Presentation is loading. Please wait.

Presentation is loading. Please wait.

June 15, 2011 3:30 – 5:00 PM Presented by: Catherine Bruder, CPA.CITP, CISA, CISM, CTGA O PERATIONAL B RANCH A UDITS.

Similar presentations


Presentation on theme: "June 15, 2011 3:30 – 5:00 PM Presented by: Catherine Bruder, CPA.CITP, CISA, CISM, CTGA O PERATIONAL B RANCH A UDITS."— Presentation transcript:

1 June 15, :30 – 5:00 PM Presented by: Catherine Bruder, CPA.CITP, CISA, CISM, CTGA O PERATIONAL B RANCH A UDITS

2 Overview  Branch Audits  Planning  Risk Assessment  Audit Program  Security  Compliance 2

3  Branch Audits – nothing has changed in 50 years!  Everything has changed!  Survey Operational Branch Auditing © Doeren Mayhew3

4  Select a branch  Random, loss based, activity based, etc.  Gather Permanent File  Branch organizational chart  List of key personnel and duties  List applicable policies and procedures  List of forms and/or reports used by the branch  List of applicable laws and regulations Planning

5  Policies and procedures  Determine if the branch has current documented policies and procedures for the CU  Determine if branch personnel are aware of the policies and procedures  Are the policies and procedures adequate? Planning

6  Perform a risk assessment  Identify risks Cash and cash items ATM’s Money orders, cashier checks, travelers checks, instant issue plastic cards Keys and combinations Safe deposit boxes Night depository Security Compliance Risk Assessment

7  Conduct a walkthrough Interview key personnel Do they understand the risk? Do they understand the policy? Communicate with Finance Any outstanding concerns with the branch? Communicate with Operations Inspect the premises Doors and windows Video surveillance Insecure procedures Risk Assessment

8  Branch basics  Cash counts  Policies & procedures  Over and short reporting  Branch limits  Cashier’s checks, travelers checks, money orders  Compliance postings  Safe deposit boxes  Security  Adjust the audit program to address the risks identified in the planning process Audit Program

9  Document the branch operation in a narrative  Determine if the current operations reflect compliance with credit union policy and procedure  Identify key controls Branch Processes

10  Cash Count – Surprise or No Surprise  Control the cash – Vault cash, drawers, ATM canisters and cash dispensers. Arrive prior to normal hours  Inspect compartments, drawers, etc. for unusual items.  Verify cash limits are maintained  Obtain vault cash record and balancing sheet Cash Counts

11  Keep vault supervisor present throughout the count  Inquire the number of cash compartments  Count cash  Strapped cash and rolled coin  Loose currency and change  Bait money Trace to schedule, schedule should be under dual control Watch for ‘stale dates’ on strap of bait money, change bait at least monthly  Compare totals and reconcile any differences  Report differences immediately to the appropriate supervisor Cash Counts

12  Obtain teller over and short records for the last months  Determine if disciplinary action was taken  Look for patterns such as  Short just before pay day or vacation  Watch for large overs that correct themselves Over and Short

13  Dual control  Observe the following vault processes and compare to documented procedures  Opening process  Deposit and withdrawal procedures  Access during business hours “The Money Cart”  Vault closing Vault Security

14  Observe that teller cash is maintained under separate control of the one and only assigned teller  Observe that keys are maintained in the personal possession of the assigned teller at all times  Cash drawers are locked and the key removed  Test whether a teller key will open any other teller drawers (in the presence of the head teller)  Ensure that teller cash is counted and securely stored at the end of day Cash Controls

15  Interview personnel regarding procedures for handling counterfeit currency  Secret Service – “Know Your Money” Counterfeit Currency

16  Inventory stock is stored in a secure location under dual control  Inventory of unissued stock by serial number is maintained  Physical inventory is performed at least monthly  Working stock controlled  Last issued inventory recorded  Locked at night  Greater than $10k requires CTR Cashier Checks, Money Orders, Travelers Checks

17  Observe access to the compartment is under dual control  Register of bags/envelopes received is under dual control  Register is adequately completed including  Account number  Amount and number of all deposits  Bag number  Initials of two tellers  Controls over keys/combination  Sample test deposits  Ascertain that any bags held overnight containing valuable are recorded and secured  Sample night depository contracts  Signed and on file Night Depository

18  Unrented boxes  Sample test keys to ensure keys are maintained under dual control  Newly rented boxes  Sample boxes rented within the last months Member identification and contract is obtained Contract is signed and dated by member and employee All blank lines in the contract are canceled in ink to prevent adding unauthorized names Identification of the renter has been verified Safe Deposit Boxes

19  Visits  Register identifies employee that provided access  Member signature compared with the contract  Proper identification is provided by the member  Date and time is recorded  Area is checked after the member leaves to ensure no items or documents are left  Delinquent boxes  Procedures are followed to ensure collection Safe Deposit Boxes

