Skip to content
BOL Conferences
Thread Options
#80062 - 05/13/03 09:12 PM Risk Assessment
Anonymous
Unregistered

Could someone give me guidance on how to start the risk assessment procedure. I am with a community bank with $535 million in assets and 8 branches. I am new to audit and need help starting. I have a basic background in branch audits but not much else. I was told that FDIC would be here in September and am now "worried" to say the least....any help would be greatly appreicated. thanks.....

Return to Top
Audit
#80063 - 05/13/03 10:44 PM Re: Risk Assessment
rlcarey Offline
10K Club
rlcarey
Joined: Jul 2001
Posts: 83,628
Galveston, TX
Are you referring to a general risk assessment for indentification and prioritization of your audit programs or are you referring to creating appropriate documentation for compliance with FDICIA (since you may have just crossed the $500MM barrier)?
_________________________
The opinions expressed here should not be construed to be those of my employer: PPDocs.com

Return to Top
#80064 - 05/14/03 01:14 PM Re: Risk Assessment
Anonymous
Unregistered

I would be happy to share my risk model with you e-mail me at "sriley@fnbl.com" with your address. Steve

Return to Top
#80065 - 05/14/03 08:25 PM Re: Risk Assessment
Anonymous
Unregistered

Both really. I have already established that I will start with basic branch audits quarterly but it ALL the other areas that I am concerned about. How do I know how often to audit different areas of the bank? I've been told that FDIC will be here in August....Any suggestions would be greatly appreicated....thanks

Return to Top
#80066 - 05/15/03 02:07 AM Re: Risk Assessment
rlcarey Offline
10K Club
rlcarey
Joined: Jul 2001
Posts: 83,628
Galveston, TX
If you just crossed the $500MM threshold and are subject to FDICIA and you haven't begun the process and you are asking these types of basic questions, you may need some help (More than that can be provided here or with some sample risk assessment procedures). I suggest contacting a reliable consulting firm.
_________________________
The opinions expressed here should not be construed to be those of my employer: PPDocs.com

Return to Top
#80067 - 05/17/03 05:28 AM Re: Risk Assessment
Princess Romeo Offline

Power Poster
Princess Romeo
Joined: Jun 2001
Posts: 8,272
Where the heart is
**WARNING - RANT POST****

Is anyone saddened, shocked, appalled, or resigned to the fact that we get so many folks on here who are so new to audit, compliance, loan documentation, etc., and they need help on where to begin?

Nothing against the original poster as I'm sure he or she is trying to do their job, but what the hell is their management thinking? Is audit or compliance, or basic loan documentation so unimportant in their grand universe that they can just pick anyone willing to do the job cheaper than an experienced person?

Don Narup and I were talking about this, and he keeps recalling the person who was just put in charge of loan documentation and was asking for some guidance on what documents are required for a loan.

....amazing...simply amazing....

I do wonder if any of these institutions are public, and if the shareholders have any idea how LAX management is with their control systems?
_________________________
CRCM,CAMS
Regulations are a poor substitute for ethics.
Just sayin'

Return to Top
#80068 - 05/17/03 07:49 PM Re: Risk Assessment
RVFlyboy Offline
Power Poster
RVFlyboy
Joined: Oct 2000
Posts: 5,992
Soaring over Georgia
Bonnie, your post is almost identical to what I posted way back here almost exactly one year ago. If you'll recall, I got blasted pretty bad by those that thought I was saying I didn't want to help the new people in compliance and audit, when all I was really questioning was what management is thinking in these cases. I agreed with you then and I agree with you now. These new people are welcome to post here, and we'll all certainly help them. But this practice of management hiring anyone who can fog a mirror to run their compliance or audit program is just plain scary.
_________________________
Jim Bedsole, CRCM, CBA, CFSA, CAFP
My posts - my opinions

Return to Top
#80069 - 05/19/03 01:19 AM Re: Risk Assessment
Anonymous
Unregistered

Bonnie; I have to get on my soapbox. Yes management is hiring anyone willing to fill the gap. I was experienced in compliance when I was hired at a small bank, but found that my assistant knew nothing. They hired her so they could tell the regulator that they had someone in the position. No one applied for the job due to the pay scale. All management wanted was a front person and they had no commitment. Also, management told me that getting business is more important. Here's the killer. Management was told to get someone in to develope a compliance program. They hired me and thought that I would do all the jobs that required compliance. They wanted me to file ctr's, sar's do hmda, write their risk policy monitor it, and monitor compliance for all their procedures that are not regulated, etc. Glad I found a real job.

