Appendix B to Part 363 - Illustrative Management Reports
12:6.0.1.1.14.0.1.7.13 : Appendix B
Appendix B to Part 363 - Illustrative Management Reports Table of
Contents 1. General 2. Reporting Scenarios for Institutions that
are Holding Company Subsidiaries 3. Illustrative Statements of
Management's Responsibilities 4. Illustrative Reports on
Management's Assessment of Compliance with Designated Laws and
Regulations 5. Illustrative Reports on Management's Assessment of
Internal Control Over Financial Reporting 6. Illustrative
Management Report - Combined Statement of Management's
Responsibilities, Report on Management's Assessment of Compliance
With Designated Laws and Regulations, and Report on Management's
Assessment of Internal Control Over Financial Reporting 7.
Illustrative Cover Letter - Compliance by Holding Company
Subsidiaries
1. General. The reporting scenarios, illustrative
management reports, and the cover letter (when complying at the
holding company level) in Appendix B to part 363 are intended to
assist managements of insured depository institutions in complying
with the annual reporting requirements of § 363.2 and guideline 3,
Compliance by Holding Company Subsidiaries, of Appendix A to
part 363. However, use of the illustrative management reports and
cover letter is not required. The managements of insured depository
institutions are encouraged to tailor the wording of their
management reports and cover letters to fit their particular
circumstances, especially when reporting on material weaknesses in
internal control over financial reporting or noncompliance with
designated laws and regulations. Terms that are not explained in
Appendix B have the meanings given them in part 363, the FDI Act,
or professional accounting and auditing literature. Instructions to
the preparer of the management reports are shown in brackets within
the illustrative reports.
2. Reporting Scenarios for Institutions that are Holding
Company Subsidiaries. (a) Subject to the criteria specified in
§ 363.1(b), an insured depository institution that is a subsidiary
of a holding company has flexibility in satisfying the reporting
requirements of part 363. When reporting at the holding company
level, the management report, or the individual components thereof,
should identify those subsidiary institutions that are subject to
part 363 and the extent to which they are included in the scope of
the management report or a component of the report. The following
reporting scenarios reflect how an insured depository institution
that meets the criteria set forth in § 363.1(b) could satisfy the
annual reporting requirements of § 363.2. Other reporting scenarios
are possible.
(i) An institution that is a subsidiary of a holding company may
satisfy the requirements for audited financial statements;
management's statement of responsibilities; management's assessment
of the institution's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions; management's assessment of the effectiveness of
internal control over financial reporting, if applicable; and the
independent public accountant's attestation on management's
assertion as to the effectiveness of internal control over
financial reporting, if applicable, at the insured depository
institution level.
(ii) An institution that is a subsidiary of a holding company
may satisfy the requirements for audited financial statements;
management's statement of responsibilities; management's assessment
of the institution's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions; management's assessment of the effectiveness of
internal control over financial reporting, if applicable; and the
independent public accountant's attestation on management's
assertion as to the effectiveness of internal control over
financial reporting, if applicable, at the holding company
level.
(iii) An institution that is a subsidiary of a holding company
may satisfy the requirement for audited financial statements at the
holding company level and may satisfy the requirements for
management's statement of responsibilities; management's assessment
of the institution's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions; management's assessment of the effectiveness of
internal control over financial reporting, if applicable; and the
independent public accountant's attestation on management's
assertion as to the effectiveness of internal control over
financial reporting, if applicable, at the insured depository
institution level.
(iv) An institution that is a subsidiary of a holding company
may satisfy the requirements for audited financial statements;
management's statement of responsibilities; and management's
assessment of the institution's compliance with the Federal laws
and regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions at the insured depository institution level and may
satisfy the requirements for the assessment by management of the
effectiveness of internal control over financial reporting, if
applicable; and the independent public accountant's attestation on
management's assertion as to the effectiveness of internal control
over financial reporting, if applicable, at the holding company
level.
(b) For an institution with total assets of $1 billion or more
as of the beginning of its fiscal year, the assessment by
management of the effectiveness of internal control over financial
reporting and the independent public accountant's attestation on
management's assertion as to the effectiveness of internal control
over financial reporting, if applicable, must both be performed at
the same level, i.e., either at the insured depository
institution level or at the holding company level.
(c) Financial statements prepared for regulatory reporting
purposes encompass the schedules equivalent to the basic financial
statements in an institution's appropriate regulatory report,
e.g., the bank Consolidated Reports of Condition and Income
(Call Report) and the Thrift Financial Report (TFR). Guideline 4A
in Appendix A to part 363 identifies the schedules equivalent to
the basic financial statements in the Call Report and TFR. When
internal control assessments and attestations are performed at the
holding company level, the FDIC believes that holding companies
have flexibility in interpreting “financial reporting” as it
relates to “regulatory reporting” and has not objected to several
reporting approaches employed by holding companies to cover
“regulatory reporting.” Certain holding companies have had
management's assessment and the accountant's attestation cover the
schedules equivalent to the basic financial statements that are
included in the appropriate regulatory report, e.g., Call
Report and the TFR, of each subsidiary institution subject to part
363. Other holding companies have had management's assessment and
the accountant's attestation cover the schedules equivalent to the
basic financial statements that are included in the holding
company's year-end regulatory report (FR Y-9C report) to the
Federal Reserve Board.
