Abstract: This issue’s “Bank Wire” reports on the DOL’s new overtime requirements, which increase the salary level threshold for white-collar exempt employees and are expected to yield a large impact on financial institutions. It also discusses the FFIEC’s new cybersecurity guidance, which urges financial institutions to review their risk-management practices and controls for IT systems and wholesale payment networks, and recommends using multiple-layered security controls.
Are you ready for the new DOL overtime rule?
New overtime requirements are expected to yield a large impact on financial institutions. The U.S. Department of Labor (DOL) recently finalized its overtime rule, doubling the salary threshold for exempt employees.
The final rule increases the salary level threshold for white-collar exempt employees from $455 to $913 per week, or $23,660 to $47,476 per year, starting December 1. Any employee making less than those amounts will likely be required to be paid overtime compensation.
The new rule also hikes the salary threshold for highly compensated employees (HCEs) from $100,000 per year to $134,004 per year. HCEs must receive at least the full standard salary amount — or $913 — per week on a salary or fee basis without regard to the payment of nondiscretionary bonuses and incentive payments. But such payments will count toward the total annual compensation requirement. The standard salary and HCE annual compensation levels will automatically update every three years.
Once the rule takes effect, employers will have several options for dealing with exempt employees who’re reclassified as nonexempt: 1) Raise their salaries above the new threshold, 2) pay them time-and-a-half for overtime, 3) limit them to 40 hours per week, or 4) some combination of the above.
Between now and December 1, assess the impact of the new rule on your workers and develop a plan for implementing it. Some questions to ask:
- What are the relative costs of increasing salaries to the new threshold vs. paying time-and-a-half for overtime?
- How will the rule affect employee morale? Will employees view loss of exempt status as a demotion?
- How will you deal with job titles in which some employees are exempt and some aren’t?
- How will the rule affect compensation arrangements that provide for a modest base salary but a generous bonus potential?
FFIEC issues new cybersecurity guidance
Financial institutions need to actively manage the risks associated with interbank messaging and wholesale payment networks. So warns a recent statement from the Federal Financial Institutions Examination Council (FFIEC), which reports that recent cyberattacks have targeted these banking functions. By attempting to originate unauthorized transactions, cybercriminals have shown a capability for compromising a financial institution’s wholesale payment networks and bypassing information security controls, the agency says.
The FFIEC urges financial institutions to review their risk-management practices and controls for information technology systems and wholesale payment networks. It also recommends using multiple-layered security controls to set up several lines of defense.
You can read the statement at https://www.ffiec.gov/cybersecurity.htm.