![]() |
![]() |
![]() |
![]() |
![]() |
Home > News & Events > Financial Institution Letters |
![]() |
|
![]() |
![]() |
Financial Institution Letters |
[Federal Register: February 21, 1996 (Volume 61, Number 35)] [Rules and Regulations] [Page 6487-6500] From the Federal Register Online via GPO Access [wais.access.gpo.gov] ======================================================================== Rules and Regulations Federal Register ________________________________________________________________________ This section of the FEDERAL REGISTER contains regulatory documents having general applicability and legal effect, most of which are keyed to and codified in the Code of Federal Regulations, which is published under 50 titles pursuant to 44 U.S.C. 1510. The Code of Federal Regulations is sold by the Superintendent of Documents. Prices of new books are listed in the first FEDERAL REGISTER issue of each week. ======================================================================== [[Page 6487]] FEDERAL DEPOSIT INSURANCE CORPORATION 12 CFR Part 363 RIN 3064-AA83 Annual Independent Audits and Reporting Requirements AGENCY: Federal Deposit Insurance Corporation (FDIC or Corporation). ACTION: Final rule. ----------------------------------------------------------------------- SUMMARY: The FDIC is amending its regulations concerning annual independent audits and reporting requirements. Section 314 of the Riegle Community Development and Regulatory Improvement Act of 1994 (RCDRIA) amended sections 36(i) and 36(g)(2) of the Federal Deposit Insurance Act (FDI Act). Section 36 of the FDI Act is generally intended to facilitate early identification of problems in financial management at larger insured depository institutions through annual independent audits, assessments of the effectiveness of internal controls and of compliance with designated laws and regulations, and more stringent reporting requirements. Section 314(a) provides relief from certain duplicative reporting under section 36 of the FDI Act for sound, well managed insured depository institutions with over $9 billion in total assets which are subsidiaries of multibank holding companies. Section 314(b) requires the Corporation to notify a large insured depository institution in writing if it decides a review by an independent public accountant of such an institution's quarterly financial reports is required. This regulation governs annual independent audits and implements section 36 of the FDI Act. This amendment conforms the regulations to the amended statute. In addition, the FDIC is making several technical amendments to the Guidelines and Interpretations (Guidelines) that were published as an appendix to the annual independent audit regulations. The FDIC also is amending Schedule A to the appendix, ``Agreed Upon Procedures for Determining Compliance with Designated Laws'', to implement recent amendments to the federal regulations concerning loans to insiders, improve the format of the procedures, streamline the specific procedures, and eliminate ambiguities. These amendments reflect the experience of the Corporation, financial institutions, and accountants using the existing procedures during the past two years. EFFECTIVE DATE: April 1, 1996. FOR FURTHER INFORMATION CONTACT: Doris L. Marsh, Examination Specialist, Division of Supervision (202) 898-8905, FDIC, 550 17th Street NW., Washington, DC 20429, or Sandra Comenetz, Counsel, Legal Division, (202) 898-3582, FDIC, 550 17th Street NW., Washington, DC 20429. SUPPLEMENTARY INFORMATION: I. Paperwork Reduction Act The collection of information contained in this amendment has been reviewed and approved by the Office of Management and Budget under control number 3064-0113, pursuant to section 3504(h) of the Paperwork Reduction Act (44 U.S.C. 3501 et seq.). This information collection is mandated by section 36 of the FDI Act (12 U.S.C. 1831m), which was added by section 112 of FDICIA (Pub. L., 102-242, 105 Stat. 2242). The total estimated reporting burden for the collection under Part 363 is: Number of Respondents: 450. Number of Responses per Respondent: 3.19. Total Annual Responses: 1,435.5. Hours per Response: 40.38. Total Annual Burden Hours: 57,970. The changes to this collection of information have been reviewed and approved by OMB pursuant to the Paperwork Reduction Act. Comments on the accuracy of the burden estimate, and suggestions for reducing the burden, should be directed to the Office of Management and Budget, Paperwork Reduction Project 3064-0113, Washington, D.C. 20503, with copies of such comments to Steven F. Hanft, Office of the Executive Secretary, Room F-400, 550 17th St. N.W., Washington, D.C. 20429. II. Regulatory Flexibility Act The rule expressly exempts insured depository institutions having assets of less than $500 million, and, for that reason, is inapplicable to small entities. Therefore, pursuant to section 605(b) of the Regulatory Flexibility Act (Pub. L. 96-354, 5 U.S.C. 601 et seq.), it is certified that the rule would not have a significant impact on a substantial number of small entities. III. Background Section 112 of the Federal Deposit Insurance Corporation Improvement Act of 1991 (FDICIA) added section 36, ``Independent Annual Audits of Insured Depository Institutions'', to the FDI Act (12 U.S.C. 1831m). Section 36 requires the FDIC, in consultation with the appropriate federal banking agencies, to promulgate regulations requiring each insured depository institution over a certain asset size (covered institution) to have an annual independent audit of its financial statements performed in accordance with generally accepted auditing standards and section 37 of the FDI Act (12 U.S.C. 1831n), and to provide a management report and an independent public accountant's attestation concerning both the effectiveness of the institution's internal controls for financial reporting and its compliance with designated safety and soundness laws. Section 36 also requires each covered institution to have an independent audit committee. The audit committee of each large covered institution (total assets exceeding $3 billion) must meet certain additional requirements. Section 36 also requires the FDIC, in consultation with the other federal banking agencies, to designate laws and regulations concerning safety and soundness. This section requires the institution's independent public accountant to perform procedures agreed upon by the Corporation to determine an institution's compliance with such designated laws and regulations. The laws and regulations selected by the Corporation (Designated Laws) are the federal laws and regulations concerning loans to insiders and the federal and state laws and regulations concerning dividend restrictions. In June 1993, the FDIC published 12 CFR Part 363 (58 FR 31332, June 2, 1993) to implement the provisions of [[Page 6488]] section 36 of the FDI Act. Under Part 363, the requirements of section 36 apply to each insured depository institution with $500 million or more in total assets at the beginning of any fiscal year that begins after December 31, 1992. Part 363 also includes Guidelines and Interpretations (Appendix A to Part 363), which are intended to assist institutions and independent public accountants in understanding and complying with Section 36 and Part 363. Appendix A to Schedule A contains the agreed-upon procedures that must be performed by an institution's independent public accountant in order to permit the accountant to report on the extent of compliance with the Designated Laws as required by Section 36(e)(1) and (2). Section 314 of RCDRIA amends sections 36(i) and 36(g)(2) of the FDI Act (12 U.S.C. 1831m(i) and (g)(2)). The purpose of section 314(a) is to provide relief from certain duplicative reporting under section 36 of the FDI Act for sound, well managed insured depository institutions with over $9 billion in total assets which are subsidiaries of multibank holding companies. Section 314(b) requires the FDIC to notify a large insured depository institution in writing if the FDIC decides to require a review by an independent public accountant of such institution's quarterly financial reports. Section 36(g)(2) of the FDI Act authorizes the FDIC to require independent public accountants for ``large institutions'' to review such institutions' quarterly financial reports. When the FDIC adopted Part 363, it elected not to exercise its authority in this area for reasons of cost and limited expected benefits, preferring instead to request such reviews on a case-by-case basis. The FDIC continues to believe that this is appropriate. Should the FDIC decide to request an independent public accountant's review of the quarterly financial statements of a large insured depository institution, it will make the request in writing. The regulation is being amended to reflect section 314(a); no regulatory action is needed for section 314(b) which speaks for itself. In addition, the regulation is being amended to reflect the current provisions of federal regulations concerning loans to insiders (Federal Reserve Board Regulation O, 12 CFR Part 215), which are included in one of the Designated Laws, but were amended themselves during 1994. Lastly, Section 303 of RCDRIA requires the each federal banking agency to streamline and modify its regulations and policies in order to improve efficiency and reduce unnecessary burden. The FDIC believes that Part 363 and its final amendment are consistent with the requirements of section 303. IV. Proposed Rule The FDIC sought public comment on proposed amendments to Part 363 and the Guidelines in February 1995 (60 FR 8583, February 15, 1995). The FDIC proposed to amend certain paragraphs of 12 CFR Part 363 to conform to the amended statute. The FDIC also proposed to make technical and clarifying changes to the Guidelines in Appendix A. In addition, initial experience with Part 363 indicated that certain clarifications of the specific procedures in Schedule A to Appendix A of the Guidelines would make them more efficient and less burdensome. The FDIC therefore proposed amending Schedule A to Appendix A--Agreed Upon Procedures for Determining Compliance with Designated Laws, to eliminate ambiguities, improve the format of the procedures, streamline the specific procedures, and reflect the recent amendments to the federal regulations concerning loans to insiders (12 CFR Part 215). The proposal reflected the experience of the Corporation, institutions, and accountants with the existing procedures during the period since their adoption in June 1993. A. Proposed Amendments to the Rule Section 363.1--Scope. To make Sec. 363.1(b) consistent with section 314(a)(1) of RCDRIA, the phrase ``but less than $9 billion'' was proposed to be deleted from the provisions of the regulation describing the institutions eligible to report using the holding company exception set forth in section 36(i). Section 36 originally required each institution with total assets exceeding $9 billion to have its own audit committee and to file a management report and attestations by the independent public accountant on internal controls and compliance with designated laws and regulations. This has been particularly burdensome for many large institutions which are subsidiaries of multibank