Pub CH Insider Activities

Comptroller’s Handbook M-IA
Safety and Soundness

Capital Asset Sensitivity to Other
Adequacy Quality Management Earnings Liquidity Market Risk Activities
(C) (A) (M) (E) (L) (S) (O)
Insider Activities
Version 1.0, November 2013
6MÄJLVM[OL
*VTW[rVSSLYVM[OL*\YrLUJ`
Washington, DC 20219
Version 1.0
Contents
Introduction ..............................................................................................................................1
Overview ....................................................................................................................... 1
Risks Associated With Insider Activities ..................................................................... 2
Reputation Risk....................................................................................................... 2
Credit Risk .............................................................................................................. 2
Compliance Risk ..................................................................................................... 3
Operational Risk ..................................................................................................... 3
Liquidity Risk ......................................................................................................... 3
Risk Management ......................................................................................................... 3
Duties of the Board and Management .................................................................... 3
Compliance With Insider Laws and Regulations.................................................... 8
Internal Controls and Audit .................................................................................. 13
Compensation and Benefits Paid to Insiders ........................................................ 14
Management Information Systems and Financial Reporting................................ 19
Examination Procedures .......................................................................................................20

Scope ........................................................................................................................... 20
Quantity of Risk .......................................................................................................... 22
Quality of Risk Management ...................................................................................... 30
Conclusions ................................................................................................................. 35
Verification Procedures .............................................................................................. 37
Appendixes..............................................................................................................................39
Appendix A: Regulation O Record-Keeping and Reporting Requirements ............... 39
Appendix B: Acceptance of Items of Value ............................................................... 41
References ...............................................................................................................................43
Comptroller’s Handbook i Insider Activities

Version 1.0
Introduction
The Office of the Comptroller of the Currency’s (OCC) Comptroller’s Handbook booklet,
“Insider Activities,” provides guidance for bank examiners and bankers on how national
banks and federal savings associations may legally and prudently engage in transactions with
insiders and implement risk management processes that provide for the appropriate control
and monitoring of insider activities. This booklet also includes guidance on how examiners
review and assess insider activities during the supervisory process. Transactions with
affiliates are not addressed in this booklet but are covered in detail in the “Related
Organizations” booklet of the Comptroller’s Handbook. Throughout this booklet, national
banks and federal savings associations are referred to collectively as banks, except when it is
necessary to distinguish between the two.
Overview
A bank may engage in safe and sound business and personal transactions with its insiders,
consistent with law and regulation. Transactions between a bank and its insiders can address
legitimate banking needs and serve the interests of both parties. The challenge is to separate
legitimate insider financial relationships from those that are, or could become, abusive,
imprudent, or preferential. Studies of bank failures have found that insider abuse—such as
poor-quality loans made and unjustified fees paid to directors and officers—often contributes
to the failures. Because of the significant risks that insider activities can pose, such activities
are subject to strict laws and ethical guidelines.
While most risks can be measured and quantified, insider abuse can damage a bank’s
reputation beyond the dollar amount of any credit loss. Improper insider activities can
undermine public confidence in a bank. Market perception of the integrity of a bank’s
insiders is fundamental to the bank’s financial health and ongoing viability. To maintain this
public confidence, a bank must have a reputation for honesty, integrity, and high ethical
standards in all of its activities, especially in its transactions with insiders.
A bank’s corporate governance processes should comprehensively address insider activities.

The board of directors must demonstrate leadership by ensuring a culture that does not
tolerate unethical behavior or circumvention of regulations, and by adopting and
administering strong written policies that closely govern the relationship between a bank and
all insiders. The board must also ensure that bank management implements a process to
monitor and validate compliance with these policies. Banks may broadly define insiders to
include all bank employees. Certain legal provisions discussed in this booklet may differ,
however, in the way they define insider and limit the definition to include, for example,
executive officer, director, or principal shareholder and all “related interests” of these
persons. Therefore, it is important to determine who qualifies as an insider for purposes of
the legal provision or policy being considered.
Comptroller’s Handbook 1 Insider Activities

Version 1.0
When the word management is used in this booklet, it refers to persons who are appointed by
the board of directors and charged with the daily responsibilities of operating a bank. When
the term the board and management is used in this booklet, it refers collectively to the
members of the board of directors and management.
Risks Associated With Insider Activities

From a supervisory perspective, risk is the potential that events, expected or unexpected, will
have an adverse effect on a bank’s earnings, capital, or franchise or enterprise value. The
OCC has defined eight categories of risk for bank supervision purposes: credit, interest rate,
liquidity, price, operational, compliance, strategic, and reputation. These categories are not
mutually exclusive. Any product or service may expose a bank to multiple risks. Risks also
may be interdependent and may be positively or negatively correlated. Examiners should be
aware of this interdependence and assess the effect in a consistent and inclusive manner.
Refer to the “Bank Supervision Process” booklet of the Comptroller’s Handbook for an
expanded discussion of banking risks and their definitions.
The risks most often associated with insider activities are reputation, credit, compliance,
operational, and liquidity.
Reputation Risk
The bank’s board, management, and employees must always maintain a high level of honesty
and integrity to protect the bank’s reputation. Real or perceived insider abuse can severely
affect the bank’s ability to operate in a safe and sound manner. When the bank is closely
associated with an insider or a company owned by an insider (even if the bank and insider do
not transact business together), the bank may suffer reputation risk or other harm if the
insider or the insider’s business experiences financial difficulties or receives adverse
publicity. Any damage to the bank’s reputation, or any implication of insider abuse or fraud,
may adversely affect the confidence of the bank’s shareholders, customers, suppliers, and
financial partners. In turn, the bank’s customer base could erode, materially affecting the
bank’s earnings, capital, or franchise/enterprise value.
Credit Risk
With certain restrictions, bank insiders are permitted by banking laws and regulations to
borrow from the bank. The bank, however, must ensure that loans to insiders are at arm’s
length, meaning that the loan is on terms and conditions no less stringent than those
prevailing at the time for comparable loans the bank offers to non-insiders. Loans to insiders
could create added credit risk to the bank when inadequate or lax enforcement of insider
policies leads to special treatment of insiders who might not otherwise qualify for credit. In
addition, pressure from insiders to relax credit standards for their related interests can cause
credit problems and potential losses. Lending to non-creditworthy insiders, offering
inappropriate terms to insiders, or otherwise allowing an environment conducive to insider
abuse increase the possibility of loss and violations of law and regulation.

Version 1.0
Compliance Risk
The bank’s board and management are responsible for ensuring that the bank complies with
laws, regulations, prescribed practices, and ethical standards. Noncompliance with these
requirements or safety and soundness standards can expose the bank and its insiders to
serious consequences, including enforcement action. An insider who, knowingly or
unknowingly, violates any banking law or regulation, engages in an unsafe or unsound
banking practice, or breaches a fiduciary duty may be subject to civil money penalties and a
prohibition of that insider from participating in the affairs of any insured depository
institution, and may be required to pay restitution, reimbursement, indemnification, or
provide a guarantee against loss.
Operational Risk
The lack of controls to identify potential conflicts of interest and insider fraud and abuse is a
type of operational risk. A bank’s board and management must ensure that appropriate
procedures and controls are in place to prevent an insider from circumventing board-
established policies regarding conflicts of interest, usurpation of corporate opportunities, and
violations of laws and regulations governing insider activities. Weaknesses in systems and
controls can increase the potential for operational risk due to insider abuse and fraud.
Liquidity Risk
Any speculation questioning the honesty or integrity of the bank or its insiders, however
unfounded, can affect the bank’s ability to attract funds from the public, institutional
suppliers, and correspondent banks. Even the appearance of insider impropriety could lead to
a loss of funding sources and deposit withdrawals and force the bank to prematurely dispose
of assets at unacceptable losses to maintain liquidity.
Risk Management
The OCC expects each bank to identify, measure, monitor, and control risk by implementing
an effective risk management system appropriate for its size and the complexity of its
operations. When examiners assess the effectiveness of a bank’s risk management system,
they consider the bank’s policies, processes, personnel, and control systems. Refer to the
“Bank Supervision Process” booklet of the Comptroller’s Handbook for an expanded
discussion of risk management.
Duties of the Board and Management

The board must adopt and enforce strong written insider policies governing the bank’s
relationship to insiders and their related interests. The board and management must ensure
that their business and personal relationships with the bank are always at arm’s length, do not
bias decisions or otherwise harm the bank, and do not improperly take business opportunities
away from the bank. In addition, the board and management must take reasonable action to

Version 1.0
prevent other employees from abusing their positions within the bank. In this regard, the
board and management have a number of duties relating to insider activities:
• Establishing appropriate insider policies, including a code of ethics and required

disclosures of actual and potential conflicts of interest.
• Establishing and applying sound, independent processes to monitor and ensure
compliance with insider policies, laws, and regulations, e.g., providing for effective
internal controls and adequate audit and compliance coverage.
• Fulfilling fiduciary obligations, including the duty of care and the duty of loyalty.
• Complying with insider-related laws and regulations.
• Ensuring that hiring practices require disclosure of and address potential conflicts of
interest and insider transactions.
• Ensure adequate training of board, management, and staff regarding insider policies and
laws.
• Setting appropriate compensation and fees paid to insiders.
• Following prudent dividend policies.
• Implementing sound management information systems that transparently and
comprehensively report on insider risk activities and exposures.
• Submitting accurate financial reports and other disclosures.
Fulfilling these duties should enable the bank to conduct its insider activities in a safe and
sound manner.
Policies
Corporate scandals and failures exemplify the need for comprehensive insider policies,
including a code of ethics and sound business practices. A corporate culture of ethical and
honest behavior, as well as effective board oversight and management supervision, is the
bank’s primary defense against insider abuse and fraud. Comprehensive insider policies help
establish this culture by setting a standard of behavior for all insiders. The bank’s board and
management must take the lead in demonstrating ethical behavior of the highest order and
protecting the bank from conflicts of interest. Such a “tone at the top” emphasizes personal
integrity and accountability while acknowledging the importance of an effective control
environment. Board members and other insiders should conduct business with the bank
according to an established governance structure that observes all of the requirements set
forth in the bank’s insider policies. Adherence to these policies should facilitate compliance
with all legal and internal requirements for insider relationships.
Insider policies should focus on the activities of insiders and their related interests as well as
employees at all levels of the bank where appropriate. Once policies are developed and
approved by the board, the board and management should ensure that the policies are
communicated throughout the bank. The bank should also have effective internal controls
and an internal audit process to monitor compliance with those policies and to address
identified problems.

