[Federal Register Volume 62, Number 229 (Friday, November 28, 1997)]
[Rules and Regulations]
[Pages 63256-63260]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-30860]



[[Page 63256]]

=======================================================================
-----------------------------------------------------------------------

FEDERAL DEPOSIT INSURANCE CORPORATION

12 CFR Part 363

RIN 3064-AC06


Independent Audits and Reporting Requirements

AGENCY: Federal Deposit Insurance Corporation (FDIC or Corporation).

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The FDIC is amending its regulations concerning annual 
independent audits and reporting requirements which implement section 
36 of the Federal Deposit Insurance Act (FDI Act). Section 36 is 
generally intended to facilitate early identification of problems in 
financial management at larger insured depository institutions through 
annual independent audits, assessments of the effectiveness of internal 
controls and compliance with designated laws and regulations, and more 
stringent reporting requirements.
    Section 2301 of the Economic Growth and Regulatory Paperwork 
Reduction Act of 1996 (EGRPRA) repealed section 36(e) of the FDI Act 
which required that each insured depository institution over a certain 
size have an independent public accountant perform specified procedures 
for determining compliance with designated safety and soundness laws. 
Accordingly, the FDIC is eliminating Schedule A to Appendix A, ``Agreed 
Upon Procedures for Determining Compliance with Designated Laws''.
    Section 2301 of EGRPRA also permits the FDIC in certain 
circumstances to exempt institutions from the requirement that audit 
committees be comprised entirely of outside directors. It further 
permits the FDIC to designate certain information filed under section 
36 as privileged and confidential and therefore not available to the 
public.
    The FDIC is also making several technical changes to the Guidelines 
and Interpretations (Guidelines) published as an appendix to the annual 
independent audit rule. The changes delete certain filing requirements 
that have been determined to be unnecessary, and clarify ambiguities 
identified by the Corporation, financial institutions, and accountants 
since the audit rule was promulgated.

EFFECTIVE DATE: The final regulation is effective January 1, 1998.

FOR FURTHER INFORMATION CONTACT: Doris L. Marsh, Examination 
Specialist, Division of Supervision (202) 898-8905, FDIC, 550 17th 
Street, N.W., Washington, DC 20429, or Sandra Comenetz, Counsel, Legal 
Division, (202) 898-3582, FDIC, 550 17th Street N.W., Washington, DC 
20429.

SUPPLEMENTARY INFORMATION:

I. Background

    Section 112 of the Federal Deposit Insurance Corporation 
Improvement Act of 1991 (FDICIA) added section 36, ``Independent Annual 
Audits of Insured Depository Institutions,'' to the FDI Act (12 U.S.C. 
1831m). As enacted, section 36 required the FDIC, in consultation with 
the appropriate federal banking agencies, to promulgate regulations 
requiring each insured depository institution over a certain asset size 
(covered institution) to have an annual independent audit of its 
financial statements performed in accordance with generally accepted 
auditing standards and section 37 of the FDI Act (12 U.S.C. 1831n), and 
to provide a management report and an independent public accountant's 
attestation concerning the effectiveness of the institution's internal 
controls for financial reporting and its compliance with designated 
safety and soundness laws. Section 36 also requires each covered 
institution to have an independent audit committee. The audit committee 
of each large covered institution (total assets exceeding $3 billion) 
must meet certain additional requirements.
    In June 1993, the FDIC published 12 CFR part 363 (58 FR 31332, June 
2, 1993) to implement the provisions of section 36 of the FDI Act. 
Under part 363, the requirements of section 36 apply to each insured 
depository institution with $500 million or more in total assets at the 
beginning of any fiscal year that begins after December 31, 1992. Part 
363 also includes Guidelines and Interpretations (Appendix A to part 
363), which are intended to assist institutions and independent public 
accountants in understanding and complying with section 36 and part 
363.
    Section 314 of the Riegle Community Development and Regulatory 
Improvement Act of 1994 amended sections 36(i) and 36(g)(2) of the FDI 
Act (12 U.S.C. 1831m (i) and (g)(2)). The purpose of section 314(a) was 
to provide relief from certain duplicative reporting under section 36 
of the FDI Act for sound, well managed insured depository institutions 
with over $9 billion in total assets which are subsidiaries of 
multibank holding companies. The regulation was amended effective April 
1, 1996, to implement section 314.
    Section 2301 of EGRPRA repealed section 36(e) and amended sections 
36(a)(3) and 36(g)(1) of the FDI Act. Section 36(e) required that each 
covered institution have an independent public accountant perform 
specified procedures for determining compliance with designated safety 
and soundness laws. To comply with the repeal of section 36(e), the 
FDIC is removing Schedule A to Appendix A, ``Agreed Upon Procedures for 
Determining Compliance with Designated Laws,'' and is making conforming 
changes to the regulation and the Guidelines.
    The amendment to section 36(g)(1) of the FDI Act grants authority 
for each appropriate federal banking agency to permit a covered 
institution under its supervision to have an audit committee consisting 
of a majority of outside directors, instead of consisting entirely of 
outside directors, if the agency determines that the institution has 
encountered hardships retaining and recruiting a sufficient number of 
competent outside directors to serve on the committee. The amendment to 
section 36(a)(3) permits the FDIC and the appropriate federal banking 
agency to designate certain information filed under section 36 as 
privileged and confidential and not available to the public.
    Since 1993 when part 363 was promulgated, no institution has 
requested relief from the FDIC because the institution had difficulty 
in recruiting or retaining outside directors for its audit committee 
nor has any institution requested confidential treatment of any 
otherwise public information filed under section 36. Because the 
banking agencies would consider such matters on a case-by-case basis, 
and to avoid additional burden, no implementing regulations are being 
promulgated.

