supervisory committee what you need to know … · southeast directors and supervisory committee...
TRANSCRIPT
Supervisory Committee—
What You Need to Know
Southeast Directors and
Supervisory Committee Conference August 1, 2016
Supervis
Session Overview
ory Committee—What You Need to Know
• Why do we have a Supervisory Committee?
– Regulatory requirements
– Powers
• Types of audits
• Supervisory Committee responsibilities
– Reviewing audits
– Basic work plan
– Member account verification
– Resolving member complaints
• Resources
2
3
Why Do We Have a Supervisory Committee?
• Regulatory Requirements-Federal Charters
– Part 715 of the NCUA Rules & Regulations defines a Supervisory
Committee consistent with Section 111(b) of the Federal Credit Union
Act (www.ncua.gov)
• Regulatory Requirements-State Charters
– Alabama Credit Union Administration (www.acua.alabama.gov)
• Section 8 of the Alabama Credit Union Administration Final Regulations
• Section 5-17-13 of the Code of Alabama
– Florida Office of Financial Regulation (www.flofr.com)
• 2010 Florida Statutes (including Special Session A)
• 657.026 Supervisory or Audit Committee
– Mississippi Department of Banking and Consumer Finance
(www.dbcf.state.ms.us)
• Mississippi Code Section 81-13-33
4
Why Do We Have a Supervisory Committee?
(continued)
• Regulatory Requirements-State Charters
– Tennessee Department of Financial Institutions
(www.tennessee.gov.tdfi)
• Tennessee Code Annotated, Title 45, Chapter 4
– Texas Credit Union Department (www.cud.texas.gov)
• Supervisory Committee not specifically addressed in the Texas
Administrative Code; states board of directors shall obtain annual audit
5
Regulatory Requirements-Federal Charter
• Appointed by the board of directors
• Minimum of 3 members, maximum of 5 members
• One member may be a member of the board of directors
• Board determines the term of service; terms should be
staggered
• Must be a member of the credit union
• Must be bondable
• Employees and credit committee members are not eligible to
serve on Supervisory Committee
• Others prohibited from serving by principles of internal control
are loan officer, membership officer, treasurer/assistant
treasurer, president/vice president, secretary
6
Regulatory Requirements-Alabama Charter
• Section 5-17-10 of the Code of Alabama provides information
on the election of the supervisory committee
• “At the annual meeting, the credit union shall elect…a
supervisory committee of three members, all to hold office for
such terms respectively as the bylaws provide and until
successors qualify.”
• Power and duties of the supervisory committee are found in
Section 5-17-13
Regulatory Requirements-Florida Charter
• Section 657.026 of the Florida statutes focuses on the
supervisory or audit committee
• Supervisory committee of at least 3 members which may be
elected by the membership or appointed by the board or the
board may appoint an audit committee of directors
• An officer or employee may not serve on the supervisory or
audit committee.
8
Regulatory Requirements-Mississippi Charter
• Section 81-13-33
• Supervisory committee shall, at frequent intervals, inspect the
securities, cash and accounts of the credit union and
supervise the acts of the board of directors, credit committee
and officers, any or all of whom the supervisory committee
may, at any time, by a unanimous vote suspend
• Annually the supervisory committee shall make or cause to be
made a thorough audit of the receipts, disbursements,
income, assets and liabilities of the credit union for the said
fiscal year and shall make a full report thereon to the
directors, which report shall be filed and preserved with the
records of the credit union
• The supervisory committee shall make a report to the
members at the annual meeting
9
Regulatory Requirements-Tennessee Charter
• The organization of a state-chartered credit union is governed
by selected laws and regulations found in Tennessee Code
Annotated, Title 45, Chapter 4
• Basic Fundamentals for Organization of a Tennessee State-
Chartered Credit Union:
– WHAT IS A SUPERVISORY COMMITTEE? They are referred to as the
watch dog committee and consists of members elected by the board to
see that the affairs of business are carried out as they should be,
including reviewing the books, records, and policies
10
11
Regulatory Requirements
• Specific Supervisory Committee responsibilities:
– Ensure that the credit union adheres to the measurement and filing
requirements for reports
– Perform or obtain a Supervisory Committee audit
– Verify or cause verification of members’ accounts
– Act to avoid the imposition of sanctions for failure to comply with the
requirements
• General goals of the Supervisory Committee:
– Ensure management’s financial reporting objectives have been met
– Ensure management practices and procedures safeguard member
assets
12
Goals of Supervisory Committee
• To meet the general goals, the Supervisory Committee must:
– Establish and maintain effective internal controls to achieve
financial reporting objectives
– Determine accounting records and financial reports are promptly
prepared and accurately reflect operations and results
– Determine that relevant plans, policies and control procedures