Version 1.0
The insider policies should
• include a code of ethics that requires the disclosure of actual or potential conflicts of
interest. 1
• identify all insider “related interests,” as that term is defined in Regulation O.
• require periodic background checks and identification of material interests that insiders
have in the business of any borrower, applicant, other bank customer, vendor, or supplier.
• include guidelines for insider lending and other transactions involving insiders, including
fees or commissions received by insiders from the bank.
• require that transactions with insiders be at arm’s length and prohibit self-dealing.
• require the prompt reporting of insider securities transactions. 2
• prohibit the use of insider information in securities transactions.
• specify the circumstances and conditions under which the bank makes its facilities, real
or personal property (e.g., airplanes, cars), or personnel available for insiders’ use.
• specify restrictions on the acceptance of gifts, bequests, or other items of value (e.g., an
exchange of “favors,” payment for services) from customers or other persons doing or
seeking to do business with the bank.
• require bank employees to report improper or unethical behavior to appropriate parties
(bank management, board, auditors, etc.) and to report suspicious activity in accordance
with the bank’s suspicious activity report policy.
• specify the consequences of breaches of fiduciary duty and unethical conduct.
• include guidelines for reporting all insider and insider-related transactions to the board of
directors or a committee thereof.
• include record-keeping requirements established by federal or state law.
The amount of detail in the written insider policies should correspond to the volume and
nature of the insider activities that the board is willing to accept and to any applicable legal
requirements. The written policies should be sufficiently detailed to enable all affected
individuals to fully understand the nature and extent of their responsibilities under the
policies. For example, if the bank’s policy prohibits all loans to, and any transactions with,
insiders, the written policy needs to clearly state that prohibition. If the policy permits loans
to, or other transactions with, insiders, the written policy should identify the types of loans
and transactions authorized, the dollar or other limits (e.g., percent of capital), and the
approval and reporting processes to be followed. Regulatory restrictions and limits, as well as
other board imposed limits, should be clearly specified.
Management should provide all insiders with copies of the bank’s written policies and any
subsequent changes to these policies. Each insider should sign an acknowledgment that he or
1
Public companies that are obligated to file reports with the U.S. Securities and Exchange Commission (SEC)
under section 13 or 15(d) of the Securities Exchange Act of 1934 are required to disclose whether they have
adopted a code of ethics that applies to the company’s principal executive officer, principal financial officer,
principal accounting officer or controller, or any person performing similar functions. If the company has not
adopted a code of ethics, it must disclose why it has not done so.
2
Companies whose securities are listed with the SEC are also required to make real-time electronic disclosures
relating to insider changes in ownership.

Version 1.0
she has received and reviewed the written policies and code of ethics, as well as any
subsequent change to the policies, and agrees to comply with the policies. Management
should maintain a current file of signed acknowledgements.
To foster compliance with laws, regulations, and insider policies, the bank should develop
training and awareness programs covering insider issues. The bank should establish
communication channels outside the normal chain of command (e.g., an ethics officer)
through which insiders and employees in general can seek advice on questions about the
insider policies, conflicts of interest, or similar concerns. If such support is readily available,
insiders and employees are more likely to seek guidance. Management should monitor
questions and responses to ensure that answers and interpretations are consistent and conform
to bank policy and applicable legal requirements. In addition, the board and management
should ensure a mechanism or process for employees to communicate, without reprisal,
legitimate concerns about suspected illegal or unethical practices. The existence of a
confidential reporting system (or “whistle-blower” system) indicates the board and
management’s commitment to the importance of employee responsibility for ethical behavior
and the reporting of suspected wrongdoing.
Duty of Care and Duty of Loyalty
In addition to the specific laws and regulations discussed in this booklet, insider activities
are governed by fiduciary duties, which include the duty of care and the duty of loyalty.
Under the duty of care, the board and management must diligently and honestly administer
the bank’s affairs in a manner measured against what a reasonable and prudent person would
do in similar circumstances. Under the duty of loyalty, the board and management must place
the corporate interests of the bank above their personal interests. Many banks, as a matter of
policy, have expanded the application of these duties to all employees. The OCC may take
enforcement actions against individuals who fail to observe either the duty of care or the duty
of loyalty. 3
Under the duty of care, directors and management are responsible for knowing what a
reasonable and prudent director would have known. Director and officer conduct is evaluated
based on that knowledge. When a director’s or officer’s conduct is evaluated to determine
whether that director or officer has fulfilled the duty of care, the conduct is measured against
the applicable standard established by law.
The duty of loyalty requires directors and management to act in the best interests of the bank
and to ensure that insiders do not abuse their positions by benefiting personally at the bank’s
expense. Under the duty of loyalty, insiders should avoid placing themselves in a position
that creates a conflict of interest or the appearance of a conflict of interest. A director or
officer has a conflicting interest in a transaction if he or she appears on both sides of the
transaction or derives any personal benefit from it in the sense of self-dealing. A conflict of
interest also can exist if a director or officer has a significant interest outside of the bank that
3
In addition, national bank directors are required to take an oath pursuant to 12 USC 73. The oath states that
they will, so far as the duty devolves on them, diligently and honestly administer the affairs of their banks and
will not knowingly violate or willingly permit to be violated any provisions of banking law.

Version 1.0
reasonably affects his or her judgment with respect to the bank’s business. Such a conflict of
interest may arise from personal business interests or in connection with transactions that
benefit friends, relatives, or business associates. A director or officer who has a conflict of
interest would breach his or her fiduciary duties if he or she fails to disclose to the board of
directors the existence, nature, and extent of his or her conflicting interest, fails to disclose all
material nonprivileged information relevant to the board’s decision on the matter, participates
in any way in the matter, or votes on it. In addition, the “usurpation of corporate opportunity”
doctrine, which is also a part of the duty of loyalty, prevents management and directors from
improperly taking business opportunities away from the bank.
A bank’s relationship with its board and management officials must at all times be prudent, at
arm’s length, and in compliance with all applicable laws and regulations. Directors and
management must fully disclose any personal interest that they have in matters affecting the
bank and must ensure that these business and personal relationships with the bank are always
at arm’s length. Only disinterested directors should approve transactions involving the
interests of other directors or their related interests. Directors must abstain from voting and
deliberating on any matter involving their own interests. Abstentions should be documented
in the board minutes. Banks should note that, with respect to loans that are subject to
Regulation O’s “prior board approval” requirement (12 CFR 215.4(b)), a majority of the
entire board must approve the loan.
Independence and unbiased decision making are important aspects of the duty of loyalty.
Therefore, national stock exchanges and national securities associations require a majority of
directors of public companies to be independent of management. The Securities and
Exchange Act of 1934, as amended by the Dodd–Frank Wall Street Reform and Consumer
Protection Act of 2010 (Dodd–Frank) generally requires all members of the audit
committee, 4 and compensation committees of companies with shares listed on national
securities exchanges and national securities associations, to be independent directors. Rules
of these exchanges and associations include certain enhanced independence requirements for
members of issuers’ nominating committees. Federal securities laws require all public
companies, including those that do not have listed securities, to make public disclosures
relating to the independence of directors.
These duties and obligations are described in more detail in the OCC’s The Director’s Book.
For additional information on audit committee requirements, refer to the “Internal and
External Audits” booklet of the Comptroller’s Handbook.
A director who violates any banking law or regulation, engages in an unsafe or unsound
banking practice, or breaches a fiduciary duty (or permits another person to do so) may be
subject to civil money penalties, administrative actions, or other sanctions. The director may
be held responsible either alone or jointly with other board members.
Holding Companies and Other Affiliates
4
The Federal Deposit Insurance Corporation established a similar requirement for the audit committees of
insured depository institutions with total assets of $1 billion or more. See 12 CFR 363.5.

Version 1.0
The board and management of a bank often include many of the same people who are on the
board and management team of the bank’s parent company. The board and management of a
bank subsidiary of a one-bank holding company may be the same as that of the holding
company, particularly in community bank situations. Similarly, the directors and officers of a
multi-bank holding company with centralized operations (or the directors and officers of the
lead bank) often head each of the holding company’s bank subsidiaries. The holding
company or lead bank usually controls such activities as investment portfolio management,
budgeting, tax planning, personnel management, correspondent banking, loan participations,
and asset-liability management. While such structures can benefit the bank, persons who
serve in dual capacities can develop conflicting loyalties.
Corporate governance policies should recognize this potential for divided loyalties and
should provide guidance for preventing and resolving such conflicts of interest. The
overriding principle must be that the bank subsidiary is not disadvantaged by a transaction
with its holding company, any other affiliate, or any insider. Certain transactions with
affiliates are subject to additional legal limitations. See the “Related Organizations” booklet
of the Comptroller’s Handbook for further discussion of this issue.
Compliance With Insider Laws and Regulations

Various state and federal laws and regulations govern insider activities. Unlike the broad
standards of fiduciary duties, these laws and regulations are specific about how insiders are
to conduct themselves. Since the statutory and regulatory restrictions on insider transactions
do not apply uniformly to all insiders, the board and management must become familiar with
each restriction and must pay careful attention to the scope and requirements of each. This
booklet provides an overview of the primary federal laws and regulations that govern insider
activities.
Regulation O—Extensions of Credit to Insiders

(12 CFR 215 and 12 USC 375a and 12 USC 375b)
The Federal Reserve Board’s Regulation O implements many of the laws pertaining to
extensions of credit by banks to their insiders, including 12 USC 375a and 12 USC 375b
(which apply to federal savings associations pursuant to 12 USC 1468(b)). Regulation O is
the most comprehensive banking regulation relating to extensions of credit to insiders. The
regulation limits the amount and type of credit that may be extended and includes reporting
and record-keeping requirements. 12 CFR 31 and 12 CFR 215.12 apply Regulation O to
national banks and federal savings associations, respectively.

Version 1.0
The term insider has a special definition for the purposes of Regulation O. A Regulation O
insider is a principal shareholder, 5 an executive officer, 6 a director, or a related interest of
any of these persons. A related interest of a person is (1) a company controlled by that
person, or (2) a political or campaign committee controlled by that person or the funds or
services of which benefit that person. These terms are further defined by 12 CFR 215.2. (See
appendix A of this booklet.) These definitions, however, do not apply to all provisions of
Regulation O, and not all sections of Regulation O apply to all insiders, so banks must be
careful in determining the persons or entities subject to a particular Regulation O provision.
The term extension of credit is also specifically and broadly defined by Regulation O
(12 CFR 215.3) and includes loan renewals, extensions of credit made via credit card
advances, and other transactions. 7 Certain terms used in Regulation O, such as extension of
credit, also appear in the OCC’s lending limits regulation (12 CFR 32). There can be
differences in what these terms mean for the purposes of these regulations.
Regulation O’s main provisions include
• a prohibition on extensions of credit to insiders unless a loan is (1) nonpreferential and

(2) does not present a higher-than-normal risk of repayment or other unfavorable
features. 8
• a requirement that prior board approval be obtained for loans to insiders greater than a
certain amount.
• a dollar limit on lending to individual insiders and to insiders in aggregate.
• additional restrictions on loans to executive officers.
• a requirement that insiders report and disclose certain financial information.
5
For purposes of determining whether a person is a principal shareholder (i.e., a person who controls, directly
or indirectly, individually or in concert with others, more than 10 percent of any class of the bank’s voting
securities) any shares controlled by a member of that person’s immediate family are considered to be held by
that person. See 12 CFR 215.2(m)(1).
6
Regardless of his or her title, an executive officer includes anyone other than a director who participates or has
authority to participate in major policy making functions of the bank.
7
See 12 CFR 215.3. Dodd–Frank amends 12 USC 375b to provide that a bank also extends credit to a person
by having credit exposure to the person arising from a derivative transaction (as defined in 12 USC 84(b)),
repurchase agreement, reverse repurchase agreement, securities lending transaction, or securities borrowing
transaction between the member bank and the person.
8
See also OCC Interpretive Letter 1024. A loan to an insider that has become troubled may not be renewed
unless the lending bank obtains additional protection to safeguard it and offset the unfavorable features the loan
would otherwise present. Depending on the facts, a bank could require additional collateral, a guarantee, or
other credit enhancement.

