Feature Regulatory Compliance
Contingency Funding Plan Evidence Binder: What to Keep Before the Examiner Asks
Examiners don't just read your CFP — they ask for evidence that it works. Here's the complete list of documentation, test records, and artifacts that belong in a CFP evidence binder, organized by funding source and review cycle.
Table of Contents
TL;DR
- Examiners don’t evaluate the CFP document in isolation — they ask for the evidence that the plan has been operationalized: test records, board minutes, EWI logs, contact sheets, stress scenario outputs, and trigger breach documentation.
- The 2023 Interagency Addendum raised the evidence standard specifically for contingent funding source testing — institutions must now demonstrate tested access, not just describe it in policy.
- A complete CFP evidence binder has six categories of documentation, organized by source type and review cycle — and should be maintained continuously, not assembled when an exam is scheduled.
- The most common deficiency is a polished CFP document with an empty or stale evidence file. Examiners treat this as evidence that the plan was written for the examination, not for the institution.
The examiner’s first request during a CFP review is rarely the plan document itself. She already has that from your pre-examination submission. What she asks for next is the evidence file: the test records, the board minutes, the EWI monitoring logs, the stress test outputs with assumptions, and the counterparty contact sheets for each contingent funding source.
If that request is met with a long pause, a scramble through a shared drive, or a response of “we’ll need to pull that together,” the examination outcome is already trending negative.
The CFP evidence binder isn’t an afterthought to the CFP — it’s the proof that the CFP exists for the institution’s benefit, not just for the regulator’s file.
What the 2023 Addendum Changed About Evidence Expectations
The 2023 Interagency Addendum to the Policy Statement on Funding and Liquidity Risk Management — issued jointly by the OCC, FDIC, NCUA, and Federal Reserve on July 28, 2023 — added specific language about testing that directly raised the evidence bar:
“Depository institutions should be aware of the operational requirements to obtain funding from contingent sources, including testing access to contingent funding sources on a regular basis.”
This language shifts the examination standard from “does the CFP describe testing” to “does the institution have evidence of testing.” The distinction matters enormously. A CFP that says “we conduct annual testing of our contingency borrowing lines” is a policy statement. A test record with a date, amount confirmed, counterparty contact, and outcome is evidence.
For discount window access specifically, the Addendum requires “conducting periodic transactions” as part of operational readiness. Those transactions produce records — and those records go in the binder.
The St. Louis Fed’s September 2023 analysis on the lessons from the 2023 banking failures made clear that both SVB and Signature Bank had contingent funding sources listed in their plans that were not operationally accessible. The evidence standard is designed to close that gap by requiring institutions to demonstrate, not just document, their access to liquidity.
The Six Categories of CFP Evidence
A complete CFP evidence binder is organized around six documentation categories, each tied to a specific regulatory expectation or governance requirement.
1. The CFP Document — Current, Board-Approved Version
The binder starts with the CFP itself — but not just any version. It should be the current, board-approved version, with the board approval date visible. If the annual review produced amendments, those amendments should be present with their own approval documentation.
What examiners look for:
- The approval date on the cover page or signature block
- Whether the approval was within the last 12 months (the 2010 Interagency Policy Statement requires at least annual board re-approval)
- Whether the plan reflects the current funding structure — not a two-year-old balance sheet composition
What signals a problem:
- CFP dated more than 14 months ago without evidence of interim review
- Approval page signed by management only (no board committee approval)
- Funding sources or stress scenarios that don’t match the current balance sheet
2. Stress Test Results and Scenario Assumptions
Liquidity stress testing is the analytical core of the CFP. The evidence binder should contain the most recent stress test results — including the assumption set, the output (cash flow under each scenario), and the identified funding gap.
| Document | Content | Frequency |
|---|---|---|
| Stress test output | Net cash flow by time bucket under each scenario | Quarterly minimum; ad-hoc during stress |
| Assumption documentation | Deposit runoff rates, wholesale funding availability, asset liquidation timelines, and haircuts by source | Updated annually; reviewed quarterly |
| Sensitivity analysis | Impact of changing key assumptions (e.g., higher deposit runoff, lower collateral value) | Annually |
| Scenario validation | Justification for scenario choice — why these scenarios are appropriate for the institution’s risk profile | Annually |
The assumption documentation is frequently the weakest link. Stress test results without the underlying assumptions are a black box. Examiners want to evaluate whether the assumptions are reasonable — not just whether the institution ran the test.
3. Contingent Funding Source Test Records
This is the category most commonly missing or deficient. For each contingent funding source listed in the CFP, the binder should contain a test record.
