BofI Holding (BOFI)

Item 9A. Controls and Procedures

Evaluation of Disclosure Controls and Procedures

Our management, under supervision and with the participation of the Chief Executive Officer and the Chief Financial Officer, evaluated the effectiveness of our disclosure controls and procedures, as defined under Exchange Act Rule 13a-15(e). Based upon this evaluation, the Chief Executive Officer and Chief Financial Officer concluded that, as of June 30, 2008, the disclosure controls and procedures were effective to ensure that information required to be disclosed in the Company’s Exchange Act reports is recorded, processed, summarized and reported within the time periods specified in the Securities Exchange Commission’s rules and forms.

Management’s Report On Internal Control Over Financial Reporting

Our management is responsible for establishing and maintaining adequate internal control over financial reporting, as defined under Exchange Act Rules 13a-15(f) and 14d-14(f). Our internal control over financial reporting is designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles.

All internal control systems, no matter how well designed, have inherent limitations and may not prevent or detect misstatements. Therefore, even those systems determined to be effective can only provide reasonable assurance with respect to financial reporting reliability and financial statement preparation and presentation. In addition, projections of any evaluation of effectiveness to future periods are subject to risk that controls become inadequate because of changes in conditions and that the degree of compliance with the policies or procedures may deteriorate.

Management assessed the effectiveness of the Company’s internal control over financial reporting as of June 30, 2008. In making the assessment, management used the criteria issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) in Internal Control-Integrated Framework. Based on its assessment, management concluded that, as of June 30, 2008, the Company’s internal control over financial reporting was effective to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles.

Changes in Internal Control Over Financial Reporting

There have been no changes in our internal controls over financial reporting that occurred during our most recent fiscal quarter that has materially affected, or is reasonably likely to materially affect, our internal controls over financial reporting.

This annual report does not include an attestation report of the Company’s registered public accounting firm regarding internal control over financial reporting. Management’s report was not subject to attestation by the Company’s registered public accounting firm pursuant to the temporary rules of the Securities and Exchange Commission that permit the Company to provide only management’s report in this annual report.

Item 9A. Controls and Procedures

Evaluation of Disclosure Controls and Procedures

ITEM 4. CONTROLS AND PROCEDURES

The Company’s management, with the participation of its Chief Executive Officer and Chief Financial Officer, conducted an evaluation of the effectiveness of the design and operation of the Company’s disclosure controls and procedures, pursuant to Exchange Act Rule 13a-15(e). Based upon that evaluation, our Chief Executive Officer along with our Chief Financial Officer concluded that, as of the end of the period covered by this report, the Company’s disclosure controls and procedures were effective to ensure that information required to be disclosed by the Company in reports that it files or submits under the Exchange Act is recorded, processed, summarized and reported within the time periods specified by the Securities and Exchange Commission’s rules and forms.

There were no changes in the Company’s internal control over financial reporting identified in connection with the evaluation referred to above that occurred during the quarter that have materially affected, or are reasonably likely to materially affect, the registrant’s internal control over financial reporting.

The Company’s size dictates that it conduct business with a minimal number of financial and administrative employees, which inherently results in a lack of documented controls and segregation of duties within the Company. Management will continue to evaluate the employees involved and the controls procedures in place, the risks associated with such lack of segregation and whether the potential benefits of adding employees to clearly segregate duties justifies the expense associated with such added personnel. In addition, management is aware that many of the internal controls that are in place at the Company are undocumented controls. The Company is working to document these controls and take other steps required to be in compliance with Section 404 of the Sarbanes –Oxley Act of 2002 as of June 30, 2008, the Company’s deadline under current implementing rules and regulations.

The Company believes that a control system, no matter how well designed and operated, cannot provide absolute assurance that the objectives of the control are met and no evaluation of controls can provide absolute assurance that all control issues and instances of fraud, if any, within a company have been detected.

