[Federal Register Volume 64, Number 3 (Wednesday, January 6, 1999)]
[Proposed Rules]
[Pages 776-784]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 99-150]
�========================================================================
�Proposed Rules
� Federal Register
�________________________________________________________________________
�
�This section of the FEDERAL REGISTER contains notices to the public of
�the proposed issuance of rules and regulations. The purpose of these
�notices is to give interested persons an opportunity to participate in
�the rule making prior to the adoption of the final rules.
�
�========================================================================
�
��Federal Register / Vol. 64, No. 3 / Wednesday, January 6, 1999 /
Proposed Rules��
[[Page 776]]
-----------------------------------------------------------------------
NATIONAL CREDIT UNION ADMINISTRATION
12 CFR Parts 701, 715 and 741
Supervisory Committee Audits and Verifications
AGENCY: National Credit Union Administration.
ACTION: Proposed rule.
-----------------------------------------------------------------------
SUMMARY: The Credit Union Membership Access Act has amended certain
audit and financial reporting requirements of the Federal Credit Union
Act. The National Credit Union Administration solicits public comment
on proposed rules implementing those amendments. The amendments specify
the minimum annual audit a credit union is required to obtain according
to its charter type and asset size, the licensing authority required of
persons performing certain audits, the auditing principles which apply
to certain audits, and the accounting principles which must be followed
in reports filed with the NCUA Board.
DATES: Comments must be received on or before March 8, 1999.
ADDRESSES: Comments should be directed to Becky Baker, Secretary of the
Board. Mail or hand deliver comments to: National Credit Union
Administration Board, 1775 Duke Street, Alexandria, VA 22314-3428. You
may fax comments to (703) 518-6319. You may E-mail comments to
boardmail@ncua.gov. Please send comments by one method only.
FOR FURTHER INFORMATION CONTACT: Karen Kelbly, Program Officer, Office
of Examination and Insurance, at (703) 518-6360, or Steven W. Widerman,
Trial Attorney, Office of General Counsel, at (703) 518-6540, at the
above address.
SUPPLEMENTARY INFORMATION:
I. Background
A. Current Supervisory Committee Audit Requirements
Two of the duties that Sec. 115 of the Federal Credit Union Act
(FCUA), 12 U.S.C. 1761d, imposes on the Supervisory Committee of a
federally-insured credit union are: (1) to ``make or cause to be made
an annual audit'' of the credit union; and (2) to ``cause the passbooks
and accounts of the members to be verified with the records of the
treasurer from time to time, and not less frequently than once every
two years.'' Current Sec. 701.12 of NCUA's rules and regulations, 12
CFR 701.12, sets forth the Supervisory Committee's responsibilities in
meeting the audit and verification requirements of FCUA 115.
Current Sec. 701.12 requires a Supervisory Committee to perform, or
engage another to perform an annual supervisory committee audit. The
scope of the audit must include a level of audit testing based on the
Supervisory Committee's assessment of control risk. Sec. 701.12(c)(3).
If the Committee engages an independent, compensated auditor to perform
the credit union's audit, the terms and conditions must be memorialized
in an engagement letter. Sec. 701.12(d). Whether produced by the
Committee itself or received from an independent auditor, a written
report of the audit must be submitted to the board of directors and,
upon request, to NCUA. Sec. 701.12(e). The Committee is responsible for
maintaining the audit working papers and/or ensuring that they will be
accessible to NCUA. Sec. 701.12(e). It also must conduct a verification
of members' accounts against the records of the credit union using
prescribed sampling methods. Sec. 701.12(h). The requirements of
Sec. 701.12 apply to Federally-insured State-chartered credit unions
(``FISCUs''), 12 CFR 741.202, both as a prerequisite for share
insurance and under NCUA's administrative powers. 12 U.S.C. 1781(b)(9),
1789(a)(11). The NCUA may impose sanctions against a credit union which
violates these audit rules. Sec. 701.12(f).
Additional audit remedies are available against federal credit
unions by statute, 12 U.S.C. 1782(a)(6)(A), as added by the Financial
Institutions Reform, Recovery and Enforcement Act, Pub. L. No. 101-73,
103 Stat. 482 (1989). Current Sec. 701.13 of NCUA's rules and
regulations, 12 CFR 701.13, establishes three conditions under which
the NCUA Board may compel a federal credit union to use an outside,
independent State-licensed auditor, Sec. 701.13(a)(1)-(2). One of these
conditions also may be the basis for compelling a federal credit union
to obtain a financial statement audit (performed by an independent
State-licensed auditor). Sec. 701.13(a)(3), (b)-(c). These sanctions
also are available against FISCUs under current Sec. 701.12(f)(ii).
NCUA is permitted to treat the failure to use an independent State-
licensed auditor or to obtain a financial statement audit, when ordered
to do so, as an unsafe and unsound practice for purposes of terminating
the credit union's insurance. 12 U.S.C. 1782(a)(6)(B) and 1786(b).
B. New Statutory Audit Requirements
Section 201(a) of the Credit Union Membership Access Act (CUMAA),
Pub. L. No. 105-219, 112 Stat. 918 (1998), has now added two new
subsections to section 202(a)(6) of the FCUA, 12 U.S.C. 1782(a)(6)(C)
and (D). Subsection (C) addresses accounting principles; it generally
requires credit unions having assets of $10 million or more to follow
generally accepted accounting principles (GAAP) in all reports or
statements filed with the NCUA Board.\1\ 12 U.S.C. 1782(a)(6)(C). The
NCUA Board, and State credit union supervisors under applicable
statutes, are given the authority to require credit unions having less
than $10 million in assets to follow GAAP. 12 U.S.C.
1782(a)(6)(C)(iii).
---------------------------------------------------------------------------
\1\ In lieu of GAAP, the NCUA Board may prescribe ``an
accounting principle * * * that is no less stringent than [GAAP].''
12 U.S.C. 1782(a)(6)(C)(ii).
---------------------------------------------------------------------------
Subsection (D) imposes audit requirements for large federally-
insured credit unions-those having assets of $500 million or more. A
credit union at or above that level of assets, whether State- or
Federally-chartered, is required to obtain an annual independent audit
of its financial statements performed in accordance with generally
accepted auditing standards (GAAS). Furthermore, that audit must be
performed by an independent certified public accountant or public
accountant licensed to do so by the appropriate State or jurisdiction.
12 U.S.C. 1782(a)(6)(D)(i). (This audit engagement is popularly termed
an ``opinion audit,''
[[Page 777]]
but is hereinafter referred to as a ``financial statement audit.'')
A federally-chartered credit union having total assets of less than
$500 million but more than $10 million is subject to only one
requirement under subsection (D). If that credit union elects to obtain
the financial statement audit required of a credit union having assets
of $500 million or more, the audit must be performed consistent with
the accountancy laws and licensing requirements of the appropriate
State or jurisdiction.\2\ 12 U.S.C. 1782(a)(6)(D)(ii). The appropriate
State or jurisdiction normally will be the State in which the credit
union is located.