3. Illustrative Statements of Management's
Responsibilities. The following illustrative statements of
management's responsibilities satisfy the requirements of §
363.2(b)(1).
(a) Statement Made at Insured Depository Institution Level
Statement of Management's Responsibilities
The management of ABC Depository Institution (the “Institution”)
is responsible for preparing the Institution's annual financial
statements in accordance with generally accepted accounting
principles; for establishing and maintaining an adequate internal
control structure and procedures for financial reporting, including
controls over the preparation of regulatory financial statements in
accordance with the instructions for the [specify the regulatory
report]; and for complying with the Federal laws and regulations
pertaining to insider loans and the Federal and, if applicable,
State laws and regulations pertaining to dividend restrictions.
ABC Depository Institution John Doe, Chief Executive Officer Date:
Jane Doe, Chief Financial Officer Date: (b) Statement Made at
Holding Company Level Statement of Management's Responsibilities
The management of BCD Holding Company (the “Company”) is
responsible for preparing the Company's annual financial statements
in accordance with generally accepted accounting principles; for
establishing and maintaining an adequate internal control structure
and procedures for financial reporting, including controls over the
preparation of regulatory financial statements in accordance with
the instructions for the [specify the regulatory report]; and for
complying with the Federal laws and regulations pertaining to
insider loans and the Federal and, if applicable, State laws and
regulations pertaining to dividend restrictions. The following
subsidiary institutions of the Company that are subject to Part 363
are included in this statement of management's responsibilities:
[Identify the subsidiary institutions.]
BCD Holding Company John Doe, Chief Executive Officer Date: Jane
Doe, Chief Financial Officer Date:
4. Illustrative Reports on Management's Assessment of
Compliance with Designated Laws and Regulations. The following
illustrative reports on management's assessment of compliance with
Designated Laws and Regulations satisfy the requirements of §
363.2(b)(2).
(a) Statement Made at Insured Depository Institution Level -
Compliance With Designated Laws and Regulations Pertaining to
Insider Loans and Dividend Restrictions Management's Assessment of
Compliance With Designated Laws and Regulations
The management of ABC Depository Institution (the “Institution”)
has assessed the Institution's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX. Based upon its assessment, management has concluded that the
Institution complied with the Federal laws and regulations
pertaining to insider loans and the Federal and, if applicable,
State laws and regulations pertaining to dividend restrictions
during the fiscal year that ended on December 31, 20XX.
ABC Depository Institution John Doe, Chief Executive Officer Date:
Jane Doe, Chief Financial Officer Date: (b) Statement Made at
Insured Depository Institution Level - Noncompliance With
Designated Laws and Regulations Pertaining to Both Insider Loans
and Dividend Restrictions Management's Assessment of Compliance
With Designated Laws and Regulations
The management of ABC Depository Institution (the “Institution”)
has assessed the Institution's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX. Based upon its assessment, management has determined that,
because of the instance(s) of noncompliance noted below, the
Institution did not comply with the Federal laws and regulations
pertaining to insider loans and the Federal and, if applicable,
State laws and regulations pertaining to dividend restrictions
during the fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of
noncompliance with the Federal laws and regulations pertaining to
insider loans and the Federal and, if applicable, State laws and
regulations pertaining to dividend restrictions, including
appropriate qualitative and quantitative information to describe
the nature, type, and severity of the noncompliance and the dollar
amounts of the insider loan(s) and dividend(s) involved.]
ABC Depository Institution John Doe, Chief Executive Officer Date:
Jane Doe, Chief Financial Officer Date: (c) Statement Made at
Insured Depository Institution Level - Compliance With Designated
Laws and Regulations Pertaining to Insider Loans and Noncompliance
With Designated Laws and Regulations Pertaining to Dividend
Restrictions Management's Assessment of Compliance With Designated
Laws and Regulations
The management of ABC Depository Institution (the “Institution”)
has assessed the Institution's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX. Based upon its assessment, management has concluded that the
Institution complied with the Federal laws and regulations
pertaining to insider loans during the fiscal year that ended on
December 31, 20XX. Also, based upon its assessment, management has
determined that, because of the instance(s) of noncompliance noted
below, the Institution did not comply with the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX.
