Is your financial institution nearing the $500 million asset threshold? If so, you’ll need to navigate new regulations, particularly those mandated by the Federal Deposit Insurance Corporation Improvement Act (FDICIA).
Regardless of what is driving your growth, crafting a robust plan for FDICIA compliance is essential. Pinion advisors have outlined key considerations as you near this significant milestone.
What is the FDICIA Threshold?
The Federal Deposit Insurance Corporation Improvement Act (FDICIA) of 1991 imposes additional annual audit and reporting requirements for financial institutions with assets of $500 million or more. These requirements go into effect on the first day of the fiscal year after the benchmark is hit.
For example, if a bank’s total assets exceed $500 million on June 1, 2024, FDICIA compliance would not be required until the following fiscal year (i.e., January 1, 2025).
How to Prepare for Crossing the Threshold
As you near the threshold, it’s important to be proactive. Many of these steps take time and require the right team in your corner. While the road ahead can be complex, starting with these simple steps will make the journey much smoother:
1. Ensure that you have a separate audit committee with all outside directors.
-
- Per the FDIC, an outside director is a director who is not, and within the preceding fiscal year has not been, an officer or employee of the institution or any affiliate of the institution.
2. Identify any potential independence issues with the CPA firm that is performing your financial statement audit.
3. Consider a balance-sheet-only audit or compiled financial statements in the year prior to compliance with FDICIA.
4. Stay up to date with industry and accounting standards impacting financial reporting.
How to Comply with FDICIA Requirements
To comply with FDICIA requirements, you will need to:
1. Submit audited financial statements to the appropriate federal bank agency. Your bank is required to file within 120 days after the fiscal year ends if it is a non-public bank, or 90 days if the bank originates loans under the U.S. Department of Housing and Urban Development (HUD) loan programs. The financial statements must be comparative. If your bank has not been audited in the past, statements for the earlier year can be presented on an unaudited basis.
2. Establish auditor independence in compliance with the AICPA, SEC and PCAOB. Independence requirements become more stringent for non-public banks. FDICIA requires that the auditor complies with the most restrictive independence standards and interpretations of the American Institute of Certified Public Accountants, the Securities and Exchange Commission (SEC), and the Public Company Accounting Oversight Board (PCAOB).
In most situations, the SEC and PCAOB rules are the most restrictive; thus, services such as preparation of tax returns for individuals in a financial reporting oversight role and various nonattest services are now restricted from being provided by the financial statement auditor, and the audit requires partner rotation. More information is provided below.
3. Submit a statement and assessment of management’s responsibilities, for:
- Preparing the bank’s annual financial statements.
- Setting up and sustaining sufficient processes and an internal control framework for financial reporting.
- Adhering to safety and soundness laws and regulations formulated by the FDIC and the relevant federal banking agency.
4. File the following auditors’ reports within 15 days of receipt:
- Governance communication — Required communication with governance containing the auditor’s responsibilities, corrected and uncorrected misstatements, any disagreements with management, etc.
- Internal control communication (if applicable) — Communication of any material weaknesses or significant deficiencies in internal controls noted during the audit.
5. Prepare financial statements according to SEC independence rules. The SEC does not allow the financial statement auditor to prepare the financial statements they are auditing. Your institution can prepare them internally or you can hire a third party who is not performing the audit. There are several things to consider when preparing these financial statements:
- If your bank does not feel it has the appropriate staff to prepare a set of financial statements in accordance with Generally Accepted Accounting Principles (GAAP), you may hire more internal personnel or engage with a consulting firm for assistance.
- Most institutions that have previously relied on the financial statement auditor to draft financial statements and footnotes have a more successful transition to this requirement if they begin the practice before the FDICIA requirement is effective. Oftentimes, the auditor has created additional documentation, schedules, or reports to aid in financial statement preparation. Your management will need to take responsibility for these items, as well as determine if proper controls over both preparation and review are in place.
- Many institutions find it helpful to locate resources such as accounting alerts and disclosure checklists or attend GAAP educational events to keep up to date on industry and GAAP changes impacting financial reporting.
6. Establish a separate audit committee. All members need to be outside directors, separate from the bank management team. There are specific requirements outlined in FDICIA that define what would disqualify the independence of an outside director. See below for some examples.
How to Identify Potential Independence Issues
If you are working with an accounting firm that provides a variety of services, you must carefully determine if you can use the firm for your financial statement audit, and then identify which non-attest services that firm can and cannot provide.
Regulations specifically prohibit an external audit firm from providing certain non-audit services, including:
- Actuarial services
- Appraisal or valuation services
- Bookkeeping or other services related to your accounting records or financial statements
- Financial information systems design and implementation
- Internal audit outsourcing services
- Payroll services
- Preparation of tax returns for individuals overseeing financial reporting
Your management and audit committee must ensure that the company hired for the external audit remains independent. This means they need to check that the company:
- Does not have any interests that conflict with or are too closely tied to your financial institution.
- Is not in a position where they must check their own work.
- Does not act like part of your management or staff.
- Is not in a position to act as an advocate for your financial institution.
If you are approaching or have already crossed the $500 million threshold, reach out to a Pinion advisor for expert guidance on FDICIA compliance and auditing.
