logo-main-color

Internal Audit & Agreed-Upon Procedures

The Right Partnership Should Help Your Credit Union & Financial Institution Reduce Risk While Empowering Growth

As your credit union or financial institution faces increased compliance and regulatory complexities, the need to combine the strength of your organization with GBQ’s dedicated team of industry experts is necessary. Our internal audit/agreed-upon procedures methodology and framework help to ensure consistency in approach, execution, and quality, and most importantly, a competitive advantage with the satisfaction of our services. Designed with ongoing improvement and customized to satisfy your goals, our framework will guide you through project initiation, risk identification, and risk rating before concluding with our official findings and presentation of next steps.
Built To Serve Credit Unions & Financial Institutions

GBQ's financial services division is dedicated to serving the credit union industry and the greater financial institution industry. Nearly all of our professionals have spent their entire careers in the credit union space, and today we are dedicated to providing our clients with auditing and consulting services designed exclusively with this industry in mind. GBQ is uniquely qualified to audit and provide expert advice to help your management team with “best in class” solutions, particularly in accounting, financial, and administrative controls and efficiencies. We strive to be a valued business partner, and we go above and beyond traditional auditing services to reach this goal.

Internal Audit Services For Credit Unions

From consulting, audits, advisory, and more, GBQ works with organizations like yours to stay ahead of the curve and provide the best possible experience for its members. Keep reading to learn more about our services and expertise. Or, click here to speak with a member of our team today.

ACH Audit Services

The NACHA Operating Rules require all participating depository financial institutions, third-party service providers and third-party senders to conduct a risk-based ACH Rules Compliance audit each year. GBQ’s credit union team provides ACH compliance services to enhance the quality of our clients’ ACH services and the satisfaction of the participating depository financial institutions and your customers/members by testing for compliance with these rules that govern the quality of ACH processing and customer service.

GBQ has developed customized testing programs for Receiving Depository Financial Institutions (RDFIs), Originating Depository Financial Institutions (ODFIs), third-party service providers, and third-party senders that are updated each year, covering the latest modifications to the ACH Rules and essential areas of compliance. Our goal is to keep your organization safe and sound by testing for your compliance with regulations and making suggestions to improve your processes. Upon completion of an audit, you will receive a comprehensive, actionable audit report and recommended solutions to issues that are identified.

Whether you are a financial institution, third-party service provider, or third-party sender, our ACH audit services can assist your organization in maintaining compliance with the ACH Rules.

 

ACH Risk Assessment Services

ACH Rules require all participating depository financial institutions to complete an ACH Risk Assessment as specified by your regulator. Complex payment applications, regulatory changes, and changing technologies present challenges, while increased fraud and risk continue to threaten your bottom line.

GBQ’s ACH Risk Assessment Services are designed to assist in identifying areas of potential risk and assess internal controls, including adequate management, information, and reporting systems to monitor and mitigate these risks. The documented risk assessment will be tailored to your institution’s circumstances in minimizing ACH risk exposure and address the NACHA Risk Management and Assessment rule requirements. Our comprehensive evaluation of your ACH operations and suggestions for improving your ACH Risk Management program will help your organization minimize financial losses and operate more efficiently.

BSA/AML/OFAC Compliance

The scope and quality of GBQ’s BSA/AML independent review identify particular risks, how these risks are being managed and controlled, and the status of compliance with government mandates, including 31 CFR Chapter X and related anti-money laundering laws.

GBQ compliance staff, which includes experienced Bank Secrecy Act Compliance Specialists (BSACS), will work with you and your team to complete your required annual BSA audit.

The Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Audit is intended to assess the effectiveness of the financial institution’s BSA/AML compliance program and the financial institution’s compliance with the regulatory requirements pertaining to the Bank Secrecy Act, including a review of the financial institution’s risk management practices. Examination procedures apply risk-based testing to determine the effectiveness of policies, procedures, and processes, as well as transaction testing to evaluate the controls in place and risk management processes related to BSA/AML, the USA Patriot Act, Customer Identification Program, and Office of Foreign Assets Control (OFAC) compliance.

After the audit, GBQ conducts an exit interview summarizing the audit and sharing any high-priority findings. At a later date, GBQ issues specific recommendations in a comprehensive written report that outlines what is necessary to eliminate and correct deficiencies in the financial institution’s BSA/AML compliance as determined by the audit.

Opinion Audits

GBQ values the opportunity to strategically partner with our clients to serve as more than your standard compliance auditing firm. Empowering the growth of your organization through opinion audit services turns challenges into achievements, further bringing to life the benefits of a planned and proactive approach. Our firm culture reinforces the concept and belief that audits are not “one size fits all.”

Trust our dedicated team of industry experts to utilize a tried-and-true foundation complete with a customized approach as unique as your organization.