[Identify and describe the instance or instances of
noncompliance with the Federal and, if applicable, State laws and
regulations pertaining to dividend restrictions, including
appropriate qualitative and quantitative information to describe
the nature, type, and severity of the noncompliance and the dollar
amount(s) of the dividend(s) involved.]
ABC Depository Institution John Doe, Chief Executive Officer Date:
Jane Doe, Chief Financial Officer Date: (d) Statement Made at
Insured Depository Institution Level - Noncompliance With
Designated Laws and Regulations Pertaining to Insider Loans and
Compliance With Designated Laws and Regulations Pertaining to
Dividend Restrictions Management's Assessment of Compliance With
Designated Laws and Regulations
The management of ABC Depository Institution (the “Institution”)
has assessed the Institution's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX. Based upon its assessment, management has determined that,
because of the instance(s) of noncompliance noted below, the
Institution did not comply with the Federal laws and regulations
pertaining to insider loans during the fiscal year that ended on
December 31, 20XX. Also, based upon its assessment, management has
concluded that the Institution complied with the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX.
[Identify and describe the instance or instances of
noncompliance with the Federal laws and regulations pertaining to
insider loans, including appropriate qualitative and quantitative
information to describe the nature, type, and severity of the
noncompliance and the dollar amount(s) of the insider loan(s)
involved.]
ABC Depository Institution John Doe, Chief Executive Officer Date:
Jane Doe, Chief Financial Officer Date: (e) Statement Made at
Holding Company Level - Compliance With Designated Laws and
Regulations Pertaining to Insider Loans and Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and
Regulations
The management of BCD Holding Company (the “Company”) has
assessed the Company's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX. Based upon its assessment, management has concluded that the
Company complied with the Federal laws and regulations pertaining
to insider loans and the Federal and, if applicable, State laws and
regulations pertaining to dividend restrictions during the fiscal
year that ended on December 31, 20XX. The following subsidiary
institutions of the Company that are subject to Part 363 are
included in this assessment of compliance with these designated
laws and regulations: [Identify the subsidiary institutions.]
BCD Holding Company John Doe, Chief Executive Officer Date: Jane
Doe, Chief Financial Officer Date: (f) Statement Made at Holding
Company Level - Noncompliance With Designated Laws and Regulations
Pertaining to Both Insider Loans and Dividend Restrictions
Management's Assessment of Compliance With Designated Laws and
Regulations
The management of BCD Holding Company (the “Company”) has
assessed the Company's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX. The following subsidiary institutions of the Company that are
subject to Part 363 are included in this assessment of compliance
with these designated laws and regulations: [Identify the
subsidiary institutions.]
Based upon its assessment, management has determined that,
because of the instance(s) of noncompliance noted below, the
Company did not comply with the Federal laws and regulations
pertaining to insider loans and the Federal and, if applicable,
State laws and regulations pertaining to dividend restrictions
during the fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of
noncompliance with the Federal laws and regulations pertaining to
insider loans and the Federal and, if applicable, State laws and
regulations pertaining to dividend restrictions, including
appropriate qualitative and quantitative information to identify
the subsidiary institutions of the Company that are subject to Part
363 that had instances of noncompliance and describe the nature,
type, and severity of the noncompliance and the dollar amount(s) of
the insider loan(s) and dividend(s) involved.]
BCD Holding Company John Doe, Chief Executive Officer Date: Jane
Doe, Chief Financial Officer Date: (g) Statement Made at Holding
Company Level - Compliance With Designated Laws and Regulations
Pertaining to Insider Loans and Noncompliance With Designated Laws
and Regulations Pertaining to Dividend Restrictions Management's
Assessment of Compliance With Designated Laws and Regulations
The management of BCD Holding Company (the “Company”) has
assessed the Company's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX. The following subsidiary institutions of the Company that are
subject to Part 363 are included in this assessment of compliance
with these designated laws and regulations: [Identify the
subsidiary institutions.]
Based upon its assessment, management has concluded that the
Company complied with the Federal laws and regulations pertaining
to insider loans during the fiscal year that ended on December 31,
20XX. Also, based upon its assessment, management has determined
that, because of the instance(s) of noncompliance noted below, the
Company did not comply with the Federal and, if applicable, State
laws and regulations pertaining to dividend restrictions during the
fiscal year that ended on December 31, 20XX.
[Identify and describe the instance or instances of
noncompliance with the Federal and, if applicable, State laws and
regulations pertaining to dividend restrictions, including
appropriate qualitative and quantitative information to identify
the subsidiary institutions of the Company that are subject to Part
363 that had instances of noncompliance and describe the nature,
type, and severity of the noncompliance and the dollar amount(s) of
the dividend(s) involved.]