holding companies because they have had to have their own separate audit committee, whose function was often duplicative of the holding company audit committee. In addition, the holding company typically has had to file two sets of management reports and attestations by the independent public accountant: one on the institution which exceeded $9 billion in total assets and another on the holding company group in order to cover the smaller institutions also subject to Part 363. In many cases, these reports were duplicative since the large institution was the dominant institution in the holding company group. Section 314(a) eliminates this duplication by permitting sound, well-managed insured depository institutions with over $9 billion in total assets which are subsidiaries of multibank holding companies to use the holding company audit committee and to submit reports as part of the holding company group. The FDIC also proposed to add a paragraph, consistent with section 314(a)(3) of RCDRIA, to explain that the appropriate federal banking agency may require a large institution subsidiary of a holding company to have its own audit committee and report separately if it determines that the institution's use of the holding company exception in section 36(i) would create a significant risk to the affected deposit insurance fund. Section 363.4--Filing and notice requirements. It was proposed to correct Sec. 363.4(b) so that it would be clear that only the annual report in Sec. 363.4(a)(1) is available for public inspection and that the attestation by the independent public accountant concerning compliance with Designated Laws is not a document available to the public. Section 363.5--Audit committees. A new sentence was proposed to be added to make the Rule consistent with section 314(a) of RCDRIA, which prohibits any large customers of a large insured depository institution from being members of the audit committee of the institution's holding company if the institution relies on the audit committee of the holding company to comply with this rule. B. Amendments to Appendix A to Part 363--Guidelines and Interpretations 4. Comparable Services and Functions--Guideline 4(c) under ``Scope of Rule'' was proposed to be amended to replace the phrase ``all subsidiary institutions'' with the phrase ``those subsidiary institutions'' to clarify that only information pertaining to covered institutions, not all subsidiaries of a holding company, must be included in reports filed under Part 363. 9. Safeguarding of Assets. The last two sentences of Guideline 9 and the footnote to the Guideline, which explained how the independent public accountant should treat the lack of criteria against which ``safeguarding of assets'' may be judged for financial reporting, were proposed to be revised. The FDIC's concern over the lack of criteria, which existed at the time of the adoption of Part 363, was eliminated in May 1994, as a result of the issuance by [[Page 6489]] Committee of Sponsoring Organizations (COSO) of the Treadway Commission of an Addendum to the ``Reporting to External Parties'' volume of COSO's September 1992 Internal Control--Integrated Framework (COSO Report). The Addendum expanded the discussion of the scope of a management report on internal controls to address additional controls pertaining to safeguarding of assets. The FDIC proposed to replace the last two sentences of the Guideline with specific references to types of safeguarding that should be covered by management and the independent public accountant in their reports. 10. Standards for Internal Controls. In the footnote to Guideline 10, the Addendum to the COSO Report was proposed to be added to the list of sources of information on safeguarding of assets and standards for internal controls for financial reporting that may be considered for use by institutions. In addition, it was proposed that the American Institute of Certified Public Accountants' (AICPA) Statement on Auditing Standards No. 55 (SAS 55), ``Consideration of the Internal Control Structure in a Financial Statement Audit,'' should replace AICPA Statement on Auditing Standards No. 30 (SAS 30), ``Reporting on Internal Accounting Control,'' in the footnote to Guideline 10. 15. Peer Reviews--Guideline 15 requires each independent accountant to be enrolled in or have received a peer review that meets certain guidelines. These guidelines state that the peer review must be consistent with American Institute of Certified Public Accountants (AICPA) standards. Since the AICPA combined the two of its three standards for performing and reporting on peer reviews, those for Private Companies Practice Section and for its Quality Reviews into one standard on Peer Reviews, the footnote to Guideline 15 was proposed to be amended to identify the two remaining acceptable AICPA standards: Standards for Performing and Reporting on Peer Reviews, contained in Volume 2 of the AICPA's Professional Standards, and Standards for Performing and Reporting on Peer Reviews, codified in the SEC Practice Section Reference Manual. 24. Relief from Filing Deadlines--This Guideline explains the circumstances in which an institution may request an extension of a filing deadline, but makes reference to section 36 in doing so. The phrase referring to section 36 of the FDI Act in Guideline 24 was proposed to be deleted since section 36 does not grant authority to the FDIC to provide relief to, or exempt institutions from, provisions in the statute. 31. Holding Company Audit Committees--The proposal sought to revise Guideline 31 because it had been widely misunderstood. The existing Guideline provides that members of a holding company's independent audit committee may serve as the audit committee of any subsidiary institution if they are otherwise independent of the subsidiary's management. However, this was not intended to apply where an insured depository institution subsidiary has $5 billion or more in total assets, and a 3, 4, or 5 composite CAMEL rating and is not eligible to use the holding company exception in section 36(i). Such a subsidiary must have its own audit committee separate from the audit committee of the holding company. Guideline 31 was proposed to be amended to clarify this point. In addition, existing Guideline 31 did not make it clear that when an institution eligible to use the holding company exception relies on a holding company audit committee in order to comply with this rule, the holding company audit committee must meet the requirements for the audit committee of the largest subsidiary institution. To be eligible to use the holding company exception, an insured depository institution subsidiary must have either less than $5 billion in total assets, or $5 billion or more in total assets and a 1 or 2 composite CAMEL rating, and its holding company must perform services and functions comparable to those required by the statute. Accordingly, it was proposed to amend Guideline 31 to clearly indicate that when an eligible institution chooses to rely on the holding company's audit committee, the members of the audit committee of the holding company are expected to meet the membership requirements of the largest subsidiary depository institution and may perform the duties of the audit committee for a subsidiary institution without becoming directors of the institution. 32. Duties--The second sentence of Guideline 32 was proposed to be amended to complete the citation to certain sections of Part 363. As proposed, the sentence would state that the duties of a covered institution's audit committee should be appropriate to the size of the institution and the complexity of its operations, and should include reviewing with management and the independent public accountant the basis for the reports issued under Secs. 363.2(a) and (b) and 363.3(a) and (b) of the Rule. At present, the citation refers only to Sec. 363.2(b) of the Rule. C. Amendments to Schedule A to Appendix A--Agreed Upon Procedures for Determining Compliance With Designated Laws The agreed upon procedures in Schedule A were proposed to be amended to clarify the numbering system, make the procedures consistent with amendments to insider loan regulations, and adopt suggestions of institutions and accountants to make the performance of the agreed upon procedures more efficient and less burdensome. Proposed formatting changes included renumbering the paragraphs and adding more subject titles. The procedures applicable to insider extensions of credit granted, insider extensions of credit outstanding, aggregate insider extensions of credit outstanding, overdrafts, limitations on extensions of credit to executive officers, and reports on indebtedness to correspondent banks were proposed to be placed in separate subsections of the procedures for more efficient performance of the procedures and ease of reference. The amendments to the Federal Reserve Board's Regulation O (12 CFR Part 215), the federal rules governing insider loans, necessitated numerous citation changes. As proposed, accountants would be permitted to use the most recently completed Reports of Condition and Income (Call Report) or Thrift Financial Report (TFR) when the procedures are being performed rather than requiring the use of only the year-end Call Report or TFR. The scope of the required reading of board and committee minutes and reports under the Securities Exchange Act of 1934 was proposed to also be more clearly defined. Inadvertent overdrafts in an aggregate amount of $1,000 or less, which are exempt from Regulation O proscriptions (see 12 CFR 215.4(e)), were proposed to no longer be separately tracked by institutions, listed when certain representations are made by management, or tested by the accountant. Where accountants had previously been expected to compare insider transactions to transactions with nonaffiliated persons, the comparison period within which nonaffiliated transactions can take place was proposed to be expanded from four to eight weeks. In addition, where no maximum number of transactions (to which comparisons must be made) had previously been included, comparisons were proposed to be limited to a maximum of three. An alternative procedure that permitted the terms of the insider transaction to be compared [[Page 6490]] to existing lending policies also was proposed. To ensure that some tests were performed on each category of extension of credit, including overdrafts and loans from correspondent banks, the existing agreed-upon procedures directed accountants to obtain three separate samples. Based on suggestions received for improving the procedures covering extensions granted and outstanding during the year, the proposal had accountants focus the testing on a sample of insiders rather than a sample of transactions. Under the present guidelines, an institution may choose to have some of the required testing in the agreed-upon procedures performed by its internal auditor with less testing performed by its independent public accountant. However, in some situations in multibank holding companies, the internal auditor may be required to perform more testing than was required of the external auditor. When the holding company exception set forth in section 36(i) is used at a holding company with more than