(a) Annual audit of financial statements. Each insured depository institution shall engage an independent public accountant to audit and report on its annual financial statements in accordance with generally accepted auditing standards or the PCAOB’s auditing standards, if applicable, and section 37 of the Federal Deposit Insurance Act (12 U.S.C. § 1831n). The scope of the audit engagement shall be sufficient to permit such accountant to determine and report whether the financial statements are presented fairly and in accordance with GAAP.

Ask a legal question, get an answer ASAP!
Click here to chat with a lawyer about your rights.

Terms Used In 12 CFR 363.3

  • Assets: (1) The property comprising the estate of a deceased person, or (2) the property in a trust account.
  • Fiscal year: The fiscal year is the accounting period for the government. For the federal government, this begins on October 1 and ends on September 30. The fiscal year is designated by the calendar year in which it ends; for example, fiscal year 2006 begins on October 1, 2005 and ends on September 30, 2006.

(b) Internal control over financial reporting. For each insured depository institution with total assets of $1 billion or more at the beginning of the institution’s fiscal year, the independent public accountant who audits the institution’s financial statements shall examine, attest to, and report separately on the assertion of management concerning the effectiveness of the institution’s internal control structure and procedures for financial reporting. The attestation and report shall be made in accordance with generally accepted standards for attestation engagements or the PCAOB’s auditing standards, if applicable. The accountant’s report must not be dated prior to the date of the management report and management’s assessment of the effectiveness of internal control over financial reporting. Notwithstanding the requirements set forth in applicable professional standards, the accountant’s report must include the following:

(1) A statement identifying the internal control framework used by the independent public accountant, which must be the same as the internal control framework used by management, to evaluate the effectiveness of the insured depository institution’s internal control over financial reporting;

(2) A statement that the independent public accountant’s evaluation included controls over the preparation of regulatory financial statements in accordance with regulatory reporting instructions including identification of such regulatory reporting instructions; and

(3) A statement expressing the independent public accountant’s conclusion as to whether the insured depository institution’s internal control over financial reporting is effective as of the end of its fiscal year. The report must disclose all material weaknesses in internal control over financial reporting that the independent public accountant has identified that have not been remediated prior to the insured depository institution’s fiscal year-end. The independent public accountant is precluded from concluding that the insured depository institution’s internal control over financial reporting is effective if there are one or more material weaknesses.

(c) Notice by accountant of termination of services. An independent public accountant performing an audit under this part who ceases to be the accountant for an insured depository institution shall notify the FDIC, the appropriate Federal banking agency, and any appropriate State bank supervisor in writing of such termination within 15 days after the occurrence of such event, and set forth in reasonable detail the reasons for such termination. The written notice shall be filed at the place identified in § 363.4(f).

(d) Communications with audit committee. In addition to the requirements for communications with audit committees set forth in applicable professional standards, the independent public accountant must report the following on a timely basis to the audit committee:

(1) All critical accounting policies and practices to be used by the insured depository institution,

(2) All alternative accounting treatments within GAAP for policies and practices related to material items that the independent public accountant has discussed with management, including the ramifications of the use of such alternative disclosures and treatments, and the treatment preferred by the independent public accountant, and

(3) Other written communications the independent public accountant has provided to management, such as a management letter or schedule of unadjusted differences.

(e) Retention of working papers. The independent public accountant must retain the working papers related to the audit of the insured depository institution’s financial statements and, if applicable, the evaluation of the institution’s internal control over financial reporting for seven years from the report release date, unless a longer period of time is required by law.

(f) Independence. The independent public accountant must comply with the independence standards and interpretations of the AICPA, the SEC, and the PCAOB. To the extent that any of the rules within any one of these independence standards (AICPA, SEC, and PCAOB) is more or less restrictive than the corresponding rule in the other independence standards, the independent public accountant must comply with the more restrictive rule.

(g) Peer reviews and inspection reports. (1) Prior to commencing any services for an insured depository institution under this part, the independent public accountant must have received a peer review, or be enrolled in a peer review program, that meets acceptable guidelines. Acceptable peer reviews include peer reviews performed in accordance with the AICPA’s Peer Review Standards and inspections conducted by the PCAOB.

(2) Within 15 days of receiving notification that a peer review has been accepted or a PCAOB inspection report has been issued, or before commencing any audit under this part, whichever is earlier, the independent public accountant must file two copies of the most recent peer review report and the public portion of the most recent PCAOB inspection report, if any, accompanied by any letters of comments, response, and acceptance, with the FDIC, Accounting and Securities Disclosure Section, 550 17th Street, NW., Washington, DC 20429, if the report has not already been filed. The peer review reports and the public portions of the PCAOB inspection reports will be made available for public inspection by the FDIC.

(3) Within 15 days of the PCAOB making public a previously nonpublic portion of an inspection report, the independent public accountant must file two copies of the previously nonpublic portion of the inspection report with the FDIC, Accounting and Securities Disclosure Section, 550 17th Street, NW., Washington, DC 20429. Such previously nonpublic portion of the PCAOB inspection report will be made available for public inspection by the FDIC.