Sector: Financial Services
Client: Korean-America Bank, approaching $1 billion in total assets
Requirement: Risk Advisory
Location: Based in Los Angeles, US
Lead Partner: Rob Kastenschmidt 

A team approach to internal audit

Financial institutions are under sizable pressure to achieve efficiencies and manage margins whilst simultaneously dealing with a growing trend of increasing regulatory oversight and erosion of market share from non-bank competitors.

Key risks and issues facing this industry include the following: 

• Enterprise Risk Management/Assessment
• Strategy / M&A
• Anti-Money Laundering (AML)
• Internal Audit staffing shortages 
• Model Governance
• Cybersecurity & Privacy
• Compliance Management Systems (CMS)
• Information Technology
• Vendor and third party risk
• Credit Risk Management/Loan Quality
• Financial Reporting Control Testing

Increased domestic and international focus on these areas is crucial.

RSM was hired by the client to work alongside the internal audit manager, assisting with risk assessment, audit planning and a co-sourced execution of the annual internal audit plan under the oversight of the Bank’s audit committee.  

Collaboration towards shared goals

Each year the annual audit plan is updated based upon a regulatory-style risk assessment that is facilitated by RSM under the direction of the internal audit manager and with the approval of the Bank’s audit committee. The risk assessment has been used to set priorities for the audit plan and to allocate resources and determine financial budgets.

Work performed on a co-sourced basis by RSM under the direction of the internal audit manager each year routinely includes the following auditable units or events:

1. Risk Assessment
2. Accounting/Finance/Investments
3. Interest Rate Risk/Liquidity
4. Retail Branches – 4 locations – annual rotation
5. Central Operations
6. Loan Servicing/Note Department
7. Loan Review – 2 visits per year
8. Loan Loss Reserve
9. Human Resources/Payroll
10. BSA/AML independent testing
11. Consumer Compliance testing
12. Information Technology

Identifying emerging areas of risk

During the past year, changes in the Bank’s risk profile and ongoing communication with the client have allowed RSM to provide additional assistance and planning for emerging areas of risk including:

1. Testing related to a core accounting system conversion to validate newly established general controls
2. A new component to perform data validation on an AML model based upon increasing scrutiny from regulatory agencies
3. Vendor management governance processes due to increasing regulatory emphasis and the more complex structure of the Bank
4. SOX readiness due to increasing asset size and levels of capitalization including a potential new public offering

Ongoing communication, responsiveness, industry knowledge and thought leadership produced an outcome that has allowed RSM to serve as a business advisor to the client to address strategic considerations within the context of the overall control environment commensurate with the Bank’s successful growth in size and complexity.
 

For more information on how we can help your business, please contact: [email protected]