Growth Milestone Comes With Crucial FDICIA Requirements

Written by

Mergers or strong internal growth can quickly send a small financial institution’s assets soaring past the $1 billion mark. But that milestone comes with additional requirements from the Federal Deposit Insurance Corp. that, if not tackled early, can become arduous and time-consuming.

When a bank reaches that benchmark, as measured at the start of its fiscal year, the FDIC requires an annual report that must include:

  • Audited comparative annual financial statements.
  • The independent public accountant’s report on the audited financial statements.
  • A management report that contains:
    • A statement of certain management responsibilities.
    • An assessment of the institution’s compliance with laws pertaining to insider loans and dividend restrictions during the year.
    • An assessment on the effectiveness of the institution’s internal control structure over financial reporting, as of the end of the fiscal year.
    • The independent public accountant’s attestation report concerning the effectiveness of the institution’s internal control structure over financial reporting.

Management Assessment of Internal Controls
Complying with Internal Controls over Financial Reporting (ICFR) requirements can be exhaustive, but a few early steps can help:

  • Identify key business processes around financial reporting/systems in scope.
  • Conduct business process walk-throughs of the key business processes.
  • For each in-scope business process/system, identify related IT general control (ITGC) elements.
  • Create a risk control matrix (RCM) with the key controls and identity gaps in controls.

To assess internal controls and procedures for financial reporting, start with control criteria as a baseline. The Committee of Sponsoring Organizations (COSO) of the Treadway Commission provides criteria with a fairly broad outline of internal control components that banks should evaluate at the entity level and activity or process level.

Implementation Phases, Schedule and Events
A FDICIA implementation approach generally includes a four-phase program designed with the understanding that a bank’s external auditors will be required to attest to and report on management’s internal control assessment.

Phase One: Business Risk Assessment and COSO Evaluation
Perform a high-level business risk assessment COSO evaluation of the bank. This evaluation is a top-down approach that allows the bank to effectively identify and address the five major components of COSO. This review includes describing policies and procedures in place, as well as identifying areas of weakness and actions needed to ensure that the bank’s policies and procedures are operating with effective controls.

Phase One action steps are:

  • Educate senior management and audit committee/board of directors on reporting requirements.
  • Establish a task force internally, evaluate resources and communicate.
  • Identify and delegate action steps, including timeline.
  • Identify criteria to be used (COSO).
  • Determine which processes and controls are significant.
  • Determine which locations or business units should be included.
  • Coordinate with external auditor when applicable.
  • Consider adoption of a technology tool to provide data collection, analysis and graphical reporting.

Phase Two: Documenting the Bank’s Control Environment
Once management approves the COSO evaluation and has identified the high-risk business lines and support functions of the bank, it should document the internal control environment and perform a detailed process review of high-risk areas. The primary goals of this phase are intended to identify and document which controls are significant, evaluate their design effectiveness and determine what enhancements, if any, they must make.

Phase Three: Testing and Reporting of the Control Environment
The bank’s internal auditor validates the key internal controls by performing an assessment of the operating effectiveness to determine if they are functioning as designed, intended and expected.  The internal auditor should help management determine which control deficiencies, if any, constitute a significant deficiency or material control weakness. Management and the internal auditor should consult with the external auditor to determine if they have performed any of the tests and if their testing can be leveraged for FDICIA reporting purposes.

Phase Four: Ongoing Monitoring
A primary component of an effective system of internal control is an ongoing monitoring process. The ongoing evaluation process of the system of internal controls will occasionally require modification as the business adjusts. Certain systems may require control enhancements to respond to new products or emerging risks. In other areas, the evaluation may point out redundant controls or other procedures that are no longer necessary. It’s useful to discuss the evaluation process and ongoing monitoring when making such improvement determinations.

Overdraft Fees Are Getting a Much-Needed Overhaul

Written by

Overdraft fees have been a significant source of noninterest income for the banking industry since they were first introduced in the 1990s. But these “deterrent” fees are on the chopping block at major financial institutions across the country, putting pressure on smaller banks to follow suit. 

