12 C.F.R. PART 715—SUPERVISORY COMMITTEE AUDITS AND VERIFICATIONS
Title 12 - Banks and Banking
Authority: 12 U.S.C. 1761(b), 1761d, 1782(a)(6).
Source: 64 FR 41035, July 29, 1999, unless otherwise noted.
This part implements section 202(a)(6)(D) of the Federal Credit Union Act, 12 U.S.C. 1782(a)(6)(D), as added by section 201(a) of the Credit Union Membership Access Act, Pub. L. No. 105–219, 112 Stat. 918 (1998). This part prescribes the responsibilities of the Supervisory Committee to obtain an annual audit of the credit union according to its charter type and asset size, and to conduct a verification of members' accounts. As used in this part: (a) Balance sheet audit refers to the examination of a credit union's assets, liabilities, and equity under generally accepted auditing standards (GAAS) by an independent public accountant for the purpose of opining on the fairness of the presentation on the balance sheet. Credit unions required to file call reports consistent with GAAP should ensure the audited balance sheet is likewise prepared on a GAAP basis. The opinion under this type of engagement would not address the fairness of the presentation of the credit union's income statement, statement of changes in equity (including comprehensive income), or statement of cash flows. (b) Compensated person refers to any accounting/auditing professional, excluding a credit union employee, who is compensated for performing more than one supervisory committee audit and/or verification of members' accounts per calendar year. (c) Financial statements refers to a presentation of financial data, including accompanying notes, derived from accounting records of the credit union, and intended to disclose a credit union's economic resources or obligations at a point in time, or the changes therein for a period of time, in conformity with GAAP, as defined herein, or regulatory accounting procedures. Each of the following is considered to be a financial statement: a balance sheet or statement of financial condition; statement of income or statement of operations; statement of undivided earnings; statement of cash flows; statement of changes in members' equity; statement of revenue and expenses; and statement of cash receipts and disbursements. (d) Financial statement audit (also known as an “opinion audit”) refers to an audit of the financial statements of a credit union performed in accordance with GAAS by an independent person who is licensed by the appropriate State or jurisdiction. The objective of a financial statement audit is to express an opinion as to whether those financial statements of the credit union present fairly, in all material respects, the financial position and the results of its operations and its cash flows in conformity with GAAP, as defined herein, or regulatory accounting practices. (e) GAAP is an acronym for “generally accepted accounting principles” which refers to the conventions, rules, and procedures which define accepted accounting practice. GAAP includes both broad general guidelines and detailed practices and procedures, provides a standard by which to measure financial statement presentations, and encompasses not only accounting principles and practices but also the methods of applying them. (f) GAAS is an acronym for “generally accepted auditing standards” which refers to the standards approved and adopted by the American Institute of Certified Public Accountants which apply when an “independent, licensed certified public accountant” audits financial statements. Auditing standards differ from auditing procedures in that “procedures” address acts to be performed, whereas “standards” measure the quality of the performance of those acts and the objectives to be achieved by use of the procedures undertaken. In addition, auditing standards address the auditor's professional qualifications as well as the judgment exercised in performing the audit and in preparing the report of the audit. (g) Independent means the impartiality necessary for the dependability of the compensated auditor's findings. Independence requires the exercise of fairness toward credit union officials, members, creditors and others who may rely upon the report of a supervisory committee audit report. (h) Internal control refers to the process, established by the credit union's board of directors, officers and employees, designed to provide reasonable assurance of reliable financial reporting and safeguarding of assets against unauthorized acquisition, use, or disposition. A credit union's internal control structure consists of five components: control environment; risk assessment; control activities; information and communication; and monitoring. Reliable financial reporting refers to preparation of Call Reports (NCUA Forms 5300 and 5310) that meet management's financial reporting objectives. Internal control over safeguarding of assets against unauthorized acquisition, use, or disposition refers to prevention or timely detection of transactions involving such unauthorized access, use, or disposition of assets which could result in a loss that is material to the financial statements. (i) Reportable conditions refers to a matter coming to the attention of the independent, compensated auditor which, in his or her judgment, represents a significant deficiency in the design or operation of the internal control structure