BID® Daily Newsletter
Sep 17, 2012

BID® Daily Newsletter

Sep 17, 2012

FUNKY LAWS AND MORE EFFECTIVE INTERNAL AUDIT


There are many strange laws still on the books of states. We did some perusing and came up with a few curious oddities to get you wondering and introduce a little fun into your morning routine. For instance, it is against the law: to imitate an animal in Miami; to drive a car if you are blind in New York; to carry pliers in Texas; to put livestock on a school bus in Florida or to put tomatoes in clam chowder in Massachusetts. There must have been a reason to pass such laws at some point, but as in banking with all the regulations piling up, we think most would agree some are probably not all that necessary anymore. Perhaps it is time for an audit of all banking rules to determine whether any can go away to help reduce the weighty load pressing down on community bankers. Speaking of audits, the Basel Committee on Banking Supervision recently released a report on the internal audit function at banks. Since this body is supported by bank regulatory agencies worldwide, we think some of the findings could help community bankers. The report points out that a strong internal audit function (or externally hired to perform the function) must have "sufficient authority, stature, independence, resources and access to the board of directors." This is important not only to ensure the overall functioning of risk management is robust, but also to help protect the bank, so it is a best practice. Reviewing your process from a high level and auditing the audit process, can make sure your approach is operating at the highest level. Next, the report indicates internal audit teams must be "independent, competent and qualified." While this goes without saying, the fact it is reiterated in the report means regulators have found that this is not always the case. Whether your auditors are truly internal or externally hired to do this function, they need to understand your bank's own unique areas of operation. Then, be sure audit personnel are qualified to explore these areas based on expertise to be truly effective. As a best practice, make sure your management team has strong auditors around to support the process, challenge assumptions and stay on point to make sure everything functions effectively. Another area of focus by banking examiners is to understand that every activity (even if outsourced) and every entity of the bank falls within the scope of the internal audit function. That means no group, product, or service should be excluded from the audit process. This is all about working to make sure the bank continuously follows banking regulations and has strong risk management processes and systems. The audit team should report to the audit committee and it must not only have high integrity, but also have a plan broad enough to capture areas of potential risk. These are important components that all banks should incorporate into their overall process in this area. Finally, it is important to help all employees understand what auditors do and why they are at the bank. Many believe they are there to "catch" people doing bad things, so they sometimes are not well received. Helping employees understand their true function (ongoing maintenance and assessment of internal control, risk management and governance systems and processes), can open up lines of communication between departments and audit teams. This can be helpful, as employees will respond better when they understand auditors also have rules to follow and that there is a defined process. When audit teams work effectively, they surface areas of potential risk for bank management and provide ways to mitigate potential issues. Done well, issues can be surfaced long before they become major problems and the bank gets into trouble with examiners. No matter what set of laws, rules, procedures or processes you have to follow, having a good internal audit team will help.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.