Code of Federal Regulations (Last Updated: November 8, 2024) |
Title 12 - Banks and Banking |
Chapter III - Federal Deposit Insurance Corporation |
SubChapter B - Regulations and Statements of General Policy |
Part 363 - Annual Independent Audits and Reporting Requirements |
Appendix B to Part 363 - Illustrative Management Reports
-
Appendix B to Part 363 - Illustrative Management Reports
Table of Contents
1. General
2. Reporting Scenarios for Institutions that are Holding Company Subsidiaries
3. Illustrative Statements of Management's Responsibilities
4. Illustrative Reports on Management's Assessment of Compliance with Designated Laws and Regulations
5. Illustrative Reports on Management's Assessment of Internal Control Over Financial Reporting
6. Illustrative Management Report - Combined Statement of Management's Responsibilities, Report on Management's Assessment of Compliance With Designated Laws and Regulations, and Report on Management's Assessment of Internal Control Over Financial Reporting
7. Illustrative Cover Letter - Compliance by Holding Company Subsidiaries
1. General. The reporting scenarios, illustrative management reports, and the cover letter (when complying at the holding company level) in Appendix B to part 363 are intended to assist managements of insured depository institutions in complying with the annual reporting requirements of § 363.2 and guideline 3, Compliance by Holding Company Subsidiaries, of Appendix A to part 363. However, use of the illustrative management reports and cover letter is not required. The managements of insured depository institutions are encouraged to tailor the wording of their management reports and cover letters to fit their particular circumstances, especially when reporting on material weaknesses in internal control over financial reporting or noncompliance with designated laws and regulations. Terms that are not explained in Appendix B have the meanings given them in part 363, the FDI Act, or professional accounting and auditing literature. Instructions to the preparer of the management reports are shown in brackets within the illustrative reports.
2. Reporting Scenarios for Institutions that are Holding Company Subsidiaries.
(a) Subject to the criteria specified in § 363.1(b), an insured depository institution that is a subsidiary of a holding company has flexibility in satisfying the reporting requirements of part 363. When reporting at the holding company level, the management report, or the individual components thereof, should identify those subsidiary institutions that are subject to part 363 and the extent to which they are included in the scope of the management report or a component of the report. The following reporting scenarios reflect how an insured depository institution that meets the criteria set forth in § 363.1(b) could satisfy the annual reporting requirements of § 363.2. Other reporting scenarios are possible.
(i) An institution that is a subsidiary of a holding company may satisfy the requirements for audited financial statements; management's statement of responsibilities; management's assessment of the institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions; management's assessment of the effectiveness of internal control over financial reporting, if applicable; and the independent public accountant's attestation on management's assertion as to the effectiveness of internal control over financial reporting, if applicable, at the insured depository institution level.
(ii) An institution that is a subsidiary of a holding company may satisfy the requirements for audited financial statements; management's statement of responsibilities; management's assessment of the institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions; management's assessment of the effectiveness of internal control over financial reporting, if applicable; and the independent public accountant's attestation on management's assertion as to the effectiveness of internal control over financial reporting, if applicable, at the holding company level.
(iii) An institution that is a subsidiary of a holding company may satisfy the requirement for audited financial statements at the holding company level and may satisfy the requirements for management's statement of responsibilities; management's assessment of the institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions; management's assessment of the effectiveness of internal control over financial reporting, if applicable; and the independent public accountant's attestation on management's assertion as to the effectiveness of internal control over financial reporting, if applicable, at the insured depository institution level.
(iv) An institution that is a subsidiary of a holding company may satisfy the requirements for audited financial statements; management's statement of responsibilities; and management's assessment of the institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions at the insured depository institution level and may satisfy the requirements for the assessment by management of the effectiveness of internal control over financial reporting, if applicable; and the independent public accountant's attestation on management's assertion as to the effectiveness of internal control over financial reporting, if applicable, at the holding company level.
(b) For an institution with total assets of $1 billion or more as of the beginning of its fiscal year, the assessment by management of the effectiveness of internal control over financial reporting and the independent public accountant's attestation on management's assertion as to the effectiveness of internal control over financial reporting, if applicable, must both be performed at the same level, i.e., either at the insured depository institution level or at the holding company level.
