Printer Friendly

The FDIC Improvement Act: a precedent for expanded CPA reporting?

The new banking law may be a model for redefining - and expanding - the CPA's traditional role.

In 1933 and 1934, Congress reacted to financial market machinations by enacting tough securities laws that profoundly affected publicly held companies, investors and the accounting profession. These laws also defined the traditional role of the independent accountant - auditing financial statements in accordance with generally accepted auditing standards.

Almost 60 years later, Congress redefined and expanded that role. On December 19,1991, President Bush signed another landmark bill into law - the Federal Deposit Insurance corporation (FDIC) Improvement Act of 1991 (PL 102-242). Along with its deposit insurance reforms and new requirements for banks and savings institutions, the new law expands the role of independent accountants, not only requiring them to audit financial statements of certain federally insured depository institutions but also calling for management and public accountants to report on internal controls over financial reporting and compliance with specified laws and regulations.

As the securities laws are the model for financial reporting by publicly held companies and their auditors, the banking law may become the prototype for expanded reporting responsibilities for managements and their independent accountants. The new law also illustrates that by becoming involved in the legislative process the accounting profession had the opportunity to provide technical legislative language and to protect its professional interest

The sidebar, pages 66-67, includes a summary of the accounting and auditing provisions of the banking bill that appear in section 112, "Independent Annual Audits of Insured Depository Institutions," and section 121, "Accounting Objectives, Standards, and Requirements." A comprehensive discussion of the accounting and auditing provisions in the new banking law and the American Institute of CPA's efforts in the legislative process is beyond the scope of this article. This article highlights some of the key proposals affecting the accounting profession, the AICPA's efforts and what was enacted. However, reading the law and future related regulations for a complete listing of the requirements is recommended.


The unfolding problems of the savings and loan industry during the 1980s sensitized Congress to the possibility of similar weaknesses in other industries and sectors of the economy. The softening of real estate markets around the nation, fluctuations in interest rates, a drop in the price of oil and other factors contributed to heavy losses in the thrift industry. After legislating major changes affecting savings institutions in the Financial Institutions Reform, Recovery and Enforcement Act of 1989 (FIRREA), Congress focused on the potential for similar costly use of taxpayers' money to pay insured depositors of banks.

The General Accounting Office - Congress's audit arm - told Congress the fund that insures banks would need more money as record numbers of banks continued to fail. It also reported regulators needed timley information about the financial condition of banks. The GAO advocated coupling additional money for the insurance fund with an enhanced financial reporting system for insured depository institutions.

Legislative proposals included wholesale changes in the structure, supervision and regulation of the banking industry and an expanded role for the independent accountant. Among other things, Congress wanted more information about federally insured depository institutions. The accounting profession's active participation in the legislative process was essential if proposed accounting and auditing provisions were to emerge as technically workable.

Several proposals were particularly troublesome to CPAs - specifically, those giving the regulators authority to set audit requirements and accounting principles, expanding the role of independent accountants and increasing accountants' exposure to legal liability.

The AICPA took an active role in the legislative process by providing technical assistance to congressional committees and commenting on specific proposals. Although not all its suggestions were adopted, the Institute was successful in modifying or eliminating provisions that were not technically correct or that infringed on the private-sector standard-setting process.



Early in 1991, the GAO gave Congress several recommendations for strengthening the regulatory environment and recapitalizing the Bank Insurance Fund (the fund administered by the FDIC for federal deposit insurance of banks). That proposal, which included additional management and auditor reports, became the basis for many of the reforms found in the new law.

As originally drafted, a key proposal required annual financial statements to be prepared in accordance with generally accepted accounting principles and "other principles, standards and requirements as the [FDIC] may prescribe," thus creating a potential for regulators to set or modify GAAP. Although the Institute recognizes the need for regulators to obtain information on a basis other than GAAP to fulfill their responsibilities, using regulatory accounting principles (RAP) in general purpose financial statements would require independent accountants to give qualified opinions due to lack of conformity with GAAP. Similarly, the proposal raised the specter of reviving differences between RAP and GAAP, despite FIRREA's mandate to eliminate such differences.

