57094 Federal Register / Vol. 64, No. 204 / Friday, October 22, 1999 / Notices
1 The National Credit Union Administration
(NCUA), also a member of the FFIEC, is not
adopting the policy.
Dated: October 14, 1999.
Michael B. Cook,
Director, Office of Wastewater Management.
[FR Doc. 99–27677 Filed 10–21–99; 8:45 am]
BILLING CODE 6560–50–U
FEDERAL DEPOSIT INSURANCE
CORPORATION
Rescission of Policy Statement
Regarding Independent External
Auditing Programs of State
Nonmember Banks, and Adoption of
the Interagency Policy Statement on
External Auditing Programs of Banks
and Savings Associations
AGENCY: Federal Deposit Insurance
Corporation (FDIC or Corporation).
ACTION: Rescission of a Policy Statement
and Adoption of an Interagency Policy
Statement.
SUMMARY: In an effort to provide
consistent guidance for banks and
savings associations regardless of their
primary federal supervisor, the FDIC is
rescinding its Statement of Policy
Regarding Independent External
Auditing Programs of State Nonmember
Banks (Current Policy Statement) and
concurrently adopting the Interagency
Policy Statement on External Auditing
Programs of Banks and Savings
Associations (Interagency Policy
Statement). Both policy statements
encourage institutions to adopt an
annual external auditing program,
preferably an audit by an independent
public accountant, and to establish an
audit committee composed entirely of
outside directors, where practicable. In
addition, the Interagency Policy
Statement includes two alternatives to
an audit by an independent public
accountant for institutions not subject to
the audit requirement in section 36 of
the Federal Deposit Insurance Act (FDI
Act). The alternatives consist of (1) An
attestation report on internal control
over specified schedules of the
institution’s regulatory reports or (2) A
report on the institution’s balance sheet.
Both must be performed by an
independent public accountant.
The Interagency Policy Statement also
includes guidance regarding the
responsibilities of boards of directors,
audit committees, and senior
management with respect to external
auditing programs; the attributes and
types of external auditing programs; and
the review of external auditing programs
by examiners.
DATES: The Current Policy Statement is
rescinded and the Interagency Policy
Statement is effective for fiscal years
beginning on or after January 1, 2000.
FOR FURTHER INFORMATION CONTACT:
Doris L. Marsh, Examination Specialist,
Division of Supervision, (202) 898–
8905, or A. Ann Johnson, Counsel, Legal
Division, (202) 898–3573, FDIC, 550
17th Street, NW, Washington, DC 20429.
SUPPLEMENTARY INFORMATION:
I. Background
The FDIC first adopted guidance on
external auditing programs in its Policy
Statement Regarding Independent
External Auditing Programs of State
Nonmember Banks in 1988 (53 FR
47871, November 28, 1988). In 1996, the
FDIC reviewed the Current Policy
Statement pursuant to section 303(a) of
the Riegle Community Development and
Regulatory Improvement Act of 1994
and adopted several amendments to
eliminate inconsistencies and outdated
requirements (61 FR 32438, June 24,
1996).
The Federal Financial Institutions
Examination Council (FFIEC), on behalf
of the Board of Governors of the Federal
Reserve System (FRB), the Federal
Deposit Insurance Corporation (FDIC),
the Office of the Comptroller of the
Currency (OCC), and the Office of Thrift
Supervision (OTS), collectively referred
to as the ‘‘banking agencies’’ or the
‘‘agencies,’’ have each provided
guidance on external audits to their
supervised institutions, but a uniform
policy did not exist. Under the auspices
of the FFIEC, the agencies sought public
comment on a proposed policy
statement on External Auditing
Programs of Banks and Savings
Associations in February 1998 (63 FR
7796, February 17, 1998). The FFIEC
received approximately 120 letters
commenting on the proposed policy
statement, and it revised the policy
statement after considering the
comments. On August 19, 1999, the
FFIEC approved the Interagency Policy
Statement on External Auditing
Programs of Banks and Savings
Associations (Policy Statement) (64 FR
52319, September 28, 1999) and
recommended that the banking agencies
adopt it.1
II. Rescission of the Current Policy
Statement and Adoption of the
Interagency Policy Statement
In order to minimize burden on
institutions and holding companies and
in the spirit of section 303 of the Riegle
Community Development and
Regulatory Improvement Act of 1994,
the banking agencies seek to provide
consistent and uniform guidance for
supervised institutions. The banking
agencies believe that an independent
external audit provides reasonable
assurance that an institution’s financial
statements are prepared in accordance
with generally accepted accounting
principles (GAAP). Accordingly, the
banking agencies recommend that every
institution have an external auditing
program.
