Home | > | Software | > | FDICIA Tool | > | FDICIA Tool FAQ |
404 Tool Page 404 Overview | Product-specific Q&A 1. What is included in the FDICIA Compliance Tool? 3. How can the FDICIA Tool help me achieve compliance with FDICIA/Sarbanes-Oxley 404? 4. Does it work for initial compliance or ongoing compliance? 5. What is the initial cost? Are there any additional costs? 6. Can multiple people use the product concurrently? 7. Can I share your templates? 8. What framework is the product based on? 9. How does the Tool address the different stages of compliance? 14. What is the difference between the 404 Compliance Tool and the FDICIA Compliance Tool? FDICIA/Sarbanes-Oxley 404 Q&A 15. Who needs to comply with FDICIA? 16. When do I need to comply with FDICIA? 17. What kinds of tasks are required for FDICIA compliance? 18. What is the end result of FDICIA compliance? 19. Who regulates FDICIA Compliance and where can I get more information? 20. How do FDICIA and Sarbanes-Oxley section 404 interrelate? Tool Requirements Q&A 21. What do I need to install the Tool? 22. How do I install the Tool? 23. What if I need the Tool in a hurry? 24. What if I need additional help? Other Q&A 25. Do you provide sample systems? 26. Do you provide checklists? 27. Tool Updates and Ongoing Support? FDICIA Jump Start and Service Q&A 28. What does the FDICIA Jump Start Edition include? 29. How do I get Started with the FDICIA Jump Start Edition? 30. How do I buy the FDICIA Jump Start Edition and Service? 31. How do I get Consulting Help for FDICIA and use of this Tool? 32. What do I need to do once I receive the Tool? Product-specific Q&A: 1. What is included in the FDICIA Compliance Tool? The FDICIA Compliance Tool includes a set of linked Word & Excel templates and software to reduce manual effort. The planning and documentation sections are primarily Word files. The testing and remediation sections are predominately Excel files. The Excel components have buttons that create files and risks based on your selections. You first enter company information and detail the systems and processes relevant to your business. You then use buttons to create customized files for each system where you define the risks and controls relevant to that system. Under each system process, you define and evaluate risks and controls. Each risk and control will require testing and we provide buttons to create statistically valid testing samples based on the evaluated risk. In following years, you use the same templates and update the testing as required. We also provide related Tools including the SOX 404Tool and the Internal Controls Tool for differing markets. See the Tool Comparison page for more details. The Excel components contain embedded code, which automates certain features. So, yes, it is software. We call this a Tool because it includes template files that you use in your documentation and boilerplate text used in your financial statements as it relates to management’s controls attestation. You use industry-standard Microsoft® Excel and Word tools that you already know and use every day. 3. How can the FDICIA Tool help me achieve compliance with FDICIA/Sarbanes-Oxley 404? Our product was designed specifically for use in internal control documentation and compliance. FDICIA covers internal controls over "safety and soundness" of financial institutions, as well as internal controls over financial reporting, that are required by Sarbanes-Oxley 404. Although the safety and soundness portion falls outside of 404 compliance requirements, the systems/processes/risks model that we use in our Tool (per the COSO framework) is precisely the approach used for FDICIA compliance (COSO is the defacto framework for FDICIA compliance). Our technical accounting staff has extensive FDICIA compliance background with real-world implementation experience. Our Tool was developed with this in mind. This Tool assumes that you are subject to both FDICIA and Sarbanes-Oxley 404. It is designed to produce a single set of documentation that can be used to meet the requirements of both regulations. However, this Tool can be used for large, private Financial Institutions who are subject to FDICIA but not subject to Sarbanes-Oxley. Our Tool includes Word Templates and Excel workbooks that automate much of the manual process and incorporates best practices. 4. Does it work for initial compliance or ongoing compliance? Both. We don’t think you should have to buy one system for the first year and another system for future years. Unlike other compliance products, this Tool is intended to meet key requirements for both initial and ongoing compliance. This product does more than simply document your controls, it helps evaluate and test them (see item 9). Once you configure the templates to fit your company, you only need to change settings as your circumstances change. The initial setup effort is leveraged for future year’s compliance. Once you have completed the first year, you simply copy the entire directory of files already customized for your business into a new directory for the next year. 5. What is the initial cost? Are there any additional costs? The base product is $1,799 (US Dollars). You may purchase by online payment with PayPal, FAX us a completed order form and we bill you or simply send us an order form with a check and we will send the CD to you after receipt. The license is per Company or legal entity. CPA and consulting firms or other companies that wish to use our products for their customers will need to contact our sales team for more details. There is a $399 per year ongoing maintenance cost to cover the support contract and software product updates. Ongoing technical support services are covered under the provided support contract. This contract provides you with a support account and contact and support will be provided per incident as covered under the terms of