Regulators give banks report cards in the form of CAMELS ratings. These ratings can affect examination frequency, assessments, the ability to pursue acquisitions, and the likelihood of enforcement action. The ratings are also not publicly disclosed, except on an aggregated basis or in some limited instances. A recent proposal to define “unsafe or unsound” practices also includes even more fundamental changes in the way supervisors rate banks. How do CAMELS work? What are the implications if the proposed changes are enacted in their present form and how might it further undermine bank supervision?
CAMELS Overview
CAMELS ratings accompany full-scope Reports of Examination (ROEs), which bank supervisors complete every 12 to 18 months. CAMELS provide a quick, numerical summary of the bank’s condition. Larger banks are subject to more continuous supervision and rating changes occasionally happen between exam cycles. The CAMELS acronym stands for Capital, Asset Quality, Management, Earnings, Liquidity, and Sensitivity to Market Risk. Supervisors rate banks on each of these components while also assigning a composite rating. Ratings are on a scale of 1 (best) to 5 (worst). The composite considers each of the components but need not weigh them equally. For example, suppose a bank made relatively few loans but had an extreme concentration of long-term or illiquid securities. In that case, a strong rating on asset quality (1 or 2) won’t necessarily offset adverse rating for sensitivity to market risk or liquidity.
There is some interdependence between individual CAMELS components. For example, the Capital rating reflects not only nominal capital levels but also those levels relative to a bank’s asset quality, liquidity levels, and interest rate risk. Similarly, weak earnings, poor asset quality, or excessive levels of IRR or liquidity risk all reflect poorly on management and can affect the M rating.
The Ratings, Their Meanings and Implications
CAMELS in their present form, including rating criteria, date from 1996. Composite ratings, their characteristics, implications, and frequency are summarized below.
There is a distinction between 1 and 2-rated banks in terms of condition and risk management. A “1” rated bank has few financial vulnerabilities or strong risk management, usually both. The financial condition and risk management practices of a 2-rated bank are satisfactory but nothing to write home about. These banks may have some moderate weaknesses but are fundamentally sound. There is little or no distinction between 1 and 2-rated banks in terms of regulatory treatment. These banks benefit from a less frequent exam cycle, the same low assessment, and few restrictions on activities.
Things start to get interesting with a 3 rating. The financial condition and risk management at these banks is considered less than satisfactory. These institutions require more than normal supervision and formal enforcement actions become more likely. Supervisors still believe these banks are unlikely to fail but some course correction is in order. Supervisory interventions will try to nip emerging problems in the bud while the bank remains salvageable.
Adverse ratings (3 or worse) are quite rare. For example, OCC sets a target that at least 90% of its supervised banks receive a composite CAMELS rating of 1 or 2. From 2020 to 2024, between 92% and 99% of OCC-supervised banks met this criterion. The FDIC compiles a “problem bank list” of all FDIC-insured banks rated 4 or 5. While FDIC keeps the names of the banks confidential, it publishes quarterly the number of banks meeting this criterion. As of June 2025, 1.3% of all banks were rated 4 or 5.
Banks rated 4 display unsafe or unsound practices or financial condition and pose a real risk of loss to the FDIC. Banks rated 5 exhibit extremely unsafe or unsound practices with failure highly probable. Even some 5-rated banks eventually recover but by that stage supervisors focus more on containing losses rather than bringing the bank back to health.
The ratings process builds in a certain amount of inertia. OCC has a specific process for downgrades. Merely downgrading a component rating requires a detailed memo that maps the proposed rating to current ratings guidance. Downgrades also require signoffs from a bunch of higher-ups.
Proposed Changes and Their Impact
OCC and FDIC recently issued a Notice of Proposed Rulemaking (NPR) to define “unsafe or unsound” practices as those that are both imprudent and likely to lead to material financial harm. As I noted in an earlier post, this represents a backwards looking approach that waits until material harm is likely before declaring a practice unsafe or unsound. The proposal compounds the problem by applying essentially the same unsafe or unsound threshold for matters requiring attention (MRAs). Most damaging, however, is that the proposal would also require MRAs for a ratings downgrade to 3 or worse. In other words, a ratings downgrade to a 3 would require a bank to engage in unsafe or unsound practices, which in turn would require that imprudent practices would likely lead to material financial harm.
