Thread Options
|
#298057 - 01/04/05 08:03 PM
Compliance Officer vs. Internal Auditor
|
Platinum Poster
Joined: Sep 2003
Posts: 729
|
I am looking for banks similar in size and type to ours to tell me how their Compliance Department and Internal Audit Department works.
My bank is $160 million with 87 employees, 11 branches, 2 loan production centers, and 1 mortgage center. We have one Compliance Officer/Internal Auditor who handles all Deposit and Lending Compliance as well as auditing for all areas of the bank.
Is this how other banks handle these departments? If not, what are the responsibilities of the Compliance Officer and the responsibilities of the Internal Auditor?
Thanks for any help!
|
Return to Top
|
|
|
|
#298060 - 01/04/05 09:49 PM
Re: Compliance Officer vs. Internal Auditor
|
Platinum Poster
Joined: Sep 2003
Posts: 729
|
Pizzaz: Do you do internal audits and if so what all do you audit?
|
Return to Top
|
|
|
|
#298063 - 01/05/05 04:50 PM
Re: Compliance Officer vs. Internal Auditor
|
Gold Star
Joined: Oct 2003
Posts: 473
the Bat Cave
|
Just curious "mom," - I am the manager of the Loan Review Department. Exactly what do you audit in Loan Review? We have no transactional authority. Our check and balance is our annual safety and soundness FDIC & State exam. I just never really thought about Audit "auditing" my department - what do you look for?
|
Return to Top
|
|
|
|
#298065 - 01/05/05 06:01 PM
Re: Compliance Officer vs. Internal Auditor
|
Gold Star
Joined: Oct 2003
Posts: 473
the Bat Cave
|
Gottcha. I just wanted to know if I needed to suggest to my audit department that they include my department in their audit schedule to protect my behind!!! But since I am lending compliance also, we review loan files for everything from cash flow and appropriate grade to compliance with all laws and regulations. I also calculate the loan loss adequacy report which is reviewed semi-annually and validated by external auditors. Thanks for the reply. I hope your daughter is having a great day! (and you too!)
|
Return to Top
|
|
|
|
#298066 - 01/05/05 10:22 PM
Re: Compliance Officer vs. Internal Auditor
|
Anonymous
Unregistered
|
I would also be interested to know the difference in bank's compliance officer's role and the internal auditor's roles. Any help out there?
|
Return to Top
|
|
|
|
#298067 - 01/05/05 11:17 PM
Re: Compliance Officer vs. Internal Auditor
|
Anonymous
Unregistered
|
IMHO, the best use of a compliance officer is policy writing, staff training, compliance reviews (sampling and checking for regulatory compliance exceptions), and maybe most importantly help desk for everything regarding regulations (this could simply be a teller with a question about a customer sitting at their station all the way to state/federal legal matters the CEO is curious about). Also, cooridinating exams and government reporting (HMDA/CRA). The best use of an auditor is to perform audits using audit programs and keeping to a calendar approved/established by audit committee. The audits I am familiar with are typically more procedures inspecting and internal control weaknesses related. The auditor should be completely independent of operations (including policy writing) and should audit the compliance function of the bank. Also common for auditors is to include IT auditing.
Again this is simply my opinion and I would be the first to say there is no one right way and everything else is wrong. It depends a lot on the bank and their needs. The board owns the bank and it is their responsibility to address liability.
I would further say in my opinion auditors strive to minimize/reduce financial loss exposure to the bank. Compliance officers strive to minimize/reduce loss from regulatory compliance violation exposure (both potential lawsuit losses and potential governmental penalties).
At many if not most banks employees have to wear multiple hats. I have seen a recent survey that showed about 30% was both compliance and audit, about 30% was compliance and security, about 10% were soley compliance, and the other 30% wore compliance plus another hat besides audit or compliance.
|
Return to Top
|
|
|
|
#298068 - 01/06/05 12:23 AM
Re: Compliance Officer vs. Internal Auditor
|
Platinum Poster
Joined: Sep 2003
Posts: 729
|
Thank you for that last post - that was the information I was looking for as far as responsibilities for CO and IA, but I would still like to get more input from other banks what they do for IA and CO. Thanks!
|
Return to Top
|
|
|
|
#298069 - 01/06/05 12:34 PM
Re: Compliance Officer vs. Internal Auditor
|
10K Club
Joined: Sep 2002
Posts: 13,965
TN
|
I will tell you several years ago I audited the Loan Review function. I found where there were statements in the review that weren't true and brought it to management's attention. Unfortunately, the head of loan review was making short cuts and not obtaining annual statements, but still coming out with satisfactory reviews. It wasn't pretty.
_________________________
My Opinions Only
|
Return to Top
|
|
|
|
#298070 - 01/06/05 04:04 PM
Re: Compliance Officer vs. Internal Auditor
|
Diamond Poster
Joined: May 2004
Posts: 1,475
Big Brother knows and that's a...
|
We are approaching $300 Million in assets. We have 2 auditors, and a compliance officer- seperate from the audit function. 120 FTEs. The CO is only responsible for consumer compliance (go figure) and that is the only hat he wears. In my opinion money could be saved by combining the position with something else, maybe the security officer.