To provide explicit guidance to
institutions regarding these programs,
the FFIEC approved a uniform
Interagency Policy Statement on August
19, 1999. The FFIEC recommended to
the banking agencies that they
individually adopt the policy. Thus, the
FDIC must replace its Current Policy
Statement with the Interagency Policy
Statement in order to achieve
uniformity in this area.
III. Comparison of the Current and
Interagency Policy Statements
For the most part, both the Current
Policy Statement and the Interagency
Policy Statement provide similar
guidance. Both encourage each
institution to have an annual audit of its
financial statements performed by an
independent public accountant. The
Interagency Policy Statement also
describes two alternatives to an audit
that an institution may elect to have
performed annually in order to have an
acceptable external auditing program.
These alternatives, which must be
performed by an independent public
accountant, are an attestation on
internal control over financial reporting
on certain schedules of the Reports of
Condition and Income (Call Report) and
an audit of the institution’s balance
sheet. The Interagency Policy Statement
further indicates that for a smaller
institution with less complex
operations, the attestation on internal
control may be less costly than an audit
of its financial statements or its balance
sheet and provide more useful
information to management. Neither
policy precludes the use of agreed-upon
procedures/state-required examinations
as an external auditing program.
Both policy statements include
sections discussing their applicability to
institutions that are part of a holding
company, newly chartered institutions,
and institutions presenting supervisory
concern. In addition, both policies
recommend that each institution have
an audit committee consisting entirely
of outside directors, unless
impracticable.
Banks and savings associations
(institutions) with $500 million or more
in total assets must have an annual
audit performed by an independent
public accountant under section 36 of
VerDate 12-OCT-99 15:40 Oct 21, 1999 Jkt 190000 PO 00000 Frm 00065 Fmt 4703 Sfmt 4703 E:\FR\FM\A22OC3.196 pfrm01 PsN: 22OCN1
1 The National Credit Union Administration
(NCUA), also a member of the FFIEC, is not
adopting the policy.
Dated: October 14, 1999.
Michael B. Cook,
Director, Office of Wastewater Management.
[FR Doc. 99–27677 Filed 10–21–99; 8:45 am]
BILLING CODE 6560–50–U
FEDERAL DEPOSIT INSURANCE
CORPORATION
Rescission of Policy Statement
Regarding Independent External
Auditing Programs of State
Nonmember Banks, and Adoption of
the Interagency Policy Statement on
External Auditing Programs of Banks
and Savings Associations
AGENCY: Federal Deposit Insurance
Corporation (FDIC or Corporation).
ACTION: Rescission of a Policy Statement
and Adoption of an Interagency Policy
Statement.
SUMMARY: In an effort to provide
consistent guidance for banks and
savings associations regardless of their
primary federal supervisor, the FDIC is
rescinding its Statement of Policy
Regarding Independent External
Auditing Programs of State Nonmember
Banks (Current Policy Statement) and
concurrently adopting the Interagency
Policy Statement on External Auditing
Programs of Banks and Savings
Associations (Interagency Policy
Statement). Both policy statements
encourage institutions to adopt an
annual external auditing program,
preferably an audit by an independent
public accountant, and to establish an
audit committee composed entirely of
outside directors, where practicable. In
addition, the Interagency Policy
Statement includes two alternatives to
an audit by an independent public
accountant for institutions not subject to
the audit requirement in section 36 of
the Federal Deposit Insurance Act (FDI
Act). The alternatives consist of (1) An
attestation report on internal control
over specified schedules of the
institution’s regulatory reports or (2) A
report on the institution’s balance sheet.
