Accounting Update Part 1 Chicago Regional Training Conference Indianapolis, Indiana June 14, 2006 Robert F. Storch, Chief Accountant Division of Supervision and Consumer Protection Federal Deposit Insurance Corporation Washington, DC

Topics Audit issues Current accounting issues –Other-than-temporary impairment –Accounting for stock options –Fair value option –FAS 155 on hybrid instruments –FAS 156 on servicing –Pension accounting proposal –EITF life insurance issue

Amendments to Part 363 FDIC’s annual audit and reporting requirements –FDIC Board-approved 11/8/05 –Published 11/28/05 –Effective 12/28/05

Amendments to Part 363 FDIC’s annual audit and reporting requirements Asset-size threshold from $500 million to $1 billion –For internal control assessments by management and external auditors –To loosen restrictions on audit committee membership for institutions in size range

Amendments to Part 363 FDIC’s annual audit and reporting requirements Asset-size threshold from $500 million to $1 billion Only majority of audit committee “independent of management”

Amendments to Part 363 FDIC’s annual audit and reporting requirements Asset-size threshold from $500 million to $1 billion Only majority of audit committee “independent of management” All other requirements continue to apply

What must Part 363 annual report include: $500 Million to $1 Billion in Assets $1 Billion or More in Assets Audited financial statements and the auditor’s report Yes Statement of management's responsibilities Yes Assessment by management and attestation by auditor on effectiveness of internal control over financial reporting NoYes Management’s assessment of compliance with designated safety and soundness laws and regulations Yes Amendments to Part 363

Management Responsibilities Preparing annual financial statements Establishing and maintaining an adequate internal control structure over financial reporting Complying with designated safety and soundness laws and regulations –Loans to insiders –Dividend restrictions

Amendments to Part 363 Internal control over financial reporting for institutions with $500 million - $1 billion in assets that are public companies or subsidiaries of public companies –Requirement to file other reports issued by the external auditor applies (Section 363.4(c)) –Institution must file a copy of the auditor’s report on the audit of internal control over financial reporting under Section 404 –Institutions are also encouraged to submit a copy of management's Section 404 report on internal control over financial reporting –At present, only applicable if company is an “accelerated filer”

Amendments to Part 363 Internal control over financial reporting for institutions with $1 billion or more in assets that are public companies or subsidiaries of public companies –If company is an “accelerated filer,” Sarbanes-Oxley Section 404 internal control reporting requirements are in effect

Amendments to Part 363 Internal control over financial reporting for institutions with $1 billion or more in assets that are public companies or subsidiaries of public companies –If company is an “accelerated filer,” Sarbanes- Oxley Section 404 internal control reporting requirements are in effect –If company is a “non-accelerated filer,” requirements do not take effect until first fiscal year ending after 7/15/07 SEC may extend this date to 12/15/07 Until then, for Part 363, auditor need only follow the AICPA’s attestation standards, AT 501

Amendments to Part 363 Internal control over financial reporting –For an institution with $1 billion or more in assets that is not a public company or a subsidiary of a public company, the institution’s auditor need only follow AT 501 –AICPA is in process of substantially revising AT 501 Exposure draft issued for comment in Jan Includes much of what is in PCAOB Auditing Standard No. 2 (AS 2), including terminology Proposed year-end 2006 effective date may be delayed

Amendments to Part 363 When is a public company an accelerated filer? –Has a “public float” of at least $75 million “Public float” is aggregate market value of company’s common stock held by investors other than the company’s affiliates –Has been subject to the SEC’s periodic reporting requirements for at least 12 months and has filed one annual report, and –Is not eligible to use the SEC’s small business reporting forms Accelerated filer status is disclosed on cover of public company’s 10-K annual report

Amendments to Part 363 Audit committee membership –Outside director – An individual who is not, and within preceding year has not been, an officer or employee of the institution or any affiliate –By removing the “independent of management” requirement for a minority of audit committee members at institutions with $500 million-$1 billion in assets, eligible outside directors can include: A consultant or legal counsel to the institution A relative of an officer or employee An owner of 10 percent or more of the institution’s stock

Amendments to Part 363 Audit committee membership –Amendments includes “hardship provision” for institutions with $500 million-$1 billion in assets “The appropriate Federal banking agency may, by order or regulation, permit the audit committee of such an insured depository institution to be made up of less than a majority of outside directors who are independent of management, if the agency determines that the institution has encountered hardships in retaining and recruiting a sufficient number of competent outside directors to serve on the audit committee of the institution.”

Auditor Limitation of Liability Interagency Advisory on the Unsafe and Unsound Use of Limitation of Liability Provisions in External Audit Engagement Letters –Issued 2/3/06 –Published in Federal Register 2/9/06 –FDIC FIL –Applies to engagement letters executed on or after 2/9/06 –Encourages institutions to seek to amend multi- year audit engagement letters executed prior to 2/9/06 for any audit periods ending in 2007 or later

Auditor Limitation of Liability Advisory informs institutions’ boards, audit committees, and management that they should not enter into agreements that contain unsafe and unsound limitation of liability provisions relating to financial statement audits, including audits of and attestations on internal control over financial reporting

Auditor Limitation of Liability Inclusion of unsafe and unsound limitation of liability provisions in audit engagement letters raises safety and soundness concerns –Provisions may weaken an auditor’s objectivity, impartiality, and performance and reduce agencies’ ability to rely on external audits –Provisions may not be consistent with auditor independence standards of the SEC, PCAOB, and AICPA

Auditor Limitation of Liability Advisory applies regardless of whether –An institution is a public company or not –Audit is required or voluntary Advisory does not apply to –Non-audit services by external auditor –Directors’ examinations –Audits of employee benefit plans, common trust funds –Services by accountant who is not external auditor

Auditor Limitation of Liability Limitation of liability provisions categorized as an agreement by an institution to –Indemnify the auditor against third party claims –Hold harmless or release the auditor from liability for claims by the client institution –Limit the remedies available to the client institution Appendix to advisory presents 8 examples of unsafe and unsound limitation of liability provisions

Auditor Limitation of Liability Provisions that waive institution’s right to seek punitive damages from auditor are not treated as unsafe and unsound Institution’s indemnification of auditor against third party damage awards, including punitive damages, are deemed unsafe and unsound Public institutions that waive claims for punitive damages are encouraged to disclose this annually in proxy statement or other public report

Auditor Limitation of Liability Alternative dispute resolution (ADR) and waiver of jury trials –These provisions by themselves do not present safety and soundness concerns provided unsafe and unsound limitation of liability provisions are not also present Boards, audit committees, and management should review engagement letters before agreeing to sign –Legal counsel should also review these letters

Auditor Limitation of Liability AICPA Proposed Interpretation under Rule 101, Indemnification, Limitation of Liability, and ADR Clauses in Engagement Letters –Exposure Draft issued 9/15/05 –Comment period ended 12/16/05 – 15_omnibus_ED.htm

Auditor Limitation of Liability Comparison of advisory and AICPA proposal –All but one of the unsafe and unsound provisions identified in advisory are inappropriate under AICPA proposal –AICPA would permit limitations of liability for knowing misrepresentations by management Limitation not allowed under SEC independence rules Advisory treats as unsafe and unsound AICPA continuing to deliberate on proposal