(c) Financial statements prepared for regulatory reporting purposes encompass the schedules equivalent to the basic financial statements in an institution's appropriate regulatory report, e.g., the bank Consolidated Reports of Condition and Income (Call Report) and the Thrift Financial Report (TFR). Guideline 4A in Appendix A to part 363 identifies the schedules equivalent to the basic financial statements in the Call Report and TFR. When internal control assessments and attestations are performed at the holding company level, the FDIC believes that holding companies have flexibility in interpreting “financial reporting” as it relates to “regulatory reporting” and has not objected to several reporting approaches employed by holding companies to cover “regulatory reporting.” Certain holding companies have had management's assessment and the accountant's attestation cover the schedules equivalent to the basic financial statements that are included in the appropriate regulatory report, e.g., Call Report and the TFR, of each subsidiary institution subject to part 363. Other holding companies have had management's assessment and the accountant's attestation cover the schedules equivalent to the basic financial statements that are included in the holding company's year-end regulatory report (FR Y-9C report) to the Federal Reserve Board.
3. Illustrative Statements of Management's Responsibilities. The following illustrative statements of management's responsibilities satisfy the requirements of § 363.2(b)(1).
(a) Statement Made at Insured Depository Institution Level
Statement of Management's Responsibilities
The management of ABC Depository Institution (the “Institution”) is responsible for preparing the Institution's annual financial statements in accordance with generally accepted accounting principles; for establishing and maintaining an adequate internal control structure and procedures for financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report]; and for complying with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions.
ABC Depository Institution
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(b) Statement Made at Holding Company Level
Statement of Management's Responsibilities
The management of BCD Holding Company (the “Company”) is responsible for preparing the Company's annual financial statements in accordance with generally accepted accounting principles; for establishing and maintaining an adequate internal control structure and procedures for financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report]; and for complying with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions. The following subsidiary institutions of the Company that are subject to Part 363 are included in this statement of management's responsibilities: [Identify the subsidiary institutions.]
BCD Holding Company
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
4. Illustrative Reports on Management's Assessment of Compliance with Designated Laws and Regulations. The following illustrative reports on management's assessment of compliance with Designated Laws and Regulations satisfy the requirements of § 363.2(b)(2).
(a) Statement Made at Insured Depository Institution Level - Compliance With Designated Laws and Regulations Pertaining to Insider Loans and Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and Regulations
The management of ABC Depository Institution (the “Institution”) has assessed the Institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. Based upon its assessment, management has concluded that the Institution complied with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
ABC Depository Institution
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(b) Statement Made at Insured Depository Institution Level - Noncompliance With Designated Laws and Regulations Pertaining to Both Insider Loans and Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and Regulations
The management of ABC Depository Institution (the “Institution”) has assessed the Institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. Based upon its assessment, management has determined that, because of the instance(s) of noncompliance noted below, the Institution did not comply with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of noncompliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions, including appropriate qualitative and quantitative information to describe the nature, type, and severity of the noncompliance and the dollar amounts of the insider loan(s) and dividend(s) involved.]
ABC Depository Institution
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(c) Statement Made at Insured Depository Institution Level - Compliance With Designated Laws and Regulations Pertaining to Insider Loans and Noncompliance With Designated Laws and Regulations Pertaining to Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and Regulations
The management of ABC Depository Institution (the “Institution”) has assessed the Institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. Based upon its assessment, management has concluded that the Institution complied with the Federal laws and regulations pertaining to insider loans during the fiscal year that ended on December 31, 20XX. Also, based upon its assessment, management has determined that, because of the instance(s) of noncompliance noted below, the Institution did not comply with the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of noncompliance with the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions, including appropriate qualitative and quantitative information to describe the nature, type, and severity of the noncompliance and the dollar amount(s) of the dividend(s) involved.]