---------------------------------------------------------------------------
\2\ According to the CCH Accountancy Law Reporter, State-
licensing requirements for persons who perform audits are as
follows:
4 states permit anyone to render accounting and
auditing services but restrict the use of the titles ``Certified
Public Accountant'' (CPA) and Public Accountant (PA) to persons
licensed as such (Arizona, Kansas, North Carolina, and Wyoming).
36 states have a ``grandfathered'' class of licensed
accountants--non CPAs who were practicing public accounting on the
effective date of their current accountancy laws.
10 states license a class of accountants in addition to
CPAs variously entitled ``accounting practitioner,'' ``registered
public accountant,'' ``licensed public accountant,'' or ``public
accountants'' (Delaware, Georgia, Indiana, Iowa, Maine, Montana,
Oklahoma, Oregon, South Carolina, and Vermont).
All 50 states allow unlicensed persons to provide the
general public with a variety of accounting and bookkeeping
services, including the preparation of financial statements without
reports, provided that such individuals do not use certain titles,
perform services prohibited by law, or otherwise hold themselves out
as licensed by the State.
---------------------------------------------------------------------------
Subsection (D) imposes no audit requirements on federally-chartered
credit unions having total assets of less than $500 million but more
than $10 million which do not voluntarily elect to obtain a financial
statement audit performed in accordance with GAAS (as credit unions
having assets of $500 million or more must obtain under subsection
(D)(i)). See Sec. 715.2(f) (GAAS definition). Only in the case of a
financial statement audit performed in accordance with GAAS, whether by
choice or by law, do State accountancy laws and licensing requirements
apply.\3\ Subsection (D) is silent regarding audits of federally-
chartered credit unions having assets of $10 million or less, and
FISCUs having assets of less than $500 million.
---------------------------------------------------------------------------
\3\ Section 202(a)(6)(D)(ii), 12 U.S.C. 1782(a)(6)(D)(ii),
provides: ``If a Federal credit union that is not required to
conduct an audit under clause (i), and that has total assets of more
than $10,000,000 conducts such an audit for any purpose, using an
independent auditor who is compensated for this or her audit
services with respect to that audit, the audit shall be performed
consistent with the accountancy laws of the appropriate State or
jurisdiction, including licensing requirements.'' (emphasis added.)
``Such an audit'' refers back to ``an audit under clause (i)'' of
section 202(a)(6)(D). A clause (i) audit is a financial statement
audit performed in accordance with GAAS. The clause (ii) requirement
to follow State accountancy and licensing laws is triggered only
when a credit union voluntarily chooses a financial statement audit.
---------------------------------------------------------------------------
The threshold set by subsection (D) at $500 million for requiring a
financial statement audit puts federally-insured credit unions in
parity with other federally-insured depository institutions.
Institutions supervised by the Federal Deposit Insurance Corporation,
the Office of Thrift Supervision, the Office of Comptroller of the
Currency, and the Federal Reserve Board are required to obtain a
financial statement audit if they have assets of $500 million or
more.\4\ 12 CFR part 363. For institutions having assets of less than
$500 million, the Federal Financial Institutions Examination Council
(FFIEC) recently proposed audit options identical or similar to those
proposed here. FFIEC, Policy Statement on External Auditing Programs of
Banks and Savings Associations, 63 FR 7796 (Feb. 17, 1998) (FFIEC
Policy Statement).
---------------------------------------------------------------------------
\4\ The statute authorizing 12 CFR 363, originally established a
$150 million asset floor for requiring a financial statement audit.
12 U.S.C. 1831m(j)(2). However, the banking agencies exercised their
statutory authority to increase the asset floor to $500 million,
thereby exempting two-thirds of all institutions required under
Sec. 1831m to obtain a financial statement audit. 12 CFR 363.1(a);
58 FR 31332 (June 2, 1993).
---------------------------------------------------------------------------
II. Section-Within-Subject Analysis of Proposed Rule
For ease of access to the proposed rules implementing section 201
of CUMAA, NCUA has consolidated and restructured its current audit
rule. Current sections 701.12 [supervisory committee audits and
verifications] and 701.13 [requirements for an outside audit] have been
eliminated and the surviving provisions of each have been combined in a
proposed new Part 715 of NCUA's rules and regulations [supervisory
committee audits and verifications], 12 CFR 715. Part 715 incorporates
the statutory auditing requirements introduced in CUMAA. The references
within section 741.202 have been revised to apply Part 715 to FISCUs.
See 12 U.S.C. 1781(b)(9), 1789(a)(11) (application to FISCUs). Section
741.6 [financial and statistical and other reports], 12 CFR 741.6,
remains intact but for the revision of Call Report filing dates in
subsection (a) and the introduction of new subsections (b) and (c)
requiring the use of GAAP in those reports.
A. Scope and Definitions
Section 715.1--Scope of This Part. For the convenience of the
reader, this section provides a guide to what is, and is not, covered
in proposed Part 715. Citations to statutory authority are included.
This section makes clear that both the new and existing auditing
regulations are combined within the scope of this Part. It directs the
reader to Part 741.6 for regulations revising certain Call Report
filing dates and mandating GAAP as the measurement requirement for Call
Reports.
Section 715.2--Definitions Used In This Part. This section imports
all of the defined terms from current Sec. 701.12(a) that will be used
in this Part. All but one of the imported definitions are virtually
identical in form and substance to their predecessors. The exception is
the definition of ``State-licensed person'' at Sec. 715.2(k), which has
been revised to reflect the statutory language in 12 U.S.C.
1782(a)(6)(D). Two new terms are introduced in this section which refer
to new audit options in Sec. 715.9(a)-(b)--``balance sheet audit'' as
defined at Sec. 715.2(a), and ``review and evaluation of internal
controls'' as defined at Sec. 715.2(j). This section identifies
alternative terms which are popularly used in place of defined
technical terms, although popular terms are not used in this Part. See,
e.g., Sec. 715.2(d) and (l). In many instances within the substantive
text of the rules a defined term is expanded to include a phrase from
the definition of that term. The purpose of this is to reduce the need
for readers to cross-reference this section for definitions when
reading the substantive provisions of this Part.
B. Supervisory Committee Responsibilities
Section 715.3--General Responsibilities of the Supervisory
Committee. This section divides the Supervisory Committee's
responsibilities into three categories. Subsection (a) sets forth the
Committee's two basic, overall duties--to ensure that required
financial reporting objectives are met and safeguards are in place to
protect members' assets. To carry out these basic responsibilities,
subsection (b) sets forth four specific criteria which the Committee
must oversee--internal controls, accurate preparation of records and
reports, administration of plans, policies and control procedures, and
the adequacy of those plans, policies and procedures to protect the
credit union against wrongdoing. Finally, subsection (c) sets forth
four specific actions the Supervisory Committee must take to
[[Page 778]]
fulfill its responsibilities--ensure that management properly prepares
and files reports with the NCUA Board (e.g., Forms 5300 and 5310 Call
Reports per 12 CFR 741.6), obtain a supervisory committee audit
annually, conduct a verification of members' passbooks and accounts,
and ensure that the credit union complies with this Part. This section
is similar in substance to current Sec. 701.12(b) except for revisions
to conform to the supervisory committee audit options in Sec. 715.9(c).
Section 715.4--Audit Responsibility of the Supervisory Committee.
