Client Alert: Bankers Beware: Copying and Removal of Confidential Financial Institution and Supervisory Information Can Lead to FDIC Action
Bank officers and directors, as well as bank legal counsel should take heed of the FDIC's Financial Institution Letter dated March 19, 2012 (FIL-14-2012). In that letter the FDIC warns bank officers and directors that copying and removing financial institution and supervisory records from the institution "… is a breach of their fiduciary duty to the institution and an unsafe and unsound banking practice, which may also violate applicable laws and regulations…”.
While apparently directed at copying and removal of records in anticipation of litigation or regulatory enforcement actions against such directors and officers personally, the FIL does not clearly distinguish between the normal practices of many institution boards with regard to copying and providing agency information (including confidential supervisory information "CSI") to directors, officers and others involved in the oversight of the institution. These are the same individuals who would arguably be negligent and in breach of their fiduciary obligations if they were not aware of the content of the regulatory communications (including CSI) and not in possession of the confidential financial institution records necessary to fulfill their obligations as managers and board members.
State and federal laws provide for strict confidentiality with regard to CSI, subject to very limited exceptions. While the FIL appears directed to those situations where copying and removal of CSI and confidential bank information is "… in anticipation of an institution's failure … " in violation of applicable law and regulation, the FIL emphasizes that such actions represent a de facto breach of director and officer fiduciary obligations to the institution and an unsafe and unsound banking practice for which there could be significant potential civil money penalties and perhaps criminal sanctions.
The FIL also cautions bank legal counsel with regard to their own "… fiduciary duty, both legally and ethically, … to advance only the interests of the institution".
The impact and breadth of this warning shot across the bow is difficult to ascertain at the present time. While bank officers, directors and legal counsel all recognize the long-standing agency restrictions on distribution of CSI outside the institution, query whether simply copying bank records and regulatory documents containing CSI for board meeting packages, for auditors, for consultants or for others in the normal course may now be deemed to constitute a de facto breach of fiduciary duty and/or an unsafe and unsound banking practice. Particularly when viewed with 20-20 hindsight in the event of a subsequent failure of the institution.
Issues relating to what constitutes permissible disclosure of CSI have for a long time been problematic in the context of due diligence and securities law "full disclosure" requirements. The FIL provides an additional dimension of concern that institutions and their counsel should carefully consider.
Suffice it to say that directors, officers and legal counsel for financial institutions have been placed on notice that strong caution is the rule when dealing with CSI and other financial institution information.