ABC Depository Institution
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(d) Statement Made at Insured Depository Institution Level - Noncompliance With Designated Laws and Regulations Pertaining to Insider Loans and Compliance With Designated Laws and Regulations Pertaining to Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and Regulations
The management of ABC Depository Institution (the “Institution”) has assessed the Institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. Based upon its assessment, management has determined that, because of the instance(s) of noncompliance noted below, the Institution did not comply with the Federal laws and regulations pertaining to insider loans during the fiscal year that ended on December 31, 20XX. Also, based upon its assessment, management has concluded that the Institution complied with the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of noncompliance with the Federal laws and regulations pertaining to insider loans, including appropriate qualitative and quantitative information to describe the nature, type, and severity of the noncompliance and the dollar amount(s) of the insider loan(s) involved.]
ABC Depository Institution
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(e) Statement Made at Holding Company Level - Compliance With Designated Laws and Regulations Pertaining to Insider Loans and Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and Regulations
The management of BCD Holding Company (the “Company”) has assessed the Company's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. Based upon its assessment, management has concluded that the Company complied with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. The following subsidiary institutions of the Company that are subject to Part 363 are included in this assessment of compliance with these designated laws and regulations: [Identify the subsidiary institutions.]
BCD Holding Company
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(f) Statement Made at Holding Company Level - Noncompliance With Designated Laws and Regulations Pertaining to Both Insider Loans and Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and Regulations
The management of BCD Holding Company (the “Company”) has assessed the Company's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. The following subsidiary institutions of the Company that are subject to Part 363 are included in this assessment of compliance with these designated laws and regulations: [Identify the subsidiary institutions.]
Based upon its assessment, management has determined that, because of the instance(s) of noncompliance noted below, the Company did not comply with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of noncompliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions, including appropriate qualitative and quantitative information to identify the subsidiary institutions of the Company that are subject to Part 363 that had instances of noncompliance and describe the nature, type, and severity of the noncompliance and the dollar amount(s) of the insider loan(s) and dividend(s) involved.]
BCD Holding Company
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(g) Statement Made at Holding Company Level - Compliance With Designated Laws and Regulations Pertaining to Insider Loans and Noncompliance With Designated Laws and Regulations Pertaining to Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and Regulations
The management of BCD Holding Company (the “Company”) has assessed the Company's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. The following subsidiary institutions of the Company that are subject to Part 363 are included in this assessment of compliance with these designated laws and regulations: [Identify the subsidiary institutions.]
Based upon its assessment, management has concluded that the Company complied with the Federal laws and regulations pertaining to insider loans during the fiscal year that ended on December 31, 20XX. Also, based upon its assessment, management has determined that, because of the instance(s) of noncompliance noted below, the Company did not comply with the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of noncompliance with the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions, including appropriate qualitative and quantitative information to identify the subsidiary institutions of the Company that are subject to Part 363 that had instances of noncompliance and describe the nature, type, and severity of the noncompliance and the dollar amount(s) of the dividend(s) involved.]
BCD Holding Company
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(h) Statement Made at Holding Company Level - Noncompliance With Designated Laws and Regulations Pertaining to Insider Loans and Compliance With Designated Laws and Regulations Pertaining to Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and Regulations
The management of BCD Holding Company (the “Company”) has assessed the Company's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. The following subsidiary institutions of the Company that are subject to Part 363 are included in this assessment of compliance with these designated laws and regulations: [Identify the subsidiary institutions.]
Based upon its assessment, management has determined that, because of the instance(s) of noncompliance noted below, the Company did not comply with the Federal laws and regulations pertaining to insider loans during the fiscal year that ended on December 31, 20XX. Also, based upon its assessment, management has concluded that the Company complied with the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of noncompliance with the Federal laws and regulations pertaining to insider loans, including appropriate qualitative and quantitative information to identify the subsidiary institutions of the Company that are subject to Part 363 that had instances of noncompliance and describe the nature, type, and severity of the noncompliance and the dollar amount(s) of the insider loan(s) involved.]
BCD Holding Company
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
5. Illustrative Reports on Management's Assessment of Internal Control Over Financial Reporting. The following illustrative reports on management's assessment of internal control over financial reporting satisfy the requirements of § 363.2(b)(3).
