Federal Financial Institutions Examination Council
|For Immediate Release||April 10, 1998|
The Federal Financial Institutions Examination Council (FFIEC) today issued guidance for financial institutions on testing for Year 2000 readiness.
The guidance makes clear that testing is the most critical phase of year 2000 readiness, a phase that is likely to account for 50 to 60 percent of the time, cost and personnel of year 2000 preparations.
Testing should take into account the size of the institution, the complexity of its operations, the level of business risk exposure to the Year 2000, and its reliance on third parties for computer-based products and services.
Internal and external systems should be tested according to a written testing plan. Internal systems include software, mainframe computers, personal computers, security systems, vaults and elevators. External systems include service providers and any interface with external sources.
Mission-critical systems should be tested first because of their key role in the operations and financial condition of a financial institution. Financial institutions are expected to know if service providers and software vendors are able to test mission-critical systems products and services successfully.
A written testing plan should set forth a testing environment, testing methodology, test schedules, financial and human resources, documentation, contingency plans, and critical test dates. Critical test dates should include the "rollover" from December 31, 1999 to January 3, 2000. They should also include dates such as February 29, 2000 and the rollover to March 1, 2000, to ensure that the system will recognize leap year.
The FFIEC expects financial institutions to meet the following key milestones in their Year 2000 testing process. On or before:
Failure to conduct thorough testing may mask serious remediation problems. Failure to properly identify or correct those problems could threaten the safety and soundness of the institution.
Today's guidance follows previous FFIEC Year 2000 guidance on project management, business risk, vendors, and customer risk. The FFIEC will soon issue guidance on contingency planning for Year 2000 readiness.
Guidance Concerning Testing for Year 2000 Readiness