Version 1.0
When determining compliance with the quantitative limits of Regulation O, examiners and
bankers must make sure they use the definition of unimpaired capital and unimpaired surplus
in Regulation O. 9
Limits on Extensions of Credit to Insiders
(12 USC 375b and 12 CFR 215.4)
12 USC 375b and 12 CFR 215.4 apply limits and prohibitions to extensions of credit made
by a bank to all insiders—executive officers, directors, and principal shareholders, and the
related interests of these persons—including insiders of affiliates. A bank is prohibited from
extending credit to insiders unless the extension of credit is made on substantially the same
terms (including interest rates and collateral) as, and following underwriting procedures that
are not less stringent than, those prevailing at the time for comparable transactions by the
bank with other persons who are not insiders for the purposes of Regulation O and are not
employed by the bank. A bank is also prohibited from making an extension of credit to an
insider that involves more than a normal risk of repayment or presents other unfavorable
features. Exceptions are provided for certain extensions of credit made pursuant to a benefit
or compensation program that is widely available to employees. In addition, with certain
exceptions, a bank is prohibited from paying an overdraft of an executive officer or director.
Regulation O requires prior board approval for extensions of credit that exceed certain
amounts set forth in 12 CFR 215.4(b). The statute and regulation also limit aggregate loans to
individual insiders and to all insiders as a group as follows.
Individual Insiders
Aggregate loans and extensions of credit to each executive officer, director, or principal
shareholder and his or her related interests are limited to the single borrower limit in
12 USC 84. This limit includes any higher amounts permitted by 12 USC 84 for specified
types of loans. A bank’s loans to related interests of an insider are attributed to that insider
and are combined with any other loans to that insider outstanding from the bank regardless of
whether such loans are combinable under the legal lending limit combination rule of
12 CFR 32.5. Federal savings associations should note that the additional exceptions
contained in 12 USC 1464(u) to the requirements of 12 USC 84 are not available to compute
individual lending limits for extensions of credit to federal savings association insiders and
related interests under Regulation O.
All Insiders
Total extensions of credit to all insiders and their related interests are limited to the amount
of the bank’s unimpaired capital and unimpaired surplus. Banks with deposits of less than
$100 million are subject to a higher limit if they meet certain qualifications. That limit is
9
Regulation O defines unimpaired capital and unimpaired surplus for member banks as the sum of tier 1 and
tier 2 capital included in the bank’s risk-based capital, based on the bank’s most recent call report, and the
balance of the bank’s allowance for loan and lease losses not included in tier 2 capital for risk-based capital
purposes, based on the bank’s most recent call report. See 12 CFR 215.2(i). This definition also applies to
federal savings associations, see 12 CFR 215.12, 12 CFR 32.2(c). “Capital and surplus” in 12 CRF 32.2(c) is
equivalent to “unimpaired capital and unimpaired surplus” in 12 CFR 215.2(i).

Version 1.0
equal to a total of two times the bank’s unimpaired capital and unimpaired surplus, subject to
restrictions specified in 12 CFR 215.4(d). Exceptions to the limit on aggregate loans to
insiders as a group are made for extensions of credit
• secured by a perfected security interest in U.S. Treasury obligations or in other

obligations fully guaranteed by the United States.
• to or secured by qualified commitments or guarantees of a department or agency of the
United States.
• secured by a perfected security interest in a segregated deposit account with the lending
bank.
• arising from the discount of installment consumer paper acquired from an insider with
recourse, subject to certain conditions.
Extensions of Credit to Executive Officers

(12 USC 375a and 12 CFR 215.5)
12 USC 375a and 12 CFR 215.5 impose additional limits on extensions of credit to executive
officers (but not to their related interests and not to executive officers of affiliates). A bank
may extend credit to an executive officer in any amount to finance or refinance the purchase,
construction, maintenance, or improvement of a residence of an executive officer if the loan
is secured by a first lien on the residence that the executive officer owns (or expects to own
after the extension of credit). An executive officer may have only one such loan from the
bank outstanding at a time. Extensions of credit to finance the education of an executive
officer’s children are permitted without limit. Certain secured loans may be permitted
(12 CFR 215.5(c)(3)) or other loans subject to a lending limit set by 12 CFR 215.5(c)(4). It is
important to note that, although mortgage and educational loans are not subject to limitation
under 12 USC 375a and 12 CFR 215.5, aggregate loans to an individual executive officer
(including mortgage and education loans) collectively are limited by 12 USC 375b and
12 CFR 215.4.
Other Insider Laws and Regulations
While Regulation O is the most comprehensive set of rules governing insider transactions,
the following highlights other federal laws and regulations pertaining to insiders. Regardless
of whether a law or regulation governs a specific transaction, insiders must observe their
fiduciary duties in all insider transactions.
12 USC 376—Preferential Interest Payments
This law prohibits the payment of preferential interest on deposits to any director, officer,
attorney, or employee of a national bank. 10
10
While federal savings associations are not subject to this same statutory prohibition, they should avoid paying
preferential interest on deposit accounts of insiders and employees as a matter of prudent banking practice.
Depending on circumstances, the payment of preferential interest to a director or officer could be an unsafe or
unsound practice or a breach of fiduciary duty.

Version 1.0
12 USC 1972(2)—Insider Loans With Correspondent Banks
This law prohibits a bank and its correspondent bank from making preferential loans or loans
that involve more than the normal risk of repayment or that present other unfavorable terms
to an insider of the other bank. The law also prohibits a bank from opening a correspondent
account at another bank where either bank has a preferential loan outstanding, or a loan that
involves more than the normal risk of repayment or presents other unfavorable features, to an
insider of the other.
12 USC 1828(z)—Asset Purchases and Sales
This law prohibits an insured depository institution (which includes both national banks and
federal savings associations) from purchasing an asset from, or selling an asset to, an
executive officer, director, or principal shareholder or any related interest of such person
unless the transaction is on market terms and, if the transaction represents more than 10
percent of the capital stock and surplus of the institution, the transaction has been approved
by a majority of the members of the board who do not have an interest in the transaction.
12 USC 1831i and 12 CFR 5.51 and 12 CFR 163, Subpart H—Proposed Changes in
Directors and Senior Executive Officers
These laws and regulations require insured depository institutions (including national banks
and federal savings associations), and depository institution holding companies, that are not
in compliance with minimum capital requirements or are designated as being in “troubled
condition” to provide advance notice to the appropriate federal banking agency of the
proposed addition of any individual to the board of directors or the employment of any
individual as a senior executive officer. The appropriate federal banking agency may issue a
notice of disapproval if the competence, experience, character, or integrity of the individual
with respect to whom the advance notice is submitted indicates that it would not be in the
best interests of the depositors of the depository institution or in the best interest of the public
to permit the individual to be employed by, or associated with, the depository institution.
12 USC 3202 Through 12 USC 3203 and 12 CFR 26 and 12 CFR 196—Management
Interlocks
With a goal of fostering competition, these laws and regulations generally prohibit depository
institutions that compete in the same geographic market from sharing management officials if
the institutions are not affiliated with each other. In addition, a management official of a bank
with total assets exceeding $2.5 billion may not serve at the same time as a management
official of an unaffiliated depository organization with total assets exceeding $1.5 billion,
regardless of the locations of the two depository organizations. The OCC has the authority to
exempt an otherwise prohibited interlock if it finds that the interlock will not produce a
monopoly or a substantial lessening of competition (see 12 CFR 26.6 and 196.6 and OCC
Licensing Manual booklet “Management Interlocks” for additional information).

Version 1.0
12 CFR 160.130—Prohibition on Loan Procurement Fees
This regulation prohibits directors, officers, or other persons having the power to direct the
management or policies of a federal savings association from receiving, directly or indirectly,
any commission, fee, or other compensation in connection with the procurement of any loan
made by the savings association or a subsidiary of the savings association. 11
12 CFR 163.200—Conflicts of Interest
Directors, officers, employees of federal savings associations, or persons having the power to
direct the savings association’s management or policies or otherwise owe a fiduciary duty to
the association must not advance their own personal or business interests, or those of others
with whom they have a personal or business relationship, at the expense of the savings
association. They also must, if they have an interest in a matter or transaction before the
board of directors, disclose certain information and refrain from participating in board
discussions on the matter or from voting on the matter. 12
12 CFR 163.201—Usurpation of Corporate Opportunity
Directors, officers, or persons having the power to direct a federal savings association’s
management or policies or otherwise owe a fiduciary duty to a federal savings association
must not take advantage of corporate opportunities belonging to the association. 13
Internal Controls and Audit

Internal or external audits should complement a bank’s internal controls and information
systems. Such functions should be sufficient to detect actual or potential conflicts of interest
and insider fraud or abuse. The board should ensure that management has implemented a
process to monitor compliance with applicable insider laws, regulations, and bank policy.
A system of strong internal controls is critical to ensuring compliance with bank policies and
with laws and regulations concerning insider transactions. A sound internal-control system
minimizes the possibility of significant errors and irregularities and ensures timely detection
11
While this rule does not apply directly to national banks, loan procurement fees should be addressed in the
bank’s insiders’ policies, as such payments could be considered a conflict of interest. The Real Estate
Settlement Procedures Act also addresses the payment of compensation for loan referrals.
12
Although national bank directors and officers are not subject to a similar regulation regarding conflicts of
interest, they do owe a fiduciary duty of loyalty to the bank. The duty of loyalty requires directors and
management to act in the best interest of the bank and to ensure that insiders do not abuse their positions by
benefiting personally at the bank’s expense. (See the “Duty of Care and Duty of Loyalty” section of this
booklet.)
13
Although national bank directors and officers are not subject to a similar regulation regarding usurpation of
corporate opportunity, they do owe a fiduciary duty of loyalty to the bank (see the “Duty of Care and Duty of
Loyalty” section of this booklet). The “usurpation of corporate opportunity” doctrine, a part of the duty of
loyalty, prevents insiders from improperly taking business opportunities away from the bank.

Version 1.0
of those that do occur. The board, through its oversight role, should ensure that the bank’s
system of internal controls and audit alerts the bank to the following practices or conditions:
• Transactions resulting in a conflict of interest or the appearance of such a conflict.

