Copyright 1999 Federal Document Clearing House, Inc.
Federal Document Clearing House Congressional Testimony
February 24, 1999, Wednesday
SECTION: CAPITOL HILL HEARING TESTIMONY
LENGTH: 4635 words
HEADLINE:
TESTIMONY February 24, 1999 A. SCOTT ANDERSON HOUSE WAYS AND
MEANS YEAR 2000 COMPUTER PROBLEMS
BODY:
Testimony
of A. Scott Anderson On Behalf of the American Bankers Association Before the
Committee on Ways and Means United States House of Representatives February 24,
1999 Testimony of A. Scott Anderson On Behalf of the American Bankers
Association Before the Committee on Ways and Means United States House of
Representatives February 24, 1999 Mr. Chairman, I am Scott Anderson, President
and CEO of Zions First National Bank, Salt Lake City, Utah, and a member of the
Communications Council of the American Bankers Association (ABA). The ABA brings
together all categories of banking institutions to best represent the interests
of this rapidly changing industry. Its membership - which includes community,
regional and money center banks and holding companies, as well as savings
associations, trust companies and savings banks - makes ABA the largest banking
trade association in the country. I am pleased to be here today to discuss what
the banking industry is doing to address the Year 2000 computer problem (Y2K).
These hearings are very important because information about the Y2K problem -
and what the government and industry are doing to meet this challenge - is
critical to maintaining confidence in our economy. Y2K is really two problems.
The first is technology - making sure that software and hardware systems will
work on January 1, 2000 and beyond. The second is communication making sure the
public is knowledgeable about the problem and what is being done to solve it.
Even if the technical problems are fully resolved, people need to know about it.
If nothing is said, the information void will surely be filled with misleading
and provocative stories that will create undue anxiety, and lead to bad
decisions. The problems created by adverse public reaction or panic could be far
worse than the actual problem. The news media, government, private industry,
bankers, and all other stakeholders must join forces to stabilize the public
opinion, and manage expectations. The banking industry is working hard at
solving both aspects of the Y2K problem. Since 1995, the banking industry has
devoted millions of man-hours and billions of dollars to addressing Y2K. The
banking industry is well into the testing period for all critical systems,
working closely the Federal Reserve and other federal bank regulators. Our
progress is right on track. The ABA and individual banks have also done a
tremendous amount of work to keep our customers informed about our progress. We
believe this communications effort is right on track, too. At Zions Bank, Y2K
has been identified as the single most critical project to be completed this
year. Its criticality has been communicated through Senior Management, right
down to every employee and business manager. Nothing at our bank has higher
priority or greater scrutiny than this important project. At Zions Bank our
efforts have been very successful to this point. We are confident in our ability
to successfully deliver this project on time. Many of the processing systems
have been replaced in the past five years with up-to-date Y2K compliant systems.
Most of our core processing systems are supplied by outside vendors and have
been remediated by them for Y2K compliance. Each business unity of Zions Bank
has a Y2K operational plan specific to their unit, and each has prepared a
business resumption plan to cover any contingencies that might arise. We also
have detailed plans for both internal and external communications to keep bank
personnel, customers, and the media informed about what we are doing before,
during and after January 2000. The banking industry is unique in that it has
extensive levels of federal and state regulation and examination. We have worked
closely with bank regulators to address all aspects of the Y2K issue. The
results of the Y2K compliance examinations have been very positive. We believe
it would be very helpful for the bank regulators to discuss publicly the
industry's readiness for Y2K. There are three key messages that I would like to
leave with the Committee today: * The banking industry is on track meeting
critical deadlines, * Educating our customers and the public generally is vital,
and * The safest place for customers' money is in the bank. Mr. Chairman, before
turning to these points, I want to take a moment to focus on why these issues
are so important to the banking industry. We take our role in the economy and in
each community we serve very seriously. Our business is built on the trust
established with our customers over many decades. Maintaining that trust is no
small matter to us. When customers put money in my bank, I want them to feel
that their funds are secure, accessible when they need them, and financial
transactions will be completed as expected. It is, therefore, no surprise that
we in the banking industry believe much is at stake in addressing the Y2K
problem. On a larger scale, our national economy relies on a smoothly
functioning payment system. It's something we all take for granted today because
our payment system is so efficient, accurate and easy to use. Assuring this high
level of performance requires the collective efforts of many participants:
banks, thrifts, brokerage firms, regional clearinghouses, and the Federal
Reserve. Careful planning, correcting and testing is crucial to minimize any
disruptions from the century date change. But we must be realistic: it is
inevitable that some glitches will occur. Contingency planning, therefore, must
be an integral part of the process. In the case of the banking industry, our
contingency plans are examined by the bank regulators. We intend to be as
prepared as is possible for any eventuality. Preparedness, however, goes well
beyond the banking and financial sector. The tightly woven fabric of our economy
means that businesses, households and government must work together. Success
depends upon the efforts of all sectors of the economy, including energy,
telecommunications, transportation, public utilities, retail services, etc.