BCD Holding Company John Doe, Chief Executive Officer Date: Jane
Doe, Chief Financial Officer Date: (h) Statement Made at Holding
Company Level - Noncompliance With Designated Laws and Regulations
Pertaining to Insider Loans and Compliance With Designated Laws and
Regulations Pertaining to Dividend Restrictions Management's
Assessment of Compliance With Designated Laws and Regulations
The management of BCD Holding Company (the “Company”) has
assessed the Company's compliance with the Federal laws and
regulations pertaining to insider loans and the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX. The following subsidiary institutions of the Company that are
subject to Part 363 are included in this assessment of compliance
with these designated laws and regulations: [Identify the
subsidiary institutions.]
Based upon its assessment, management has determined that,
because of the instance(s) of noncompliance noted below, the
Company did not comply with the Federal laws and regulations
pertaining to insider loans during the fiscal year that ended on
December 31, 20XX. Also, based upon its assessment, management has
concluded that the Company complied with the Federal and, if
applicable, State laws and regulations pertaining to dividend
restrictions during the fiscal year that ended on December 31,
20XX.
[Identify and describe the instance or instances of
noncompliance with the Federal laws and regulations pertaining to
insider loans, including appropriate qualitative and quantitative
information to identify the subsidiary institutions of the Company
that are subject to Part 363 that had instances of noncompliance
and describe the nature, type, and severity of the noncompliance
and the dollar amount(s) of the insider loan(s) involved.]
BCD Holding Company John Doe, Chief Executive Officer Date: Jane
Doe, Chief Financial Officer Date:
5. Illustrative Reports on Management's Assessment of
Internal Control Over Financial Reporting. The following
illustrative reports on management's assessment of internal control
over financial reporting satisfy the requirements of §
363.2(b)(3).
(a) Statement Made at Insured Depository Institution Level - No
Material Weaknesses Management's Assessment of Internal Control
Over Financial Reporting
ABC Depository Institution's (the “Institution”) internal
control over financial reporting is a process effected by those
charged with governance, management, and other personnel, designed
to provide reasonable assurance regarding the reliability of
financial reporting and the preparation of reliable financial
statements in accordance with accounting principles generally
accepted in the United States of America and financial statements
for regulatory reporting purposes, i.e., [specify the
regulatory reports]. The Institution's internal control over
financial reporting includes those policies and procedures that (1)
pertain to the maintenance of records that, in reasonable detail,
accurately and fairly reflect the transactions and dispositions of
the assets of the Institution; (2) provide reasonable assurance
that transactions are recorded as necessary to permit preparation
of financial statements in accordance with accounting principles
generally accepted in the United States of America and financial
statements for regulatory reporting purposes, and that receipts and
expenditures of the Institution are being made only in accordance
with authorizations of management and directors of the Institution;
and (3) provide reasonable assurance regarding prevention, or
timely detection and correction of unauthorized acquisition, use,
or disposition of the Institution's assets that could have a
material effect on the financial statements.
Because of its inherent limitations, internal control over
financial reporting may not prevent, or detect and correct
misstatements. Also, projections of any evaluation of effectiveness
to future periods are subject to the risk that controls may become
inadequate because of changes in conditions, or that the degree of
compliance with the policies and procedures may deteriorate.
Management is responsible for establishing and maintaining
effective internal control over financial reporting including
controls over the preparation of regulatory financial statements.
Management assessed the effectiveness of the Institution's internal
control over financial reporting, including controls over the
preparation of regulatory financial statements in accordance with
the instructions for the [specify the regulatory report], as of
December 31, 20XX, based on the framework set forth by the
Committee of Sponsoring Organizations of the Treadway Commission in
Internal Control - Integrated Framework. Based upon its
assessment, management has concluded that, as of December 31, 20XX,
the Institution's internal control over financial reporting,
including controls over the preparation of regulatory financial
statements in accordance with the instructions for the [specify the
regulatory report], is effective based on the criteria established
in Internal Control - Integrated Framework.
Management's assessment of the effectiveness of internal control
over financial reporting, including controls over the preparation
of regulatory financial statements in accordance with the
instructions for the [specify the regulatory report], as of
December 31, 20XX, has been audited by [name of auditing firm], an
independent public accounting firm, as stated in their report dated
March XX, 20XY.
ABC Depository Institution John Doe, Chief Executive Officer Date:
Jane Doe, Chief Financial Officer Date: (b) Statement Made at
Insured Depository Institution Level - One or More Material
Weaknesses Management's Assessment of Internal Control Over
Financial Reporting
ABC Depository Institution's (the “Institution”) internal
control over financial reporting is a process effected by those
charged with governance, management, and other personnel, designed
to provide reasonable assurance regarding the reliability of
financial reporting and the preparation of reliable financial
statements in accordance with accounting principles generally
accepted in the United States of America and financial statements
for regulatory reporting purposes, i.e., [specify the
regulatory reports]. The Institution's internal control over
financial reporting includes those policies and procedures that (1)
pertain to the maintenance of records that, in reasonable detail,
accurately and fairly reflect the transactions and dispositions of
the assets of the Institution; (2) provide reasonable assurance
that transactions are recorded as necessary to permit preparation
of financial statements in accordance with accounting principles
generally accepted in the United States of America and financial
statements for regulatory reporting purposes, and that receipts and
expenditures of the Institution are being made only in accordance
with authorizations of management and directors of the Institution;
and (3) provide reasonable assurance regarding prevention, or
timely detection and correction of unauthorized acquisition, use,
or disposition of the Institution's assets that could have a
material effect on the financial statements.
