Tag Archive for: FFIEC

Posts

,

Private Flood Insurance

The below article is the Special Focus section of the March 2019 Compliance Journal. The full issue may be viewed by clicking here.

On February 12, 2019 the Federal Financial Institutions Examination Council published a final rule on loans in areas having special flood hazards (2019 final rule). The 2019 final rule amends the flood regulations for the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Farm Credit Administration, and the National Credit Union Administration (Agencies). The Agencies issued the 2019 final rule to implement the private flood insurance provisions of the Biggert-Waters Flood Insurance Reform Act of 2012 (Biggert-Waters Act). The 2019 final rule was published in the Federal Register on February 20, 2019 and compliance is manditory on July 1, 2019; however, lenders may begin following the rule now.

Background

The Biggert-Waters Act includes a statutory definition of private flood insurance and directs the Agencies to implement acceptance through rulemaking. In 2013 the Agencies proposed a rule requiring the acceptance of private flood insurance pursuant to the statutory definition. The proposed rule generated interpretive uncertainties that ultimately resulted in the Agencies issuing a revised proposed rule in 2016. The 2019 final rule is an attempt to clarify the definition of private flood insurance under the Biggert-Waters Act.

2019 Final Rule

In addition to attempting to clarify the statutory definition of private flood insurance, the 2019 final rule includes a compliance aid to enable institutions to identify acceptable private policies. Additionally, subject to certain restrictions, it permits institutions to exercise discretionary acceptance of flood insurance policies that do not meet the definition of private flood insurance. Finally, the rule specifies how lenders may accept policies issued by “mutual aid societies” such as certain Amish Aid Plans.

Definition of Private Flood Insurance

The statutory definition of private flood insurance under the Biggert-Waters Act incorporated factors from the Federal Emergency Management Agency’s Mandatory Purchase of Flood Insurance Guidelines. The 2019 final rule attempts to clarify this statutory definition. As such, institutions familiar with the statutory definition will notice slight variations when compared to the 2019 final rule’s definition. For purposes of this article, the analysis will focus on the 2019 final rule’s definition and not make a comparison.

Under the 2019 final rule, private flood insurance means an insurance policy that: 

  1. Is issued by an insurance company that is: 
    • Licensed, admitted, or otherwise approved to engage in the business of insurance by the insurance regulator of the State or jurisdiction in which the property to be insured is located; or 
    • Recognized, or not disapproved, as a surplus lines insurer by the insurance regulator of the State or jurisdiction in which the property to be insured is located in the case of a policy of difference in conditions, multiple peril, all risk, or other blanket coverage insuring nonresidential commercial property; 
  2. Provides flood insurance coverage that is at least as broad as the coverage provided under a Standard Flood Insurance Policy (SFIP) for the same type of property, including when considering deductibles, exclusions, and conditions offered by the insurer. To be at least as broad as the coverage provided under an SFIP, the policy must, at a minimum: 
    • Define the term “flood” to include the events defined as a “flood” in an SFIP; 
    • Contain the coverage specified in an SFIP, including that relating to building property coverage; personal property coverage, if purchased by the insured mortgagor(s); other coverages; and increased cost of compliance coverage; 
    • Contain deductibles no higher than the specified maximum, and include similar nonapplicability provisions, as under an SFIP, for any total policy coverage amount up to the maximum available under the National Flood Insurance Program (NFIP) at the time the policy is provided to the lender; 
    • Provide coverage for direct physical loss caused by a flood and may only exclude other causes of loss that are excluded in an SFIP. Any exclusions other than those in an SFIP may pertain only to coverage that is in addition to the amount and type of coverage that could be provided by an SFIP or have the effect of providing broader coverage to the policyholder; and 
    • Not contain conditions that narrow the coverage provided in an SFIP; 
  3. Includes all of the following:
    • A requirement for the insurer to give written notice 45 days before cancellation or non-renewal of flood insurance coverage to:  
      • The insured; and 
      • The lending institution that made the designated loan secured by the property covered by the flood insurance, or the servicer acting on its behalf; 
    • Information about the availability of flood insurance coverage under the NFIP; 
    • A mortgage interest clause similar to the clause contained in an SFIP; and 
    • A provision requiring an insured to file suit not later than one year after the date of a written denial of all or part of a claim under the policy; and
  4. Contains cancellation provisions that are as restrictive as the provisions contained in an SFIP.

Compliance Aid

Pursuant to the above definition, a national bank or Federal savings association must accept private flood insurance in satisfaction of the flood insurance purchase requirements. Thus, a financial institution is required to accept private flood insurance and must also ensure it meets the above definition. However, the 2019 final rule provides a compliance aid to assist in that mandatory acceptance. Pursuant to the compliance aid, a financial institution may determine that a policy meets the definition of private flood insurance without reviewing the policy, if the following statement is included within the policy or as an endorsement to the policy:

“This policy meets the definition of private flood insurance contained in 42 U.S.C. 4012a(b)(7) and the corresponding regulation.”