This section sets forth the specific audit responsibilities of the
Supervisory Committee of a federally insured credit union. Subsection
(a), which restates the annual audit requirement in 12 U.S.C. 1761d,
parallels current Sec. 701.12(c)(1). Subsection (b) is the first of
several places in this Part which point out that, regardless of the
asset and charter criteria in the immediately following sections, a
financial statement audit is always considered to fall within the
definition of a supervisory committee audit, Sec. 715.2(m) , and if
performed adequately, will always satisfy a credit union's audit
responsibility. For those credit unions that do not choose to obtain a
financial statement audit, subsection (c) introduces minimum audit
requirements according to asset size and charter type. For the
convenience of the reader, these are summarized in a diagram preceding
Sec. 715.5, the first of four sections setting forth minimum audit
requirements.
C. Minimum Audit Requirements
Section 715.5--Audit of Federally-Insured Credit Unions Having
Total Assets of $500 Million or Greater. This section sets forth the
new ``large credit union audit requirement'' imposed by CUMAA. 12
U.S.C. 1782(a)(6)(D)(i). Credit unions having total assets of $500
million or greater, whether State-or Federally-chartered, must obtain a
financial statement audit to satisfy their supervisory committee audit
responsibility. By definition, a financial statement audit must be
performed in accordance with GAAS, and must be performed by a person
who is licensed to do so by an appropriate State or jurisdiction, i.e.,
in which the credit union is located. This section imposes the single
most significant revision to current Sec. 701.12--establishing the
financial statement audit as the minimum audit for large credit unions.
The effect of this section is to codify the level of audit engagement
that nearly all of the affected credit unions already obtain
voluntarily.
Section 715.6--Audit of Federally-Insured State-Chartered Credit
Unions Having Total Assets of Less Than $500 Million. This section
addresses Federally-insured State-chartered credit unions (FISCUs)
only, which have total assets of less than $500 million and thus are
not considered to be ``large credit unions'' for purposes of
Sec. 715.4. CUMAA is silent regarding audits of credit unions in this
category. Accordingly, this section provides that a FISCU having assets
of less than $500 million may fulfill its supervisory committee audit
responsibility either by ``obtain[ing] an annual supervisory committee
audit as prescribed in section 715.9 or 715.4(b), or an audit as
prescribed by the State or jurisdiction in which the credit union is
located, whichever is more stringent.'' \5\ (Emphasis added.)
Theoretically, this presents the FISCU with a choice among three audit
options-a financial statement audit, one of the Sec. 715.9 options, or
a State-prescribed audit. Unless the credit union voluntarily chooses
to obtain a financial statement audit, however, the result is
effectively predetermined simply by whether the audit prescribed by
State law or regulation is ``more stringent'' than that available under
Sec. 715.9(c).\6\
---------------------------------------------------------------------------
\5\ The doctrine of Federal preemption permits NCUA to establish
minimum audit requirements for federally-insured credit unions, as
Sec. 715.9 does, which preempt conflicting audit requirements
prescribed by State law or regulation. However, this does not
preclude the States from imposing additional,non-conflicting audit
requirements on FISCUs, making their audits ``more stringent'' that
those NCUA prescribes.
For purposes of clarification to aid the reader, this preamble
and proposed rule expressly references certain powers that Federal
law and NCUA regulations grant to the States (or their credit union
supervisors), e.g., Secs. 715.6, 741.6(b); 12 U.S.C.
1782(a)(6)(C)(iii). The absence of express reference to State powers
elsewhere in this preamble and proposed rule does not diminish or
preclude the power of States to act pursuant to State laws that do
not conflict with Federal law or NCUA rules. See, e.g., Colo. Rev.
Stat. Sec. 11-30-106(3); Wash Rev. Code Sec. 31.12.569 (authorizing
Statute supervisory authority to require FISCUs to follow GAAP or
other standards).
\6\ NCUA does not define ``stringent'' except to suggest that it
might involve enhanced audit scope and depth. ``Stringent'' is not
defined in 12 U.S.C. 1782(a)(6)(C)(iii), which refers to an
accounting principle that is ``no less stringent'' than GAAP.
In comparison to NCUA's current supervisory committee audit
rule, Sec. 701.12, State-prescribed audits for credit unions
generally fall into three categories: (1) States which prescribe
audits substantially similar to 12 U.S.C. 1761d and/or Sec. 701.12;
(2) States which prescribe audits which differ in some respects from
12 U.S.C. 1761d and/or Sec. 701.12, but which are not necessarily
``more stringent,'' including four States which determine the type
of audit by asset size, e.g., Mich. Comp. Laws Sec. 490.11(2); and
(3) States in which a financial statement audit is prescribed for
certain credit unions.
---------------------------------------------------------------------------
Section 715.7--Audit of Federally-Chartered Credit Unions Having
Total Assets of Less Than $500 Million But More Than $10 Million. This
section addresses Federally-chartered credit unions only, which have
total assets of less than $500 million but more than $10 million. It
provides that a credit union which does not choose to obtain a
financial statement audit under Sec. 715.4(b) must obtain a supervisory
committee audit under Sec. 715.9. Credit unions in this category are
allowed to voluntarily obtain a financial statement audit. If a credit
union voluntarily chooses to obtain a financial statement audit, the
audit must be performed consistent with the accountancy laws and
licensing requirements of the State in which the credit union is
located. See supra note 3 and accompanying text. By its terms, this is
the only requirement that 12 U.S.C. 1782(a)(6)(D)(ii) imposes on credit
unions in this category. Nothing in that provision restricts a credit
union from using the alternatives to a financial statement audit that
are available in Sec. 715.9.
Section 715.8--Audit of Federally-Chartered Credit Unions Having
Less Than $10 Million. CUMAA is silent about audits of federally-
chartered credit unions having less than $10 million in assets.
Accordingly, this section requires credit unions in this category to
obtain a supervisory committee audit under Sec. 715.9.
Section 715.9--Supervisory Committee Audit Requirements If Not A
Financial Statement Audit. This section applies to federally-insured
credit unions that are not required, and have not chosen, to obtain a
financial statement audit. Three options are provided for credit unions
in this category to fulfill their supervisory committee audit
responsibility, two of which are analogous to options proposed by the
FFIEC for other Federally-insured financial institutions.
The first option is an ``opinion on the balance sheet'' of the
credit union. Sec. 715.9(a). Like a financial statement audit, this
engagement must be performed in accordance with GAAS by a person who is
licensed by State law to do so. This engagement consists of an
examination of assets, liabilities and equity and requires an opinion
by the auditor on the fairness of the balance sheet only. (In contrast,
a financial statement audit requires an opinion addressing additional
financial statements such as the income statement, statement of changes
in equity (including comprehensive income) and statement of cash
flows.) This option is identical to that of the same name proposed by
the FFIEC. FFIEC Policy Statement, 63 FR at 7797, 7800.
