Audit and Risk Committee Charter
Audit and Risk Committee Charter of the Board of Directors, Federal Reserve Bank of St. Louis
Effective December 5, 2024
Purpose
The purpose of this Charter is to define the role and responsibilities of the Audit and Risk Committee (the Committee) of the Board of Directors of the Federal Reserve Bank of St. Louis (the Bank). The primary purpose of the Committee is to assist the Board of Directors (the Board) in fulfilling its responsibility to ensure management achieves organizational objectives while maintaining an effective system of internal control and risk management. The scope of this effort includes oversight of the audit and risk processes with a focus on internal and external financial reporting; the effectiveness and efficiency of operations; compliance with applicable laws, regulations, policies and procedures; and the safeguarding of assets. To promote independent and objective assessments, the General Auditor reports directly to the Board through its Audit and Risk Committee. The General Auditor must not be dependent on any Bank executive or operating officer for the security of his or her position. The Committee must take care to ensure that the General Auditor has access to the Committee, on a confidential basis, and the internal audit function is independent of Reserve Bank management, both by intent and in actual practice.
Organization
The Committee will consist of three or more members of the Board, appointed as provided in the Bank's Bylaws. The Chairman of the Board is an ex-officio member and may also participate in all Committee meetings and deliberations. No member will have any relationship that, in the opinion of the Board, would interfere with the exercise of his or her independent judgment as a member of the Committee. All members of the Committee will have a working familiarity with basic finance and accounting practices.
Meetings
The Committee will meet at least once per calendar quarter and will hold executive sessions with the General Auditor at each meeting without members of Bank management present. Meetings may be held more often at the discretion of the Committee Chairman. Following each meeting, the Committee Chairman shall report on the Committee’s activities, discussions, and decisions to the Board of Directors of the Bank.
Primary Responsibilities
Internal Audit
- Hold regular meetings to permit adequate and timely discussions of audit results, losses and irregular occurrences, and other matters of concern to the auditors and directors, and to hold an executive session with the General Auditor whenever other officers of the Bank attend audit committee meetings.
- Participate in discussions with the General Auditor and senior management about the “essential conditions,” described in the Global Internal Audit Standards, which establish the foundations that enable an effective internal audit function.
- Obtain from the General Auditor an independent and objective assessment of the (1) adequacy and effectiveness of the controls over financial reporting, (2) effectiveness and efficiency of operations, and (3) compliance with laws and regulations at such regular meetings and at other times as necessary.
- Ensure the General Auditor has unrestricted access to and communicates and interacts directly with the Committee, including in private meetings without senior management.
- Recommend to the Board of Directors the appointment and termination (including separation payments) of the General Auditor, and to concur with any reassignment of the General Auditor to another position in the Bank.
Termination, and Reassignment of General Auditors, provides guidance on communications that should occur between the chair of a Bank's Board of Directors and the chair of the Board's Committee on Federal Reserve Bank Affairs about changes in the General Auditor position. - Collaborate with senior management to determine the qualifications and competencies the Bank expects in a General Auditor, as described in the Global Internal Audit Standards. Also, formally evaluate the performance of the General Auditor, following guidelines set forth by the Reserve Bank for evaluating the performance of other officers.
- Review and approve an annual internal audit program that provides for audits for which the scope and frequency are reasonably expected to ensure an appropriate level of audit attention and to coordinate with any external audit conducted at the direction of the Board of Governors. Receive communications from the General Auditor about the internal audit function including performance against the plan.
- Make appropriate inquiries of senior management and the General Auditor to determine whether scope and resource limitations are inappropriate.
- Review and approve an annual internal audit resources and budget that is sufficient to carry out an effective audit program, to review performance against budget, and to determine whether any significant variances from existing System and Reserve Bank guidelines are justified.
- Review the Bank’s annual financial statements including any certification, report, opinion, or review rendered by the external auditor.
- Review the adequacy of management's internal controls that contribute to appropriate financial reporting and management’s assertion, and the external auditor’s attestation as to the adequacy of controls over financial reporting.
- Bring before the Board of Directors any matters reported by the Board of Governors, General Auditor, or external auditors that warrant the Board's attention, and to ensure audit recommendations and concerns receive proper attention by Bank management.
- Establish procedures for (1) the confidential, anonymous submission by employees of complaints and concerns regarding questionable accounting, internal accounting control, or auditing matters; and (2) the receipt, retention, and treatment of such complaints and concerns.
External Audit
- Review the engagement plan of the external auditor for the Bank’s annual financial statement audit and the results of that audit including any difficulties encountered and review management’s assertion and the external auditor’s attestation as to the adequacy of financial reporting controls.
- Provide sufficient opportunities for the internal auditor and external auditor to meet with the Audit Committee without members of management present to discuss matters of mutual interest and benefit to the organization. At least annually, meet with the external auditor in executive session without management or the General Auditor present.
- Ensure the independence of the external auditor
- Approve any arrangements to perform services for the Bank by the external auditor ensuring that such arrangements would not impair the independence of the external auditor.
- Review and approve any employment in a management position of any individual who provided external audit services to the Bank within the past year noting that this also requires the Board of Governors approval.
- Review the annual list of all contractual arrangements with the external auditor that is included in the Bank’s annual report.
- Inform the Board of Governors of any material concerns regarding the independence of the external auditor or the quality of the external audit.
- Provide any requested information for the Board of Governors on the selection process of the external auditor including evaluation criteria for selecting the external auditor, contract scope and the recommendation of the selected audit firm.
Risk Management
- Assist the Board of Directors in its oversight of the Bank’s enterprise risk management framework.
- At least annually, review and recommend to the Board for approval the Bank’s enterprise risk framework and risk appetite statements, metrics and tolerance, and provide oversight to management’s adherence to the Board risk tolerance statements.
- Review significant enterprise risk exposures, risk management strategies, results of risk management reviews and assessments, and emerging risks.
- Review changes to business practices or new business initiatives that may significantly impact the enterprise risk profile, the achievement of the Bank’s business strategy or the ability to operate within the Board’s risk appetite.
Other Responsibilities
- Review with the Bank's ethics officer significant issues related to administration of the Bank's ethics program.
- Obtain approval of the Audit and Risk Committee Charter, and any substantive changes to the Charter, from the Board of Directors, and review and update the Charter at least annually, or as conditions dictate.
- Review and approve the Charter for the Audit Department at least annually, or as conditions dictate.
- Conduct an annual assessment of the performance of the Committee's duties and report that assessment as well as the results of the Charter review to the Board of Directors.
- Review and approve proposed contracts for non-audit services with the entity (including affiliated entities) that provides audit services to the Bank or renders an opinion on the financial statements of the Bank. In considering proposed contracts, the Committee will consider such factors as it deems relevant, including (to the extent such information is available to it) other Federal Reserve Bank or Board of Governors’ contracts with the entity. The Committee shall not be required to review or approve a System contract managed by or entered into on behalf of this Reserve Bank by another Reserve Bank, other System entity or the Board of Governors.
- Perform, or direct performance of, any other activities consistent with this Charter, the Bank’s Bylaws, Board of Governors’ rules and regulations, and governing law, as the Committee or the Board of Directors deems necessary or appropriate.