one covered subsidiary institution, the FDIC proposed to extend to internal auditors the same testing requirements that have been applicable to independent public accountants. Specifically, this would eliminate the existing requirement that internal auditors perform the procedures on each covered subsidiary every year. Thus, the testing of samples from all covered subsidiaries every two or three years that has been required of independent public accountants was proposed to also apply to internal auditors. It was further proposed that the lead institution or a few very large covered subsidiary institutions be included every year in the testing by both accountants and internal auditors. However, in response to the proposed reduction in testing requirements applicable to internal auditors, the FDIC proposed to increase the size of the samples required to be tested by the independent public accountant from the present 20 percent to 30 percent of the size of the samples used by the internal auditor. This change was not expected to generally result in any increase in the number of transactions tested by the independent public accountant for reports on holding companies with two or more covered subsidiary institutions. V. Discussion of Final Rule and Public Comments The FDIC received 16 comment letters concerning the proposed amendments. Ten of the comment letters were from large banks, thrifts, and holding companies; three from banking trade organizations; two from accounting and auditing organizations; and one from an accounting firm. The letters supported the addition to the rule of the changes mandated by the Riegle Community Development and Regulatory Improvement Act of 1994. They also were generally supportive of the proposal's goal to make the agreed-upon procedures in Schedule A to Appendix A less burdensome. However, many commenters stated their belief that Section 36 and its implementing rule were unnecessary and costly to comply with. Many commenters urged that the sections of the statute concerning compliance with safety and soundness laws and regulations, including both the management report and accountant's attestation, be eliminated. Nevertheless, barring any Congressional action in this regard, the commenters supported the Corporation's efforts to revise and reformat the agreed-upon procedures in Schedule A to Appendix A. Regarding the specific changes to the procedures, commenters approved not having to list smaller overdrafts in the insiders' extensions list. Permitting internal auditors to do the same amount of testing on holding companies as external auditors was also supported. Commenters also agreed with the amendment to Sec. 363.4(b) to clarify that the attestation by the independent public accountant concerning compliance with Designated Laws is not a document available to the public. One respondent recommended that the FDIC limit the time in which it may require the review of a large institution's quarterly financial statements to no later than 30 days after the end of each quarter. This suggestion was not adopted because the FDIC anticipates that any request would be made prior to that time. Moreover, since this authority has never been used, the need for a time limit has not been established. As discussed in the following paragraphs, the FDIC has considered respondents' comments concerning the specific aspects of the proposed amendments to Part 363, Appendix A to Part 363, and Schedule A to Appendix A. A. Amendments to Part 363 One commenter suggested that the FDIC define ``large institution'' for purposes of section 363.5, Audit committees, as institutions with $5 billion or more in total assets. The FDIC previously defined that term to mean any insured depository institution with total assets exceeding $3 billion when it adopted Part 363 in 1993 and is not convinced the definition should be changed. Another commenter recommended that when dealing with reporting by a holding company, the term ``large customer'' in section 363.5 should be compared to the assets of an entire holding company, not any single institution. However, section 314(a)(2) of the RCDRIA precludes such a change because it provides that ``the audit committee of the holding company of [a large] institution shall not include any large customers of the institution.'' [Emphasis added.] B. Amendments to Appendix A to Part 363--Guidelines and Interpretations The amendments to Appendix A that are discussed below are identified by the number and caption of the revised Guideline. 4. Comparable Services and Functions. Two commenters suggested that the rule be revised to require that when covering a holding company, the accountant's attestation on the adequacy of internal controls over financial reporting cover all subsidiaries of that holding company, including subsidiaries that are not insured depository institutions. These commenters stated that professional standards for attestation engagements (i.e., Statement of Standards for Attestation Engagements No. 2, ``Reporting on an Entity's Internal Control Structure Over Financial Reporting'' (AICPA, Professional Standards, vol. 1, AT sec. 400), which superseded Statement of Auditing Standards No. 30, ``Reporting on Internal Accounting Control) require that all entities covered by the financial report must be included in the attestation on internal controls for financial reporting. However, the statute applies only to insured depository institutions. Thus, the FDIC may not have the authority to enforce the rule against other entities. Nevertheless, the FDIC would not take exception to the inclusion of all entities covered by the financial report in the internal control attestation. 9. Safeguarding of Assets. Numerous commenters appeared to misunderstand the proposed revision of this guideline. It was not intended to require the use of the phrase ``safeguarding of assets'' in either the management report or accountant's attestation, and the final amendment so states. The proposed replacement of the two sentences of the original Guideline with specific references to types of safeguarding has been revised. The sentence from the original Guideline, ``The FDIC does not require the accountant to attest to the adequacy of safeguards, but does require the accountant to determine whether [[Page 6491]] safeguarding policies exist,'' which had been proposed for elimination, is being retained. 32. Duties. In this Guideline's discussion of the audit committee's duty to review the reports prepared by management and the independent public accountant under this rule, the words ``the reports'' have been changed to ``their respective reports.'' This clarifies that the audit committee should review management reports with management, and the reports of the independent public accountant with the accountant. C. Amendments to Schedule A to Appendix A Several commenters expressed concern about the action an accountant must take when a change occurs in the information that had previously been provided to the accountant in a written representation. A new statement has been added to Schedule A to clarify that unless otherwise stated, the date of any required representation should be the same as the date of the attestation report, and the representation should provide information available as of that date. A new sentence also has been added at the beginning of Schedule A explaining that where any representation is required, it should be obtained in writing. One commenter observed that the agreed-upon procedures required that calculations be compared to the total risk-based capital reported on the bank Reports of Condition and Income (Call Report). However, this amount, which was formerly reported in item 3 of Schedule RC-R, was deleted from the Call Report as of March 31, 1995, but the Federal Financial Institutions Examination Council has approved its restoration to the Call Report in March 1996. Therefore, no change is made to Schedule A. Nevertheless, for the period this item is not reported in the bank Call Report, no exception need be reported for the inability to perform this comparison procedure. 1. Section I. Procedures for Individual Institutions Many suggestions for clarifying the text were adopted in the final rule. a. Loans to Insiders. In response to concern about the burden associated with the amount of information that the accountant must read, the procedures in section I.A.1. of Schedule A of Appendix A have been revised to more specifically identify the sections and paragraphs of the laws and regulations that must be read. More specifically, the accountant is required to read only those laws and regulations that pertain to the institution based on its charter and primary federal banking agency. To lessen the burden of reading all board of directors and appropriate committee minutes and all SEC filings, the final procedures have been revised to require the accountant to read only those documents which management represents contain pertinent insider lending information. In addition, Tables 1 and 2, which identify the designated laws and regulations, have been included at the end of Schedule A to Appendix A to clarify the applicable reading for each type of insured institution. Several respondents expressed concerned about the burden of obtaining or maintaining all ``other records'' about insider loans in one location when they had numerous officers and worldwide operations. This reflected an apparent misunderstanding of the requirement in paragraph I.A.2.a.(4) of Schedule A to Appendix A. Federal Reserve Board Regulation O permits institutions to conduct an annual survey of all insiders or to maintain ``other records'' rather than the survey. The proposed wording, ``and/or,'' was drafted to try to accommodate this Regulation O provision. However, for clarity, only the word ``or'' is used in the final amendment so that it is understood that all insider loan records need not be accumulated in one location in order for these procedures to be performed. To make the procedures more consistent with the requirements of Regulation O and the operations of many institutions, footnote 2 has been revised to permit overdrafts of $1,000 or less without overdraft protection, and overdrafts of $5,000 or less with overdraft protection, to be omitted from the Insiders Extensions List. Many commenters sought clarification of the phrase ``most recently completed Call Report.'' They inquired whether the FDIC meant the most recently completed Call Report whether or not it had been filed, the most recently filed Call Report whether or not its editing had been completed by the appropriate federal banking agency for release to the public, or the most recently filed Call Report that was available for release to the public. Appendix A has been revised throughout to indicate that the most recently filed Call Report, whether or not it is available for release to the public, should be used. In this regard, a new footnote has been added to describe what should be done when the procedures call for information during the previous fiscal year and a Call Report for a date other than a calendar year-end Call Report is used. The footnote indicates that the accountant should use information pertaining to the period beginning from the date of the most recently filed Call Report back to the latest Call Report date for which these procedures were performed in the prior year. The proposal required management to represent that any persons ``excluded'' from being executive officers were named as such in a board resolution or the by-laws. Many commenters stated that boards typically ``include'' persons as executive officers either specifically by name or by specific office occupied. Paragraph I.A.2.a.