More than 40 percent of banking institutions that must adhere to the Federal Deposit Insurance Corp. Improvement Act within the next year are behind schedule for compliance.

That’s according to a new poll conducted by the Philadelphia-based CPA firm Baker Tilly Virchow Krause.

“These results show the need for institutions to start FDICIA compliance preparation at least 18 months to two years prior to reaching the $1 billion threshold,” Sherrie Krowczyk-Mendoza, a partner in Baker Tilly’s financial services risk, internal audit and cybersecurity practice, said in a statement. “A FDICIA readiness implementation plan over this period of time will allow banks to more effectively and efficiently prepare for the additional FDICIA requirements, providing time to conduct testing of risk control matrices and ensure they accurately reflect the key financial reporting controls.”

Financial institutions that exceed $500 million and $1 billion in asset level as of Jan. 1 of any given year must comply with FDICIA. Once banks hit $500 million, they must complete audited financial statements, auditor independence, management reports, auditor reports and audit committee composition.

Once banks hit $1 billion in assets, they must enhance their audit committee composition and management reports, and also put in place internal controls over their reporting.

“During this implementation timeframe, communication among key business process owners, executive management, audit committee and external audit is essential to the process,” James Jarret, the director of Baker Tilly’s financial services risk, internal audit and cybersecurity practice, said in a statement. “More time upfront building out the RCMs and communicating provides more accurate FDICIA testing processes to prevent surprises in the outcome.”