[Federal Register Volume 70, Number 89 (Tuesday, May 10, 2005)]
[Notices]
[Pages 24576-24581]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 05-9298]


=======================================================================
-----------------------------------------------------------------------

FEDERAL FINANCIAL INSTITUTIONS EXAMINATION COUNCIL


Interagency Advisory on the Unsafe and Unsound Use of Limitation 
of Liability Provisions and Certain Alternative Dispute Resolution 
Provisions in External Audit Engagement Letters

AGENCY: Federal Financial Institutions Examination Council.

ACTION: Proposed interagency advisory; request for comment.

-----------------------------------------------------------------------

SUMMARY: The Federal Financial Institutions Examination Council 
(FFIEC), on behalf of the Office of Thrift Supervision (OTS), Treasury; 
the Board of Governors of the Federal Reserve System (Board); the 
Federal Deposit Insurance Corporation (FDIC); the National Credit Union 
Administration (NCUA); and the Office of the Comptroller of the 
Currency (OCC), Treasury (collectively, the Agencies), is seeking 
public comment on a proposed Interagency Advisory on the Unsafe and 
Unsound Use of Limitation of Liability Provisions and Certain 
Alternative Dispute Resolution Provisions in External Audit Engagement 
Letters. The proposal advises financial institutions' boards of 
directors, audit committees, and management that they should ensure 
that they do not enter any agreement that contains external auditor 
limitation of liability provisions with respect to financial statement 
audits.

DATES: Comments must be received on or before June 9, 2005.

ADDRESSES: Comments should be directed to: FFIEC, Program Coordinator, 
3501Fairfax Drive, Room 3086, Arlington, VA 22226; by e-mail to [email protected]; or by fax to (703) 516-5487. Comments will be 
available for public inspection during regular business hours at the 
above address. Appointments to inspect comments are encouraged and can 
be arranged by calling the FFIEC at (703) 516-5588.

FOR FURTHER INFORMATION CONTACT:
    OTS: Jeffrey J. Geer, Chief Accountant, at 
[email protected] or (202) 906-6363; or Patricia

[[Page 24577]]

Hildebrand, Senior Policy Accountant, at 
[email protected] or (202) 906-7048.
    Board: Terrill Garrison, Supervisory Financial Analyst, at 
[email protected] or (202) 452-2712.
    FDIC: Harrison E. Greene, Jr., Senior Policy Analyst (Bank 
Accounting), Division of Supervision and Consumer Protection, at 
[email protected] or (202) 898-8905; or Michelle Borzillo, Counsel, 
Supervision and Legislation Section, Legal Division, at 
[email protected] or (202) 898-7400.
    NCUA: Karen Kelbly, Chief Accountant, at [email protected] or (703) 
518-6389.
    OCC: Brent Kukla, Accounting Fellow, at [email protected] 
or (202) 874-4978.

SUPPLEMENTARY INFORMATION:

I. Background

    The Agencies have observed an increase in the types and frequency 
of provisions in certain financial institutions' external audit 
engagement letters that limit the auditors' liability. While these 
provisions do not appear in a majority of financial institution 
engagement letters, the provisions are becoming more prevalent. The 
Agencies believe such provisions may weaken an external auditor's 
objectivity, impartiality, and performance; therefore, inclusion of 
these provisions in financial institution engagement letters raises 
safety and soundness concerns.
    While these provisions take many forms, they can be generally 
categorized as an agreement by a financial institution that is a client 
of an external auditor to:
     Indemnify the external auditor against claims made by 
third parties;
     Hold harmless or release the external auditor from 
liability for claims or potential claims that might be asserted by the 
client financial institution; or
     Limit the remedies available to the client financial 
institution.

Collectively, these and similar types of provisions are referred to in 
the proposed advisory as limitation of liability provisions.

