No items found.
In our last few posts we've covered how crossing $10 billion in assets transforms governance and risk management, and operational infrastructure at banks. Today we're closing out the series with Supervision and Examination, where the regulatory relationship itself fundamentally changes.
This is where banks feel the $10 billion threshold most acutely: a new regulator, different examination approaches, and enhanced supervisory expectations. While recent regulatory shifts have reduced examination intensity, understanding what supervision looks like at $10 billion remains critical for banks approaching the threshold.
The most visible change at $10 billion is simple: you get a new regulator. The Consumer Financial Protection Bureau (CFPB) takes over consumer compliance supervision from your prudential regulator, creating a dual regulatory structure that banks must navigate carefully.
Below $10 billion, your primary federal regulator - whether that's the OCC, Federal Reserve, or FDIC - examines both safety and soundness and consumer compliance.
At $10 billion, that changes. Your prudential regulator continues examining safety and soundness (capital, liquidity, credit quality, operations), while the CFPB now handles consumer compliance examinations (fair lending, mortgage compliance, deposit regulations, consumer protection laws), which means you have two different regulatory agencies with two examination schedules. CFPB examiners might arrive six months after your OCC examination, or overlap with your Fed exam. You're managing relationships with two sets of examiners who may have different priorities, different interpretations of requirements, and different examination styles.
Each regulator issues its own examination reports, findings, and supervisory expectations. A Matter Requiring Attention (MRA) from the CFPB requires board notification and formal response plans just like an MRA from your prudential regulator, except now you might be managing multiple MRAs from multiple regulators simultaneously.
When examinations happen at $10 billion, they go deeper than what community banks typically experience. Examiners don't just review policies; they test actual transactions and probe implementation.
You can expect random samples of 60-100 transactions, complaints or denied lending applications to be reviewed. Documentation requests become more extensive and technical. Instead of "Do you have a BSA/AML program?", examiners request risk assessment methodologies, documentation of customer risk rating determinations, transaction monitoring system validation reports, alert disposition analysis showing false positive rates, and board meeting minutes discussing program effectiveness.
And examination findings now carry more consequence. MRAs require formal board notification, written response plans with specific deadlines, and follow-up verification by examiners. A bank might receive 5-10 MRAs from a single examination, each requiring dedicated resources to address. Failing to remediate MRAs on schedule can escalate to enforcement actions.
The examination intensity is only manageable if you have the right infrastructure in place. Board oversight must be demonstrable and active. Boards need compliance-specific expertise and regular compliance reports (typically quarterly) that include metrics on testing results, examination findings, regulatory changes, and emerging risks. Minutes must show the board asking questions, challenging management, and making decisions about compliance resource allocation.
The compliance program must be comprehensive and formalized with written policies and procedures for every applicable regulation. Compliance must have adequate resources and appropriate stature. Testing must be risk-based, comprehensive, and independent. Banks need formal testing plans covering all high and moderate-risk areas on defined schedules, and testing can't be done by people responsible for the activity being tested - you need separation between compliance officers who advise on requirements and those who test compliance.
The CFPB and other federal banking regulators have adopted significantly lighter supervisory approaches through 2025. The CFPB cut examinations by 50% and introduced its "Humility in Supervision" pledge with shorter, more focused examinations. The FDIC extended examination cycles to 54-78 months for well-rated institutions. The OCC eliminated mandatory examination activities not required by statute.
But what hasn't changed are the compliance requirements triggered at $10 billion in assets. Banks must maintain compliance infrastructure ready for examination at any time. The regulatory pendulum swings, administrations change, priorities shift, and examination intensity can increase quickly.
Building the infrastructure to support dual regulation and enhanced supervisory expectations takes time. Combined with the governance and operational requirements from our previous posts, banks need 18-24 months of preparation before crossing $10 billion in assets.
The $10 billion threshold represents the most significant regulatory cliff in banking, requiring years of preparation and millions in ongoing investment. While the current regulatory environment has reduced examination pressure, banks that build strong infrastructure now will be positioned for success regardless of how the supervisory pendulum swings in the future.