[[Page 779]]
The second option is a ``review and evaluation of internal controls
over Call Reporting,'' Sec. 715.9(b), which is available to all credit
unions but those deemed ``complex'' under 12 U.S.C. 1790d(d)(1) for
purposes of prompt corrective action.\7\ This engagement consists of an
examination of management's written assertions concerning the
effectiveness of internal controls over data reported in Call Reports
(NCUA Form 5300) which addresses the following high risk areas: loans,
investments, and cash and deposit activity. The result of this
engagement is a report by the auditor on management's assertions on the
effectiveness of internal controls on the data limited to these high
risk areas. This option is comparable to the FFIEC-proposed option of
an ``attestation report on internal control assertions.'' 63 FR at
7797, 7800.
---------------------------------------------------------------------------
\7\ NCUA is required to adopt rules defining a ``complex''
credit union for prompt corrective action purposes no later than
August 7, 2000, to become effective January 1, 2001. CUMAA
Sec. 301(d)(2)(B) and (e)(2).
---------------------------------------------------------------------------
The principal difference between NCUA's ``review and evaluation of
internal controls over Call Reporting'' and FFIEC's ``attestation
report on internal control assertions'' concerns who is qualified to
perform the engagement. NCUA's ``review and evaluation'' may be
performed by an independent, State-licensed person or other ``qualified
person'' unless the credit union is deemed ``complex'' under 12 U.S.C.
1790d(d)(1) (in which case only an independent, State-licensed person
may perform the engagement). In contrast, FFIEC's ``attestation
report'' option always must be performed by an independent, State-
licensed person. The reason for relaxing the level of qualification for
persons performing NCUA's ``review and evaluation of internal controls
over Call Reporting'' is that its scope is far narrower than that of
FFIEC's ``attestation report.'' The NCUA ``review and evaluation'' is
limited to certain data reported in three Call Report schedules--that
which concerns loans, investments, and cash and deposit activity. In
contrast, FFIEC's ``attestation report'' goes much further--it
encompasses ``all or specified schedules of the institution's
regulatory reports'' concerning loans and lease financing receivables;
past due and nonaccrual loans, leases, and other assets; allowance for
credit losses; securities; and in some cases trading assets and
liabilities and off-balance sheet items. 63 FR 7800. Accordingly, for a
credit union which is not deemed ``complex,'' NCUA permits a ``review
and evaluation of internal controls over Call Reporting'' to be
performed by a ``qualified person,'' which includes the Supervisory
Committee itself, the credit union's internal auditor (provided that
person reports directly to the Committee), or by an independent, State-
licensed person.\8\
---------------------------------------------------------------------------
\8\ Because there are no specific standards to follow in a
``review and evaluation of internal controls over Call Reporting,''
this engagement is subject to an NCUA examiner's finding that the
auditor's report is unacceptable on a subjective basis due to, for
example, insufficient scope or depth. In that event, the credit
union may be required by NCUA to have its audit re-done, either by
the same person or by an independent State-licensed person, or to
obtain a financial statement audit engagement. Secs. 715.13(a)(2),
715.14.
---------------------------------------------------------------------------
The final option offered by NCUA is the audit program prescribed in
NCUA's Supervisory Committee Guide (Guide), as revised to conform to
Part 715. Sec. 715.9(c). This engagement is similar to a ``Directors'
Examination'' used by some Federally-insured banks. Like the ``review
and evaluation of internal controls over Call Reporting,'' a Guide
engagement may be performed by an independent, State-licensed person or
other ``qualified person.'' The Guide will be amended to detail the
minimum scope and procedures of the engagement, and to clearly
distinguish a Guide engagement from a financial statement audit
engagement.
Credit unions having assets of $500 million or more now must obtain
a financial statement audit, and June 1998 NCUA Call Report data shows
that 80% of Federally-insured credit unions above $50 million in assets
already do so by choice. NCUA encourages all credit unions, regardless
of asset size, to obtain financial statement audits,\9\ but recognizes
that financial statement audits may not be practical for all credit
unions. Accordingly, NCUA seeks to preserve less burdensome audit
alternatives for credit unions which do not obtain financial statement
audits. NCUA believes this section accomplishes that objective without
compromising the Supervisory Committee's ability to carry out its
oversight responsibilities.
---------------------------------------------------------------------------
\9\ Credit unions (through their voluntary boards of directors)
should recognize that they will receive greater degree of comfort
from a financial statement audit performed by a State-licensed
person who must follow specific auditing standards, is subject to
peer reviews (available for inspection prior to hiring a licensed
auditor), and is required to satisfy continuing education
requirements in order to remain licensed.
---------------------------------------------------------------------------
This section is a significant departure from the supervisory
committee audit standards and scope set forth in current section
701.12(c). But it is consistent with the overall objective of proposed
Part 715 to clearly delineate the differences in scope, and therefore
in burden, between a financial statement audit--which is warranted for
large credit unions--and the alternatives for a supervisory committee
audit, which are suited to credit unions of moderate and smaller size.
D. Verification of Accounts
Section 715.10--Requirements for Verification of Accounts and
Passbooks. As mandated by 12 U.S.C. 1761d, this section requires the
Supervisory Committee to conduct a verification of the passbooks and
accounts of the members against the records of the credit union at
least once every two years. This section is identical to current
Sec. 701.12(h) except that it has been restructured and reworded to
enhance clarity.
E. Other Audit Requirements
Section 715.11--Assistance From Outside Compensated Person. This
section sets the independence and engagement letter requirements that
are triggered when the Supervisory Committee engages an outside person
who is compensated to perform, or to assist in the performance of, a
supervisory committee audit under this Part. Subsection (a), which
concerns the auditor's independence from credit union officials, is
identical in substance to current Sec. 701.12(g), but has been reworded
to enhance clarity and eliminate the need to cross-reference the
``Definitions'' section of this Part. Subsection (b) sets forth the
general requirement for an engagement letter between the Supervisory
Committee and the outside auditor memorializing the terms and
conditions of the audit engagement. It is identical to current
Sec. 701.12(d)(1), except that a sentence has been relocated to this
section to emphasize that ``the engagement must be contracted directly
with the Supervisory Committee.'' The purpose of this addition is to
clarify that the engagement must be with the Supervisory Committee, not
the credit union's board of directors or management. However, this does
not preempt State laws requiring the board of directors to authorize
compensation for auditing assistance sought by the Supervisory
Committee. See, e.g., Colo. Rev. Stat. Sec. 11-30-109(1)(i). Subsection
(c) sets forth the required contents of an engagement letter; it
retains all eight items in current Sec. 701.12(d)(i)-(viii) with minor
revisions to conform to Sec. 715.9.
Subsections (d) and (e) together retain an innovation from current
Sec. 701.12(d)(2)-(3) that has effectively solved the problem of after-
the-fact
[[Page 780]]
disputes between the credit union and its outside auditor over which
components of an audit were to be included in the engagement, and which
were to be excluded. Thus, subsection (d) requires that the auditor
give notice in the engagement letter when all items within the scope of
an audit will be addressed in the engagement, thus yielding a complete
supervisory committee audit under Sec. 715.9(b) or (c). Conversely,
subsection (e) requires the engagement letter to identify any items
that will be excluded from the engagement, and which will render the
supervisory committee audit incomplete unless the Supervisory Committee
itself addresses the excluded items.