• The payment of excessive compensation, unjustified fees, or compensation that
encourages inappropriate risk-taking that could lead to material financial loss.
• Failure to comply with applicable insider laws, regulations, or bank-imposed restrictions.
• Other red flags for possible insider fraud.
If any of these practices or conditions is discovered, the board should determine the cause,
instruct management to take appropriate corrective action, and oversee necessary revisions to
policies or internal controls.
For additional guidance and requirements regarding board and management responsibilities
for establishing and maintaining an effective internal-control structure and complying with
safety and soundness laws concerning transactions with insiders, refer to the “Internal and
External Audits” booklet of the Comptroller’s Handbook; 12 CFR 363, “Annual Independent
Audits and Reporting Requirements”; and section 404 of the Sarbanes–Oxley Act. 14
For additional information and guidance regarding potential insider loan abuse, banks and
examiners may refer to a Federal Financial Institution Examination Council (FFIEC)
publication titled “The Detection, Investigation and Prevention of Insider Loan Fraud: A
White Paper,” published in May 2003. 15
Compensation and Benefits Paid to Insiders

Compensation and fees paid to insiders must serve the legitimate needs of the bank, be
justified by the services rendered, and be reasonable in amount. In assessing this area, all
forms of remuneration, including salary, fees, benefits, stock options, and the receipt of other
goods and services, should be considered. Compensation packages may include non-cash
benefits. One such permissible non-cash benefit is a bank’s purchase of directors and officers
liability insurance. This insurance protects against the expense of defending lawsuits alleging
director or officer misconduct and paying related damages. Some of this insurance
reimburses the bank for payments made to directors and officers under indemnification
agreements, and the rest reimburses the directors and officers for expenses that the bank is
unable to indemnify. This insurance does not cover criminal or dishonest acts, events from
which the insider obtained personal gain, or circumstances in which a conflict of interest was
apparent. Indemnification agreement requirements are covered by 12 CFR 7.2014,
12 CFR 145.121, and 12 CFR 359.
14
Under section 301 of Sarbanes–Oxley, the audit committees of public companies are required to establish
procedures for (1) the receipt, retention, and treatment of complaints received by the issuer regarding
accounting, internal accounting controls, or auditing matters; and for (2) the issuer’s employees to submit
information about questionable accounting or auditing matters in a confidential, anonymous manner.
15
Available at www.ffiec.gov/exam/whitepapers.htm.

Version 1.0
An advance of salary or other unearned compensation to an insider for a period in excess of

30 days constitutes an extension of credit for the purposes of Regulation O
(12 CFR 215.3(a)(6)).
12 CFR 30, Appendix A, and 12 CFR 170, Appendix A: Interagency

Guidelines Establishing Standards for Safety and Soundness
As set forth in section III of the interagency guidelines, a bank should maintain safeguards to
prevent the payment of compensation, fees, and benefits that are excessive or that could lead
to material financial loss to the bank. An insider’s compensation is considered excessive, and
is therefore prohibited as an unsafe and unsound practice, if it is unreasonable or
disproportionate to the services actually performed. The following factors should be
considered in determining whether compensation is excessive:
• The combined value of all cash and non-cash benefits provided to the individual.
• The compensation history of the individual and other individuals with comparable
expertise at the institution.
• The financial condition of the institution.
• Compensation practices at comparable institutions, based on such factors as asset size,
geographic location, and the complexity of the loan portfolio or other assets.
• For post-employment benefits, the projected total cost and benefit to the institution.
• Any connection between the individual and any fraudulent act or omission, breach of
trust or fiduciary duty, or insider abuse with regard to the institution.
• Any other relevant factors.
Federal savings associations must also ensure that employment contracts with its officers
(and other employees) are entered into in accordance with the requirements of
12 CFR 163.39. This rule requires that all employment contracts be in writing and approved
by the board, and that they contain certain required provisions specified in the rule. A federal
savings association may not enter into a contract with its officers (or other employees) if such
contract would constitute an unsafe and unsound practice (e.g., the contract could lead to
material financial loss or damage to the association or could interfere materially with the
exercise by the members of the board of directors of their duty or discretion provided by law,
charter, bylaw, or regulation as to the employment or termination of employment of an
officer or employee of the association). 16 Under 12 CFR 163.161(b), compensation to
officers, directors, and employees of a federal savings association, or its service corporation,
must be reasonable in amount and commensurate with the duties and responsibilities of that
individual.
16
While national banks are not subject to a similar explicit regulatory requirement, a national bank may not
enter into an unsafe or unsound employment contract.

Version 1.0
Interagency Guidance on Sound Incentive Compensation Policies
Many banks rely on incentive pay to attract, motivate, and retain insiders. If improperly
structured, however, incentive-based compensation arrangements can lead bank employees to
take imprudent risks. Banks are expected to maintain incentive compensation practices that
are consistent with safety and soundness. 17 In 2010, the OCC published OCC Bulletin 2010-
24, “Incentive Compensation: Interagency Guidance on Sound Incentive Compensation
Policies”—in conjunction with other federal banking regulatory agencies—to protect the
safety and soundness of banking organizations and to promote the improvement of incentive
compensation practices. The guidance is based on three key principles that state that
incentive compensation arrangements at a bank should
• be supported by strong corporate governance, including active and effective oversight by

the board.
• be compatible with effective controls and risk management.
• provide employees with incentives that appropriately balance risk and reward.
The board is responsible for reviewing and closely monitoring all insider incentive
compensation arrangements to ensure that they do not result in any unreasonable risk-taking
to the bank and to ensure compliance with regulations and guidance.
Banks whose securities are listed on the national exchanges have additional requirements
regarding the adoption and disclosure of compensation guidelines. In addition, banks that are
subject to the Prompt Corrective Action requirements may be subject to legal restrictions on
the payment of compensation to senior executive officers (12 USC 1831o(f)(4),
12 USC 1831o(i)(2)).
Golden Parachute Payments
Federal Deposit Insurance Corporation regulation 12 CFR 359, “Golden Parachute and
Indemnification Payments,” implements 12 USC 1828(k) and limits or prohibits, in certain
circumstances, troubled insured institutions from making golden parachute payments.
12 CFR 359 also covers indemnification agreements. It defines a golden parachute payment
generally to be any payment, or agreement to make any payment, that meets all of the
following criteria:
• The institution makes, or agrees to make, a payment in the nature of compensation to or

for the benefit of an institution-affiliated party.
• The payment is contingent on or payable on or after the termination of this person’s
employment or affiliation with the institution.
17
Section 956 of Dodd–Frank, 12 USC 5641, requires the banking agencies, along with the National Credit
Union Administration, SEC, and Federal Housing Finance Agency, to jointly prescribe regulations or guidelines
with respect to incentive-based compensation practices at covered financial institutions (institutions with total
consolidated assets of $1 billion or more). The agencies issued a proposed rule on April 14, 2011 (76 Fed. Reg.
21170). As of the date of this publication, a final rule has not yet been issued.

Version 1.0
• The payment is received on or after, or made in contemplation of, insolvency (or similar
event); the appointment of a conservator or receiver; termination of deposit insurance; or
a determination that the institution is in troubled condition.
For purposes of this rule, “institution-affiliated party” includes any director, officer,
controlling shareholder, employee of, or agent for an insured depository institution or
depository institution holding company. See 12 CFR 359 for further details.
Management and Other Fees
Fees paid to insiders for services rendered to, or on behalf of, a bank must be for services that
meet the legitimate needs of the bank, must be justified, and must be reasonable in amount.
The OCC considers fees reasonable if they are based on fair market cost or fair market cost
plus a fair profit. Reasonable costs may include overhead expenses to the extent they are a
legitimate and integral part of the services provided. Debt service requirements of a parent
company or other shareholders do not represent a legitimate overhead expense that may be
imposed upon or allocated to a bank.
A bank that pays management or other fees to insiders should retain well-documented
records that demonstrate the fair value of the goods and services received, their benefit to the
bank, and the appropriateness of the fees paid. The board and internal audit should review
these records as part of their ongoing oversight of the bank’s affairs.
If excessive management or other fees are paid to insiders, the board is responsible for taking
corrective action, possibly to include seeking restitution from the insider.
Under Prompt Corrective Action provisions, the payment of management fees to controlling
shareholders is prohibited if it would cause the bank to become undercapitalized
(12 USC 1831o(d)(2)). In addition, prepayment of fees to a related interest of an insider for
services not yet received may constitute an extension of credit under Regulation O, and also
section 23A of the Federal Reserve Act (12 USC 371c), if the related interest is an affiliate of
the bank. In that case, it may also be a violation of section 23B of the Federal Reserve Act
(12 USC 371c-1), as a transaction with an affiliate that is not on an arm’s length basis.
Additionally, as stated above, an advance of salary or other unearned compensation to an
insider for a period in excess of 30 days constitutes an extension of credit for purposes of
Regulation O.

Version 1.0
Audit Committee Member Fees
Audit committee members of public banks or depository institution holding companies 18 are
barred from accepting any consulting, advisory, or other compensatory fee, other than
director and board committee fees from the bank. 19
Credit Life/Accident and Health Insurance Fees
12 CFR 2 states that it is an unsafe and unsound practice for any director, officer, employee,
or principal shareholder of a national bank (including any entity in which this person owns an
interest of more than 10 percent) who is involved in the sale of credit life, accident, or health
insurance to take advantage of that business opportunity for personal profit. 20 12 CFR 2 also
prohibits, with certain exceptions, such persons from retaining commissions or other income
from the sale of such insurance to loan customers. In addition, it provides guidance for bonus
and incentive plans based on the sale of credit life insurance.
Other Commissions or Fees Paid to Insiders
The payment to insiders of commissions or fees derived from services they or their related
interests provide to bank customers could create a conflict of interest if the insiders are either
directly or indirectly involved in the approval of a loan or other transaction at the bank for
which they are receiving the commissions or fees. Services may include the sale of title
insurance, the sale of hazard insurance relating to bank collateral, and legal or appraisal
services. Insiders who receive commissions or fees directly or indirectly related to a loan or
other bank transaction in which they have an interest must ensure the permissibility of the
fee, fully disclose their interest, and abstain from participating in the approval of that
transaction. For directors, officers, and employees of federal savings associations, a failure to
do so may result in a violation of 12 CFR 163.200. Also, pursuant to 12 CFR 160.130, a
federal savings association is prohibited from paying such fees in connection with the
procurement of a loan.
18
Public banks and bank holding companies are defined as those that have securities registered with the OCC or
the SEC.
19
Based on the specific circumstances, however, audit committee members may or may not be prohibited from
engaging in other business with the bank. See section 301 of the Sarbanes–Oxley Act for additional discussion
of this issue.
20
While this rule does not apply directly to federal savings associations, they are subject to similar prohibitions
under 12 CFR 163.201 “Usurpation of Corporate Opportunity.”

Version 1.0
Dividends
The board should ensure that any proposed dividend is consistent with applicable legal
requirements and the bank’s capital and strategic plans and does not adversely affect capital
adequacy. Dividend policies of a bank must be consistent with its capacity to pay and should
not be based in any way on the needs of insiders or shareholders. 21 Dividend policies based
solely on insiders’ or their related interests’ need for income are considered unsafe and
unsound.
Management Information Systems and Financial Reporting

Banks should have sound information systems that produce the information necessary to
assess compliance with insider laws, regulations, and policies. The information gathered
through these systems should fully support regulatory and board reporting. In addition, the
systems should aggregate extensions of credit to insiders and their related interests to help
maintain compliance with statutory limitations.
Proper record keeping is essential for the board and management to effectively monitor
insider relationships and lending and to file accurate call reports. Schedule RC-M of the
FFIEC Consolidated Reports of Condition and Income (call report) requires banks to report
the aggregate amount and number of extensions of credit to executive officers, directors,
principal shareholders, and their related interests.
National banks and federal savings associations registered with the OCC and national bank
and federal savings association holding companies registered with the SEC are subject to
reporting of insider securities transactions. Generally, to prevent the unfair use of
information, section 19 of the Securities Exchange Act of 1934 requires disclosure by
directors, executive officers, and direct or indirect beneficial owners of more than 10 percent
of any class of stock of a registered national bank or federal savings association. After filing
initial reports, a beneficial owner may be required to file annual reports. Beneficial owners
and other insiders must file reports with the OCC 22 (or the SEC for holding companies). This
includes the filing of reports within two business days after the date on which an insider
transaction in stock was executed. Subject to exceptions, the issuer of the securities may
recover realized profits from the insider’s purchase or sale of the stock within a period of less
than six months. Banks with Internet sites are required to disclose these reports on their sites.
Transactions between an insider and a public company are subject to disclosure and
additional oversight by the board of directors. Generally, SEC rules require disclosure of a
21
Those dividend policies must comply with 12 USC 56 and 60(b) and 12 CFR 5.64. The dividend policies of a
federal savings association must comply with 12 USC 1467a(f) and 12 CFR 163, subpart E. Pursuant to
12 USC 1831o(d)(1)(A), which is implemented by 12 CFR 6 and 12 CFR 165, a bank may not declare or pay
any dividend if, after the dividend, the bank would be undercapitalized.
22
See SEC Rule 16a-3. See also 12 CFR 11 (national banks); 12 CFR 194 (federal savings associations).