II. Discussion of Amendment

    The FDIC is amending part 363 to: conform it to the amended 
statute, update certain references, eliminate an unnecessary filing by 
independent public accountants, and align the filing requirements with 
the FDIC's current approach for supervising banking organizations.
    The FDIC is deleting Schedule A to Appendix A, ``Agreed Upon 
Procedures for Determining Compliance with Designated Laws'', and 
Guideline 19 to conform the regulation to the amended statute which 
repealed the requirement that each covered institution have an 
independent public accountant perform specified procedures for 
determining compliance with designated safety and soundness laws. In 
addition, Secs. 363.3(b) and 363.4 (a) and (b) have been amended to 
delete references to

[[Page 63257]]

Schedule A and the independent public accountant's attestation on 
compliance with Designated Laws and Regulations (Designated Laws). 
Guidelines 8, 16, and 18 likewise have been revised.
    Although section 2301 of EGRPRA repealed the statutory requirement 
that an independent public accountant provide an attestation report on 
the performance of agreed-upon procedures for determining an 
institution's compliance with Designated Laws, management is still 
required to file an annual report with the FDIC and appropriate federal 
and state banking agencies which includes a statement of its 
responsibility for complying with Designated Laws and an assessment of 
the institution's compliance with such laws and regulations. Revised 
Guideline 12 identifies the two categories of Designated Laws. Table 1 
to Appendix A lists the specific federal laws and regulations within 
these categories.
    The Introduction to the Guidelines and Interpretations has been 
amended to remove outdated language. Also, the references to documents 
which provide information on safeguarding of assets and standards for 
internal control in footnote 2 to Guideline 10 have been updated.
    The FDIC has removed the provision in Guideline 16 that an 
accountant may elect to file a list of covered institutions that are 
audit clients in lieu of a peer review report for each client. The FDIC 
has found that the list of client institutions is not needed.
    Revised Guideline 22 (previously numbered Guideline 23) has been 
amended to reflect the FDIC's current approach to supervising banking 
organizations which own more than one depository institution. In such 
cases, one FDIC region is designated to manage supervision of the 
entire organization. The amended guideline states that covered 
institutions filing under part 363 on a holding company basis should 
submit their reports to the appropriate FDIC regional office.

III. Public Comment Waiver and Effective Date

    The Administrative Procedure Act, 5 U.S.C. 551 et seq. (APA), 
requires that general notice of a proposed rulemaking be published in 
the Federal Register. 5 U.S.C. 553(b). An exception to the rule exists 
if the agency for good cause finds ``* * * that notice and public 
procedure thereon are impracticable, unnecessary, or contrary to the 
public interest.'' 5 U.S.C. 553(b)(B). The FDIC is publishing the 
amendments to part 363 as a final rule without notice and comment 
because the amendments consist of only minor and technical changes. The 
FDIC finds that publication in this case is unnecessary.