Section 715.12--Audit Report and Working Paper Maintenance and
Access. This section combines two sets of requirements--the procedure
for distributing the audit report produced either by the Supervisory
Committee or by an outside person who performed the audit, and the
responsibility for maintenance of, and access to, the auditor's
``working papers'' once the engagement is complete. Subsection (a),
which concerns distribution of the audit report, is identical to
current Sec. 701.12(e)(1) with a single exception--it expressly states
that credit union members must be provided with a report of the results
of an audit (which can be oral or written) if not with a copy of the
audit report itself. This revision conforms to 12 U.S.C. 1761d and
reflects current practice. It is consistent with the view that most
members are interested in the results of the audit, but not in
receiving a report of the audit. Subsection (b), which concerns
maintenance and access to audit working papers, is identical in form
and substance to current Sec. 701.12(e)(2).
F. Sanctions and Remedies
Section 715.13--Sanctions For Failure To Comply With This Part.
This section imposes sanctions when a Supervisory Committee or its
independent compensated auditor violates a provision of this Part or of
an engagement letter prescribed by this Part. A Regional Director is
permitted to reject an audit or to impose the same conditions on the
audit as Sec. 715.4 prescribes, and the NCUA Board is permitted to seek
formal administrative sanctions such as a cease and desist order or a
civil money penalty. This section is identical in form and substance to
current Sec. 701.12(f).
Section 715.14--Statutory Audit Remedies for Federal Credit Unions.
This section provides the NCUA Board with a pair of additional remedies
which, if certain conditions are met, apply to federally-chartered
credit unions by statute, 12 U.S.C. 1782(a)(6)(A), and to State-
chartered credit unions by regulation. Sec. 701.13(a)(2). The remedies
are the authority to compel a credit union in this category to have its
audit performed by a State-licensed person, Sec. 715.14(a), or to
compel the credit union to obtain a financial statement audit even when
it is not otherwise required to do so. Sec. 715.14(b). This section is
identical to current Sec. 701.13, with two exceptions. First,
subsection (b), which makes ``serious and persistent recordkeeping
deficiencies'' a basis for compelling a credit union to obtain a
financial statement audit, now includes a sentence describing the
objective of such an audit: ``to reconstruct the records of the credit
union sufficient to allow an unqualified or, if necessary, a qualified
opinion on the credit union's financial statements. An adverse opinion
should be the exception rather than the norm.'' Second, subsection (c),
which defines ``serious and persistent recordkeeping deficiencies,'' is
restructured to define ``serious'' and ``persistent'' separately.
G. Call Reporting Requirements
Section 741.6--Financial and Statistical and Other Reports. This
section sets deadlines for filing Call Reports with NCUA. The proposed
rule revises filing dates in subsection (a), adds two new subsections
(b) and (c), and redesignates current subsection (b) as a new
subsection (d). In subsection (a), the filing dates for semiannual Call
Reports are changed from ``on or before January 31 and on or before
July 31'' to ``on or before January 22 and on or before July 22,''
respectively, to reflect current practice. New subsection (b)
incorporates accounting principles mandated by 12 U.S.C. 1782(a)(6)(C)
for reports or statements required to be filed with the NCUA Board
under subsection (a). Call Reports filed by credit unions having assets
of $10 million or more now must adhere to measurement principles
consistent with GAAP. 12 U.S.C. 1782(a)(6)(C)(i); see also supra note
1. This includes Call Reports filed by corporate credit unions. State
credit union supervisors may require Federally-insured State-chartered
credit unions to follow GAAP regardless of asset size. 12 U.S.C.
1782(a)(6)(C)(iii); see supra note 7 and accompanying text. For the
convenience of affected credit unions, subsection (c) cross-references
the definition of GAAP at Sec. 715.2(d), distinguishes GAAP from GAAS,
and identifies authoritative sources for the pronouncements of GAAP.
Regulatory Procedures
Regulatory Flexibility Act
The Regulatory Flexibility Act requires NCUA to prepare an analysis
to describe any significant economic impact a proposed regulation may
have on a substantial number of small credit unions (primarily those
under $1 million in assets). The NCUA Board has determined and
certifies that the proposed rule, if adopted, will not have a
significant economic impact on a substantial number of small credit
unions. Thus, a Regulatory Flexibility Analysis is not required.
Paperwork Reduction Act
The Paperwork Reduction Act imposes no additional information
collection requirements beyond those in the current rule. Therefore, no
Paperwork Reduction Act analysis is required.
Executive Order 12612
Executive Order 12612 requires NCUA to consider the effect of its
actions on state interests. The proposed amendment will not have a
substantial direct effect on the states, on the relationship between
the national government and the states, or on the distribution of
rights and responsibilities among the various levels of government.
List of Subjects
12 CFR Parts 701 and 741
Credit unions, Reporting and recordkeeping requirements.
12 CFR Part 715
Audits, Credit unions, Reporting and recordkeeping requirements,
Supervisory committee.
By the National Credit Union Administration Board on December
17, 1998.
Becky Baker,
Secretary of the Board.
Accordingly, it is proposed that 12 CFR, parts 701, 715 and 741 be
amended as set forth below:
PART 701--ORGANIZATION AND OPERATION OF FEDERAL CREDIT UNIONS
1. The authority citation for part 701 continues to read as
follows:
Authority: 12 U.S.C. 1752(5), 1755, 1756, 1757, 1759, 1761a,
1761b, 1766, 1767, 1782, 1784, 1787, 1789 and 1798. Section 701.6 is
also authorized by 31 U.S.C. 3717. Section 701.31 is also authorized
by 15 U.S.C. 1601 et seq.; 42 U.S.C. 1981 and 3601-3610. Section
701.35 is also authorized by 42 U.S.C. 4311-4312.
[[Page 781]]
Secs. 701.12 and 701.13 [Removed]
2. Sections 701.12 and 701.13 are removed.
3. Part 715 is added to read as follows:
PART 715--SUPERVISORY COMMITTEE AUDITS AND VERIFICATIONS
Sec.
715.1 Scope of this part.
715.2 Definitions used in this part.
715.3 General responsibilities of the Supervisory Committee.
715.4 Audit responsibility of the Supervisory Committee.
715.5 Audit of Federally-insured credit unions having total assets
of $500 million or greater.
715.6 Audit of Federally-insured State-chartered credit unions
having total assets of less than $500 million.
715.7 Audit of Federally-chartered credit unions having total
assets of less than $500 million but more than $10 million.
715.8 Audit of Federally-chartered credit unions having total
assets of $10 million.
715.9 Other Supervisory Committee audit requirements if not
financial statement audit.
715.10 Requirements for verification of accounts and passbooks.
715.11 Assistance from outside, compensated person.
715.12 Audit report and working paper maintenance and access.
715.13 Sanctions for failure to comply with this part.
715.14 Statutory audit remedies for Federal credit unions.
Authority: 12 U.S.C. 1761d, 1782(a)(6).
Sec. 715.1 Scope of this part.