(7)(b) of Schedule A has been revised to require management to confirm the ``inclusion'' of executive officers by board resolution or in the by- laws. Commenters also stated that requiring accountants to trace and agree every loan and extension of credit on the Insiders Extensions List in Paragraph I.A.2.b.(2) of Schedule A was burdensome in a large institution with many officers and directors. To lessen that burden, the final regulation has been changed so that only a ``sample'' of such loans needs to be traced and agreed. The proposal considered the following to be issues for which boards of directors would have adopted specific policies: revising the institution's policies to reflect subsequent changes in laws and regulations; educating employees about legal requirements and management's related policies and procedures; and reporting insider loans to regulatory agencies on the institution's Call Report or TFR. However, these issues are not typically addressed in board policies. For that reason, although they had been included in the existing regulation, they have been removed from Paragraph I.A.3.b. of Schedule A. Several commenters suggested that the FDIC set size limits for the samples to be tested under the various agreed-upon procedures in Schedule A. The FDIC remains opposed to this because it believes that setting sample sizes for testing should remain the responsibility of the auditing profession. The American Institute of Certified Public Accountants has previously suggested the following sample sizes for purposes of testing under Part 363. The FDIC has raised no objection. ------------------------------------------------------------------------ Population No. (N) Sample size ------------------------------------------------------------------------ 100 or greater............................ 60 50 to 100................................. 25 0 to 50................................... N or 20, whichever is smaller ------------------------------------------------------------------------ [[Page 6492]] There were many comments on Paragraphs I.A.5.b.(2) and (3) of Schedule A, which address the calculation of an institution's individual lending limit and the number of transactions involving each insider in the sample that must be tested. The Offices of the Comptroller of the Currency (OCC) and Thrift Supervision (OTS) now permit institutions to calculate the individual lending limit as of the Call Report or TFR date immediately preceding the loan origination date, rather than requiring them to calculate the limit on the exact date the loan was granted. Commenters urged the FDIC to incorporate this method in the procedures. They also suggested that the burden of these procedures could be reduced by testing one transaction per insider, not all types of transactions, and that eliminating or substantially lengthening the time frame for comparing the terms of transactions to see whether they are preferential. Many of these changes have been made. However, the time frame for the comparison of loans has not been eliminated. Instead, this time frame was extended from the existing two weeks and proposed four weeks before or after the granting of the loan to 90 days prior or subsequent to the grant date. This provides a window of approximately six months in which to find similar loans. The FDIC concluded that a longer period would not be appropriate because significant changes in market interest rates may occur during such a period. As an alternative, each insider loan in the sample may be compared with the institution's approved policies delineating the interest rate and other terms and conditions in effect for similar extensions of credit to unaffiliated borrowers. Commenters also requested that, for purposes of paragraph I.A.5.b.(3), examples of ``similar extensions of credit'' and ``terms of the transactions'' be included. Paragraph I.A.5.b.(3) has been revised to include such examples. The final wording of paragraph I.A.6.b.(4) has been narrowed so that it applies only if the credit extended is a real estate loan granted for the purchase, construction, maintenance, or improvement of the executive officer's residence. The proposed wording would have included home equity loans for general consumer purchases, but this type of loan is not covered by the provision of the Designated Laws being tested under paragraph I.A.6.b.(4). Several commenters mentioned that performing the procedures based on their most recently filed Call Report or TFR permitted them to perform the procedures prior to year end, but requiring the use of the reports on indebtedness to correspondent banks, which is not due until January 31 of the following year, kept them from completing the procedures in a timely manner. To remedy this problem, paragraph I.A.9.a.(1) of the final rule permits institutions that use a calendar year fiscal year to use the reports on indebtedness to correspondent banks prepared for the prior year in order to perform the procedures. Any duplication during the first year that this procedure may cause need not be performed, and in future years the institution should continue to use the preceding year's report. However, should an institution that has previously made this choice decide to revert to using the reports of indebtedness to correspondent banks filed in the following year, it will be expected to perform the procedures for the two years' reports so that continuity in the coverage of the procedures is maintained. b. Dividend Restrictions. A sentence has been added to explain that since laws and regulations pertaining to dividend restrictions cover institutions and not holding companies, the procedures in Part B should be followed for each institution and subsidiary institution of a holding company covered by this part. However, if the holding company has more than five subsidiary institutions covered by this part, the procedures may be performed on a sample of dividend declarations. The number ``five'' was chosen based on sample sizes suggested by the American Institute of Certified Public Accountants. The AICPA stated that when there are fewer than 50 transactions in the population to be sampled, the smaller of the total number of transactions, or 20 items, were to be tested. In this regard, if each of five covered institutions declared dividends quarterly, there would be 20 transactions to test. Commenters suggested that the FDIC should permit the most recent quarter end (or month end, if available) to be used for determining whether the declaration of a dividend would cause the institution to be undercapitalized rather than requiring the institution to perform this calculation as of the exact date the dividend is declared. This suggested method would be consistent with recent rulings by the OCC and OTS that quarter-end Call Reports may be used for calculating legal lending limits. The final rule permits use of quarter-end date. 2. Section II. Procedures for the Independent Public Accountant The proposal would have required that if an internal auditor performed part of the procedures in Section I, a summary of ``significant'' findings and management's response should be filed with the FDIC and appropriate federal banking agency as part of the institution's annual submission. However, it is now noted that if any findings are ``significant,'' they should be disclosed in management's report and attestation. For that reason, the word ``significant'' has been deleted from Section II, but the requirement for a summary is retained so that the agencies receive information about the internal auditor's findings. As proposed, the amount of testing the independent public accountant would be required to perform under paragraph II.B.3.a. was raised from 20 to 30 percent of the size of the sample tested by the internal auditors. This change was suggested because the proposal reduced the amount of testing that internal auditors would be required to perform on a holding company. Several commenters stated the increase was burdensome and unnecessary. The FDIC continues to believe that independent public accountants will be performing far fewer tests than under the current procedure and that some increase in the percentage is warranted. For that reason and to limit burden, the percentage has been reduced to 25 percent in the final rule. The changes and reformatting in the procedures from the current rule to the final rule are outlined in the Table A below: [[Page 6493]] |
Table A.--Reformatting Changes to Schedule A to Appendix A ---------------------------------------------------------------------------------------------------------------- Subject Old section I New section I ---------------------------------------------------------------------------------------------------------------- Insider loans: Designated Laws and Regulations........... A.1............................ A.1. General Information....................... A.2.a.......................... A.2.a. Calculations.............................. A.2.b.......................... A.4. Policies and Procedures................... A.2.c.......................... A.3. Insider Transactions...................... A.2.d.......................... A.5. Loans to Correspondent Banks.............. A.2.d.(1)...................... A.9. Aggregate Indebtedness.................... A.2.d.(2)(a) A.2.d.(7)......... A.2.b.(2) A.7. Executive Officers........................ A.2.d.(2)(b) & (c) A.2.e.(ii).. Deleted A.6. Insider Extensions of Credit.............. A.2.d.(2)(d) & (e) A.2.d.(5) & A.5. (6). Overdrafts................................ A.2.d.(3)...................... A.8. Reports on Indebtedness to Correspondent A.2.e.......................... A.9. Banks. Dividend Restrictions: Designated Laws and Regulations........... B.1............................ B.1. General Information....................... B.2............................ B.2. Policies and Procedures................... B.2.b.......................... B.3. Board Minutes............................. B.2.c.......................... B.4. Calculation of Undercapitalization........ B.2.d.......................... B.5. Dividends Declared by Banks............... B.2.e.......................... B.6. Dividends Declared by Savings Associations B.2.f.......................... B.7 ----------------------------------------------------------------------------------------------------------------
Subject Old section II New section II ----------------------------------------------------------------------------------------------------------------
Procedures for the independent public accountant: Designated Laws and Regulations........... A. & B.1....................... A. & B.1. Internal Auditor's Workpapers............. B.2............................ B.2 Testing................................... C.............................. B.3. Reports Concerning Holding Companies...... D.............................. B.4. ---------------------------------------------------------------------------------------------------------------- |