(a) Statement Made at Insured Depository Institution Level - No Material Weaknesses
Management's Assessment of Internal Control Over Financial Reporting
ABC Depository Institution's (the “Institution”) internal control over financial reporting is a process effected by those charged with governance, management, and other personnel, designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of reliable financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, i.e., [specify the regulatory reports]. The Institution's internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Institution; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, and that receipts and expenditures of the Institution are being made only in accordance with authorizations of management and directors of the Institution; and (3) provide reasonable assurance regarding prevention, or timely detection and correction of unauthorized acquisition, use, or disposition of the Institution's assets that could have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent, or detect and correct misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies and procedures may deteriorate.
Management is responsible for establishing and maintaining effective internal control over financial reporting including controls over the preparation of regulatory financial statements. Management assessed the effectiveness of the Institution's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission in Internal Control - Integrated Framework. Based upon its assessment, management has concluded that, as of December 31, 20XX, the Institution's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], is effective based on the criteria established in Internal Control - Integrated Framework.
Management's assessment of the effectiveness of internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, has been audited by [name of auditing firm], an independent public accounting firm, as stated in their report dated March XX, 20XY.
ABC Depository Institution
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(b) Statement Made at Insured Depository Institution Level - One or More Material Weaknesses
Management's Assessment of Internal Control Over Financial Reporting
ABC Depository Institution's (the “Institution”) internal control over financial reporting is a process effected by those charged with governance, management, and other personnel, designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of reliable financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, i.e., [specify the regulatory reports]. The Institution's internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Institution; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, and that receipts and expenditures of the Institution are being made only in accordance with authorizations of management and directors of the Institution; and (3) provide reasonable assurance regarding prevention, or timely detection and correction of unauthorized acquisition, use, or disposition of the Institution's assets that could have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent, or detect and correct misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies and procedures may deteriorate.
Management is responsible for establishing and maintaining effective internal control over financial reporting including controls over the preparation of regulatory financial statements. Management assessed the effectiveness of the Institution's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission in Internal Control - Integrated Framework. Because of the material weakness (or weaknesses) noted below, management determined that the Institution's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], was not effective as of December 31, 20XX.
[Identify and describe the material weakness or weaknesses.]
Management's assessment of the effectiveness of internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, has been audited by [name of auditing firm], an independent public accounting firm, as stated in their report dated March XX, 20XY.
ABC Depository Institution
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(c) Statement Made at Holding Company Level - No Material Weaknesses
Management's Assessment of Internal Control Over Financial Reporting
BCD Holding Company's (the “Company”) internal control over financial reporting is a process designed and effected by those charged with governance, management, and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of reliable financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, i.e., [specify the regulatory reports]. The Company's internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Company; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, and that receipts and expenditures of the Company are being made only in accordance with authorizations of management and directors of the Company; and (3) provide reasonable assurance regarding prevention, or timely detection and correction of unauthorized acquisition, use, or disposition of the Company's assets that could have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent, or detect and correct misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies and procedures may deteriorate.
Management is responsible for establishing and maintaining effective internal control over financial reporting including controls over the preparation of regulatory financial statements. Management assessed the effectiveness of the Company's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission in Internal Control - Integrated Framework. Based on that assessment, management concluded that, as of December 31, 20XX, the Company's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], is effective based on the criteria established in Internal Control - Integrated Framework. The following subsidiary institutions of the Company that are subject to Part 363 are included in this assessment of the effectiveness of internal control over financial reporting: [Identify the subsidiary institutions.]
Management's assessment of the effectiveness of internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, has been audited by [name of auditing firm], an independent public accounting firm, as stated in their report dated March XX, 20XY.
BCD Holding Company
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(d) Statement Made at Holding Company Level - One or More Material Weaknesses
Management's Assessment of Internal Control Over Financial Reporting
BCD Holding Company's (the “Company”) internal control over financial reporting is a process effected by those charged with governance, management, and other personnel, designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of reliable financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, i.e., [specify the regulatory reports]. The Company's internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Company; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, and that receipts and expenditures of the Company are being made only in accordance with authorizations of management and directors of the Company; and (3) provide reasonable assurance regarding prevention, or timely detection and correction of unauthorized acquisition, use, or disposition of the Company's assets that could have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent, or detect and correct misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies and procedures may deteriorate.