Violations of law or regulation can lead to MRAs, even under the proposed guidance. However, “the agencies expect that they would not downgrade an institution’s composite rating to less-than-satisfactory based only on a violation of law” unless the violation meets the likely material loss test. No harm, no foul, unless the harm is to consumers, which apparently doesn’t count.
Let’s unpack this a bit. Current interagency rating standards link unsafe or unsound practices to a rating of 4 or 5, not to a 3. While banks rated “3” may have some significant weaknesses, “failure appears unlikely, however, given the overall strength and financial capacity of these institutions.” Even under the current, less restrictive, understanding of unsafe or unsound practices, proposed requirements for rating downgrades are more consistent with a 4 or 5 composite rating, rather than with a 3.
If enacted, the proposal would also create inconsistencies between regulators and between banks. The Uniform Institution Ratings System (UFIRS) has been in effect since the 1970s and represents an agreement between the FDIC, OCC, and Federal Reserve. The Federal Reserve has not joined in on the proposed rule. That could mean that state-chartered member banks (supervised by the Fed) would face different CAMELS rating criteria than FDIC or OCC-regulated banks. It could also lead to inconsistencies between banks with the same regulator. The proposal focuses only on rating downgrades. What happens to banks already rated 3? Would the change mean that supervisors would rush to upgrade these banks, based not on improvements to their condition or practices but because their practices were merely deficient rather than life-threatening?
Cliff Effects
While more than 90% of banks are rated 1 or 2, regulators apparently feel that the grading is too tough. Following the proposed criteria would mean that a rating of 3 would become the new 4. This could create enormous cliff effects when it comes to ratings. We’ve seen this before under the OCC’s Risk Assessment System (RAS). The RAS rates a bank’s various risks (credit risk, interest rate risk, operational risk) as high, medium, and low. It also rates the quality of risk management for each risk category as strong, satisfactory, insufficient, or weak. Prior to introducing the “insufficient” category in 2015, there was little separation in quality of risk management assessments. “Satisfactory” ratings were ubiquitous while ratings of “weak” were exceedingly rare.
RAS ratings are confidential, as are exam reports. We can, however, catch a rare glimpse at pre-2015 RAS ratings and narratives as part of the documents publicly released by the Financial Crisis Inquiry Commission (FCIC). Wachovia was the nation’s fourth largest bank. Only an emergency merger shepherded by regulators prevented its closure. The FCIC released Wachovia’s June 2008 Report of Examination (ROE). The ROE notes that “management of risk at Wachovia continues to be one of our top supervisory concerns.” The ROE further noted that “questionable strategic decisions and insufficiently proactive oversight have led to many of Wachovia’s problems.” While supervisors downgraded the bank’s Management and composite CAMELS ratings to 3, they rated the quality of risk management for each RAS component as “satisfactory.” While Wachovia’s “3” rating looks bad considering the bank’s impending collapse, the satisfactory RAS rating looks worse.
The agencies have claimed that establishing higher qualitative thresholds for designating practices unsafe or unsound, issuing MRAs, or downgrading ratings will promote a greater focus on material financial risks. This argument might make sense if the agencies were also strengthening quantitative standards for capital, liquidity, or interest rate risk. In fact, the opposite is the case. Political appointees at the OCC, FDIC, and Federal Reserve have worked to water down these requirements.
The position of the Bank Policy Institute (BPI) might provide a good indicator of things to come. BPI is the lobbying arm of the nation’s largest banks and current regulators have worked hard to adopt BPI’s wish list, except to the extent that it conflicts with the crypto lobby’s wish list. In 2020, BPI recommended some changes to CAMELS ratings. For example, a bank should presumptively receive a “1” for Capital if it merely meets minimum capital requirements, as do 99% of banks. Similarly, meeting the liquidity coverage ratio and some other liquidity requirements should also merit a 1 rating. Ratings would become essentially binary. Banks that fail capital or liquidity requirements normally are rated 4 or 5. But if they merely meet those requirements, they get a participation trophy in the form of a 1 rating.
Concluding Thoughts
The author Kurt Vonnegut described his book Palm Sunday as a blivit: two pounds of [stuff] in a one-pound bag (PG version). The NPR appears to be a bit of a blivit as well. In their rush to adopt as much of the banking lobby’s wish list as quickly as possible, regulators jammed into a single NPR changes fundamental to their interpretation of unsafe and unsound, and to MRA criteria, and to CAMELS ratings. The result is a poorly thought-out proposal that creates inconsistencies between banks and between regulators. That approach may fit the move fast and break things ethos. But it makes for terrible public policy.