Topic: Audits
-
What increased compliance duties does a bank have after reaching $1 billion in asset size?
—
by
Once your bank reaches an asset size of $1 billion or more, it will be subject to enhanced requirements for its independent audit committee, management reporting, and audit program as of the beginning of its next fiscal year, in addition to the requirements that already apply to your institution by virtue of crossing the $500…
-
Under the Savings Bank Act, the Illinois Department of Financial and Professional Regulation (IDFPR) may require a savings bank to be audited if it has not already been audited at least once in the past year. If we undergo an annual director’s audit — which involves an examination of every account on our general ledger but is less extensive that an opinion audit — will this prevent the IDFPR from potentially requiring us to be audited?
—
by
We believe that an annual director’s audit of every account on your general ledger likely would satisfy the Saving Bank Act’s criteria for avoiding the possibility of being required to undergo an independent audit. The Savings Bank Act does not specify whether a director’s or opinion (or other) audit is required for a savings bank…
-
Can you confirm that savings banks no longer are required to conduct annual independent audits?
—
by
Yes, the Savings Bank Act no longer requires savings banks to complete an annual independent audit, and the provision of the law requiring such audits was repealed in 2018. However, the current law provides that the Secretary of Financial and Professional Regulation may require a savings bank that has not been audited at least once…
-
We extended a purchase money bridge loan secured by the borrower’s current dwelling and the new dwelling being acquired. The promissory note and mortgage on the current dwelling were signed and dated three days before we disbursed the loan proceeds to allow for the three-business-day right-of-rescission (ROR) period to pass. The mortgage on the new dwelling was signed and dated on the date of disbursement, when the borrower acquired the new dwelling. However, our auditors told us the ROR documents were invalid since the borrower was not provided with the mortgage on the new dwelling to sign and date three days before the closing, as the borrower must review all documents related to the transaction three days before the purchase closing. If the auditors are correct, how can these types of mortgage transactions be properly executed?
—
by
We do not believe the right of rescission requirements in Regulation Z require you to provide and have the borrower sign “all documents related to the transaction” three days before the closing or that the failure to have the borrower sign the mortgage on the new dwelling three days before the closing invalidated your ROR…
-
Our bank exceeded $500 million in assets this summer. As a result, we would like to know where we can find information on complying with the independent audit and reporting requirements in 12 CFR 363, as well as new procedures we may need to implement related to this regulation.
—
by
We recommend reviewing the “Internal and External Audits” booklet of the Comptroller’s Handbook and the OCC’s Director’s Book, in addition to reviewing the relevant provisions of 12 CFR 363 for banks with assets of $500 million or more but less than $1 billion. Your bank also may be exempt under a recent FDIC rule providing…
-
Our internal auditor is going to perform a human resources (HR) audit of our bank and has requested to see employee files. We are willing to make certain information in the files available to the auditor but do not want to grant access to the whole files. Do the regulators require internal auditors to review whole employee files?
—
by
We are not aware of any law or regulation that requires internal auditors to review whole employee files as part of an internal audit. The OCC’s safety and soundness regulations, the “Internal and External Audits” booklet of Comptroller’s Handbook, and the “Interagency Policy Statement on the Internal Audit Function and its Outsourcing” set forth guidelines…
-
Is there a required number or percentage of outside directors for Illinois state-chartered banks and bank holding companies owning a state-chartered bank?
—
by
We are not aware of any Illinois laws requiring a certain number or percentage of directors to be “outside directors” (directors who are not employees or officers of the bank or its affiliates). The Illinois Banking Act requires a particular number of directors — five to twenty-five — without specifying whether any of those directors…
-
For auditing purposes, should we apply Reg AA, UDAP, the CFPB’s UDAAP, or the FTC Credit Practices Rule?
—
by
We believe your audits should cover all of the above: UDAP, UDAAP, and the FTC’s Credit Practices Rule (which was adopted by the banking regulators as Regulation AA). UDAAP The newest standard is the UDAAP standard (with an extra “A” for “abusive,” which was added by the Dodd-Frank Act in 2010). The UDAAP standard is…
-
Do you offer an annual compliance calendar (not with upcoming regulations, but with testing and audit requirements throughout the year)?
—
by
We cannot vouch for its completeness or accuracy, but this website includes a sample audit calendar tool: http://home.roadrunner.com/~zavoina/cmpl.html#Compliance_Management_Tool We are aware of specific audit requirements in the following areas: financial statements (12 CFR 363.2