Skip to content

It Figures Podcast: S4:E9 – FDICIA Transition for Community Banks

In this week’s episode, join CRI Atlanta Partners Hillary Collier and Doug Mims (Financial Institutions Sub-Line Leader,) as they discuss the FDICIA Transition for Community Banks, and what it means for them and their clients.

Announcer:

From Carr, Riggs & Ingram, this is, It Figures, the CRI podcast, an accounting, advisory and industry-focused podcast for business and organization leaders, entrepreneurs, and anyone who is looking to go beyond the status quo.

Hillary Collier:

Hi, I’m Hillary Collier. I’m an audit partner in Atlanta. I’m here with Doug Mims, who’s a financial institutions industry line leader and also a partner out of Atlanta. And we’re here to talk about FDICIA.

Doug Mims:

Well, first of all, it’s good to be here and glad to speaking with the community banks out there who are struggling possibly with FDICIA transition. But good question. What has gotten FDICIA back on the radar? And I would say there’s probably three things. One is the pandemic and what came out of the pandemic, which is government spending. And when the government money got into the system, a lot of it stuck around, hung around on the balance sheets of community banks. And as such, some banks that were 300, 350 million all of a sudden found themselves swelling to half a billion.

And the other thing is M&A activity. So there has been not so much in ’22, but in the prior, in ’21 and in ’20, there was a fair amount of M&A activity, and that grew balance sheets as well. So really, the driver has been balance sheet growth at community banks, and banks on average are a little larger than they used to be.

Hillary Collier:

I spent my money that I got from the government. I did not put it in my deposit account. So I was not a driver.

Doug Mims:

Well, I just want to know what you did. I hope you didn’t commit any improprieties in [inaudible 00:01:57].

Hillary Collier:

No, just clothes shopping. So maybe we should back up and give our listeners a bit more of a background on FDICIA.

Doug Mims:

Good point, Hillary. So FDICIA is short for the FDIC Improvement Act, which was signed into law in 1991. Fortunately, or unfortunately, I’m old enough to recall 1991 in my career. So I started in the business in 1990, which was just after the savings and loan crisis in the late ’80S. And so the FDIC Improvement Act was passed and signed into law in direct response to the savings in loan crisis. And really, there was two primary drivers of what FDICIA was seeking to accomplish. One was to enhance the stability of the US banking system and also to enhance the accountability of those managing financial institutions and the accountability of their board of directors. So it was really, had a couple of facets to it, but really it was try to shore things up after what was a very negative and detrimental period for savings and loans and other small community banks.

Hillary Collier:

I was in middle school and I was not aware of FDICIA.

Doug Mims:

You were unaware.

Hillary Collier:

I was unaware. So what are some of the specific requirements of FDICIA and when are they applicable?

Doug Mims:

So FDICIA is driven by asset size. It’s the reason I referenced swelling of balance sheets. And the primary part of the FDICIA, of the FDIC Improvement Act, that relates to this is Part 363, just for reference. But really, when you reach the half billion dollar threshold, which is 500 million, so we’re not talking about mega banks here. We’re talking about good size, if you will, that’s real technical, but a good sized community bank. 500 million in assets, really you have to do a few different things. One, the majority of your Audit Committee has to be outside directors who are independent of management, so that’s one thing.

Another thing is that management has to evaluate their internal controls and represent formally to the FDIC that they’re responsible for preparing their financials, and that they’re responsible for establishing and maintaining adequate internal controls over financial reporting. So ICFR, so the management is supposed to maintain effective ICFR and they represent that to the FDIC, which includes safeguarding of assets. They’re also supposed to represent and comply with designated laws in and around insider loans and dividend restrictions. So it’s a three-pronged animal. So ICFR regulatory reporting and laws and regs. And so the Act basically says, “If you’re over half a billion, you got to represent to the FDIC in a formal way that you are in compliance with these things.”

The other add-on that impacts CPA firms, but obviously, ultimately impacts community banks is independence rules change. So the independent auditor then, at a half a billion, the independent auditor has to comply with the most stringent independent rules available at the time. It doesn’t specify which ones. Well, that happens to be the SEC rules. So the public company/SEC rules for independence apply to the independent auditor of a bank over 500 million, which seems a little bit extreme, but that’s the way the rules were written, and that’s what everybody seeks to play by today.

Really, the other threshold is a billion in assets. And there’s really two changes there. One is that all Audit Committee members must be outside directors and independent of management. So when I mentioned half a billion, I was talking about the majority had to be. Well, now, if you clip a billion, all Audit Committee members have to be outside directors. And quite frankly, that’s a little bit challenging for a community bank to have a board makeup, because most people don’t have that board makeup. And then the other requirement is that the bank’s external auditor has to opine on ICFR, not just on the financial statements, but on internal controls over financial reporting.

So most of the requirements kick in at half a billion. At a billion, it’s Audit Committee level and the ICFR, which quite frankly, is a significant undertaking for management to go through that process. I won’t get into the details of it, but it’s significant because it represents time, it represents cost, and oftentimes for a community bank that’s a billion dollars in assets, they’re not that sophisticated. So they actually have to engage third parties to help them go through the ICFR exercise. Plus the financial statement audit becomes more expensive.

Hillary Collier:

I mean, you have to start planning for that well in advance.