the agreement. Postal Mail delivery is $39.95 for shipping and handling (non-refundable) for CD orders. Additionally, California shipments will require the addition of 8.75% for sales tax for CD shipments. If you need to return the CD version of the Tool (unopened and returned within 30 days from delivery), you can return the package for a refund of the product less a 10% restocking fee (credit given in form of payment). If you have opened the CD case, we regret that we cannot accept returns. Customers in Canada and Europe will require special shipping and handling considerations. Please contact us and we will provide details. We're sorry but international orders from other nations can only be accepted on a case-by-case basis. Please contact sales@procognis.com if you are outside of the United States and wish to order our product and we will work out the shipping and customs details. 6. Can multiple people use the product concurrently? Yes. Not only can multiple people work concurrently, we advise it. FDICIA compliance is a big project and one of the ways you can keep costs down is by spreading the work out to your accounting or internal audit staff. Initially, one person should configure the product to describe your systems, processes, risks and controls. This includes assessing the control environment and setting an overall testing level. With the push of a button, an Excel workbook with embedded software is created from a template for each system you define. We would then recommend assigning the different systems (individual Excel workbooks) to various compliance team members. Team members can work from a common or shared directory but other arrangements will work (see product documentation). 7. Can I share your templates? No. Our templates are proprietary. By purchasing the Tool, you have been granted a license to use them for one company. If you have multiple subsidiaries, each must purchase a separate license. 8. What framework is the product based on? The product is based on the COSO framework. COSO is the defacto standard for FDICIA compliance. COSO is the industry-standard internal control framework (COSO is an abbreviation for Committee of Sponsoring Organizations of the Treadway Commission, seriously!). Among other things, the framework defines internal control as a process designated to provide reasonable assurance regarding the reliability of financial reporting. With COSO, the control environment serves as a foundation for structuring internal financial controls. Within the control environment, management assesses risk (risk-based system) and implements mitigating control activities. Information is captured and communicated and the entire system is “monitored” (i.e. tested) for effectiveness. 9. How does the Tool address the different stages of compliance? Our product has four major stages: Planning, Documenting, Testing, and Evaluating. Planning Documentation Testing Evaluation Our system is risk based. Once a risk has been identified, it is scored as to how likely it is to occur and its significance to the company if it did occur. This produces a risk score. The user identifies what control mitigates the identified risk and designs the test plan. The sample size is determined based on the risk score and company-wide testing level. The user then enters the beginning and ending numbers for the population. This could be invoices generated, checks cut, months in a year, or anything you can quantify numerically. Once this has been identified, the push of a button creates a statistically valid list of selections to test. Most companies are expected to have some deficiencies, especially during initial compliance. All deficiencies should be corrected and re-tested if time permits. Re-testing is performed by remediation provided via a separate test sheet. If time runs out, you will need to evaluate if the remaining deficiencies rise to the level of a material weakness. Deficiencies in areas of high risk should be addressed first. Our system defines three classes of deficiencies: deficiency, significant deficiency and material weakness. Deficiencies/Material weaknesses are determined based on risk score and evaluation of testing. The product can be purchased from our website at www.procognis.com/fdicia.php. It can be purchased by credit card or you can print and mail an order form with check. You may purchase the Internal Controls, FDICIA or Sarbanes-Oxley 404 Tools with the order form. Please see the Tool Comparison page for side-by-side comparisons of the available tools. Technical support is available via email on a per-incident basis. If encounter technical issues, simply email us at support@procognis.com. We will make every effort to resolve your technical or usage issues. If you need extra help in getting the templates customized for your entity, we also offer consulting services. Contact us at info@procognis.com for more information. 14. What is the difference between the 404 Compliance Tool and the FDICIA Compliance Tool? While they are similar, the Sarbanes-Oxley 404 Compliance Tool applies only to 404 Compliance. Financial institutions and their holding companies that are required to comply with FDICIA or FDICIA and Sarbanes-Oxley 404 should use the FDICIA Compliance Tool. The FDICIA Compliance Tool covers internal controls over safety and soundness and financial reporting. The 404 Tool focuses on internal controls over financial reporting. The FDICIA Compliance Tool was designed to produce a dual-purpose report which could be used to meet both the FDICIA and Sarbanes-Oxley 404 requirements. We allow our FDICIA customers to convert their licenses to SOX 404 (or vice-versa) for a $19.95 service charge. As soon as we receive a check for $19.95 (plus $5.95 shipping and handling) and your request to change license type, we will ship a new CD set to you. FDICIA/Sarbanes-Oxley 404 Q&A: 15. Who needs to comply with FDICIA?The FDIC Improvement Act of 1991 (FDICIA) applies to FDIC insured financial institutions with assets in excess of $1 Billion (USD). In certain circumstances, a holding company may choose to comply with FDICIA requirements in place of its subsidiary institutions. Consult your primary regulator for more information and guidance. 