Bankers have reached out to other industries, as well as our customers, to
ensure that we all come through this challenge intact and together. I.
Technology: The banking industry is on track meeting critical deadlines Many
banks began their Y2K risk assessment efforts as early as 1995. The cost of
assessing, correcting, testing and contingency planning will easily exceed $9
billion. The goal of this massive commitment of effort and resources is to
provide a smooth transition of banking and financial services into the 21st
century with minimal disruptions. The Y2K strategy involves awareness,
assessment, renovation, validation and implementation. Key components of these
broad strategic areas include the assessing of business risks, conducting due
diligence on service providers and software vendors, analyzing the impact on
customers, and assuring customer awareness of progress in addressing Y2K
concerns. Zions Bank has two distinct groups attacking the Y2K problem. The
first is our in-house staff of computer experts who have completed renovation,
and are now testing systems, interfaces, and end-to-end processes. The other
group is business managers and owners that are actively managing the business
side of the issue. This includes such issues as vendor management, business
resumption planning, resource allocation, assignment of employee resources, and
contingency plans. One of the greatest challenges to business managers is
identifying and then addressing the vast number of outside touch-points to a
business unit. These include vendors, suppliers, service providers, and a host
of other businesses that touch us from outside on a daily basis. Ongoing
communication and monitoring of these partners is critical to the success of the
Y2K effort. Regulatory Oversight The banking industry is unique in that it is a
highly regulated industry at both the state and federal level. Since 1997, the
banking industry has worked with the regulators in assessing the extent of the
Y2K problem and developing a 3 -phase plan of attack. 1 During phase one,
completed June 30, 1998, federal bank supervisors conducted on-site examinations
of every depository institution and rated them on their remediation plans and
written testing strategies. Regulators also conducted on-site examinations of
firms providing data processing and system services. 1 The Federal Reserve, the
Office of the Comptroller of the Currency (which regulates national banks), the
Federal Deposit Insurance Corporation, the Office of Thrift Supervision, and the
National Credit Union Administration work jointly on key regulatory and
supervisory issues through what is known as the Federal Financial Institutions
Examination Council, or FFIEC. Through this cooperative regulatory effort, the
FFIEC has played an important role in promoting Y2K education and communication
among bankers and service providers. For example, representatives of the banking
industry trade groups meet on a quarterly basis in Washington with staff members
from the various Y2K teams of the FFIEC member agencies. These informative
meetings are a chance to discuss ongoing efforts, upcoming programs and
publications, and to exchange news on Y2K developments in general. Similarly,
several of the Federal Reserve staff members responsible for publishing the
Century Date Change Bulletin conduct periodic conference calls with
representatives of financial industry trade groups, to exchange information
about educational programs and progress being made by the banking industry. The
banking agencies are also offering countless regional seminars on Y2K issues, as
provided for in the "Examination Parity and Year 2000 Readiness for Financial
Institutions Act." We are extremely pleased at these joint efforts and the
agencies should be commended for their work in this area. During phase two,
supervisors are examining banks for how well the testing of critical systems is
progressing and on contingency plan development. This is critical as it measures
the success of the remediation efforts. For banks with their own internal
systems, testing was to be completed by the end of last year. By March 31, 1999,
banks relying on outside service providers should have testing completed. All
institutions should also have initiated external testing with customers, other
banks and payment system providers. The results of on-site, phase one and phase
two examinations show that the banking industry is right on track meeting its
goals. As of December 31, 1998, 97 percent of the industry held the highest
rating and only 17 institutions - out of more than 10,000 banks and thrifts
received unsatisfactory ratings. These poorly rated institutions are being
closely monitored by the regulatory agencies. Phase three includes final testing
of internal and third-party systems and testing with the Federal Reserve and
