<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">
Audit Findings

2020’s Top 6 Audit Management Blogs

December 31, 2020 | Posted by Michael Berman
Clock Image
8 Minute Read

In 2020 Ncontracts launched Nverify, our automated audit management solution. This key addition to our suite of solutions means that Ncontracts’ customers are able to eliminate manual processes from the three lines of defense and enjoy more robust risk management.

We also expanded our audit content, digging into best practices for everyone from audit novices to the most experienced internal auditors. Today we give you our top six audit management blog posts from 2020.

1. 5 Must-Have Elements of an Effective Audit Program
Here’s a reason internal auditors are called the third line of defense. They ensure your financial institution’s operations are safe and compliant.

But how do you know your defense is strong enough? Regardless of whether your financial institution (FI) has an internal audit function or uses an audit firm, an audit program needs these five key elements.

2Internal Audit 101: Audits vs. Compliance Reviews
What’s the difference between an audit and a compliance review? Both an audit and a compliance review require expertise. Both help surface systemic issues. But there are several key differences that clearly separate the two.

3. Improve Your Audit Plan With 5 Key Risk Management Principles
Internal auditors don’t have an easy job. There’s more work to be done than can realistically be accomplished, and it can be hard to figure out where an audit plan should begin. 

That’s why internal auditors need to view their audit plans with a risk management mindset. Risk management is all about prioritizing. It identifies areas that require the most attention so that the necessary resources can be allocated.  

How does an internal auditor apply risk management to the audit plan? It starts with a simple question: What are you trying to accomplish?

january webinar examiners 2021  

4. Does Your FI Need an Audit Committee?
Are audit committees a regulatory requirement or just a best practice? It depends on the size and type of your financial institution.

Banks and credit unions have different regulatory requirements and expectations for their audit and supervisory committees. Institution size can also impact expectations for how audit committees are composed.

Where do you fit in? Read on to find out which regulations and audit committee formation apply to your FI.

5. Internal Audit Failures Costs JP Morgan $250 Million
JP Morgan Chase Bank is on the hook for a $250 million civil money penalty after the Office of the Comptroller of the Currency (OCC) found the bank failed to maintain adequate internal controls and internal audit over its fiduciary business—an unsafe or unsound practice.

What exactly went wrong? 

6. Audit Management Is Evolving. Are You Keeping Up?
Audit programs have been predictable and formulaic for most of banking’s history. FIs have conducted the same audits at the same time every year, adding new types of audits as needed.
In a world that moved at a relatively slow pace, that worked just fine. The board was able to glean the information it needed to assess risk and make strategic decisions.

It doesn’t work anymore. The COVID-19 pandemic is the latest in a long line of events that have demonstrated that the business-as-usual audits of years past are no longer the effective tools they once were. Today’s dynamic operating environment requires a different approach to audit management to effectively inform and guide the board’s strategic decision making and allow it to function as close to real-time as possible.

This necessitates four key changes in audit programs.

Michael Berman

Michael Berman

Michael Berman is the founder and CEO of Ncontracts, a leading provider of risk management solutions. His extensive background in legal and regulatory matters has afforded him unique insights into solving operational risk management challenges and drives Ncontracts’ mission to efficiently and effectively manage operational risk.