II. Comments

    The FFIEC has approved the publication of the proposed advisory on 
behalf of the Agencies to seek public comment to fully understand the 
effect of the proposed advisory on the inappropriate use of limitation 
of liability provisions on external auditor engagements. While public 
comments are welcome on all aspects of this advisory, the Agencies are 
specifically seeking comments on the following questions. Please 
provide information that supports your position.
    1. The advisory, as written, indicates that limitation of liability 
provisions are inappropriate for all financial institution external 
audits.
    a. Is the scope appropriate? If not, to which financial 
institutions should the advisory apply and why?
    b. Should the advisory apply to financial institution audits that 
are not required by law, regulation, or order?
    2. What effects would the issuance of this advisory have on 
financial institutions' ability to negotiate the terms of audit 
engagements?
    3. Would the advisory on limitation of liability provisions result 
in an increase in external audit fees?
    a. If yes, would the increase be significant?
    b. Would it discourage financial institutions that voluntarily 
obtain audits from continuing to be audited?
    c. Would it result in fewer audit firms being willing to provide 
external audit services to financial institutions?
    4. The advisory describes three general categories of limitation of 
liability provisions.
    a. Is the description complete and accurate?
    b. Is there any aspect of the advisory or terminology that needs 
clarification?
    5. Appendix A of the advisory contains examples of limitation of 
liability provisions.
    a. Do the examples clearly and sufficiently illustrate the types of 
provisions that are inappropriate?
    b. Are there other inappropriate limitation of liability provisions 
that should be included in the advisory? If so, please provide 
examples.
    6. Is there a valid business purpose for financial institutions to 
agree to any limitation of liability provision? If so, please describe 
the limitation of liability provision and its business purpose.
    7. The advisory strongly recommends that financial institutions 
take appropriate action to nullify limitation of liability provisions 
in 2005 audit engagement letters that have already been accepted. Is 
this recommendation appropriate? If not, please explain your rationale 
(including burden and cost).

III. Paperwork Reduction Act

    In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 
Chapter 35), the Agencies have reviewed the proposed advisory and 
determined that it does not contain a collection of information 
pursuant to the Act.

IV. Proposed Advisory

    The text of the proposed advisory follows:

Interagency Advisory on the Unsafe and Unsound Use of Limitation of 
Liability Provisions and Certain Alternative Dispute Resolution 
Provisions in External Audit Engagement Letters

Purpose

    This advisory, issued jointly by the Office of Thrift Supervision 
(OTS), the Board of Governors of the Federal Reserve System (Board), 
the Federal Deposit Insurance Corporation (FDIC), the National Credit 
Union Administration (NCUA), and the Office of the Comptroller of the 
Currency (OCC) (collectively, the Agencies), alerts financial 
institutions' \1\ boards of directors, audit committees, management, 
and external auditors to the safety and soundness implications of 
provisions that limit the external auditor's liability in a financial 
statement audit. While the Agencies have observed several types of 
these provisions in external audit engagement letters, this advisory 
applies to any agreement that a financial institution enters into with 
its external auditor that limits the external auditor's liability with 
respect to financial statement audits.
---------------------------------------------------------------------------

    \1\ As used in this document, the term financial institutions 
includes banks, bank holding companies, savings associations, 
savings and loan holding companies, and credit unions.
---------------------------------------------------------------------------

    Agreements by financial institutions to limit their external 
auditors' liability or to submit to certain alternative dispute 
resolution (ADR) provisions that also limit the external auditors' 
liability may weaken the external auditors' objectivity, impartiality, 
and performance and thus, reduce the Agencies' ability to rely on 
external audits. Therefore, such agreements raise safety and soundness 
concerns, and entering into such agreements is generally considered to 
be an unsafe and unsound practice.
    In addition, such provisions may not be consistent with the auditor 
independence standards of the U.S. Securities and Exchange Commission 
(SEC), the Public Company Accounting Oversight Board (PCAOB), and the 
American Institute of Certified Public Accountants (AICPA).