Management is responsible for establishing and maintaining effective internal control over financial reporting including controls over the preparation of regulatory financial statements. Management assessed the effectiveness of the Company's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission in Internal Control - Integrated Framework. Because of the material weakness (or weaknesses) noted below, management determined that the Company's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], was not effective as of December 31, 20XX. The following subsidiary institutions of the Company that are subject to Part 363 are included in this assessment of the effectiveness of internal control over financial reporting: [Identify the subsidiary institutions.]
[Identify and describe the material weakness or weaknesses.]
Management's assessment of the effectiveness of internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, has been audited by [name of auditing firm], an independent public accounting firm, as stated in their report dated March XX, 20XY.
BCD Holding Company
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
6. Illustrative Management Report - Combined Statement of Management's Responsibilities, Report on Management's Assessment of Compliance With Designated Laws and Regulations, and Report on Management's Assessment of Internal Control Over Financial Reporting , if applicable. The following illustrative management reports satisfy the requirements of §§ 363.2(b)(1), (2), and (3).
(a) Management Report Made at Insured Depository Institution Level - Compliance With Designated Laws and Regulations Pertaining to Insider Loans and Dividend Restrictions and No Material Weaknesses in Internal Control Over Financial Reporting
Management Report
Statement of Management's Responsibilities
The management of ABC Depository Institution (the “Institution”) is responsible for preparing the Institution's annual financial statements in accordance with generally accepted accounting principles; for establishing and maintaining an adequate internal control structure and procedures for financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report]; and for complying with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions.
Management's Assessment of Compliance With Designated Laws and Regulations
The management of the Institution has assessed the Institution's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. Based upon its assessment, management has concluded that the Institution complied with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
Management's Assessment of Internal Control Over Financial Reporting
The Institution's internal control over financial reporting is a process effected by those charged with governance, management, and other personnel, designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of reliable financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, i.e., [specify the regulatory reports]. The Institution's internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Institution; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, and that receipts and expenditures of the Institution are being made only in accordance with authorizations of management and directors of the Institution; and (3) provide reasonable assurance regarding prevention, or timely detection and correction of unauthorized acquisition, use, or disposition of the Institution's assets that could have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent, or detect and correct misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies and procedures may deteriorate.
Management assessed the effectiveness of the Institution's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission in Internal Control - Integrated Framework.
Based upon its assessment, management has concluded that, as of December 31, 20XX, the Institution's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], is effective based on the criteria established in Internal Control - Integrated Framework.
Management's assessment of the effectiveness of internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, has been audited by [name of auditing firm], an independent public accounting firm, as stated in their report dated March XX, 20XY.
ABC Depository Institution
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
(b) Management Report Made at Holding Company Level - Compliance With Designated Laws and Regulations Pertaining to Insider Loans and Dividend Restrictions and No Material Weaknesses in Internal Control Over Financial Reporting
Management Report
[Instruction - The following illustrative introductory paragraph for the management report is applicable only if the same group of subsidiary institutions of the holding company that are subject to Part 363 are included in all three components of the management report required by Part 363: the statement of management's responsibilities, the report on management's assessment of compliance with the Designated Laws and Regulations pertaining to insider loans and dividend restrictions, and the report on management's assessment of internal control over financial reporting.]
In this management report, the following subsidiary institutions of the BCD Holding Company (the “Company”) that are subject to Part 363 are included in the statement of management's responsibilities; the report on management's assessment of compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions; and the report on management's assessment of internal control over financial reporting: [Identify the subsidiary institutions.]
[Instruction - The following illustrative introductory paragraph for the management report is applicable if the same group of subsidiary institutions of the holding company that are subject to Part 363 are included in the statement of management's responsibilities and management's assessment of compliance with the Designated Laws and Regulations pertaining to insider loans and dividend restrictions, but only some of the subsidiary institutions in the group are included in management's assessment of internal control over financial reporting.]