D. Timing and Effective Date Since the majority of covered institutions have fiscal years that coincide with the calendar year, many are in the process of preparing annual reports and having the agreed-upon procedures performed. In order to make this process less burdensome for institutions and their accountants, the FDIC will raise no objection if an institution chooses to have its independent public accountant perform the agreed-upon procedures in Schedule A to Appendix A of the existing rule, the February 1995 proposal, or this final amendment to Schedule A to Appendix A for fiscal years ending on or before March 31, 1996. However, when an institution and its independent public accountant choose a version of the agreed-upon procedures for the fiscal year, the accountant must use a single version of the procedures for both of the Designated Laws. For any institution with a fiscal year that ends after March 31, 1996, the accountant should use the procedures of this amendment. List of Subjects in 12 CFR Part 363 Accounting, Attestation, Audit committee, Banks, banking, Internal controls, Management letter, Peer review, Reporting and recordkeeping requirements. For the reasons set forth in the preamble, the Board of Directors of the FDIC hereby amends Part 363 of title 12, chapter III, of the Code of Federal Regulations as follows: PART 363--ANNUAL INDEPENDENT AUDITS AND REPORTING REQUIREMENTS 1. The authority citation for Part 363 continues to read as follows: Authority: 12 U.S.C. 1831m. 2. Section 363.1 is amended by revising paragraph (b) to read as follows: Sec. 363.1 Scope. * * * * * (b) Compliance by subsidiaries of holding companies. (1) The audited financial statements requirement of Sec. 363.2(a) may be satisfied for an insured depository institution that is a subsidiary of a holding company by audited financial statements of the consolidated holding company. (2) The other requirements of this part for an insured depository institution that is a subsidiary of a holding company may be satisfied by the holding company if: (i) The services and functions comparable to those required of the insured depository institution by this part are provided at the holding company level; and (ii) The insured depository institution has as of the beginning of its fiscal year: (A) Total assets of less than $5 billion; or (B) Total assets of $5 billion or more and a composite CAMEL rating of 1 or 2. (3) The appropriate federal banking agency may revoke the exception in paragraph (b)(2) of this section for any institution with total assets in excess of $9 billion for any period of time during which the appropriate federal banking agency determines that the institution's exemption would create a significant risk to the affected deposit insurance fund. 3. Section 363.4 is amended by revising paragraph (b) to read as follows: Sec. 363.4 Filing and notice requirements. * * * * * (b) Public availability. The annual report in paragraph (a)(1) of this section shall be available for public inspection. * * * * * 4. Section 363.5 is amended by revising paragraph (b) to read as follows: Sec. 363.5 Audit committees. * * * * * (b) Committees of large institutions. The audit committee of any insured [[Page 6494]] depository institution that has total assets of more than $3 billion, measured as of the beginning of each fiscal year, shall include members with banking or related financial management expertise, have access to its own outside counsel, and not include any large customers of the institution. If a large institution is a subsidiary of a holding company and relies on the audit committee of the holding company to comply with this rule, the holding company audit committee shall not include any members who are large customers of the subsidiary institution. 5. Appendix A to Part 363 is amended by revising paragraphs 4(c), 9, 24, 31, the introductory text of paragraph 32, footnote 2 in paragraph 10, and footnote 3 in paragraph 15(b) to read as follows: Appendix A to Part 363--Guidelines and Interpretations * * * * * 4. Comparable Services and Functions. * * * * * * * * (c) Prepares and submits the management assessments of the effectiveness of the internal control structure and procedures for financial reporting (internal controls), and compliance with the Designated Laws defined in guideline 12 based on information concerning the relevant activities and operations of those subsidiary institutions within the scope of the rule. * * * * * 9. Safeguarding of Assets. ``Safeguarding of assets'', as the term relates to internal control policies and procedures regarding financial reporting, and which has precedent in accounting literature, should be encompassed in the management report and the independent public accountant's attestation discussed in guideline 18. Testing the existence of and compliance with internal controls on the management of assets, including loan underwriting and documentation, represents a reasonable implementation of section 36. The FDIC expects such internal controls to be encompassed by the assertion in the management report, but the term ``safeguarding of assets'' need not be specifically stated. The FDIC does not require the accountant to attest to the adequacy of safeguards, but does require the accountant to determine whether safeguarding policies exist.\1\ \1\ It is management's responsibility to establish policies concerning underwriting and asset management and to make credit decisions. The auditor's role is to test compliance with management's policies relating to financial reporting. --------------------------------------------------------------------------- 10. * * * \2\ \2\ In considering what information is needed on safeguarding of assets and standards for internal controls, management may review guidelines provided by its primary federal regulator; the Federal Financial Institutions Examination Council's ``Supervisory Policy Statement on Securities Activities''; the FDIC's ``Statement of Policy Providing Guidance on External Auditing Procedures for State Nonmember Banks'' (Jan. 16, 1990), ``Statement of Policy Regarding Independent External Auditing Programs of State Nonmember Banks'' (Nov. 16, 1988), and Division of Supervision Manual of Examination Policies; the Federal Reserve Board's Commercial Bank Examination Manual and other relevant regulations; the Office of Thrift Supervision's Thrift Activities Handbook; the Comptroller of the Currency's Handbook for National Bank Examiners; standards published by professional accounting organizations, such as the American Institute of Certified Public Accountants' (AICPA) Statement on Auditing Standards No. 55, ``Consideration of the Internal Control Structure in a Financial Statement Audit''; the Committee of Sponsoring Organizations (COSO) of the Treadway Commission's Internal Control--Integrated Framework, including its addendum on safeguarding of assets; and other internal control standards published by the AICPA, other accounting or auditing professional associations, and financial institution trade associations. --------------------------------------------------------------------------- * * * * * 15. * * * (b) * * * \3\ \3\ These would include Standards for Performing and Reporting on Peer Reviews, codified in the SEC Practice Section Reference Manual, and Standards for Performing and Reporting on Peer Reviews, contained in Volume 2 of the AICPA's Professional Standards. --------------------------------------------------------------------------- * * * * * 24. Relief from Filing Deadlines. Although the reasonable deadlines for filings and other notices established by this part are specified, some institutions may occasionally be confronted with extraordinary circumstances beyond their reasonable control that may justify extensions of a deadline. In that event, upon written application from an insured depository institution, setting forth the reasons for a requested extension, the FDIC or appropriate federal banking agency may, for good cause, extend a deadline in this part for a period not to exceed 30 days. * * * * * 31. Holding Company Audit Committees. When an insured depository institution subsidiary fails to meet the requirements for the holding company exception in Sec. 363.1(b)(2) or maintains its own separate audit committee to satisfy the requirements of this part, members of the independent audit committee of the holding company may serve as the audit committee of the subsidiary institution if they are otherwise independent of management of the subsidiary, and, if applicable, meet any other requirements for a large subsidiary institution covered by this part. However, this does not permit officers or employees of a holding company to serve on the audit committee of its subsidiary institutions. When the subsidiary institution satisfies the requirements for the holding company exception in Sec. 363.1(b)(2), members of the audit committee of the holding company should meet all the membership requirements applicable to the largest subsidiary depository institution and may perform all the duties of the audit committee of a subsidiary institution, even though such holding company directors are not directors of the institution. 32. Duties. The audit committee should perform all duties determined by the institution's board of directors. The duties should be appropriate to the size of the institution and the complexity of its operations, and include reviewing with management and the independent public accountant the basis for their respective reports issued under Secs. 363.2(a) and (b) and 363.3(a) and (b). Appropriate additional duties could include: * * * * * 6. Schedule A to Appendix A to Part 363 is revised to read as follows: Schedule A to Appendix A--Agreed Upon Procedures for Determining Compliance With Designated Laws 1. The Agreed Upon Procedures set forth in this schedule are referred to in guideline 19. They should be followed by the institution's independent public accountant (or, with respect to the procedures set forth in section I of this schedule, by the institution's internal auditor if the accountant is to perform the procedures set forth in section II) in order to permit the accountant to report on the extent of compliance with the Designated Laws (defined in guideline 12) as required by sections 36(e)(1) and (2). Unless otherwise stated, the date of any required representation should be the same as the date of the attestation report and the representation should provide information to the extent available as of that date. 2. For purposes of this Schedule A, ``insiders'' means directors, executive officers, and principal shareholders, and includes their related interests. All terms not defined in this schedule have the meanings given them in this part, the Guidelines, and professional accounting and auditing literature. 