Background

    A properly conducted external audit provides an independent and 
objective view of the reliability of a financial institution's 
financial statements. The external auditor's objective in an audit

[[Page 24578]]

of financial statements is to form an opinion on the financial 
statements taken as a whole. When planning and performing the audit, 
the external auditor considers the financial institution's internal 
control over financial reporting. Generally, the external auditor 
communicates any identified deficiencies in internal control to 
management, which enables management to take appropriate corrective 
action. For these reasons, the Agencies encourage all financial 
institutions to obtain external audits of their financial statements. 
The Federal Financial Institutions Examination Council's (FFIEC) 
Interagency Policy Statement on External Auditing Programs of Banks and 
Savings Associations \2\ notes ``[a]n institution's internal and 
external audit programs are critical to its safety and soundness.'' The 
policy also states that an effective external auditing program ``can 
improve the safety and soundness of an institution substantially and 
lessen the risk the institution poses to the insurance funds 
administered by'' the FDIC.
---------------------------------------------------------------------------

    \2\ Published in the Federal Register on September 28, 1999 (64 
FR 52319-27). The NCUA, a member of the FFIEC, has not adopted the 
policy statement.
---------------------------------------------------------------------------

    Typically, a written engagement letter is used to establish an 
understanding between the external auditor and the financial 
institution regarding the services to be performed in connection with 
the external audit of the financial institution. The engagement letter 
commonly describes the objective of the external audit, the reports to 
be prepared, the responsibilities of management and the external 
auditor, and other significant arrangements (e.g., fees and billing). 
As with any important contract, the Agencies encourage boards of 
directors, audit committees, and management to closely review all of 
the provisions in the external audit engagement letter before agreeing 
to sign. To assure that those charged with engaging the external 
auditor make a fully informed decision, any agreement such as an 
engagement letter that affects the financial institution's legal rights 
should be carefully reviewed by the financial institution's legal 
counsel.
    While the Agencies have not observed provisions that limit an 
external auditor's liability in the majority of external audit 
engagement letters reviewed, the Agencies have observed a significant 
increase in the types and frequency of these provisions. These 
provisions take many forms,\3\ but they can be generally categorized as 
an agreement by a financial institution that is a client of an external 
auditor to:
---------------------------------------------------------------------------

    \3\ Examples of auditor limitation of liability provisions are 
illustrated in Appendix A.
---------------------------------------------------------------------------

     Indemnify the external auditor against claims made by 
third parties;
     Hold harmless or release the external auditor from 
liability for claims or potential claims that might be asserted by the 
client financial institution; or
     Limit the remedies available to the client financial 
institution.

Collectively, these and similar types of provisions will be referred to 
in this advisory as ``limitation of liability provisions.''
    Financial institutions'' boards of directors, audit committees, and 
management should also be aware that certain financial institution 
insurance policies (such as error and omission policies and director 
and officer liability policies) may not cover the financial 
institutions' losses arising from claims that are precluded by the 
limitation of liability provisions.

Limitation of Liability Provisions

    Many financial institutions are required to have their financial 
statements audited while others voluntarily choose to undergo such 
audits. For example, banks, savings associations, and credit unions 
with $500 million or more in total assets are required to have annual 
independent audits.\4\ Certain savings associations (for example, those 
with a CAMELS rating of 3, 4, or 5) and savings and loan holding 
companies are also required by OTS regulations to have annual 
independent audits.\5\ Furthermore, financial institutions that are 
public companies \6\ must have annual independent audits. The Agencies 
rely on the results of external audits as part of their assessment of 
the safety and soundness of a financial institution's operations.
---------------------------------------------------------------------------

    \4\ For banks and savings associations, see Section 36 of the 
Federal Deposit Insurance Act (FDI Act) (12 U.S.C. 1831m) and Part 
363 of the FDIC's regulations (12 CFR part 363). For credit unions, 
see Section 202(a)(6) of the Federal Credit Union Act (12 U.S.C. 
1782(a)(6)) and Part 715 of the NCUA's regulations (12 CFR part 
715).
    \5\ See OTS regulation at 12 CFR 562.4.
    \6\ Public companies are companies subject to the reporting 
requirements of the Securities Exchange Act of 1934.
---------------------------------------------------------------------------