A complete test record for a credit line or borrowing facility includes:
- Date of test: when the confirmation was conducted
- Amount confirmed available: the actual availability at the date of test, not the contract maximum
- Counterparty contact: who at the counterparty was contacted (name, title, phone, email)
- Collateral conditions: any haircuts, eligibility restrictions, or pledging requirements confirmed
- Results: was access confirmed? Were any issues found?
- Next test date: when this source is next scheduled for confirmation
- Who conducted the test: the person at the institution responsible
A complete test record for Federal Reserve Discount Window access includes:
- Evidence of a small-value transaction (the 2023 Addendum explicitly requires periodic transactions)
- Confirmation that the Master Loan and Security Agreement (MLSA) is current
- Current collateral availability at the Fed (pledged, haircut-adjusted)
- Operational cut-off times documented and confirmed with staff
- Staff training records showing who is authorized and trained to execute a draw
A complete test record for FHLB advances includes:
- Current advance capacity (from the FHLB’s most recent statement, not a letter from two years ago)
- Collateral schedule: what’s pledged, current eligibility, and any eligibility changes since last review
- Operational draw mechanics: who initiates, what’s the minimum lead time, what’s the same-day cut-off
- Contact information for both relationship and operations contacts at the regional FHLB
The testing record should also note any gaps discovered during the test. A finding that “line was confirmed but contact list was out of date” is better evidence than a clean record that doesn’t acknowledge the gap.
4. Board and Senior Management Reporting Documentation
The 2010 Interagency Policy Statement requires:
- Senior management receives liquidity reports at least monthly
- Board or board committee receives liquidity reports at least quarterly
- Board reviews and re-approves the CFP at least annually
The evidence binder should contain:
- Board/Risk Committee minutes showing quarterly liquidity reviews (not just generic “management reported on liquidity” language — the minutes should reflect that the board actually reviewed specific metrics and stress test results)
- Board approval for the CFP: a separate resolution or motion reflecting annual re-approval
- Senior management reporting package: a sample of the monthly liquidity dashboard or ALCO report, with evidence of distribution date and attendees
What examiners flag:
- Board minutes that say “management presented on liquidity” without any reference to specific results
- CFP approval embedded in a general ALCO minutes entry without a specific resolution
- No management reporting package — only board-level summary
5. Early Warning Indicator Log
The EWI monitoring log documents the institution’s ongoing monitoring activity and any threshold breaches. A complete EWI log includes:
- Metric name and threshold: the specific EWI, its yellow and red threshold levels, and the rationale for those thresholds
- Measurement date and result: the value of the metric at each monitoring interval
- Breach history: any instances where yellow or red thresholds were breached, when they occurred, and the management response
- Threshold review: evidence that thresholds are reviewed and updated at least annually — stale thresholds that never trigger are a red flag
An EWI log with no breach history over a multi-year period is something examiners probe carefully. It may reflect good liquidity management. It may also reflect thresholds calibrated to never trigger. The annual threshold review documentation helps distinguish the two.
6. Counterparty Contact Sheet and Emergency Activation Procedures
Separate from the test records, the binder should contain an operational quick-reference: who to call, in what order, and what to say when the CFP needs to be activated under stress.
This document includes:
- Internal escalation chain: who initiates the CFP activation recommendation, who approves it, and who communicates it to the board
- Counterparty contact sheet by source: name, title, direct phone, backup contact, and relevant account or reference numbers for each contingent funding source
- Operational cutoff schedule: Fedwire hours, FHLB same-day advance cut-offs, Fed discount window operational hours, and any other timing constraints relevant to the funding sequence
- Payment mechanics: wire instructions, custody account details, and authorization requirements for initiating draws against each source
This document should be tested — the annual source test is also a test of the contact information. If the contact sheet has a person who’s no longer at the counterparty institution, that’s a test finding.
Maintaining the Binder: Timing and Ownership
The evidence binder should be updated on the following schedule:
| Document Category | Update Trigger | Owner |
|---|---|---|
| CFP document | Annual review; material change in funding profile | Treasury / CFO |
| Stress test results | Quarterly; after a stress event | Treasury / ALM |
| Source test records | Annually per source; after any test is conducted | Treasury |
| Board/management reporting | After each reporting cycle | Risk / ALCO Secretariat |
| EWI log | Continuous; each monitoring interval | Risk / Treasury |
| Contact sheet | After each source test; any time counterparty contact changes | Treasury |
The binder owner — typically Treasury or a designated ALCO coordinator — should conduct a quarterly review to identify any documents that are approaching staleness. A test record that’s 10 months old needs a new test scheduled. Board minutes from 5 months ago need a newer set showing continued quarterly oversight.