Planning

To tailor our services to your organization’s needs, we understand your operations and financial reporting processes by first collaborating with key personnel, including Supervisory/Audit Committees and Board of Directors. As an extension of our commitment to empowering growth, our annual re-engineering phase allows our team to explore changes within the industry and your operations, including risks and financial reporting requirements.

Fieldwork

At GBQ, we make every minute count. Our partners perform their review while the audit team performs testing, allowing for all risks and findings to be addressed and resolved on time. The result? Simplified reporting and wrap-up phases of the audit so that our partners can focus on the field exit conference and provide operational and financial reporting advice to your team.

Reporting

Relying on GBQ’s industry expertise and proactive solutions to enhance your organization’s efficiency just adds up. Designed to meet your needs and complete with solutions you deserve, we place great value and importance on the management letter process. Only with GBQ can you get from where you are to where you want to be with customized and comprehensive report drafts within two weeks of fieldwork completion.

SAFE Act Procedures

GBQ’s credit union team provides SAFE Act audit services for the independent testing of our clients’ compliance with the requirements of the 12 CFR Part 1007, “SAFE Mortgage Licensing Act – Federal Registration of Residential Mortgage Loan Originators (Regulation G)”.

This examination must be completed independently on an annual basis for covered financial institutions engaged in residential mortgage lending.

GBQ has developed a customized audit program designed to ensure our clients have sufficient policies, procedures, and processes in place to address SAFE Act registration, renewal, change, use of Unique Identifier, and Third-Party Providers Due Diligence requirements. Our goal is to keep your financial institution safe and sound by testing for your compliance with the SAFE Act and other related regulations and making suggestions to improve your processes.

Other Services

Today, your service needs extend well beyond Audit and IT – you face strategic, operational, regulatory, and compliance challenges as well. GBQ’s team of credit union regulatory and compliance professionals is experienced, knowledgeable, and ready to help your institution meet its compliance requirements. Our objectives include bringing our clients the best and most practical approaches to meet the ever-changing and complex compliance requirements.

Our full range of services includes:

  • ACH Audit
  • ACH Risk Assessment Gap Services
  • Appraisal Policy Audit
  • BSA Training
  • BSA/AML Audit
  • BSA/AML/OFAC Risk Assessment
  • Consumer Lending Compliance Audit
  • Credit Card Compliance Audit
  • Fair and Accurate Credit Transactions Act Compliance Audit
  • Fair Credit Reporting Act (FCRA) Compliance Audit
  • Fair Housing Act (FHA) Audit
  • Fair Lending Compliance Training
  • Fair Lending Audit
  • Flood Protection Act Compliance Audit
  • Funds Availability Compliance Audit
  • Mortgage Regulation Compliance Audit
  • Regulation B – Equal Credit Opportunity Act Compliance Audit
  • Regulation C – Home Mortgage Disclosure Act (HMDA) Compliance Audit
  • Regulation E – Electronic Funds Transfer Compliance Audit
  • SAFE Act Independent Audit
  • TILA – RESPA Compliance Audit
  • Truth-in-Lending Compliance Training
  • Truth-in-Savings Compliance Audit
  • UDAAP Compliance Audit
  • Vendor Due Diligence Audit
  • Website Compliance Audit
Our Internal Audit Framework
We've built our internal audit process around the unique needs of our credit union clients, which promotes a very structured, methodical approach to the solutions we provide. As a result, our credit union services team is incredibly efficient and effective in our approach, which allows us to provide a deeper analysis of the findings, resulting in even greater value to your institution.
Let's Get To Work
Understand the business
Our team is committed to learning what makes your organization unique, from organization and culture to dynamics and processes. Understanding your market, customer base and operations allows us to facilitate a smooth integration of the testing plan with minimal disruption to your operations.
Internal controls framework
To continue providing assurance throughout your organization, and most importantly, your members, our team will utilize a hands-on approach to evaluate or develop an internal controls framework, policies, standards, and methodology.
Assess risk and develop a strategic plan
Throughout this phase, risk assessment and strategic audit planning methodology is followed to perform the annual risk assessment and develop a strategic audit plan.
Audit execution
Based on the risk assessment and approved strategic audit plan and resourcing needs, appropriate resources will be identified and deployed. The GBQ team will use a standard but flexible audit approach and process, ensuring consistent execution regardless of location or function.
IA governance and reporting
While communication is the key to effective reporting and follow-up procedures and to ensure the timely resolution of audit-related matters, it doesn’t end with audit results. Following the completion of fieldwork and the delivery of final reports, our team will establish a quarterly process to report on the status of open items and monitor the implementation of our findings to further support your strategic objectives.
Empowering Growth Of Our Clients
Credit Unions Count On GBQ
176
Credit Unions Served
(and counting)
25
Billion In Client Assets
30
Years of Credit Union Experience (and counting)
23
Dedicated Team Members
Looking for help? At GBQ, you have direct access to experts who will take your success personally. Send a brief message outlining your needs and our Advisor will reach out directly to discuss.
Talk to an Expert