Each depositor insured to at least $250,000 per insured bank



Home > About FDIC > Financial Reports > 2004 Annual Report




2004 Annual Report

Previous | Contents | Next

IV. Financial Statements and Notes - GAOís Audit Opinion

GAO logo. Accountability * Integrity * Reliability



Comptroller General
of the United States

United States Government Accountability Office
Washington, D.C. 20548

To the Board of Directors
The Federal Deposit Insurance Corporation

We have audited the balance sheets as of December 31, 2005 and 2004, for the three funds administered by the Federal Deposit Insurance Corporation (FDIC), the related statements of income and fund balance (accumulated deficit), and the statements of cash flows for the years then ended. In our audits of the Bank Insurance Fund (BIF), the Savings Association Insurance Fund (SAIF), and the FSLIC Resolution Fund (FRF), we found

  • the financial statements of each fund are presented fairly, in all material respects,
    in conformity with U.S. generally accepted accounting principles;
  • although certain internal controls should be improved, FDIC had effective internal
    control over financial reporting and compliance with laws and regulations for each
    fund; and
  • no reportable noncompliance with laws and regulations we tested.

The following sections discuss our conclusions in more detail. They also present information on the scope of our audits and our evaluation of FDIC management’s comments on a draft of this report.

Opinion on BIFís Financial Statements
The financial statements, including the accompanying notes, present fairly, in all material respects, in conformity with U.S. generally accepted accounting principles, BIF’s financial position as of December 31, 2005 and 2004, and the results of its operations and its cash flows for the years then ended.

As discussed in note 1 to BIF’s financial statements, on February 8, 2006, the President signed into law the Federal Deposit Insurance Reform Act of 2005. Among its provisions, the Act calls for the merger of BIF and SAIF into a single Deposit Insurance Fund no later than the first day of the first calendar quarter that begins after the end of the 90-day period beginning on the date of enactment, which would be July 1, 2006.

Opinion on SAIFís Financial Statements
The financial statements, including the accompanying notes, present fairly, in all material respects, in conformity with U.S. generally accepted accounting principles, SAIF’s financial position as of December 31, 2005 and 2004, and the results of its operations and its cash flows for the years then ended.

As discussed in note 1 to SAIF’s financial statements, on February 8, 2006, the President signed into law the Federal Deposit Insurance Reform Act of 2005. Among its provisions, the Act calls for the merger of SAIF and BIF into a single Deposit Insurance Fund no later than the first day of the first calendar quarter that begins after the end of the 90-day period beginning on the date of enactment, which would be July 1, 2006.

Opinion on FRFís Financial Statements
The financial statements, including the accompanying notes, present fairly, in all material respects, in conformity with U.S. generally accepted accounting principles, FRFís financial position as of December 31, 2004, and 2003, and the results of its operations and its cash flows for the years then ended.

Opinion on Internal Control
FDIC management maintained, in all material respects, effective internal control over financial reporting (including safeguarding assets) and compliance as of December 31, 2004, that provided reasonable but not absolute assurance that misstatements, losses, or noncompliance material in relation to FDICís financial statements of each fund would be prevented or detected on a timely basis. Our opinion is based on criteria established under 31 U.S.C. 3512 (c), (d) [Federal Managersí Financial Integrity Act (FMFIA)].

In prior years, we reported on weaknesses we identified in FDICís information system controls, which we described as a reportable condition.1 Specifically, FDIC had not adequately restricted access to critical financial programs and data, provided sufficient network security, or established a comprehensive program to monitor access activities. A primary reason for FDICís information system control weaknesses was that the corporation had not established a comprehensive information security program to manage computer security. During the past several years, FDIC has made progress in correcting information system control weaknesses and in 2004, FDIC made substantial progress in correcting most of the weaknesses we identified in prior years, including taking steps to fully establish a comprehensive information security program. These improvements, combined with the progress we reported last year, enabled us to conclude that the remaining issues related to information system controls no longer constitute a reportable condition. FDICís implementation of new financial systems2 in the coming year will significantly change its information systems environment and the related information systems controls necessary for their effective operation. Consequently, continued management commitment to an effective information security program will be essential to ensure that the corporationís financial and sensitive information will be adequately protected in this new environment.