16. When do I need to comply with FDICIA? FDICIA requires an annual report on internal controls. This means that you need to evaluate controls on a yearly basis for as long as you meet the requirements (i.e. in excess of $1 Billion USD in assets). 17. What kinds of tasks are required for FDICIA compliance? FDICIA requires that controls be evaluated as to design as well as operating effectiveness. This means that controls must be designed correctly and function as designed. In order to verify functioning, a certain level of substantive testing must be performed. The major tasks include planning, documenting systems, evaluating risks, identifying mitigating controls, testing, correcting deficiencies, and evaluating the results of the work performed. 18. What is the end result of FDICIA compliance? At the end of each reporting year management makes an assertion regarding the effectiveness of internal controls over safety and soundness and financial reporting. The auditors attest to this assertion. Management’s assertion and the auditors’ report are provided to the FDIC, the institution’s primary regulator and are available to the public. Those institutions which are also subject to Sarbanes-Oxley 404 are required to include in their annual report (i.e. 10-K) management’s assertion regarding internal controls over financial reporting, including disclosing any identified material weaknesses. The auditors must also attest to this assertion and that attestation must also be disclosed in the company's annual report. 19. Who regulates FDICIA Compliance and where can I get more information? FDICIA compliance is regulated by the FDIC. Additional information can be located at http://www.federalreserve.gov/boarddocs/speeches/2003/20030807 20. How do FDICIA and Sarbanes-Oxley section 404 interrelate? Sarbanes-Oxley Section 404 was modeled after FDICIA (FDICIA 112 is the specific rule) so both requirements share many common features. Both require that management evaluate and report on the effectiveness of a company’s internal controls on an annual basis. Both require the external auditors to attest to management’s assertion. They differ in two key areas. FDICIA is broader as it relates to internal controls over operating efficiency, financial reporting and compliance with laws and regulations. Sarbanes-Oxley Section 404 relates to controls over financial reporting only. The second key area where the regulations differ is in reporting. FDICIA requires reports to be filed with the FDIC and the institution’s primary regulator. Sarbanes-Oxley 404 requires that both management’s assertion and the auditor’s attestation be publicly disclosed in the annual report including any material weaknesses identified. A financial institution may be subject to both FDICIA 112 and Sarbanes-Oxley 404, they may be subject to one but not the other, or they may be subject to neither. Publicly traded financial institutions with assets greater than $1 Billion (USD) would be subject to both requirements. Financial institutions with assets greater than $1 Billion, but that are privately traded would be subject to FDICIA 112 only. Publicly traded financial institutions with assets under $1 Billion would be subject to Sarbanes-Oxley 404 only. Privately traded financial institutions with assets under $1 Billion would be subject to neither regulation. Strategically, financial institutions now implementing Sarbanes-Oxley 404 may want to consider complying with FDICIA 112 as well if it appears likely that they will exceed $1 Billion in assets in the near future. Your specific compliance requirements will depend on many factors and you should consult your primary regulators and your SEC counsel (if applicable) for definitive compliance determination. Please see our Sarbanes-Oxley 404 Compliance Tool and Sarbanes-Oxley 404 FAQ for more details. Tool Requirements Q&A 21. What do I need to Install the Tool? You will need Microsoft (R) Office XP (2002 or later) with the Word and Excel programs installed . The Tool uses Word and Excel files so the these programs must be available to use the Tool. The Operating system you use must be supported by Office XP (all recent Windows operating systems, see the Microsoft Office website for more information). The Tool uses Visual Basic scripts to perform automation task so you must enable Visual Basic scripts (instructions provided with the Tool on how to enable scripting). The Tool also requires about 200MB of disk space to allow for file storage and new file creation for each year of compliance. In addition, if you order the CD you will need a CD drive. 22. How do I install the Tool? The CD version is installed by copying the Tool directory into a directory you have permissions to create files. Instructions are provided with the CD. 23. What if I need the Tool in a hurry? We can provide a Rush delivery service for the CD version if you are in a hurry. If you select Rush delivery service, we will ship the package using a next-day delivery option as soon as your order has been received and processed. We will make every effort to ship your package as soon as possible with or without rush delivery. 