clearing systems participants. Phase three will run from April I through
December 31, 1999, with a critical deadline of June 30 for completion of testing
validation and implementation of remediated systems. After June 30, institutions
will continue to monitor and update contingency plans as may be required by
external developments, and monitor customer and counterparty risk. Agency
examiners will continue to check on bank testing implementation and contingency
plans, and, where needed, with continued on-site reviews. Testing with the
Federal Reserve and clearing system participants is very important. Starting
last summer, the Fed established dedicated times for banks to test the
operability of systems for Y2K compliance. Systems tested included Federal Funds
Transfer, Fed Automated Clearinghouse (ACH) transactions, checks and all other
payment systems. Additional testing opportunities are being made available
through 1999. As part of this procedure, banks will test, among other systems,
direct deposit services - including payroll, Social Security electronic
payments, Medicare payments, and other electronic payments - and tax information
reporting systems. Further, we are informed, the Federal Reserve has been
testing directly over the last several months with the Social Security
Administration. Credit card systems have already been tested for Y2K compliance
and adjustments to software and hardware have been made. Many cards in use today
have expiration dates in the year 2000 or beyond. Systems needed to be ready to
recognize these cards as valid when they were issued last year. I am happy to
report that the transition was made so smoothly and with so few problems that
the public was largely unaware that any changes had been made. Contingency
Planning While we believe our systems will be ready for the century date change,
we nonetheless are actively developing Y2K contingency plans. One reason
contingency planning is so important is because banks rely on a whole host of
outside service providers, which are undertaking their own Y2K remediation over
which we have little control. For example, utility companies provide electricity
for banking offices, branches and ATM machines; telecommunications facilitates
customer inquiries-of financial records -and verifies -transactions at ATM
machines and at point-of sale terminals (for credit cards and debit cards) in
retail establishments. And banks rely on armored cars to deliver cash to bank
branches and ATMs, and other transportation services to deliver checks for
clearing at large banks or through the Federal Reserve. We are asking questions
of these providers and testing compatibility of remediated systems. At Zions we
have developed an extensive contingency plan that sets up a framework to handle
Y2K problems, involving data services, every business unit, and an emergency
management team that would oversee the entire process. This document - which
required over 250 pages to fully detail - covers immediate response, command
control centers, back-up facilities, information centers, and detailed business
recovery and resumption plans. We've even thought about how we will feed our
employees who work over-time to handle any problems. The very minute after
midnight of January 1, 2000, we will have already begun to validate that all
applications, software, hardware, systems and infrastructure are operating as
expected. No one, including me, will be taking time off time between December
26, 1999 and January 15, 2000. Hopefully, no one will be needed, but everyone is
on call. Having plans to deal with unexpected events is nothing new for the
banking industry. Every bank has business recovery plans in the event of natural
disasters such as hurricanes, earthquakes, tornadoes, floods and fires. When
those occasions arise, the bank is typically the first business in the community
to be back up and running. There are many examples of this: * The two-dozen
banks in the Grand Forks, North Dakota area got their banks up and running in
April 1997 within days of the worst flooding by the Red River in this century.
Banks reopened in trailers, truck stops and grocery stores to keep the cash
flowing. * In Des Moines in 1993, one bank avoided disruptions by moving most of
its 750 employees to temporary offices after rising waters flooded out four of
its mortgage operations' downtown buildings. And as a levee threatened to burst
down-river in Kansas City, Missouri, one bank CEO rented a tractor trailer and
with his 23 employees, trucked vital bank records and equipment to higher
ground. * After Hurricane Andrew roared through south Florida, bankers hauled in
portable generators, transferred employees from other parts of the state and
quickly made available several billion dollars in storm-related emergency loans.
* Banks recovered quickly after the World Trade Center bombing in New York, too.
