In a recent article for the New York Law Journal, Partner Jeffrey Alberts, Co-Chair of Pryor Cashman's Financial Institutions Group, and Associate Dustin Nofziger examined how federal regulations concerning confidential supervisory information (CSI) can interfere with the attorney-client relationship.

"Attorneys who do not work in the banking space are often shocked to learn that federal banking regulators use regulations governing CSI to prevent banks and their officers and directors from consulting with outside counsel and to monitor that communication when it occurs," Alberts and Nofziger wrote. "When a bank, or one of its officers or directors, wants to seek legal advice concerning documents or information that a regulator deems to be 'CSI,' banking regulators take the position that this can only be done with prior agency approval." And because approval is often delayed, or even withheld completely, clients are unable to discuss critical CSI with counsel, placing them at a great disadvantage.

Further, even where consent is granted by the regulator, it is frequently contingent upon counsel informing the regulator what CSI is being shared, which, the authors note, "effectively results in the regulator monitoring the documents and topics about which banking clients seek legal advice."

Because these requirements can drive a wedge between attorneys and clients, it is vital for any lawyer representing financial institutions to understand how the regulations work and what options are available to minimize interference with attorney-client communications.

What Constitutes CSI?

Each federal banking regulator has its own definition of CSI and set of rules governing how it may be received. However, all regulations state that CSI is the property of the regulator - not the bank - and that it may only be disclosed to specific persons upon prior approval of the regulator.

"Federal banking regulators take a broad view of what constitutes CSI," Alberts and Nofziger explained. In addition to reports of examination and related supervisory correspondence, certain regulators, including the Federal Deposit Insurance Corporation (FDIC), maintain that even records "related" to reports of examination qualify as CSI.

Similarly, Office of the Comptroller of the Currency (OCC) regulations state that "[c]onfidential information relating to operating and no longer operating national banks" constitutes CSI, "which, if taken literally," the authors wrote, "would encompass a wide variety of confidential bank 'information' (not just documents) that has little or nothing to do with the OCC."

The Federal Reserve Board (FRB) includes "information derived from, related to, or contained in" reports of examination within the scope of CSI, a characterization which unfairly captures a vast swath of bank information and documents.

How Regulations Concerning CSI Impede Attorney-Client Relationships

The regulatory standards are even more unfavorable for attorneys representing bank directors or officers, who are prohibited from disclosing any CSI to counsel without the regulator's prior approval. "This framework puts client and counsel at the whim of federal banking regulators, who may delay in ruling on requests for CSI authorization for strategic advantage and, when they do rule on such requests, may choose to authorize the disclosure of only limited types of CSI," Alberts and Nofziger said.

In the event a bank receives an unfavorable report of examination, it has only a short timeframe in which to decide whether to appeal the report. The advice of experienced outside counsel can be hugely beneficial in these situations, but delays on the part of regulators in granting authorization to disclose CSI can prevent the bank from obtaining legal counsel in time to file an appeal.

Similarly, in the case of bank officers and directors, by prohibiting the automatic disclosure of a report of examination to counsel, "regulators effectively take the position that after learning of these allegations, the client cannot seek advice concerning how to prepare for a potential enforcement action based on the alleged misconduct until after the regulator consents to this disclosure. Meanwhile, the regulator is free to build its case against the client by issuing subpoenas to the bank, its employees and even the client for documents and information."

"In such circumstances," the authors wrote, "counsel for the director or officer desperately needs the report of examination to advise the client regarding a potential enforcement or even criminal action and how to respond to any subpoenas or other requests received from the regulator."

Guidance for Dealing with Regulatory Intransigence When Seeking CSI Authorization

Alberts and Nofziger recommended five key strategies for outside counsel seeking CSI authorization in connection with their representation of bank clients:

  • Ensure that a timely request is made for authorization to share CSI with counsel, seeking expedited consideration where necessary;
  • Promptly request an extension from the regulator of any deadlines until after authorization to receive the CSI is obtained;
  • Create a written record documenting if and how a regulator's delay is interfering with the representation or the attorney-client relationship;
  • If a request for CSI is denied, consider whether to submit oral or written appeals;
  • Carefully consider whether documents necessary for the representation are not CSI under the relevant regulatory provisions.

"These strategies will not level the playing field that has become improperly tilted against clients seeking legal advice, but they will limit the ability of banking regulators to use this unfairness to their tactical advantage."

To read the full New York Law Journal article, please click here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.