of the credit union, which could adversely affect its ability to record, process, summarize, and report financial data consistent with the representations of management in the financial statements. (j) Report on Examination of Internal Control over Call Reporting refers to an engagement in which an independent, licensed, certified public accountant or public accountant, consistent with attestation standards, examines and reports on management's written assertions concerning the effectiveness of its internal control over financial reporting in its most recently filed semiannual or year-end Call Report, with a concentration in high risk areas. For credit unions, such high risk areas most often include: lending activity; investing activity; and cash handling and deposit-taking activity. (k) State-licensed person refers to a certified public accountant or public accountant who is licensed by the State or jurisdiction where the credit union is principally located to perform accounting or auditing services for that credit union. (l) Supervisory committee refers to a supervisory committee as defined in Section 111(b) of the Federal Credit Union Act, 12 U.S.C. 1761(b). For some federally-insured state chartered credit unions, the “audit committee” designated by state statute or regulation is the equivalent of a supervisory committee. (m) Supervisory committee audit refers to an engagement under either §715.5 or §715.6 of this part. (n) Working papers refers to the principal record, in any form, of the work performed by the auditor and/or supervisory committee to support its findings and/or conclusions concerning significant matters. Examples include the written record of procedures applied, tests performed, information obtained, and pertinent conclusions reached in the engagement, proprietary audit programs, analyses, memoranda, letters of confirmation and representation, abstracts of credit union documents, reviewer's notes, if retained, and schedules or commentaries prepared or obtained in the course of the engagement. [64 FR 41035, July 29, 1999, as amended at 66 FR 65624, Dec. 20, 2001] (a) Basic. The supervisory committee is responsible for ensuring that the board of directors and management of the credit union— (1) Meet required financial reporting objectives and (2) Establish practices and procedures sufficient to safeguard members' assets. (b) Specific. To carry out the responsibilities set forth in paragraph (a) of this section, the supervisory committee must determine whether: (1) Internal controls are established and effectively maintained to achieve the credit union's financial reporting objectives which must be sufficient to satisfy the requirements of the supervisory committee audit, verification of members' accounts and its additional responsibilities; (2) The credit union's accounting records and financial reports are promptly prepared and accurately reflect operations and results; (3) The relevant plans, policies, and control procedures established by the board of directors are properly administered; and (4) Policies and control procedures are sufficient to safeguard against error, conflict of interest, self-dealing and fraud. (c) Mandates. In carrying out the responsibilities set forth in paragraphs (a) and (b) of this section, the Supervisory Committee must: (1) Ensure that the credit union adheres to the measurement and filing requirements for reports filed with the NCUA Board under §741.6 of this chapter; (2) Perform or obtain a supervisory committee audit, as prescribed in §715.4 of this part; (3) Verify or cause the verification of members' passbooks and accounts against the records of the credit union, as prescribed in §715.8 of this part; (4) Act to avoid imposition of sanctions for failure to comply with the requirements of this part, as prescribed in §§715.11 and 715.12 of this part. [64 FR 41035, July 29, 1999, as amended at 69 FR 27828, May 17, 2004] (a) Annual audit requirement. A federally-insured credit union is required to obtain an annual supervisory committee audit which occurs at least once every calendar year (period of performance) and must cover the period elapsed since the last audit period (period effectively covered). (b) Financial statement audit option. Any federally-insured credit union, whether Federally- or State-chartered and regardless of asset size, may choose to fulfill its Supervisory Committee audit responsibility by obtaining an annual audit of its financial statements performed in accordance with GAAS by an independent person who is licensed to do so by the State or jurisdiction in which the credit union is principally located. (A “financial statement audit” is distinct from a “supervisory committee audit,” although a financial statement audit is included among the options for fulfilling the supervisory committee audit requirement. Compare §715.2(c) and (j).) (c) Other audit options. A federally insured credit union which does not choose to obtain a financial statement audit as permitted by subsection (b) must fulfill its supervisory audit responsibility under either of §715.5 or §715.6 of this part, whichever is applicable. See Table 1. For purposes of this part, a credit union's asset size is the amount of total assets reported in the year-end Call Report (NCUA form 5300) filed for the calendar year-end immediately preceding the period under audit.
