Congress passed the FDIC Improvement Act (“FDICIA”) in 1991 in response to the savings and loan crisis of the 80’s. The passage of this Act changed many banking laws, establishing rules which are still in effect today which gave federal banking agencies new supervisory responsibilities. FDICIA applies only to banks and savings institutions and certain of its provisions apply only to institutions of specified sizes. The goal of the rule is to facilitate the early identification of problems in financial management of covered institutions. The assumption behind the goal is that audited financial statements and effective internal controls over financial and regulatory reporting assist the FDIC in executing their oversight and monitoring role.
Impact of asset size on compliance requirements
FDICIA has two main categories that are based on the asset size of the institution at the beginning of the institution’s fiscal year. The two main categories are:
- >$500 million to $1billion in assets, referred to here as Tier I.
- >$1 billion in assets, referred to here as Tier II.
Impact of PPP Loans
The FDIC granted temporary relief to accommodate Institutions that experienced short term asset increases due to the underwriting of Paycheck Protection Program (“PPP”) loans. This temporary relief has now expired so it is important for management to proactively monitor asset levels and not wait until reaching the above thresholds before ensuring compliance. According to the FDIC, nearly 25% of the nation’s banks are nearing new compliance levels as of March 31, 2022.
Key requirements
For Tier I institutions, key requirements include:
- Audited comparative annual financial statements.
- A report containing management’s responsibilities for: ACCOUNTING INSIGHT
- Preparing the financial statements;
- Establishing and maintaining an adequate internal control structure over financial and
- regulatory reporting;
- Assessing compliance with laws and regulations during the year pertaining to insider loans and dividend restrictions, including state laws.
Institutions must also provide other letters and reports issued by the independent public accountant, including management letters within 15 days of receipt.
- Provide an assessment and conclusion by management on the effectiveness of internal controls over financial and regulatory reporting at year-end, which is required to be audited by an independent public accounting firm.
This requirement is similar to SOX 404 and requires significant preparation efforts by management and the external audit firm. Banks should plan to have all controls designed and effectively operating one year prior to this audit requirement to ensure successful compliance.
Audit Committee Impacts
Institutions subject to FDICIA will need to ensure:
- Audit committees are made up of outside directors that are independent of management as follows:
- Tier II – All members are outside directors and independent of management.
- Tier I– Majority of members are outside directors and independent of management.
- Documented criteria are in place for evaluating if an audit committee member is an outside director and independent of management, which should be re-evaluated annually.
- If an audit committee member owns more than 10% of outstanding common shares of the institution, the Committee should determine and document their assessment of independence.
Independent public accounting firm independence
FDICIA requires that independent public accountants comply with the more rigorous SEC and PCAOB independence rules. It is important to work with your firm to ensure a smooth transition to these rules.
Start planning now
Today is the right time to discuss FDICIA implications for your bank. To ensure you are prepared:
- Make it a part of your strategic discussion to understand the timeline that you believe the milestones will be achieved organically or what potential M&A transactions may have on the bank’s asset threshold.
- Consider what impacts this may have on board composition and what changes may be necessary.
- Assess bank resources and determine if the control environment is at a level that will allow for success upon implementation of the required internal control framework.
Complex monitoring, documentation and reporting takes time and resources to ensure compliance. Connect with your Rehmann advisor today for review of your bank’s FDICIA requirements so you’re prepared to ensure compliance.
[email protected] | 248.458.7914