Because of its inherent limitations, internal control over
financial reporting may not prevent, or detect and correct
misstatements. Also, projections of any evaluation of effectiveness
to future periods are subject to the risk that controls may become
inadequate because of changes in conditions, or that the degree of
compliance with the policies and procedures may deteriorate.
Management is responsible for establishing and maintaining
effective internal control over financial reporting including
controls over the preparation of regulatory financial statements.
Management assessed the effectiveness of the Institution's internal
control over financial reporting, including controls over the
preparation of regulatory financial statements in accordance with
the instructions for the [specify the regulatory report], as of
December 31, 20XX, based on the framework set forth by the
Committee of Sponsoring Organizations of the Treadway Commission in
Internal Control - Integrated Framework. Because of the
material weakness (or weaknesses) noted below, management
determined that the Institution's internal control over financial
reporting, including controls over the preparation of regulatory
financial statements in accordance with the instructions for the
[specify the regulatory report], was not effective as of December
31, 20XX.
[Identify and describe the material weakness or weaknesses.]
Management's assessment of the effectiveness of internal control
over financial reporting, including controls over the preparation
of regulatory financial statements in accordance with the
instructions for the [specify the regulatory report], as of
December 31, 20XX, has been audited by [name of auditing firm], an
independent public accounting firm, as stated in their report dated
March XX, 20XY.
ABC Depository Institution John Doe, Chief Executive Officer Date:
Jane Doe, Chief Financial Officer Date: (c) Statement Made at
Holding Company Level - No Material Weaknesses Management's
Assessment of Internal Control Over Financial Reporting
BCD Holding Company's (the “Company”) internal control over
financial reporting is a process designed and effected by those
charged with governance, management, and other personnel, to
provide reasonable assurance regarding the reliability of financial
reporting and the preparation of reliable financial statements in
accordance with accounting principles generally accepted in the
United States of America and financial statements for regulatory
reporting purposes, i.e., [specify the regulatory reports].
The Company's internal control over financial reporting includes
those policies and procedures that (1) pertain to the maintenance
of records that, in reasonable detail, accurately and fairly
reflect the transactions and dispositions of the assets of the
Company; (2) provide reasonable assurance that transactions are
recorded as necessary to permit preparation of financial statements
in accordance with accounting principles generally accepted in the
United States of America and financial statements for regulatory
reporting purposes, and that receipts and expenditures of the
Company are being made only in accordance with authorizations of
management and directors of the Company; and (3) provide reasonable
assurance regarding prevention, or timely detection and correction
of unauthorized acquisition, use, or disposition of the Company's
assets that could have a material effect on the financial
statements.
Because of its inherent limitations, internal control over
financial reporting may not prevent, or detect and correct
misstatements. Also, projections of any evaluation of effectiveness
to future periods are subject to the risk that controls may become
inadequate because of changes in conditions, or that the degree of
compliance with the policies and procedures may deteriorate.
Management is responsible for establishing and maintaining
effective internal control over financial reporting including
controls over the preparation of regulatory financial statements.
Management assessed the effectiveness of the Company's internal
control over financial reporting, including controls over the
preparation of regulatory financial statements in accordance with
the instructions for the [specify the regulatory report], as of
December 31, 20XX, based on the framework set forth by the
Committee of Sponsoring Organizations of the Treadway Commission in
Internal Control - Integrated Framework. Based on that
assessment, management concluded that, as of December 31, 20XX, the
Company's internal control over financial reporting, including
controls over the preparation of regulatory financial statements in
accordance with the instructions for the [specify the regulatory
report], is effective based on the criteria established in
Internal Control - Integrated Framework. The following
subsidiary institutions of the Company that are subject to Part 363
are included in this assessment of the effectiveness of internal
control over financial reporting: [Identify the subsidiary
institutions.]
Management's assessment of the effectiveness of internal control
over financial reporting, including controls over the preparation
of regulatory financial statements in accordance with the
instructions for the [specify the regulatory report], as of
December 31, 20XX, has been audited by [name of auditing firm], an
independent public accounting firm, as stated in their report dated
March XX, 20XY.
