Services

Internal Auditing and Planning

Internal auditing is an independent, objective assurance and consulting activity, intended to add value and improve a Bank’s operations by implementing a systematic, disciplined, analytic approach. The objectives of the audit are to evaluate and improve the effectiveness of existing Risk Management, Control and Governance processes. Internal Auditing provides value to both governing bodies and Senior Management and can be a catalyst for improving a Bank’s effectiveness and efficiency by providing informed insights, as well as near and longer-term planning recommendations.

Organizational Risk Assessment

An organization’s overall risk assessment considers the risks associated with all identified business activities of a banking organization. Management input is included within the parameters of the analysis. The process involves the identification and assignment of a risk score and rating (high, moderately-high, moderate, low) for each business activity. After all activities have been identified and rated, they are individually ranked according to their overall risk score.

Money Laundering and Terrorism

We assist with issues surrounding government compliance requirements regarding BSA (Bank Secrecy Act), Anti-Money Laundering (AML), Countering the Financing of Terrorism (CFT) and OFAC (Office of Foreign Assets Control). We are able assess the Bank’s AML/CFT Program and provide recommendations should improvement be needed related to the five pillars or other controls areas within the Bank’s Program. We can also perform periodic Systems Validations as expected by the regulators.

Consumer Compliance

Lending and Operations Compliance today goes well beyond the consumer and the Consumer Credit Protection Act. Compliance is now a bank-wide issue and applies to commercial, as well as consumer, accounts and businesses. In our role as Compliance Auditors, we make sure that Commercial Loan files are included within our overall Audit, that regulators’ and legal requirements are addressed and that compliance responsibilities, risks and deficiencies are thoroughly examined.

Electronic Banking and FedLine Audits

We can review security and controls for Electronic Banking activities including Online Banking, Cash Management and Wire Transfers to ensure that they meet regulatory requirements and expectations. The ability to transfer funds makes Electronic Banking one of the highest risk areas in most community Banks. Without putting adequate oversight and controls in place, the safety and soundness of a Bank could be in great jeopardy. We make recommendations to Senior Management about implementing appropriate controls and system settings

Interest Rate Risk and A/L Management

Asset/ Liability Management (ALM) and Interest Rate Risk (IRR) are key areas of potential risk that need to be monitored closely by Banks and financial institutions. Both Net Interest Income (NII) and Economic Value of Equity (EVE) can be greatly impacted by changes in market rates or volatility of said rates. So using a robust and accurately calibrated IRR model is critical to strategically operating a Bank or financial institution. We test to ensure the model is predictively accuracy, so we independently “backtest” it and review the associated assumptions to ensure they are reasonable and compare well to Peer and regulatory expectations. We also evaluate the Bank’s ALM/ IRR policies/ procedures, policy limits and compare them to Peers to ensure that they conform to industry standards and regulatory expectations.

Note Operations and Loan Servicing

We assess and evaluate the controls associated with loan boarding controls, documentation monitoring, changes to rates/ risk ratings and all others aspects of the loan servicing of the Bank credit portfolio. Ensuring that the loans are properly reflected in the Bank’s records, monitored and report in accordance with accounting standards and regulatory requirements.

Corporate Disaster Contingency Planning

A serious incident can occur at any time, one that can prevent sustaining normal business operations. We can develop plans that can be implemented during and after a disaster that will mitigate the consequences of a severe business disruption. Incidents can range from natural disasters such as floods and fires to serious computer systems malfunctions or information security breaches. We understand how to help clients recover in the minimum amount of time with minimum disruption and cost, but this requires careful preparation and planning for both the disaster and the recovery.

Centralized/Corporate, Regional, Branch Operations

An overall review of corporate operations, which is all basic actions undertaken to enhance an organization’s basic business interests, profits, assets, etc., can be performed. These reviews typically include examining day-to-day operations and specific services or facilities offered by individual branches, regional groups and/or at the corporate level.

Wealth Management/ Trust/ Fiduciary Services

We provide consulting in the areas of Wealth Management/Trust Administration and Operations, investment Management and Trust Systems to support our client organizations’ priorities, whether they are involved in Personal or Institutional Asset Management, or both.

ACH Operations

We can ensure that an institution’s Automated Clearing House Network’s processing and delivery system is providing for the most efficient distribution and settlement of electronic credits and debits and that all is in compliance according to NACHA Operating Rules.

Information Technology and Systems Analysis

We can provide security and compliance analysis for various forms of information distribution technologies, including but not limited to the storage, retrieval, transmission and manipulation of electronic data via IT core systems, computers, computer networks and servers, computer clouds and other telecommunications devices. Using FFIEC guidelines we review the IT controls over access, distribution, reporting and recovery of the Bank’s information systems. Information security is a key aspects of this assessment and review.

Network Security, Internet Banking, Web Site Controls

We can analyze the provisions and policies that have been put into place for an institution’s Network Administrator(s) to follow. This includes monitoring and preventing unauthorized access, misuse, modification or denial of a computer network and network-accessible resources. Authorization of access to data in a network is key. Securing the network, as well as protecting and overseeing all operations, is the focus of our work in this area of security analysis.

Vulnerability Assessments/ Cybersecurity/ Social Engineering

Vulnerabilities are identified through the use of both internal and external vulnerability reviews and assessment scans. An Internal Vulnerability Assessment performs a complete scan of the internal network, detects all known vulnerabilities and generates a report. An External Vulnerability Assessment analyzes the integrity of perimeter security, validating the firewall configuration to determine if the possibility exists for attacks via the protocols currently allowed through the firewall. These comprehensive reviews then result in recommendations for securing a network, as well as protecting and overseeing the operations being performed.


A comprehensive suite of Social Engineering is offered like email attacks (phishing) and voice attacks (vishing) to assess the integrity of the human aspects of the Bank’s technology and systems.

GLB Act Compliance

The Gramm-Leach-Bliley Act requires financial institutions to explain their information-sharing practices to their clients and customers, as well as to safeguard sensitive data. We can step in and provide a risk assessment overview and information security program evaluation that will ensure all provisions of the Act are being met and communicated clearly to the customer-base.A comprehensive suite of Social Engineering is offered like email attacks (phishing) and voice attacks (vishing) to assess the integrity of the human aspects of the Bank’s technology and systems.

Our comprehensive Credit Review Program includes performing the following analyses and review:

  • Credit Quality Assessments and Risk Grade Assignments
  • Credit Policy Evaluations
  • Adequacy of Loan Documentation
  • Condition/Covenant Compliance
  • Evaluation of ALLL Methodology/Adequacy
  • Credit Concentration Analysis/CRE “Stress Testing”