IV. Paperwork Reduction Act

    This regulation contains modifications to a collection of 
information that have been reviewed and approved by the Office of 
Management and Budget on November 5, 1997, under control number 3064-
0113 pursuant to the Paperwork Reduction Act (44 U.S.C. 3501 et seq.). 
The primary modification is the deletion, from Appendix A, of Schedule 
A ``Agreed Upon Procedures for Determining Compliance with Designated 
Laws''.
    Comments are invited on: (a) Whether the collection of information 
is necessary for the proper performance of the FDIC's functions, 
including whether the information has practical utility; (b) the 
accuracy of the estimates of the burden of the information collection; 
(c) ways to enhance the quality, utility, and clarity of the 
information to be collected; and (d) ways to minimize the burden of the 
information collection on respondents, including through the use of 
automated collection techniques or other forms of information 
technology.
    Comments should be addressed to the Office of Information and 
Regulatory Affairs, Office of Management and Budget, Attention: Desk 
Officer Alexander Hunt, New Executive Office Building, Room 3208, 
Washington, D.C. 20503, with copies of such comments to Steven F. 
Hanft, Assistant Executive Secretary (Regulatory Analysis), Federal 
Deposit Insurance Corporation, Room F-4001-B, 550 17th Street, NW, 
Washington, D.C. 20429. All comments should refer to ``3064-0113''.
    The estimated reporting burden for the collection of information 
under part 363 is:
    Number of Respondents: 420.
    Number of Responses per Respondent: 3.
    Total Annual Responses: 1,260.
    Hours per Response: 32.
    Total Annual Burden Hours: 40,320.

V. Regulatory Flexibility Act

    The rule expressly exempts insured depository institutions having 
assets of less than $500 million, and, for that reason, is inapplicable 
to small entities. Therefore, pursuant to section 605(b) of the 
Regulatory Flexibility Act (Pub. L. 96-354, 5 U.S.C. 601 et seq.), it 
is certified that the rule would not have a significant impact on a 
substantial number of small entities.

VI. Small Business Regulatory Enforcement Fairness Act

    The Small Business Regulatory Enforcement Fairness Act of 1996 
(SBREFA) (Title II, Pub. L. 104-121) provides generally for agencies to 
report rules to Congress and the General Accounting Office (GAO) for 
review. The reporting requirement is triggered when a federal agency 
issues a final rule. The FDIC will file the appropriate reports with 
Congress and the GAO as required by SBREFA.
    Because the Office of Management and Budget has determined that the 
rule does not constitute a ``major rule'' as defined by SBREFA, the 
final rule will take effect on January 1, 1998.

List of Subjects in 12 CFR Part 363

    Accounting, Administrative practice and procedure, Banks, banking, 
Reporting and recordkeeping requirements.

    For the reasons set forth in the preamble, the Board of Directors 
of the FDIC hereby amends Part 363 of title 12, chapter III, of the 
Code of Federal Regulations as follows:

PART 363--ANNUAL INDEPENDENT AUDITS AND REPORTING REQUIREMENTS

    1. The authority citation for part 363 continues to read as 
follows:

    Authority: 12 U.S.C. 1831m.

    2. Section 363.3 is amended by revising paragraph (b) to read as 
follows:


Sec. 363.3  Independent public accountant.

* * * * *
    (b) Additional report. Such independent public accountant shall 
examine, attest to, and report separately on, the assertion of 
management concerning the institution's internal control structure and 
procedures for financial reporting. The attestation shall be made in 
accordance with generally accepted standards for attestation 
engagements.
* * * * *
    3. Section 363.4 is amended by revising paragraphs (a) and (b) to 
read as follows:


Sec. 363.4  Filing and notice requirements.

