Monthly Bulletin


Volume 15, Issue 12 – June 2012


Commercial Banks, Foreign Banks and Trust Companies

Assessment invoices were mailed to commercial banks, foreign banks and trust companies on June 29, 2012.

For the purposes of this assessment, the base rate was set at $1.39, a two-cent decrease from last year’s rate of $1.41.  Invoices were mailed to each licensee on June 29, 2012 and become delinquent if not paid by July 20, 2012.  The statutory maximum rate is $2.20 per thousand dollars of total assets.


Industrial Banks

The assessment rate for industrial banks this year was set at $0.99 per thousand dollars of total assets, unchanged from last year’s rate. The statutory maximum rate is $2.20 per thousand dollars of total assets.  Invoices were mailed to each licensee on June 29, 2012 and become delinquent if not paid by July 20, 2012.  Insurance premium finance companies will be assessed on November 30, 2012.


Credit Unions

The 2012-13 assessment rate was set at $0.82 per thousand dollars of total assets, a seven-cent increase from last year’s rate. Invoices were mailed to each licensee on June 29, 2012 and become delinquent if not paid by July 20, 2012.  The statutory maximum rate is $2.20 per thousand dollars of total assets.


Money Transmitters

Money Transmissions

The 2012-13 assessment rate was set at $0.05 per every thousand dollars in transmission money received by a licensee in calendar year 2010, a five-cent decrease from last year’s rate.  Invoices were mailed to each licensee on June 29, 2012 and become delinquent if not paid by July 20, 2012.

Issuers of Travelers Checks and Payment Instruments

The 2012-13 assessment rate was set at $0.63 per thousand dollars of total payment instruments and stored value sold by the licensee, down one cent from last year’s rate. Invoices were mailed to each licensee on June 29, 2012 and become delinquent if not paid by July 20, 2012.


Executive Officer and Director Compensation Survey

The Department of Financial Institutions will begin using a new web-based application for collecting Executive Officer and Director Compensation Survey data from its bank licensees, national banks and federal savings banks for the 35th annual Executive Officer and Director Compensation Survey.  Participants will receive an email to their designated email address with a unique link to a secure web site where they will complete the survey online.

Participants are asked to respond by Wednesday, August 15, 2012 so the results can be compiled into a summary report that will be e-mailed to participating banks later this year.  If you do not receive an email by Friday, July 13, 2012, or if you have any questions about the survey, please contact Patrick Carroll at (415) 263-8559 or by e-mail at Patrick.Carroll@dfi.ca.gov.

The survey results for the 34th Annual Executive Officer and Director Compensation Survey as of June 30, 2011 are now available at www.dfi.ca.gov/publications/executive_summaries/default.html.

Participants in the 2012 survey will receive a PDF of the completed survey results by email upon completion.


Residential Mortgage Survey Results

In January 2012 DFI-licensed commercial banks and credit unions were directed to submit a Residential Mortgage Survey with year-end data for 2011.  The purpose of the survey is for the DFI to maintain complete, accurate, and up-to-date information on the real estate loan portfolios of licensees to determine current risk and assess the potential effect of any proposed regulatory or statutory changes at the federal and/or state level on our licensees. The final summary results of the survey have been posted to the DFI website and can be found in the Publications area under Commissioner Surveys (http://www.dfi.ca.gov/publications/rms/default.asp).
For questions about the survey please contact Kristine De Young at 916-324-7488 or Kristine.deyoung@dfi.ca.gov.


Don’t Bring Your Own Device or Take Caution

Bring Your Own Device (BYOD) describes the recent trend of employees bringing personally-owned mobile devices to their place of work, and using those devices to access privileged institution resources such as email, file servers, and databases.  In some cases, outside parties are allowed to connect with the institution’s network for access to the internet.  Left unmanaged, this practice may result in data breaches.  For example: If an employee uses a smartphone to access the institution’s network and then loses that phone, the confidential data stored on the phone could potentially be retrieved by untrusted parties.  Another concern is that the device(s) and their applications do not belong to the institution.  A device that is not in the full control of the institution is inherently less secure.