24. What if I need additional help? We provide the Jump Start Edition for $3499 (USD) which includes the license fee and up to three hours of remote, email based consulting help. If you are interested, please see the FDICIA Jump Start page. Other Q&A 25. Do you provide Sample Systems? The product includes extensive samples along with an appropriate list of systems to help explain how to use the product for your company. See the Tool Demo PDF for an example of this sample output. However, we cannot know the specific systems and steps for your company without some detailed knowledge. We provide the Jump Start Edition for $3495 (USD) which contains a great number of pre-filled systems with risks but will require some customization to fit your institution's particular circumstances. If you are interested, please see the FDICIA Jump Start page. 26. Do you provide Checklists? The product documentation and templates contain detailed instructions on how to proceed with compliance. Following the instructions combined with professional judgement and knowledge of your company will produce an efficient the compliance effort. However, we do not provide generic checklists since they would be practically useless (and may even lead you down the wrong path) for your company. Beware of products that claim to provide checklists or canned systems to save you time. There are no shortcuts to effective compliance. 27. Tool Upgrades and Ongoing Support? The FDICIA Tool is sold for $1,799 per license and includes a contract covering ongoing maintenance, support and software upgrades/updates. This support agreement will be provided for the first year under the purchase price and we will bill $399 to your company annually in following years for support services and upgrades. The ongoing service fee for the Jump Start edition is $599 per year and includes up to three hours of remote, email based assistence. The support contract provided with the packge details the terms and how support requests will be handled. Upgrades and/or updates to the FDICIA Tool base will be provided by download free-of-charge to customers covered under this plan. Existing customers of our FDICIA Tool (purchased prior to July 1, 2007) can also purchase the support package receive the same benefits. These customers will simply need to pay the first year's contract fee and agree to the terms. FDICIA Jump Start and Service Q&A 28. What does the FDICIA Jump Start Edition include? The Jump Start Edition includes the following key items to save you implementation time:
The Jump Start Edition is intended to save you time but you are ultimately responsible to ensure that the settings and documentation you use in your compliance effort accurately matches your company. The service is intended to jump-start you into the compliance process and we strive to fill in as much information as possible. But the final details and testing along with the appropriate review can only be performed onsite. 29. How do I get Started with the FDICIA Jump Start Edition? You first purchase the FDICIA Jump Start Edition and complete, sign and mail the downloaded service contract to the address provided. After we receive this signed contract, we will ship the CD package to you (please allow 2-3 weeks for shipping). When you receive the CD package, you will copy the directory structure and files to your chosen drive (following the provided instructions). You will then edit the Templates to customize them for your company (including company name, address, etc.) and review the systems and planning documentation, adding any that may be specific to your company or industry. After you have reviewed and accepted the system list, you will review each system and assign risk scores to each risk identified under each step (most system have about seven or so steps). This risk scoring and assessment includes evaluation and review of the controls. After this review and edits for company particulars is complete, you then copy the customized and edited Templates for this compliance year and start your testing and remediation, if needed for any failed tests, leading to the final report on compliance. The enclosed documentation provides this information and additional details. 30. How do I buy the FDICIA Jump Start Edition and Service? The FDICIA Jump Start Edition costs $3499 (USD) plus $39.95 shipping and handling and consists of the Consulting Service and the Product Tool. Payment can be by PayPal or invoice. California sales will need to pay Sales Tax at 8.75% (CD delivery). To begin, simply send us an order form with a check and we will send the CD to you after we receive the complete and signed the consulting agreement (please allow 2-3 weeks for delivery). The license is per Company. Once you have purchased the Tool and the sign the consulting agreement, you own the license for it. Ongoing technical support services and updates are included with the annual maintenance package (the annual package is $599 per year and includes 3 hours of consulting help by email annually). After delivery, returns will only be accepted on unopened packages within 10 days of receipt, less shipping and handling. We're sorry but returns will not be accepted if the CD package has been opened. 31. How do I get Consulting Help for FDICIA and use of this Tool? After payment and the signed consulting agreement has been received, you will receive the CD package and a special email address for up to three hours of consulting time per year (continued annually under the maintenance package, invoiced on or about the purchase anniversary date). Email to this address will be reviewed and we will provide assistance up to three hours per annual period. Additional time is available at $150/hour and is billed under the consulting agreement terms. 32. What do I need to do once I receive the Tool? You will copy the files from the CD onto a working drive. The CD will have a customized quick start guide that you can follow to get started using the Tool for your compliance project. The guide will walk you through the initial phases of compliance and use of the Tool with the Jump Start templates. |
|
Financial Reporting Solutions
©2004,
2005. ProCognis, Inc. All Rights Reserved. Modified
May 23, 2011
Service
Agreement & Privacy Policy