3. Additional guidance concerning the role of the institution, its internal auditor, and its independent public accountant in assessing the institution's compliance with the Designated Laws is set forth in the Guidelines. Section I--Procedures for Individual Institutions The following procedures should be performed by the institution's independent public accountant in accordance with generally accepted standards for attestation engagements, or by the institution's internal auditor if the procedures set forth in section II of [[Page 6495]] this schedule are to be performed by the independent public accountant. (See section II.B.3. for information concerning testing by the independent public accountant when the institution's internal auditor is performing the procedures in Section I.) A. Loans to Insiders. To the extent permitted by Sec. 363.1(b)(2), these procedures may be performed on a holding company basis rather than at each covered subsidiary insured depository institution. 1. Designated Laws. The following federal laws and regulations (Designated Insider Laws), to the extent that they are applicable to the institution,1 should be read: \1\ The laws and regulations applicable to each type of institution are listed in Table 1 of this Schedule A to Appendix A. --------------------------------------------------------------------------- a. Laws: 12 U.S.C. 375a, 375b, 1468(b), 1828(j)(2), and 1828(j)(3)(B); and b. Regulations: 12 CFR 23.5, 31, 215, 337.3, 349.3, and 563.43. 2. General. a. Information. Obtain from management of the institution the following information for the institution's fiscal year: 2 \2\ If the institution chooses to have these procedures performed using its most recently filed Call Report rather than its year end Call Report, all references to ``fiscal year'' in these procedures shall mean the period beginning with the latest Call Report date for which these procedures were performed in the prior year and ending with the date of the most recently filed Call Report. If these procedures were not previously performed, the 12 month period immediately preceding the date of the most recently filed Call Report (or such shorter period during which the institution was covered by this Part 363) should be used. --------------------------------------------------------------------------- (1) Management's assessment of compliance with the Designated Insider Laws; (2) All minutes (including minutes drafted, but not approved) of the meetings of the board and of those committees of the board which management represents have been delegated authority pertaining to insider lending; (3) The relevant portions of reports of examination, supervisory agreements, and enforcement actions issued by the institution's primary federal and state regulators, if applicable, which management represents contain information pertaining to insider lending; (4) The annual survey which identifies all insiders of the institution (pursuant to 12 CFR 215.8(b)) or other records maintained on insiders of the institution's affiliates (pursuant to 12 CFR 215.8(c)); (5) The relevant portions of the following Securities Exchange Act of 1934 filings, which management represents contain information pertaining to insider lending: (a) Forms 10-K, 10-Q, and 8-K and proxy statements (or information statements) filed with the SEC, Federal Reserve Board, OCC, or OTS, or (b) Forms F-2, F-3, and F-4 and proxy statements (or information statements), filed with the FDIC; (6) A list of loans, including overdrafts of executive officers and directors,3 and other extensions of credit to insiders (including their related interests) outstanding at any time during the fiscal year (and which identifies those extensions granted during the year). This list should also include the amount outstanding of each extension of credit as of the date of the most recently filed Call Report or TFR (Insider Extensions List); and \3\ Management may exclude from this list overdrafts of an executive officer or director in an aggregate amount of $1,000 or less without overdraft protection and those of $5,000 or less with overdraft protection as specified in 12 CFR 215.3(b)(6) if management provides the independent accountant with a representation that policies and procedures are in effect to report as extensions of credit all overdrafts that do not meet the criteria listed in paragraphs A.8.a.(2)(a) through (c) of this section. --------------------------------------------------------------------------- (7) Management's representation concerning: (a) The completeness of the Insider Extensions List; 4 and \4\ See footnote 3 of this schedule. --------------------------------------------------------------------------- (b) The inclusion of all required insiders on the annual survey obtained in paragraph A.2.a.(4) of this section including persons who have been designated as executive officers by resolution of the board or a committee of the board or in the by-laws of the institution. b. Procedures: (1) Read the foregoing information. (2) Trace and agree a sample of insider loans and other extensions of credit disclosed in the documents listed in paragraphs A.2.a.(2) through (5) of this section to see that they are included on the Insider Extensions List. 3. Policies and Procedures. a. Information. Obtain the institution's written policies and procedures concerning its compliance with the Designated Insider Laws, including any written ``Code of Ethics'' or ``Conflict of Interest'' policy statements. If the institution has no written policies and procedures, obtain a narrative from management that describes the methods for complying with such laws and regulations, and includes provisions similar to those listed in paragraph A.3.b. of this section. b. Procedures. Ascertain that the policies and procedures include, or incorporate by reference, provisions consistent with the Designated Insider Laws for: (1) Defining terms; (2) Restricting loans to insiders; (3) Maintaining records of insider loans; (4) Requiring reports and/or disclosures by the institution and by executive officers, directors, and principal shareholders (and their related interests); (5) Disseminating policy information to employees and insiders; and (6) Prior approval of the board of directors. 4. Calculations of Lending Limits. a. Information. Obtain management's calculation of the following items as of the date of the institution's most recently filed Call Report or TFR and as of a Call Report or TFR date six or nine months earlier: (1) The institution's unimpaired capital and surplus (the aggregate lending limit for all insiders); and (2) The institution's individual lending limit (12 CFR 215.2(i)). b. Procedures. Recalculate the amounts in paragraph A.4.a. of this section for mathematical accuracy, and trace the amounts used in management's calculations to the Call Reports or TFRs for the two dates used in paragraph A.4.a. of this section. 5. Insider Extensions of Credit Granted. a. Information. Obtain management's representation regarding whether the terms and creditworthiness of insider extensions of credit granted during the fiscal year are comparable to those that would have been available to unaffiliated third parties. b. Procedures. Select a sample of insiders who were granted or had outstanding extensions of credit during the fiscal year from the Insider Extensions List. For each extension of credit granted during the fiscal year to each insider in the sample selected: (1) If the amount of a credit granted during the year (when aggregated with all other extensions of credit to that person and to all related interests of that person) exceeds $500,000, determine whether the minutes of the meetings of the board of directors indicate that: (a) The credit was approved in advance by the board, and (b) The insider, if a director, abstained from participating directly or indirectly in voting on the transaction; (2) Obtain management's calculation of the institution's individual lending limit for insiders pursuant to 12 CFR 215.2(i) as of the date of the Call Report or TFR filed immediately prior to the date when the extension of credit was granted, and if not already done under [[Page 6496]] paragraph A.4.b. of this section, recalculate the lending limits for mathematical accuracy, and trace the amounts used in management's calculations to the Call Report or TFR for that date. Ascertain whether the amount of the extension of credit being granted to the insider, when combined with all other extensions of credit to that insider, exceeds such limit; and (3) For one transaction involving each insider in the sample selected in paragraph A.5.b. of this section, perform the procedures in either paragraph (a) or (b) as follows: (a) Select three (or such smaller number that exists) similar extensions of credit (e.g., commercial real estate loans, floor plan loans, residential mortgage loans, consumer loans) granted to unaffiliated borrowers (i.e., persons who are not insiders or employees of the institution or its affiliates) within 90 days before or after the granting of the insider extension of credit. Compare the terms of the transactions with unaffiliated borrowers (i.e., rate or range of interest rates, maturity, payment terms, collateral, and any unusual provisions or conditions) to those with the insiders, and note in the findings any differences in the terms favorable to the insiders compared to the terms of the transactions with unaffiliated borrowers. (b) Alternatively, compare the terms of each insider transaction in the sample to approved policies delineating the interest rate and other terms and conditions then in effect for similar extensions of credit to unaffiliated borrowers. Note in the findings any differences in the terms favorable to the insiders compared to the terms of the approved policies for an extension of credit to persons not affiliated with the institution or its affiliates. 6. Limitation on Extensions of Credit to Executive Officers. a. Information. From the sample selected in paragraph A.5.b. of this section, select the executive officers who were granted extensions of credit during the fiscal year. b. Procedures. (1) For each executive officer selected, obtain management's calculation as of the two dates used in paragraph A.4.a. of this section of: (a) The aggregate amount of extensions of credit to the executive officer, and (b) 2.5 percent of the institution's unimpaired capital and surplus. (2) Recalculate management's computations from paragraph A.6.b.(1) of this section for mathematical accuracy. Trace amounts used in management's computations from paragraph A.6.b.(1) to the Call Reports or TFRs for the two dates used in paragraph A.4.a. of this section. (3) Ascertain whether the aggregate amount of the extensions of credit to the executive officer does not exceed the greater of $25,000 or 2.5 percent of the institution's unimpaired capital and surplus, but in no event more than $100,000. The aggregate amount should exclude the types of extensions of credit set forth in 12 CFR 215.5(c)(1) through (3). (4)(a) Obtain documentation for any credits for which management represents that: (i) The purpose is for the purchase, construction, maintenance, or improvement of the executive officer's residence; (ii) The credit is secured by a first lien on the residence; and (iii) The executive officer owns or expects to own the residence after the extension of credit. (b) Note whether the documentation contains similar representations. (5) For each executive officer selected, ascertain that each extension of credit granted during the fiscal year was: (a) Preceded by submission of financial statements; (b) Approved by, or, when appropriate, promptly reported to, the board of directors no later than the next board meeting; and (c) Made subject to the written condition that the extension of credit will become, at the option of the institution, due and payable at any time that the executive officer is indebted to other insured institutions in an aggregate amount greater than the executive officer would be able to borrow from the institution. 