Overdraft and non-sufficient funds (NSF) fees brought in an estimated $11 billion in revenue in 2021, according to the Financial Health Network, significantly down from $15.5 billion in fee revenue in 2019. As the industry responds to ongoing regulatory pressure on top of increased competition from neobanks and disruptive fintechs, that downward trend is expected to continue. 

For larger banks, those with more than $10 billion in assets, overdraft fee income has trended downward since 2015. Christopher Marinac, director of research at Janney Montgomery Scott, reported on this back in December 2021 after noting overdraft fees had declined for 23 quarters and expects this trend to continue into 2022. Despite the decline, regulators continue to focus on them, citing their role in the growth of wealth inequality. 

“[R]egulators have clearly sent a signal that they want those fees to either go away or be less emphasized,” Marinac says. “Like a lot of things in the regulatory world, this has been an area of focus and banks are going to find a way to make money elsewhere.”

For an industry that has evolved so rapidly over the last 10 years, overdraft fees represent a legacy banking service that has not adapted to today’s digital banking customer or the realistic cost to service this feature, says Darryl Knopp, senior director of portfolio marketing at the credit rating agency FICO. Knopp believes that an activities-based cost analysis would show just how mispriced these services actually are. It’s one reason why neobanks such as Chime have attracted customers boasting of lower fees. If banks were to think about overdrafts as access to short-term credit, that would change the pricing conversation to one of risk management. 

“Banks are way more efficient than they were 30 years ago, and they need to understand what the actual costs of these services are,’’ Knopp says. “The pricing has not changed since I got into banking, and that’s why [banks] are getting lapped by the fintechs.” 

Overdrafts aren’t going to disappear overnight, but some banks are getting ahead of the trend and taking action. Bank of America Corp., Wells Fargo & Co., and JPMorgan Chase & Co., which together brought in an estimated $2.8 billion in overdraft and NSF fee revenue in the first three quarters of 2021, recently announced reduced fees and implemented new grace periods, according to the Consumer Financial Protection Bureau. Capital One Financial Corp. announced the elimination of both overdraft and NSF fees back in December and Citigroup’s Citibank recently announced plans to eliminate overdraft fees, returned item fees, and overdraft protection fees. 

In April, $4.2 billion First Internet Bancorp of Fishers, Indiana, announced the removal of overdraft fees on personal and small business deposit accounts, but it continues to charge NSF fees when applicable. Nicole Lorch, president and chief operating officer at First Internet Bank, talked to Bank Director’s Vice President of Research Emily McCormick about the decision to make this change. She says overdrafts were not a key source of income for the bank and the executives wanted to emphasize their customer-centric approach to service. First Internet Bank’s internal data also found that overdraft fees tended toward accidental oversight by the customers, whereas NSF fees were more often the result of egregious behavior. 

“In the case of overdrafts,” says Lorch, “it felt like consumers could get themselves into the situation unintentionally, and we are not in this work to create hurdles for our customers.”

For banks that are grappling with the increased pressure to tackle this issue, there are other ways to get creative with overdraft and NSF fees. Last year, PNC Financial Services Group introduced its new “Low Cash Mode” offering, which comes with the Spend account inside of PNC’s Virtual Wallet. Low Cash Mode alerts customers to a low balance in their account. It gives customers the flexibility to choose which debits get processed, and provides a grace period of 24 hours or more to address an overdraft before charging a fee.

Banks that want to keep pace with the industry and are willing to take a proactive approach need to find ways to offer more personalized solutions. 

“The problem is not the overdraft fee,” says Ron Shevlin, chief research officer at Cornerstone Advisors. “It’s a liquidity management problem and it’s bigger than just overdrawing one’s account. Banks should see this as an opportunity to help customers with their specific liquidity management needs.” 

He says it’s time for the industry to move away from viewing overdrafts as a product and start thinking of it as a solutions-based service that can be personalized to a customer’s unique needs.

  • Bank Director Vice President of Research Emily McCormick contributed to this report.