Version 1.0
transaction or proposed transactions exceeding $120,000 between a public company and a

director, officer, nominee for director, or beneficial owner of more than 5 percent of any
class of the company’s voting securities. 23 Rules of a national securities exchange or national
securities association may require the audit committee or another independent body of the
board of directors of any company with securities listed on the exchange to exercise
enhanced scrutiny of these transactions.
23
See Item 404 of Regulation S-K.

Version 1.0
Examination Procedures
This booklet contains expanded procedures for examining specialized activities or specific
products or services that warrant extra attention beyond the core assessment contained in the
“Community Bank Supervision,” “Large Bank Supervision,” and “Federal Branches and
Agencies Supervision” booklets of the Comptroller’s Handbook. Examiners determine which
expanded procedures to use, if any, during examination planning or after drawing
preliminary conclusions during the core assessment.
Scope
These procedures are designed to help examiners tailor the examination to each bank and
determine the scope of the insider activities examination. This determination should consider
work performed by internal and external auditors and other independent risk control
functions and by other examiners on related areas. Examiners need to perform only those
objectives and steps that are relevant to the scope of the examination as determined by the
following objective. Seldom will every objective or step of the expanded procedures be
necessary.
Objective: To determine the scope of the examination of insider activities and identify examination
objectives and activities necessary for the review of insider activities.
1. Obtain and review the following information and note any previously identified problems
or changes related to insider activities that require follow-up:
• The examination scope memorandum.

• The most recent examination reports, including any reports issued by other regulators,
as available.
• Written insider policies, including a code of ethics and whistle-blower procedures for
confidential reporting of suspected fraud and insider abuse.
• Internal and external audit reports and work papers.
• Internal bank reports used to track and supervise compliance with insider laws and
policies.
• Bank management’s responses to previous reports of examination or audit reports.
• Confidential employee complaints regarding suspected fraud or insider abuse.
2. Determine any material changes since the previous examination. Examples include
• new executive officers.

• new directors.
• new affiliations or related interests by directors or management.
• ownership changes.
• material changes in policies, procedures, or reports governing insider activities.

Version 1.0
3. Review, as appropriate, OCC databases, the previous examination report, examination

reports of other regulators, internal and external audit reports, internal bank reports, and
any asset management examination report for information about conflicts of interest or
insider abuse.
4. Based on the performance of the previous steps and discussions with the bank examiner-
in-charge and other appropriate supervisors, determine the scope and set the objectives
for this examination.

Version 1.0
Quantity of Risk
Conclusion: The quantity of each associated risk is

(low, moderate, or high).
Objective: To determine the level of reputation, credit, compliance, operational, and liquidity risk
associated with insider activities.
1. Obtain the following documents or, if appropriate, review the information with the
examiner assigned to the relevant area:
• Board of directors’ minutes containing insider transaction information, including any

potential or existing conflicts of interest.
• A list of executive officers, including
− name.
− title.
− date the person became an executive officer.
− related interests.
• A list of directors, including
− name.
− date the director was elected to the board.
• A list of shareholders, who together with members of their immediate families, have
more than 10 percent ownership (principal shareholders), including
− shareholder name.
− date the person became a principal shareholder.
− number of shares owned (by shareholder and immediate family members).
• A list of extensions of credit (including commitments) to directors, executive officers,
principal shareholders, and their related interests, describing
− the nature of the credit (see 12 CFR 215.3 for a detailed list of what qualifies as
an extension of credit for purposes of Regulation O). Note that under an
amendment to 12 USC 375b effective July 21, 2012 (not yet reflected in
Regulation O), extensions of credit include credit exposures arising from a
derivative transaction, a repurchase agreement, a reverse repurchase agreement, or
a securities lending or securities borrowing transaction between a bank and an
insider.
− complete name of obligor, co-maker, endorser, and guarantor.
− type of entity (individual, sole proprietorship, general partnership, limited
partnership, limited liability company, or corporation).
− name of director, officer, or principal shareholder related to the obligor.
− nature of obligation (signer on note, guarantor, general partner, etc.).
− original date, amount, and purpose of the loan or commitment.
− current balance.
− terms, including interest rate, maturity date, and any collateral.

Version 1.0
− status (delinquent, restructured, renegotiated, or considered a problem loan by

management).
− date reported to, or approved by, the board of directors, if applicable.
• Any bank-generated overdraft report to ensure compliance with 12 CFR 215.4(e)(1).
• A list of deposit accounts and other vehicles not technically deposits (e.g., repurchase
agreements) of directors, officers, and all other employees to ensure that they are not
receiving preferential interest rates (12 USC 376). 24
• For each extension of credit to an insider, a list of comparable prior transactions with
non-insiders.
• A report of fees or other payments made as well as any reimbursements of personal
expenses (e.g., consulting or other professional services) paid to insiders and their
related interests.
• A list of management officials (as defined in 12 USC 3201) of the bank or savings
association, its holding company, and holding company affiliates who are
management officials of other depository institutions.
• A list of purchases or sales of assets to an insider.
• A description of any insider’s use of bank property.
• A list of loans to third parties of which the proceeds were either directly or indirectly
transferred to a bank insider or used for the tangible economic benefit of a bank
insider.
2. From the gathered materials, select a representative sample of insider borrowings.

Review terms of extensions of credit (including renewals and credit cards), such as
interest rates, fees charged, and collateral. Assess compliance with laws and regulations
for loans to insiders by determining whether these extensions of credit and loan renewals
• are made on substantially the same terms and adhere to credit underwriting practices
that are no less stringent than those available in prior comparable transactions with
non-insiders (12 USC 375a(1) and 375b(2) and 12 CFR 215.4(a)(1)).
• are made pursuant to an employee benefit or compensation plan that is widely
available to employees (12 CFR 215.4(a)(2)).
• carry no more than a normal risk of failure to repay (12 USC 375b(2) and
12 CFR 215.4(a)(1)). 25
• have no other unfavorable features (12 USC 375b(2) and 12 CFR 215.4(a)(1)).
• do not exceed the greater of $25,000 or 5 percent of the bank’s unimpaired capital
and unimpaired surplus (12 USC 375b(3) and 12 CFR 215.4(b)). If extensions of
credit exceed these limits, determine whether
24
Pursuant to 12 USC 376, national banks are prohibited from paying preferential interest on deposit accounts
of any director, officer, attorney, or employee. While federal savings associations are not subject to this same
statutory prohibition, they should avoid paying preferential interest on deposit accounts of insiders and
employees as a matter of prudent banking practice. Depending on circumstances, the payment of preferential
interest to a director or officer could be an unsafe or unsound practice or a breach of fiduciary duty.
25
A loan to an insider that has become troubled may not be renewed unless the lending bank obtains additional
protection to safeguard it and offset the unfavorable features the loan would otherwise present. Depending on
the facts, a bank could require additional collateral, a guarantee, or other credit enhancement.

Version 1.0
− the extension of credit was approved in advance by a disinterested majority of the

entire board of directors (12 USC 375b(3)(A) and 12 USC 215.4(b)(1)(i)).
− the interested party abstained from participating directly or indirectly in the
deliberations and voting (12 USC 375b(3)(B), 12 CFR 215.4(b)(1)(ii), and
12 CFR 215.4(b)(4)).
− the abstention was noted in the board of directors’ minutes. (Although this is not
required by regulation, the OCC expects this as a matter of a prudent banking
practice.)
− there was prior approval for any aggregate extension of credit to the insider and
all related interests of the insider exceeding $500,000 (12 USC 375b(3) and
12 CFR 215.4(b)(2) and (3)).
3. Using bank reports and other materials gathered, determine whether aggregate extensions
of credit to any insider and related interests exceed the limit on loans to a single borrower
established by 12 USC 84 (12 USC 375b(4) and 12 CFR 215.4(c)).
4. Using bank reports and other materials, determine whether aggregate extensions of credit
to executive officers, directors, and principal shareholders and their related interests do
not exceed the bank’s unimpaired capital and unimpaired surplus (see 12 CFR 215.2(i)
for the definition of unimpaired capital and unimpaired surplus). If loans exceed that
limit, determine whether the bank has total deposits of less than $100 million
(12 USC 375b(5)(C) and 12 CFR 215.4(d)(2)). If the bank has total deposits of less than
$100 million, determine whether
• total extensions to insiders do not exceed two times the bank’s unimpaired capital and
unimpaired surplus (12 CFR 215.4(d)(2)).
• the board determined that the higher limit is consistent with safe and sound banking
practices and is necessary to attract or retain directors or prevent restricting credit
availability in small communities (12 USC 375b(5)(C) and
12 CFR 215.4(d)(2)(i)(A)).
• the board’s annual resolution sets forth the facts and reasoning of the resolution,
including the amount of the bank’s lending to its insiders as a percentage of the
bank’s unimpaired capital and unimpaired surplus as of the date of the resolution
(12 CFR 215.4(d)(2)(i)(B)).
• the bank meets or exceeds all applicable capital requirements (12 CFR 3,
12 CFR 167, and 12 CFR 215.4(d)(2)(i)(C)).
• the bank received at least a satisfactory composite rating on its most recent
examination (12 CFR 215.4(d)(2)(i)(D)).
• if the bank subsequently failed to qualify for the higher limit, it did not extend
additional credit that would maintain insider lending in excess of 100 percent of
unimpaired capital and surplus (12 CFR 215.4(d)(2)(ii)).
• any exceptions are consistent with the requirements in 12 CFR 215.4(d)(3).
5. Determine whether the proceeds of any loans to third parties were transferred to, or used
for the benefit of, any insider and, if so, whether such transfer or benefit qualifies for an
exception to the “tangible, economic benefit” rule (12 CFR 215.3(f)).