7. Aggregate Insider Extensions of Credit Outstanding. a. Information. Obtain management's calculation of the aggregate extensions of credit to executive officers, directors, and principal shareholders of the institution and to their related interests, excluding the types of extensions of credit set forth in 12 CFR 215.4(d)(3), as of the two dates selected in paragraph A.4.a. of this section. b. Procedures. (1) Recalculate the amounts obtained in paragraph A.7.a. of this section for mathematical accuracy and ascertain that this total, excluding the types of extensions of credit set forth in 12 CFR 215.4(d)(3), is less than or equal to 100 percent of the institution's unimpaired capital and surplus calculated in paragraph A.4.a.(1) of this section. (2) Using the sample of insiders selected in paragraph A.5.b. of this section, trace and agree amounts outstanding from insiders in the sample to the supporting documents, as applicable, for the line item aggregating indebtedness of all insiders on the institution's most recently filed Call Report or TFR. 8. Overdrafts. a. Information. Select a sample of executive officers and directors who had overdrafts outstanding during the fiscal year as shown on the Insider Extensions List. (1) For all overdrafts in the sample except those which are covered by an overdraft protection line of credit with the same terms as available to unaffiliated borrowers and meet the terms of that overdraft protection line, obtain management's representation of the history of the insider's overdrafts for the year and the completeness of that history. (2) If the institution's management has not provided a representation as specified by footnote 3 to paragraph A.2.a.(6) of this section, for each overdraft in the sample in an aggregate amount of $1,000 or less for an executive officer or director who did not have the overdraft covered by an overdraft protection line of credit, obtain management's representation that: (a) It believes the overdraft was inadvertent; (b) The account was overdrawn in each case for no more than 5 business days; and (c) The institution charged the executive officer or director the same fee that it would charge any other customer in similar circumstances. b. Procedures. For each overdraft in the sample selected and used in paragraph A.8.a.(1) of this section for which management did not provide the representation in paragraph A.8.a.(2) of this section: (1) Inquire whether cash items for the insider were being held by the institution during the time that the overdraft was outstanding to prevent additional overdrafts; (2) Trace and agree subsequent payment by the insider of the insider's overdrafts to records of the account at the institution; and (3) For overdrafts of executive officers and directors that were paid by the institution for the executive officer or director from an account at the institution: (a) Trace and agree to a written, pre-authorized, interest-bearing extension of credit plan that specifies a method of repayment; or (b) Trace and agree to a written, pre-authorized transfer of funds from [[Page 6497]] another account of the insider at the institution. 9. Reports on Indebtedness to Correspondent Banks. a. Information. Obtain from management: (1) A list of executive officers and principal shareholders and related interests thereof that filed reports of indebtedness to a correspondent bank. This list should be prepared by management from reports of indebtedness submitted for the calendar year for which the management assessment and independent public accountant's attestation are being filed or, if the institution is on a calendar year fiscal year, at management's option, for the immediately preceding year. If the institution is not on a calendar year fiscal year, the list should be prepared for the calendar year that ended during its fiscal year; and (2) Its representation concerning the completeness of the list prepared for paragraph A.9.a.(1) of this section. b. Procedures. Select a sample of executive officers, principal shareholders, and related interests thereof from the list obtained in paragraph A.9.a.(1) of this section. For each executive officer and principal shareholder (or related interest thereof) included in the sample, ascertain that the report(s) of indebtedness was (were) filed with the board of directors (on or before the January 31 following the calendar year in paragraph A.9.a.(1) of this section) and that such report(s) state(s): (1) The maximum amount of indebtedness during that calendar year; (2) The amount of indebtedness outstanding 10 days prior to report filing; and (3) A description of the loan terms and conditions, including the rate or range of interest rates, original amount and date, maturity date, payment terms, collateral, and any unusual terms or conditions. B. Dividend Restrictions. If the institution has declared any dividends during the fiscal year, the following procedures should be performed for each dividend declared. (These procedures are not applicable to mutual institutions and insured branches of foreign banks.) For an institution that is a subsidiary of a holding company, the procedures that follow should be applied to each subsidiary institution subject to this part (covered subsidiary) because the laws and regulations restricting dividends apply to individual institutions and not holding companies. However, if the annual report under Part 363 is being prepared on a holding company basis and the holding company has more than five covered subsidiaries, the following procedures may be applied to a sample of dividend declarations to the extent permitted by Sec. 363.1(b) and Section II.B.3. of this schedule. 1. Designated Laws. The following federal laws and regulations (Designated Dividend Laws), to the extent that they are applicable to the institution (see paragraph B.2 of this section),\5\ should be read: \5\ The laws and regulations applicable to each type of institution are listed in Table 2 of this Schedule A to Appendix A. --------------------------------------------------------------------------- a. Laws: 12 U.S.C. 56, 60, 1467a(f), 1831o; and b. Regulations: 12 CFR 5.61, 5.62, 6.6, 7.6120, 208.19, 208.35, 325.105, 563.134, and 565. 2. General. The information requirements and procedures in paragraphs B.2. through B.5. of this section are applicable to all institutions. Paragraphs B.6. and B.7. of this section were designed to be applicable to member banks (i.e., national banks and state member banks) and federally-chartered savings associations, respectively. However, the requirements in paragraphs B.6. and B.7. of this section should be applied to a state nonmember bank or state savings association if management represents that the state has dividend restrictions substantially identical to those for a national bank or a federally-chartered savings association. a. Information. Obtain from management of the institution the following information for the institution's most recent fiscal year: (1) Its assessment of the institution's compliance with the Designated Dividend Laws and any applicable state laws and regulations cited in its assessment; (2) A copy of any supervisory agreements with, orders by, or resolutions of any regulatory agency (including a description of the nature of any such agreements, orders, or resolutions) containing restrictions on dividend payments by the institution; and (3) Its representation whether dividends declared comply with any restrictions on dividend payments under any supervisory agreements with, orders by, or resolutions of any regulatory agency (including a description of the nature of any such agreements, orders, or resolutions). b. Procedures. (1) Read the foregoing information. (2) If any restrictions on dividend payments exist in any documents obtained in paragraph B.2.a.(2) of this section, test and agree dividends declared with any such quantitative restrictions. 3. Policies and Procedures. a. Information. Obtain the institution's written policies and procedures concerning its compliance with the Designated Dividend Laws. If the institution has no written policies and procedures, obtain from the institution a narrative that describes the institution's methods for complying with the Designated Dividend Laws, and includes provisions similar to those in paragraph B.3.b of this section. b. Procedures. Ascertain whether the policies and procedures include, or incorporate by reference, provisions which are consistent with the Designated Dividend Laws. These would include capital limitation tests, including section 38 of the Federal Deposit Insurance Act (12 U.S.C. 1831o), earnings limitation tests, transfers from surplus to undivided profits, and restrictions imposed under any supervisory agreements, resolutions, or orders of any federal or state depository institution regulatory agency. In addition, for savings associations, this would include prior notification to the OTS. 4. Board Minutes. a. Information. Obtain the minutes of the meetings of the board of directors for the most recent fiscal year to ascertain whether dividends (either paid or unpaid) have been declared. b. Procedures. Trace and agree total dividend amounts to the general ledger records and the institution's most recently filed Call Report or TFR. 5. Calculation of Undercapitalization. a. Information. Obtain management's computation of the amount at which declaration of a dividend would cause the institution to be undercapitalized as of the quarter end (or more recent month end, if available from management) immediately prior to the date on which each dividend was declared during the fiscal year. b. Procedures. Recalculate management's computation (for mathematical accuracy) and compare management's calculations to the amount of any dividend declared to determine whether it exceeded the amount. 6. Dividends Declared by Banks. a. Information. If the institution is a national bank or state member bank, obtain management's computations concerning the bank's compliance with 12 U.S.C. 56, ``Capital Limitation Test'', 12 U.S.C. 60, ``The Earnings Limitation Test'', and transfers from surplus to undivided profits after declaration of the dividends referenced in paragraph [[Page 6498]] B.4.a. of this section. If the institution is a state nonmember bank and management represents that the bank is subject to state laws that are similar to 12 U.S.C. 56 and 12 U.S.C. 60, obtain management's corresponding computations. b. Procedures. Recalculate management's computations (for mathematical accuracy) and compare management's calculations to the standards defined in the tests set forth in paragraph B.6.a. of this section to ascertain whether the dividends declared fall within the permissible levels under these standards. If dividends are not permissible in the amounts declared under such standards, the independent public accountant should ascertain that the dividends were declared with the approval of the appropriate federal banking agency or under any other exception to the standards. 