    In order for an external audit to be effective, the external 
auditors must be independent in both fact and appearance, and they must 
perform all necessary procedures to comply with generally accepted 
auditing standards established by the AICPA and, if applicable, the 
standards of the PCAOB. When a financial institution executes an 
agreement that limits the external auditor's liability, the external 
auditor's objectivity, impartiality, and performance may be weakened or 
compromised and the usefulness of the external audit for safety and 
soundness purposes may be diminished.
    Since limitation of liability provisions can impair the external 
auditor's independence and may adversely affect the external auditor's 
performance, they present safety and soundness concerns for all 
financial institution external audits. By their very nature, these 
provisions can remove or greatly weaken an external auditor's objective 
and unbiased consideration of problems encountered in the external 
audit engagement and induce the external auditor to depart from the 
standards of objectivity and impartiality required in the performance 
of a financial statement audit. The existence of such provisions in an 
external audit engagement letter may lead to the use of less extensive 
or less thorough procedures than would otherwise be followed, thereby 
reducing the benefits otherwise expected to be derived from the 
external audit. Accordingly, financial institutions should not enter 
into external audit arrangements that include any limitation of 
liability provisions. This applies regardless of the size of the 
financial institution, whether the financial institution is public or 
not, and whether the external audit is required or voluntary.

Auditor Independence

    Currently, auditor independence standard-setters include the AICPA, 
the SEC, and the PCAOB. Depending upon the audit client, an external 
auditor is subject to the independence standards of one or more of 
these standard-setters. For all credit unions under NCUA's regulations, 
and for other non-public financial institutions that are not required 
to have annual independent audits pursuant to Part 363 of the FDIC's 
regulations or pursuant to OTS's regulations, the Agencies' rules 
require only that an external auditor meet the AICPA independence 
standards; they do not require the financial institution's external 
auditor to comply with the independence standards of the SEC and the 
PCAOB.
    In contrast, for financial institutions subject to the audit 
requirements in Part 363 of the FDIC's regulations or subject to OTS's 
regulations, the external auditor should be in compliance with the 
AICPA's Code of Professional Conduct and meet the independence 
requirements and interpretations of the SEC and its staff.\7\ In this 
regard, in a

[[Page 24579]]

December 13, 2004, Frequently Asked Question (FAQ) on the application 
of the SEC's auditor independence rules, the SEC reiterated its long-
standing position that when an accountant and his or her client enter 
into an agreement which seeks to provide the accountant immunity from 
liability for his or her own negligent acts, the accountant is not 
independent. The FAQ also states that including in engagement letters a 
clause that would release, indemnify, or hold the auditor harmless from 
any liability and costs resulting from knowing misrepresentations by 
management would impair the auditor's independence.\8\ The SEC's FAQ is 
consistent with Section 602.02.f.i. (Indemnification by Client) of the 
SEC's Codification of Financial Reporting Policies. (Section 
602.02.f.i. and the FAQ are included in Appendix B.)
---------------------------------------------------------------------------

    \7\ See FDIC Regulation 12 CFR Part 363, Appendix A--Guidelines 
and Interpretations; Guideline 14, Role of the Independent Public 
Accountant--Independence; and OTS Regulation 12 CFR 562.4(d)(3)(i), 
Qualifications for independent public accountant.
    \8\ AICPA Ethics Ruling 94 (ET Sec.  191.188-189) currently 
concludes that indemnification for ``knowing misrepresentations by 
management'' does not impair independence. At this writing, the 
AICPA's Professional Ethics Executive Committee has formed a task 
force that is studying the use of indemnification clauses in 
engagement letters and how such clauses may affect an auditor's 
independence.
---------------------------------------------------------------------------

    Based on this SEC guidance and the Agencies' existing regulations, 
limitation of liability provisions are already inappropriate in auditor 
engagement letters entered into by:
     Public financial institutions that file reports with the 
SEC or with the Agencies;
     Financial institutions subject to Part 363; and
     Certain other financial institutions that OTS regulations 
at 12 CFR 562.4 require to have annual independent audits.

    In addition, many of these limitation of liability provisions may 
violate the AICPA independence standards. Because limitation of 
liability provisions may impair an auditor's independence and may 
adversely affect the external auditor's objectivity, impartiality, and 
performance, the provisions present safety and soundness concerns for 
all financial institution external audits.