established by the Board are properly administered
– Determine that policies and control procedures are sufficient to
safeguard against error, conflict of interest, self-dealing and
fraud
13
Supervisory Committee Powers
• If the supervisory committee finds violations of the Federal
Credit Union Act, credit union charter, credit union bylaws or
regulations, the committee should first discuss the findings
with the board of directors
• If the problem is serious enough, the committee may decide
by majority vote to call a meeting of the members to decide
how to handle unsafe or unauthorized practices
• Supervisory Committee can also contact external auditors or
regulatory agency for advice in cases where serious problems
may exist
• Contact NCUA regional office or state supervisory authority
before taking significant action
14
Supervisory Committee Powers
• Supervisory Committee must take prompt and decisive action
if it finds credit union officials are violating the bylaws or
mishandling the organization in any way
• Supervisory Committee has the power to suspend any officer,
director, or member of the Credit Committee
• In the event of a suspension, the Supervisory Committee
must call a special meeting of the members to be held not
fewer than seven or more than 14 days after the suspension
• Chair of the committee leads the special meeting unless the
credit union members select another person
15
Types of Audits
16
Audit Requirements
Type of Charter Asset Size Minimum Audit Required to
Fulfill Supervisory Committee
Audit Responsibility
Part 715 Section
Federal Charter $500M or more Financial statement audit per Generally
Accepted Auditing Standards by
independent, state-licensed person
715.5
Federal Charter Less than $500M
but Greater than
$10M
Either financial statement audit or
supervisory committee audit
715.5
Federal Charter $10M or less Supervisory committee audit 715.5
State Charter $500M or more Financial statement audit per Generally
Accepted Auditing Standards by
independent, state-licensed person
715.6
State Charter Less than $500M Supervisory committee audit unless audit
prescribed by state law is more stringent
715.6
17
Opinion Audit/Financial Statement Audit
• Expresses an opinion on the fair presentation of the financial
statements in all material respects in accordance with
generally accepted accounting principles (GAAP)
– Financial Statement Audit: Audit the balance sheet, income statement,
statement of equity and other comprehensive income, and statement of
cash flows, and will present an opinion on all the statements, taken as a
whole
– Balance Sheet Only Audit: Audit the balance sheet and render an
opinion
• American Institute of Certified Public Accountants (AICPA)
establishes standards for thoroughness and independence of
CPAs
18
Agreed Upon Procedures Engagement
• Supervisory Committee engages an independent accountant
to issue a report of findings based on specific procedures
performed on specified subject matter:
– Elements
– Accounts
– Items of the Financial Statements
• Supervisory Committee and independent accountant agree
upon the procedures that the Supervisory Committee believes
the independent accountant should perform
• Supervisory Committee has responsibility for the sufficiency
(nature, timing, and extent) of the procedures
19
Non-Opinion Audits
• Includes critical and systematic examination of the internal
controls, statements, records and accounting transactions
prepared by management
• Professional standards governing competence and
independence do not govern this type of audit
• Examiners use similar criteria for reviewing and evaluating
non-CPA audits as for reviewing and evaluating a CPA’s work
• Acceptable audit satisfies the requirements of NCUA Rules
and Regulations 715.7 (c)
20
Engaging Auditors
• Contract with third party to perform audit at least once per
calendar year
• Ask other credit unions or trade associations for references
• Obtain competitive bids from auditors with credit union
experience
• Inquire about experience level of individuals who will complete
the audit and knowledge of credit union operations and
regulations
• Determine time period for scheduling the audit and timeframe
for receiving the final audit report
• Meet with auditor at the end of the engagement
• Obtain engagement letter which complies with Part 715 of
NCUA Rules and Regulations
21
Engagement Letter
• Specify the terms, conditions, and objectives of the
engagement
• Identify the basis of accounting to be used
• For non-opinion audits, include an appendix setting forth the
procedures to be performed
• Specify the total compensation to be paid for the audit
• Upon completion of the engagement, the auditor will deliver a
written audit report to Supervisory Committee
• Notice in writing, either within the audit report or a separate
report, of any internal control reportable conditions and/or
irregularities or illegal acts which come to the auditor’s
attention during the normal course of the audit
22
Engagement Letter (continued)
• Specify a target date of delivery of the written reports
• Certify that NCUA staff or its designated representative will be
provided unconditional access to the complete set of original
working papers either at the credit union or at a mutually