1 The Supervisory Committee audit responsibility under Part 715 can always be fulfilled by obtaining a financial statement audit. §715.4(b). (a) Total assets of $500 million or greater. To fulfill its Supervisory Committee audit responsibility, a federal credit union having total assets of $500 million or greater must obtain an annual audit of its financial statements performed in accordance with GAAS by an independent person who is licensed to do so by the State or jurisdiction in which the credit union is principally located. (b) Total assets of less than $500 million but more than $10 million. To fulfill its Supervisory Committee audit responsibility, a Federally-chartered credit union having total assets of less than $500 million but more than $10 Million which does not choose to obtain an audit under §715.5(a), must obtain an annual supervisory committee audit as prescribed in §715.7. (c) Total assets of $10 million or less. To fulfill its Supervisory Committee audit responsibility, a Federally-chartered credit union having total assets of $10 million or less must obtain an annual Supervisory Committee audit as prescribed in §715.7. (d) Other requirements. A federally chartered credit union, regardless of which audit it is required to obtain under this section, must meet other applicable requirements of this part. (a) Total assets of $500 million or greater. To fulfill its Supervisory Committee audit responsibility, a federally-insured State-chartered credit union having total assets of $500 million or greater must obtain an annual audit of its financial statements performed in accordance with GAAS by an independent person who is licensed to do so by the State or jurisdiction in which the credit union is principally located. (b) Total assets of less than $500 million. To fulfill its Supervisory Committee audit responsibility, a federally-insured State-chartered credit union having total assets of less than $500 million must obtain either an annual supervisory committee audit as prescribed under either §715.6(a) or §715.7, or an audit as prescribed by the State or jurisdiction in which the credit union is principally located, whichever audit is more stringent. (c) Other requirements. A federally-insured, state-chartered credit union, regardless of which audit it is required to obtain under this section, must meet other applicable requirements of this part except §§715.5 and 715.12. A credit union which is not required to obtain a financial statement audit may fulfill its supervisory committee responsibility by any one of the following engagements: (a) Balance sheet audit. A balance sheet audit, as defined in §715.2(a), performed by a person who is licensed to do so by the State or jurisdiction in which the credit union is principally located; or (b) Report on Examination of Internal Control over Call Reporting. An engagement and report on management's written assertions concerning the effectiveness of internal control over financial reporting in the credit union's most recently filed semiannual or year-end call report (NCUA Form 5300), as defined in §715.2(j), performed by a person who is licensed to do so by the State or jurisdiction in which the credit union is principally located, and in which management specifies the criteria on which it based its evaluation of internal control; or (c) Audit per Supervisory Committee Guide. An audit performed by the supervisory committee, its internal auditor, or any other qualified person (such as a certified public accountant, public accountant, league auditor, credit union auditor consultant, retired financial institutions examiner, etc.) in accordance with the procedures prescribed in NCUA's Supervisory Committee Guide. Qualified persons who are not State-licensed cannot provide assurance services under this subsection. (a) Verification obligation. The Supervisory Committee shall, at least once every two years, cause the passbooks (including any book, statements of account, or other record approved by the NCUA Board) and accounts of the members to be verified against the records of the treasurer of the credit union. (b) Methods. Any of the following methods may be used to verify members' passbooks and accounts, as appropriate: (1) Controlled verification. A controlled verification of 100 percent of members' share and loan accounts; (2) Statistical method. A sampling method which provides for: (i) Random selection: (ii) A sample which is representative of the population from which it was selected; (iii) An equal chance of selecting each dollar in the population; (iv) Sufficient accounts in both number and scope on which to base conclusions concerning management's financial reporting objectives; and (v) Additional procedures to be performed if evidence provided by confirmations alone is not sufficient. (3) Non-statistical method. When the verification is performed by an Independent person licensed by the State or jurisdiction