Both must be performed by an
independent public accountant.
The Interagency Policy Statement also
includes guidance regarding the
responsibilities of boards of directors,
audit committees, and senior
management with respect to external
auditing programs; the attributes and
types of external auditing programs; and
the review of external auditing programs
by examiners.
DATES: The Current Policy Statement is
rescinded and the Interagency Policy
Statement is effective for fiscal years
beginning on or after January 1, 2000.
FOR FURTHER INFORMATION CONTACT:
Doris L. Marsh, Examination Specialist,
Division of Supervision, (202) 898–
8905, or A. Ann Johnson, Counsel, Legal
Division, (202) 898–3573, FDIC, 550
17th Street, NW, Washington, DC 20429.
SUPPLEMENTARY INFORMATION:
I. Background
The FDIC first adopted guidance on
external auditing programs in its Policy
Statement Regarding Independent
External Auditing Programs of State
Nonmember Banks in 1988 (53 FR
47871, November 28, 1988). In 1996, the
FDIC reviewed the Current Policy
Statement pursuant to section 303(a) of
the Riegle Community Development and
Regulatory Improvement Act of 1994
and adopted several amendments to
eliminate inconsistencies and outdated
requirements (61 FR 32438, June 24,
1996).
The Federal Financial Institutions
Examination Council (FFIEC), on behalf
of the Board of Governors of the Federal
Reserve System (FRB), the Federal
Deposit Insurance Corporation (FDIC),
the Office of the Comptroller of the
Currency (OCC), and the Office of Thrift
Supervision (OTS), collectively referred
to as the ‘‘banking agencies’’ or the
‘‘agencies,’’ have each provided
guidance on external audits to their
supervised institutions, but a uniform
policy did not exist. Under the auspices
of the FFIEC, the agencies sought public
comment on a proposed policy
statement on External Auditing
Programs of Banks and Savings
Associations in February 1998 (63 FR
7796, February 17, 1998). The FFIEC
received approximately 120 letters
commenting on the proposed policy
statement, and it revised the policy
statement after considering the
comments. On August 19, 1999, the
FFIEC approved the Interagency Policy
Statement on External Auditing
Programs of Banks and Savings
Associations (Policy Statement) (64 FR
52319, September 28, 1999) and
recommended that the banking agencies
adopt it.1
II. Rescission of the Current Policy
Statement and Adoption of the
Interagency Policy Statement
In order to minimize burden on
institutions and holding companies and
in the spirit of section 303 of the Riegle
Community Development and
Regulatory Improvement Act of 1994,
the banking agencies seek to provide
consistent and uniform guidance for
supervised institutions. The banking
agencies believe that an independent
external audit provides reasonable
assurance that an institution’s financial
statements are prepared in accordance
with generally accepted accounting
principles (GAAP). Accordingly, the
banking agencies recommend that every
institution have an external auditing
program.
To provide explicit guidance to
institutions regarding these programs,
the FFIEC approved a uniform
Interagency Policy Statement on August
19, 1999. The FFIEC recommended to
the banking agencies that they
individually adopt the policy. Thus, the
FDIC must replace its Current Policy
Statement with the Interagency Policy
Statement in order to achieve
uniformity in this area.
III. Comparison of the Current and
Interagency Policy Statements
For the most part, both the Current
Policy Statement and the Interagency
Policy Statement provide similar
guidance. Both encourage each
institution to have an annual audit of its
financial statements performed by an
independent public accountant. The
Interagency Policy Statement also
describes two alternatives to an audit
that an institution may elect to have
performed annually in order to have an
acceptable external auditing program.
These alternatives, which must be
performed by an independent public
accountant, are an attestation on
internal control over financial reporting
on certain schedules of the Reports of
Condition and Income (Call Report) and
an audit of the institution’s balance
sheet. The Interagency Policy Statement
further indicates that for a smaller
institution with less complex
operations, the attestation on internal
control may be less costly than an audit
of its financial statements or its balance
sheet and provide more useful
information to management. Neither
policy precludes the use of agreed-upon
procedures/state-required examinations
as an external auditing program.
