I'm curious and looking for some guidance/examples that I can share with management on how other privately-held $1B banks are meeting the requirements of FDICIA Part 363, specifically related to management's assessment "of the effectiveness of such internal control structure and procedures as of the end of such fiscal year." I equate this essentially to management's SOX 404 testing for a public entity, but am curious as to how other private banks have approached meeting the FDICIA Part 363 requirements - what risks/controls have been identified for testing, how tested, by whom, how often, etc... I would greatly appreciate any assistance!