in which the credit union is principally located, the auditor may choose among the sampling methods set forth in paragraphs (b)(1) and (2) of this section and non-statistical sampling methods consistent with GAAS if such methods provide for: (i) Sufficient accounts in both number and scope on which to base conclusions concerning management's financial reporting objectives to provide assurance that the General Ledger accounts are fairly stated in relation to the financial statements taken as a whole; (ii) Additional procedures to be performed by the auditor if evidence provided by confirmations alone is not sufficient; and (iii) Documentation of the sampling procedures used and of their consistency with GAAS (to be provided to the NCUA Board upon request). (c) Retention of records. The supervisory committee must retain the records of each verification of members' passbooks and accounts until it completes the next verification of members' passbooks and accounts. (a) Unrelated to officials. A compensated auditor who performs a Supervisory Committee audit on behalf of a credit union shall not be related by blood or marriage to any management employee, member of either the board of directors, the Supervisory Committee or the credit committee, or loan officer of that credit union. (b) Engagement letter. The engagement of a compensated auditor to perform all or a portion of the scope of a financial statement audit or supervisory committee audit shall be evidenced by an engagement letter. In all cases, the engagement must be contracted directly with the Supervisory Committee. The engagement letter must be signed by the compensated auditor and acknowledged therein by the Supervisory Committee prior to commencement of the engagement. (c) Contents of letter. The engagement letter shall: (1) Specify the terms, conditions, and objectives of the engagement; (2) Identify the basis of accounting to be used; (3) If a Supervisory Committee Guide audit, include an appendix setting forth the procedures to be performed; (4) Specify the rate of, or total, compensation to be paid for the audit; (5) Provide that the auditor shall, upon completion of the engagement, deliver to the Supervisory Committee a written report of the audit and notice in writing, either within the report or communicated separately, of any internal control reportable conditions and/or irregularities or illegal acts, if any, which come to the auditor's attention during the normal course of the audit (i.e., no notice required if none noted); (6) Specify a target date of delivery of the written reports, such target date not to exceed 120 days from date of calendar or fiscal year-end under audit (period covered), unless the supervisory committee obtains a waiver from the supervising NCUA Regional Director; (7) Certify that NCUA staff and/or the State credit union supervisor, or designated representatives of each, will be provided unconditional access to the complete set of original working papers, either at the offices of the credit union or at a mutually agreed upon location, for purposes of inspection; and (8) Acknowledge that working papers shall be retained for a minimum of three years from the date of the written audit report. (d) Complete scope. If the engagement is to perform a Supervisory Committee Guide audit intended to fully meet the requirements of §715.7(c), the engagement letter shall certify that the audit will address the complete scope of that engagement; (e) Exclusions from scope. If the engagement is to perform a Supervisory Committee Guide audit which will exclude any item required by the applicable section, the engagement letter shall: (1) Identify the excluded items; (2) State that, because of the exclusion(s), the resulting audit will not, by itself, fulfill the scope of a supervisory committee audit; and (3) Caution that the supervisory committee will remain responsible for fulfilling the scope of a supervisory committee audit with respect to the excluded items. (a) Audit report. Upon completion and/or receipt of the written report of a financial statement audit or a supervisory committee audit, the Supervisory Committee must verify that the audit was performed and reported in accordance with the terms of the engagement letter prescribed herein. The Supervisory Committee must submit the report(s) to the board of directors, and provide a summary of the results of the audit to the members of the credit union orally or in writing at the next annual meeting of the credit union. If a member so requests, the Supervisory Committee shall provide the member access to the full audit report. If the National Credit Union Administration (“NCUA”) so requests, the Supervisory Committee shall provide NCUA a copy of each of the audit reports it receives or produces. (b) Working papers. The supervisory committee shall be responsible for preparing and maintaining, or making available, a complete set of original working