Supervisory discipline / Methodology
Enforcement actions: methodology
FinObservatory's /enforcement module reproduces institution-level US
bank-regulator enforcement actions from the two federal regulators that publish
a clean, machine-readable route. It is a register of public supervisory records,
not a scoring engine and not a set of misconduct verdicts.
What this covers
data/parquet/enforcement_actions.parquet: one row per publicly disclosed
formal enforcement action against a supervised institution, from:
- Federal Reserve, the Board's
enforcementactions.csv, covering state member banks, bank and savings-and-loan holding companies, their nonbank subsidiaries, Edge Act corporations, US branches and agencies of foreign banks, and FSOC-designated nonbanks. - OCC, the Enforcement Action Search (EASearch) CSV export, covering national banks, federal savings associations (thrifts), and federal branches and agencies of foreign banks.
Both are US government works in the public domain.
The individuals-exclusion rule (hard)
This module is institution-level. Actions against named individuals (officers, directors, employees, and other institution-affiliated parties) are excluded entirely and never enter the parquet.
Both source files separate the two: the Federal Reserve file carries an
Individual column distinct from Banking Organization, and the OCC file
carries an Individual column distinct from Institution / Company. A row is
kept only when the individual field is blank and an institution field is
populated. The build (scripts/build_enforcement.py) asserts, before writing,
that no excluded-individual row survives, and the exclusion is proven by query in
the pull request. Of the raw records, 1,322 Federal Reserve and 3,340 OCC actions
against individuals are dropped; 1,559 and 2,707 institution actions remain.
Identifier join (conservative, name-based)
Where an action's institution name and state resolve to a unique normalized
(name, state) key in fdic_institutions.parquet, the action is tagged with
that FDIC certificate number. Names are normalized (lower-cased, punctuation and
common corporate and charter suffixes removed) and matched exactly; any name that
is ambiguous (more than one FDIC institution shares the normalized key) or has no
match gets a null cert rather than a guessed one.
About 46% of institution actions match a cert this way. Most of the unmatched are
holding companies, which hold no deposit-insurance certificate, so a low match
rate is expected, not an error. A name-based match is not a legal
identification. The OCC's own CharterNumber (an OCC national-bank charter, not
an FDIC cert and not an RSSD) is carried verbatim where present. RSSD is not
populated: the estate holds no clean name-to-RSSD crosswalk, and inventing one is
refused.
Action categories
Each regulator's own raw action label is preserved (action_type_raw). For the
cross-regulator charts, labels are collapsed into six harmonized categories:
Cease and Desist; Civil Money Penalty; Written Agreement / Formal Agreement;
Prompt Corrective Action; Section 19 / removal-of-prohibition; and Other formal
action. The on-page action-type table shows the raw labels beside the harmonized
category so the mapping is auditable.
Penalty dollars
Dollar amounts are read from the OCC Amount field and, for the Federal Reserve,
parsed from the action text where a clean figure appears (many Fed civil-money-
penalty rows carry no machine-readable amount). Coverage is therefore partial and
the totals shown are lower bounds, not a complete penalty tally. Restitution
amounts are included where the source records them.
Why the FDIC is absent
The FDIC's Enforcement Decisions and Orders are published only through a
Salesforce Lightning "EDOS" guest-community search at orders.fdic.gov, whose
results are served through authenticated application actions; an unauthenticated
automated client is refused with "Guest user access is not allowed." There is no
documented bulk CSV/XLSX, and the FDIC BankFind Suite REST API family carries no
enforcement endpoint. Rather than partially scrape or estimate, the FDIC is
documented as skipped (data/raw/enforcement/SOURCE.md) and will be added if a
clean route appears.
Coverage caveats
- Each register is bounded by what the regulator publishes. The OCC states its lists are "NOT guaranteed to be comprehensive" and that prohibition notifications issued before 23 December 2022 no longer appear (following the Fair Hiring in Banking Act's amendment of 12 U.S.C. § 1829).
- The Federal Reserve has made final enforcement orders public since August 1989 and written agreements public since November 1990; earlier actions are not in the file.
- Neither register carries FDIC-supervised state non-member banks.
- An action is a stock: it remains in force until terminated. A null termination date means open, or terminated without a recorded date.
Vintage and refresh
The registers update continuously. scripts/fetch_enforcement.py pulls the two
exports on demand and scripts/build_enforcement.py rebuilds the parquet; the
step is registered in scripts/refresh.sh. This is reference information, not
legal, compliance, sanctions-screening, or investment advice.