We did not identify any reportable conditions during our 2004 audits. However, we noted other less significant matters involving FDICís internal controls, including information system controls. We will be reporting separately to FDIC management on these matters.

Compliance with Laws and Regulations
Our tests for compliance with selected provisions of laws and regulations disclosed no instances of noncompliance that would be reportable under U.S. generally accepted government auditing standards. However, the objective of our audits was not to provide an opinion on overall compliance with laws and regulations. Accordingly, we do not express such an opinion.

Objectives, Scope, and Methodology
FDIC management is responsible for (1) preparing the annual financial statements in conformity with U.S. generally accepted accounting principles; (2) establishing, maintaining, and assessing internal control to provide reasonable assurance that the broad control objectives of FMFIA are met; and (3) complying with applicable laws and regulations.

We are responsible for obtaining reasonable assurance about whether (1) the financial statements are presented fairly, in all material respects, in conformity with U.S. generally accepted accounting principles; and (2) management maintained effective internal control, the objectives of which are the following:

  • financial reportingĖĖtransactions are properly recorded, processed, and summarized to permit the preparation of financial statements in conformity with U.S. generally accepted accounting principles, and assets are safeguarded against loss from unauthorized acquisition, use, or disposition; and
  • compliance with laws and regulationsĖĖtransactions are executed in accordance with laws and regulations that could have a direct and material effect on the financial statements.

We are also responsible for testing compliance with selected provisions of laws and regulations that could have a direct and material effect on the financial statements.

In order to fulfill these responsibilities, we

  • examined, on a test basis, evidence supporting the amounts and disclosures in the financial statements;
  • assessed the accounting principles used and significant estimates made by management;
  • evaluated the overall presentation of the financial statements;
  • obtained an understanding of internal control related to financial reporting (including safeguarding assets) and compliance with laws and regulations;
  • tested relevant internal controls over financial reporting and compliance, and evaluated the design and operating effectiveness of internal control;
  • considered FDICís process for evaluating and reporting on internal control based on criteria established by FMFIA; and
  • tested compliance with laws and regulations, including selected provisions of the Federal Deposit Insurance Act, as amended, and the Chief Financial Officers Act of 1990.
We did not evaluate all internal controls relevant to operating objectives as broadly defined by FMFIA, such as those controls relevant to preparing statistical reports and ensuring efficient operations. We limited our internal control testing to controls over financial reporting and compliance. Because of inherent limitations in internal control, misstatements due to error or fraud, losses, or noncompliance may nevertheless occur and not be detected. We also caution that projecting our evaluation to future periods is subject to the risk that controls may become inadequate because of changes in conditions or that the degree of compliance with controls may deteriorate.

We did not test compliance with all laws and regulations applicable to FDIC. We limited our tests of compliance to those laws and regulations that could have a direct and material effect on the financial statements for the year ended December 31, 2004. We caution that noncompliance may occur and not be detected by these tests and that such testing may not be sufficient for other purposes.

We performed our work in accordance with U.S. generally accepted government auditing standards.

FDIC Comments and Our Evaluation
In commenting on a draft of this report, FDICís Chief Financial Officer (CFO) was pleased to receive unqualified opinions on BIFís, SAIFís, and FRFís 2004 and 2003 financial statements and to note that there were no material weaknesses identified during the 2004 audits. FDICís CFO also stated that FDIC management is committed to ensuring the continued success of an effective and strong information security program. The CFO said FDIC will remain focused on accomplishing the work needed to face the new security challenges in the coming year. The complete text of FDICís comments is reprinted in appendix I.

David M. Walker

David M. Walker
Comptroller General
of the United States

January 31, 2005



1 Reportable conditions involve matters coming to the auditorís attention that, in the auditorís judgment, should be communicated because they represent significant deficiencies in the design or operation of internal control and could adversely affect FDICís ability to meet the control objectives described in this report.

2 During 2005 FDIC anticipates implementing a new, integrated financial environment to support the financial management needs of the corporation.



Last Updated 04/19/2005 communications@fdic.gov