This part implements section 202(a)(6)(D) of the Federal Credit
Union Act, 12 U.S.C. 1782(a)(6)(D), as added by section 201(a) of the
Credit Union Membership Access Act, Pub. L. No. 105-219, 112 Stat. 918
(1998). This part prescribes the responsibilities of the Supervisory
Committee to obtain an annual audit of the credit union according to
its charter type and asset size, and to conduct a verification of
members' accounts. Revised filing dates and required accounting
principles for Call Reports (NCUA Forms 5300 and 5310) can be found in
Sec. 741.6 of this chapter.
Sec. 715.2 Definitions used in this part.
As used in this part:
(a) Balance sheet audit refers to the examination of a credit
union's assets, liabilities, and equity under generally accepted
auditing standards (GAAS) by an independent public accountant for the
purpose of opining on the fairness of the presentation on the balance
sheet. The opinion under this type of engagement would not address the
fairness of the presentation of the credit union's income statement,
statement of changes in equity (including comprehensive income), or
statement of cash flows.
(b) Compensated person refers to any accounting/auditing
professional, excluding a credit union employee, who is compensated for
performing more than one supervisory committee audit and/or
verification of members' accounts per calendar year.
(c) Financial statements refers to a presentation of financial
data, including accompanying notes, derived from accounting records of
the credit union, and intended to disclose a credit union's economic
resources or obligations at a point in time, or the changes therein for
a period of time, in conformity with GAAP, as defined herein, or
regulatory accounting procedures. Each of the following is considered
to be a financial statement: a balance sheet or statement of financial
condition; statement of income or statement of operations; statement of
undivided earnings; statement of cash flows; statement of changes in
members' equity; statement of assets and liabilities that does not
include members' equity accounts; statement of revenue and expenses;
and statement of cash receipts and disbursements.
(d) Financial statement audit (popularly known as an ``opinion
audit'') refers to an audit of the financial statements of a credit
union performed in accordance with GAAS by an independent auditor who
is licensed by the appropriate State or jurisdiction. The objective of
a financial statement audit is to express an opinion as to whether
those financial statements of the credit union present fairly, in all
material respects, the financial position and the results of its
operations and its cash flows in conformity with GAAP, as defined
herein, or regulatory accounting practices.
(e) GAAP is an acronym for ``generally accepted accounting
principles'' which refers to the conventions, rules, and procedures
which define accepted accounting practice. GAAP includes both broad
general guidelines and detailed practices and procedures, provides a
standard by which to measure financial statement presentations, and
encompasses not only accounting principles and practices but also the
methods of applying them.
(f) GAAS is an acronym for ``generally accepted auditing
standards'' which refers to the standards approved and adopted by the
American Institute of Certified Public Accountants which apply when an
``independent, licensed certified public accountant'' audits financial
statements. Auditing standards differ from auditing procedures in that
``procedures'' address acts to be performed, whereas ``standards''
measure the quality of the performance of those acts and the objectives
to be achieved by use of the procedures undertaken. In addition,
auditing standards address the auditor's professional qualifications as
well as the judgment exercised in performing the audit and in preparing
the report of the audit.
(g) Independent means the impartiality necessary for the
dependability of the compensated auditor's findings. Independence
requires the exercise of fairness toward credit union officials,
members, creditors and others who may rely upon the report of a
supervisory committee audit report.
(h) Internal controls refers to the process, established by the
credit union's board of directors, officers and employees, designed to
provide reasonable assurance of reliable financial reporting and
safeguarding of assets against unauthorized acquisition, use, or
disposition. A credit union's internal control structure consists of
five components: control environment; risk assessment; control
activities; information and communication; and monitoring. Reliable
financial reporting refers to preparation of Call Reports (NCUA Forms
5300 and 5310) that meet management's financial reporting objectives.
Internal control over safeguarding of assets against unauthorized
acquisition, use, or disposition refers to prevention or timely
detection of transactions involving such unauthorized access, use, or
disposition of assets which could result in a loss that is material to
the financial statements.
(i) Reportable conditions refers to a matter coming to the
attention of the independent, compensated auditor which, in his or her
judgment, represents a significant deficiency in the design or
operation of the internal control structure of the credit union, which
could adversely affect its ability to record, process, summarize, and
report financial data consistent with the representations of management
in the financial statements.
(j) Review and evaluation of internal controls over Call Reporting
refers to an engagement under which management reviews its internal
controls over Call Reporting with a concentration in the following high
risk areas: loans, investments and cash and deposit activity, and
documents its review. Management would then provide a written assertion
stating whether it
[[Page 782]]
believes its internal controls are effective. The credit union's
auditor would examine management's assertion and provide an appropriate
report assessing that assertion.
(k) State-licensed person refers to a person who is licensed by the
State or jurisdiction where the credit union is located to perform
accounting or auditing services for that credit union.
(l) Supervisory committee refers to a supervisory committee as
defined in Section 111(b) of the Federal Credit Union Act, 12 U.S.C.
1786(r). For some federally-insured state chartered credit unions, the
``audit committee'' designated by state statute or regulation is the
equivalent of a supervisory committee.
(m) Supervisory committee audit refers to an examination under
either Sec. 715.4(b) or Sec. 715.9 of this part. An financial statement
audit, as defined herein, fulfills the requirements of a ``supervisory
committee audit.''
(n) Working papers refers to the principal record, in any form, of
the work performed by the auditor and/or supervisory committee to
support its findings and/or conclusions concerning significant matters.
Examples include the written record of procedures applied, tests
performed, information obtained, and pertinent conclusions reached in
the engagement, proprietary audit programs, analyses, memoranda,
letters of confirmation and representation, abstracts of credit union
documents, reviewer's notes, if retained, and schedules or commentaries
prepared or obtained by the independent, compensated auditor.
Sec. 715.3 General responsibilities of the supervisory committee.
(a) Basic. The supervisory committee is responsible for ensuring
that the board of directors and management of the credit union meet
required financial reporting objectives and establish practices and
procedures sufficient to safeguard members' assets.
(b) Specific. To carry out the responsibilities set forth in
paragraph (a) of this section, the supervisory committee must determine
whether:
(1) Internal controls are established and effectively maintained to
achieve the credit union's financial reporting objectives which must be
sufficient to satisfy the requirements of the supervisory committee
audit, verification of members' accounts and its additional
responsibilities;
(2) The credit union's accounting records and financial reports are
promptly prepared and accurately reflect operations and results;
(3) The relevant plans, policies, and control procedures
established by the board of directors are properly administered; and
(4) Policies and control procedures are sufficient to safeguard
against error, conflict of interest, self-dealing and fraud.
(c) Mandates. In carrying out the responsibilities set forth in
paragraphs (a) and (b) of this section, the supervisory committee must:
(1) Adhere to the measurement and filing requirements for reports
filed with the NCUA Board under Sec. 741.6;
(2) Ensure that the credit union fulfills its responsibility to
obtain a supervisory committee audit, as prescribed in Sec. 715.4 of
this part;
(3) Ensure that the credit union verifies members' passbooks and
accounts against the records of the credit union, as prescribed in
Sec. 715.10 of this part;
(4) Act to avoid sanctions for failure to comply with the
requirements of this part, as prescribed in Secs. 715.13 and 715.14 of
this part.
Sec. 715.4 Audit responsibility of the supervisory committee.
