Alert February 05, 2013

FRB Supplements Policy on Effectiveness of Regulated Entities’ Internal Audit Policies and Procedures

The FRB issued guidance on internal audits to supplement its 2003 interagency policy statement and reflect changes in banking regulation. The supplemental policy mirrors and updates the 2003 framework and includes a new section on enhanced internal audit practices, that requires financial institutions to focus on all aspects of risk, ranging from risk analysis and risk tolerance, to ensuring that appropriate controls and infrastructure are in place to handle and respond to risk. The FRB noted that how the internal practices are implemented will affect an institution's safety and soundness, internal audit and consumer laws and regulations compliance assessments. The policy applies to "supervised institutions with greater than $10 billion in total consolidated assets."