20  Start-up or access cards are maintained under dual control  Cash and envelopes should be counted under dual control  Deposits should be verified to the audit tape, initialed and dated by both employees  ATM proving is periodically rotated  Captured cards should be destroyed under dual control ATM

21  Cards are locked and stored under dual control – working and stock  Card stock logged and inventoried  PIN encoding equipment is secured  During working hours and after ATM Cards

22  Obtain the number of wire transfers, greater than $2,000 (or similar amount based upon risk tolerance) originated by branch  Wire transfer form is completed properly  Fee was collected  Transaction was processed from members account  Originator’s account number, name, address, etc.  Recipient’s name, account number, financial institution name and address, etc. Wire Transfers

23  Interview VP of Lending  Errors  Low/high close rates  Determine delinquency and charge-offs by branch  Observe procedures  Interview staff regarding policies and procedures Loan Documentation

24  Identify any exceptions noted in the BSA audit attributable to branch activity  Modify audit program  Conduct a BSA assessment at the branch  Verify branch employees receive annual training Bank Secrecy Act

25  Identify the number of Currency Transaction Reports (CTRs) filled by branch  Determine the number of CTR errors for each branch  Ensure CTRs are stored appropriately  Identify the number of Suspicious Activity Reports (SARs) by branch  Review wire transfers >$10k originated at branch CTRs and SARs

26  Inspect work areas  Confidential, sensitive member information  User IDs or Passwords  Evaluate user access profile  “Too few staff, I need more access”  Segregation of duties  Social engineering  Security awareness Information Security

27  Ensure branch employees receive training  Robbery and security  BSA  GLBA – Information Security  Compliance  Operational  New procedures  New products Training

28  Combinations  Vault, drawers, lockers, etc.  Segregation The same person shouldn’t control both combinations  Combinations are changed at least once every 2 years even if the custodian has not changed  Observe vault gate is kept closed (if applicable) Control over gate key  Keys are kept under dual control  Including the spares Security

29  Video/DVR  Checked daily to ensure Proper coverage Time/date Clear picture/image  Maintained under management control  Clean desk policy  Inspect working areas for sensitive or confidential information Security

30  Observe opening procedures  Inspection of premises  Signal to other employees – all clear  Observe closing procedures  All currency, negotiable instruments, valuables, etc. are secured  No unauthorized persons are present  Doors and windows are secured  Video/DVR is working  Alarm is set  Conduct a physical security audit Security

31  Evacuation Plans - Interview and verify that a written evacuation plan exists, containing:  Designated emergency assembly area, with diagram  Designated employee positions to act as evacuation personnel  Procedures for rapidly securing the institution's facilities, assets, and records  Telephone numbers to notify emergency-service agencies.  Emergency-notification telephone numbers for all employees.  Verify individuals demonstrate knowledge and proficiency in emergency-activation procedures Security

32  Verify initial disclosures are available to the members in the branch  Ensure the branch is providing Truth in Savings Act disclosures before opening the account  Expedited Funds Availability Act postings in the lobby  NCUA posting  Home Mortgage Disclosure Act  Equal Housing Lender  U.S. Patriot Act  Inspect Labor Posting requirements  Federal (FMLA, EEO, ADA, OSHA, etc.)  State Compliance

33  Communicate with the branch manager  Validate initial findings and recommendation  Review the management responses and discuss with the manager  Communicate target dates for remediation Reporting

34  Deposit accounts overdrawn for more than 30 days, including dollar amount and volume (number of accounts)  New accounts opened  Fees waived  Transactions per full-time equivalent (FTE) employee  Statements mailed to branches  Security alarm reports  HR turnover ratio by branch  Identify the number of member complaints by branch Other Metrics by Branch

35  Reassess audit program  Rotate procedures  Document a rotation schedule for the next audit period  Document follow-up procedures Audit Program

36 Q UESTIONS ? © Doeren Mayhew,

37 755 West Big Beaver Road Suite 2300 Troy, Michigan Thank You! 2603 Augusta Drive Suite 1100 Houston, Texas Catherine Bruder, CPA.CITP, CISA, CISM, CTGA Director, Financial Institutions Group Office: (248) Cell : (248)

38 Services 38 Financial Institutions Group  Audit  Mergers & consolidations  Information technology assurance  Vulnerability assessments  Penetration testing  Member business loan review  Commercial loan consulting  Internal audit co-sourcing  Loan loss & delinquency control systems  CUSO consulting  Regulatory compliance services


Download ppt "June 15, 2011 3:30 – 5:00 PM Presented by: Catherine Bruder, CPA.CITP, CISA, CISM, CTGA O PERATIONAL B RANCH A UDITS."

Similar presentations


Ads by Google