As the year comes to a close and financial institutions plan for the future, market trends such as technological innovation and regulatory changes can demand the attention of key decision makers. But consideration of these trends should take place alongside planning for FDIC Improvement Act (FDICIA) compliance as a bank’s total assets grow.
While FDICIA compliance is required once the $1 billion in total assets threshold is crossed, it is highly recommended that a well-paced and planned approach to FDICIA implementation commences 8-12 months prior to crossing that threshold, when a bank is in the $800 to $900 million total assets range. Such an approach gives bank leadership time to adjust slowly and not make a massive financial investment and time commitment to FDICIA implementation in a condensed period. Rather, this bite-sized approach can be done in smaller stages from year to year so that when the bank reaches $1 billion in total assets, it’s smooth sailing and business as usual.
A sample bite-sized timeline might look similar to the asset-based approach shown below. An alternative approach is to stagger by calendar year as demonstrated in the second column.
Performing the risk assessment over the financial reporting activities of the bank by itself in the first year might seem like starting the process on an island, but if done properly, such a risk assessment could be completed in parallel with the larger internal audit universe risk assessment. This strategy also gives the CFO and other leadership time to assess all the critical components of risk relevant to the financial reporting process.
In the second year, performing the detailed process walkthroughs and documenting process/procedural narratives is an activity that is time consuming and best done when not in a rush. Taking this period of time to diligently document the processes and supporting key control activities will ensure it is done thoroughly and with great consideration of ‘current state’ activities, as well as planned system changes.
| Total Assets | Year of Performance | FIDICIA Implementation Activity | Estimated Hours | Completion Timeframe |
| $800 Million | Year 1 | Perform Risk Assessment over financial reporting | 45 | 60 Days |
| $850 Million | Year 2 |
|
125 | 90 Days |
| $900 Million | Year 3 |
|
500 | 90 Days |
| FDICIA Implementation Completed-Annual Maintenance Starts at $1 Billion in Total Assets | ||||
In year three, the bank can focus on performing tests of operating effectiveness on its population of FDICIA controls. Also, similar to the risk assessment, a properly designed strategy would see the FDICIA control testing integrated with core internal audit activities and making the best use of time while keeping audit requests and activities to a bare minimum.
Benefits of the Risk-Based, Control-Focused Approach
Overall, the benefits outweigh the cost/effort of starting FDICIA early. Banks are able to establish a stronger internal control framework and hold business units within the bank more accountable for their role in the bank’s enterprise-wide activities. Most internal audit functions in banks don’t design specific control activities to test on an annual basis but rely on audit activities focused on existing policies, procedures or regulatory guidance. The risk-based, control-focused approach employed by implementing FDICIA can then be leveraged in other key areas of a bank’s internal control environment, which provides leadership a greater level of oversight.
By breaking the FDICIA implementation exercise down into smaller, more manageable and distanced phases, banks have time on their side with the benefits of making the institution stronger from an internal controls perspective and doing more to mitigate risk.
CBIZ Financial Institutions Group
Our national financial institutions group services banks, credit unions, trust companies, and other diversified financial services companies. We have provided risk and advisory consulting services such as internal audit, IT audit, and FDICIA to financial institutions from just over $100 million in assets to $90 billion. Our risk and advisory professionals have dedicated their careers and continuing professional education to serving the financial institution industry.
© Copyright CBIZ, Inc. All rights reserved. Use of the material contained herein without the express written consent of the firms is prohibited by law. This publication is distributed with the understanding that CBIZ is not rendering legal, accounting or other professional advice. The reader is advised to contact a tax professional prior to taking any action based upon this information. CBIZ assumes no liability whatsoever in connection with the use of this information and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein. Material contained in this publication is informational and promotional in nature and not intended to be specific financial, tax or consulting advice. Readers are advised to seek professional consultation regarding circumstances affecting their organization.
“CBIZ” is the brand name under which CBIZ CPAs P.C. and CBIZ, Inc. and its subsidiaries, including CBIZ Advisors, LLC, provide professional services. CBIZ CPAs P.C. and CBIZ, Inc. (and its subsidiaries) practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations, and professional standards. CBIZ CPAs P.C. is a licensed independent CPA firm that provides attest services to its clients. CBIZ, Inc. and its subsidiary entities provide tax, advisory, and consulting services to their clients. CBIZ, Inc. and its subsidiary entities are not licensed CPA firms and, therefore, cannot provide attest services.