papers supporting each supervisory committee audit. The supervisory committee shall, upon request, provide NCUA staff unconditional access to such working papers, either at the offices of the credit union or at a mutually agreeable location, for purposes of inspecting such working papers. (a) Sanctions. Failure of a supervisory committee and/or its independent compensated auditor or other person to comply with the requirements of this section, or the terms of an engagement letter required by this section, is grounds for: (1) The regional director to reject the supervisory committee audit and provide a reasonable opportunity to correct deficiencies; (2) The regional director to impose the remedies available in §715.12, provided any of the conditions specified therein is present; and (3) The NCUA Board to seek formal administrative sanctions against the supervisory committee and/or its independent, compensated auditor pursuant to section 206(r) of the Federal Credit Union Act, 12 U.S.C. 1786(r). (b) State Charters. In the case of a federally-insured state chartered credit union, NCUA shall provide the state regulator an opportunity to timely impose a remedy satisfactory to NCUA before exercising it authority under §741.202 of this chapter to impose a sanction permitted under paragraph (a) of this section. (a) Audit by alternative licensed person. The NCUA Board may compel a federal credit union to obtain a supervisory committee audit which meets the minimum requirements of §715.5 or §715.7, and which is performed by an independent person who is licensed by the State or jurisdiction in which the credit union is principally located, for any fiscal year in which any of the following three conditions is present: (1) The Supervisory Committee has not obtained an annual financial statement audit or performed a supervisory committee audit; or (2) The Supervisory Committee has obtained a financial statement audit or performed a supervisory committee audit which does not meet the requirements of part 715 including those in §715.8. (3) The credit union has experienced serious and persistent recordkeeping deficiencies as defined in paragraph (c) of this section. (b) Financial statement audit required. The NCUA Board may compel a federal credit union to obtain a financial statement audit performed in accordance with GAAS by an independent person who is licensed by the State or jurisdiction in which the credit union is principally located (even if such audit is not required by §715.5), for any fiscal year in which the credit union has experienced serious and persistent recordkeeping deficiencies as defined in paragraph (c) of this section. The objective of a financial statement audit performed under this paragraph is to reconstruct the records of the credit union sufficient to allow an unqualified or, if necessary, a qualified opinion on the credit union's financial statements. An adverse opinion or disclaimer of opinion should be the exception rather than the norm. (c) “Serious and persistent recordkeeping deficiencies.” A record-keeping deficiency is “serious” if the NCUA Board reasonably believes that the board of directors and management of the credit union have not timely met financial reporting objectives and established practices and procedures sufficient to safeguard members' assets. A serious recordkeeping deficiency is “persistent” when it continues beyond a usual, expected or reasonable period of time.
Title 12: Banks and Banking
PART 715—SUPERVISORY COMMITTEE AUDITS AND VERIFICATIONS
Section Contents
§ 715.1 Scope of this part.
§ 715.2 Definitions used in this part.
§ 715.3 General responsibilities of the Supervisory Committee.
§ 715.4 Audit responsibility of the Supervisory Committee.
§ 715.5 Audit of Federal Credit Unions.
§ 715.6 Audit of Federally-insured State-chartered credit unions.
§ 715.7 Supervisory Committee audit alternatives to a financial statement audit.
§ 715.8 Requirements for verification of accounts and passbooks.
§ 715.9 Assistance from outside, compensated person.
§ 715.10 Audit report and working paper maintenance and access.
§ 715.11 Sanctions for failure to comply with this part.
§ 715.12 Statutory audit remedies for Federal credit unions.
§ 715.1 Scope of this part.
top
§ 715.2 Definitions used in this part.
top
§ 715.3 General responsibilities of the Supervisory Committee.
top
§ 715.4 Audit responsibility of the Supervisory Committee.
top
§ 715.5 Audit of Federal Credit Unions.
top
§ 715.6 Audit of Federally-insured State-chartered credit unions.
top
§ 715.7 Supervisory Committee audit alternatives to a financial statement audit.
top
§ 715.8 Requirements for verification of accounts and passbooks.
top
§ 715.9 Assistance from outside, compensated person.
top
§ 715.10 Audit report and working paper maintenance and access.
top
§ 715.11 Sanctions for failure to comply with this part.
top
§ 715.12 Statutory audit remedies for Federal credit unions.
top
