Management is the most forward-looking indicator of condition and a key determinant of whether a Bank possesses the ability to correctly diagnose and respond to financial stress.

The management component provides examiners with objective, and not purely subjective, indicators. An assessment of management is not solely dependent on the current financial condition of the Bank and will not be an average of the other component ratings.

Reflected in this component rating is both the board of directors’ and management’s ability to identify, measure, monitor, and control the risks of the Bank’s activities, ensure its safe and sound operations, and ensure compliance with applicable laws and regulations. Management practices should address some or all of the following risks: credit, interest rate, liquidity, transaction, compliance, reputation, strategic, and other risks.

The management rating is based on the following areas, as well as other factors as discussed below.

Business strategy and financial performance

The Bank’s strategic plan is a systematic process that defines management’s course in assuring that the organization prospers in the next two to three years.

The strategic plan incorporates all areas of a Bank’s operations and often sets broad goals, e.g., capital accumulation, growth expectations, enabling Bank management to make sound decisions. The strategic plan should identify risks within the organization and outline methods to mitigate concerns.

As part of the strategic planning process, Banks should develop business plans for the next one or two years. The board of directors should review and approve the business plan, including a budget, in the context of its consistency with the Bank’s strategic plan. The business plan is evaluated against the strategic plan to determine if it is consistent with its strategic plan. Examiners also assess how the plan is put into effect. The plans should be unique to and reflective of the individual Bank. The Bank’s performance in achieving its plan strongly influences the management rating.

Information systems and technology should be included as an integral part of the Bank’s strategic plan. Strategic goals, policies, and procedures addressing the Bank’s information systems and technology (“IS&T”) should be in place. Examiners assess the Bank’s risk analysis, policies, and oversight of this area based on the size and complexity of the Bank and the type and volume of e-Commerce services offered. Examiners consider the criticality of e-Commerce systems and services in their assessment of the overall IS&T plan.

Internal controls

An area that plays a crucial role in the control of a Bank’s risks is its system of internal controls.

Effective internal controls enhance the safeguards against system malfunctions, errors in judgment and fraud.

Without proper controls in place, management will not be able to identify and track its exposure to risk. Controls are also essential to enable management to ensure that operating units are acting within the parameters established by the board of directors and senior management.

Seven aspects of internal controls deserve special attention:

  1. 1. Information Systems

It is crucial that effective controls are in place to ensure the integrity, security, and privacy of information contained on the Bank’s computer systems. In addition, the Bank should have a tested contingency plan in place for the possible failure of its computer systems.

  1. 2. Segregation of Duties

The Bank should have adequate segregation of duties and professional resources in every area of operation. Segregation of duties may be limited by the number of employees in smaller Banks.

  1. 3. Audit Program

The effectiveness of the Bank’s audit program in determining compliance with policy should be reviewed. An effective audit function and process should be independent, reporting to the Supervisory Committee without conflict or interference with management. An annual audit plan is necessary to ensure that all risk areas are examined, and that those areas of greatest risk receive priority. Reports should be issued to management for comment and action and forwarded to the board of directors with management’s response. Follow-up of any unresolved issues is essential, e.g., examination exceptions, and should be covered in subsequent reports. In addition, a verification of members’ accounts needs to be performed at least once every two years.

  1. 4. Record Keeping

The books of every Bank should be kept in accordance with well-established accounting principles. In each instance, a Bank’s records and accounts should reflect its actual financial condition and accurate results of operations. Records should be current and provide an audit trail. The audit trail should include sufficient documentation to follow a transaction from its inception through to its completion. Subsidiary records should be kept in balance with general ledger control figures.

  1. 5. Protection of Physical Assets

A principal method of safeguarding assets is to limit access by authorized personnel. Protection of assets can be accomplished by developing operating policies and procedures for cash control, joint custody (dual control), teller operations, and physical security of the computer.

  1. 6. Education of Staff

Bank staff should be thoroughly trained in specific daily operations. A training program tailored to meet management needs should be in place and cross-training programs for office staff should be present. Risk is controlled when the Bank is able to maintain continuity of operations and service to members.

  1. 7. Succession Planning

The ongoing success of any Bank will be greatly impacted by the ability to fill key management positions in the event of resignation or retirement. The existence of a detailed succession plan that provides trained management personnel to step in at a moment’s notice is essential to the long-term stability of a Bank. A succession plan should address the Chief Executive Officer (or equivalent) and other senior management positions (manager, assistant manager, etc.)

  1. Other Management Issues

Other key factors to consider when assessing the management of a Bank include, but are not limited to:

  • Adequacy of the policies and procedures covering each area of the Bank’s operations (written, board approved, followed);
  • Budget performance compared against actual performance;
  • Effectiveness of systems that measure and monitor risk;
  • Risk-taking practices and methods of control to mitigate concerns;
  • Integration of risk management with planning and decision-making;
  • Responsiveness to examination and audit suggestions, recommendations, or requirements;
  • Compliance with laws and regulations;
  • Adequacy of the allowance for loan and lease losses account and other valuation reserves;
  • Appropriateness of the products and services offered in relation to the Bank’s size and management experience;
  • Loan to share ratio trends and history;
  • Market penetration;
  • Rate structure; and
  • Cost-benefit analysis of major service products.

The board of directors and management have a fiduciary responsibility to the members to maintain very high standards of professional conduct:

  • Compliance with all applicable state and federal laws and regulations. Management should also adhere to all laws and regulations that provide equal opportunity for all members regardless of race, color, religion, sex, national origin, age, or handicap.
  • Appropriateness of compensation policies and practices for senior management. Management contracts should not contain provisions that are likely to cause undue hardship on the Bank. The board needs to ensure performance standards are in place for the CEO/Manager and senior management and an effective formal evaluation process is in place and being documented.
  • Avoidance of conflict of interest. Appropriate policies and procedures for avoidance of conflicts of interest and management of potential conflicts of interest should be in place.
  • Professional ethics and behavior. Management should not use the Bank for unauthorized or inappropriate personal gain. Bank property should not be used for anything other than authorized activities. Management should act ethically and impartially in carrying out appropriate Bank policies and procedures. Protection Status