Supervisory committees have many more responsibilities than just the annual audit and verification, says Susan Landauer of Forensic Accounting Services Group.
“It’s not enough to do the annual audit,” Landauer says. “You can outsource these responsibilities, but you need to make sure they are handled properly.”
Landauer defined four additional areas of concern in a breakout session on advanced supervisory committee responsibilities at the CUNA Supervisory Committee and Internal Audit Conference:
1. Weigh whether internal controls effectively achieve financial reporting objectives
Giving any individual too much autonomy and scope of influence invites fraud.
To guard against that scenario, the supervisory committee should concentrate on:
Don’t get lulled into thinking that only small credit unions with fewer personnel are susceptible to fraud due to lax internal controls, Landauer says. “The bigger the credit union, the bigger the issue can be.”
Devise a plan in which the credit union audits high-risk areas annually, and combs through all areas in a defined time period, such as three years.
Also, ensure your credit union has adequate policies for:
Consider, too, whether vendors have the appropriate coverages in place.
And explore cybersecurity coverage, although Landauer cautions that credit unions should scrutinize policies to make sure they cover the incidents that most concern them.
2. Confirm that you promptly prepare accurate accounting records and financial reports
Obtain and review the statement of financial position (balance sheet), income statement, statement of changes in equity, and cash flow statement.
Compare financial ratios such as loan to share, delinquency, and return on assets in these statements to prior years, months, and peer group statistics so you can measure your credit union’s stability and opportunity to grow.
3. Evaluate whether you properly administer the board's plans, policies, and control procedures
The relationship between the supervisory committee and board varies between credit unions.
Many mandate that supervisory committee members attend the board meetings, and some appoint a representative to attend.
In either case, obtain and review the minutes of every board meeting, and address any questions with the board chair.
Meet with outside auditors and examiners to discuss findings, and form a plan of attack to address examiners’ concerns.
4. Determine whether policies and procedures are sufficient to safeguard against error, conflict of interest, self-dealing, and fraud
Ensure the internal audit department performs audits of all employee and official accounts on a routine basis.
If the committee must perform these procedures, selectively review accounts, request files for all loans since the last review, and look for unusual transactions. Address questions with management and document all procedures and results.
Verify new loans, new accounts, and closed accounts, potentially surveying closed accounts to determine why they left the credit union.
Ensure the existence of, and adherence to, ethics and fraud policies. Insist that all employees sign statements of allegiance to these policies annually, and regularly review these policies to see whether new threats dictate changes to the documents.