agreeable location for purposes of inspection
• Acknowledge that working papers shall be retained for a
minimum of three years from the date of the written audit
report
23
Audit Follow-up
• Committee members should meet with outside
auditors:
– Review evaluation of internal controls
– Review audit work papers
– Review audit report
– Inquire about material weaknesses in internal controls,
errors or irregularities noted during the audit
– Inquire about illegal acts noted during the audit
– Inquire about accounting issues noted during the audit
• Supervisory Committee must receive written audit
report
24
Supervisory Committee
Responsibilities
25
Supervisory Committee Work Plan
• Reviewing Audits
• Interim Audits or Annual Work Plan
• Ensure review of Insurance & Bond Coverage
• Ensure review of Inventory of Fixed Assets
• Other Audits
– ACH Audit (may be included in interim procedures)
– Bank Secrecy Act Audit (may be included in interim procedures)
– SAFE Act Audit
– Member Account Verification (positive confirmation verification may be
included as part of Opinion Audit)
– Consumer Loan and/or Mortgage Loan Audits
– Website Compliance Audit
– OFAC Assessment
Reviewing Opinion Audit
• Reporting standards require that CPAs:
– Conduct their audits in accordance with generally accepted auditing
standards (GAAS)
– State whether financial statements are presented in conformity with
generally accepted accounting principles (GAAP)
– State whether such principles have been consistently applied in the
current period in relation to the preceding period
• Report must contain an expression of opinion regarding the
financial statement taken as a whole, or an assertion that the
CPA cannot express an opinion
• CPA must state in the report any reasons for the inability to
express an overall opinion on the financial statements
27
Reviewing Opinion Audit (continued)
• When no material exceptions exist, the CPA will issue an
unqualified (clean) opinion
• When a material exception exists, but not so material as to
negate an opinion on the financial statements taken as a
whole, a qualified opinion is appropriate
– Materiality of the circumstance will be determined by the auditor
• If matter relates to scope of the procedures or the fairness of
presentation of the financial statements, the phrase “except
for” normally appears
• Only in situations where an uncertainty exists should the
auditor use the phrase “subject to”
28
Reviewing Opinion Audit (continued)
• The following circumstances may require departure from the
auditor’s standard report:
– Credit union has restricted scope of audit, or conditions exist that
do not permit application of auditing procedures considered
necessary in the circumstances
– Inadequate disclosure or lack of conformity with GAAP affect the
financial statements and they do not fairly present financial
conditions, results of operations, or changes in financial position
– Consistent application of accounting principles has not occurred
– Unusual uncertainties exist as to the outcome of future events
and the auditor cannot reasonably estimate their effect on
financial statements
29
Reviewing Opinion Audit (continued)
• CPAs issue an adverse opinion when the matter to which they
have taken exception is so pervasive that the financial
statements do not fairly present the financial position, results
of operation, or change in financial position,
or do not conform to GAAP
• In the case of a qualified, adverse or disclaimer of opinion, the
auditor should set forth all material reasons for issuing the
particular report form
• As to limitations of scope, the audit report would specify the
omission of any generally accepted auditing procedures and
the reasons for the omission; if the credit union requested the
omission, the report should specify it
30
Review of Agreed Upon Procedures Audit
• Report standards require independent accountants to present
the results of applying Agreed Upon Procedures to specific
subject matter in the form of findings
• Report findings should not include vague or ambiguous
language
• Working papers should affirm that the auditor adequately
planned and supervised the work, and obtained evidential
matter to provide a reasonable basis for the findings
31
Review of Non Opinion Audits
• An acceptable audit satisfies the requirements of NCUA Rules
and Regulations 715.7 (c), Audit per Supervisory Committee
Guide
• Appendix A of NCUA’s Supervisory Committee Guide
established the minimum procedures for performing a
Supervisory Committee Audit:
– Teller controls
– Dormant accounts
– Wire transfers
– Bank reconciliations
– Loans
– Allowance for Loan Losses
– Regular reserves, undivided earnings, reserves for contingencies
– Investments
– Shares
– Other Assets and Liabilities
– Board Minutes
32
Interim Audits or Annual Work Plan
• Determine appropriateness of contracting with outside auditor
or if Supervisory Committee can complete tasks to comply
with regulatory requirements
• Following slides present a sample work plan that could be
executed by a Supervisory Committee
• Develop work plan appropriate for the complexity of your
credit union and your level of risk
– Requires significant time commitment from Supervisory Committee
members.