Both policy statements include
sections discussing their applicability to
institutions that are part of a holding
company, newly chartered institutions,
and institutions presenting supervisory
concern. In addition, both policies
recommend that each institution have
an audit committee consisting entirely
of outside directors, unless
impracticable.
Banks and savings associations
(institutions) with $500 million or more
in total assets must have an annual
audit performed by an independent
public accountant under section 36 of
VerDate 12-OCT-99 15:40 Oct 21, 1999 Jkt 190000 PO 00000 Frm 00065 Fmt 4703 Sfmt 4703 E:\FR\FM\A22OC3.196 pfrm01 PsN: 22OCN1
57095Federal Register / Vol. 64, No. 204 / Friday, October 22, 1999 / Notices
1 See 12 CFR part 30 for national banks; 12 CFR
part 364 for state nonmember banks; 12 CFR part
208 for state member banks; and 12 CFR part 510
for savings associations.
2 This Policy Statement provides guidance
consistent with the guidance established in the
‘‘Interagency Policy Statement on the Internal Audit
Function and its Outsourcing.’’
3 See 12 U.S.C. 161 for national banks; 12 U.S.C.
1817a for state nonmember banks; 12 U.S.C. 324 for
state member banks; and 12 U.S.C. 1464(v) for
savings associations.
4 Terms defined in appendix A are italicized the
first time they appear in this policy statement.
the Federal Deposit Insurance Act (FDI
Act), as implemented by 12 CFR part
363. Thus, both policy statements are
directed toward institutions below that
threshold that are not otherwise subject
to audit requirements.
The two policies differ in the extent
of guidance provided rather than the
content of the guidance. Accordingly,
the Interagency Policy Statement
includes some guidance regarding
independent external auditing programs
that is lacking in the Current Policy
Statement. For example, it discusses the
responsibilities of boards of directors,
audit committees, and senior
management in more detail than the
Current Policy Statement. It also
describes the attributes and types of
external auditing programs available
and includes a short description of each.
Guidance on what examiners will be
evaluating in their review of external
auditing programs is also included in
the Interagency Policy Statement. This
policy statement also recommends that
examiners have access to the auditor’s
workpapers concerning the auditing
engagement.
The following table shows the number
and section title of each of the
paragraphs in the Current Policy
Statement and the section title of the
corresponding provision in the
Interagency Policy Statement:
PARAGRAPH CONVERSION TABLE
Current policy
paragaraph No. Current policy statement: section title Interagency policy statement: section title
1–3 ....................... Introduction .............................................................................. Introduction.
4 ........................... State Nonmember Banks Not Subject to Part 363 ................. Introduction.
5 ........................... .................................................................................................. Overview of the External Auditing Program Audit Committee.
6 ........................... .................................................................................................. Examiner Guidance Review of the External Auditing Pro-
gram.
7 ........................... Audit by an Independent Public Accountant ........................... External Auditing Programs Types of External Auditing Pro-
grams.
8 ........................... .................................................................................................. External Auditing Programs Other Considerations—Timing.
9–10 ..................... Alternatives to a Financial Statement Audit ............................ External Auditing Programs External Auditing Programs.
11 ......................... Newly Insured Banks .............................................................. Special Situations Newly Insured Institutions.
12–13 ................... Notification and Submission of Reports .................................. Examiner Guidance Access to Reports.
14 ......................... Holding Company Subsidiaries ............................................... Special Situations Holding Company Subsidiaries.
15 ......................... Troubled Banks ....................................................................... Special Situations Institutions Presenting Supervisory Con-
cerns.
Appendix A .......... Definitions ................................................................................ Appendix A—Definitions.
The Interagency Policy Statement
instructs institutions to provide copies
of reports pertaining to the external
auditing program, including any
management letters, to the agencies and
any state authority in accordance with
their appropriate supervisory office’s
guidance. The FDIC requests that each
state nonmember bank furnish a copy of
any reports by the independent public
accountant pertaining to the bank’s
external auditing program (regardless of
the scope) to the appropriate FDIC
regional office as soon as possible after
the report is received by the bank. In
addition, the FDIC requests each bank to
promptly notify the appropriate FDIC
regional office when any independent
public accountant is initially engaged to
perform external auditing work and
when a change in, or termination of, its
independent public accountant occurs.
