirety as Appendix 4 of this report. DSC reiterated the OIG’s conclusions regarding the causes of United Security’s failure. With regard to our assessment of the FDIC’s supervision of United Security, DSC reiterated the bank’s supervisory history described in our report. In addition, DSC’s response outlined the supervisory actions taken to address the risks that examiners identified during that period, including component and composite rating downgrades and the enforcement actions taken in 2006 and 2008 to compel the bank to adopt a program to correct cited anomalies. Further, DSC stated that it has recognized that strong supervisory attention is necessary for institutions with high CRE and ADC concentrations and identified the guidance it has issued to help institutions manage those concentrations. DSC also noted that the updated guidance should serve to remind examiners to take appropriate actions when those risks are imprudently managed.

18

Objectives

We performed this audit in accordance with section 38(k) of the FDI Act, which provides, in general, that if a deposit insurance fund incurs a material loss with respect to an insured depository institution, the Inspector General of the appropriate federal banking agency shall prepare a report to that agency reviewing the agency’s supervision of the institution. The FDI Act requires that the report be completed within 6 months after it becomes apparent that a material loss has been incurred.

Our audit objectives were to (1) determine the causes of the financial institution’s failure and resulting material loss to the DIF and (2) evaluate the FDIC’s supervision of the institution, including implementation of the PCA provisions of section 38.

We conducted this performance audit from February to May 2010 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.

Scope and Methodology

The scope of this audit focused on United Security’s operations from 2004 until its failure on November 6, 2009. Our review also entailed an evaluation of the regulatory supervision of the institution over the same period. Given the significance of the opening of the Woodstock branch we also reviewed available files concerning the branch application and selected bank data to chart the growth of the bank after the branch was opened in 2002.

To achieve the objectives, we performed the following procedures and techniques:

• Analyzed examination and visitation reports prepared by FDIC and DBF examiners from 2004 to 2009 and selected examination work papers.
• Reviewed the following:
  • Bank data contained in UBPRs and Call Reports.
  • Correspondence files made available from DSC’s Atlanta Regional and Atlanta Field Offices.
  • Reports prepared by the Division of Resolutions and Receiverships and DSC related to this closure.
  • DSC’s ViSION Modules, including Supervisory Tracking & Reporting.

19

• Reports from the bank’s external auditors and a consultant’s report on Director and Management Assessment.
• Pertinent DSC policies and procedures.
• Interviewed FDIC and State Examiners who participated in the various reports of examination of United Security.
• Interviewed FDIC Regional Office management and DBF officials responsible for supervisory oversight.

Internal Control, Reliance on Computer-processed Information, Performance Measurement, and Compliance with Laws and Regulations

Consistent with the audit objectives, we did not assess DSC’s overall internal control or management control structure. We relied on information in DSC systems, reports, and interviews of examiners to understand United Security’s management controls pertaining to causes of failure and material loss as discussed in the body of this report.

We obtained data from various FDIC systems but determined that information system controls were not significant to the audit objectives and, therefore, did not evaluate the effectiveness of information system controls. We relied on our analysis of information from various sources, including examination reports, correspondence files, and testimonial evidence to corroborate data obtained from systems that were used to support our audit conclusions.

The Government Performance and Results Act of 1993 (the Results Act) directs Executive Branch agencies to develop a customer-focused strategic plan, align agency programs and activities with concrete missions and goals, and prepare and report on annual performance plans. For this material loss review, we did not assess the strengths and weaknesses of DSC’s annual performance plan in meeting the requirements of the Results Act because such an assessment is not part of the audit objectives. DSC’s compliance with the Results Act is reviewed in program audits of DSC operations.

Regarding compliance with laws and regulations, we performed tests to determine whether the FDIC had complied with provisions of PCA and limited tests to determine compliance with certain aspects of the FDI Act. The results of our tests were discussed, where appropriate, in the report. Additionally, we assessed the risk of fraud and abuse related to our objectives in the course of evaluating audit evidence.