Alternative Dispute Resolution Agreements and Jury Trial Waivers

    The Agencies have also observed that some financial institutions 
are agreeing in their external audit engagement letters to submit 
disputes over external auditor services to mandatory and binding 
alternative dispute resolution, binding arbitration, or some other 
binding non-judicial dispute resolution process (collectively referred 
to as mandatory ADR) or to waive the right to a jury trial. By agreeing 
in advance to submit disputes to mandatory ADR, the financial 
institution is effectively agreeing to waive the right to full 
discovery, limit appellate review, and limit or waive other rights and 
protections available in ordinary litigation proceedings. While ADR may 
expedite case resolution and reduce costs, financial institutions 
should consider the value of the rights being waived. Similarly, by 
waiving a jury trial, the financial institution may effectively limit 
the amount it might receive in any settlement of its case. The loss of 
these legal protections can reduce the value of the financial 
institution's claim in an audit dispute.
    The Agencies recognize that ADR procedures and jury trial waivers 
may be efficient and cost-effective tools for resolving disputes in 
some cases. However, financial institutions should take care to 
understand the ramifications of agreeing to submit audit disputes to 
mandatory ADR or to waive a jury trial before an audit dispute arises.
    In particular, pre-dispute mandatory ADR agreements in external 
audit engagement letters present safety and soundness concerns when 
they incorporate additional limitations of liability, or when mandatory 
ADR agreements operate under rules of procedure that may limit auditor 
liability. Examples of such limitations on liability include 
provisions:
     Capping the amount of actual damages that may be claimed;
     Prohibiting claims for punitive damages or other remedies; 
or
     Shortening the time in which the financial institution may 
file a claim.
    Thus, financial institutions should not enter into pre-dispute 
mandatory ADR arrangements that incorporate limitation of liability 
provisions, whether the limitations on liability form part of an audit 
engagement letter or are set out separately.
    The Agencies encourage all financial institutions to review each 
proposed external audit engagement letter presented by an audit firm 
and understand the limitations on the ability to recover effectively 
from an audit firm in light of any mandatory ADR agreement or jury 
trial waiver. Financial institutions should also review the rules of 
procedure referenced in the ADR agreement to ensure that the potential 
consequences of such procedures are acceptable to the institution. In 
addition, financial institutions should recognize that ADR agreements 
may themselves contain limitation of liability provisions as described 
in this advisory.

Conclusion

    Financial institutions' boards of directors, audit committees, and 
management should ensure that they do not enter any agreement that 
contains external auditor limitation of liability provisions with 
respect to financial statement audits. In addition, financial 
institutions should document their business rationale for agreeing to 
any other provisions that alter their legal rights.
    The inclusion of limitation of liability provisions in external 
audit engagement letters and other agreements that are inconsistent 
with this advisory will generally be considered an unsafe and unsound 
practice. The Agencies may take appropriate supervisory action if such 
provisions are included in external audit engagement letters or other 
agreements related to financial statement audits that are executed 
(accepted or agreed to by the financial institution) after the date of 
this advisory. Furthermore, if boards of directors, audit committees, 
or management have already accepted an external audit engagement letter 
or related agreement for a fiscal 2005 or subsequent financial 
statement audit (i.e., fiscal years ending on or after January 1, 
2005), the Agencies strongly recommend that boards of directors, audit 
committees, and management consult with legal counsel and the external 
auditor and take appropriate action to have any limitation of liability 
provision nullified.
    Financial institutions' boards of directors, audit committees, and 
management should also check with their insurers to determine the 
effect, if any, on their ability to recover losses as a result of the 
external auditors' actions that were not recovered because of the 
limitation of liability provisions.
    As indicated in the Interagency Policy Statement on External 
Auditing Programs of Banks and Savings Associations, the Agencies' 
examiners will consider the policies, processes, and personnel 
surrounding a financial institution's external auditing program in 
determining whether (1) the engagement letter covering external 
auditing activities is adequate and does not raise any safety and 
soundness concerns and (2) the external auditor maintains appropriate 
independence regarding relationships with the financial institution 
under relevant professional standards.

[[Page 24580]]

Appendix A

Examples of Limitation of Liability Provisions

    Presented below are some of the types of limitation of liability 
provisions (with an illustrative example of each type) that the 
Agencies observed in financial institutions' external audit 
engagement letters. The inclusion in external audit engagement 
letters or agreements related to the financial statement audit of 
any of the illustrative provisions (which do not represent an all-
inclusive list) or any other language that would produce similar 
effects is generally considered an unsafe and unsound practice.