IV. Paperwork Reduction Act
In accordance with the Paperwork
Reduction Act of 1995 (PRA), the FDIC
may not conduct or sponsor, and the
respondent is not required to respond
to, an information collection that does
not display a currently valid Office of
Management and Budget (OMB) control
number. The FDIC submitted to OMB a
request for approval of the information
collection requested by this policy
statement (64 FR 55926, October 15,
1999).
V. Rescission and Adoption of Policy
Statements
For the reasons set forth in the
preamble, the Board of Directors of the
FDIC hereby rescinds the FDIC’s Policy
Statement Regarding Independent
External Auditing Programs of State
Nonmember Banks and adopts the
Interagency Policy Statement on
External Auditing Programs of Banks
and Savings Associations.
The text of the Interagency Policy
Statement follows:
Interagency Policy Statement On
External Auditing Programs of Banks
and Savings Associations
Introduction
The board of directors and senior
managers of a banking institution or
savings association (institution) are
responsible for ensuring that the
institution operates in a safe and sound
manner. To achieve this goal and meet
the safety and soundness guidelines
implementing section 39 of the Federal
Deposit Insurance Act (FDI Act) (12
U.S.C. 1831p-1),1 the institution should
maintain effective systems and internal
control 2 to produce reliable and
accurate financial reports.
Accurate financial reporting is
essential to an institution’s safety and
soundness for numerous reasons. First,
accurate financial information enables
management to effectively manage the
institution’s risks and make sound
business decisions. In addition,
institutions are required by law 3 to
provide accurate and timely financial
reports (e.g., Reports of Condition and
Income [Call Reports] and Thrift
Financial Reports) to their appropriate
regulatory agency. These reports serve
an important role in the agencies’ 4 risk-
focused supervision programs by
contributing to their pre-examination
planning, off-site monitoring programs,
and assessments of an institution’s
capital adequacy and financial strength.
Further, reliable financial reports are
necessary for the institution to raise
capital. They provide data to
stockholders, depositors and other
VerDate 12-OCT-99 15:40 Oct 21, 1999 Jkt 190000 PO 00000 Frm 00066 Fmt 4703 Sfmt 4703 E:\FR\FM\A22OC3.198 pfrm01 PsN: 22OCN1
1 See 12 CFR part 30 for national banks; 12 CFR
part 364 for state nonmember banks; 12 CFR part
208 for state member banks; and 12 CFR part 510
for savings associations.
2 This Policy Statement provides guidance
consistent with the guidance established in the
‘‘Interagency Policy Statement on the Internal Audit
Function and its Outsourcing.’’
3 See 12 U.S.C. 161 for national banks; 12 U.S.C.
1817a for state nonmember banks; 12 U.S.C. 324 for
state member banks; and 12 U.S.C. 1464(v) for
savings associations.
4 Terms defined in appendix A are italicized the
first time they appear in this policy statement.
the Federal Deposit Insurance Act (FDI
Act), as implemented by 12 CFR part
363. Thus, both policy statements are
directed toward institutions below that
threshold that are not otherwise subject
to audit requirements.
The two policies differ in the extent
of guidance provided rather than the
content of the guidance. Accordingly,
the Interagency Policy Statement
includes some guidance regarding
independent external auditing programs
that is lacking in the Current Policy
Statement. For example, it discusses the
responsibilities of boards of directors,
audit committees, and senior
management in more detail than the
Current Policy Statement. It also
describes the attributes and types of
external auditing programs available
and includes a short description of each.
Guidance on what examiners will be
evaluating in their review of external
auditing programs is also included in
the Interagency Policy Statement. This
policy statement also recommends that
examiners have access to the auditor’s
workpapers concerning the auditing
engagement.
The following table shows the number
and section title of each of the
paragraphs in the Current Policy
Statement and the section title of the
corresponding provision in the
Interagency Policy Statement:
PARAGRAPH CONVERSION TABLE
Current policy
paragaraph No. Current policy statement: section title Interagency policy statement: section title
1–3 ....................... Introduction .............................................................................. Introduction.
