Spring 2006-04 Federal regulators issue rules on external auditors’ engagement letters
Number 63
Spring 2006
Federal regulators issue rules on external auditors’ engagement letters
Guidance to banks on what clauses should not be included in their external auditors’ engagement letters is the subject of the FDIC’s Financial Institution Letter FIL-13-2006, published on February 9, 2006.
In addition to the communication from the Federal Deposit Insurance Corporation (which applies to insured banks), the same rules were promulgated by the Office of the Comptroller of the Currency (applicable to national banks), the Board of Governors of the Federal Reserve System (bank members of the Federal Reserve), the Office of Thrift Supervision (thrift institutions) and the National Credit Union Administration (federal credit unions).
Limitation of liability
The crux of the rules is avoidance of provisions that would limit an external auditor’s legal liability beyond what the federal regulators deem to be reasonable. Surpassing that subjective threshold is deemed to constitute an “unsafe and unsound” practice on the part of the institution’s board of directors. The stated reason is that provisions that limit liability may weaken the external auditor’s objectivity, impartiality and performance. As a result, the federal agencies’ ability to rely on audited statements could be impaired. Furthermore, such clauses could contravene the auditor independence standards set by the Securities and Exchange Commission, the Public Company Accounting Oversight Board and the American Institute of Certified Public Accountants.
Examples
The agencies’ letters give the following examples of unacceptable clauses:
Release from Liability
In no event will the auditing firm be liable to the financial institution for damages relating from the auditing services provided under this engagement letter, except to the extent determined to have resulted from the willful misconduct or fraudulent behavior of the auditing firm, relating to such services.
No Damages
In no event will the auditing firm’s liability under the terms of this engagement letter include responsibility for any claimed incidental or consequential damages.
Claim Limitation Period
No claim arising out of services rendered pursuant to this engagement letter may be asserted more than one year after the date of the last audit report issued.
Losses Occurring during Period Audited
The auditing firm’s liability arising from this engagement will be limited to any losses occurring during the periods covered by the audit, and will not include any losses occurring in later periods for which the auditing firm is not engaged as auditor.
No Assignment or Transfer
The financial institution may not, directly or indirectly, assign or otherwise transfer to anyone any claim against the auditing firm arising out of this engagement.
Knowing Misrepresentations by Management
The financial institution releases and indemnifies the auditing firm from any and all claims, liabilities, costs and expenses attributable to any knowing misrepresentation by management.
Indemnification for Management Negligence
The financial institution will indemnify, hold harmless and defend the auditing firm from and against any and all claims, damages, demands, actions, costs and charges arising out of, or by reason of, the financial institution’s negligent acts or failure to act under this engagement letter.
Damages not to Exceed Fees Paid
The auditing firm will not be liable for any claim for damages arising out of or in connection with any services provide in this engagement letter in an amount greater than the amount of fees actually paid therefor by the financial institution, directly relating to and forming the basis of such claim.
Applicability
The new rules apply to all financial institutions under federal supervision, whether large or small, public or privately-held, and whether auditing is mandated by law or voluntary on the part of the institution.
‡‡ Note:
The agencies’ letters do not seem to consider that some of the prohibited provisions may embrace defenses nonetheless available to the auditor by operation of state law. The ones dealing with the period to make claims, and compensation for incidental and consequential damages come to mind.
© 2006 Goldman Antonetti