Your whole institution depends on this: Why conducting regular general ledger certifications is a big deal

Your general ledger isn’t just essential to the day-to-day functioning of your financial institution. It’s also foundational to your financial reporting.

So why do many institutions neglect to regularly certify their general ledgers for accuracy? Keep reading to learn more about why regular certification is so important, plus how a risk-based approach to certification can protect your institution from regulatory challenges and even concrete financial harm.

What is the general ledger certification process?

During a general ledger certification, you’ll assess the accuracy of your general ledgers by reconciling each ledger. The goal is to see to it that all balances, debits and credits are correct.

• A general ledger certification is meant to establish confidence that your ledgers are in good working order, and so must be carried out by individuals who are independent from your accounts (has no authority, ability to write tickets or post entries).
• The independent certifiers can work for your financial institution, but certification is also frequently carried out by third-party audit and accounting firms.
• A certification team should include both preparers and reviewers to help ensure accuracy. Each individual involved in this process must know your internal controls and standards.
• In some cases, institutions may have to do a general ledger certification due to regulatory challenges or financial malfeasance, but you can also choose to do proactive certifications as a risk management measure.

Why is general ledger certification a major risk management issue?

General ledger certification may be an obscure compliance process, but it also protects the wellbeing of your entire financial institution. Inaccuracies in your general ledgers directly impact the quality of your financial reporting and can lead to downstream challenges with regulators, investors or your board. Ledger issues can also be used to facilitate financial crimes.

If you don’t regularly certify your general ledgers, the risks include:

• Reporting and compliance problems: Ledger errors don’t stay confined to your ledger. Mistakes or anomalies carry through to your financial reporting, affecting your call report and other audited or non-audited financial statements.
• Clearance account write-offs: Without carefully reviewing your general ledgers, it’s easy to not notice when money remains in wash (clearance) accounts for extended periods of time, leaving your institution exposed to unexpected write-offs.
• Financial crimes like embezzlement: General ledger manipulations can be used to facilitate financial crimes like embezzlement or other misappropriations of funds, but you may not realize without regular reviews.
• Existential risk: Problems with your general ledger can be costly, with the price tag sometimes reaching into the millions when financial crimes are involved. This can be enough to sink smaller financial institutions.
• Team burnout: The certification process is an involved one, so even if your institution conducts regular reviews, you risk turnover and burnout if the workload exceeds your team’s capacity.

Protect your financial institution by taking a risk-based approach to general ledger certification

Financial institutions can take either a compliance-based or a risk-based approach to managing compliance risks. A compliance-based strategy involves diligently following compliance rules, while a risk-based approach also takes additional steps beyond what regulations may call for.

The benefit of focusing on risk is that you can deliver ROI by helping your institution avoid fines, penalties, exposure to financial crimes, reputational damages or other challenges you might otherwise incur if you don’t actively seek to manage your institutional risk level. It also tends to go over well with regulators, who love to see risk-based compliance strategies in place.

While not part of FDICIA requirements for any financial institution regardless of asset size, a risk-based approach would suggest doing a certification at least once every few years, as well as whenever you add new services or switch core technology vendors.

What does a risk-based certification approach actually look like?

Financial institution CEOs who want to reduce their risk of regulatory issues and bolster board confidence should pursue a risk-based approach to general ledger certification. Here are the basic action steps:

1. Think proactively

Don’t wait until there’s a problem to do a certification. Instead, be proactive by planning to do a certification at least once every few years, as well as anytime you change your core systems, products or services.

Taking a proactive approach here won’t just help you avoid compliance-related expenses down the road. It’s also usually less costly than doing a certification in response to pressure from regulators.

2. Choose to go in-house or work with an accounting firm

Depending on the size of your institution, you may have the internal capabilities to tackle a general ledger certification on your own. Everyone involved in the work needs to be independent from your accounts, and you need to fill both preparer and reviewer roles.

However, smaller or mid-market financial institutions will often struggle to find the right people internally, so many institutions will bring in an audit and accounting firm to conduct the certification on their behalf.

3. Complete the certification process

Key elements to a general ledger certification process include creating a timeline, establishing the scope of the work, reviewing all balances, debits and credits, doing a reconciliation to check for errors or other red flags and conducting interviews.

All this work will then result in a summary report of the findings. In many ways, this process is similar to an audit, although the result is not a formal attestation.

How Wipfli can help

We regularly conduct general ledger certifications for our clients and advise financial institutions on compliance, risk management and growth. Let’s talk about your goals and how we can help you achieve them. Start a conversation.

Read more

• Should your financial institution now offer student loans?
• How to mitigate ransomware attacks on financial institutions
• Disparate impact shifts create risks for financial institutions