In this management report, the following subsidiary institutions of BCD Holding Company (the “Company”) that are subject to Part 363 are included in the statement of management's responsibilities and the report on management's assessment of compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions: [Identify the subsidiary institutions.] In addition, the following subsidiary institutions of the Company that are subject to Part 363 are included in the report on management's assessment of internal control over financial reporting: [Identify the subsidiary institutions.]
Statement of Management's Responsibilities
The management of the Company is responsible for preparing the Company's annual financial statements in accordance with generally accepted accounting principles; for establishing and maintaining an adequate internal control structure and procedures for financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report]; and for complying with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions.
Management's Assessment of Compliance With Designated Laws and Regulations
The management of the Company has assessed the Company's compliance with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX. Based upon its assessment, management has concluded that the Company complied with the Federal laws and regulations pertaining to insider loans and the Federal and, if applicable, State laws and regulations pertaining to dividend restrictions during the fiscal year that ended on December 31, 20XX.
Management's Assessment of Internal Control Over Financial Reporting
The Company's internal control over financial reporting is a process effected by those charged with governance, management, and other personnel, designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of reliable financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, i.e., [specify the regulatory reports]. The Company's internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Company; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with accounting principles generally accepted in the United States of America and financial statements for regulatory reporting purposes, and that receipts and expenditures of the Company are being made only in accordance with authorizations of management and directors of the Company; and (3) provide reasonable assurance regarding prevention, or timely detection and correction of unauthorized acquisition, use, or disposition of the Company's assets that could have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent, or detect and correct misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies and procedures may deteriorate.
Management assessed the effectiveness of the Company's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission in Internal Control - Integrated Framework. Based upon its assessment, management has concluded that, as of December 31, 20XX, the Company's internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], is effective based on the criteria established in Internal Control - Integrated Framework.
Management's assessment of the effectiveness of internal control over financial reporting, including controls over the preparation of regulatory financial statements in accordance with the instructions for the [specify the regulatory report], as of December 31, 20XX, has been audited by [name of auditing firm], an independent public accounting firm, as stated in their report dated March XX, 20XY.
BCD Holding Company
John Doe, Chief Executive Officer
Date:
Jane Doe, Chief Financial Officer
Date:
7. Illustrative Cover Letter - Compliance by Holding Company Subsidiaries. The following illustrative cover letter satisfies the requirements of guideline 3, Compliance by Holding Company Subsidiaries, of Appendix A to part 363.
To: (Appropriate FDIC Regional or Area Office) Division of Supervision and Consumer Protection, FDIC, and (Appropriate District or Regional Office of the Primary Federal Regulator(s), if not the FDIC), and
(Appropriate State Bank Supervisor(s), if applicable)
Dear [Insert addressees]:
BCD Holding Company (the “Company”) is filing two copies of the Part 363 Annual Report for the fiscal year ended December 31, 20XX, on behalf of its insured depository institution subsidiaries listed in the chart below that are subject to Part 363. The Part 363 Annual Report contains audited comparative annual financial statements, the independent public accountant's report on the audited financial statements, management's statement of responsibilities, management's assessment of compliance with the Designated Laws and Regulations pertaining to insider loans and dividend restrictions, and [if applicable] management's assessment of and the independent public accountant's attestation report on internal control over financial reporting. The chart below also indicates the level (institution or holding company) at which the requirements of Part 363 are being satisfied for each listed insured depository institution subsidiary. [If applicable] The Company's other insured depository institution subsidiaries that are subject to Part 363, which comply with all of the Part 363 annual reporting requirements at the institution level, have filed [or will file] their Part 363 Annual Reports separately.
Institutions subject to Part 363 Audited financial statements Management's
statement of
responsibilitiesManagement's assessment of compliance with designated laws and regulations Management's
internal control
assessmentIndependent auditor's internal control
attestation reportABC Depository Institution Holding Company Level Holding Company Level Holding Company Level Holding Company Level Holding Company Level. DEF Depository Institution Holding Company Level Institution Level Institution Level Institution Level Institution Level. If you have any questions regarding the annual report [or reports] of the Company's insured depository institution subsidiaries subject to Part 363 or if you need any further information, you may contact me at 987-654-3210.
BCD Holding Company
Date:
[Insert officer's name and title.]