The proposal also required audits by independent accountants to be performed in accordance with generally accepted auditing standards and "other applicable standards recognized by the FDIC," permitting the FDIC to prescribe auditing standards.

The AICPA delivered a simple message: Don't mess with GAAP or GAAS! If the regulators need additional financial information from insured depository institutions, the data should be provided in "supplemental disclosures" to the basic financial statements or in reports filed with the regulators.

The new law incorporates many of the AICPA's comments, as put forth in a letter from AICPA Deputy chairman B. Z. Lee to House Banking Committee Chairman Henry B. Gonzalez. In that letter, the Institute urged the preservation of the integrity of GAAP and GAAS. The Institute reiterated its position that GAAP and GAAS should be set in the private sector and that any information required by regulators beyond that contained in general purpose financial statements should be provided separately.



The GAO recommended that management and the independent accountant both report separately on the institution's system of internal controls and its compliance with laws and regulations.

The Institute told Congress the profession can provide a variety of attest services separate from financial statement audits and referred to its attestation standards, which set professional guidelines when CPAs provide assurances on management's representations other than in historical financial statements.

The Institute also stressed the need to limit the scope of internal control reports to the control structure for financial reporting, rather than the boarder definition of internal controls that includes an entity's operations, because

* Objective criteria for reporting on internal control structures over financial reporting exist or are being developed.

* this containment would reduce the cost of such reporting.

The Institute also suggested a framework for assurances sought outside the GAAS audit of financial statements on the institution's compliance with specific laws and regulations. This framework would require the matter to be

* Within the CPA's competence to evaluate.

* One for which criteria could be developed to permit consistent determinations.

* Precise enough to permit an objective evaluation.

The Institute stressed that laws and regulations important to the regulators must be specified. Also, the auditor's report on any such matters should be in the form of a report on procedures performed and findings made to ensure both the objectives and results are consistent and clear to all interested parties.


The new law reflects the AICPA's recommendations for preserving the establishment of GAAP and GAAS in the private sector; limiting the scope of required management and auditors' reports on internal controls to those over the financial reporting process (rather than the universe of a bank's operations); requiring the use of generally accepted standards for attestation engagements (GASAE) for auditors' reports on internal control and compliance with specified laws and regulations. The new law does not reflect the Institute's suggestion to revise the legislative language with, among other things, section relating to reviews of quarterly reports of large insured depository institutions and qualifications of independent public accountants


In its recommendations to Congress the Institute addressed other matters; the results of its comments are summarized below.

Mandatory peer reviews. The law requires all mandated auditing services to be performed only by independent accountants who have received peer reviews that meet guidelines acceptable to the FDIC. The House Banking Committee's report stated its intent, consistent with the Institute's recommendations, "that peer and quality reviews required by the accounting [profession] and currently accepted by other federal regulatory agencies shall meet the requirements of this section if these peer and quality reviews are acceptable to [the] FDIC." The AICPA requires members in public practice to participate in an Institute-approved practice-monitoring program. Implementing regulations to be issued by the FDIC will provide additional clarification of this requirement.

Quarterly financial reports. Quarterly financial reports filed with regulators are not required to be audited by independent accounts. Quarterly reports filed with regulators include more than the interim financial information discussed in Statement on Auditing Standards no. 36, Review of Interim Financial Information. The new banking law permits the FDIC to require large institutions - a term to be defined - to engage independent accountants to review the quarterly financial reports using agreed-upon procedures. From a technical point of view, this language will need clarification. The AICPA suggested agreed-upon procedures as the appropriate approach.

Legal liability. In a 1991 decision, Lampf v. Gilbertson, the U.S. Supreme court ruled securities fraud actions - including those against accountants - brought under section 10(b) of the Securities Act of 1934 must be filed within three years of the date of the alleged violation and no later than one year after the date violation was discovered. A related U.S. Supreme Court decision would have made the Lampf statute of limitation applicable to existing cases. Senator Richard H. Bryan (D-Nev.) added an amendment to the Senate's version of the banking bill extending the time periods and permitted, under certain circumstances, refiling of existing cases that had been dismissed.

