Loading...
compliance

Credit Union Supervisory Committee Annual Audit Checklist

Annual supervisory committee audit checklist for credit unions to verify internal controls, reconciliations, required testing, and follow-up in one documented review.

Fill it now — Free Get Started
Customize with AI → Live preview →

Trusted by frontline teams 15 years of frontline software AI customization in seconds

Built for: Credit Unions · Financial Services · Member Owned Cooperatives

Overview

This template is an annual supervisory committee audit checklist for credit unions. It is built to document the committee’s review of internal controls, financial reporting, required testing, and corrective action follow-up in a format that can be retained as audit evidence.

Use it when the committee needs a repeatable way to show that it reviewed segregation of duties, system access, board oversight, policies, reconciliations, sample testing, and exception handling. The checklist also helps capture whether trial balances tie to the general ledger, bank reconciliations are timely, regulatory reports are accurate, and sampled loans, shares, disbursements, and transfers are properly authorized.

Do not use this template as a substitute for a full external audit opinion or for specialized reviews outside the committee’s scope, such as cybersecurity penetration testing or a forensic investigation. It is also not the right tool if your institution needs a one-off incident report; this template is designed for the recurring annual audit cycle and for documenting routine control testing. If prior findings are unresolved, the checklist should be used with a clear remediation tracker so the committee can show what was fixed, what remains open, and who owns each action.

Standards & compliance context

  • This checklist supports supervisory committee oversight expectations commonly associated with NCUA audit guidance and credit union governance practices.
  • The internal control and reporting sections align with general financial control principles used in ISO 9001-style audit discipline, even though the template is credit-union specific.
  • If your credit union handles cash-intensive operations or money movement, the sample testing should reflect documented approval, authorization, and exception handling controls expected under sound financial governance standards.
  • Regulatory report review should be adapted to the filings and reporting obligations applicable to your credit union’s charter, products, and exam profile.
  • The template is not a substitute for legal, accounting, or external audit advice, and it should be used alongside approved policies and the institution’s audit plan.

General regulatory context for orientation only — verify current requirements with counsel or the relevant agency before relying on this template for compliance.

What's inside this template

Inspection Details

This section establishes the audit period, reviewer, scope, and prior findings so the rest of the checklist has a clear audit trail.

  • Audit period documented (weight 2.0)

    Enter the audit period covered by this review (for example, fiscal year or quarter range).

  • Reviewer identified (weight 2.0)

    Enter the name or role of the supervisory committee member, internal auditor, or reviewer completing the checklist.

  • Scope includes internal controls, financial reporting, and required testing (critical · weight 3.0)

    Confirm the audit scope covers internal control review, financial reporting, and required testing under NCUA Part 715.

  • Prior audit findings reviewed (weight 3.0)

    Confirm prior findings, exceptions, and open corrective actions were reviewed before fieldwork began.

Governance and Internal Control Review

This section checks whether the control environment is designed and operating well enough to prevent or detect errors, misuse, and fraud.

  • Segregation of duties is adequate for cash, posting, and reconciliation functions (critical · weight 4.0)

    Verify incompatible duties are separated or compensating controls are documented and operating effectively.

  • Access to core systems is restricted by role and reviewed periodically (critical · weight 4.0)

    Confirm user access is role-based, approved, and periodically recertified for core processing and financial systems.

  • Board and committee oversight minutes document review of financial and audit matters (weight 3.0)

    Verify minutes reflect review of audit results, exceptions, material risks, and management responses.

  • Policies and procedures are current and approved (weight 3.0)

    Confirm key policies supporting lending, deposits, cash handling, reconciliations, and reporting are current, approved, and accessible.

  • Exception monitoring identifies unresolved control breakdowns (critical · weight 4.0)

    Verify exception reports, overrides, and unusual transactions are monitored and escalated when thresholds are exceeded.

  • Fraud prevention and whistleblower reporting channels are available (weight 3.0)

    Confirm members and employees have a documented method to report suspected fraud or control concerns.

Financial Reporting and Reconciliations

This section verifies that the credit union’s financial records, reconciliations, and regulatory reporting are accurate and timely.

  • Trial balance agrees to the general ledger (critical · weight 4.0)

    Confirm the trial balance ties to the general ledger and any reconciling items are explained and approved.

  • Monthly bank reconciliations are completed and reviewed timely (critical · weight 4.0)

    Verify bank reconciliations are prepared each month, reviewed by an independent person, and supported by documentation.

  • Aging of outstanding reconciling items is acceptable (weight 3.0)

    Enter the number of days of the oldest unresolved reconciling item.

  • Financial statements are prepared in accordance with approved accounting policies (critical · weight 4.0)

    Confirm financial statements reflect approved accounting policies and consistent classification of assets, liabilities, income, and expenses.

  • Material variances are investigated and documented (weight 3.0)

    Verify significant month-to-month or budget-to-actual variances are explained, supported, and reviewed by management.

