Our consultants help institutions with the internal audit process:

  • Planning and developing an internal audit function from staffing analysis and audit charter development to implementation.
  • Enterprise-wide risk assessment, audit plan development, and plan execution including documentation of findings and audit report presentation.
  • Targeted audits of processes and transactions to identify needed improvements that effectively mitigate risk
  • Tracking and follow-up on previously identified control issues to ensure their timely and adequate resolution
  • Audit committee and board of directors presentations on audit results

Compliance Audits

One of the key components of an effective compliance management system (CMS) is an independent audit of the CMS. The objective of an independent compliance audit is to ensure the CMS is operating as intended and to assess the effectiveness, accuracy, and timeliness of compliance controls and processes. Recommendations for improvement provided by our consultants are practical, sustainable, and will strengthen compliance performance. In addition to a full review of the CMS and regulations applicable to a client’s products and services, we have performed targeted compliance reviews in the following areas:

  • Consumer Deposit & Lending Regulations
  • Consumer Deposit Products/Services
  • Loan Origination & Servicing
  • Anti-Money Laundering/Bank Secrecy Act
  • Website Review – Advertising

Operational Audits

Ongoing assurance of the effectiveness of the control environment and risk management processes is imperative to well-run, high-performing institutions. Through review of policies and procedures, interviews of key personnel, and observation we will assess the completeness of existing procedures and the effectiveness of related controls in mitigating risks inherent in daily execution of activities. Substantive testing is performed to verify that procedures and controls are operating as intended and practical and sustainable recommendations are provided to prevent issues from recurring. The functional areas typically covered in an operational audit are tailored to the type of institution and include the following:

  • Deposit & Loan Operations
  • Secondary Marketing
  • Branch Operations
  • Accounting
  • Asset Liability Management
  • Funds Management – Investments
  • Payroll/Human Resources
  • Wire Transfer
  • Third-Party/Vendor Management
  • MERS® System Audits

Audit Function Development

Deciding to establish an internal audit function is a turning point in an organization’s growth and governance structure. We have advised and assisted with implementation of the internal audit function at many institutions. The good news is management has some flexibility on structure of the function, which should be commensurate with the organization’s size and complexity. Although the institution has ultimate responsibility for internal audit activities, results of audits, and corrective actions, management can decide how those activities are executed. Our consultants work with clients on a number of different solutions including full outsourcing or various co-sourcing arrangements.

  • Internal Audit Charter and Function Development
  • Risk Assessment & Internal Audit Plan Development
  • Audit Committee/Board Presentations

Representative Engagements

  • Anti- Money Laundering (AML) – audited the AML program for a money services business and reviewed its risk assessment for adequacy and completeness
  • Audit Co-Source – developed an audit charter, performed an audit risk assessment, provided a multi-year internal audit plan, and completed the audit plan
  • Bank Secrecy Act (BSA)/Anti-Money Laundering (AML) – completed numerous audits for all types of clients
  • Compliance Management System (CMS) – audited the CMS and consumer lending practices for a money services business
  • Internal Audit Plan Development and Risk Assessment – assisted many clients with implementation of an internal audit function which meets regulatory, investor, state, and CFPB requirements
  • Mortgage Electronic Registration Systems, Inc. (MERS®) Independent Audit – for multiple servicers, we have performed unbiased evaluation of the servicer’s procedures for complying with MERS® rules and requirements
  • Mortgage Electronic Registration Systems, Inc. (MERS®) System to System Reconciliation – reconciled the servicer’s System of Record to the MERS® System
  • Mortgage Operations Audit – completed independent assessment of mortgage and home equity operations
  • Truth in Lending and RESPA Integrated Disclosure (TRID) Compliance Monitoring – performed quarterly monitoring and made recommendations of operational enhancements to the bank’s processes

View Engagements