Navigate Up
Sign In

Annual Reporting Requirements and Internal Controls Assessments Required Under Section 704.15(a) of the National Credit Union Administration Rules and Regulations

CORPORATE CREDIT UNION GUIDANCE LETTER

NATIONAL CREDIT UNION ADMINISTRATION
1775 Duke Street, Alexandria, VA 22314

DATE: July 26, 2011 LETTER No.: 2011-03
TO: The Corporate Credit Union Addressed
SUBJ: Annual Reporting Requirements and Internal Controls Assessments Required Under Section 704.15(a) of the National Credit Union Administration Rules and Regulations
The purpose of this letter is to provide guidance pertaining to the management reporting requirements of Section 704.1 5 (a) (2) as recently revised under Part 704 of the National Credit Union Administration (NCUA) Rules and Regulations. These audit and reporting requirements are effective on and after January 1, 2012. The revisions set forth regulatory requirements for reporting and assessment by corporate credit union (corporate) officials and auditors as to the adequacy and effectiveness of internal controls over the financial reporting processes utilized by the corporate. The content of the regulatory requirements added to Section 704.15 are similar to those required of banks and other U.S. corporations as set forth in certain sections of the Sarbanes-Oxley Act of 2002 (SOX). 

Specifically, Section 704.15 has been expanded to facilitate the accuracy and attestation of each corporate's financial reporting process as follows:
 
  • Requires that annual financial statements and regulatory reports reflect all material correcting adjustments as identified by the corporate's Independent Public Accountant (IPA) as necessary for financial reports to conform to Generally Accepted Accounting Principles (GAAP); 
  • Requires that corporates must prepare a management report, to be signed by either the chief executive officer and either the chief accounting officer or chief financial officer on an annual basis that includes: 
    • A statement of management's responsibilities for preparing the corporate's annual financial statements, establishing and maintaining an adequate internal control structure over financial reporting, and for complying with certain laws and regulations as outlined in the Section 704. 15(a)(2)(i) of the regulation; 
    • An assessment by management of the corporate's compliance with such laws and regulations during the past year pursuant to Section 704.15( a) (2)(ii) of the regulation; 
    • An assessment by management of the effectiveness of the corporate's internal control structure and procedures as of the end of the preceding calendar year. 
  • Will require, beginning on and after January 1, 2014, that the IPA who audits the corporate's financial statements must examine, attest to; and report separately on the assertion of management concerning the effectiveness of the corporate's internal control structure and procedures over financial reporting. 
These revisions to the regulation direct the corporate officials to place adequate internal controls over the financial reporting process as well as define an internal controls framework from which specific financial and operational controls are derived. In addition, the revisions direct corporate officials to annually provide a written statement defining that adopted framework. The regulation further requires an assessment by management of the corporate's internal control structure and, procedures. Where the assessment identifies the controls were deficient the annual report should identify those areas where controls were not effective. 

Pursuant to implementation of Section 704.15 of the corporate rule you may find the links below helpful. As our rule mirrors that of the other financial regulators they are provided as guidance . and are illustrative but may be subject to change. In addition, Appendix A enclosed with this letter includes illustrative statements intended to assist management in complying with annual reporting requirements. 

Link to the FDIC's illustrative management reports (12 C.F.R. Section 363, Appendix B):  http://www.fdic.gov/regulations/laws/rules/2000-8500.html#fdic2000appendixbtopart363 

Link to the Interagency (not including NCUA) Policy Statement on the Internal Audit Function and its Outsourcing: http://occ.gov/news-issuances/bulletins/2003/bulletin-2003-12a.pdf 

I hope that this guidance will be beneficial in conjunction with implementation of the revised regulatory requirements. If you have any questions, please contact this office or your corporate examiner.   

​Sincerely,

 

Scott A. Hunt
Director
Office of Corporate Credit Unions

​OCCU/CJD: cd: js
cc: All State Supervisors