12 CFR § 211.604 - Data processing activities.
(a) Introduction. As a result of a recent proposal by a bank holding company to engage in data processing activities abroad, the Board has considered the scope of permissible data processing activities under Regulation K (12 CFR part 211). This question has arisen as a result of the fact that § 211.5(d)(10) of Regulation K does not specifically indicate the scope of data processing as a permissible activity abroad.
(b) Scope of data processing activities.
(1) Prior to 1979, the Board authorized specific banking organizations to engage in data processing activities abroad with the expectation that such activity would be primarily related to financial activities. When Regulation K was issued in 1979, data processing was included as a permissible activity abroad. Although the regulation did not provide specific guidance on the scope of this authority, the Board has considered such authority to be coextensive with the authority granted in specific cases prior to the issuance of Regulation K, which relied on the fact that most of the activity would relate to financial data. Regulation K does not address related activities such as the manufacture of hardware or the provision of software or related or incidental services.
(2) In 1979, when the activity was included in Regulation K for the first time, the data processing authority in Regulation K was somewhat broader than that permissible in the United States under Regulation Y (12 CFR part 225) at that time, as the Regulation K authority permitted limited non-financial data processing. In 1979, Regulation Y authorized only financial data processing activities for third parties, with very limited exceptions. By 1997, however, the scope of data processing activities under Regulation Y was expanded such that bank holding companies are permitted to derive up to 30 percent of their data processing revenues from processing data that is not financial, banking, or economic. Moreover, in other respects, the Regulation Y provision is broader than the data processing provision in Regulation K.
(3) In light of the fact that the permissible scope of data processing activities under Regulation Y is now equal to, and in some respects, broader than the activity originally authorized under Regulation K, the Board believes that § 211.5(d)(10) should be read to encompass all of the activities permissible under § 225.28(b)(14) of Regulation Y. In addition, the limitations of that section would also apply to § 211.5(d)(10).
(c) Applications. If a U.S. banking organization wishes to engage abroad in data processing or data transmission activities beyond those described in Regulation Y, it must apply for the Board's prior consent under § 211.5(d)(20) of Regulation K. In addition, if any investor has commenced activities beyond those permitted under § 225.28(b)(14) of Regulation Y in reliance on Regulation K, it should consult with staff of the Board to determine whether such activities have been properly authorized under Regulation K.