Supervisory Committee Duties and Responsibilities Ashley M. Mobley C.U.C.E, B.S.A.C.S., A.A.P. Assistant Vice President Credit Union Auditing & Compliance Experts Overview Appointment and Membership Officers of the Supervisory Committee Powers of the Supervisory Committee Duties of the Supervisory Committee How is the Supervisory Committee appointed? • By the Board of Directors • From among the Credit Union membership Specs • 3-5 members, determined by the Board of Directors • 1-3 year terms (all terms must be same number of years, and terms should be staggered with one position up for appointment each year) Notable • Only 1 member of the Supervisory Committee may be a Director of the Credit Union, other than a compensated officer • Members of the Credit Committee, as well as Credit Union employees are prohibited from being appointed to the Supervisory Committee • State Chartered Credit Union Supervisory Committee members are elected by the members of the Credit Union Organization of a Credit Union Basic Organization Structure Who should be considered to be a member of the Supervisory Committee? Familiar with Accounting/Auditing Principles BONDABLE Willing to commit required time Willing to attend applicable training Officers of the Supervisory Committee Supervisory Committee Members Elect Chairperson Secretary Note: They can be the same individual Meetings Monthly or quarterly meetings should be completed (based on size/complexity of your Credit Union) Minutes should be approved at the next meeting The Secretary must maintain records of all actions taken by the Supervisory Committee The minutes should document significant discussions and summarize procedures performed Attendance at Board Meetings At least 1 Supervisory Committee representative should attend each meeting of the Board of Directors Attendance is only permitted with the permission of the Board of Directors If permission for attendance is not granted, the Board of Directors must publish minutes and the minutes must be available to the Supervisory Committee for its review. Why call a special meeting? Federal Credit Union Act Any practice considered unsafe or unauthorized Rules and Regulations You may call a special meeting (by a majority vote) to consider any violations of the: Bylaws Charter Oversight Powers By unanimous vote, the Supervisory Committee may suspend a member of the Board of Directors, an executive officer, or a Credit Committee member. If suspension takes place, the following actions must be taken: • The Supervisory Committee should call a special meeting of the members to act on the suspension • The special meeting must be take place within 7 to 14 days of the suspension • The suspended party must be given an opportunity to present a defense Expulsion of Supervisory Committee Members Failure to perform duties as required Failure to attend meetings Dishonesty The Board of Directors may suspend or remove Supervisory Committee members for the following possible reasons: Conviction of a felony Responsibilities of the Committee The Supervisory Committee has two basic responsibilities: • Ensure that the Board of Directors and Management have met required financial reporting objectives • Ensure that the Board of Directors and Management have established practices and procedures sufficient to safeguard members’ assets Supervisory Committees are also known as… The GUARDIAN of member funds. The WATCHDOG of the Credit Union The Audit Committee Specific Responsibilities of the Supervisory Committee Determine whether: 1. Internal controls are established and effectively maintained in order to achieve the Credit Union’s financial reporting objectives which must be sufficient to satisfy the requirements of the Supervisory Committee audit, verification of members’ accounts, and its additional responsibilities. 2. The Credit Union’s accounting records and financial reports are promptly prepared and accurately reflect operations and results. Specific Responsibilities of the Supervisory Committee Cont. Determine whether: 3. The relevant plans, policies, and control procedures established by the Board of Directors are properly administered. 4. Policies and control procedures are sufficient to safeguard against error, conflict of interest, self-dealing, and fraud. Mandates of the Supervisory Committee 1. Ensure the Credit Union adheres to the measurement and filing requirements for reports filed with the NCUA Board under §741.6 of the NCUA Rules and Regulations 2. Perform or obtain a Supervisory Committee audit, as prescribed in §715.4 of the NCUA Rules and Regulations 3. Verify, or cause the verification, of members’ accounts as prescribed under §715.8 of the NCUA Rules and Regulations 4. Act to avoid imposition of sanctions for failure to comply with the requirements of this part, as prescribed in §715.11 and §715.12 of the NCUA Rules and Regulations What must we do? At least once every calendar year, complete (or have completed) the Supervisory Committee audit, and provide a report on the audit to the Board of Directors At least every 2 years, you must conduct (or have conducted) a verification of members’ accounts Continuously monitor to ensure the Board of Directors is safeguarding assets, and that Management complies with the policies and plans set forth by the Board of Directors Report to members at the annual meeting Other Things to Do Continuously review and Meet with the examiners monitor internal control policies and procedures Select and cooperate with external auditors, if applicable Review examination and audit findings and ensure corrective action was taken and documented and auditors as necessary Research member complaints Complete other recommended procedures Types of Audits Annual Supervisory Committee audit Quarterly, or interim, audits ACH (Automated Clearing House) Audits OFAC (Office of Foreign Asset Control) scrubs BSA (Bank Secrecy Act) Audits Account Verifications IS & T (Information Systems & Technology) Audits Compliance Reviews Internal Control Reviews Options for Fulfilling § 715.4(a) $500 Million or Greater in Assets • Financial Statement audit per GAAS by independent, State-licensed person. Less than $500 Million in Assets, but Greater than $10 Million in Assets • Financial Statement audit performed in accordance with GAAS by an independent, State-licensed person. • Balance Sheet Audit performed by an independent, State-licensed person. • Report on Examination of Internal Control over Call Reporting performed by an independent, State-licensed