Insurance Corporation (FDIC) in two respects: (1) <strong>the</strong> FDIC was given broad authorityover federally insured banks and savings associations; and (2) <strong>the</strong> FDIC was givenpower to bring enforcement actions against any “institution-affiliated party,” which isdefined to include, among o<strong>the</strong>r things, any director, officer, employee or controllingstockholder (o<strong>the</strong>r than a holding company) of an insured depository institution.In addition to administrative remedies such as issuing cease and desist orders,suspension or removal from office, and prohibition orders, FIRREA empowers <strong>the</strong>FDIC to impose civil money penalties against institution-affiliated parties, includingindividuals who have left <strong>the</strong> institution, or individuals associated with institutionsthat are now closed. FIRREA sets forth three levels of civil money penalties that maybe imposed against an institution-affiliated party, ranging from less than $5,000to $1 million per day for continuing violations. Criminal penalties may range from$100,000 per day and one year’s imprisonment to $1 million per day and 20 years’imprisonment. These penalties also apply to violations of anti-tying provisions of <strong>the</strong>Bank Holding Company Act, <strong>the</strong> Change in Bank Control Act, affiliate transactionrestrictions, and <strong>the</strong> National Bank Act.Statutory and common laws governing <strong>the</strong> responsibilities of directors of financialinstitutions vary from state to state. Historically, a director’s acts or omissions weretested against an ordinary prudent person standard. However, at least 43 states haveenacted statutes permitting corporations to adopt charter provisions that limit oreliminate <strong>the</strong> liability of directors (and, in some states, officers) for breach of <strong>the</strong> dutyof care. FIRREA, however, limits <strong>the</strong> ability of depository institutions to eliminate adirector’s liability for gross negligence.“Functional regulation”The Gramm-Leach-Bliley Act of 1999 changed how depository institutions and <strong>the</strong>irholding companies and affiliates are regulated. The Gramm-Leach-Bliley Act promotes“functional regulation,” meaning that traditional depository institution activitiesare regulated by depository institution regulatory agencies, securities activities areregulated by <strong>the</strong> Securities and Exchange Commission (SEC), insurance activities areregulated by <strong>the</strong> states, and so on.Many depository institutions offer securities, mutual funds and o<strong>the</strong>r types ofinvestments to customers as alternatives to traditional deposit instruments. Customersmay misunderstand <strong>the</strong> nature of non-deposit products because <strong>the</strong> products are oftensold within <strong>the</strong> institution’s premises by <strong>the</strong> institution’s employees. In many instances,personnel are required to register as brokers (or dealers) with <strong>the</strong> SEC and NationalAssociation of Securities Dealers. Moreover, <strong>the</strong> products offered may be “securities”under federal or state securities laws which must be registered with <strong>the</strong> SEC and/orstate agencies. And, under <strong>the</strong> Gramm-Leach-Bliley Act, depository institutions that actas advisers to mutual funds must register with <strong>the</strong> SEC as “investment advisers” under<strong>the</strong> Investment Advisers Act of 1940. The Gramm-Leach-Bliley Act also contemplates<strong>the</strong> offering by depository institutions of “hybrid” products – products o<strong>the</strong>r thanequity swaps or a limited number of o<strong>the</strong>r products not previously regulated by <strong>the</strong>SEC as a security – and <strong>the</strong>se may be regulated ei<strong>the</strong>r by <strong>the</strong> SEC or by <strong>the</strong> FederalReserve Board, depending on <strong>the</strong> product in question.11Financial institutions guide
Sarbanes-OxleyThe Sarbanes-Oxley Act of 2002 was enacted by Congress to address several areasof national concern regarding corporate accounting and auditing, fraud and officerliability, and corporate transparency for publicly-held corporations. The most notableprovisions include:• A requirement that an independent accounting board be created to overseecorporate accounting and auditing practices;• A requirement that CEOs and CFOs of public companies participate in <strong>the</strong>preparation of financial statements and personally certify <strong>the</strong> accuracy of suchstatements;• A requirement that an “internal control report” must be included in a publiccompany’s annual report, and that <strong>the</strong> company’s public accountant must attest tomanagement’s assessment of <strong>the</strong> company’s internal control structures;• A ban on corporate loans to directors and officers, except in certain limitedcircumstances;• The accelerated reporting of insider trades;• A requirement that audit committees be composed entirely of “independent”directors; and• The forfeiture of bonus and equity compensation for CEOs and CFOs in <strong>the</strong> eventof a material restatement of a company’s financial statements.The Sarbanes-Oxley Act imposes meaningful deterrents to promote compliance withboth <strong>the</strong> Act and pre-existing corporate obligations. Among o<strong>the</strong>r things, Sarbanes-Oxley establishes substantial monetary penalties and prison sentences for officerswho falsely certify financial statements, criminal charges for <strong>the</strong> wrongful destructionof documents or for failing to maintain audit records, an extension of <strong>the</strong> statuteof limitations for private securities fraud lawsuits, and criminal charges for certainfederal securities law violations.In addition to <strong>the</strong> requirements set forth by Sarbanes-Oxley, directors on auditcommittees of publicly traded companies are subject to additional requirementsimposed by <strong>the</strong> SEC. Among o<strong>the</strong>r things, <strong>the</strong> SEC requires <strong>the</strong> following:• The audit committee must prepare and issue an annual report, identifying <strong>the</strong>committee members and including statements regarding <strong>the</strong> audit committee’sreview of <strong>the</strong> company’s financials and <strong>the</strong> committee’s recommendations;• The company must disclose whe<strong>the</strong>r <strong>the</strong> audit committee has adopted a writtenaudit committee charter, which must be reviewed annually; and• Quarterly financial statements must be reviewed by an independent auditorand <strong>the</strong> results of that review must be discussed with <strong>the</strong> audit committee or itschairperson prior to <strong>the</strong> company’s quarterly SEC filing.12Financial institutions guide