12 CFR § 370.10 - Compliance.

(a) Certification and report. A covered institution shall submit to the FDIC a certification of compliance and a deposit insurance coverage summary report on or before its compliance date and annually thereafter.

(1) The certification must:

(i) Confirm that the covered institution has implemented all required capabilities and tested its information technology system during the preceding twelve months;

(ii) Confirm that such testing indicates that the covered institution is in compliance with this part; and

(iii) Be signed by the covered institution's chief executive officer or chief operating officer and made to the best of his or her knowledge and belief after due inquiry.

(2) The deposit insurance coverage summary report must include:

(i) A description of any material change to the covered institution's information technology system or deposit taking operations since the prior annual certification;

(ii) The number of deposit accounts, number of different account holders, and dollar amount of deposits by ownership right and capacity code (as listed and described in Appendix A);

(iii) The total number of fully-insured deposit accounts and the total dollar amount of deposits in all such accounts;

(iv) The total number of deposit accounts with uninsured deposits and the total dollar amount of uninsured amounts in all of those accounts; and

(v) By deposit account type, the total number of, and dollar amount of deposits in, deposit accounts for which the covered institution's information technology system cannot calculate deposit insurance coverage using information currently maintained in the covered institution's deposit account records.

(3) If a covered institution experiences a significant change in its deposit taking operations, the FDIC may require that it submit a certification of compliance and a deposit insurance coverage summary report more frequently than annually.

(b) FDIC Testing.

(1) The FDIC will conduct periodic tests of a covered institution's compliance with this part. These tests will begin no sooner than the last day of the first calendar quarter following the compliance date and would occur no more frequently than on a three-year cycle thereafter, unless there is a material change to the covered institution's information technology system, deposit-taking operations, or financial condition following the compliance date, in which case the FDIC may conduct such tests at any time thereafter.

(2) A covered institution shall provide the appropriate assistance to the FDIC as the FDIC tests the covered institution's ability to satisfy the requirements set forth in this part.

(c) Effect of pending requests. A covered institution that has submitted a request pursuant to § 370.6(b) or § 370.8(a) through (c) will not be considered to be in violation of this part as to the requirements that are the subject of the request while awaiting the FDIC's response to such request.

(d) Effect of changes to law. A covered institution will not be considered to be in violation of this part as a result of a change in law that alters the availability or calculation of deposit insurance for such period as specified by the FDIC following the effective date of such change.

(e) Effect of merger. An instance of non-compliance occurring as the direct result of a merger transaction shall be deemed not to constitute a violation of this part for a period of 24 months following the effective date of the merger transaction.