Should your institution contemplate allowing BYOD, the DFI expects, and the Gramm–Leach–Bliley Act obligates management to perform a risk assessment that considers security risks and control issues.  At a minimum, the following questions should be considered prior to implementing BYOD:

  1. What devices will the institution allow and will the device have security that limits risk?
  2. Does the institution have the ability to require and install applications to the device(s), such as remote wipe and/or virus/malware software?
  3. What security threshold will be established for Wi-Fi, Virtual Private Network, etc.?
  4. Can the institution require a “business only secure partition” on the mobile device?
  5. What happens if an individual refuses to allow such security/applications to be installed on their device?
  6. What happens if the device is compromised?  Will your institution be able to perform any forensics?
  7. Will a formal agreement between the institution and the BYOD user be used that sets forth allowed activities and the consequences for breaking the agreement?

Additionally, due to the broad range of potential network access points, an institution’s policies and procedures should describe the security protocols required to enable access; such as Wi-Fi Protected Access II (WPA2).  Of particular concern is the use of a BYOD as a WiFi Hotspot, which generally has no security enabled by default.

In summary, as BYOD becomes more prevalent, risk assessments should be performed regularly to identify threats and vulnerabilities.  Policies and procedures should reflect the allowable usage and the breadth and depth of security and control settings.  Additionally, those functions and features that are not enforceable should be addressed in administrative policies and through employee/contractor awareness.  Lastly, consider how BYOD policies can be tested and validated to ensure that security and controls have been successfully implemented.  Without appropriate security and controls enabled, the institution could be vulnerable to compromise.


DFI Licensees’ Reporting Responsibility

The DFI would like to remind all licensees of their responsibility to promptly file information with the Commissioner pursuant to California Financial Code Section 459.

Every licensee shall file with the commissioner one copy of all material filed by the licensee with any applicable federal financial institutions regulatory agency, law enforcement, or other federal agency that is required to be filed by law or order of the agency.

If you have any questions with regard to your reporting responsibility, please contact your Assistant Deputy Commissioner.  Thank you for your cooperation.


Commercial Bank Activity

Conversion to State Charter

First Foundation Bank, Irvine, to convert from a federal savings bank to a state-chartered commercial bank under the same name
Effected: 6/28/12

Acquisition of Control

First PacTrust Bancorp, Inc. to acquire control of Beach Business Bank
Filed: 6/21/12
Approved: 6/21/12


Premium Finance Company Activity

New Premium Finance Company

Skipjack Premium Finance Company
275 Sacramento Street, City and County of San Francisco
Opened: 6/1/12

Acquisition of Control

Fredrick B Roberson and Linda A Roberson, Trustees of the Roberson Family Trust, to acquire control of Snowcrest Funding, Inc.
Approved: 6/7/12


Foreign (Other State) Bank Activity

New Facility

SunTrust Bank
350 Tenth Avenue, San Diego, San Diego County
Opened: 6/22/12


Credit Union Activity

New Credit Union

Abundant Living Credit Union
9269 Utica Avenue, Rancho Cucamonga, San Bernardino County
Filed: 3/31/12

Field of Membership

Four credit unions received approval to add five new field of membership during May 2012.

Bylaw Amendment

Five credit unions received approval for five bylaw amendment during March 2012.


Money Transmitter Activity

New Money Transmitter

InteliSpend Prepaid Solutions, LLC
Opened: 6/13/12

Meracord LLC dba Meracord
Opened: 6/6/12

Softgate Systems of California, Inc.
Opened: 5/17/12


TEVEIA R. BARNES
Commissioner of Financial Institutions

Bulletin for Month ended
June 2012, issued pursuant
to Financial Code section 376