Skip to Main Content

The Banc Investment Daily

October 19, 2017
Information contained herein is based on sources we believe to be reliable, but its accuracy is not guaranteed. Customers should rely on their own outside counsel or accounting firm to address specific circumstances. This document cannot be reproduced or redistributed outside of your institution without the written consent of PCBB. Copyright 2017. PCBB Capital Markets is a subsidiary of PCBB. All securities are offered through PCBB Capital Markets.

Compliance Monitoring & Internal Audit

If your bank is anything like ours, you have about 1 or 2 audits going on every single month. Some are large audits and some are small, but they generally seem to be continual. To name just a few, banks have operational, financial, regulatory compliance, information technology and a host of other audits every single year. Perhaps that is why PwC research finds 48% of stakeholders want the internal audit function to be a trusted advisor to the business.

If yours is like most banks, you have limited resources to devote to compliance monitoring and audits. One consideration may be to have both the compliance plan and the internal audit plan cover the same areas to the same degree. As long as compliance covers high-risk areas, internal audit might be able to simply review those results vs. recreating them.

This approach can save banks time and money. It also saves time for compliance and audit teams, as well as for the departments they examine. Without coordination, for example, your bank's compliance department might do a detailed testing of compliance in the first quarter. That brings an unavoidable amount of disruption. Then the same department might face yet more upheaval in the third quarter, when it's the subject of an internal audit. The same department is disrupted twice, productivity drops and value added is probably minimal.

When one department gets double attention, other areas may get none at all. If both compliance and internal audit decide that fair-lending compliance is a high-risk area, for instance, they may both investigate it while ignoring another area for an entire year.

Certainly, internal audit has to stay independent, as they scrutinize high-risk areas without regard to whether the compliance department is examining the same areas. However, internal audit can perform a high-level review of the compliance department's work, rather than reinvent that work.

An annual audit plan for the compliance department might begin with an audit of the management program as a whole, including the compliance monitoring program. That audit might determine the program's overall effectiveness and identify areas that need more attention in the detailed audit plan. Once internal audit is happy with the program, the audit plan might primarily target specific compliance risks and examine the entire compliance management program perhaps on a rotating basis.

The amount of coverage each business line or area of regulation gets depends on how effective the planning may be. Thinking about areas of risk first, targeting those the most and then rotating around others that might not be as risky is a good way to leverage resources in general.

Obviously another area of focus that is low hanging fruit revolves around prior issues from exams or other audits. Cleaning these up is critical to staying on top of changing regulations and it can also serve to highlight ongoing risks.

Finally, any good audit program should respond to both the timing and the intensity of monitoring efforts. Some audits can focus more on transactional testing and sampling, while others can go much deeper as needed (based on risk).

Leveraging your scarce resources as you monitor the impact of audit activities on various groups around the bank is very important to keep things balanced.

Bank News

M&A Activity: Midland States Bank ($4.5B, IL) will acquire Alpine Bank & Trust Co ($1.3B, IL) for about $181mm in cash (18%) and stock (82%) or about 1.72x tangible book.

User Audits: One Identity, an identity and access management firm, surveyed 900 IT security professionals on user account audits. They found 25% said they audit these accounts annually and 2% never audit these accounts.

Mobile Surge: PwC's Digital Banking Survey finds 60% of smartphone users say they use mobile banking in some way vs. 36% who said so 5Ys ago.

PayPal Growth: PayPal is now worth $83B vs. $47B when it was spun off from eBay 2Ys ago. This puts it over American Express in market cap and getting close to Morgan Stanley and Goldman Sachs.

Customer Experience: Clarabridge research finds banks that rank in the top 100 for customer experience excellence have a 163% higher growth rate than other banks.

Strategic Priorities: An EY survey of global banks finds the top 3 strategic priorities at the largest banks are: simplifying or restructuring business operations or legal entities (43%), developing partnerships with industry disruptors or fintech companies (39%) and developing partnerships or joint ventures with other financial organizations (24%). While these may not all apply to community banks, they are interesting to track nonetheless for possible future clues.

Smaller Homes: According to Capital Economics Ltd., the size of an American home has decreased for the first time in 30Ys to 2420 sq. ft. after peaking in 2015 at 2520 sq. ft. This is attributed to the shrinking of homebuilder margins due to a shortage of labor and land.

Lending Impact: Driverless cars could be on CA roads by June 2018 as the state joins AZ and FL with streamlined rules in this area. The cars would be completely driverless and be allowed to pick up passengers.

Economy & Rates

Yesterday: Yields jumped up 5bp as the Beige Book indicated moderate economic growth and continued tightness in the labor market.

CECL Webinar: Critical Steps for Success | Oct 26

Where do I start with CECL? Join PCBB as we discuss the critical steps in getting started with this new accounting standard along with its important nuances. Register