BCD Holding Company John Doe, Chief Executive Officer Date: Jane
Doe, Chief Financial Officer Date: (d) Statement Made at Holding
Company Level - One or More Material Weaknesses Management's
Assessment of Internal Control Over Financial Reporting
BCD Holding Company's (the “Company”) internal control over
financial reporting is a process effected by those charged with
governance, management, and other personnel, designed to provide
reasonable assurance regarding the reliability of financial
reporting and the preparation of reliable financial statements in
accordance with accounting principles generally accepted in the
United States of America and financial statements for regulatory
reporting purposes, i.e., [specify the regulatory reports].
The Company's internal control over financial reporting includes
those policies and procedures that (1) pertain to the maintenance
of records that, in reasonable detail, accurately and fairly
reflect the transactions and dispositions of the assets of the
Company; (2) provide reasonable assurance that transactions are
recorded as necessary to permit preparation of financial statements
in accordance with accounting principles generally accepted in the
United States of America and financial statements for regulatory
reporting purposes, and that receipts and expenditures of the
Company are being made only in accordance with authorizations of
management and directors of the Company; and (3) provide reasonable
assurance regarding prevention, or timely detection and correction
of unauthorized acquisition, use, or disposition of the Company's
assets that could have a material effect on the financial
statements.
Because of its inherent limitations, internal control over
financial reporting may not prevent, or detect and correct
misstatements. Also, projections of any evaluation of effectiveness
to future periods are subject to the risk that controls may become
inadequate because of changes in conditions, or that the degree of
compliance with the policies and procedures may deteriorate.
Management is responsible for establishing and maintaining
effective internal control over financial reporting including
controls over the preparation of regulatory financial statements.
Management assessed the effectiveness of the Company's internal
control over financial reporting, including controls over the
preparation of regulatory financial statements in accordance with
the instructions for the [specify the regulatory report], as of
December 31, 20XX, based on the framework set forth by the
Committee of Sponsoring Organizations of the Treadway Commission in
Internal Control - Integrated Framework. Because of the
material weakness (or weaknesses) noted below, management
determined that the Company's internal control over financial
reporting, including controls over the preparation of regulatory
financial statements in accordance with the instructions for the
[specify the regulatory report], was not effective as of December
31, 20XX. The following subsidiary institutions of the Company that
are subject to Part 363 are included in this assessment of the
effectiveness of internal control over financial reporting:
[Identify the subsidiary institutions.]
[Identify and describe the material weakness or weaknesses.]
Management's assessment of the effectiveness of internal control
over financial reporting, including controls over the preparation
of regulatory financial statements in accordance with the
instructions for the [specify the regulatory report], as of
December 31, 20XX, has been audited by [name of auditing firm], an
independent public accounting firm, as stated in their report dated
March XX, 20XY.
BCD Holding Company John Doe, Chief Executive Officer Date: Jane
Doe, Chief Financial Officer Date:
6. Illustrative Management Report - Combined Statement of
Management's Responsibilities, Report on Management's Assessment of
Compliance With Designated Laws and Regulations, and Report on
Management's Assessment of Internal Control Over Financial
Reporting, if applicable. The following illustrative management
reports satisfy the requirements of §§ 363.2(b)(1), (2), and
(3).
(a) Management Report Made at Insured Depository Institution Level
- Compliance With Designated Laws and Regulations Pertaining to
Insider Loans and Dividend Restrictions and No Material Weaknesses
in Internal Control Over Financial Reporting Management Report
Statement of Management's Responsibilities
The management of ABC Depository Institution (the “Institution”)
is responsible for preparing the Institution's annual financial
statements in accordance with generally accepted accounting
principles; for establishing and maintaining an adequate internal
control structure and procedures for financial reporting, including
controls over the preparation of regulatory financial statements in
accordance with the instructions for the [specify the regulatory
report]; and for complying with the Federal laws and regulations
pertaining to insider loans and the Federal and, if applicable,
State laws and regulations pertaining to dividend restrictions.
Management's Assessment of Compliance With Designated Laws and
Regulations
The management of the Institution has assessed the Institution's
compliance with the Federal laws and regulations pertaining to
insider loans and the Federal and, if applicable, State laws and
regulations pertaining to dividend restrictions during the fiscal
year that ended on December 31, 20XX. Based upon its assessment,
management has concluded that the Institution complied with the
Federal laws and regulations pertaining to insider loans and the
Federal and, if applicable, State laws and regulations pertaining
to dividend restrictions during the fiscal year that ended on
December 31, 20XX.