    (a) Annual reporting. Within 90 days after the end of its fiscal 
year, each insured depository institution shall file with each of the 
FDIC, the appropriate federal banking agency, and any appropriate state 
bank supervisor, two copies of an annual report containing audited 
annual financial statements, the independent public accountant's report 
thereon, management's statements and

[[Page 63258]]

assessments, and the independent public accountant's attestation report 
concerning the institution's internal control structure and procedures 
for financial reporting as required by Secs. 363.2(a), 363.3(a), 
363.2(b), and 363.3(b), respectively.
    (b) Public availability. The annual report in paragraph (a) of this 
section shall be available for public inspection.
* * * * *
    4. Appendix A to part 363 is amended by revising the table of 
contents entry for item 18, by removing the table of contents entry for 
item 19, by redesignating table of contents entries 20 through 37 as 19 
through 36, respectively, by revising the introduction and guidelines 
8, 10, 12, 16, 18 to read as follows:

Appendix A to Part 363--Guidelines and Interpretations

Table of Contents

* * * * *

18. Attestation Report

* * * * *

Introduction

    Congress added section 36, ``Early Identification of Needed 
Improvements in Financial Management'' (section 36), to the Federal 
Deposit Insurance Act (FDI Act) in 1991.
    The FDIC Board of Directors adopted 12 CFR part 363 of its rules 
and regulations (the Rule) to implement those provisions of section 
36 that require rulemaking. The FDIC also approved these 
``Guidelines and Interpretations'' (the Guidelines) and directed 
that they be published with the Rule to facilitate a better 
understanding of, and full compliance with, the provisions of 
section 36.
    Although not contained in the Rule itself, some of the guidance 
offered restates or refers to statutory requirements of section 36 
and is therefore mandatory. If that is the case, the statutory 
provision is cited.
    Furthermore, upon adopting the Rule, the FDIC reiterated its 
belief that every insured depository institution, regardless of its 
size or charter, should have an annual audit of its financial 
statements performed by an independent public accountant, and should 
establish an audit committee comprised entirely of outside 
directors.
    The following Guidelines reflect the views of the FDIC 
concerning the interpretation of section 36. The Guidelines are 
intended to assist insured depository institutions (institutions), 
their boards of directors, and their advisors, including their 
independent public accountants and legal counsel, and to clarify 
section 36 and the Rule. It is recognized that reliance on the 
Guidelines may result in compliance with section 36 and the Rule 
which may vary from institution to institution. Terms which are not 
explained in the Guidelines have the meanings given them in the 
Rule, the FDI Act, or professional accounting and auditing 
literature.
* * * * *

Annual Reporting Requirements (Sec. 363.2)

* * * * *
    8. Management Report. Management should perform its own 
investigation and review of the effectiveness of internal controls 
and compliance with the Designated Laws defined in Guideline 12. 
Management also should maintain records of its determinations and 
assessments until the next federal safety and soundness examination, 
or such later date as specified by the FDIC or appropriate federal 
banking agency. Management should provide in its assessment of the 
effectiveness of internal controls, or supplementally, sufficient 
information to enable the accountant to report on its assertion. The 
management report of an insured branch of a foreign bank should be 
signed by the branch's managing official if the branch does not have 
a chief executive or financial officer.
* * * * *
    10. Standards for Internal Controls. Each institution should 
determine its own standards for establishing, maintaining, and 
assessing the effectiveness of its internal controls.2
---------------------------------------------------------------------------

    \2\ In considering what information is needed on safeguarding of 
assets and standards for internal controls, management may review 
guidelines provided by its primary federal regulator; the FDIC's 
Division of Supervision Manual of Examination Policies; the Federal 
Reserve Board's Commercial Bank Examination Manual and other 
relevant regulations; the Office of Thrift Supervision's Thrift 
Activities Handbook; the Comptroller of the Currency's Handbook for 
National Bank Examiners; and standards published by professional 
accounting organizations, such as the American Institute of 
Certified Public Accountants' (AICPA) Statement on Auditing 
Standards No. 55, ``Consideration of the Internal Control Structure 
in a Financial Statement Audit,'' as amended by Statement of 
Auditing Standards No. 78; the Committee of Sponsoring Organizations 
(COSO) of the Treadway Commission's Internal Control--Integrated 
Framework, including its addendum on safeguarding of assets; and 
other internal control standards published by the AICPA, other 
accounting or auditing professional associations, and financial 
institution trade associations.
---------------------------------------------------------------------------

* * * * *
    12. Compliance with Laws and Regulations. The designated laws 
and regulations are the federal laws and regulations concerning 
loans to insiders and the federal and state laws and regulations 
concerning dividend restrictions (the Designated Laws). Table 1 to 
this Appendix A lists the designated federal laws and regulations 
pertaining to insider loans and dividend restrictions that are 
applicable to each type of institution.