  • Regulatory reports are submitted accurately and on time (critical · weight 3.0)

    Confirm required reports, including call reports or other applicable regulatory filings, are complete, accurate, and submitted by deadline.

Required Testing and Sample Review

This section captures the hands-on testing that proves controls work in practice across cash, loans, deposits, and payment activity.

  • Cash counts performed and reconciled to records (critical · weight 4.0)

    Verify cash counts were performed and compared to the general ledger or subsidiary records with differences investigated.

  • Loan sample tested for authorization, documentation, and approval (critical · weight 4.0)

    Review a representative sample of loans for proper approval, required documentation, and adherence to lending policy.

  • Share and deposit accounts tested for accuracy and member authorization (critical · weight 4.0)

    Verify sampled share and deposit accounts are accurately maintained and supported by appropriate account authorization.

  • Disbursements and expense approvals tested (weight 3.0)

    Confirm sampled disbursements were properly approved, supported by invoices or receipts, and coded correctly.

  • Wire transfers and ACH activity reviewed for authorization and exception handling (critical · weight 4.0)

    Test sampled wire and ACH transactions for dual control, authorization, and documented exception review.

  • Sample size documented (weight 2.0)

    Enter the number of transactions or accounts sampled during this audit.

Exceptions, Corrective Actions, and Sign-Off

This section turns findings into accountable follow-up by documenting deficiencies, owners, responses, and final approval.

  • All deficiencies documented with severity and owner (critical · weight 4.0)

    Record each deficiency or non-conformance with a clear description, severity, responsible owner, and due date.

  • Corrective actions assigned and tracked to closure (critical · weight 4.0)

    Confirm corrective actions are assigned, dated, and tracked until verified complete.

  • Management response obtained for material exceptions (weight 2.0)

    Verify management provided a written response for material issues and the response was reviewed by the committee.

  • Inspector signature (weight 3.0)

    Signature of the reviewer completing the supervisory committee audit checklist.

How to use this template

  1. 1. Enter the audit period, reviewer name, and scope at the top of the checklist, and attach any prior-year findings that must be rechecked.
  2. 2. Walk through the governance and internal control section first, recording evidence for segregation of duties, system access review, board oversight, current policies, exception monitoring, and fraud reporting channels.
  3. 3. Complete the financial reporting section by tying the trial balance to the general ledger, reviewing bank reconciliations, checking aging items, and noting any unexplained variances or late regulatory filings.
  4. 4. Perform the required sample testing for cash, loans, shares, deposits, disbursements, wires, and ACH activity, and document the sample size and the evidence used for each test.
  5. 5. Record every deficiency with a severity level, assign an owner and due date for corrective action, and obtain management responses for material exceptions before sign-off.

Best practices

  • Document the evidence reviewed for each line item instead of marking items complete without support.
  • Flag any unresolved reconciling item older than your policy allows as a deficiency, not a routine note.
  • Test a sample that reflects your actual risk areas, including high-dollar transfers, dormant accounts, and recent system changes.
  • Review board and committee minutes for evidence of challenge, follow-up, and approval, not just attendance.
  • Separate control failures from cosmetic issues so critical audit findings are easy to track and escalate.
  • Photograph or attach source records at the time of review when the evidence could be altered later.
  • Track corrective actions to closure with dates, owners, and verification of completion before the audit is closed.

What this template typically catches

Issues teams running this template most often surface in practice:

Segregation of duties is weak because the same employee can post transactions, reconcile accounts, and approve adjustments.
Bank reconciliations are completed late or contain stale reconciling items with no documented follow-up.
Trial balance totals do not tie cleanly to the general ledger, or the tie-out is not retained with the workpapers.
Loan files in the sample are missing approval evidence, required documentation, or clear authorization for exceptions.
Share and deposit testing shows member authorization gaps, posting errors, or unsupported account changes.
Wire transfer or ACH activity lacks documented review of unusual activity, dual approval, or exception handling.
Prior-year findings remain open with no owner, due date, or management response recorded.
Regulatory reports were filed, but the reviewer cannot show how accuracy and timeliness were verified.

Common use cases

Supervisory Committee Chair
Use this checklist to document the annual committee review, capture evidence for board oversight, and show how prior findings were tracked to closure. It helps the chair present a clean audit package to the board and examiners.
Credit Union Controller
Use the template to prepare reconciliations, trial balance tie-outs, and sample support before the committee review begins. It gives the controller a clear list of records the committee will expect to see.
Internal Audit Coordinator
Use this as the working paper structure for annual control testing across cash, loans, deposits, and disbursements. It helps standardize evidence collection and keeps findings organized by severity and owner.
Board Audit Liaison
Use the checklist to brief the board on audit scope, unresolved exceptions, and remediation status. It creates a concise record of oversight that can be referenced in board and committee minutes.