1. ``Release From Liability for Auditor Negligence'' Provision

    In this type of provision, the financial institution agrees not 
to hold the audit firm liable for any damages, except to the extent 
determined to have resulted from the willful misconduct or 
fraudulent behavior by the audit firm.
    Example: In no event shall [the audit firm] be liable to the 
Financial Institution, whether a claim be in tort, contract or 
otherwise, for any consequential, indirect, lost profit, or similar 
damages relating to [the audit firm's] services provided under this 
engagement letter, except to the extent finally determined to have 
resulted from the willful misconduct or fraudulent behavior of [the 
audit firm] relating to such services.

2. ``No Damages'' Provision

    In this type of provision, the financial institution agrees that 
in no event will the external audit firm's liability include 
responsibility for any claimed incidental, consequential, punitive, 
or exemplary damages.
    Example: In no event will [the audit firm's] liability under the 
terms of this Agreement include responsibility for any claimed 
incidental, consequential, or exemplary damages.

3. ``Limitation of Period To File Claim'' Provision

    In this type of provision, the financial institution agrees that 
no claim will be asserted after a fixed period of time that is 
shorter than the applicable statute of limitations, effectively 
agreeing to limit the financial institution's rights in filing a 
claim.
    Example: It is agreed by the Financial Institution and [the 
audit firm] or any successors in interest that no claim arising out 
of services rendered pursuant to this agreement by, or on behalf of, 
the Financial Institution shall be asserted more than two years 
after the date of the last audit report issued by [the audit firm].

4. ``Losses Occurring During Periods Audited'' Provision

    In this type of provision, the financial institution agrees that 
the external audit firm's liability will be limited to any losses 
occurring during periods covered by the external audit, and will not 
include any losses occurring in later periods for which the external 
audit firm is not engaged. This provision may not only preclude the 
collection of consequential damages for harm in later years, but 
also may preclude any recovery at all. It appears that the external 
audit firm would have no liability until the external audit report 
is actually delivered and any liability thereafter might be limited 
to the period covered by the external audit. In other words, it 
might limit the external audit firm's liability to the period before 
there is any liability. Read more broadly, the external audit firm 
might be liable for losses that arise in subsequent years only if 
the firm continues to be engaged to audit the client's financial 
statements in those years.
    Example: In the event the Financial Institution is dissatisfied 
with [the audit firm's] services, it is understood that [the audit 
firm's] liability, if any, arising from this engagement will be 
limited to any losses occurring during the periods covered by [the 
audit firm's] audit, and shall not include any losses occurring in 
later periods for which [the audit firm] is not engaged as auditors.

5. ``No Assignment or Transfer'' Provision

    In this type of provision, the financial institution agrees that 
it will not assign or transfer any claim against the external audit 
firm to another party. This provision could limit the ability of 
another party to pursue a claim against the external auditor in a 
sale or merger of the financial institution, in a sale of certain 
assets or line of business of the financial institution, or in a 
supervisory merger or receivership of the financial institution. 
This provision may also prevent the financial institution from 
subrogating a claim against its external auditor to the financial 
institution's insurer under its directors' and officers' liability 
or other insurance coverage.
    Example: The Financial Institution agrees that it will not, 
directly or indirectly, agree to assign or transfer any claim 
against [the audit firm] arising out of this engagement to anyone.

6. ``Knowing Misrepresentations by Management'' Provision

    In this type of provision, the financial institution releases 
and indemnifies the external audit firm from any claims, 
liabilities, and costs attributable to any knowing misrepresentation 
by management.
    Example: Because of the importance of oral and written 
management representations to an effective audit, the Financial 
Institution releases and indemnifies [the audit firm] and its 
personnel from any and all claims, liabilities, costs, and expenses 
attributable to any knowing misrepresentation by management.