4 ........................... State Nonmember Banks Not Subject to Part 363 ................. Introduction.
5 ........................... .................................................................................................. Overview of the External Auditing Program Audit Committee.
6 ........................... .................................................................................................. Examiner Guidance Review of the External Auditing Pro-
gram.
7 ........................... Audit by an Independent Public Accountant ........................... External Auditing Programs Types of External Auditing Pro-
grams.
8 ........................... .................................................................................................. External Auditing Programs Other Considerations—Timing.
9–10 ..................... Alternatives to a Financial Statement Audit ............................ External Auditing Programs External Auditing Programs.
11 ......................... Newly Insured Banks .............................................................. Special Situations Newly Insured Institutions.
12–13 ................... Notification and Submission of Reports .................................. Examiner Guidance Access to Reports.
14 ......................... Holding Company Subsidiaries ............................................... Special Situations Holding Company Subsidiaries.
15 ......................... Troubled Banks ....................................................................... Special Situations Institutions Presenting Supervisory Con-
cerns.
Appendix A .......... Definitions ................................................................................ Appendix A—Definitions.
The Interagency Policy Statement
instructs institutions to provide copies
of reports pertaining to the external
auditing program, including any
management letters, to the agencies and
any state authority in accordance with
their appropriate supervisory office’s
guidance. The FDIC requests that each
state nonmember bank furnish a copy of
any reports by the independent public
accountant pertaining to the bank’s
external auditing program (regardless of
the scope) to the appropriate FDIC
regional office as soon as possible after
the report is received by the bank. In
addition, the FDIC requests each bank to
promptly notify the appropriate FDIC
regional office when any independent
public accountant is initially engaged to
perform external auditing work and
when a change in, or termination of, its
independent public accountant occurs.
IV. Paperwork Reduction Act
In accordance with the Paperwork
Reduction Act of 1995 (PRA), the FDIC
may not conduct or sponsor, and the
respondent is not required to respond
to, an information collection that does
not display a currently valid Office of
Management and Budget (OMB) control
number. The FDIC submitted to OMB a
request for approval of the information
collection requested by this policy
statement (64 FR 55926, October 15,
1999).
V. Rescission and Adoption of Policy
Statements
For the reasons set forth in the
preamble, the Board of Directors of the
FDIC hereby rescinds the FDIC’s Policy
Statement Regarding Independent
External Auditing Programs of State
Nonmember Banks and adopts the
Interagency Policy Statement on
External Auditing Programs of Banks
and Savings Associations.
The text of the Interagency Policy
Statement follows:
Interagency Policy Statement On
External Auditing Programs of Banks
and Savings Associations
Introduction
The board of directors and senior
managers of a banking institution or
savings association (institution) are
responsible for ensuring that the
institution operates in a safe and sound
manner. To achieve this goal and meet
the safety and soundness guidelines
implementing section 39 of the Federal
Deposit Insurance Act (FDI Act) (12
U.S.C. 1831p-1),1 the institution should
maintain effective systems and internal
control 2 to produce reliable and
accurate financial reports.
Accurate financial reporting is
essential to an institution’s safety and
soundness for numerous reasons. First,
accurate financial information enables
management to effectively manage the
institution’s risks and make sound
business decisions. In addition,
institutions are required by law 3 to
provide accurate and timely financial
reports (e.g., Reports of Condition and
Income [Call Reports] and Thrift
Financial Reports) to their appropriate
regulatory agency. These reports serve
an important role in the agencies’ 4 risk-
focused supervision programs by
contributing to their pre-examination
planning, off-site monitoring programs,
and assessments of an institution’s
capital adequacy and financial strength.
Further, reliable financial reports are
necessary for the institution to raise
capital. They provide data to
stockholders, depositors and other
VerDate 12-OCT-99 15:40 Oct 21, 1999 Jkt 190000 PO 00000 Frm 00066 Fmt 4703 Sfmt 4703 E:\FR\FM\A22OC3.198 pfrm01 PsN: 22OCN1