Role of Independent Public Accountant (Sec. 363.3)

* * * * *
    16. Filing Peer Review Reports. Within 15 days of receiving 
notification that the peer review has been accepted, or before 
commencing any audit under the Rule, whichever is earlier, two 
copies of the most recent peer review report, accompanied by any 
letter of comments and letter of response, should be filed by the 
independent public accountant (if not already on file) with the 
FDIC, Registration and Disclosure Section, 550 17th Street, N.W., 
Washington, D.C. 20429, where they will be available for public 
inspection. All corrective action required under any qualified peer 
review report should have been taken before commencing services 
under this Rule.
* * * * *
    18. Attestation Report. The independent public accountant should 
provide the institution with an internal controls attestation report 
and any management letter at the conclusion of the audit as required 
by section 36(c)(1). If a holding company subsidiary relies on its 
holding company management report, the accountant may attest to and 
report on management's assertions in one report, without reporting 
separately on each subsidiary covered by the Rule. The FDIC has 
determined that management letters are exempt from public 
disclosure.
* * * * *
    5. Appendix A to part 363 is amended by removing Guideline 19 and 
redesignating Guidelines 20 through 37 as 19 through 36, respectively.
    6. Appendix A to part 363 is amended by revising newly designated 
Guideline 22 to read as follows:
* * * * *

Filing and Notice Requirements (Sec. 363.4)

    22. Place for Filing. Except for peer review reports filed 
pursuant to Guideline 16, all reports and notices required by, and 
other communications or requests made pursuant to, the Rule should 
be filed as follows:
    (a) FDIC: Appropriate FDIC Regional Office (Supervision), i.e., 
the FDIC regional office in the FDIC region in which the institution 
is headquartered or, in the case of a subsidiary institution of a 
holding company, the FDIC regional office that is responsible for 
monitoring the consolidated company. A filing made on behalf of 
several covered institutions owned by the same parent holding 
company should be accompanied by a transmittal letter identifying 
all of the institutions covered.
    (b) Office of the Comptroller of the Currency (OCC): appropriate 
OCC Supervisory Office.
    (c) Federal Reserve: appropriate Federal Reserve Bank.
    (d) Office of Thrift Supervision (OTS): appropriate OTS District 
Office.
    (e) State bank supervisor: the filing office of the appropriate 
state bank supervisor.
* * * * *
    7. Schedule A to Appendix A of part 363 and the Tables to Schedule 
A are removed.
    8. Table 1 is added to Appendix A to read as follows:

[[Page 63259]]