Version 1.0
6. With respect to principal shareholders, determine whether any loans (including credit
card advances) were made to members of a shareholder’s “immediate family,” as that
term is defined in 12 CFR 215.2(g).
7. Determine whether any executive officer, director, or principal shareholder knowingly

received or knowingly permitted any of that person’s related interests to receive from any
member bank, directly or indirectly, an extension of credit (as defined in 12 CFR 215.3)
not authorized by 12 USC 375a or 375b or Regulation O (12 CFR 215.6).
8. Determine whether a mortgage or a home equity loan to an executive officer
• is to finance or refinance the purchase, construction, maintenance, or improvement of

a residence of the executive officer (12 USC 375a(2)(A) and 12 CFR 215.5(c)(2)).
• is secured by a first lien on the residence that the executive officer owns or expects to
own after the extension of credit (12 USC 375a(2)(A) and 12 CFR 215.5(c)(2)(i)).
• is a refinancing and, if so, whether the amount used to repay the original extension of
credit, together with closing costs and any other additional amount used, reflects
permissible purposes (12 CFR 215.5(c)(2)(ii)).
• is the only such loan outstanding (12 USC 375a(2)(B)).
9. Determine whether the aggregate amount of extensions of credit to any executive officer
at any one time for purposes other than first-lien mortgages or children’s education
exceed the higher of $25,000 or 2.5 percent of the bank’s unimpaired capital and
unimpaired surplus (but in no case may that aggregate amount exceed $100,000)
(12 USC 375a(4) and 12 USC 215.5(c)(4)).
10. Determine whether extensions of credit made pursuant to the exceptions to the limit
outlined in 12 CFR 215.4(d)(3) are secured, as prescribed by 12 CFR 215.4(d)(3).
11. Determine whether extensions of credit to executive officers are
• promptly reported to the board of directors (12 USC 375a(1) and

12 CFR 215.5(d)(1)).
• made on substantially the same terms as, and adhere to credit underwriting practices
that are no less stringent than, those prevailing at the time for comparable transactions
with non-insiders (12 USC 375a(1)(B) and 12 CFR 215.4(a) and
12 CFR 215.5(d)(2)).
• preceded by the submission of a detailed current financial statement of the executive
officer (12 USC 375a(1)(C) and 12 CFR 215.5(d)(3)).
• made under the written condition that the extension of credit shall become due and
payable on demand at any time that the officer is indebted to any other bank(s) in an
aggregate amount greater than the amount specified for a category of credit in
12 CFR 215.5(c) (12 USC 375a(1)(D), and 12 CFR 215.5(d)(4)).

Version 1.0
12. Determine whether bank records on insider borrowings satisfy the record-keeping
requirements of 12 CFR 215.8, including
• identifying all insiders of the bank and their related interests, annually
(12 CFR 215.8(b)(1)).
• specifying the amount and terms of each extension of credit to insiders of the bank
(12 CFR 215.8(b)(2)).
• maintaining records of extensions of credit to insiders of the bank’s affiliates using
one of the methods specified in 12 CFR 215.8(c).
• employing a record-keeping method that the OCC determines is effective
(12 CFR 215.8(c)(3)).
13. Determine whether, upon written request from the public, the bank makes available the
names of executive officers, principal shareholders, and their related interests to whom
the bank has extended credit and other required information if required to do so by
12 CFR 215.9(b).
14. Determine whether each executive officer and director of a bank that is not publicly
traded annually reports to the board of directors the outstanding amount of any credit
extended to him or her based on the security of shares of the bank (12 CFR 215.10).
15. Using bank reports and other materials, determine whether all loans by the bank to
insiders of its correspondent banks
• are on terms no more favorable than those available at the same time to non-insiders
for comparable transactions (12 USC 1972(2)).
• carry no more than the normal risk of failure to repay (12 USC 1972(2)).
• have no other unfavorable features (12 USC 1972(2)).
16. Review purchases and sales of assets to or from executive officers, directors, or principal
shareholders, or any related interests, to determine whether such transactions are on
market terms and, if the transaction represents more than 10 percent of the bank’s capital
stock and surplus, have been approved by a majority of the disinterested members of the
board (12 USC 1828(z)).
17. Review fees paid to insiders and determine whether they have a direct relationship to, and
are based solely on, the fair value of goods and services received and compensate the
insider only for providing goods and services that meet the legitimate needs of the bank
(and do not place the insider in a conflict of interest relative to his or her duties at the
bank).
18. Review a sample of deposit accounts of employees, executive officers, directors,

principal shareholders, and their related interests and identify any
• exceptions to standard policies on service charges and interest paid.

Version 1.0
• preferential treatment for directors, officers, attorneys, or employees of national

banks (a greater rate of interest on deposits than that paid to other depositors)
(12 USC 376).
• cash items being held by the bank to prevent an overdraft by officers or directors
(12 USC 375b(6) and 12 CFR 215.3(b)(2)).
• overdrafts being paid for executive officers or directors on an account at the bank
(12 USC 375b(6) and 12 CFR 215.4(e)). For any such overdrafts, determine whether
the overdraft
− was in accordance with a written, pre-authorized interest-bearing extension-of-
credit plan that specifies a method of repayment (12 USC 375b(6)(B)(i) and
12 CFR 215.4(e)(1)(i)); or
− was in accordance with a written, pre-authorized transfer of funds from another
account of the account holder at the bank (12 USC 375b(6)(B)(ii) and
12 CFR 215.4(e)(1)(ii)); or
− was inadvertent and aggregated $1,000 or less (12 CFR 215.4(e)(2)). If overdrafts
were inadvertent, determine whether the overdraft status continued no more than
five business days and the executive officer or director paid the same fee charged
any other customer of the bank in similar circumstances (12 CFR 215.4(e)(2)(i)
and 12 CFR 215.4(e)(2)(ii)).
Note: In steps 2 through 18, any violation of Regulation O (12 CFR 215) also is a violation
of 12 CFR 31.2(a), “Extensions of Credit to Insiders and Transactions with Affiliates.”
19. Determine, through discussion with the examiner assigned, whether any concerns were
noted with director’s and officer’s liability insurance.
20. If the bank sells credit life, accident, or health insurance, prepare a description of the
program(s), including
• a list of insiders who are licensed insurance agents.

• any bonus or incentive compensation programs.
• the disposition of commission payments.
21. For national banks that sell credit life, accident, or health insurance (collectively, credit
life insurance), test for compliance with 12 CFR 2 by determining whether
• the bank has not structured its bonus or incentive plan in a manner that could create
incentives for persons selling credit life insurance to make inappropriate
recommendations or sales of credit life insurance to bank customers (12 CFR 2.3(b)).
• if bank employees or officers participate in a bonus or incentive plan under which
payments are based on credit life insurance sales, the payments
− are in amounts that do not exceed 5 percent of the recipient’s annual salary
(12 CFR 2.4(a)); or
− to any one individual during a year do not exceed 5 percent of the average salary
of all loan officers participating in the plan (12 CFR 2.4(b)).

Version 1.0
• income is not being improperly retained by an employee, officer, director, or

principal shareholder, or by an entity in which such persons have more than a
10 percent interest (12 CFR 2.3(c)).
• when an affiliate receives credit life insurance income, the bank receives
reimbursement consistent with the use of its premises, personnel, and goodwill and
that reimbursement is equal to at least 20 percent of the affiliate’s net income
attributable to the bank’s credit life insurance sales (12 CFR 2.5(b)).
Note: Directors, officers, and other persons having the power to direct the management
or policies of a federal savings association are prohibited from receiving, directly or
indirectly, any commission, fee, or other compensation in connection with the
procurement of any loan made by the savings association or its subsidiary
(12 CFR 160.130).
22. If insiders receive payment of commissions or fees from the bank derived from services
they or their related interests provide to bank customers, determine whether
• the insiders are directly or indirectly involved in the approval of a loan or other
transaction at the bank for which they are receiving commissions or fees.
• insiders who receive payment of commissions or fees directly or indirectly related to
a loan or other bank transaction in which they have an interest have fully disclosed
their interest and abstained from participating in the approval of that transaction.
Note: Directors, officers, and other persons having the power to direct the management
or policies of a federal savings association are prohibited from receiving, directly or
indirectly, any commission, fee, or other compensation in connection with the
procurement of any loan made by the savings association or its subsidiary
(12 CFR 160.130).
23. Determine whether any management official of the bank or its holding company or
affiliates of the holding company is also a management official of an unaffiliated
depository institution or depository institution holding company and evaluate whether the
relationship complies with the Depository Institution Management Interlocks Act
(12 USC 3201 and 12 CFR 26 and 196).
24. Determine whether the purchase or sale of assets to insiders and their related interests
was in compliance with 12 USC 1828(z) and was reported to the board, and the bank
obtained an independent appraisal of the asset.
25. Determine whether the use of bank property by insiders and their related interests was
reported to the board, a determination was made as to reasonableness of such use, tax
implications were evaluated, the bank’s tax accountant was consulted with regard to the
use of the property, and it is in compliance with bank policy.

Version 1.0
26. Determine whether any payments to insiders have been reported to the board and an
independent assessment of the value of services has been performed in relation to the
bank’s need for them.
27. Determine whether reimbursement of personal expenses to insiders is of a legitimate

nature, is legal, is reasonable, and, when necessary, is reported to the board. Examiners
should consider testing vouchers and reimbursable/payable transactions if controls are
weak, and should consider tracing loan funds if suspicious loans or activities are
identified.
28. For federal savings associations, determine whether employment contracts with
association officers (and other employees) have been approved by the board and are
entered into in accordance with the requirements of 12 CFR 163.39.

Version 1.0
Quality of Risk Management
Conclusion: The quality of risk management is

(strong, satisfactory, or weak).
The conclusion on risk management considers all risks associated with insider activities.
Policies
Policies are statements of actions adopted by a bank to pursue certain objectives. Policies
often set standards (on risk tolerances, for example) and should be consistent with the bank’s
underlying mission, values, and principles. A policy review should always be triggered when
the bank’s objectives or standards change.
Objective: To determine whether the bank’s insider policies adequately address both the existence
and appearance of conflicts of interest, breaches of fiduciary duty and potential violations of
law, and arm’s-length transactions regarding insider activities.
1. Review the insider policies for standards governing
• the definition of “insider” for regulatory and other purposes (for certain transactions
and activities, insider may be broadly defined to include all employees).
• disclosure to the board of actual or potential conflicts of interest.
• abstention by insiders from the deliberations of and approval process on any
transaction in which the insider may benefit directly or indirectly from the decision.
• officers who may enter into insider transactions on the bank’s behalf.
• self-dealing and corporate opportunity.
• use of company assets.
2. Determine whether the policies appropriately address disclosures by insiders
• of any interest in the business of a borrower or other bank customer.

• of any interest in the companies that are supplying goods or services to the bank or
doing business on behalf of the bank.
• of transactions with the bank, including payment to or receipt from the bank of fees or
commissions.
• of related interests as required in 12 CFR 215.8.

Version 1.0
3. Determine whether the policies clearly communicate the circumstances and conditions
under which
• the bank may enter into transactions with insiders or their related interests.
• the bank makes the use of its facilities, real or personal property, or personnel
available to insiders.
4. Assess whether the policies adequately address prohibitions that preclude insiders from
• soliciting anything of value from anyone in return for any business service or
confidential information of the bank.
• accepting anything of value other than their bona fide salary, wages, fees, or other
compensation paid in the usual course of business by their employer, from anyone in
connection with the business of the bank, either before or after a transaction is
discussed or consummated.
• accepting gifts, bequests, or other items of value from bank customers or other
persons with business dealings with the bank.
• using insider information in securities transactions.
5. Review policy requirements for arm’s-length transactions
• with insiders or their related interests.