While the compliance aid provides a safe harbor to financial institutions that accept policies containing the above language, there is no requirement for insurers to include the compliance aid language. Furthermore, because the 2019 final rule prescribes mandatory acceptance of private flood insurance that meets the above definition, financial institutions must accept policies that meet the above definition whether it includes the compliance aid or not. Meaning, a financial institution cannot reject a policy for the sole reason that it does not contain the compliance aid language.

Discretionary Acceptance

The 2019 final rule provides financial institutions the discretionary ability to accept or reject policies that do not meet the above definition of private flood insurance. Lenders may accept such policies, at their own discretion, if the policy:

  1. Provides coverage in the amount required by the NFIP; 
  2. Is issued by an insurer that is licensed, admitted, or otherwise approved to engage in the business of insurance by the insurance regulator of the State or jurisdiction in which the property to be insured is located; or in the case of a policy of difference in conditions, multiple peril, all risk, or other blanket coverage insuring nonresidential commercial property, is issued by a surplus lines insurer recognized, or not disapproved, by the insurance regulator of the State or jurisdiction where the property to be insured is located; 
  3. Covers both the mortgagor(s) and the mortgagee(s) as loss payees, except in the case of a policy that is provided by a condominium association, cooperative, homeowners association, or other applicable group and for which the premium is paid by the condominium association, cooperative, homeowners association, or other applicable group as a common expense; and 
  4. Provides sufficient protection of the designated loan, consistent with general safety and soundness principles, and the national bank or Federal savings association documents its conclusion regarding sufficiency of the protection of the loan in writing.

Mutual Aid Societies

In order to meet the mandatory acceptance provisions for private flood insurance, the 2019 final rule permits lenders to accept policies written by mutual aid societies if:

  1. The applicable supervisory agency has determined that such plans qualify as flood insurance for purposes of the Act; 
  2. The plan provides coverage in the amount required by the NFIP; 
  3. The plan covers both the mortgagor(s) and the mortgagee(s) as loss payees; and
  4. The plan provides sufficient protection of the designated loan, consistent with general safety and soundness principles, and the national bank or Federal savings association documents its conclusion regarding sufficiency of the protection of the loan in writing.

In addition, the rule defines mutual aid society to mean an organization:

  1. Whose members share a common religious, charitable, educational, or fraternal bond; 
  2. That covers losses caused by damage to members’ property pursuant to an agreement, including damage caused by flooding, in accordance with this common bond; and
  3. That has a demonstrated history of fulfilling the terms of agreements to cover losses to members’ property caused by flooding.

Conclusion

With the 2019 final rule becoming effective July 1, 2019, and optional compliance available under the 2019 final rule now, WBA recommends financial institutions review their policies on acceptance of private flood insurance. Financial institutions will need to understand the definition of private flood insurance policies pursuant to the rule, even if they had previously adhered to the statutory definition, as the 2019 final rule implements slight changes. Furthermore, institutions should be prepared to understand the relation of the compliance aid to the mandatory acceptance requirements.

The 2019 final rule may be found here: https://www.govinfo.gov/content/pkg/FR-2019-02-20/pdf/2019-02650.pdf

By, Ally Bates

/by

Events

, , , , , ,

Responsibilities of the Information Security Officer

Being an information security officer for a financial institution is a big responsibility in today’s world of cyber threats and data breaches.  This presentation is for those who are new to the role or have been the ISO for some time but want to review what is expected and how to be successful. As the ISO, part of your responsibility is building and maintaining the Information Security Program.

While an ISP has many important elements, there are really 3 basic components: Risk Assessment, ISP Policies and Procedures, and Audit. The Risk Assessment will help you make decisions, the Policies and Procedures document the decisions for your institution to implement, and audit verifies that they have been completed and are adequate controls to protect your institution.

What You Will Learn

  • FFIEC Roles and Responsibilities of the ISP
  • Building a Strong Cybersecurity Culture
  • Board Reporting
  • Educational and Certification Paths
  • Strong Risk Assessment Methodology
  • Creating your ISP with Policies and Procedures

Who Should Attend?

Information Security Officer, IT Manager, Risk Officer, Internal Auditor, and Executives looking to improve their Information Security Program.

Presenter
Lynda Hartup is a Senior Information Security Consultant at SBS CyberSecurity (SBS), a company dedicated to helping organizations identify and understand cybersecurity risks to make more informed and proactive decisions.

Hartup maintains her Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified Banking Security Manager (CBSM) certifications. She received her Bachelor of Interdisciplinary Studies from the University of Southern Mississippi and completed the Graduate School of Banking at Louisiana State University.

Hartup has 20 years of financial institution experience in various positions, including Information Security Officer and dedicated IT Examiner. She also served for seven years as a Bank Examiner-IT Specialist for the Mississippi Department of Banking. Her specialties lie in IT governance, risk management, and regulatory compliance.

Hartup is passionate about helping her clients maintain the safety and security of their information and assets.

Registration Options

  • Live Access, 30 Days OnDemand Playback, Presenter Materials and Handouts – $279
  • Available Upgrades:
    • 12 Months OnDemand Playback + $110
    • 12 Months OnDemand Playback + CD  + $140
    • Additional Live Access + $85 per person
/by
WBA logo

questions@wisbank.com

608-441-1200

4721 S Biltmore Ln.
Madison, WI 53718

Get our Newsletter!
Subscribe