Management's Assessment of Internal Control Over Financial
Reporting
The Institution's internal control over financial reporting is a
process effected by those charged with governance, management, and
other personnel, designed to provide reasonable assurance regarding
the reliability of financial reporting and the preparation of
reliable financial statements in accordance with accounting
principles generally accepted in the United States of America and
financial statements for regulatory reporting purposes,
i.e., [specify the regulatory reports]. The Institution's
internal control over financial reporting includes those policies
and procedures that (1) pertain to the maintenance of records that,
in reasonable detail, accurately and fairly reflect the
transactions and dispositions of the assets of the Institution; (2)
provide reasonable assurance that transactions are recorded as
necessary to permit preparation of financial statements in
accordance with accounting principles generally accepted in the
United States of America and financial statements for regulatory
reporting purposes, and that receipts and expenditures of the
Institution are being made only in accordance with authorizations
of management and directors of the Institution; and (3) provide
reasonable assurance regarding prevention, or timely detection and
correction of unauthorized acquisition, use, or disposition of the
Institution's assets that could have a material effect on the
financial statements.
Because of its inherent limitations, internal control over
financial reporting may not prevent, or detect and correct
misstatements. Also, projections of any evaluation of effectiveness
to future periods are subject to the risk that controls may become
inadequate because of changes in conditions, or that the degree of
compliance with the policies and procedures may deteriorate.
Management assessed the effectiveness of the Institution's
internal control over financial reporting, including controls over
the preparation of regulatory financial statements in accordance
with the instructions for the [specify the regulatory report], as
of December 31, 20XX, based on the framework set forth by the
Committee of Sponsoring Organizations of the Treadway Commission in
Internal Control - Integrated Framework.
Based upon its assessment, management has concluded that, as of
December 31, 20XX, the Institution's internal control over
financial reporting, including controls over the preparation of
regulatory financial statements in accordance with the instructions
for the [specify the regulatory report], is effective based on the
criteria established in Internal Control - Integrated
Framework.
Management's assessment of the effectiveness of internal control
over financial reporting, including controls over the preparation
of regulatory financial statements in accordance with the
instructions for the [specify the regulatory report], as of
December 31, 20XX, has been audited by [name of auditing firm], an
independent public accounting firm, as stated in their report dated
March XX, 20XY.
ABC Depository Institution John Doe, Chief Executive Officer Date:
Jane Doe, Chief Financial Officer Date: (b) Management Report Made
at Holding Company Level - Compliance With Designated Laws and
Regulations Pertaining to Insider Loans and Dividend Restrictions
and No Material Weaknesses in Internal Control Over Financial
Reporting Management Report
[Instruction - The following illustrative introductory
paragraph for the management report is applicable only if the same
group of subsidiary institutions of the holding company that are
subject to Part 363 are included in all three components of the
management report required by Part 363: the statement of
management's responsibilities, the report on management's
assessment of compliance with the Designated Laws and Regulations
pertaining to insider loans and dividend restrictions, and the
report on management's assessment of internal control over
financial reporting.]
In this management report, the following subsidiary institutions
of the BCD Holding Company (the “Company”) that are subject to Part
363 are included in the statement of management's responsibilities;
the report on management's assessment of compliance with the
Federal laws and regulations pertaining to insider loans and the
Federal and, if applicable, State laws and regulations pertaining
to dividend restrictions; and the report on management's assessment
of internal control over financial reporting: [Identify the
subsidiary institutions.]
[Instruction - The following illustrative introductory
paragraph for the management report is applicable if the same group
of subsidiary institutions of the holding company that are subject
to Part 363 are included in the statement of management's
responsibilities and management's assessment of compliance with the
Designated Laws and Regulations pertaining to insider loans and
dividend restrictions, but only some of the subsidiary institutions
in the group are included in management's assessment of internal
control over financial reporting.]
In this management report, the following subsidiary institutions
of BCD Holding Company (the “Company”) that are subject to Part 363
are included in the statement of management's responsibilities and
the report on management's assessment of compliance with the
Federal laws and regulations pertaining to insider loans and the
Federal and, if applicable, State laws and regulations pertaining
to dividend restrictions: [Identify the subsidiary institutions.]
In addition, the following subsidiary institutions of the Company
that are subject to Part 363 are included in the report on
management's assessment of internal control over financial
reporting: [Identify the subsidiary institutions.]
Statement of Management's Responsibilities
The management of the Company is responsible for preparing the
Company's annual financial statements in accordance with generally
accepted accounting principles; for establishing and maintaining an
adequate internal control structure and procedures for financial
reporting, including controls over the preparation of regulatory
financial statements in accordance with the instructions for the
[specify the regulatory report]; and for complying with the Federal
laws and regulations pertaining to insider loans and the Federal
and, if applicable, State laws and regulations pertaining to
dividend restrictions.
Management's Assessment of Compliance With Designated Laws and
Regulations
The management of the Company has assessed the Company's
compliance with the Federal laws and regulations pertaining to
insider loans and the Federal and, if applicable, State laws and
regulations pertaining to dividend restrictions during the fiscal
year that ended on December 31, 20XX. Based upon its assessment,
management has concluded that the Company complied with the Federal
laws and regulations pertaining to insider loans and the Federal
and, if applicable, State laws and regulations pertaining to
dividend restrictions during the fiscal year that ended on December
31, 20XX.