7. ``Indemnification for Management Negligence'' Provision

    In this type of provision, the financial institution agrees to 
protect the external auditor from third party claims arising from 
the external audit firm's failure to discover negligent conduct by 
management. It would also reinforce the defense of contributory 
negligence in cases in which the financial institution brings an 
action against its external auditor. In either case, the contractual 
defense would insulate the external audit firm from claims for 
damages even if the reason the external auditor failed to discover 
the negligent conduct was a failure to conduct the external audit in 
accordance with generally accepted audited standards or other 
applicable professional standards.
    Example: The Financial Institution shall indemnify, hold 
harmless and defend [the audit firm] and its authorized agents, 
partners and employees from and against any and all claims, damages, 
demands, actions, costs and charges arising out of, or by reason of, 
the Financial Institution's negligent acts or failure to act 
hereunder.

8. ``Damages Not To Exceed Fees Paid'' Provision

    In this type of provision, the financial institution agrees to 
limit the external auditor's liability to the amount of audit fees 
the financial institution paid the external auditor, regardless of 
the extent of damages. This may result in a substantial 
unrecoverable loss or cost to the financial institution.
    Example: [The audit firm] shall not be liable for any claim for 
damages arising out of or in connection with any services provided 
herein to the Financial Institution in an amount greater than the 
amount of fees actually paid to [the audit firm] with respect to the 
services directly relating to and forming the basis of such claim.

    Note: The Agencies also observed a similar provision that 
limited damages to a predetermined amount not related to fees paid.

Appendix B

SEC's Codification of Financial Reporting Policies, Section 602.02.f.i 
and the SEC's December 13, 2004, FAQ on Auditor Independence

Section 602.02.f.i--Indemnification by Client, 3 Fed. Sec. L. (CCH) 
] 38,335, at 38,603-17 (2003):

    Inquiry was made as to whether an accountant who certifies 
financial statements included in a registration statement or annual 
report filed with the Commission under the Securities Act or the 
Exchange Act would be considered independent if he had entered into 
an indemnity agreement with the registrant. In the particular 
illustration cited, the board of directors of the registrant 
formally approved the filing of a registration statement with the 
Commission and agreed to indemnify and save harmless each and every 
accountant who certified any part of such statement, ``from any and 
all losses, claims, damages or liabilities arising out of such act 
or acts to which they or any of them may become subject under the 
Securities Act, as amended, or at `common law,' other than for their 
willful misstatements or omissions.''
    When an accountant and his client, directly or through an 
affiliate, have entered into an agreement of indemnity which seeks 
to assure to the accountant immunity from liability for his own 
negligent acts, whether of omission or commission, one of the major 
stimuli to objective and unbiased consideration of the problems 
encountered in a particular engagement is removed or greatly 
weakened. Such condition must frequently induce a departure from the 
standards of objectivity and impartiality which the

[[Page 24581]]

concept of independence implies. In such difficult matters, for 
example, as the determination of the scope of audit necessary, 
existence of such an agreement may easily lead to the use of less 
extensive or thorough procedures than would otherwise be followed. 
In other cases it may result in a failure to appraise with 
professional acumen the information disclosed by the examination. 
Consequently, the accountant cannot be recognized as independent for 
the purpose of certifying the financial statements of the 
corporation. (Emphasis added.)

U.S. Securities and Exchange Commission; Office of the Chief 
Accountant: Application of the Commission's Rules on Auditor 
Independence Frequently Asked Questions; Other Matters--Question 4 
(Issued December 13, 2004):

    Q: Has there been any change in the Commission's long standing 
view (Financial Reporting Policies--Section 600--602.02.f.i. 
``Indemnification by Client'') that when an accountant enters into 
an indemnity agreement with the registrant, his or her independence 
would come into question?
    A: No. When an accountant and his or her client, directly or 
through an affiliate, enter into an agreement of indemnity which 
seeks to provide the accountant immunity from liability for his or 
her own negligent acts, whether of omission or commission, the 
accountant is not independent. Further, including in engagement 
letters a clause that a registrant would release, indemnify or hold 
harmless from any liability and costs resulting from knowing 
misrepresentations by management would also impair the firm's 
independence. (Emphasis added.)

    Dated: May 4, 2005.
Tamara J. Wiseman,
Executive Secretary, Federal Financial Institutions Examination 
Council.

[FR Doc. 05-9298 Filed 5-9-05; 8:45 am]
BILLING CODE 6720-01-P, 6210-01,-P, 6714-01-P, 7535-01-P, 4810-33-P