Based on agreement reached by Senators Bryan and Pete V. Domenici (R-N.M.), the new banking law leaves intact the U.S. Supreme Court decision relative to the statute of limitation. Senator Domenici shared the AICPA's view that any extension of the statute of limitations must be accompanied by legislative reforms that reduce the number of unwarranted lawsuits - reforms that would include proportionate liability for peripheral defendants. Under the compromise, the new banking law does permit, under certain circumstances, reinstatement of timely lawsuits that had been dismissed.

The auditor-client relationship. Also absent from the law is an earlier Senate proposal that would have given federal banking agencies the option to require certain undercapitalized institutions to get a new auditor. The Institute noted problems with the provision, including the probable excessive costs associated with the time it would take a new auditor to build its understanding of a specific client over the perceived benefits of a "fresh" outlook. This provision was deleted.


With the legislation now signed, the FDIC, in consultation with other federal banking agencies, will be developing regulations to implement the act's provisions. The AICPA offered the FDIC technical assistance and has formed a working group to provide that assistance.

Three private-sector projects are of particular importance to the implementation effort. In March 1992, the AICPA auditing standards board exposed a proposed Statement on Standards for Attestation Engagements (SSAE), Reporting on an Entity's Internal Control Structure Over Financial Reporting. This statement, which would supersede SAS no. 30, Reporting on Internal Accounting Control, addresses engagements in which a CPA examines and reports on management's written assertion about the effectiveness of an entity's internal control structure for financial reporting at a point in time.

An SSAE dealing with reports on an entity's compliance with specified laws and regulations also will be exposed in the last quarter of 1992. As provided under the law, these statements will be the basis for CPA reporting on management's assertions.

In early 1992, the Committee of Sponsoring Organizations of the Treadway commission reported its recommendations for an integrated internal control framework. The project, sponsored by the AICPA, the American Accounting Association, the Institute of Internal Auditors, the Institute of Management Accountants and the Financial Executives Institute, specifically studied criteria to be used and a form of management reporting on internal controls over financial reporting. These projects provide a basis for future implementing regulations.



The legislative process rarely gives anyone 100% of what is asked. clearly, several provisions remain in the final law that the Institute would prefer to have seen drafted differently or omitted entirely. Nevertheless, active participation in the legislative process allowed the AICPA to contribute to the technical accuracy of the provisions and preserve key interests.

A quick reading of the new law's audit and accounting provisions (see the sidebar) demonstrates it isn't purely about depository institutions. Congressional faith in the value of the audit function has driven, among other things, mandate for annual audits and an increase in management reporting, with accompanying attestation about management's assertions by CPAs.

This trend toward increasing CPAs' role to attest to management's representations - in addition to financial statement audits - is likely to continue. The nature and form of the services specified in the new banking law may prove to be the model for future legislation.


* THE FDIC IMPROVEMENT ACT of 1991 expands the role of independent accountants for banks and savings institutions. The law calls for management and auditors to report on certain institutions' - generally those with assets of $150 million or more - internal control structures over financial reporting and their compliance with specified laws and regulations.

* ACTIVE PARTICIPATION in the legislative process by the AICPA led to changes in the original proposal, keeping the establishment of GAAP and GAAS in the private sector and using the attestation standards for auditors' internal control and compliance reports.

* PROVISIONS ALSO were eliminated that would have increased accountants' legal liability and allowed regulators to order undercapitalized institutions to hire new auditors.

* THE TREND TOWARD increasing the role of CPAs to attest to managements' representations other than in financial statements may continue.



Even after dropping proposals that would have given banks new powers, permitted commercial entities to own banks and allowed interstate banking, the Federal Deposit Insurance Corporation (FDIC) Improvement Act of 1991 is a long document. The primary objectives of the new law are to recapitalize and reform the deposit insurance system and to improve regulation and supervision of federally insured depository institutions.

What follows is a glimpse of the audit and accounting provisions affecting banks and savings institutions - and their independent accountants.

The FDIC, in consultation with other bank regulatory agencies, will issue regulations to implement these and other provision of the new laws.



Below are management's responsibilities under the new banking law:

* Annual reporting. Each institution with assets of $150 million or more must undergo an annual financial statement audit. Generally, subsidiaries of holding companies can satisfy this requirement at the holding-company level. Financial statements must be prepared in conformity with generally accepted accounting principles and any other disclosure requirements regulators may establish. They also must be accompanied by a written statement from management declaring its responsibility for preparing the institution's financial statements.