33
Sample Supervisory Committee Work Plan
January
February
March
• Complete account verification
• Contact outside auditors to request bids
• Follow-up on prior audit and exam findings
• Review bank reconcilement
• Review employee, official and related family member accounts
• Review audit bids and select auditor
• Conduct a surprise cash, traveler’s check, money order and gift card count
• Follow-up on prior audit and exam findings
34
Sample Supervisory Committee Work Plan
April
May
June
• Conduct the annual audit, maintain contact with outside auditor
• Verify closed accounts
• Review dormant or inactive accounts for proper escheatment
• Review internal controls in the cash area
• Contact a sample of members with new loans to ensure that loans are legitimate
• Provide audit report to Board
• Request a response from management on any audit findings
• Conduct a surprise cash, traveler’s check, money order and gift card count
35
Sample Supervisory Committee Work Plan
July
August
September
• Verify closed accounts
• Review and follow-up on management’s audit response
• Review internal controls in lending area
• Review official, employee and related family accounts
• Review bank reconcilement
• Review for compliance with the credit union’s loan policy all loans granted to officials and employees since last annual audit
• Follow-up on prior audit and exam findings
• Conduct a surprise cash, traveler’s check, money order and gift card count
• Review ALCO minutes or obtain ALM reports documented as utilized by credit unions since last audit
36
Sample Supervisory Committee Work Plan
October
November
December
• Review internal controls in the investments area
• Review official, employee and related family accounts
• Ensure the credit union’s operating budget for next year includes funding for external auditing
• Verify closed accounts
• Follow-up on prior audit and exam findings
• Review and test written branch security policy
• Conduct a surprise cash, traveler’s check, money order and gift card count
• Review sample of charged-off loans for compliance with charge-off policy
37
Review of Insurance & Bond Coverage
• On an annual basis, ensure review of credit union’s package
of protection. Could include insurance policies such as:
– Fidelity Bond
– Management & Professional Liability
– Plastic Card
– Cyber & Security Incident
– Property/Business Liability
– Workmen’s Compensation
– Employee/Director Dishonesty
– Employee/Member Property Theft
– Mortgage Loan Documentation
38
Review of Inventory of Fixed Assets
• On an annual basis, ensure review of fixed assets.