(a) Annual audit requirement. A federally-insured credit union is
required to obtain an annual supervisory committee audit which occurs
at least once every calendar year (period of performance) and must
cover the period elapsed since the last audit period (period
effectively covered).
(b) Financial statement audit option. Any federally-insured credit
union, whether federally- or State-chartered and regardless of asset
size, may choose to fulfill its supervisory committee audit
responsibility by obtaining an annual audit of its financial statements
performed in accordance with GAAS by an independent person who is
licensed to do so by the State or jurisdiction in which the credit
union is located. (A ``financial statement audit'' is distinct from a
``supervisory committee audit,'' although a financial statement audit
is included among the options for fulfilling the supervisory committee
audit requirement. Compare Sec. 715.2(c) and (j).)
(c) Other audit options. A federally-insured credit union which
does not choose to obtain a financial statement audit as permitted by
subsection (b) must fulfill its supervisory audit responsibility under
either of Secs. 715.6, 715.7 or 715.8 of this part, as required. See
Table 1.
Table 1.--Minimum Audit Requirements by Charter Type and Asset Size
----------------------------------------------------------------------------------------------------------------
Minimum audit required to fulfill
Type of charter Asset size supervisory committee audit Part 715
responsibility \1\ section
----------------------------------------------------------------------------------------------------------------
Federal or State.................. $500 Million or more...... Financial statement audit per GAAS 715.5
by independent, State-licensed
person.
State............................. Less than $500 Million.... Supervisory committee audit per 715.6
Sec. 715.9 or State-prescribed
audit, whichever is more stringent.
Federal........................... Less than $500 Million but Supervisory committee audit per 715.7
greater than $10 Million. Sec. 715.9.
Federal........................... $10 Million or less....... Supervisory committee audit per 715.8
Sec. 715.9.
----------------------------------------------------------------------------------------------------------------
\1\ The Supervisory Committee audit responsibility under part 715 can always be fulfilled by obtaining a
financial statement audit. Sec. 715.4(b).
Sec. 715.5 Audit of federally-insured credit unions having total
assets of $500 million or greater.
To fulfill its supervisory committee audit responsibility, a
federally-insured credit union, whether federally- or State-chartered,
having total assets of $500 million or greater must obtain an annual
audit of its financial statements performed in accordance with GAAS by
an independent person who is licensed to do so by the State or
jurisdiction in which the credit union is located.
Sec. 715.6 Audit of federally-insured State-chartered credit unions
having total assets of less than $500 million.
To fulfill its supervisory committee audit responsibility, a
federally-insured State-chartered credit union having total assets of
less than $500 million must obtain an annual supervisory committee
[[Page 783]]
audit as prescribed under either Sec. 715.9 or Sec. 715.4(b), or an
audit as prescribed by the State or jurisdiction in which the credit
union is located, whichever is more stringent.
Sec. 715.7 Audit of federally-chartered credit unions having total
assets of less than $500 million but more than $10 million.
To fulfill its supervisory committee audit responsibility, a
federally-chartered credit union having total assets of less than $500
million but more than $10 million which does not choose to obtain an
audit under Sec. 715.4(b), must obtain an annual supervisory committee
audit as prescribed in Sec. 715.9.
Sec. 715.8 Audit of federally-chartered credit unions having total
assets of $10 million or less.
To fulfill its supervisory committee audit responsibility, a
federally-chartered credit union having total assets of $10 million or
less must obtain an annual supervisory committee audit as prescribed in
Sec. 715.9.
Sec. 715.9 Other Supervisory Committee audit requirements if not a
financial statement audit.
A credit union which is not required to obtain a financial
statement audit may fulfill its supervisory committee responsibility by
having its Supervisory Committee or other qualified person perform any
one of the following engagements:
(a) Balance sheet audit. A balance sheet audit, as defined by
Sec. 715.2(a), performed by a person who is licensed to do so by the
State or jurisdiction in which the credit union is located; or
(b) Review and evaluation of internal controls over call reporting.
A ``review and evaluation of internal controls over Call Reporting''
(NCUA Form 5300), as defined in Sec. 715.2(j) (except that this
engagement may be performed only by an independent, State-licensed
person if the credit union is deemed ``complex'' pursuant to 12 U.S.C.
1790d(d)(1)); or
(c) Audit per supervisory committee Guide. An audit performed in
accordance with the procedures prescribed in NCUA's Supervisory
Committee Guide published after final adoption of this part.
Sec. 715.10 Requirements for verification of accounts and passbooks.
(a) Verification obligation. The supervisory committee shall, at
least once every two years, cause the passbooks (including any book,
statements of account, or other record approved by the NCUA Board) and
accounts of the members to be verified against the records of the
treasurer of the credit union.
(b) Methods. Any of the following methods may be used to verify
members' passbooks and accounts, as appropriate:
(1) Controlled verification. A controlled verification of 100
percent of members' share and loan accounts;
(2) Statistical method. A sampling method which provides for:
(i) Random selection;
(ii) A sample which is representative of the population from which
it was selected;
(iii) An equal chance of selecting each dollar in the population;
(iv) Sufficient accounts in both number and scope to provide
assurance that the General Ledger accounts are fairly stated to meet
management's financial reporting objectives; and
(v) Additional procedures to be performed if the auditor concludes
that evidence provided by confirmations alone is not sufficient.
(3) Non-statistical method. When the verification is performed by
an independent auditor licensed by the State or jurisdiction in which
the credit union is located, the auditor may choose among the sampling
methods set forth in paragraphs (b)(1) and (2) of this section and non-
statistical sampling methods consistent with GAAS if such methods
provide for:
(i) Sufficient accounts in both number and scope to provide
assurance that the General Ledger accounts are fairly stated in
relation to the financial statements taken as a whole;
(ii) Additional procedures to be performed if the auditor concludes
that evidence provided by confirmations alone is not sufficient; and
(iii) Documentation of the sampling procedures used and of their
consistency with GAAS (to be provided to the NCUA Board upon request).
(c) Retention of records. The supervisory committee must retain the
records of each verification of members' passbooks and accounts until
it completes the next verification of members' passbooks and accounts.
Sec. 715.11 Assistance from outside, compensated person.
(a) Unrelated to officials. A compensated auditor who performs a
supervisory committee audit on behalf of a credit union shall not be
related by blood or marriage to any employee, or member of either the
board of directors, the supervisory committee or the credit committee,
or loan officer of that credit union, or to the spouse, child, parent,
grandchild, grandparent, brother or sister of such employee, member or
officer.
(b) Engagement letter. The engagement of a compensated auditor to
perform all or a portion of the scope of a financial statement audit or
supervisory committee audit shall be evidenced by an engagement letter.
In all cases, the engagement must be contracted directly with the
supervisory committee. The engagement letter must be signed by the
compensated auditor and acknowledged therein by the Supervisory
Committee prior to commencement of the engagement.