20

Term	Definition
Adversely Classified Assets	Assets subject to criticism and/or comment in an examination report. Adversely classified assets are allocated on the basis of risk (lowest to highest) into three categories: Substandard, Doubtful, and Loss.
Allowance for Loan and Lease Losses (ALLL)	The ALLL is an estimate of uncollectible amounts that is used to reduce the book value of loans and leases to the amount that is expected to be collected. It is established in recognition that some loans in the institution’s overall loan and lease portfolio will not be repaid. Boards of directors are responsible for ensuring that their institutions have controls in place to consistently determine the allowance in accordance with the institutions' stated policies and procedures, generally accepted accounting principles, and supervisory guidance.
Bank Board Resolution (BBR)	A Bank Board Resolution is an informal commitment adopted by a financial institution’s Board of Directors (often at the request of the FDIC) directing the institution’s personnel to take corrective action regarding specific noted deficiencies. A BBR may also be used as a tool to strengthen and monitor the institution’s progress with regard to a particular component rating or activity.
Bank Secrecy Act (BSA)	Congress enacted BSA of 1970 to prevent banks and other financial service providers from being used as intermediaries for, or to hide the transfer or deposit of money derived from, criminal activity. The BSA requires financial institutions to maintain appropriate records and to file certain reports used in criminal, tax, or regulatory investigations or proceedings.
Call Report	The report filed by a bank pursuant to 12 United States Code (U.S.C.) 1817(a)(1), which requires each insured State nonmember bank and each foreign bank having an insured branch which is not a Federal branch to make to the Corporation reports of condition in a form that shall contain such information as the Board of Directors may require. These reports are used to calculate deposit insurance assessments and monitor the condition, performance, and risk profile of individual banks and the banking industry.
Cease and Desist Order (C&D)	A C&D is a formal enforcement action issued by a financial institution regulator to a bank or affiliated party to stop an unsafe or unsound practice or a violation of laws and regulations. A C&D may be terminated when the bank’s condition has significantly improved and the action is no longer needed or the bank has materially complied with its terms.
Concentration	A concentration is a significantly large volume of economically related assets that an institution has advanced or committed to a certain industry, person, entity, or affiliated group. These assets may, in the aggregate, present a substantial risk to the safety and soundness of the institution.

21

Term	Definition
Prompt Corrective Action (PCA)	The purpose of PCA is to resolve the problems of insured depository institutions at the least possible long-term cost to the DIF. Part 325, subpart B, of the FDIC Rules and Regulations, 12 Code of Federal Regulations (C.F.R.), section 325.101, et. seq., implements section 38, Prompt Corrective Action, of the FDI Act, 12 U.S.C. section 1831(o), by establishing a framework for taking prompt supervisory actions against insured nonmember banks that are less than adequately capitalized. The following terms are used to describe capital adequacy: (1) Well Capitalized, (2) Adequately Capitalized, (3) Undercapitalized, (4) Significantly Undercapitalized, and (5) Critically Undercapitalized.
Tier 1 (Core) Capital	In general, this term is defined in Part 325 of the FDIC Rules and Regulations, 12 C.F.R. section 325.2(v), as The sum of: Common stockholder’s equity (common stock and related surplus, undivided profits, disclosed capital reserves, foreign currency translation adjustments, less net unrealized losses on available-for-sale securities with readily determinable market values); Non-cumulative perpetual preferred stock; and Minority interest in consolidated subsidiaries; Minus: Certain intangible assets; Identified losses; Investments in financial subsidiaries subject to section 12 C.F.R. part 362; and Deferred tax assets in excess of the limit set forth in section 325.5(g).
Troubled Asset Relief Program (TARP)	TARP is a program of the United States Department of the Treasury to purchase assets and equity from financial institutions to strengthen the financial sector.
Uniform Bank Performance Report (UBPR)	The UBPR is an individual analysis of financial institution financial data and ratios that includes extensive comparisons to peer group performance. The report is produced by the Federal Financial Institutions Examination Council for the use of banking supervisors, bankers, and the general public and is produced quarterly from data reported in Reports of Condition and Income submitted by banks.