31

Table of Contents

PART II—OTHER INFORMATION

Item 9A. Controls and Procedures

(a) As of the end of the period covered by this annual report, our management concluded its evaluation of the effectiveness of the design and operation of our disclosure controls and procedures. As of the end of the period, our President and Chief Executive Officer and our Chief Financial Officer concluded that we maintain disclosure controls and procedures that are effective in providing reasonable assurance that information required to be disclosed in our reports under the Securities Exchange Act of 1934 is recorded, processed, summarized and reported

47

Table of Contents

within the time periods specified in the SEC’s rules and forms, and that such information is accumulated and communicated to our management, including our President and Chief Executive Officer and our Chief Financial Officer, as appropriate, to allow timely decisions regarding required disclosure. Management necessarily applied its judgment in assessing the costs and benefits of such controls and procedures, which, by their nature, can provide only reasonable assurance regarding management’s control objectives.

(b) During the evaluation referred to in Item 9A(a) above, we have identified no change in our internal control over financial reporting that occurred during our last fiscal quarter that has materially affected, or is reasonably likely to materially affect, our internal control over financial reporting

The Company’s size dictates that it conducts business with a minimal number of financial and administrative employees, which inherently results in a lack of documented controls and segregation of duties within the Company. Management will continue to evaluate the employees involved and the controls procedures in place, the risks associated with such lack of segregation and whether the potential benefits of adding employees to clearly segregate duties justifies the expense associated with such added personnel. In addition, management is aware that many of the internal controls that are in place at the Company are undocumented controls. The Company is working to document these controls and take other steps required to be in compliance with Section 404 of the Sarbanes –Oxley Act of 2002 within the timeframes permitted by such Act and the implementing rule and regulations.

The Company believes that a control system, no matter how well designed and operated, cannot provide absolute assurance that the objectives of the control are met and no evaluation of controls can provide absolute assurance that all control issues and instances of fraud, if any, within a company have been detected.

Item 9A. Controls and Procedures

(a) As of the end of the period covered by this annual report, our management concluded its evaluation of the effectiveness of the design and operation of our disclosure controls and procedures. As of the end of the period, our President and Chief Executive Officer and our Chief Financial Officer concluded that we maintain disclosure controls and procedures that are effective in providing reasonable assurance that information required to be disclosed in our reports under the Securities Exchange Act of 1934 is recorded, processed, summarized and reported

47

Table of Contents

within the time periods specified in the SEC’s rules and forms, and that such information is accumulated and communicated to our management, including our President and Chief Executive Officer and our Chief Financial Officer, as appropriate, to allow timely decisions regarding required disclosure. Management necessarily applied its judgment in assessing the costs and benefits of such controls and procedures, which, by their nature, can provide only reasonable assurance regarding management’s control objectives.

(b) During the evaluation referred to in Item 9A(a) above, we have identified no change in our internal control over financial reporting that occurred during our last fiscal quarter that has materially affected, or is reasonably likely to materially affect, our internal control over financial reporting

The Company’s size dictates that it conducts business with a minimal number of financial and administrative employees, which inherently results in a lack of documented controls and segregation of duties within the Company. Management will continue to evaluate the employees involved and the controls procedures in place, the risks associated with such lack of segregation and whether the potential benefits of adding employees to clearly segregate duties justifies the expense associated with such added personnel. In addition, management is aware that many of the internal controls that are in place at the Company are undocumented controls. The Company is working to document these controls and take other steps required to be in compliance with Section 404 of the Sarbanes –Oxley Act of 2002 within the timeframes permitted by such Act and the implementing rule and regulations.

The Company believes that a control system, no matter how well designed and operated, cannot provide absolute assurance that the objectives of the control are met and no evaluation of controls can provide absolute assurance that all control issues and instances of fraud, if any, within a company have been detected.

(a) As of the end of the period covered by this annual report, our management concluded its evaluation of the effectiveness of the design and operation of our disclosure controls and procedures. As of the end of the period, our President and Chief Executive Officer and our Chief Financial Officer concluded that we maintain disclosure controls and procedures that are effective in providing reasonable assurance that information required to be disclosed in our reports under the Securities Exchange Act of 1934 is recorded, processed, summarized and reported within the time periods specified in the SEC’s rules and forms, and that such information is accumulated and communicated to our management, including our President and Chief Executive Officer and our Chief Financial Officer, as appropriate, to allow timely decisions regarding required disclosure. Management necessarily applied its judgment in assessing the costs and benefits of such controls and procedures, which, by their nature, can provide only reasonable assurance regarding management’s control objectives.

47