Report Icon

On January 25, 2011, Michael Krimminger, FDIC’s General Counsel, responded to AABD regarding a letter to FDIC Chairman Bair requesting that bank directors be permitted to copy or have access to bank documents they need to defend themselves against suits by the FDIC as receiver of their institutions.


January 25, 2011

Mr. David Baris
Executive Director
American Association of Bank Directors
National Capital Office
Suite 700
1250 24th Street, N.W.
Washington, D.C. 20037

Dear Mr. Baris:

Thank you for your letter of December 22, 2010, to Chairman Bair. The Chairman has asked that I reply to your letter.

In recent months, the Federal Deposit Insurance Corporation has discovered that former directors and officers of a considerable number of open banks and their outside counsel have removed large volumes of copies of highly confidential bank records, including Suspicious Activity Reports (“SARs”), bank examination reports, loan files, and/or other records that contain bank customer personally-identifying information (“PII”). As you know, these confidential records are protected from unauthorized disclosure by numerous federal laws, including the Bank Secrecy Act, the Gramm-Leach-Bliley Act, the Computer Fraud and Abuse Act, and the Fair and Accurate Credit Transactions Act, among other statutes, as well as federal regulations. These laws and regulations are violated whenever information contained in these documents is disclosed or treated in a manner that is inconsistent with their provisions and whenever copies of the documents are removed from the bank for an improper purpose or without appropriate safeguards and data encryption to limit access and ensure their confidentiality. It appears that such copying and removal is occurring in anticipation of possible legal action by the FDIC if the banks later fail.

Some of these banks subsequently did fail. When the FDIC is appointed as receiver of a failed insured financial institution, the FDIC steps into the institution’s shoes. Pursuant to 12 U.S.C. § 1821(d)(2)(A), the FDIC as receiver obtains the exclusive rights and benefits associated with the failed institution’s documents and records. These rights and benefits give the FDIC the unrestricted and sole right to possess and use the books and records of the failed institution.

Additionally, as receiver, the FDIC is obligated to comply with all federal laws that protect the confidentiality of bank records and to maintain an accurate and complete set of records both for the acquiring institution and for itself to effectively operate the receivership. When copies of confidential bank records are taken from a bank contrary to these legal protections, the FDIC has taken action to demand that the copies be promptly returned.

This is not a new policy or change in policy but simply a necessary response to conduct that compromises the confidentiality of bank records and customer information. This improper record removal also results in added expense for the FDIC to recover the copies and potentially results in still further expense if the FDIC as receiver is required to notify affected bank customers that their PII was or may be compromised. It also results in needless expense to the bank itself if the bank does not fail or, even if it does, the FDIC as receiver later decides not to pursue any director and officer claims relating to that institution.

At the same time, the FDIC recognizes that directors and officers must access bank records to operate the institution. If the institution fails, and a formal legal or administrative action is instituted, directors and officers have access to bank documents through discovery procedures reflected in court rules or agency regulations. We also recognize that directors and officers may have individual interests in accessing bank records after failure but prior to the institution of legal or administrative action. We have been and remain willing to accommodate these interests where appropriate, provided that any information furnished to the interested party is made subject to the terms of a suitable confidentiality agreement or protective order. However, directors, officers, and counsel engaging in what amounts to “self-help discovery” is not permitted and frustrates these procedures and practices.

If you have any questions regarding anything in this letter, please feel free to contact me or Richard J. Osterman, Jr., Deputy General Counsel, at (202) 898-3706.


Michael H. Krimminger
Acting General Counsel