Is your bank ready for FDICIA compliance?
The Federal Deposit Insurance Corporation (FDIC) reports that the number of insured financial institutions has dropped from around 8,000 to just under 4,600 over the last 14 years. When institutions consolidate, their average asset size swells, so it’s important for banks to be mindful of their obligations under the FDIC Improvement Act of 1991 (FDICIA).
What does the FDICIA require?
The FDICIA imposes stricter auditing, reporting and governance obligations once banks have $500 million in total assets, followed by even more rigorous requirements at $1 billion in assets. According to the FDIC’s most recent Community Banking Study (December 2020), the average asset size of community banks in 2019 was approximately $470 million. So, it’s likely that many community banks will cross the $500 million threshold in the future.
It’s important to monitor your bank’s assets closely to prepare for FDICIA compliance before you reach the threshold (ideally one to two years). An early start will help ensure a smooth transition. It will also give you an opportunity to test new controls and procedures, allowing you to remedy any deficiencies before you start submitting reports to federal regulators.
What’s required before reaching $500 million?
Your bank should take several steps as you approach the first reporting threshold. The FDICIA will require submission of comparative financial statements. If you don’t currently prepare audited financials, you can use unaudited ones for the year before you’re subject to the FDICIA. Nevertheless, it’s a good idea to obtain at least a balance sheet audit for the previous year. That way, any material weaknesses or significant deficiencies the auditor identifies can be addressed before you report to federal regulators.
Additionally, review your audit committee’s composition to ensure that a majority of its members are independent. You may need to replace some members who have conflicts and add new directors, so leave plenty of time to conduct a diligent search.
Also review your accountants’ services for potential independence issues. Early preparation will provide time to arrange separate firms for audit services and prohibited nonaudit services. Your auditor won’t be allowed to prepare financial statements, so management should be prepared to assume greater responsibility for financial statement preparation and review.
What’s required at $500 million?
When your bank’s total assets reach $500 million, key requirements include:
- Audited financial statements. Audited financial statements must be submitted with the independent auditor’s report to the relevant federal banking agency within 120 days after the fiscal year-end (90 days for publicly traded banks).
- Auditor independence. Your bank must comply with the strictest auditor independence standards applicable to public companies. That means your auditor must avoid conflicts of interest and prohibited financial relationships with your bank, rotate audit partners at least every five years, and refrain from providing prohibited nonaudit services to your bank. Examples include bookkeeping, financial statement preparation, valuation, internal audits and tax services for certain bank insiders.
- Management reports. Annual reports must include statements on management’s responsibility for 1) preparing financial statements, 2) establishing and maintaining adequate internal control over financial reporting (ICFR), and 3) complying with certain safety and soundness laws and regulations.
- Audit committee composition. Your bank’s board must have a separate audit committee, and a majority of the committee’s members must be outside directors who are independent of management.
Remember these requirements when preparing to comply.
What’s required at $1 billion?
The following additional requirements apply when your bank’s total assets reach $1 billion:
- Expanded management reports. Your bank must submit an evaluation of the effectiveness of its ICFR as of the fiscal year-end, based on a recognized framework.
- External opinion on ICFR. You must submit an independent auditor’s attestation report on the effectiveness of ICFR as of the fiscal year-end.
- Fully independent audit committee. All members of your audit committee must be independent of management.
These time- and resource-intensive steps require an early start.
Create a roadmap
A smooth journey to FDICIA compliance requires a detailed plan. Contact your CPA to discuss steps needed as your bank’s total assets approach the $500 million and $1 billion mileposts.
Sidebar: Measuring assets for FDICIA purposes
The applicability of the FDIC Improvement Act (FDICIA) is based on total assets as of the beginning of your bank’s fiscal year, per your most recent Call Report. Banks that operate on a calendar year should consult their December 31 Call Reports to determine total assets on January 1 of the following calendar year.
FDICIA coverage for a given fiscal year is based on a bank’s total assets as of the first day of that year, regardless of asset-level fluctuations during the year. For example, if a calendar-year institution’s total assets are $550 million as of September 30, 2024, it won’t be subject to the FDICIA in 2025 if total assets drop to $495 million as of December 31, 2024.
However, if the bank’s assets are greater than $500 million as of the end of 2024, it will be subject to the FDICIA throughout 2025, even if its total assets dip below the threshold during the year. Contact us for more information.
© 2024