(c) Contents of letter. The engagement letter shall:
(1) Specify the terms, conditions, and objectives of the
engagement;
(2) Identify the basis of accounting to be used;
(3) If not a financial statement audit or balance sheet audit,
include an appendix setting forth the procedures to be performed;
(4) Specify the rate of, or total, compensation to be paid for the
audit;
(5) Provide that the auditor shall, upon completion of the
engagement, deliver to the Supervisory Committee a written report of
the audit and notice in writing, either within the report or
communicated separately, of any internal control reportable conditions
and/or irregularities or illegal acts, if any, which come to the
auditor's attention during the normal course of the audit (i.e., no
notice required if none noted);
(6) Specify a target date of delivery of the written reports;
(7) Certify that NCUA staff and/or the State credit union
supervisor, or designated representatives of each, will be provided
unconditional access to the complete set of original working papers,
either at the offices of the credit union or at a mutually agreed upon
location, for purposes of inspection; and
(8) Acknowledge that working papers shall be retained for a minimum
of three years from the date of the written audit report.
(d) Complete scope. If the engagement is to perform a supervisory
committee audit that will address all of the requirements of
Sec. 715.9(b) or (c), the engagement letter shall certify that the
audit addresses the complete scope of a supervisory committee audit.
(e) Exclusions from scope. If the engagement is to perform a
supervisory committee audit which will exclude any item required by
Sec. 715.9(b) or (c), the engagement letter shall:
(1) Identify the excluded items;
(2) State that, because of the exclusion(s), the resulting audit
will not, by itself, fulfill the scope of a supervisory committee
audit; and
[[Page 784]]
(3) Caution that the supervisory committee will remain responsible
for fulfilling the scope of a supervisory committee audit with respect
to the excluded items.
Sec. 715.12 Audit report and working paper maintenance and access.
(a) Audit report. Upon completion and/or receipt of the written
report of a financial statement audit or a supervisory committee audit,
the Supervisory Committee must verify that the audit was performed and
reported in accordance with the terms of the engagement letter
prescribed herein. The Supervisory Committee must submit the report(s)
to the board of directors, and submit a report of the results of the
audit to the members of the credit union at the next annual meeting of
the credit union. The Supervisory Committee shall, upon request,
provide to the National Credit Union Administration a copy of each of
the audit reports it receives or produces.
(b) Working papers. The supervisory committee shall be responsible
for preparing and maintaining, or making available, a complete set of
original working papers supporting each supervisory committee audit.
The supervisory committee shall, upon request, provide NCUA staff
unconditional access to such working papers, either at the offices of
the credit union or at a mutually agreeable location, for purposes of
inspecting such working papers.
Sec. 715.13 Sanctions for failure to comply with this part.
(a) Sanctions. Failure of a supervisory committee and/or its
independent compensated auditor or other person to comply with the
requirements of this section, or the terms of an engagement letter
required by this section, is grounds for:
(1) The regional director to reject the supervisory committee
audit;
(2) The regional director to impose the remedies available in
Sec. 715.14 of this part, 12 CFR 715.14, provided any of the conditions
specified therein is present; and
(3) The NCUA Board to seek formal administrative sanctions against
the supervisory committee and/or its independent, compensated auditor
pursuant to section 206(r) of the Federal Credit Union Act, 12 U.S.C.
1786(r).
(b) State charters. In the case of a federally-insured State-
chartered credit union, NCUA shall provide the state regulator an
opportunity to timely impose a remedy satisfactory to NCUA before
seeking to impose a sanction permitted under paragraph (a) of this
section.
Sec. 715.14 Statutory audit remedies for Federal credit unions.
(a) Independent auditor required. The NCUA Board may compel a
federal credit union to obtain a supervisory committee audit which
meets the minimum requirements of Sec. 715.4(c), and which is performed
by an independent person who is licensed by the State or jurisdiction
in which the credit union is located, for any fiscal year in which any
of the following three conditions is present:
(1) The supervisory committee has not obtained an annual financial
statement audit or performed a supervisory committee audit; or
(2) The supervisory committee has obtained a financial statement
audit or performed a supervisory committee audit which does not meet
the requirements of part 715 including those of Sec. 715.10.
(3) The credit union has experienced serious and persistent
recordkeeping deficiencies as defined in paragraph (c) of this section.
(b) Financial statement audit required. The NCUA Board may compel a
federal credit union to obtain a financial statement audit performed in
accordance with GAAS by an independent person who is licensed by the
State or jurisdiction in which the credit union is located (even if
such audit is not required by section 715.5), for any fiscal year in
which the credit union has experienced serious and persistent
recordkeeping deficiencies as defined in paragraph (c) of this section.
The objective of a financial statement audit performed under this
subsection is to reconstruct the records of the credit union sufficient
to allow an unqualified or, if necessary, a qualified opinion on the
credit union's financial statements. An adverse opinion should be the
exception rather than the norm.
(c) ``Serious and persistent recordkeeping deficiencies.'' A
recordkeeping deficiency is ``serious'' if the NCUA Board reasonably
believes that the board of directors and management of the credit union
have not timely met financial reporting objectives and established
practices and procedures sufficient to safeguard members' assets. A
serious recordkeeping deficiency is ``persistent'' when it continues
beyond a usual, expected or reasonable period of time.
PART 741--REQUIREMENTS FOR INSURANCE
4. The authority citation for part 741 continues to read as
follows:
Authority: 12 U.S.C. 1757, 1766, and 1781-1790. Section 741.4 is
also authorized by 31 U.S.C. 3717.
5. Section 741.6 is amended to change the phrase in paragraph (a)
from ``before January 31 and on or before July 31'' to ``before January
22 and on or before July 22''; and to redesignate paragraph (b) as
paragraph (d) and to add paragraphs (b) and (c) to read as follows:
Sec. 741.6 Financial and statistical and other reports.
* * * * *
(b) Consistency with GAAP. The financial statements and reports
required to be filed quarterly or semiannually under paragraph (a) of
this section must reflect measurement principles consistent with GAAP
if the credit union has total assets of $10 Million or greater, but may
reflect measurement principles which differ from GAAP if the credit
union has total assets of less than $10 Million (except that a
Federally-insured State-chartered credit union may be required by its
state credit union supervisor to follow GAAP regardless of asset size).
(c) GAAP sources. GAAP means generally accepted accounting
principles, as defined in Sec. 715.2(e) of this chapter. GAAP is
distinct from GAAS, which means generally accepted auditing standards,
as defined in Sec. 715.2(f) of this chapter. Authoritative sources of
GAAP include, but are not limited to, pronouncements of the Financial
Accounting Standards Board (FASB) and its predecessor organizations,
the Accounting Standards Executive Committee (AcSEC) of the American
Institute of Certified Public Accountants (AICPA), the FASB's Emerging
Issues Task Force (EITF), and the applicable AICPA Audit and Accounting
Guide.
* * * * *
Sec. 741.202 [Amended]
6. Section 741.202 is amended to change: the references in
paragraph (a) from ``Secs. 701.12 and 701.13'' to ``Sec. 715.2 through
Sec. 715.6 and Sec. 715.9 through Sec. 715.14''; to add at the ending
of paragraph (a) after ``of this chapter'' the phrase ``or applicable
state law, if more stringent.''; and to change references in paragraph
(b) from ``Secs. 701.12(e) and 701.13'' to ``Secs. 715.10, 715.13, and
715.14''.
[FR Doc. 99-150 Filed 1-5-99; 8:45 am]
BILLING CODE 7535-01-U
