Board review and approval of policies

Posted By: AuditorK

Board review and approval of policies - 12/29/08 07:52 PM

Is there any guidance as to what policies need annual review/approval by the Board of Directors? Currently we have roughly 35 policies that get approved every year during different months. I know the BSA policy for one must be approved annually. Can we change to only having most of our policies reviewed/approved by Board only when changes are made? This would result in much less burden.
Posted By: Sinatra Fan

Re: Board review and approval of policies - 12/30/08 02:09 PM

We have 34 policies that are reviewed/reapproved at least once every fiscal year. Various officers are responsible for writing and updating the policies.

While it would definitely be less work to review the policies only when a change is made, I believe that both our compliance auditor and our external auditor want us to review/reapprove every policy annually, whether or not it has been changed. I don't know if that is a regulatory requirement; it strikes me that it's more of a "best practice" recommendation.
Posted By: Dazed and Confused

Re: Board review and approval of policies - 01/07/09 05:34 PM

Here is an excerpt from the FDIC's Exam Manual:

Directors must provide a clear framework of objectives and policies within which executive officers operate and administer the bank's affairs. These objectives and policies should, at a minimum, cover investments, loans, asset/liability and funds management, profit planning and budgeting, capital planning, internal routine and controls, audit programs, conflicts of interest, code of ethics, and personnel. Specialty areas, such as the Bank Secrecy Act (BSA), Information Technology (IT), Trust Department activities, and consumer compliance should also be subject to similar appropriate oversight and internal guidelines.

(And don't forget policies related to information security standards.)