Return to Top
#80070 - 05/19/03 03:11 AM Re: Risk Assessment
Harvey Offline
100 Club
Harvey
Joined: Feb 2001
Posts: 146
Can we talk about department size a little more. I am looking for how many hats people are wearing in smaller size banks, because I am asking management for another assistant. I am the risk manager, meaning I am in charge of the internal control program, the compliance officer, the BSA officer and the large bank CRA officer, plus some operation officers stuff thrown in. We are 350 million in assets. I have one full time assistant who does clerical functions for me. In my opinion, I am wearing to many hats. What are other banks my size doing?

Return to Top
#80071 - 05/19/03 02:26 PM Re: Risk Assessment
Starky Offline
100 Club
Starky
Joined: Oct 2002
Posts: 204
Arkansas
Harvey, we are 235 million in assets and I am in charge of compliance only. We have a BSA officer and a CRA officer. I assist the BSA officer (operations officer) as much as possible, for example, I'm in charge of implementing the CIP program. I have been asked about taking the BSA officer job as well. My response was I could do it, but because of time and personal liability involved, I would want a compliance assistant and I could no longer review the BSA program because I would not be independent of that function. Management did not pursue it or try to push it off on me.

I think you are wearing too many hats and would be even at a bank my size. With all of the changes going on in compliance world, I can't imagine keeping up with everything and acting as BSA and CRA officer for a large bank. Luckily, I work for a bank with great management that understands that.

Return to Top
#80072 - 05/19/03 08:25 PM Re: Risk Assessment
LiL Bit Moore Offline
Platinum Poster
LiL Bit Moore
Joined: Nov 2002
Posts: 624
Texas
I hear and agree with your post Bonnie - but - I too was once a "new" auditor in a bank that went over $500 literally overnight when we collapsed 5 independent charters into one. At that institution I was one of the stronger choices for the position because of the diversity and scope of my banking career. However, I had little to no experience in putting together an audit program. Once I had that pretty well licked, I found myself training others and still do to this day.

I know that there are many mgmt level persons who do not look at audit/compliance/loan processing or even tellering with the importance and respect that it should have and totally agree with your comments. But sometimes it not a matter of possessing the knowledge to perform the job, just the tools, training and support to put together the program. When I was "chosen" to implement the new audit dept at the previous f/i mentioned, I was handed an ICQ with 15 questions on it and was told to start at a certain branch location and that I should try to get at least two branches done per day ! What a battle the next three years were! This was mid 1999 and I was also responsible for getting the 5 banks (3 National / 2 state) through Y2K, and helping to collapse those 5 charters into one. My first OCC exam (1999) I recieved only one comment - "We expect to see much more than this!" Which I knew was coming, but my boss needed to hear it from them. After that, I went on my own understanding of what the program ought to be and sought out as much information on a program format, workpapers, schedules, etc., that I could.

The next two OCC exams, and the last one after my departure, which was based on the program I put together and my successor who I trained, received "strong" ratings.

I say that to point out that I have my story, strong bank experience with no formal audit experience, but have also seen those with a CPA and no bank experience become extremely fruststrated. I would bet the CPA would not come cheaper than I did! Sometimes it is a matter of decision whether to hire someone who possesses the knowledge and experience to do the job but has to learn to apply it in the field of audit, or someone with experience in the field of audit that has to learn basically all areas of banking!
_________________________
An error is not a mistake until you refuse to correct it

Return to Top
#80073 - 05/19/03 09:12 PM Re: Risk Assessment
Anonymous
Unregistered

Sometimes we feel that being new is a bad thing, even if we are working as hard and fast as we can. Should management train better? YES!! However, this area is not a liked area and they feel "we need a warm body to fill a gold spot." BSA, SAR, Audit, Compliance, Accts Payable and other jobs as assigned are my hats. We are about 175Mil, 4 branches, but very busy. This is the best place to get answers, even the ones that may be to easy or stupid to others.

Return to Top
#80074 - 05/20/03 12:20 AM Re: Risk Assessment
RVFlyboy Offline
Power Poster
RVFlyboy
Joined: Oct 2000
Posts: 5,992
Soaring over Georgia
I don't know how to make it any clearer. Nobody is saying being new is a bad thing. Nobody is saying new auditors/compliance officers shouldn't ask questions, even simple questions. We were ALL new once (well maybe not Richard, but that's a separate issue ). But my point (and I think Bonnie's too) is that when I was new, I was not given responsibility way over my head. I started out in the internal audit department of a large bank and was trained from the ground up with appropriate supervision along the way. Once I was able to tread water and dog paddle a little bit, I was allowed to go into deeper water. Eventually, I could swim quite well and that's when I was ready to venture into the deep end. I had over four years of progressive bank internal audit and compliance experience and outstanding training, plus several years of retail management experience before I took my first general auditor/compliance officer position. The people that hired me and placed me in that position upheld their responsibility to prudently manage risk in their institution. Those that are hiring general auditors with no audit background are, in my opinion, playing fast and loose with trust of the stakeholders of their institution.