person. • Audit per Supervisory Committee Guide performed by the Supervisory Committee, its internal auditor, or any other qualified person (such as a league auditor) Less than $10 Million in Assets • Balance Sheet Audit performed by an independent, State-licensed person. • Report on Examination of Internal Control over Call Reporting performed by an independent, State-licensed person. • Audit per Supervisory Committee Guide performed by the Supervisory Committee, its internal auditor, or any other qualified person (such as a league auditor) Federal Charter Options for Fulfilling § 715.4(a) $500 Million or Greater in Assets • Financial Statement audit per GAAS by independent, State-licensed person. Less than $500 Million in Assets • Financial Statement audit performed in accordance with GAAS by an independent, Statelicensed person. • Balance Sheet Audit performed by an independent, State-licensed person. • Report on Examination of Internal Control over Call Reporting performed by an independent, State-licensed person. • Audit per Supervisory Committee Guide performed by the Supervisory Committee, its internal auditor, or any other qualified person (such as a league auditor) State Charter Interim Audit Procedures Supervisory Committee members are called upon to perform an everincreasing number of procedures on a year-round basis. Today, the sheer volume and the technical expertise required to complete the work keeps many Supervisory Committees from performing interim procedures. Interim Audit Procedures Some of the more commonly completed interim procedures include the following: Review account activity on the Credit Union’s employees. Review and test a sample of reconciliations for Federal Reserve, correspondent bank, On-Us, and Corporate Credit Union accounts. Review activity on suspense and clearing accounts related to the accounts listed above. Confirm a sample of new loans, new deposit accounts, and/or closed accounts since the last quarterly interim or annual audit. Review for compliance with the Credit Union’s loan policy a sample of new loans granted since the last quarterly interim or annual audit. Review a selection of file maintenance reports for randomly selected days. Review procedures for handling negative balance accounts, including timeliness of collection or subsequent write-off. Review a sample of loan exception reports, including paid ahead loans, non-amortizing loans, open-end loans with balances greater than established credit limits, closed end loans with balances greater than original loan amount, and/or loans by interest rate. Test classification of delinquent status on a sample of loans classified as delinquent since the last quarterly interim or annual audit, including a review for compliance with the Credit Union’s collection policy. Review a sample of delinquent loans and document collection efforts relative to the collection policy. Review for compliance with the Credit Union’s charge-off policy a sample of loans charged-off since the last quarterly interim or annual audit. Review corporate expenses and charge card accounts, including compliance with the Credit Union’s written policies. Confirm activity on dormant or inactive accounts removed from the dormant report since the last annual or interim audit. ACH Audit Per 2009 NACHA Operating Rules, “Each participating DFI, and any third-party service provider that provides ACH services to the Participating DFI, shall, in accordance with standard auditing procedures, conduct an internal or external audit of compliance with provisions of the ACH rules in accordance with the requirements of this Appendix 8.” ACH Audit Must be performed by December 1 each year in order to be recognized by NACHA. Credit Union must retain documentation supporting the completion of an audit for 6 years. The retained documentation must be provided to the National Association upon request. Audit provisions in Appendix 8 do not prescribe a specific methodology to be used for the completion of an audit, but identify key rule provisions that should be examined during the audit process. OFAC Audit OFAC audit procedures, or “scrubs”, are required quarterly at a minimum. In some cases, the Credit Union’s data processor performs this scrub automatically. Bank Secrecy Act Compliance Audit § 748.2 (c)(2) of the NCUA Rules and Regulations: A BSA compliance program must “provide for independent testing for compliance to be conducted by Credit Union personnel or outside parties”. Bank Secrecy Act Compliance Audit Per CUNA’s BSA Compliance Guide, an effective audit program should be conducted at least annually; however, a credit union may perform a BSA audit on an 18month schedule dependent upon assessed risk and examiner approval. Verification of Accounts What does “verifying member accounts” mean? • Requesting members to respond to you if the activity or balances on their statements are not accurate (this is required every 2 years) What is the purpose of an account verification? • To detect errors, and it is also a good control to prevent fraud Why must we verify closed accounts? • To detect errors, and guard against fraud How do we verify closed accounts? • By requesting verification that the members closed their accounts, as the Credit Union’s records reflect (this should be done quarterly) Review of Internal Controls Internal Controls include the staff structure, operating procedures, and other measures within the Credit Union to: Internal Controls minimize the possibility that errors or fraud remain undetected for any length of time. Examples of Internal Controls include: • • • • Safeguard assets Check the accuracy and reliability of accounting data Promote efficiency Encourage compliance with policies set forth by the Board of Directors • Passwords on the computer system • Separation/segregation of duties Reporting the Audit Findings The audit findings should be reported in writing to the Supervisory Committee by the audit firm The auditors should meet, in person, with the Supervisory Committee as necessary The Supervisory Committee should research each item and recommend any changes necessary to correct the issue The Supervisory Committee must then report these finding to the Board of Directors Be an Active Supervisory Committee The Supervisory Committee should be granted access to all of the Credit Union’s records without exception The Supervisory Committee should adequately document all reviews performed ALL CREDIT UNION INFORMATION MUST BE KEPT CONFIDENTIAL Questions? Thank You!