Last edited by jennyfromthebloc; 01/06/05 04:04 PM.
_________________________
My opinion is mine only- not my employer's!
|
Return to Top
|
|
|
|
#298072 - 01/07/05 05:22 PM
Re: Compliance Officer vs. Internal Auditor
|
100 Club
Joined: Jan 2005
Posts: 135
Sunny Florida
|
We are $325MM, 11 offices, 150 employees and I had been wearing Audit and Compliance hats until recently. We added a Loan Compliance officer and I still have Deposit Compliance. She also wound up with HR so I just quietly kept the Deposit Compliance. Progress is progress.
|
Return to Top
|
|
|
|
#298073 - 01/07/05 06:48 PM
Re: Compliance Officer vs. Internal Auditor
|
Gold Star
Joined: Oct 2003
Posts: 473
the Bat Cave
|
Either we are grossly overstaffed, or we are trying to control every aspect operations and human nature because we are at $320,000,000, 152 FTE staff, 6 locations and have an Internal Audit department with 3 (includes deposit compliance and IT security) and a Loan Review Department with 3 (which includes lending compliance, CRA & Freddie Mac quality control).
Last edited by beaten blind; 01/07/05 06:49 PM.
|
Return to Top
|
|
|
|
#298075 - 01/07/05 09:57 PM
Re: Compliance Officer vs. Internal Auditor
|
Gold Star
Joined: Jun 2004
Posts: 290
California
|
We are 1.1B, 14 branches, 280 employees. Compliance Officer/General Counsel w/ one assistant. All auditing is outsourced.
|
Return to Top
|
|
|
|
#298076 - 01/12/05 06:56 PM
Re: Compliance Officer vs. Internal Auditor
|
Anonymous
Unregistered
|
$200 million, 14 branches, 110 employees. Compliance officer - no auditing, Internal auditing - completes all internal audits, also outsource audits as a follow up to the Internal Auditor.
|
Return to Top
|
|
|
|
#298077 - 01/12/05 07:14 PM
Re: Compliance Officer vs. Internal Auditor
|
Member
Joined: Apr 2003
Posts: 79
southeast
|
$650 million, 21 branches, 300 employees, the Audit and Compliance Department is combined and consist of three people. Have separate BSA Officer, Security Officer,a CRA Officer (they wear additional hats). Compliance is monitored by Loan Operations and Deposit Operations. Some monitoring is done by the Audit/Compliance Department - we also audit for compliance so we have to be careful of who is responsible for which audit for independence purposes. We also outsource IT, Consumer Protection, and ACH audits - but we do some in-house auditing in these areas as well. This department was combined back in middle 2004 - seems to be working really well so far.
|
Return to Top
|
|
|
|
#298078 - 01/12/05 10:51 PM
Re: Compliance Officer vs. Internal Auditor
|
Anonymous
Unregistered
|
We are a $185 million bank. We currently have 95 employees. We have 1 CO and 1 IA. The CO also is BSA/CRA/HMDA/Sec Offcr. IA complete consumer audits, NDIP, ACH as well as Safety & Soundness type audits. We also outsource auditing 12-18 months as a checkback to the IA dept.
|
Return to Top
|
|
|
|
#298079 - 01/25/05 02:47 PM
Re: Compliance Officer vs. Internal Auditor
|
Anonymous
Unregistered
|
We are a $270 million bank with 11 branches. Our bank has 1 Compliance Officer, 1 Internal Audit and 1 Security Officer. CO is responsible for Deposit and Lending Compliance and is also the BSA officer. The Compliance Officer has been working with a retired employee to begin conducting compliance audits. I/A performs all other audits, including BSA, NDIP, Deposits, Loans, Maintenance Changes, Funds Transfer, Asset Liability Management, Safeguarding Customer Info, Investments, etc..
|
Return to Top
|
|
|
|
#298080 - 01/26/05 04:27 PM
Re: Compliance Officer vs. Internal Auditor
|
Gold Star
Joined: Feb 2002
Posts: 461
Mississippi River Valley
|
We have a BHC that owns 5-chartered banks, for a total of 18-branches and 350+ employees. In the BHC we have both a compliance dept and an internal audit dept and each dept is staffed with three persons. I am one of the BHC compliance staff. About 90% of the compliance reviews are done by the BHC compliance staff, the other 10% is outsourced. The audit reviews are about 75% done by BHC audit staff with the remaining 25% outsourced.
Within each of the bank charters is a CO, but most of them are in name only....... we are still trying to get them to be more involved within the compliance aspect, but that is an ongoing struggle since that is not their "main job". Each charter also has a CRA Officer, BSA Officer, etc. They may or may not be the same person.
_________________________
How long a minute is depends on what side of the bathroom door you're on.
|
Return to Top
|
|
|
|
#298081 - 02/03/05 05:08 PM
Re: Compliance Officer vs. Internal Auditor
|
Anonymous
Unregistered
|
I just currently took the job as compliance officer and internal auditor. We have not had this position before. Our compliance was divided out amongst different officers and out audits were outsourced. We are a $50 million bank and we have 2 branches and 35 employees. Do we need to do two risk assessments? One for compliance and one for audit? I would love any input.
|
Return to Top
|
|
|
|
|
|