HR7437-118

1. Short title This Act may be cited as the Fostering the Use of Technology to Uphold Regulatory Effectiveness in Supervision Act.

2. Findings Congress finds the following: Banking regulators continue to examine and monitor depository institutions without access to real-time information. Risk surrounding technology procurement may present challenges for updating supervisory technology. To ensure that prudential supervision is effective and sustainable in the digital age, agencies must leverage new technologies to allow for the financial monitoring necessary to preserve a safe and sound banking system. New technological tools are also necessary in order for agencies to effectively fulfill mandates other than prudential supervision, including their mandates to assure consumer protection and monitor Bank Secrecy Act compliance. Agencies’ reliance on outdated technology creates vulnerabilities for the financial system, causing— difficulties in collecting, compiling, and analyzing relevant information about risks and noncompliance at supervised firms; reliance on information that is inaccurate, incomplete, or not timely; reliance on limited and outdated tools for data analysis; difficulties in using data to identify risk trends; difficulties in producing accurate and timely reports; inadequacy of cybersecurity safeguards; and failure to detect illegal activities. The rapid expansion of financial firms’ use of artificial intelligence may generate opportunities to improve the financial system while also introducing a range of risks, making it essential that agencies be equipped with the technology and skills needed to analyze these opportunities and potential risks. While agencies assess their supervisory capabilities on an ongoing basis, it is imperative that there be a unified goal to enhancing supervisory technologies that ensures effective and sustainable oversight in the digital age.

3. Technological vulnerabilities and procurement practices assessment Each covered agency shall, not later than 180 days after the date of the enactment of this section, assess how existing technological systems used by the covered agency prevent the covered agency from conducting real-time supervisory assessments of entities over which the covered agency has supervisory authority, including effects stemming from— core information technology infrastructure; technology used to supervise entities, including supervisory technological tools; and technology for monitoring general market risks using reported data and external data. Each covered agency shall, not later than 180 days after the date of the enactment of this section— assess the procurement rules and protocols adhered to by such covered agency when such covered agency acquires or develops new technological systems; and identify any challenges created by such procurement rules and protocols, including the impact such rules or protocols have on the ability of the covered agency to test new technological systems. Not later than 1 year after the completion of the assessments required under subsection (a), and every 5 years thereafter, the covered agencies shall coordinate and jointly submit to the Committee on Financial Services of the House of Representatives and the Committee on Banking, Housing, and Urban Affairs of the Senate a report that includes the following with respect to each covered agency— a general overview of hardware and software used for information gathering and advanced analytics during supervision activities, including products purchased from technology vendors and products developed by the covered agency or contractors of the covered agency; a description of the procurement practices and protocols of the covered agency, including a description of— whether such processes are voluntarily adhered to or mandated; and any challenges resulting from such practices and protocols and relevant factors, if any, that have impacted the covered agency’s ability to obtain new technology; a general overview of the portion of workforce of the covered agency that is engaged primarily in technology development within the covered agency, including— an overview of the ability of the covered agency to recruit and retain appropriate technology experts; employee self-reported workforce data; and a description of the degree to which the covered agency relies on contractors to design, develop, or deploy technology and perform technology-related tasks; a description of the processes used by the covered agency to obtain information from entities supervised by the covered agency and general information about market trends and risks; a description of the ways in which the covered agency shares information or system access with other covered agencies; an evaluation of the level of ease or difficulty experienced by the covered agency, including any legal or regulatory challenges, when— sharing data with other government agencies; or collecting data from entities supervised by the covered agency; an evaluation of cost for supervised entities to modify systems to share data with covered agencies; and a description of any plans the covered agency has that relate to how the covered agency will implement future upgrades to the technology used by the covered agency to supervise entities supervised by the covered agency, including— a general description of any planned upgrades; the anticipated timeline for any planned upgrades; the costs of any planned upgrades; any concerns about access to needed resources; intended efforts for hiring and training individuals as part of any technological upgrades; any aspects of any planned upgrades that should be addressed on an interagency basis; and any anticipated challenges and solutions associated with entities supervised by the covered agency adapting to new reporting requirements, including— estimates of transition costs; and estimates of any potential cost reductions. In this section, the covered agency means the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency, the Bureau of Consumer Financial Protection, and the National Credit Union Administration.