In addition, management must report annually on its responsibility for, and assess the effectiveness of, the institution's internal control structure over financial reporting and the institution's compliance with laws and regulations. These will be specified by the FDIC as well as by other federal banking regulations.

* Communication with regulators. Management must provide federal and state banking regulators with a copy of each audit report, accompanying management letters and any other report within 15 days of receipt. The institution also must notify state and federal regulators of any change in auditors.

* Communication with auditors. Each institution must provide its auditor with copies of the institution's most recent reports of condition and examination; supervisory memorandums of understanding or written agreements with any federal or state regulatory agency; and a report of actions taken by federal or state banking regulators.

* Audit committees. The covered institutions must have independent audit committees made up entirely of outside directors. Audit committees of large institutions (a term to be defined) are required to include members with relevant banking or financial expertise, must have access to outside counsel and must not include large customers.

* Quarterly reporting. Large institutions may be required to obtain CPA reviews of their quarterly financial reports using agreed-upon procedures.

* Disclosure of market values and off-balance-sheet items. Institutions may be required to provide additional disclosures of market values of assets and liabilities and off-balance-sheet items. The federal banking agencies are required to develop both a method for supplemental disclosure of market values of assets and liabilities and regulations to ensure adequate reporting of off-balance-sheet items (including contingent assets and liabilities).

* Effective date and exemptions. The new reporting requirements are generally effective for fiscal years ending December 31, 1993, and beyond and are not applicable to institutions with total assets under $150 million at the beginning of the applicable fiscal year.

Also, with the exception of annual audited financial statements, the new requirements may be satisfied for subsidiaries of holding companies if the requirements are fulfilled at the holding company level and the subsidiary has less than $5 billion in assets or has between $5 billion and $9 billion in assets and a regulatory CAMEL rating of one or two, (CAMEL - capital adequacy, asset quality, management, earning, liquidity - is the formula used by the FDIC to evaluate banks.) Subsidiaries with assets of $9 billion or more must comply with the additional requirements.




Below are CPA's responsibilities under the new law:

* Financial statement audits. Mandated annual financial statement audits must be performed in accordance with generally accepted auditing standards. The independent auditor's report must determine whether the financial statements are in conformity with GAAP and comply with any additional disclosure requirements that regulators may establish.

* Internal control and compliance attestation. Using generally accepted standards for attestation engagements (GASAE), the independent accountant must report separately on management's assertions about the institution's (1) internal control structure over financial reporting and (2) compliance with specified laws and regulations using agreed-upon procedures.

* Other requirements. Auditors must agree to provide related working papers, policies and procedures to federal and state banking regulators on request. Auditors also must receive a peer or quality review under guidelines acceptable to the FDIC and must notify that agency if services to the institution cease.

JOSEPH F.MORAGLIO, CPA, is vice-president-federal relations of the American Institute of CPAs. JAMES F. GREEN, CPA, is a technical manager in the AICPA federal government division.

Mr. Moraglio and Mr. Green are employees of the American Institute of CPAs and their views, as expressed in this article, do not necessarily reflect the views of the AICPA. Official positions are determined through certain specific committee procedures, due process and deliberation.
COPYRIGHT 1992 American Institute of CPA's
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1992, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:includes related articles; Federal Deposit Insurance Corp.
Author:Green, James F.
Publication:Journal of Accountancy
Date:Apr 1, 1992
Previous Article:Consolidations: an overview of the FASB DM.
Next Article:The key person program - a grass-roots political effort that works.

Related Articles
RTC guidelines for contracting with firms in litigation.
Final banking bill: roundup of accounting provisions.
Pending legislation requires profession's response, says Lee.
FDIC limits change for retirement plans.
FDIC claim does not revive statute of limitations period.
FDIC chairman cites future challenges.
FDIC updates statement on external audits for nonmember banks.
Congress recapitalizes thrift fund.
Workpaper reviews: what you can do; how auditors can satisfy bank regulators and keep their clients happy.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters