The Federal Reserve and the other financial institutions regulatory agencies published on February 9, 2006, the attached Advisory to address safety and soundness concerns that may arise when financial institutions enter into external audit contracts (typically referred to as "engagement letters") that limit the auditors' liability for audit services. The Advisory informs financial institutions that it is unsafe and unsound to enter into engagement letters for audits of financial statements, audits of internal control over financial reporting, or attestations on management's assessment of internal control over financial reporting which include provisions that (1) indemnify the external auditor against all claims made by third parties, (2) hold harmless or release the external auditor from liability for claims or potential claims that might be asserted by the client financial institution (other than claims for punitive damages), or (3) limit the remedies available to the client financial institution (other than punitive damages).
The Advisory is effective for audit engagement letters executed on or after February 9, 2006. The Advisory does not apply to previously executed engagement letters. However, the agencies encourage any financial institution subject to a multi-year audit engagement letter containing unsafe and unsound limitation of liability provisions to seek to amend its engagement letter to be consistent with the Advisory for periods ending in 2007 or later.
This letter and the attached guidance should be distributed to state member banks, bank holding companies, and foreign banking organizations supervised by the Federal Reserve as well as to supervisory and examination staff. Questions pertaining to this letter should be addressed to Terrill Garrison, Supervisory Financial Analyst, (202) 452-2712 or Nina Nichols, Assistant Director, (202) 452-2961.