Despite heavy smoke, employees at one bank's international operations remained
at their computers processing payments to corporations around the globe. Within
hours the bank shifted its processing to a remote disaster-recovery location
where, over the weekend, employees worked around the clock to complete the
processing. + Most banks reopened within a day or two of the powerful 1994 Los
Angeles/ Northridge earthquake. One bank's credit-card processing facility near
the epicenter suffered structural damage, so the bank moved to vacant offices
downtown, leased busses to transport some 520 employees to the new-location-and
provided child-care subsidies to offset the longer work day. * When fire swept
through the 62-story First Interstate headquarters building in Los Angeles in
1988, key bank employees quickly implemented the bank's new $1.5 million
disaster plan in an underground command center seven blocks away. The CEO said
later that the only customers affected by the huge fire were those who banked in
the headquarters' first-floor branch. * A detailed disaster plan made it
possible for bank customers to continue to get cash and make deposits after a
$75 million Thanksgiving fire in 1982 hit the Minneapolis headquarters of what
is today Norwest Bank. Two days later a Norwest ad read: "It takes more than a
five-alarm fire to slow us down." ABA has published its own guidance for banks
to follow as they proceed through the contingency planning process, ABA
Millennium Readiness Series, Year 2000 Contingency Planning Program Management.
II. Beyond Technology: Maintaining Consumer Confidence The steps banks are
taking now are intended to make sure our systems will work when the calendar
changes. Perhaps the bigger challenge is maintaining public confidence. We
believe that Congress has a critical role to play, as do bankers, in keeping
consumers informed about what is being done and what they can do to prepare for
the century date change. People want and need to know that their money will be
safe, their records secure and their banks open to serve them next January.
Consumer education is vital. Recent focus group research by ABA indicates that
consumers, while concerned about Y2K, are not overly alarmed by the prospect of
the calendar change. However, we know there will be tremendous speculation
between now and January I about what will work and what will not work. Many
consumers we met with did not know that the federal financial regulators are
examining every bank multiple times to test compliance on the full range of
systems, software, backup and other contingency plans. The fact that bank
regulators are watching over banks' Y2K efforts is good news to consumers. The
fact that the Federal Reserve is printing tens of billions of extra dollars and
is working to expedite cash delivery to banks from the current three days to
same-day delivery is also good news to consumers. And the fact that deposits are
federally-insured up to $100,000 and backed up by the full faith and credit of
the federal government is good news as well. One unique factor affecting the Y2K
issue that is different than other historical events, is the advent and
widespread usage of the Internet as an information medium. News reported on the
Internet surrounding the Y2K issue ranges from sensible advice and preparation,
to absolute propaganda. One problem with the proliferation of the Internet is
the inability of many consumers to separate fact-from fantasy. Many -people have
not realized that not everything printed on the Internet is true. There is much
irrational, irrelevant and misleading information being circulated regarding
this issue. Therefore, there must be an equally aggressive effort to dispense
facts and dispel fiction. This raises another critical point. Several
well-intentioned organizations are advising consumers to withdraw extra cash
"just to be on the safe side." In fact, it is anything but the safe side. People
need to think twice about how much money they want to be carrying around with
them and keeping in their house. Personal safety is each individual's
responsibility. Exploiting the year change will tempt many people, from
champagne vendors to petty thieves, who are well aware that people will be
withdrawing extra money. There has already been one publicized report of $20,000
withdrawn from a bank in preparation for Y2K, buried in the backyard - and
stolen. The safe side? Not at all. At Zions Bank, this story disturbed us
tremendously. We thought that this would be a good example to reach out to our
customers to help them make good decisions. I've attached to this testimony a
copy of the letter we are sending to Zions customers. The message is simple: The
safest place for customers' money is in the bank. It is much harder to steal,
and it is FDIC-insured. The consumers we spoke to in our focus groups were
concerned about the accuracy of their bank records and getting access to their
cash. In terms of accuracy, customers get statements of their accounts monthly.
Banks reconcile their books daily and have extensive backup records to preserve
the financial data. In addition, banks will be taking extra precautions with
manual reports and backups during the calendar change. At Zions, in addition to
regular monthly statements, we will provide to any of our customers, year-end
cut-off statements for them to use as a point of reconciliation should it be
necessary. How much cash will people need? Probably about as much as they would
need on any other holiday weekend. Personal checks are Y2K- compliant and will
work anywhere - in the bank and at a wide range of retailers and service
providers, both in- and out-of- state. If people are still concerned about their
cash needs, they can put a little extra money in their checking account - their
FDIC-insured checking account. Would you want to be carrying around a lot of
extra cash? Would you want your elderly relatives to be carrying around a lot of
extra cash? I know I do not. There are steps consumers can take to prepare for
the change: * Read the information their bank sends them about Y2K. Call the
bank if they have any questions at all. Trust, but verify, in other words. *
Hold onto bank statements, bank receipts, canceled checks and other financial
records, especially for the months leading up to January 1. * For customers that
bank on-line, make sure home computers are Y2K-ready. Check with computer and
software manufacturers for details on how to do this. * Copy important financial
records kept on home computers to a back-up disk. * Do not give money to anyone
who promises to "keep it safe" through the date change. * Withdraw only as much
cash as would be typical for any other holiday weekend. For our industry's part,
ABA is communicating with bankers, consumers and the media. We have produced
three informational videos for banks to use with their customers - one designed
for retail customers, a second for a bank's tellers and other front-line
personnel, and a third for small business customers. We send a monthly fax
newsletter to banks, which contains updates, helpful tips and shares ideas that
have worked for other banks. We have provided ads, a Y2K customer communications
kit to help bankers reach out to their customers, telephone seminars on a wide
range of aspects of the Y2K challenge, a Y2K Project Management Manual and a Y2K
Contingency Plan Manual. The latest piece in this continuing series is a Y2K
Instruction Booklet containing tips to help banks comply, communicate and cope.
