Sioux Falls, S.D.-based Meta Financial Group Inc. identified a material weakness in the controls of the Crestmark division, which the company acquired in August 2018.
Meta Financial said there were several deficiencies related to inappropriate user access specific to information technology applications used by the division and a lack of completeness of certain review procedures. These issues included untimely completion of user access reviews on certain systems, users having access rights beyond what is needed and cases where user access was not appropriately added or removed from certain systems.
The company clarified that the deficiencies did not result in any inaccuracies in its financial statements following the acquisition.
Keefe Bruyette & Woods analysts Michael Perito and Adela Dashian wrote Aug. 7 that it was not surprising Crestmark's IT controls were not up to Meta Financial's standards, considering it was a smaller and privately held institution. Their opinion is that Meta Financial will not encounter major roadblocks in solving the issue as it integrates Crestmark's operating platform. The analysts still rate the company at "outperform."
Meta Financial also disclosed that it is implementing a remediation plan to address the material weakness. Under the plan, the company is re-evaluating IT governance and controls, updating procedures related to access management and training IT personnel. The company is also making sure review procedures at Crestmark are being performed with complete populations of data. Meta Financial's management believes that the remediation efforts will be completed in the fourth quarter.
The company pointed out that the success of the plan will need to be backed by evidence, and failure could result in material misstatements to its consolidated financial statements.