What a Deficient Binder Looks Like
The FDIC’s examination observations on community bank liquidity risk identified recurring CFP documentation gaps that apply across institution sizes:
No test records at all. The CFP says testing occurs. No records exist. This is the most common finding and results in an MRA requiring a testing schedule and documented evidence.
Test records are for the wrong amounts. The CFP lists a $50M credit line. The test record shows $30M was confirmed available. No one updated the CFP to reflect the actual availability.
Stress test assumptions are undated. The institution runs stress tests but doesn’t date or retain the assumption set. Examiners cannot evaluate whether the assumptions are current or appropriate.
Board minutes don’t reflect substance. Generic language (“management presented on liquidity; no questions were raised”) doesn’t demonstrate that the board understood and challenged the CFP’s key assumptions. This is an exam readiness issue that examiners are increasingly focused on.
Contact sheets haven’t been updated since the CFP was written. Phone numbers and email addresses for counterparty contacts are years old. The first test of the CFP in an actual stress event would be spent tracking down current contacts.
So What?
Exam readiness for the CFP isn’t a separate compliance activity — it’s the byproduct of running the governance process correctly. An institution that tests its funding sources on schedule, keeps current contact sheets, reviews EWI thresholds annually, and gives the board actual substance to review will have a complete evidence binder without assembling it from scratch.
The danger is the reverse: treating the binder as an exam artifact rather than an operational one. A binder assembled under exam pressure — with test records backdated or contacts called for the first time — is obvious to an experienced examiner and raises more questions than it answers.
The 2023 Addendum’s testing requirements closed the gap between “the CFP describes testing” and “the institution has evidence of testing.” The evidence binder is how that gap stays closed.
For institutions building a CFP from scratch or rebuilding after an exam finding, the binder structure is the starting point: define what evidence you’ll produce, when, and who owns it — before you write the next line of CFP policy.
The Financial Risk Management Kit includes a CFP evidence binder template with section headers, document checklists by source type, and a maintenance calendar aligned to OCC and FDIC examination expectations.
◆ Need the working template?
Start with the source guide.
These answer-first guides summarize the required fields, evidence, and implementation steps behind the templates practitioners search for.
◆ Related template
Contingency Funding Plan — Banks
Examiner-ready contingency funding plan for chartered banks built to the 2023 Interagency Addendum.
◆ Immaterial Findings · Weekly
Sharp risk & compliance insights. No fluff.
◆ FAQ
Frequently asked questions.
What does an OCC or FDIC examiner actually ask to see during a CFP examination?
What's the minimum testing frequency for contingent funding sources to satisfy regulators?
What does a deficient CFP evidence file look like to an examiner?
Should the evidence binder be a physical binder or a digital file?
How does the CFP evidence binder relate to the annual CFP review process?
What should we keep after a liquidity stress event or CFP trigger breach?
Author
Rebecca Leung
Rebecca Leung has 8+ years of risk and compliance experience across first and second line roles at commercial banks, asset managers, and fintechs. Former management consultant advising financial institutions on risk strategy. Founder of RiskTemplates.
◆ Related framework
Contingency Funding Plan — Banks
Examiner-ready contingency funding plan for chartered banks built to the 2023 Interagency Addendum.
◆ Keep reading
Related posts.
Regulatory Compliance
The Fed's Payment Account Proposal: What Fintechs and Digital Asset Firms Need to Know Before the July 27 Comment Deadline
The Federal Reserve proposed a special-purpose Payment Account in May 2026, offering eligible fintechs direct access to Fedwire Funds and FedNow without a bank charter. The comment period closes July 27. Here's who qualifies, what compliance the Fed requires, and why your institution should care even if you're not applying yet.
Jul 7, 2026
Regulatory Compliance
SEC Cyber Disclosure Rule: What 2.5 Years of Form 8-K Filings Reveal About Your Response Program Gaps
The SEC's 4-business-day cyber incident disclosure rule has 2.5 years of enforcement history. Here's what the filings and enforcement actions reveal about common materiality determination failures — and how to build a decision protocol that survives SEC scrutiny in 2026.
Jul 5, 2026
Regulatory Compliance
GENIUS Act AML/CFT Compliance: Breaking Down the FinCEN and OFAC Rule That Drops July 18
The FinCEN/OFAC joint proposed rule for stablecoin issuers establishes a full BSA/AML compliance program requirement — SAR filing, CTR filing, CIP, CDD, and OFAC sanctions screening — with a technical wallet-blocking mandate that has no precedent in traditional financial services. Here's what Permitted Payment Stablecoin Issuers and their bank partners need to build.
Jul 4, 2026