ABA's web site - ABA.com - provides our members with other Y2K resources and
information. In December, ABA ran a full-page ad in USA Today and beamed a video
news release via satellite to more than 700 television stations around the
country to reach out directly to consumers. The news release included part of an
interview with John Koskinen, chairman of the President's Council on Year 2000
Conversion, who has said the banking industry is "ahead of the curve" in Y2K
preparedness. ABA has also been holding media briefings jointly in Washington
with the other financial trade groups, and around the country in collaboration
with the state bankers associations. We are also doing special media tours,
making bankers available to discuss Y2K issues on TV and radio. Customer
communication is a must for every bank in the country. After all, every customer
wants to know about their particular bank. No one knows how consumers will
behave leading up to January 1, and we will continue to conduct research to
track their behavior and their level of concern. One thing is sure: they need
information, sound advice and reassurance - from their bank, the banking
industry, the federal banking regulators, and the U.S. Congress. III. More Can
Be Done: Legislative Initiatives Needed Congress, government and regulators have
a special role to play in disseminating accurate information and creating an
environment for open discussion. The bill enacted last Congress - Year 2000
Disclosure Act - was a first and extremely important step in this direction. It
helped set a tone for talking openly and honestly about the problem by
encouraging information sharing. Further, it ensures that disclosure of
Y2K-related technical information will not become the subject of lawsuits.
Congress can make a difference this year as well. In particular, we urge
Congress to consider broader Y2K liability issues, such as disruption liability,
punitive damages, class actions, and litigation reduction. The cost of doing
nothing may be considerable. As I noted above, the industry has already spent
billions of dollars on Y2K remediation efforts. Industry consultants further
project that $2 million could be spent on litigation for every $1 million spent
on system remediation. The ABA, working with a multi-sector coalition, has
identified several desirable legislative reforms that would help address these
concerns. * Limit Y2K litigation to actual damages, and place limits on
consequential or punitive damages, unless parties have agreed otherwise by
written contract. * Provide for a "reasonable efforts" defense for parties that
meet a good faith or due diligence standard. * Require federal preemption for
all Y2K legal and equitable claims, unless parties have agreed otherwise by
written contract. * Abolish joint and several liability and create a federal
comparative negligence rule to apportion liability among multiple parties. *
Discourage and channel class action lawsuits through minimum claim requirements,
notice procedures, and creating federal diversity jurisdiction.
There are additional provisions being considered which would: encourage the use
of alternative dispute resolution to resolve Y2K disputes without resorting to
litigation; require a "cure period" prior to commencing legal action, allowing
parties time to remedy Y2K disruptions; require mitigation of damages by
claimants; and place limits on attorneys' fees. We would be happy to work with
Congress to pass legislation in this important area. Conclusion Mr. Chairman,
the banking industry has every reason to be working diligently in meeting the
Y2K challenge, and is doing so with a wide ranging response that sets an example
for other industries to follow. Financial institutions across the U.S. are
executing Y2K project plans that are vast in scope, complexity and scale. The
banking industry is taking the century date change very seriously, with the goal
of achieving Y2K readiness clearly in sight. But the banking industry alone
cannot deliver "business as usual" in January 2000. There must be parallel
commitments by all other sectors of the economy so that they can become equally
prepared. We encourage Congress to continue its oversight of the broad range of
business and government sectors that together are essential to producing Y2K
readiness in the American economy.
LOAD-DATE: March 12,
1999