Doug Mims:

That’s right. And then the other threshold is 3 billion. So you got 500 million, a billion, 3 billion. The Audit Committee’s got to include a bank or financial management expert at 3 billion. The Audit Committee should have access to their own outside council at three billion. And the Audit Committee cannot include any large customers as defined by the regulation. So it’s not uncommon at all for a community bank board to be comprised of local business owners, not bankers, but local business owners from the community and who own shares in the bank. But they also do their business with the community bank. And so when you get to 3 billion in assets, basically what the reg says is, “Those folks can be on your board that have ‘large relationships,’ they can be on your board, but they can’t serve on your Audit Committee.”

Hillary Collier:

Makes sense. More levels of independence.

Doug Mims:

That’s right.

Hillary Collier:

Are there any other relevant requirements?

Doug Mims:

Well, I guess what I didn’t say on those is these representations about ICFR and compliance with laws and regs, those reports have to be done within 120 days of year-end. So basically, for most institutions, that’s going to be April the 30th. Any management letters or anything like that that are issued by a CPA firm, they have to be filed with the FDIC within 15 days. And I think I did mention that it covers regulatory reporting. Oh, and then the measurement date for these thresholds is January 1. So whatever you are at the end of the year, because December 31 is basically January 1, whatever your asset threshold is at that point, then that is when FDICIA kicks in for you.

Hillary Collier:

Okay. So what are the unique challenges regarding FDICIA transition in today’s environment?

Doug Mims:

So going back to the fact that the pandemic, the funds on the balance sheets of these community banks, so the swelling, the M&A activity, whatever the driver is, we’ve seen community banks grow quickly, and probably in a manner that they never really planned to. But now I’ll say that it’s not that they’re doing anything risky or anything like that. It’s just they have cash and they seek to deploy that cash. But end of the day, people are clipping the half billion dollar mark. And when you do that, you have to consider all the requirements. But the one that really has created, I would say, a challenge is the auditor independence piece. So if you are a community bank and you get to December 31, ’22 and you’re you’re 500 million in assets, that means for ’23, you got to comply with the FDICIA independence requirements, or your audit firm does, for ’23.

So you say, “Well, what’s the challenge then? They’ll just do it for ’23.” Well, that means that they can’t do anything in ’23 that would impair their independence with the SEC rules as the bar. So what does that mean? Well, there’s a lot of non-attest services that can’t be done under SEC rules. So right now, it’s very common for community banks to have their audit firm prepare their tax return, which is actually fine. But to do their tax accruals and prepare their deferred tax asset calculation, or run depreciation schedules, or prepare financial statements. Those types of things that are perfectly fine under the AICPA rules, if safeguards are in place, become problematic in an SEC scenario. So your audit firm can’t do those things for you.

Hillary Collier:

You have to outsource it.

Doug Mims:

You have to outsource it, or do it internally. But what that means is, is it’s not about what period it relates to, it’s when they provide the service. So you clip it at ’22, you go into ’23, they can’t prepare your ’22 financials for you in ’23 or you create a problem. But even beyond that, there’s a requirement in 363 for comparative presentation. So same example, let’s say you hit year-end ’22, and your firm says, “Hey, we can’t do these things in ’23. We can’t prepare the financials. We can’t finish the tax accruals. Can’t do all that stuff. You got to do it or get somebody else to do it.” Fine, but here’s another challenge. If you have comparative presentation, because you’re required to, the audit firm has to be independent for the entire window of the audit.

Well, if you’re doing comparative, you don’t have two separate opinions there. It’s two comparative periods. So they have to be independent for ’22 as well, but not just independent under AICPA rules, but under SEC rules. So really, what that means is you’ve got to be looking ahead and really plan two years ahead, or you could find yourself in a position where you would have to change your financial statement auditor or consider changing. So I think the challenge is planning ahead and thinking about auditor independence. Obviously, hopefully, audit firms are communicating well in advance with their clients, and clients are communicating well in advance with audit firms. But that doesn’t necessarily always happen.

And if you think about, “Well, what’s the fix for independence breach?” Well, the worst case scenario, and I’m not saying the only case scenario, but the worst case scenario is a re-audit by a firm who is independent. Well, I mean, that’s a nightmare for everybody. I mean, you’re a community bank. You’re a pillar of the community. You don’t need to be having re-audits done. It’s just not a good thing. Regulators are not going to give you a attaboy for it or anything like that. So it’s definitely something you need to consider. So similarly, when you’re approaching a billion and you’re trying to keep it under a billion and you surge, you’d have to quickly put together a FDICIA implementation plan for the ICFR piece. So the moral to the story, I think, is be looking ahead and be cautious and be talking to your auditor so you don’t run into these things.

But if you do, there are people out there you can consult with. And that would certainly be a firm like ours, who’s happy to take a look at it. There’s more than one way to view it. But I think the way I articulated it is supported by the regs that are out there.

Hillary Collier:

I agree. And I think that concludes our discussion on FDICIA transitions, and I appreciate it. Doug, thank you for tuning into the It Figures podcast.

Doug Mims:

Thank you.

Announcer:

If you want more CRI insights or are interested in learning about our firm, please visit our website at CRICPA.com. Thanks for listening to this episode of It Figures, the CRI Podcast. You can subscribe to It Figures on iTunes, Spotify, or wherever you prefer to listen to your podcasts. If you liked what you heard today, please leave us a review.

Previous Episodes

Join Our Conversation

Subscribe to our e-communications to receive the latest accounting and advisory news and updates impacting you and your business.

This field is for validation purposes and should be left unchanged.