22

ADC	Acquisition, Development, and Construction
ALLL	Allowance for Loan and Lease Losses
BBR	Bank Board Resolution
BSA	Bank Secrecy Act
C&D	Cease and Desist Order
CAMELS	Capital, Asset Quality, Management, Earnings, Liquidity, and Sensitivity to Market Risk
CRE	Commercial Real Estate
DBF	Department of Banking and Finance
DIF	Deposit Insurance Fund
DSC	Division of Supervision and Consumer Protection
FDI	Federal Deposit Insurance
FIL	Financial Institution Letter
OIG	Office of Inspector General
PCA	Prompt Corrective Action
ROE	Report of Examination
UBPR	Uniform Bank Performance Report
UFIRS	Uniform Financial Institutions Rating System
USBI	United Security Bancshares, Inc.
ViSION	Virtual Supervisory Information on the Net

23

May 18, 2010 MEMORANDUM TO: Stephen Beard Assistant Inspector General for Material Loss Reviews   FROM: Sandra L. Thompson [Electronically produced version; original signed by Sandra L. Thompson] Director   SUBJECT: Draft Audit Report Entitled, Material Loss Review of United Security Bank, Sparta, GA (Assignment No. 2010-015)   Pursuant to Section 38(k) of the Federal Deposit Insurance act (FDI Act), the Federal Deposit Insurance Corporation’s Office of Inspector General (OIG) conducted a material loss review of United Security Bank (United Security), Sparta, Georgia, which failed on November 6, 2009. This memorandum is the response of the Division of Supervision and Consumer Protection (DSC) to the OIG’s Draft Report (Report) received on May 3, 2010. The Report concludes that United Security failed due to the high concentration of commercial real estate loans (CRE), particularly acquisition development and construction (ADC) loans that resulted from the Board’s and management’s decision to expand operations outside the local rural community of Sparta into the Atlanta metropolitan area. The report also notes that United Security failed to establish a sound internal control system and adequate underwriting and credit administration practices in conjunction with the expansion of CRE lending. This created risks that the bank was ill-equipped to manage, thus increasing the bank’s vulnerability to losses when the real estate market declined in the Atlanta metropolitan area. United Security was closed due to overall deterioration in its loan portfolio, poor earnings and inadequate capital. From 2004 to 2009, the FDIC and the Georgia Department of Bank and Finance (DBF) conducted 5 examinations, one visitation, and beginning in 2007, continuous off-site monitoring. During this period the FDIC and DBF identified risks in United Security’s operations. As a result of the 2006 DBF examination, the bank was downgraded to a composite “2” rating because of concerns about apparent violations of state and federal laws. A Board Resolution to implement corrective actions was adopted. The 2007 FDIC examination identified substantial deterioration in United Security’s asset quality, and downgraded that component rating from a “1” to a “2”. Again in 2008, DBF downgraded United Security to a composite “4” rating as a result of the banks unsatisfactory overall condition, unsafe and unsound practices, and the alarming rate of increase in adversely classified loans. A cease and desist order was issued to compel the bank to adopt a program to correct the cited anomalies. DSC recognizes that strong supervisory attention is necessary for institutions with high CRE/ADC concentrations, and has issued updated guidance reminding examiners to take appropriate action when those risks are imprudently managed. DSC issued Interagency Guidance on CRE Monitoring in 2006 and a Financial Institution Letter to banks on Managing Commercial Real Estate Concentrations in a Challenging Environment in 2008 that recommended several risk management processes to help institutions manage CRE and ADC concentrations. Thank you for the opportunity to review and comment on the Report.