• Fixed asset accounts include:
– Land
– Building
– Furniture and equipment
– Leasehold improvements
– Leased assets under capital lease
– Related allowances for depreciation
– Allowances for amortization
• Fixed assets must be adequately safeguarded to limit the
opportunity for inappropriate use of credit union assets
39
Other Audits
• ACH Audit
– Conduct audits pursuant to NACHA (National Automated Clearinghouse
Association) operating rules for receiving depository financial institutions
(RDFIs) and originating depository financial institutions (ODFIs) by
December 31st annually
• Bank Secrecy Act Audit
– Compliance with NCUA Rules & Regulations 748 and 749, anti-money
laundering, member ID programs, Currency Transaction Reports,
Suspicious Activity Reports
• SAFE Act Audit
– Annual audit to meet requirements of the Secure and
Fair Enforcement for Mortgage Licensing Act
40
Other Audits
• Consumer loan and/or mortgage loan audits
– Periodic review of loan portfolios beyond the normal financial audit
procedures
• Website Compliance Audits
– Websites are subject to the same compliance requirements as printed
marketing materials
– Savings and loan rate pages—including payment calculators
– Information security
– Website policies and disclosures
– Third-party links to external services
– Advertising compliance
• OFAC Assessment
– Compare membership lists to current OFAC and NS-PLC lists to ensure
regular due diligence and adherence to OFAC laws
41
Member Account Verification
• Conduct at least once every two years
• Verifying members’ accounts means requesting members to
respond to Supervisory Committee if the activity or balances
on their statements are not accurate
• If contracting with CPAs for Opinion Audit, positive
confirmation verification of members could be conducted as
part of Opinion Audit
• Purpose of the verification is to detect errors
• Verification is also a good control to prevent fraud
42
Member Account Verification
• Notification must be provided with the statements and request
members contact Supervisory Committee with any
discrepancies
• General notice made in the form of a sign in the lobby
• Return address must be home address of committee member,
PO Box in the name of the credit union that the staff does not
have access to, or address of third-party vendor
• Maintain documentation of procedures performed
43
How to Be an Effective Supervisory Committee
Member
• Attend Supervisory Committee Meetings Monthly: – Keep minutes
– Detail attendance
– Include facts on reports reviewed, procedures conducted, updates on findings
• Attend Board meetings or review minutes: – Monitor attendance
– Three consecutive absences warrant removal when no valid circumstances are presented
– Note: Board is not required to allow Supervisory Committee members to attend meetings
44
Additional Supervisory Committee
Responsibilities
• Ensure Board follows plans, policies and procedures
• Review examination and audit findings
– Follow-up to ensure management takes the necessary corrective
actions
– Actions taken must be adequate to correct the findings
• Review the Credit/Loan Committee Activities
• Review Member Complaints
45
How Do You Ensure Board is Safeguarding
Assets?
• It is not the responsibility of the Supervisory Committee to
make operating decisions
• Supervisory Committee must ensure that the Board’s plans
and policies are reasonable and that they protect the safety
and soundness of the credit union
• Review business plan for reasonableness
• Review policies to make sure they provide the structure for
adequate control
• Ensure that management is implementing policies
46
Review of the Credit /Loan Committee
Activities
• Credit/Loan Committee should:
– Meet at least once a month
– Approve loans within legal limitations and limitations set by
board
– Grant sound loans
– Make decisions based solely on individual’s creditworthiness
47
Review Member Complaints
• Supervisory Committee is typically only involved in complaints
submitted in writing or submitted directly to NCUA or
Consumer Financial Protection Bureau (CFPB)
• Handle complaints in an impartial and independent manner
• If a complainant identifies a policy or procedure that needs
correction, follow through to ensure Board and management
implement corrective changes
48
Types of Complaints
• Types of member complaints can vary greater but most
involve concerns with:
– Lending policies and procedures
– Loan rejections
– Annual meetings
– Share withdrawals
– Dividend rates and terms
– Credit union services
• Regardless of type of complaint, the Supervisory Committee
must ensure that full and complete investigation is conducted
• Prepare and submit a written response to the member
• Prepare and submit a written report to NCUA and CFPB, as
appropriate
49
Protecting Yourself and Your Credit Union
• Know duties and responsibilities
• Know laws and regulations
• Avoid any actual or perceived conflicts of interest
• Act in the best interest of the members
• Maintain confidentiality of all information reviewed as part of
Supervisory Committee responsibilities
• Ensure audits are performed to meet regulatory requirements
50
Resources
• League of Southeastern Credit Unions – www.lscu.coop
– InfoSight
• CU Audit & Compliance Group – www.myleverage.com
• Credit Union National Association – www.cuna.org
• National Credit Union Administration – www.ncua.gov
– Supervisory Committee Guide
– Examiner’s Guide
51
Contact Information
• League of Southeastern Credit Unions: – Laura Lee Vann, Vice President, Membership Relations
• 866.231.0545, ext. 2181 or [email protected]
– April Ales, Member Relations Consultant
• 866.231.0545, ext. 1038 or [email protected]
– Judy Scott, Member Relations Consultant
• 866.231.0545, ext. 1062 or [email protected]
– Juli Lewis, Member Relations Consultant
• 866.231.0545, ext. 1108 or [email protected]
– Jo Anne Funk, Member Relations Consultant
• 866.231.0545, ext. 2111 or [email protected]
52