• with businesses with which the bank deals if the business is one in which an insider
has an interest.
6. Determine whether the policies adequately address the consequences of breaches of

fiduciary duty, unethical conduct, violations of law, or suspected criminal activity and
contain effective internal reporting mechanisms as well as suspicious activity report filing
processes.
7. Review policy requirements for documentation of insider transactions.
8. Ensure the bank periodically reviews its insider policies to reflect any changes in laws or
regulations. Determine whether
• insiders have copies of the document and have signed an acknowledgement form.
• insiders are advised of their responsibilities.
• the bank provides training updates.
Processes
Processes are the procedures, programs, and practices that impose order on a bank’s pursuit
of its objectives. Processes define how daily activities are carried out. Effective processes are
consistent with the underlying policies and are governed by appropriate checks and balances
(such as internal controls).

Version 1.0
Objective: To determine that the bank’s operating procedures are adequate to ensure compliance
with laws and regulations and board-established policies regarding insider activities.
1. Review bank management information systems and determine whether they
• can provide accurate data on insiders and their related interests.

• can provide accurate data on extensions of credit to insiders.
• can ensure proper monitoring of, and compliance with, restrictions on extensions of
credit to insiders (see 12 CFR 215.8 for record-keeping requirements and
12 CFR 215.4 and 12 CFR 215.5 for restrictions).
• require that records of publicly requested disclosures of information be retained for
two years from the date of the request (12 CFR 215.9(c)).
2. Determine whether the bank has established communication channels outside the normal
chain of command through which employees can seek advice on ethics or compliance
questions or report instances of suspected insider abuse.
3. Determine whether the bank’s employment practices include performing periodic

background checks on insiders.
4. Determine whether insider-related reports are being reviewed by the board and
management.
Personnel
Personnel are the bank staff and managers who execute or oversee processes. Personnel
should be qualified and competent and should perform appropriately. They should
understand the bank’s mission, values, principles, policies, and processes. Banks should
design compensation programs to attract, develop, and retain qualified personnel. In addition,
compensation programs should be structured in a manner that encourages strong risk
management practices.
Objective: To ensure that bank personnel are aware of the requirements of laws and regulations as
well as the importance of avoiding even the appearance of impropriety regarding insider
activities.
1. Determine through discussion with compliance and audit personnel their knowledge with
regard to laws and regulations addressing insider activities. Review
• scope of the compliance or audit review program.

• compliance or audit review findings.

Version 1.0
2. Determine whether management ensures personnel are aware of regulatory requirements

regarding insider activities.
• Has the bank notified each of its insiders of the record-keeping requirements of
12 CFR 215.8?
• Has the bank established an ongoing program to educate and raise the awareness of
all bank insiders and employees regarding its insider policies?
• Has the bank established a confidential process by which personnel may bring
potential conflicts of interest or improper situations to the attention of the board and
management?
• Has management provided training to personnel regarding regulatory and bank-
established policy requirements, including training for regulatory and policy changes
and updates, at least annually?
• Do the bank’s written insider policies require affected personnel to acknowledge
reading the policy, including updates, and abiding by their terms?
Control Systems
Control systems are the functions (such as internal and external audits, risk review, and
quality assurance) and information systems that bank managers use to measure performance,
make decisions about risk, and assess the effectiveness of processes. Control functions
should have clear reporting lines, adequate resources, and appropriate authority. Management
information systems should provide timely, accurate, and relevant feedback.
Objective: To ensure that the board has established effective control systems that enable
management to comply with laws, regulations, and policies as well as safe and sound
banking practices regarding insider activities. These controls should be set up in such a
manner as to also be effective in preventing anyone from overriding them.
1. Consult with examiners reviewing the bank’s internal and external audit, compliance, or
internal loan review functions, and review audit findings or work papers as they relate to
existing and proposed insider transactions. Determine whether
• the function is adequate in terms of

− independence.
− scope (e.g., testing for compliance with laws and regulations).
− coverage (e.g., includes review of income received from and fees paid to insiders
and their related interests).
− frequency of review.
− procedures.
• bank management and the board of directors take timely corrective action to address
deficiencies noted by the audit, compliance, or internal loan review functions.

Version 1.0
2. Determine whether the bank, through the audit department or other independent source,
reviews and reports to the board of directors or committee
• existing transactions between insiders for compliance with the bank’s conflicts of
interest policy.
• proposed transactions, or modifications of existing relationships, between the bank
and any of its insiders and their interests.
• insider transactions for compliance with laws, rules, and regulations including
breaches of fiduciary duty or unethical conduct.
• testing performed to ensure the completeness and accuracy of insider reporting.
• whether the bank accurately calculates unimpaired capital and unimpaired surplus for
Regulation O purposes. (This should be done in conjunction with the examiner
reviewing capital.)
3. Determine whether a process has been implemented to prevent anyone from overriding
the control systems, the systems are checked periodically to ensure that they have not
been compromised by anyone, and the systems have been tested.

Version 1.0
Conclusions
Conclusion: The aggregate level of each associated risk is

(low, moderate, or high).
The direction of each associated risk is
(increasing, stable, or decreasing).
Objective: To determine, document, and communicate overall findings and conclusions regarding
the examination of insider activities.
1. Discuss preliminary examination findings and conclusions with the examiner-in-charge,

including
• quantity of associated risks (reputation, credit, compliance, operational, and

liquidity).
• aggregate level and direction of associated risks.
• quality of risk management and potential impact on “M” rating.
• overall risk of insider activities.
• violations and other concerns.
Summary of Risks Associated With Insider Activities

Quality of risk Aggregate level
Quantity of risk Direction of risk
management of risk
Risk category (Weak, (Increasing,
(Low, moderate, (Low, moderate,
satisfactory, stable,
high) high)
strong) decreasing)
Credit
Liquidity
Operational
Compliance
Reputation
2. If safety and soundness concerns remain unresolved, and such concerns may have a
material adverse effect on the bank, further expand the scope of the examination by
completing verification procedures.
3. Discuss examination findings with bank management and, as appropriate, the board of
directors, including violations, recommendations, and conclusions about risks and risk
management practices. If necessary, obtain commitments for corrective action.
4. Compose conclusion comments, highlighting any issues that should be included in the
report of examination. If necessary, compose a Matters Requiring Attention comment.

Version 1.0
5. Advise appropriate OCC offices of any borrowings in this bank by insiders of another
bank (12 USC 1972(2)). Also advise the OCC district office of similar situations that may
affect state banks.
6. Update the OCC’s information system and any applicable report of examination
schedules or tables.
7. Prepare a memorandum with any recommendations regarding what the OCC should do in
the future to effectively supervise insider activities at banks.
8. Update, organize, and reference work papers in accordance with OCC policy.
9. Ensure any paper or electronic media that contain sensitive bank or customer information
are appropriately disposed of or secured.

Version 1.0
Verification Procedures
Verification procedures are used to verify the existence of assets and liabilities, or test the
reliability of financial records. Examiners generally do not perform verification procedures as
part of a typical examination. Rather, verification procedures are performed when substantive
safety and soundness concerns are identified that are not mitigated by the bank’s risk
management systems and internal controls.
1. Review the integrity of controls over software used to generate insider activity reports.
2. Using appropriate sampling techniques, select a sample of extensions of credit (as

defined in 12 CFR 215.3, including loans, commitments, overdrafts, securities repurchase
agreements, advances of unearned salary) to directors, executive officers, principal
shareholders, and their related interests.
a. Determine if such extentions of credit are properly coded and reflected on the reports.
b. Determine that each loan file contains documentation supporting the loan’s terms and
conditions and compliance with 12 CFR 215.
c. Prepare confirmation form to insiders. Confirmations should include
• the nature of the extension of credit.

• complete name and legal form (individual, sole proprietorship, general
partnership, limited partnership, limited liability company, or corporation) of
obligor, co-maker, endorser, and guarantor, as applicable.
• name of director, officer, or principal shareholder related to the obligor.
• nature of obligation (signer on note, guarantor, general partner, etc.).
• original date, amount, and purpose of the loan or commitment or other extension
of credit.
• current balance.
• terms, including interest rate, maturity date, and any collateral.
d. After a reasonable period of time, mail second requests, if necessary.
e. Follow up on any “no replies” or exceptions.
f. Review payment history and compare with the terms of the extension of credit,
investigating any differences.
g. Test interest rate and accrual calculations and compare with the general ledger.
h. Look for any extensions of time or renewals and determine if they are consistent with
loan policy and are reported to the board.

Version 1.0
i. Determine that required board approvals and signatures of approving officer(s) were
obtained.
j. Determine whether the extension of credit is supported by a promissory note that is

signed and appears to be genuine.
k. For collateralized extensions of credit,
• determine if collateral held is consistent with the collateral register and loan
terms.
• list and investigate all collateral exceptions.
• determine if any collateral held by outside custodians is consistent with loan terms
and conditions.
• confirm any collateral held outside of the bank.
3. Test vouchers and reimbursable/payable transactions for payment of personal expenses

for insiders to ensure the expenses are legitimate and in conformance with insider
policies.

Version 1.0
Appendixes
Appendix A: Regulation O Record-Keeping
and Reporting Requirements
The following is an aid to understanding the various record-keeping and reporting
requirements for insider transactions. This is only a guide and is not a substitute for reading
and studying 12 USC 375a, 375b and Regulation O (12 CFR 215).
Definitions
An “executive officer” is a person who participates (other than in the capacity of a director)
or who has the authority to participate in major policymaking functions whether or not the
person has an official title (12 CFR 215.2(e)(1)). Persons holding certain titles are presumed
to be executive officers unless properly excluded by a bank’s board of directors in
accordance with Regulation O’s specified procedures and they do not actually engage in
major policymaking functions of the bank. In addition, for all purposes in Regulation O
except 12 CFR 215.5, “executive officer” includes an executive officer of an affiliate
(a company or any subsidiary of a company of which the member bank is a subsidiary).
Regulation O permits an exemption for officers of affiliates if certain procedural and
substantive requirements are met (12 CFR 215.2(e)(2)). Officers of bank subsidiaries are
generally not considered executive officers of their parent bank for purposes of Regulation O
unless they actually engage in major policymaking functions of the bank.
A “principal shareholder” is a person (not a company of which the bank is a subsidiary)

who directly or indirectly, or acting through or in concert with one or more persons, owns,
controls, or has the power to vote more than 10 percent of any class of voting securities.
Shares owned or controlled by a member of an individual’s immediate family are considered
as being held by the individual (12 CFR 215.2(m)).
A “related interest” of a person is (1) a company controlled by that person, or (2) a political
or campaign committee that is controlled by that person or the funds or services of which will
benefit that person (12 CFR 215.2(n)).
A “director” is any person designated as a director regardless of compensation, but does not
include advisory directors who provide only general policy advice to the board, are not
authorized to vote on matters before the board, and are not elected by shareholders.
Regulation O permits an exemption for directors of affiliates if certain procedural and
substantive requirements are met (12 CFR 215.2(d)(2)).