Management's Assessment of Internal Control Over Financial
Reporting
The Company's internal control over financial reporting is a
process effected by those charged with governance, management, and
other personnel, designed to provide reasonable assurance regarding
the reliability of financial reporting and the preparation of
reliable financial statements in accordance with accounting
principles generally accepted in the United States of America and
financial statements for regulatory reporting purposes,
i.e., [specify the regulatory reports]. The Company's
internal control over financial reporting includes those policies
and procedures that (1) pertain to the maintenance of records that,
in reasonable detail, accurately and fairly reflect the
transactions and dispositions of the assets of the Company; (2)
provide reasonable assurance that transactions are recorded as
necessary to permit preparation of financial statements in
accordance with accounting principles generally accepted in the
United States of America and financial statements for regulatory
reporting purposes, and that receipts and expenditures of the
Company are being made only in accordance with authorizations of
management and directors of the Company; and (3) provide reasonable
assurance regarding prevention, or timely detection and correction
of unauthorized acquisition, use, or disposition of the Company's
assets that could have a material effect on the financial
statements.
Because of its inherent limitations, internal control over
financial reporting may not prevent, or detect and correct
misstatements. Also, projections of any evaluation of effectiveness
to future periods are subject to the risk that controls may become
inadequate because of changes in conditions, or that the degree of
compliance with the policies and procedures may deteriorate.
Management assessed the effectiveness of the Company's internal
control over financial reporting, including controls over the
preparation of regulatory financial statements in accordance with
the instructions for the [specify the regulatory report], as of
December 31, 20XX, based on the framework set forth by the
Committee of Sponsoring Organizations of the Treadway Commission in
Internal Control - Integrated Framework. Based upon its
assessment, management has concluded that, as of December 31, 20XX,
the Company's internal control over financial reporting, including
controls over the preparation of regulatory financial statements in
accordance with the instructions for the [specify the regulatory
report], is effective based on the criteria established in
Internal Control - Integrated Framework.
Management's assessment of the effectiveness of internal control
over financial reporting, including controls over the preparation
of regulatory financial statements in accordance with the
instructions for the [specify the regulatory report], as of
December 31, 20XX, has been audited by [name of auditing firm], an
independent public accounting firm, as stated in their report dated
March XX, 20XY.
BCD Holding Company John Doe, Chief Executive Officer Date: Jane
Doe, Chief Financial Officer Date:
7. Illustrative Cover Letter - Compliance by Holding Company
Subsidiaries. The following illustrative cover letter satisfies
the requirements of guideline 3, Compliance by Holding Company
Subsidiaries, of Appendix A to part 363.
To: (Appropriate FDIC Regional or Area Office) Division of
Supervision and Consumer Protection, FDIC, and (Appropriate
District or Regional Office of the Primary Federal Regulator(s), if
not the FDIC), and
(Appropriate State Bank Supervisor(s), if applicable)
Dear [Insert addressees]:
BCD Holding Company (the “Company”) is filing two copies of the
Part 363 Annual Report for the fiscal year ended December 31, 20XX,
on behalf of its insured depository institution subsidiaries listed
in the chart below that are subject to Part 363. The Part 363
Annual Report contains audited comparative annual financial
statements, the independent public accountant's report on the
audited financial statements, management's statement of
responsibilities, management's assessment of compliance with the
Designated Laws and Regulations pertaining to insider loans and
dividend restrictions, and [if applicable] management's assessment
of and the independent public accountant's attestation report on
internal control over financial reporting. The chart below also
indicates the level (institution or holding company) at which the
requirements of Part 363 are being satisfied for each listed
insured depository institution subsidiary. [If applicable] The
Company's other insured depository institution subsidiaries that
are subject to Part 363, which comply with all of the Part 363
annual reporting requirements at the institution level, have filed
[or will file] their Part 363 Annual Reports separately.
| Institutions subject to Part
363 |
Audited financial
statements |
Management's
statement of
responsibilities |
Management's assessment of
compliance with designated laws and regulations |
Management's
internal control
assessment |
Independent auditor's
internal control
attestation report |
| ABC Depository
Institution |
Holding Company Level |
Holding Company Level |
Holding Company Level |
Holding Company Level |
Holding Company Level. |
| DEF Depository
Institution |
Holding Company Level |
Institution Level |
Institution Level |
Institution Level |
Institution Level. |
If you have any questions regarding the annual report [or
reports] of the Company's insured depository institution
subsidiaries subject to Part 363 or if you need any further
information, you may contact me at 987-654-3210.
BCD Holding Company Date: [Insert officer's name and title.]