Breaching the $10B Asset Threshold - Operational Requirements
Breaching the $10B Asset Threshold - Governance and Risk Management Compliance RequirementsIn our last few posts we've covered how crossing $10 billion in assets transforms governance and risk management, and operational infrastructure at banks. Today we're closing out the series with Supervision and Examination, where the regulatory relationship itself fundamentally changes.
This is where banks feel the $10 billion threshold most acutely: a new regulator, different examination approaches, and enhanced supervisory expectations. While recent regulatory shifts have reduced examination intensity, understanding what supervision looks like at $10 billion remains critical for banks approaching the threshold.
The most visible change at $10 billion is simple: you get a new regulator. The Consumer Financial Protection Bureau (CFPB) takes over consumer compliance supervision from your prudential regulator, creating a dual regulatory structure that banks must navigate carefully.
Below $10 billion, your primary federal regulator - whether that's the OCC, Federal Reserve, or FDIC - examines both safety and soundness and consumer compliance.
At $10 billion, that changes. Your prudential regulator continues examining safety and soundness (capital, liquidity, credit quality, operations), while the CFPB now handles consumer compliance examinations (fair lending, mortgage compliance, deposit regulations, consumer protection laws), which means you have two different regulatory agencies with two examination schedules. CFPB examiners might arrive six months after your OCC examination, or overlap with your Fed exam. You're managing relationships with two sets of examiners who may have different priorities, different interpretations of requirements, and different examination styles.
Each regulator issues its own examination reports, findings, and supervisory expectations. A Matter Requiring Attention (MRA) from the CFPB requires board notification and formal response plans just like an MRA from your prudential regulator, except now you might be managing multiple MRAs from multiple regulators simultaneously.
When examinations happen at $10 billion, they go deeper than what community banks typically experience. Examiners don't just review policies; they test actual transactions and probe implementation.
You can expect random samples of 60-100 transactions, complaints or denied lending applications to be reviewed. Documentation requests become more extensive and technical. Instead of "Do you have a BSA/AML program?", examiners request risk assessment methodologies, documentation of customer risk rating determinations, transaction monitoring system validation reports, alert disposition analysis showing false positive rates, and board meeting minutes discussing program effectiveness.
And examination findings now carry more consequence. MRAs require formal board notification, written response plans with specific deadlines, and follow-up verification by examiners. A bank might receive 5-10 MRAs from a single examination, each requiring dedicated resources to address. Failing to remediate MRAs on schedule can escalate to enforcement actions.
The examination intensity is only manageable if you have the right infrastructure in place. Board oversight must be demonstrable and active. Boards need compliance-specific expertise and regular compliance reports (typically quarterly) that include metrics on testing results, examination findings, regulatory changes, and emerging risks. Minutes must show the board asking questions, challenging management, and making decisions about compliance resource allocation.
The compliance program must be comprehensive and formalized with written policies and procedures for every applicable regulation. Compliance must have adequate resources and appropriate stature. Testing must be risk-based, comprehensive, and independent. Banks need formal testing plans covering all high and moderate-risk areas on defined schedules, and testing can't be done by people responsible for the activity being tested - you need separation between compliance officers who advise on requirements and those who test compliance.
The CFPB and other federal banking regulators have adopted significantly lighter supervisory approaches through 2025. The CFPB cut examinations by 50% and introduced its "Humility in Supervision" pledge with shorter, more focused examinations. The FDIC extended examination cycles to 54-78 months for well-rated institutions. The OCC eliminated mandatory examination activities not required by statute.
But what hasn't changed are the compliance requirements triggered at $10 billion in assets. Banks must maintain compliance infrastructure ready for examination at any time. The regulatory pendulum swings, administrations change, priorities shift, and examination intensity can increase quickly.
Building the infrastructure to support dual regulation and enhanced supervisory expectations takes time. Combined with the governance and operational requirements from our previous posts, banks need 18-24 months of preparation before crossing $10 billion in assets.
The $10 billion threshold represents the most significant regulatory cliff in banking, requiring years of preparation and millions in ongoing investment. While the current regulatory environment has reduced examination pressure, banks that build strong infrastructure now will be positioned for success regardless of how the supervisory pendulum swings in the future.