Version 1.0
Summary of Requirements
Section Requirement
215.8 Records of Member Banks

A bank must maintain records of all extensions of credit to insiders of the bank
and of the bank’s affiliates, including the amount and terms of such extensions of
credit. The bank must identify, through an annual survey, all insiders of the bank
and of the bank’s affiliates. Alternative methods are permitted for identifying
insiders of the bank’s affiliates.
215.9 Disclosure of Credit From Member Banks to Executive Officers and

Principal Shareholders
Upon written request from the public, a bank shall make available the names of its
executive officers and principal shareholders to whom, or to whose related
interests, the bank has outstanding as of the last quarter-end an extension of credit
that, when aggregated with all other extensions of credit to that person and the
related interests of that person, equals or exceeds 5 percent of unimpaired capital
and unimpaired surplus, or $500,000, whichever is less. No disclosure is required
if the total of all extensions of credit to an executive officer or principal
shareholder does not exceed $25,000. Specific amounts of individual extensions
of credit are not required to be disclosed. Records of such requests must be
maintained for two years.
215.10 Reporting Requirement for Credit Secured by Certain Bank Stock

Executive officers or directors of a bank whose shares are not publicly traded
must annually report to the board the outstanding amount of any credit extended
to them that is secured by shares of the bank.

Version 1.0
Appendix B: Acceptance of Items of Value

Under certain circumstances, a bank insider may accept something of value from someone
doing or seeking to do business with the bank. The bank’s written policies should establish
guidelines regarding the acceptance of gifts and only authorize an insider to accept an item if
it meets certain conditions, such as
• it is offered based on a family or personal relationship, independent of any bank business.

• it is available to the general public on the same conditions.
• it would be paid for by the bank as a reasonable business expense if not paid for by
another party.
Under these circumstances, there is generally no risk to the bank. Common examples of these
types of items include a business lunch or holiday season gift. The bank’s written policies
may also permit acceptance of the following:
• Meals, gratuities, amenities, or favors based on obvious family or personal

relationships. The circumstances should make it clear that the relationship, rather than
the business of the bank, is the motivating factor.
• Meals, refreshments, travel arrangements, accommodations, or entertainment of

reasonable value in the course of a meeting or other occasion. In this case, the
occasion must be for a bona fide business discussion or part of an effort to foster better
business relations, and the expense should be one the bank would pay as a reasonable
business expense if not being paid by another party. The bank may wish to establish a
dollar limit on arrangements accepted under this exception.
• Advertising or promotional material of reasonable value, including pens, pencils,

notepads, key chains, calendars, and similar items.
• Discounts or rebates on merchandise or services that are available to other

customers under similar circumstances.
• Gifts of reasonable value related to commonly recognized events or occasions such

as a promotion, new job, wedding, retirement, Christmas, or bar or bat mitzvah.
The bank may wish to establish a dollar limit on the value of such gifts.
• Civic, charitable, educational, or religious organization awards for recognition of

service and accomplishment. The bank may wish to establish a dollar limit on such
awards.

Version 1.0
• Loans from other banks or financial institutions, when made on customary terms
for the purpose of financing proper and usual activities of bank insiders. Insiders
must ensure that financial arrangements are not contingent on the bank either accepting
or offering any other service. Insiders must also ensure that they do not receive
preferential loans from correspondent banks (and banks must ensure that they do not
make preferential loans to insiders of correspondent banks).
• Other benefits or items of value, when approved in writing, case by case. Approvals
should be based on a full, written disclosure of all relevant facts and should be consistent
with the bank bribery statute (18 USC 215).
The OCC has not set a dollar limit on the value of items that may be accepted by insiders.
Reasonable standards for one part of the country might appear lavish elsewhere. Each bank
should establish dollar limits on the benefits that insiders are allowed to accept. In setting
those limits, a bank should observe the highest ethical standards.
A bank’s insider policies should require an insider who is offered, or who receives,
something of greater value than is authorized to disclose that fact to an appropriately
designated official of the bank. The bank should maintain written reports of such disclosures,
in whatever format the bank deems appropriate.

Version 1.0
References
Auditing Requirements
Regulations 12 CFR 363, “Annual Independent Audit and Reporting
Requirements”
Comptroller’s Handbook “Community Bank Supervision” (Examination Process series)
“Internal and External Audits” (Safety and Soundness series,
“Management” category)
“Large Bank Supervision” (Examination Process series)
OCC Issuances OCC Bulletin 2003-12, “Interagency Policy Statement on
Internal Audit and Internal Audit Outsourcing,” revised
guidance (March 17, 2003)
OCC Bulletin 1999-37, “Interagency Policy Statement on
External Auditing Programs” (October 7, 1999)
Compensation of Insiders
Laws 12 USC 1831p-1, “Safety and Soundness Standards”
12 USC 5641, “Enhanced Compensation Structure Reporting”
Regulations 12 CFR 30 and 170, “Safety and Soundness Standards”
12 CFR 163.39, “Employment Contracts”
12 CFR 163.161(b), “Management and Financial Policies”
OCC Issuances OCC Bulletin 2010-24, “Interagency Guidance on
Sound Incentive Compensation Policies” (June 30, 2010)
OCC Bulletin 2004-56, “Interagency Statement on the
Purchase and Risk Management of Life Insurance”
(December 7, 2004)
Conflicts of Interest
Regulations 12 CFR 163.200, “Conflicts of Interest”
Correspondent Banks
Laws 12 USC 1972(2), “Certain Tying Arrangements Prohibited;
Correspondent Accounts”
Credit Life Insurance

Regulations 12 CFR 2, “Sale of Credit Life Insurance”
Employment Contracts
Regulations 12 CFR 163.39, “Employment Contracts”

Version 1.0
Extensions of Credit to Executive Officers, Directors, and

Principal Shareholders
Laws 12 USC 1468(b), “Extensions of Credit to Executive Officers,
Directors, and Principal Shareholders”
12 USC 375a, “Loans to Executive Officers of Bank”
12 USC 375b, “Extensions of Credit to Executive Officers,
Directors, and Principal Shareholders of Member Banks”
Regulations 12 CFR 31, “Extensions of Credit to Insiders and Transactions
With Affiliates”
12 CFR 163.43, “Loans by Savings Associations to Their
Executive Officers, Directors and Principal Shareholders”
12 CFR 215, “Regulation O”
Comptroller’s Handbook “Related Organizations” (Safety and Soundness series,
“Management” category)
OCC Issuances Interpretive Letter 1024 (March 21, 2005)
Golden Parachute and Indemnification Payments

Laws 12 USC 1828(k), “Authority to Regulate or Prohibit Certain
Forms of Benefits to Institution-Affiliated Parties”
Regulations 12 CFR 359, “Golden Parachute and Indemnification
Payments”
12 CFR 7.2014, “Indemnification of Institution-Affiliated
Parties”
12 CFR 145.121, “Indemnification of Directors, Officers and
Employees”
Interest Paid to Directors and Others

Laws 12 USC 376, “Rate of Interest Paid to Directors, etc.”
Liability of Directors and Officers of Member Banks

Laws 12 USC 503, “Liability of Directors and Officers of Member
Banks”
12 USC 93, “Violation of Provisions; Forfeiture of Franchise;
Personal Liability of Directors; Civil Money Penalty”
12 USC 1818

Version 1.0
Management Interlocks
Laws 12 UCS 3202-3203, “Depository Institution Management
Interlocks”
Regulations 12 CFR 26 and 12 CFR 196, “Management Official Interlocks”
Purchases from and Sales to Insiders

Laws 12 USC 1828(z), “General Prohibition on Asset Sales”
Prompt Corrective Action

Laws 12 USC 1831o, “Prompt Corrective Action”
Regulations 12 CFR 6, “Prompt Corrective Action”
12 CFR 165, “Prompt Corrective Action”
Receipt of Fees for Procuring Loans

Laws 18 USC 215, “Receipt of Commissions or Gifts for Procuring
Loans”
Regulations 12 CFR 160.130, “Prohibition on Loan Procurement Fees”
Role of a National Bank Director

OCC Issuances The Director’s Book, October 2010
Self-Dealing (Fiduciary Accounts)

Regulations 12 CFR 9.12, “Self-dealing and Conflicts of Interest”
12 CFR 150.350, “Restrictions on Self Dealing”
Comptroller’s Handbook “Conflicts of Interest” (Asset Management series)
Suspicious Activity Reporting

Regulations 12 CFR 21.11, “Suspicious Activity Report”
12 CFR 163.180, “Suspicious Activity Reports”
Usurpation of Corporate Opportunity

Regulations 12 CFR 163.201, “Corporate Opportunity”

Pub CH Insider Activities

Uploaded by

Copyright:

Available Formats

Pub CH Insider Activities

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Pub CH Insider Activities

Uploaded by

Copyright:

Available Formats

Comptroller’s Handbook M-IA

Safety and Soundness

Examination Procedures .......................................................................................................20

Comptroller’s Handbook i Insider Activities

A bank’s corporate governance processes should comprehensively address insider activities.

Comptroller’s Handbook 1 Insider Activities

Risks Associated With Insider Activities

Comptroller’s Handbook 2 Insider Activities

Duties of the Board and Management

Comptroller’s Handbook 3 Insider Activities

• Establishing appropriate insider policies, including a code of ethics and required

Comptroller’s Handbook 4 Insider Activities

The insider policies should

Comptroller’s Handbook 5 Insider Activities

Duty of Care and Duty of Loyalty

Comptroller’s Handbook 6 Insider Activities

Holding Companies and Other Affiliates

Comptroller’s Handbook 7 Insider Activities

Compliance With Insider Laws and Regulations

Regulation O—Extensions of Credit to Insiders

Comptroller’s Handbook 8 Insider Activities

Regulation O’s main provisions include

• a prohibition on extensions of credit to insiders unless a loan is (1) nonpreferential and

Comptroller’s Handbook 9 Insider Activities

Comptroller’s Handbook 10 Insider Activities

• secured by a perfected security interest in U.S. Treasury obligations or in other

Extensions of Credit to Executive Officers

Other Insider Laws and Regulations

12 USC 376—Preferential Interest Payments

Comptroller’s Handbook 11 Insider Activities

12 USC 1972(2)—Insider Loans With Correspondent Banks

12 USC 1828(z)—Asset Purchases and Sales

Comptroller’s Handbook 12 Insider Activities

12 CFR 160.130—Prohibition on Loan Procurement Fees

12 CFR 163.200—Conflicts of Interest

12 CFR 163.201—Usurpation of Corporate Opportunity

Internal Controls and Audit

Comptroller’s Handbook 13 Insider Activities

• Transactions resulting in a conflict of interest or the appearance of such a conflict.

Compensation and Benefits Paid to Insiders

Comptroller’s Handbook 14 Insider Activities

An advance of salary or other unearned compensation to an insider for a period in excess of

12 CFR 30, Appendix A, and 12 CFR 170, Appendix A: Interagency

Comptroller’s Handbook 15 Insider Activities

Interagency Guidance on Sound Incentive Compensation Policies

• be supported by strong corporate governance, including active and effective oversight by

Golden Parachute Payments

• The institution makes, or agrees to make, a payment in the nature of compensation to or

Comptroller’s Handbook 16 Insider Activities

Management and Other Fees

Comptroller’s Handbook 17 Insider Activities

Audit Committee Member Fees

Credit Life/Accident and Health Insurance Fees

Other Commissions or Fees Paid to Insiders

Comptroller’s Handbook 18 Insider Activities

Management Information Systems and Financial Reporting

Comptroller’s Handbook 19 Insider Activities

transaction or proposed transactions exceeding $120,000 between a public company and a

Comptroller’s Handbook 21 Insider Activities