                                              Table 1 to Appendix A                                             
----------------------------------------------------------------------------------------------------------------
                              Designated Federal Laws and Regulations Applicable to                             
-----------------------------------------------------------------------------------------------------------------
                                                                                          State                 
                                                            National    State member    nonmember      Savings  
                                                              banks         banks         banks     associations
----------------------------------------------------------------------------------------------------------------
                   Insider Loans--Parts and/or Sections of Title 12 of the United States Code                   
----------------------------------------------------------------------------------------------------------------
375a.......................  Loans to Executive Officers                      (\1\)         (\1\) 
                              of Banks.                                                                         
375b.......................  Prohibitions Respecting                          (\1\)         (\1\) 
                              Loans and Extensions of                                                           
                              Credit to Executive                                                               
                              Officers and Directors of                                                         
                              Banks, Political Campaign,                                                        
                              Committees, etc.                                                                  
1468(b)....................  Extensions of Credit to      ............  ............  ............       
                              Executive Officers,                                                               
                              Directors, and Principal                                                          
                              Shareholders.                                                                     
1828(j)(2).................  Provisions Relating to       ............  ............         ............
                              Loans, Extensions of                                                              
                              Credit, and Other Dealings                                                        
                              Between Member Banks and                                                          
                              Their Affiliates,                                                                 
                              Executive Officers,                                                               
                              Directors, etc.                                                                   
1828(j)(3)(B)..............  Extensions of Credit               (\2\)   ............        (\3\)   ............
                              Applicability of                                                                  
                              Provisions Relating to                                                            
                              Loans, Extensions of                                                              
                              Credit, and Other Dealings                                                        
                              Between Insured Branches                                                          
                              of Foreign Banks and Their                                                        
                              Insiders.                                                                         
----------------------------------------------------------------------------------------------------------------
                      Parts and/or Sections of Title 12 of the Code of Federal Regulations                      
----------------------------------------------------------------------------------------------------------------
23.5.......................  Application of Legal                ............  ............  ............
                              Lending Limits;                                                                   
                              Restrictions on                                                                   
                              Transactions With                                                                 
                              Affiliates.                                                                       
31.........................  Extensions of Credit to             ............  ............  ............
                              National Bank Insiders.                                                           
215........................  Subpart A--Loans by Member                       (\4\)         (\5\) 
                              Banks to Their Executive                                                          
                              Officers, Directors, and                                                          
                              Principal Shareholders.                                                           
                             Subpart B--Reports of                            (\4\)         (\5\) 
                              Indebtedness of Executive                                                         
                              Officers and Principal                                                            
                              Shareholders of Insured                                                           
                              Nonmember Banks.                                                                  
337.3......................  Limits on Extensions of      ............  ............         ............
                              Credit to Executive                                                               
                              Officers, Directors, and                                                          
                              Principal Shareholders of                                                         
                              Insured Nonmember Banks.                                                          
349.3......................  Reports by Executive         ............  ............         ............
                              Officers and Principal                                                            
                              Shareholders.                                                                     
563.43.....................  Loans by Savings             ............  ............  ............       
                              Associations to Their                                                             
                              Executive Officers,                                                               
                              Directors, and Principal                                                          
                              Shareholders.                                                                     
----------------------------------------------------------------------------------------------------------------
               Dividend Restrictions--Parts and/or Sections of Title 12 of the United States Code               
----------------------------------------------------------------------------------------------------------------
56.........................  Prohibition on Withdrawal                  ............  ............
                              of Capital and Unearned                                                           
                              Dividends.                                                                        
60.........................  Dividends and Surplus Funds                ............  ............
1467a(f)...................  Declaration of Dividends...  ............  ............  ............       
1831o......................  Prompt Corrective Action--                             
                              Dividend Restrictions.                                                            
----------------------------------------------------------------------------------------------------------------
                      Parts and/or Sections of Title 12 of the Code of Federal Regulations                      
----------------------------------------------------------------------------------------------------------------
5.61.......................  Payment of dividends;               ............  ............  ............
                              capital limitation.                                                               
5.62.......................  Payment of dividends;               ............  ............  ............
                              earnings limitation.                                                              
6.6........................  Prompt Corrective Action--          ............  ............  ............
                              Dividend Restrictions.                                                            
7.6120.....................  Dividends Payable in                ............  ............  ............
                              Property Other Than Cash.                                                         
208.19.....................  Payments of Dividends......  ............         ............  ............
208.35.....................  Prompt Corrective Action...  ............         ............  ............
325.105....................  Prompt Corrective Action...  ............  ............         ............
563.134....................  Capital Distributions......  ............  ............  ............       
565........................  Prompt Corrective Action...  ............  ............  ............       
----------------------------------------------------------------------------------------------------------------
\1\ Subsections (g) and (h) only.                                                                               
\2\ Applies only to insured federal branches of foreign banks.                                                  
\3\ Applies only to insured state branches of foreign banks.                                                    
\4\ See 12 CFR parts 337.3 and 349.3.                                                                           
\5\ See 12 CFR part 563.43.                                                                                     


[[Page 63260]]

    By Order of the Board of Directors.

    Dated at Washington, D.C., this 12th day of November, 1997.

Federal Deposit Insurance Corporation.
Robert E. Feldman,
Executive Secretary.
[FR Doc. 97-30860 Filed 11-26-97; 8:45 am]
BILLING CODE 6714-01-P