Frequently asked questions

What does this supervisory committee annual audit checklist cover?

It covers the annual review areas expected in a credit union supervisory committee audit: internal controls, financial reporting, reconciliations, required sample testing, and exception follow-up. The checklist is structured to document what was reviewed, what was tested, and what deficiencies were found. It is designed for a supervisory committee or external reviewer working from a repeatable audit trail.

Who should use this checklist?

This template is intended for a credit union supervisory committee, internal audit function, or an independent reviewer supporting the committee. It is especially useful when the committee needs a standardized way to document annual oversight of controls and financial reporting. If your credit union uses a separate external audit, this checklist can still support committee oversight and follow-up tracking.

How often should this audit checklist be used?

The primary use is annual, matching the supervisory committee audit cycle. Some credit unions also use it as a working checklist during interim reviews so year-end testing is easier to complete. If prior findings are recurring, it can be reused quarterly for follow-up until the corrective actions are closed.

Does this template align with NCUA requirements?

Yes, it is built to support credit union supervisory committee audit expectations and minimum audit procedures guidance, including the oversight themes commonly associated with NCUA Part 715. It does not replace legal or regulatory advice, but it helps the committee document the review areas regulators expect to see. You can adapt it to your institution’s audit scope and approved policies.

What are the most common mistakes this checklist helps catch?

Common issues include weak segregation of duties, stale reconciling items, unsupported journal entries, and missing evidence that exceptions were reviewed. It also helps surface incomplete sample testing, such as loan files without authorization support or deposit activity without member approval evidence. Another frequent gap is failing to track corrective actions to closure after the audit.

Can we customize the sample testing section?

Yes, and you should. The sample review section can be adjusted for your product mix, delivery channels, and risk profile, such as adding remote deposit capture, shared branching, or card controls if those are material. Keep the core structure intact so the checklist still shows what was tested, how many items were sampled, and what exceptions were found.

How does this differ from an ad-hoc audit worksheet?

An ad-hoc worksheet often captures findings, but it usually does not create a consistent annual record of scope, testing, exceptions, and sign-off. This template gives the supervisory committee a repeatable format that supports governance, follow-up, and comparison year over year. That makes it easier to show that the committee reviewed the right areas and tracked remediation.

What should be attached to the completed checklist?

Attach supporting workpapers such as bank reconciliation evidence, trial balance tie-outs, sample selections, loan and deposit testing results, and management responses to exceptions. If your committee reviews board minutes or policy approvals, include references or copies of those records as well. The goal is to make the checklist traceable without forcing a reviewer to reconstruct the audit later.

Related templates

Inspections

ISO 27001 Annex A Evidence Collection Log

Track ISO 27001 Annex A evidence in one place so each control has a current artifact, a named own...
Inspections

Internal Loan Review Audit

Internal Loan Review Audit template for sampling loans, checking underwriting support, file compl...
Inspections

FDIC/NCUA Examination Preparation Request Package Checklist

Use this checklist to assemble an FDIC or NCUA examiner request package with the right board mate...
Inspections

Supporting Document Verification and Identity Check Checklist

Use this checklist to verify borrower identity, income, assets, liabilities, and lender-specific ...
Inspections

Contact Center Clean Desk Compliance Audit

Use this contact center clean desk compliance audit to verify agent stations are clear of paper, ...
Forms

Access Provisioning Request and Approval Form

Request and approve access to a system, role, or resource with business justification, security r...
Sop

AWS Resource Tagging Standard Operating Procedure

This AWS Resource Tagging Standard Operating Procedure template helps teams verify tagging rules,...
Hr Policy

Acceptable Use of Technology Policy

An Acceptable Use of Technology Policy for company devices, networks, email, messaging, social me...

Go deeper on the topic

Related concepts
  • Predictive Scheduling Law
    Predictive scheduling laws — also called fair workweek laws or secure scheduling — require employers in covered industries to publish employee schedules...
  • Overtime Calculation
    Overtime calculation is the process of applying federal, state, local, and contractual rules to hours worked to determine the correct pay — including...
  • Near-Miss Reporting
    A near-miss is an event that could have caused injury or damage but didn't — a slip that didn't fall, a load that shifted but didn't drop, a machine that...
  • Lockout/Tagout
    Lockout/tagout (LOTO) is the procedure for controlling hazardous energy — electrical, hydraulic, pneumatic, mechanical, thermal, chemical — before...
Related guides

Ready to use this template?

Get started with MangoApps and use Credit Union Supervisory Committee Annual Audit Checklist with your team — pricing built for small business.

Get Started Customize with AI
Ask AI Product Advisor

Hi! I'm the MangoApps Product Advisor. I can help you with:

  • Understanding our 40+ workplace apps
  • Finding the right solution for your needs
  • Answering questions about pricing and features
  • Pointing you to free tools you can try right now

What would you like to know?

AI-generated responses may not be 100% accurate