7. Dividends Declared by Savings Associations. a. Information. Obtain management's documentation of the OTS determination whether the institution is a Tier 1, Tier 2, or Tier 3 savings association and management's computations of its capital ratio after declarations of dividends under the Tier determined by the OTS. For dividends declared, obtain copies of the savings association's notifications to the OTS to ascertain whether notifications were made at least 30 days before payment of any dividends. b. Procedures. Recalculate management's computations (for mathematical accuracy) and trace amounts used by management in its calculations to the institution's TFRs. Section II--Procedures for the Independent Public Accountant If the internal auditor has performed the procedures set forth in section I for either or both Designated Laws, the following procedures may be performed by the independent public accountant if neither the FDIC nor the appropriate federal banking agency has objected in writing. The report of procedures performed and list of exceptions found by the internal auditor, identifying the institution with respect to which any exception was found, should be submitted to the audit committee of the board of directors. Management should file a summary of the internal auditor's findings and management's response to those findings with the FDIC and the appropriate federal banking agency at the same time as the independent public accountant's attestation report is filed.6 \6\ Since this summary provides information similar to that provided in the independent public accountant's report, the FDIC has determined that the summary is exempt from public disclosure consistent with the guidance in Guideline 18 in Appendix A to this Part 363. --------------------------------------------------------------------------- A. Review of Section I Procedures. Read the portion(s) of Section I of this schedule that set forth the procedures performed by the internal auditors. B. Information and Procedures. Perform the following procedures: 1. Designated Laws. Read the Designated Laws referred to in Section I of this schedule for the agreed-upon procedures performed by the internal auditor. Obtain management's assessment contained in its management report on the institution's or holding company's compliance with the Designated Laws. 2. Internal Auditor's Workpapers. a. Information. If an internal auditor performed the procedures in Section I, obtain the internal auditor's workpapers documenting the performance of those procedures on the institution and the chief internal auditor's representation that: (1) The internal auditor or audit staff, if applicable, performed the procedures listed in section I on the institution; (2) The internal auditor tested a sufficient number of transactions governed by the Designated Laws so that the testing was representative of the institution's volume of transactions; (3) The workpapers accurately reflect the work performed by the internal auditor and, if applicable, the internal audit staff; (4) The workpapers obtained are complete; and (5) The internal auditor's report, which describes the procedures performed for the fiscal year as well as the internal auditor's findings and exceptions noted, has been presented to the institution's audit committee. b. Procedures. (1) Compare the workpapers to the procedures that are required to be performed under section I. Report as an exception any procedures not documented and any procedures for which the sample size is not sufficient. (2) Compare the exceptions and errors listed by the internal auditor in its report to the audit committee to those found in the workpapers, and report as an exception any exception or error found in the internal auditor's workpapers and not listed in the internal auditor's list of exceptions. 3. Testing. a. The independent public accountant should perform the procedures listed in Section I on representative samples of the insiders and/or transactions of the institution to which the Designated Law applies. If the institution's internal auditor performs the procedures in Section I, the samples tested by the independent public accountant should be at least 25 percent of the size of the samples tested by the internal auditor although samples selected by the accountant should be from the population at large. However, if there are so few transactions in any area that the internal auditor cannot use sampling, but must test all transactions, the independent public accountant should also test all transactions. b. If testing under this Schedule A to Appendix A is being performed on a holding company with more than one subsidiary institution that is subject to this Part 363, the samples tested should include a combination of insiders and transactions from each covered subsidiary with total assets (after deductions of intercompany amounts that would be eliminated in consolidation) in excess of 25 percent of the holding company's total assets every fiscal year. Samples should be tested for each smaller covered subsidiary at least every other fiscal year unless the holding company has more than eight covered subsidiaries, in which case the samples to be tested for each Designated Law should be drawn from each smaller covered subsidiary at least every third fiscal year. 4. Reports Concerning Holding Companies. Only one report of any exceptions noted from application of the procedures in section II performed by the independent public accountant should be filed as required by guideline 3 in Appendix A to this Part 363, but the report should identify, for each exception or error noted, the identity of the covered subsidiary to which it relates. Tables to Schedule A to Appendix A [[Page 6499]] Tables to Schedule A to Appendix A -------------------------------------------------------------------------------------------------------------------------------------------------------- For engagements involving management assertions about compliance by: Loans to insiders ---------------------------------------------------------------------------------------------- National banks State member banks State nonmember banks Savings associations -------------------------------------------------------------------------------------------------------------------------------------------------------- Read the following parts and/or sections of Title 12 of the United States Code: 375a..................... Loans to Executive X X X--Subsections Officers of Banks. (g) and (h) only 375b..................... Prohibitions Respecting X X Loans and Extensions of Credit to Executive Officers and Directors of Banks, Political Campaign, Committees, etc. 1468(b).................. Extensions of Credit to ...................... ...................... ...................... X Executive Officers, Directors, and Principal Shareholders. 1828(j)(2)............... Provisions Relating to ...................... ...................... X Loans, Extensions of Credit, and Other Dealings Between Member Banks and Their Affiliates, Executive Officers, Directors, etc. 1828(j)(3)(B)............ Extensions of Credit X Applies only ...................... X Applies only Applicability of to insured federal to insured state Provisions Relating to branches of foreign branches of foreign Loans, Extensions of banks. banks . Credit, and Other Dealings Between Insured Branches of Foreign Banks and Their Insiders. Read the following parts and/or sections of Title 12 of the Code of Federal Regulations: 23.5..................... Application of Legal X Lending Limits; Restrictions on Transactions With Affiliates. 31....................... Extensions of Credit to X National Bank Insiders. 215...................... Subpart A--Loans by Member X X (See 12 CFR Parts (See 12 CFR Parts Banks to Their Executive 337.3 and 349.3). 63.43) Officers, Directors, and Principal Shareholders. Subpart B--Reports of X X Indebtedness of Executive Officers and Principal Shareholders of Insured Nonmember Banks. 337.3.................... Limits on Extensions of ...................... ...................... X Credit to Executive Officers, Directors, and Principal Shareholders of Insured Nonmember Banks. 349.3.................... Reports by Executive ...................... ...................... X Officers and Principal Shareholders. 563.43................... Loans by Savings ...................... ...................... ...................... X Associations to Their Executive Officers, Directors, and Principal Shareholders. -------------------------------------------------------------------------------------------------------------------------------------------------------- Table 2 -------------------------------------------------------------------------------------------------------------------------------------------------------- For engagements involving management assertions about compliance by: Dividend restrictions ----------------------------------------------------------------------------------------------- National banks State member banks State nonmember banks Savings associations -------------------------------------------------------------------------------------------------------------------------------------------------------- Read the following parts and/or sections of Title 12 of the United States Code: 56..................... Prohibition of Withdrawal X X of Capital and Unearned Dividends. 60..................... Dividends and Surplus Funds X X 1467a(f)............... Declaration of Dividends... ...................... ...................... ...................... X 1831o.................. Prompt Corrective Action-- X X X X Dividend Restrictions. Read the following parts and/or sections of Title 12 of the Code of Federal Regulations: 5.61................... Payment of dividends; X capital limitation. 5.62................... Payment of dividends; X earnings limitation. 6.6.................... Prompt Corrective Action-- X Dividend Restrictions. 7.6120................. Dividends Payable in X Property Other Than Cash. 208.19................. Payments of Dividends...... ...................... X 208.35................. Prompt Corrective Action... ...................... X 325.105................ Prompt Corrective Action... ...................... ...................... X 563.134................ Capital Distributions...... ...................... ...................... ...................... X 565.................... Prompt Corrective Action... ...................... ...................... ...................... X -------------------------------------------------------------------------------------------------------------------------------------------------------- [[Page 6500]] By order of the Board of Directors. Dated at Washington, DC, this 6th day of February 1996. Federal Deposit Insurance Corporation. Jerry L. Langley, Executive Secretary. [FR Doc. 96-3569 Filed 2-20-96; 8:45 am] BILLING CODE 6714-01-P |
Last Updated 07/17/1999 | communications@fdic.gov |