Throw enough people who can't swim into the deep end of the pool, and a few will find a way to make it to the side and stay on top. But many more will sink and drown. And BOL is kind of like the life preserver being tossed to some of those bobbing in the deep end. It might save you from drowning, but it is not the best and most effective way to learn to swim.
_________________________
Jim Bedsole, CRCM, CBA, CFSA, CAFP
My posts - my opinions

Return to Top
#80075 - 05/20/03 03:22 PM Re: Risk Assessment
Maria Offline
Platinum Poster
Joined: Apr 2001
Posts: 502
Sylacauga, Al, United States
Well, here it goes. I disagree with you to a certain degree. BOL is one of the life preservers that can keep you from sinking when you are "new" to a function or have a problem. I am proof of that. It is because of all the individuals that care enough to help each other out so that we can grow and learn. Of course it does not come easy. The individual MUST have a "fire" in their belly.

It does not matter what "field" I have found myself working in over the last three years, audit, compliance, operations, lending, or even branch administration I continually grow and become self-confident thanks to the learning center that is supplied through this resource.

I have been in banking 25 years now and have worked in many functional areas but each time I make a career move I need the support of others within that field to help me become knowledgable of that specific function's responsibilities. I try to remember others that experience the same feeling that I experience each time I am insecure and how great it feels when my confidence comes through the knowledge I have gained.

I agree with you that it would be great if we could all be as blessed as you to have been totally trained such as yourself and stay within that same field throughout our banking career but sometimes that is not what God has in His plan for us. So for us we "tuck" our fears in, say our prayers and look for others to get us where we need to be to do an excellant job for the organization we work for.

One last thing, our experiences make us who we are and even tho some of mine have been difficult over the last three years, I have sure been blessed I have had them and thankful for all the new friends I have met through ABA and BOL.

Opinions are mine not my employer.

Return to Top
#80076 - 05/20/03 04:33 PM Re: Risk Assessment
summer Offline
Junior Member
summer
Joined: Jul 2002
Posts: 37
Maria - we need more BOLers like you. Thanks.

Return to Top
#80077 - 05/20/03 09:00 PM Re: Risk Assessment
c.a.r Offline
Gold Star
c.a.r
Joined: Oct 2002
Posts: 377
Texas, USA
Well, I have been thrown in the deep end to sink or swim.. I choose swim (if dog paddle if I have to). So thanks to all that answer all my questions.. And I have a lot of them..
_________________________
There will be no crises next week. My schedule is already full...

Return to Top
#80078 - 05/30/03 06:16 AM Re: Risk Assessment
Princess Romeo Offline

Power Poster
Princess Romeo
Joined: Jun 2001
Posts: 8,272
Where the heart is
Kudos to everyone who learned to swim. But I'll wager this, as soon as you learned a thing or two about what you were doing, did you start to look for a better job with a more supportive manaement team? I know I did!

Again - nothing against any and all of the newbies who find their way here and receive a few life preservers to keep them from totally screwing up, or at least let them know they are not:
a. Totally alone.
b. Thinking completely off the deep end.
c. Actually right when management says they are wrong.
d. Heading in the right direction and just needed to find an extra sign along the road pointing the way.
e. Only in need of one vital piece of information to finish their current project.
f. Any and/or all of the above

My disdain / contempt / anger / frustration (fill in the word here) is directed at any management that thinks so little of the safety of their organization, or the interests of their shareholders, as to hire the cheapest help available and expect instant knowledge and solutions though... oh.... I don't know.... osmosis?

Read the article in Kirchman's Big Orange Book entitled "Compliance Ain't Tough" Kirchman's Big Orange Book

In it, the author takes to task any CEO that relies on one person to do all of the compliance stuff when the CEO has no real understanding of what is involved. "That is management by dereliction."

BTW - how many people are eagerly awaiting the results of the ABA Compliance Management survey?

Final word on "cheap" compliance. Do a search on Monster for Bank Secrecy or Anti-Money Laundering. BSA was an often over-looked position as many banks lumped BSA with CRA, Compliance, Audit, head janitor, etc. But take a look now. In New York, an Anti-Money Laundering Compliance position is advertised at an annual salary of $80,000 to $120,000.
_________________________
CRCM,CAMS
Regulations are a poor substitute for ethics.
Just sayin'

Return to Top

Moderator:  Andy_Z